From: Kees Monshouwer Date: Sat, 15 Aug 2015 10:40:50 +0000 (+0200) Subject: update included mbedtls to 2.0.0 X-Git-Tag: dnsdist-1.0.0-alpha1~248^2~62^2~10^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f94cb2d26d74941ef0800aa519c3e124ad24d0ef;p=thirdparty%2Fpdns.git update included mbedtls to 2.0.0 --- diff --git a/build-scripts/dist-recursor b/build-scripts/dist-recursor index 54d424b77b..80b202cb78 100755 --- a/build-scripts/dist-recursor +++ b/build-scripts/dist-recursor @@ -61,12 +61,13 @@ cat >>$DIRNAME/config.h < /dev/null - COMMAND rm -f memcheck.log - COMMAND mv DartConfiguration.tcl.bak DartConfiguration.tcl - ) + enable_testing() + + add_subdirectory(tests) + + # additional convenience targets for Unix only + if(UNIX) + + ADD_CUSTOM_TARGET(covtest + COMMAND make test + COMMAND programs/test/selftest + COMMAND tests/compat.sh + COMMAND tests/ssl-opt.sh + ) + + ADD_CUSTOM_TARGET(lcov + COMMAND rm -rf Coverage + COMMAND lcov --capture --initial --directory library/CMakeFiles/mbedtls.dir -o files.info + COMMAND lcov --capture --directory library/CMakeFiles/mbedtls.dir -o tests.info + COMMAND lcov --add-tracefile files.info --add-tracefile tests.info -o all.info + COMMAND lcov --remove all.info -o final.info '*.h' + COMMAND gendesc tests/Descriptions.txt -o descriptions + COMMAND genhtml --title "mbed TLS" --description-file descriptions --keep-descriptions --legend --no-branch-coverage -o Coverage final.info + COMMAND rm -f files.info tests.info all.info final.info descriptions + ) + + ADD_CUSTOM_TARGET(memcheck + COMMAND sed -i.bak s+/usr/bin/valgrind+`which valgrind`+ DartConfiguration.tcl + COMMAND ctest -O memcheck.log -D ExperimentalMemCheck + COMMAND tail -n1 memcheck.log | grep 'Memory checking results:' > /dev/null + COMMAND rm -f memcheck.log + COMMAND mv DartConfiguration.tcl.bak DartConfiguration.tcl + ) + endif(UNIX) endif() diff --git a/ext/mbedtls/ChangeLog b/ext/mbedtls/ChangeLog index 2da6a2ad39..9b438b1304 100644 --- a/ext/mbedtls/ChangeLog +++ b/ext/mbedtls/ChangeLog @@ -1,29 +1,189 @@ mbed TLS ChangeLog (Sorted per branch, date) -= mbed TLS 1.3.12 released 2015-08-11 += mbed TLS 2.0.0 released 2015-07-13 -Security - * Increase the minimum size of Diffie-Hellman parameters accepted by the - client to 1024 bits, to protect against Logjam attack. - * Increase the size of default Diffie-Hellman parameters on the server to - 2048 bits. This can be changed with ssl_set_dh_params(). - -Bugfix - * Fix thread-safety issue in SSL debug module (found by Edwin van Vliet). - * Some example programs were not built using make, not included in Visual - Studio projects (found by Kristian Bendiksen). - * Fix build error with CMake and pre-4.5 versions of GCC (found by Hugo - Leisink). - * Fix missing -static-ligcc when building shared libraries for Windows with - make. - * Fix compile error with armcc5 --gnu. +Features + * Support for DTLS 1.0 and 1.2 (RFC 6347). + * Ability to override core functions from MDx, SHAx, AES and DES modules + with custom implementation (eg hardware accelerated), complementing the + ability to override the whole module. + * New server-side implementation of session tickets that rotate keys to + preserve forward secrecy, and allows sharing across multiple contexts. + * Added a concept of X.509 cerificate verification profile that controls + which algorithms and key sizes (curves for ECDSA) are acceptable. + * Expanded configurability of security parameters in the SSL module with + mbedtls_ssl_conf_dhm_min_bitlen() and mbedtls_ssl_conf_sig_hashes(). + * Introduced a concept of presets for SSL security-relevant configuration + parameters. + +API Changes + * The library has been split into libmbedcrypto, libmbedx509, libmbedtls. + You now need to link to all of them if you use TLS for example. + * All public identifiers moved to the mbedtls_* or MBEDTLS_* namespace. + Some names have been further changed to make them more consistent. + Migration helpers scripts/rename.pl and include/mbedlts/compat-1.3.h are + provided. Full list of renamings in scripts/data_files/rename-1.3-2.0.txt + * Renamings of fields inside structures, not covered by the previous list: + mbedtls_cipher_info_t.key_length -> key_bitlen + mbedtls_cipher_context_t.key_length -> key_bitlen + mbedtls_ecp_curve_info.size -> bit_size + * Headers are now found in the 'mbedtls' directory (previously 'polarssl'). + * The following _init() functions that could return errors have + been split into an _init() that returns void and another function that + should generally be the first function called on this context after init: + mbedtls_ssl_init() -> mbedtls_ssl_setup() + mbedtls_ccm_init() -> mbedtls_ccm_setkey() + mbedtls_gcm_init() -> mbedtls_gcm_setkey() + mbedtls_hmac_drbg_init() -> mbedtls_hmac_drbg_seed(_buf)() + mbedtls_ctr_drbg_init() -> mbedtls_ctr_drbg_seed() + Note that for mbetls_ssl_setup(), you need to be done setting up the + ssl_config structure before calling it. + * Most ssl_set_xxx() functions (all except ssl_set_bio(), ssl_set_hostname(), + ssl_set_session() and ssl_set_client_transport_id(), plus + ssl_legacy_renegotiation()) have been renamed to mbedtls_ssl_conf_xxx() + (see rename.pl and compat-1.3.h above) and their first argument's type + changed from ssl_context to ssl_config. + * ssl_set_bio() changed signature (contexts merged, order switched, one + additional callback for read-with-timeout). + * The following functions have been introduced and must be used in callback + implementations (SNI, PSK) instead of their *conf counterparts: + mbedtls_ssl_set_hs_own_cert() + mbedtls_ssl_set_hs_ca_chain() + mbedtls_ssl_set_hs_psk() + * mbedtls_ssl_conf_ca_chain() lost its last argument (peer_cn), now set + using mbedtls_ssl_set_hostname(). + * mbedtls_ssl_conf_session_cache() changed prototype (only one context + pointer, parameters reordered). + * On server, mbedtls_ssl_conf_session_tickets_cb() must now be used in + place of mbedtls_ssl_conf_session_tickets() to enable session tickets. + * The SSL debug callback gained two new arguments (file name, line number). + * Debug modes were removed. + * mbedtls_ssl_conf_truncated_hmac() now returns void. + * mbedtls_memory_buffer_alloc_init() now returns void. + * X.509 verification flags are now an uint32_t. Affect the signature of: + mbedtls_ssl_get_verify_result() + mbedtls_x509_ctr_verify_info() + mbedtls_x509_crt_verify() (flags, f_vrfy -> needs to be updated) + mbedtls_ssl_conf_verify() (f_vrfy -> needs to be updated) + * The following functions changed prototype to avoid an in-out length + parameter: + mbedtls_base64_encode() + mbedtls_base64_decode() + mbedtls_mpi_write_string() + mbedtls_dhm_calc_secret() + * In the NET module, all "int" and "int *" arguments for file descriptors + changed type to "mbedtls_net_context *". + * net_accept() gained new arguments for the size of the client_ip buffer. + * In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now + return void. + * ecdsa_write_signature() gained an addtional md_alg argument and + ecdsa_write_signature_det() was deprecated. + * pk_sign() no longer accepts md_alg == POLARSSL_MD_NONE with ECDSA. + * Last argument of x509_crt_check_key_usage() and + mbedtls_x509write_crt_set_key_usage() changed from int to unsigned. + * test_ca_list (from certs.h) is renamed to test_cas_pem and is only + available if POLARSSL_PEM_PARSE_C is defined (it never worked without). + * Test certificates in certs.c are no longer guaranteed to be nul-terminated + strings; use the new *_len variables instead of strlen(). + * Functions mbedtls_x509_xxx_parse(), mbedtls_pk_parse_key(), + mbedtls_pk_parse_public_key() and mbedtls_dhm_parse_dhm() now expect the + length parameter to include the terminating null byte for PEM input. + * Signature of mpi_mul_mpi() changed to make the last argument unsigned + * calloc() is now used instead of malloc() everywhere. API of platform + layer and the memory_buffer_alloc module changed accordingly. + (Thanks to Mansour Moufid for helping with the replacement.) + * Change SSL_DISABLE_RENEGOTIATION config.h flag to SSL_RENEGOTIATION + (support for renegotiation now needs explicit enabling in config.h). + * Split MBEDTLS_HAVE_TIME into MBEDTLS_HAVE_TIME and MBEDTLS_HAVE_TIME_DATE + in config.h + * net_connect() and net_bind() have a new 'proto' argument to choose + between TCP and UDP, using the macros NET_PROTO_TCP or NET_PROTO_UDP. + Their 'port' argument type is changed to a string. + * Some constness fixes + +Removals + * Removed mbedtls_ecp_group_read_string(). Only named groups are supported. + * Removed mbedtls_ecp_sub() and mbedtls_ecp_add(), use + mbedtls_ecp_muladd(). + * Removed individual mdX_hmac, shaX_hmac, mdX_file and shaX_file functions + (use generic functions from md.h) + * Removed mbedtls_timing_msleep(). Use mbedtls_net_usleep() or a custom + waiting function. + * Removed test DHM parameters from the test certs module. + * Removed the PBKDF2 module (use PKCS5). + * Removed POLARSSL_ERROR_STRERROR_BC (use mbedtls_strerror()). + * Removed compat-1.2.h (helper for migrating from 1.2 to 1.3). + * Removed openssl.h (very partial OpenSSL compatibility layer). + * Configuration options POLARSSL_HAVE_LONGLONG was removed (now always on). + * Configuration options POLARSSL_HAVE_INT8 and POLARSSL_HAVE_INT16 have + been removed (compiler is required to support 32-bit operations). + * Configuration option POLARSSL_HAVE_IPV6 was removed (always enabled). + * Removed test program o_p_test, the script compat.sh does more. + * Removed test program ssl_test, superseded by ssl-opt.sh. + * Removed helper script active-config.pl + +New deprecations + * md_init_ctx() is deprecated in favour of md_setup(), that adds a third + argument (allowing memory savings if HMAC is not used) + +Semi-API changes (technically public, morally private) + * Renamed a few headers to include _internal in the name. Those headers are + not supposed to be included by users. + * Changed md_info_t into an opaque structure (use md_get_xxx() accessors). + * Changed pk_info_t into an opaque structure. + * Changed cipher_base_t into an opaque structure. + * Removed sig_oid2 and rename sig_oid1 to sig_oid in x509_crt and x509_crl. + * x509_crt.key_usage changed from unsigned char to unsigned int. + * Removed r and s from ecdsa_context + * Removed mode from des_context and des3_context + +Default behavior changes + * The default minimum TLS version is now TLS 1.0. + * RC4 is now blacklisted by default in the SSL/TLS layer, and excluded from the + default ciphersuite list returned by ssl_list_ciphersuites() + * Support for receiving SSLv2 ClientHello is now disabled by default at + compile time. + * The default authmode for SSL/TLS clients is now REQUIRED. + * Support for RSA_ALT contexts in the PK layer is now optional. Since is is + enabled in the default configuration, this is only noticeable if using a + custom config.h + * Default DHM parameters server-side upgraded from 1024 to 2048 bits. + * A minimum RSA key size of 2048 bits is now enforced during ceritificate + chain verification. + * Negotiation of truncated HMAC is now disabled by default on server too. + * The following functions are now case-sensitive: + mbedtls_cipher_info_from_string() + mbedtls_ecp_curve_info_from_name() + mbedtls_md_info_from_string() + mbedtls_ssl_ciphersuite_from_string() + mbedtls_version_check_feature() + +Requirement changes + * The minimum MSVC version required is now 2010 (better C99 support). + * The NET layer now unconditionnaly relies on getaddrinfo() and select(). + * Compiler is required to support C99 types such as long long and uint32_t. + +API changes from the 1.4 preview branch + * ssl_set_bio_timeout() was removed, split into mbedtls_ssl_set_bio() with + new prototype, and mbedtls_ssl_set_read_timeout(). + * The following functions now return void: + mbedtls_ssl_conf_transport() + mbedtls_ssl_conf_max_version() + mbedtls_ssl_conf_min_version() + * DTLS no longer hard-depends on TIMING_C, but uses a callback interface + instead, see mbedtls_ssl_set_timer_cb(), with the Timing module providing + an example implementation, see mbedtls_timing_delay_context and + mbedtls_timing_set/get_delay(). + * With UDP sockets, it is no longer necessary to call net_bind() again + after a successful net_accept(). Changes - * Add SSL_MIN_DHM_BYTES configuration parameter in config.h to choose the - minimum size of Diffie-Hellman parameters accepted by the client. - * The PEM parser now accepts a trailing space at end of lines (#226). + * mbedtls_ctr_drbg_random() and mbedtls_hmac_drbg_random() are now + thread-safe if MBEDTLS_THREADING_C is enabled. + * Reduced ROM fooprint of SHA-256 and added an option to reduce it even + more (at the expense of performance) MBEDTLS_SHA256_SMALLER. -= mbed TLS 1.3.11 released 2015-06-04 += mbed TLS 1.3 branch Security * With authmode set to SSL_VERIFY_OPTIONAL, verification of keyUsage and diff --git a/ext/mbedtls/Makefile.am b/ext/mbedtls/Makefile.am index 46e48a3155..409b0efd1d 100644 --- a/ext/mbedtls/Makefile.am +++ b/ext/mbedtls/Makefile.am @@ -1,4 +1,3 @@ SUBDIRS = library -EXTRA_DIST = LICENSE README.rst include/polarssl - +EXTRA_DIST = LICENSE README.rst include/mbedtls diff --git a/ext/mbedtls/Makefile.dist b/ext/mbedtls/Makefile.dist new file mode 100644 index 0000000000..0c489f891c --- /dev/null +++ b/ext/mbedtls/Makefile.dist @@ -0,0 +1,92 @@ + +DESTDIR=/usr/local +PREFIX=mbedtls_ + +.SILENT: + +.PHONY: all no_test programs lib tests install uninstall clean test check covtest lcov apidoc apidoc_clean + +all: programs tests + +no_test: programs + +programs: lib + $(MAKE) -C programs + +lib: + $(MAKE) -C library + +tests: lib + $(MAKE) -C tests + +ifndef WINDOWS +install: all + mkdir -p $(DESTDIR)/include/mbedtls + cp -r include/mbedtls $(DESTDIR)/include + + mkdir -p $(DESTDIR)/lib + cp -RP library/libmbedtls.* $(DESTDIR)/lib + + mkdir -p $(DESTDIR)/bin + for p in programs/*/* ; do \ + if [ -x $$p ] && [ ! -d $$p ] ; \ + then \ + f=$(PREFIX)`basename $$p` ; \ + cp $$p $(DESTDIR)/bin/$$f ; \ + ln -sf $$f $(DESTDIR)/bin/$$o ; \ + fi \ + done + +uninstall: + rm -rf $(DESTDIR)/include/mbedtls + rm -f $(DESTDIR)/lib/libmbedtls.* + + for p in programs/*/* ; do \ + if [ -x $$p ] && [ ! -d $$p ] ; \ + then \ + f=$(PREFIX)`basename $$p` ; \ + rm -f $(DESTDIR)/bin/$$f ; \ + rm -f $(DESTDIR)/bin/$$o ; \ + fi \ + done +endif + +clean: + $(MAKE) -C library clean + $(MAKE) -C programs clean + $(MAKE) -C tests clean +ifndef WINDOWS + find . \( -name \*.gcno -o -name \*.gcda -o -name *.info \) -exec rm {} + +endif + +check: lib + $(MAKE) -C tests check + +test: check + +ifndef WINDOWS +# note: for coverage testing, build with: +# make CFLAGS='--coverage -g3 -O0' +covtest: + $(MAKE) check + programs/test/selftest + tests/compat.sh + tests/ssl-opt.sh + +lcov: + rm -rf Coverage + lcov --capture --initial --directory library -o files.info + lcov --capture --directory library -o tests.info + lcov --add-tracefile files.info --add-tracefile tests.info -o all.info + lcov --remove all.info -o final.info '*.h' + gendesc tests/Descriptions.txt -o descriptions + genhtml --title "mbed TLS" --description-file descriptions --keep-descriptions --legend --no-branch-coverage -o Coverage final.info + rm -f files.info tests.info all.info final.info descriptions + +apidoc: + mkdir -p apidoc + doxygen doxygen/mbedtls.doxyfile + +apidoc_clean: + rm -rf apidoc +endif diff --git a/ext/mbedtls/README.rst b/ext/mbedtls/README.rst index 59ca2c67da..0d9b614b44 100644 --- a/ext/mbedtls/README.rst +++ b/ext/mbedtls/README.rst @@ -5,7 +5,7 @@ README for mbed TLS Configuration ============= -mbed TLS should build out of the box on most systems. Some platform specific options are available in the fully-documented configuration file *include/polarssl/config.h*, which is also the place where features can be selected. +mbed TLS should build out of the box on most systems. Some platform specific options are available in the fully-documented configuration file *include/mbedtls/config.h*, which is also the place where features can be selected. This file can be edited manually, or in a more programmatic way using the Perl script *scripts/config.pl* (use *--help* for usage instructions). @@ -35,7 +35,15 @@ In order to run the tests, enter:: make check -In order to build for a Windows platform, you should use WINDOWS_BUILD=1 if the target is Windows but the build environment is Unix-like (eg when cross-compiling, or compiling from an MSYS shell), and WINDOWS=1 if the build environment is a Windows shell. +The tests need Perl to be built and run. If you don't have Perl installed, you can skip buiding the tests with:: + + make no_test + +You'll still be able to run a much smaller set of tests with:: + + programs/test/selftest + +In order to build for a Windows platform, you should use WINDOWS_BUILD=1 if the target is Windows but the build environment is Unix-like (for instance when cross-compiling, or compiling from an MSYS shell), and WINDOWS=1 if the build environment is a Windows shell (for instance using mingw32-make) (in that case some targets will not be available). Setting the variable SHARED in your environment will build a shared library in addition to the static library. Setting DEBUG gives you a debug build. You can override CFLAGS and LDFLAGS by setting them in your environment or on the make command line; if you do so, essential parts such as -I will still be preserved. Warning options may be overridden separately using WARNING_CFLAGS. @@ -52,6 +60,10 @@ In order to build the source using CMake, just enter at the command line:: make +The test suites need Perl to be built. If you don't have Perl installed, you'll want to disable the test suites with:: + + cmake -DENABLE_TESTING=Off . + There are many different build modes available within the CMake buildsystem. Most of them are available for gcc and clang, though some are compiler-specific: - Release. @@ -71,7 +83,7 @@ There are many different build modes available within the CMake buildsystem. Mos This instruments the code with MemorySanitizer to check for uninitialised memory reads. Experimental, needs recent clang on Linux/x86_64. - MemSanDbg. - Same as ASan but slower, with debug information, better stack traces and + Same as MemSan but slower, with debug information, better stack traces and origin tracking. - Check. This activates the compiler warnings that depend on optimization and treats @@ -90,12 +102,16 @@ In order to run the tests, enter:: make test +If you disabled the test suites, but kept the progams enabled, you can still run a much smaller set of tests with:: + + programs/test/selftest + Microsoft Visual Studio ----------------------- -The build files for Microsoft Visual Studio are generated for Visual Studio 6.0 and Visual Studio 2010. +The build files for Microsoft Visual Studio are generated for Visual Studio 2010. -The workspace 'polarssl.dsw' contains all the basic projects needed to build the library and all the programs. The files in tests are not generated and compiled, as these need a perl environment as well. +The solution file 'mbedTLS.sln' contains all the basic projects needed to build the library and all the programs. The files in tests are not generated and compiled, as these need a perl environment as well. However, the `selftest` program in *programs/test/* is still available. Example programs ================ @@ -105,14 +121,14 @@ We've included example programs for a lot of different features and uses in *pro Tests ===== -mbed TLS includes an elaborate test suite in *tests/* that initially requires Perl to generate the tests files (e.g. *test_suite_mpi.c*). These files are generates from a **function file** (e.g. *suites/test_suite_mpi.function*) and a **data file** (e.g. *suites/test_suite_mpi.data*). The **function file** contains the template for each test function. The **data file** contains the test cases, specified as parameters that should be pushed into a template function. +mbed TLS includes an elaborate test suite in *tests/* that initially requires Perl to generate the tests files (e.g. *test_suite_mpi.c*). These files are generates from a **function file** (e.g. *suites/test_suite_mpi.function*) and a **data file** (e.g. *suites/test_suite_mpi.data*). The **function file** contains the test functions. The **data file** contains the test cases, specified as parameters that will be passed to the test function. For machines with a Unix shell and OpenSSL (and optionally GnuTLS) installed, additional test scripts are available: - *tests/ssl-opt.sh* runs integration tests for various TLS options (renegotiation, resumption, etc.) and tests interoperability of these options with other implementations. - *tests/compat.sh* tests interoperability of every ciphersuite with other implementations. - *tests/scripts/test-ref-configs.pl* test builds in various reduced configurations. -- *tests/scripts/all.sh* runs a combination of the above tests with various build options (eg ASan). +- *tests/scripts/all.sh* runs a combination of the above tests, plus some more, with various build options (such as ASan, full *config.h*, etc). Configurations ============== diff --git a/ext/mbedtls/include/.gitignore b/ext/mbedtls/include/.gitignore index 53a36d4463..bf67d02ed8 100644 --- a/ext/mbedtls/include/.gitignore +++ b/ext/mbedtls/include/.gitignore @@ -1,4 +1,4 @@ Makefile *.sln *.vcxproj -polarssl/check_config +mbedtls/check_config diff --git a/ext/mbedtls/include/CMakeLists.txt b/ext/mbedtls/include/CMakeLists.txt index 2c568584f3..985a3530b9 100644 --- a/ext/mbedtls/include/CMakeLists.txt +++ b/ext/mbedtls/include/CMakeLists.txt @@ -2,10 +2,10 @@ option(INSTALL_MBEDTLS_HEADERS "Install mbed TLS headers." ON) if(INSTALL_MBEDTLS_HEADERS) -file(GLOB headers "polarssl/*.h") + file(GLOB headers "mbedtls/*.h") -install(FILES ${headers} - DESTINATION include/polarssl + install(FILES ${headers} + DESTINATION include/mbedtls PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) endif(INSTALL_MBEDTLS_HEADERS) diff --git a/ext/mbedtls/include/polarssl/aes.h b/ext/mbedtls/include/mbedtls/aes.h similarity index 70% rename from ext/mbedtls/include/polarssl/aes.h rename to ext/mbedtls/include/mbedtls/aes.h index 8bcc039362..fb97c7b75f 100644 --- a/ext/mbedtls/include/polarssl/aes.h +++ b/ext/mbedtls/include/mbedtls/aes.h @@ -21,32 +21,26 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_AES_H -#define POLARSSL_AES_H +#ifndef MBEDTLS_AES_H +#define MBEDTLS_AES_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include - -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif +#include /* padlock.c and aesni.c rely on these values! */ -#define AES_ENCRYPT 1 -#define AES_DECRYPT 0 +#define MBEDTLS_AES_ENCRYPT 1 +#define MBEDTLS_AES_DECRYPT 0 -#define POLARSSL_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ -#define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ +#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ +#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ -#if !defined(POLARSSL_AES_ALT) +#if !defined(MBEDTLS_AES_ALT) // Regular implementation // @@ -68,62 +62,62 @@ typedef struct uint32_t *rk; /*!< AES round keys */ uint32_t buf[68]; /*!< unaligned data */ } -aes_context; +mbedtls_aes_context; /** * \brief Initialize AES context * * \param ctx AES context to be initialized */ -void aes_init( aes_context *ctx ); +void mbedtls_aes_init( mbedtls_aes_context *ctx ); /** * \brief Clear AES context * * \param ctx AES context to be cleared */ -void aes_free( aes_context *ctx ); +void mbedtls_aes_free( mbedtls_aes_context *ctx ); /** * \brief AES key schedule (encryption) * * \param ctx AES context to be initialized * \param key encryption key - * \param keysize must be 128, 192 or 256 + * \param keybits must be 128, 192 or 256 * - * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH + * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH */ -int aes_setkey_enc( aes_context *ctx, const unsigned char *key, - unsigned int keysize ); +int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits ); /** * \brief AES key schedule (decryption) * * \param ctx AES context to be initialized * \param key decryption key - * \param keysize must be 128, 192 or 256 + * \param keybits must be 128, 192 or 256 * - * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH + * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH */ -int aes_setkey_dec( aes_context *ctx, const unsigned char *key, - unsigned int keysize ); +int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits ); /** * \brief AES-ECB block encryption/decryption * * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT + * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT * \param input 16-byte input block * \param output 16-byte output block * * \return 0 if successful */ -int aes_crypt_ecb( aes_context *ctx, +int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, int mode, const unsigned char input[16], unsigned char output[16] ); -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /** * \brief AES-CBC buffer encryption/decryption * Length should be a multiple of the block @@ -138,29 +132,29 @@ int aes_crypt_ecb( aes_context *ctx, * module instead. * * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT + * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT * \param length length of the input data * \param iv initialization vector (updated after use) * \param input buffer holding the input data * \param output buffer holding the output data * - * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_INPUT_LENGTH + * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH */ -int aes_crypt_cbc( aes_context *ctx, +int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, int mode, size_t length, unsigned char iv[16], const unsigned char *input, unsigned char *output ); -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) /** * \brief AES-CFB128 buffer encryption/decryption. * * Note: Due to the nature of CFB you should use the same key schedule for * both encryption and decryption. So a context initialized with - * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. + * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. * * \note Upon exit, the content of the IV is updated so that you can * call the function same function again on the following @@ -171,7 +165,7 @@ int aes_crypt_cbc( aes_context *ctx, * module instead. * * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT + * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT * \param length length of the input data * \param iv_off offset in IV (updated after use) * \param iv initialization vector (updated after use) @@ -180,7 +174,7 @@ int aes_crypt_cbc( aes_context *ctx, * * \return 0 if successful */ -int aes_crypt_cfb128( aes_context *ctx, +int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, int mode, size_t length, size_t *iv_off, @@ -193,7 +187,7 @@ int aes_crypt_cfb128( aes_context *ctx, * * Note: Due to the nature of CFB you should use the same key schedule for * both encryption and decryption. So a context initialized with - * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. + * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. * * \note Upon exit, the content of the IV is updated so that you can * call the function same function again on the following @@ -204,7 +198,7 @@ int aes_crypt_cfb128( aes_context *ctx, * module instead. * * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT + * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT * \param length length of the input data * \param iv initialization vector (updated after use) * \param input buffer holding the input data @@ -212,15 +206,15 @@ int aes_crypt_cfb128( aes_context *ctx, * * \return 0 if successful */ -int aes_crypt_cfb8( aes_context *ctx, +int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, int mode, size_t length, unsigned char iv[16], const unsigned char *input, unsigned char *output ); -#endif /*POLARSSL_CIPHER_MODE_CFB */ +#endif /*MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) /** * \brief AES-CTR buffer encryption/decryption * @@ -228,7 +222,7 @@ int aes_crypt_cfb8( aes_context *ctx, * * Note: Due to the nature of CTR you should use the same key schedule for * both encryption and decryption. So a context initialized with - * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. + * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. * * \param ctx AES context * \param length The length of the data @@ -243,22 +237,48 @@ int aes_crypt_cfb8( aes_context *ctx, * * \return 0 if successful */ -int aes_crypt_ctr( aes_context *ctx, +int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, size_t length, size_t *nc_off, unsigned char nonce_counter[16], unsigned char stream_block[16], const unsigned char *input, unsigned char *output ); -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ + +/** + * \brief Internal AES block encryption function + * (Only exposed to allow overriding it, + * see MBEDTLS_AES_ENCRYPT_ALT) + * + * \param ctx AES context + * \param input Plaintext block + * \param output Output (ciphertext) block + */ +void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16] ); + +/** + * \brief Internal AES block decryption function + * (Only exposed to allow overriding it, + * see MBEDTLS_AES_DECRYPT_ALT) + * + * \param ctx AES context + * \param input Ciphertext block + * \param output Output (plaintext) block + */ +void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16] ); #ifdef __cplusplus } #endif -#else /* POLARSSL_AES_ALT */ +#else /* MBEDTLS_AES_ALT */ #include "aes_alt.h" -#endif /* POLARSSL_AES_ALT */ +#endif /* MBEDTLS_AES_ALT */ #ifdef __cplusplus extern "C" { @@ -269,7 +289,7 @@ extern "C" { * * \return 0 if successful, or 1 if the test failed */ -int aes_self_test( int verbose ); +int mbedtls_aes_self_test( int verbose ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/aesni.h b/ext/mbedtls/include/mbedtls/aesni.h similarity index 77% rename from ext/mbedtls/include/polarssl/aesni.h rename to ext/mbedtls/include/mbedtls/aesni.h index 02419eda5a..c5a102b2e1 100644 --- a/ext/mbedtls/include/polarssl/aesni.h +++ b/ext/mbedtls/include/mbedtls/aesni.h @@ -21,21 +21,21 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_AESNI_H -#define POLARSSL_AESNI_H +#ifndef MBEDTLS_AESNI_H +#define MBEDTLS_AESNI_H #include "aes.h" -#define POLARSSL_AESNI_AES 0x02000000u -#define POLARSSL_AESNI_CLMUL 0x00000002u +#define MBEDTLS_AESNI_AES 0x02000000u +#define MBEDTLS_AESNI_CLMUL 0x00000002u -#if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && \ +#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \ ( defined(__amd64__) || defined(__x86_64__) ) && \ - ! defined(POLARSSL_HAVE_X86_64) -#define POLARSSL_HAVE_X86_64 + ! defined(MBEDTLS_HAVE_X86_64) +#define MBEDTLS_HAVE_X86_64 #endif -#if defined(POLARSSL_HAVE_X86_64) +#if defined(MBEDTLS_HAVE_X86_64) #ifdef __cplusplus extern "C" { @@ -45,23 +45,23 @@ extern "C" { * \brief AES-NI features detection routine * * \param what The feature to detect - * (POLARSSL_AESNI_AES or POLARSSL_AESNI_CLMUL) + * (MBEDTLS_AESNI_AES or MBEDTLS_AESNI_CLMUL) * * \return 1 if CPU has support for the feature, 0 otherwise */ -int aesni_supports( unsigned int what ); +int mbedtls_aesni_has_support( unsigned int what ); /** * \brief AES-NI AES-ECB block en(de)cryption * * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT + * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT * \param input 16-byte input block * \param output 16-byte output block * * \return 0 on success (cannot fail) */ -int aesni_crypt_ecb( aes_context *ctx, +int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, int mode, const unsigned char input[16], unsigned char output[16] ); @@ -76,7 +76,7 @@ int aesni_crypt_ecb( aes_context *ctx, * \note Both operands and result are bit strings interpreted as * elements of GF(2^128) as per the GCM spec. */ -void aesni_gcm_mult( unsigned char c[16], +void mbedtls_aesni_gcm_mult( unsigned char c[16], const unsigned char a[16], const unsigned char b[16] ); @@ -87,7 +87,7 @@ void aesni_gcm_mult( unsigned char c[16], * \param fwdkey Original round keys (for encryption) * \param nr Number of rounds (that is, number of round keys minus one) */ -void aesni_inverse_key( unsigned char *invkey, +void mbedtls_aesni_inverse_key( unsigned char *invkey, const unsigned char *fwdkey, int nr ); /** @@ -97,9 +97,9 @@ void aesni_inverse_key( unsigned char *invkey, * \param key Encryption key * \param bits Key size in bits (must be 128, 192 or 256) * - * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH + * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH */ -int aesni_setkey_enc( unsigned char *rk, +int mbedtls_aesni_setkey_enc( unsigned char *rk, const unsigned char *key, size_t bits ); @@ -107,6 +107,6 @@ int aesni_setkey_enc( unsigned char *rk, } #endif -#endif /* POLARSSL_HAVE_X86_64 */ +#endif /* MBEDTLS_HAVE_X86_64 */ -#endif /* POLARSSL_AESNI_H */ +#endif /* MBEDTLS_AESNI_H */ diff --git a/ext/mbedtls/include/polarssl/arc4.h b/ext/mbedtls/include/mbedtls/arc4.h similarity index 80% rename from ext/mbedtls/include/polarssl/arc4.h rename to ext/mbedtls/include/mbedtls/arc4.h index 9de0577099..da7d97b901 100644 --- a/ext/mbedtls/include/polarssl/arc4.h +++ b/ext/mbedtls/include/mbedtls/arc4.h @@ -21,18 +21,18 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_ARC4_H -#define POLARSSL_ARC4_H +#ifndef MBEDTLS_ARC4_H +#define MBEDTLS_ARC4_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include -#if !defined(POLARSSL_ARC4_ALT) +#if !defined(MBEDTLS_ARC4_ALT) // Regular implementation // @@ -49,21 +49,21 @@ typedef struct int y; /*!< permutation index */ unsigned char m[256]; /*!< permutation table */ } -arc4_context; +mbedtls_arc4_context; /** * \brief Initialize ARC4 context * * \param ctx ARC4 context to be initialized */ -void arc4_init( arc4_context *ctx ); +void mbedtls_arc4_init( mbedtls_arc4_context *ctx ); /** * \brief Clear ARC4 context * * \param ctx ARC4 context to be cleared */ -void arc4_free( arc4_context *ctx ); +void mbedtls_arc4_free( mbedtls_arc4_context *ctx ); /** * \brief ARC4 key schedule @@ -72,7 +72,7 @@ void arc4_free( arc4_context *ctx ); * \param key the secret key * \param keylen length of the key, in bytes */ -void arc4_setup( arc4_context *ctx, const unsigned char *key, +void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, unsigned int keylen ); /** @@ -85,16 +85,16 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key, * * \return 0 if successful */ -int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input, +int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, unsigned char *output ); #ifdef __cplusplus } #endif -#else /* POLARSSL_ARC4_ALT */ +#else /* MBEDTLS_ARC4_ALT */ #include "arc4_alt.h" -#endif /* POLARSSL_ARC4_ALT */ +#endif /* MBEDTLS_ARC4_ALT */ #ifdef __cplusplus extern "C" { @@ -105,7 +105,7 @@ extern "C" { * * \return 0 if successful, or 1 if the test failed */ -int arc4_self_test( int verbose ); +int mbedtls_arc4_self_test( int verbose ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/asn1.h b/ext/mbedtls/include/mbedtls/asn1.h similarity index 60% rename from ext/mbedtls/include/polarssl/asn1.h rename to ext/mbedtls/include/mbedtls/asn1.h index 0bfa929348..675a8eb5ce 100644 --- a/ext/mbedtls/include/polarssl/asn1.h +++ b/ext/mbedtls/include/mbedtls/asn1.h @@ -21,18 +21,18 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_ASN1_H -#define POLARSSL_ASN1_H +#ifndef MBEDTLS_ASN1_H +#define MBEDTLS_ASN1_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include -#if defined(POLARSSL_BIGNUM_C) +#if defined(MBEDTLS_BIGNUM_C) #include "bignum.h" #endif @@ -48,13 +48,13 @@ * ASN1 is a standard to specify data structures. * \{ */ -#define POLARSSL_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */ -#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */ -#define POLARSSL_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */ -#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */ -#define POLARSSL_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. (not used) */ -#define POLARSSL_ERR_ASN1_MALLOC_FAILED -0x006A /**< Memory allocation failed */ -#define POLARSSL_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */ +#define MBEDTLS_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */ +#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */ +#define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */ +#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */ +#define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. (not used) */ +#define MBEDTLS_ERR_ASN1_ALLOC_FAILED -0x006A /**< Memory allocation failed */ +#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */ /* \} name */ @@ -66,45 +66,43 @@ * - 0x02 -- tag indicating INTEGER * - 0x01 -- length in octets * - 0x05 -- value - * Such sequences are typically read into \c ::x509_buf. + * Such sequences are typically read into \c ::mbedtls_x509_buf. * \{ */ -#define ASN1_BOOLEAN 0x01 -#define ASN1_INTEGER 0x02 -#define ASN1_BIT_STRING 0x03 -#define ASN1_OCTET_STRING 0x04 -#define ASN1_NULL 0x05 -#define ASN1_OID 0x06 -#define ASN1_UTF8_STRING 0x0C -#define ASN1_SEQUENCE 0x10 -#define ASN1_SET 0x11 -#define ASN1_PRINTABLE_STRING 0x13 -#define ASN1_T61_STRING 0x14 -#define ASN1_IA5_STRING 0x16 -#define ASN1_UTC_TIME 0x17 -#define ASN1_GENERALIZED_TIME 0x18 -#define ASN1_UNIVERSAL_STRING 0x1C -#define ASN1_BMP_STRING 0x1E -#define ASN1_PRIMITIVE 0x00 -#define ASN1_CONSTRUCTED 0x20 -#define ASN1_CONTEXT_SPECIFIC 0x80 +#define MBEDTLS_ASN1_BOOLEAN 0x01 +#define MBEDTLS_ASN1_INTEGER 0x02 +#define MBEDTLS_ASN1_BIT_STRING 0x03 +#define MBEDTLS_ASN1_OCTET_STRING 0x04 +#define MBEDTLS_ASN1_NULL 0x05 +#define MBEDTLS_ASN1_OID 0x06 +#define MBEDTLS_ASN1_UTF8_STRING 0x0C +#define MBEDTLS_ASN1_SEQUENCE 0x10 +#define MBEDTLS_ASN1_SET 0x11 +#define MBEDTLS_ASN1_PRINTABLE_STRING 0x13 +#define MBEDTLS_ASN1_T61_STRING 0x14 +#define MBEDTLS_ASN1_IA5_STRING 0x16 +#define MBEDTLS_ASN1_UTC_TIME 0x17 +#define MBEDTLS_ASN1_GENERALIZED_TIME 0x18 +#define MBEDTLS_ASN1_UNIVERSAL_STRING 0x1C +#define MBEDTLS_ASN1_BMP_STRING 0x1E +#define MBEDTLS_ASN1_PRIMITIVE 0x00 +#define MBEDTLS_ASN1_CONSTRUCTED 0x20 +#define MBEDTLS_ASN1_CONTEXT_SPECIFIC 0x80 /* \} name */ /* \} addtogroup asn1_module */ /** Returns the size of the binary string, without the trailing \\0 */ -#define OID_SIZE(x) (sizeof(x) - 1) +#define MBEDTLS_OID_SIZE(x) (sizeof(x) - 1) /** - * Compares an asn1_buf structure to a reference OID. + * Compares an mbedtls_asn1_buf structure to a reference OID. * - * Only works for 'defined' oid_str values (OID_HMAC_SHA1), you cannot use a + * Only works for 'defined' oid_str values (MBEDTLS_OID_HMAC_SHA1), you cannot use a * 'unsigned char *oid' here! - * - * Warning: returns true when the OIDs are equal (unlike memcmp)! */ -#define OID_CMP(oid_str, oid_buf) \ - ( ( OID_SIZE(oid_str) == (oid_buf)->len ) && \ - memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) == 0 ) +#define MBEDTLS_OID_CMP(oid_str, oid_buf) \ + ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) || \ + memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 ) #ifdef __cplusplus extern "C" { @@ -118,46 +116,46 @@ extern "C" { /** * Type-length-value structure that allows for ASN1 using DER. */ -typedef struct _asn1_buf +typedef struct mbedtls_asn1_buf { - int tag; /**< ASN1 type, e.g. ASN1_UTF8_STRING. */ - size_t len; /**< ASN1 length, e.g. in octets. */ + int tag; /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */ + size_t len; /**< ASN1 length, in octets. */ unsigned char *p; /**< ASN1 data, e.g. in ASCII. */ } -asn1_buf; +mbedtls_asn1_buf; /** * Container for ASN1 bit strings. */ -typedef struct _asn1_bitstring +typedef struct mbedtls_asn1_bitstring { - size_t len; /**< ASN1 length, e.g. in octets. */ + size_t len; /**< ASN1 length, in octets. */ unsigned char unused_bits; /**< Number of unused bits at the end of the string */ unsigned char *p; /**< Raw ASN1 data for the bit string */ } -asn1_bitstring; +mbedtls_asn1_bitstring; /** * Container for a sequence of ASN.1 items */ -typedef struct _asn1_sequence +typedef struct mbedtls_asn1_sequence { - asn1_buf buf; /**< Buffer containing the given ASN.1 item. */ - struct _asn1_sequence *next; /**< The next entry in the sequence. */ + mbedtls_asn1_buf buf; /**< Buffer containing the given ASN.1 item. */ + struct mbedtls_asn1_sequence *next; /**< The next entry in the sequence. */ } -asn1_sequence; +mbedtls_asn1_sequence; /** * Container for a sequence or list of 'named' ASN.1 data items */ -typedef struct _asn1_named_data +typedef struct mbedtls_asn1_named_data { - asn1_buf oid; /**< The object identifier. */ - asn1_buf val; /**< The named value. */ - struct _asn1_named_data *next; /**< The next entry in the sequence. */ + mbedtls_asn1_buf oid; /**< The object identifier. */ + mbedtls_asn1_buf val; /**< The named value. */ + struct mbedtls_asn1_named_data *next; /**< The next entry in the sequence. */ unsigned char next_merged; /**< Merge next item into the current one? */ } -asn1_named_data; +mbedtls_asn1_named_data; /** * \brief Get the length of an ASN.1 element. @@ -167,11 +165,11 @@ asn1_named_data; * \param end End of data * \param len The variable that will receive the value * - * \return 0 if successful, POLARSSL_ERR_ASN1_OUT_OF_DATA on reaching - * end of data, POLARSSL_ERR_ASN1_INVALID_LENGTH if length is + * \return 0 if successful, MBEDTLS_ERR_ASN1_OUT_OF_DATA on reaching + * end of data, MBEDTLS_ERR_ASN1_INVALID_LENGTH if length is * unparseable. */ -int asn1_get_len( unsigned char **p, +int mbedtls_asn1_get_len( unsigned char **p, const unsigned char *end, size_t *len ); @@ -184,10 +182,10 @@ int asn1_get_len( unsigned char **p, * \param len The variable that will receive the length * \param tag The expected tag * - * \return 0 if successful, POLARSSL_ERR_ASN1_UNEXPECTED_TAG if tag did + * \return 0 if successful, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if tag did * not match requested tag, or another specific ASN.1 error code. */ -int asn1_get_tag( unsigned char **p, +int mbedtls_asn1_get_tag( unsigned char **p, const unsigned char *end, size_t *len, int tag ); @@ -201,7 +199,7 @@ int asn1_get_tag( unsigned char **p, * * \return 0 if successful or a specific ASN.1 error code. */ -int asn1_get_bool( unsigned char **p, +int mbedtls_asn1_get_bool( unsigned char **p, const unsigned char *end, int *val ); @@ -215,7 +213,7 @@ int asn1_get_bool( unsigned char **p, * * \return 0 if successful or a specific ASN.1 error code. */ -int asn1_get_int( unsigned char **p, +int mbedtls_asn1_get_int( unsigned char **p, const unsigned char *end, int *val ); @@ -229,8 +227,8 @@ int asn1_get_int( unsigned char **p, * * \return 0 if successful or a specific ASN.1 error code. */ -int asn1_get_bitstring( unsigned char **p, const unsigned char *end, - asn1_bitstring *bs); +int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, + mbedtls_asn1_bitstring *bs); /** * \brief Retrieve a bitstring ASN.1 tag without unused bits and its @@ -243,7 +241,7 @@ int asn1_get_bitstring( unsigned char **p, const unsigned char *end, * * \return 0 if successful or a specific ASN.1 error code. */ -int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, +int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, size_t *len ); /** @@ -257,12 +255,12 @@ int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, * * \return 0 if successful or a specific ASN.1 error code. */ -int asn1_get_sequence_of( unsigned char **p, +int mbedtls_asn1_get_sequence_of( unsigned char **p, const unsigned char *end, - asn1_sequence *cur, + mbedtls_asn1_sequence *cur, int tag); -#if defined(POLARSSL_BIGNUM_C) +#if defined(MBEDTLS_BIGNUM_C) /** * \brief Retrieve a MPI value from an integer ASN.1 tag. * Updates the pointer to immediately behind the full tag. @@ -273,10 +271,10 @@ int asn1_get_sequence_of( unsigned char **p, * * \return 0 if successful or a specific ASN.1 or MPI error code. */ -int asn1_get_mpi( unsigned char **p, +int mbedtls_asn1_get_mpi( unsigned char **p, const unsigned char *end, - mpi *X ); -#endif /* POLARSSL_BIGNUM_C */ + mbedtls_mpi *X ); +#endif /* MBEDTLS_BIGNUM_C */ /** * \brief Retrieve an AlgorithmIdentifier ASN.1 sequence. @@ -290,9 +288,9 @@ int asn1_get_mpi( unsigned char **p, * * \return 0 if successful or a specific ASN.1 or MPI error code. */ -int asn1_get_alg( unsigned char **p, +int mbedtls_asn1_get_alg( unsigned char **p, const unsigned char *end, - asn1_buf *alg, asn1_buf *params ); + mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ); /** * \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no @@ -306,9 +304,9 @@ int asn1_get_alg( unsigned char **p, * * \return 0 if successful or a specific ASN.1 or MPI error code. */ -int asn1_get_alg_null( unsigned char **p, +int mbedtls_asn1_get_alg_null( unsigned char **p, const unsigned char *end, - asn1_buf *alg ); + mbedtls_asn1_buf *alg ); /** * \brief Find a specific named_data entry in a sequence or list based on @@ -320,23 +318,23 @@ int asn1_get_alg_null( unsigned char **p, * * \return NULL if not found, or a pointer to the existing entry. */ -asn1_named_data *asn1_find_named_data( asn1_named_data *list, +mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list, const char *oid, size_t len ); /** - * \brief Free a asn1_named_data entry + * \brief Free a mbedtls_asn1_named_data entry * * \param entry The named data entry to free */ -void asn1_free_named_data( asn1_named_data *entry ); +void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry ); /** - * \brief Free all entries in a asn1_named_data list + * \brief Free all entries in a mbedtls_asn1_named_data list * Head will be set to NULL * * \param head Pointer to the head of the list of named data entries to free */ -void asn1_free_named_data_list( asn1_named_data **head ); +void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/asn1write.h b/ext/mbedtls/include/mbedtls/asn1write.h similarity index 78% rename from ext/mbedtls/include/polarssl/asn1write.h rename to ext/mbedtls/include/mbedtls/asn1write.h index 154a6ba201..8bae13674c 100644 --- a/ext/mbedtls/include/polarssl/asn1write.h +++ b/ext/mbedtls/include/mbedtls/asn1write.h @@ -21,12 +21,12 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_ASN1_WRITE_H -#define POLARSSL_ASN1_WRITE_H +#ifndef MBEDTLS_ASN1_WRITE_H +#define MBEDTLS_ASN1_WRITE_H #include "asn1.h" -#define ASN1_CHK_ADD(g, f) do { if( ( ret = f ) < 0 ) return( ret ); else \ +#define MBEDTLS_ASN1_CHK_ADD(g, f) do { if( ( ret = f ) < 0 ) return( ret ); else \ g += ret; } while( 0 ) #ifdef __cplusplus @@ -43,7 +43,7 @@ extern "C" { * * \return the length written or a negative error code */ -int asn1_write_len( unsigned char **p, unsigned char *start, size_t len ); +int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len ); /** * \brief Write a ASN.1 tag in ASN.1 format @@ -55,7 +55,7 @@ int asn1_write_len( unsigned char **p, unsigned char *start, size_t len ); * * \return the length written or a negative error code */ -int asn1_write_tag( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag ); /** @@ -69,12 +69,12 @@ int asn1_write_tag( unsigned char **p, unsigned char *start, * * \return the length written or a negative error code */ -int asn1_write_raw_buffer( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t size ); -#if defined(POLARSSL_BIGNUM_C) +#if defined(MBEDTLS_BIGNUM_C) /** - * \brief Write a big number (ASN1_INTEGER) in ASN.1 format + * \brief Write a big number (MBEDTLS_ASN1_INTEGER) in ASN.1 format * Note: function works backwards in data buffer * * \param p reference to current position pointer @@ -83,11 +83,11 @@ int asn1_write_raw_buffer( unsigned char **p, unsigned char *start, * * \return the length written or a negative error code */ -int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X ); -#endif /* POLARSSL_BIGNUM_C */ +int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X ); +#endif /* MBEDTLS_BIGNUM_C */ /** - * \brief Write a NULL tag (ASN1_NULL) with zero data in ASN.1 format + * \brief Write a NULL tag (MBEDTLS_ASN1_NULL) with zero data in ASN.1 format * Note: function works backwards in data buffer * * \param p reference to current position pointer @@ -95,10 +95,10 @@ int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X ); * * \return the length written or a negative error code */ -int asn1_write_null( unsigned char **p, unsigned char *start ); +int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ); /** - * \brief Write an OID tag (ASN1_OID) and data in ASN.1 format + * \brief Write an OID tag (MBEDTLS_ASN1_OID) and data in ASN.1 format * Note: function works backwards in data buffer * * \param p reference to current position pointer @@ -108,7 +108,7 @@ int asn1_write_null( unsigned char **p, unsigned char *start ); * * \return the length written or a negative error code */ -int asn1_write_oid( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start, const char *oid, size_t oid_len ); /** @@ -124,12 +124,12 @@ int asn1_write_oid( unsigned char **p, unsigned char *start, * * \return the length written or a negative error code */ -int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, const char *oid, size_t oid_len, size_t par_len ); /** - * \brief Write a boolean tag (ASN1_BOOLEAN) and value in ASN.1 format + * \brief Write a boolean tag (MBEDTLS_ASN1_BOOLEAN) and value in ASN.1 format * Note: function works backwards in data buffer * * \param p reference to current position pointer @@ -138,10 +138,10 @@ int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, * * \return the length written or a negative error code */ -int asn1_write_bool( unsigned char **p, unsigned char *start, int boolean ); +int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean ); /** - * \brief Write an int tag (ASN1_INTEGER) and value in ASN.1 format + * \brief Write an int tag (MBEDTLS_ASN1_INTEGER) and value in ASN.1 format * Note: function works backwards in data buffer * * \param p reference to current position pointer @@ -150,10 +150,10 @@ int asn1_write_bool( unsigned char **p, unsigned char *start, int boolean ); * * \return the length written or a negative error code */ -int asn1_write_int( unsigned char **p, unsigned char *start, int val ); +int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ); /** - * \brief Write a printable string tag (ASN1_PRINTABLE_STRING) and + * \brief Write a printable string tag (MBEDTLS_ASN1_PRINTABLE_STRING) and * value in ASN.1 format * Note: function works backwards in data buffer * @@ -164,11 +164,11 @@ int asn1_write_int( unsigned char **p, unsigned char *start, int val ); * * \return the length written or a negative error code */ -int asn1_write_printable_string( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start, const char *text, size_t text_len ); /** - * \brief Write an IA5 string tag (ASN1_IA5_STRING) and + * \brief Write an IA5 string tag (MBEDTLS_ASN1_IA5_STRING) and * value in ASN.1 format * Note: function works backwards in data buffer * @@ -179,11 +179,11 @@ int asn1_write_printable_string( unsigned char **p, unsigned char *start, * * \return the length written or a negative error code */ -int asn1_write_ia5_string( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, const char *text, size_t text_len ); /** - * \brief Write a bitstring tag (ASN1_BIT_STRING) and + * \brief Write a bitstring tag (MBEDTLS_ASN1_BIT_STRING) and * value in ASN.1 format * Note: function works backwards in data buffer * @@ -194,11 +194,11 @@ int asn1_write_ia5_string( unsigned char **p, unsigned char *start, * * \return the length written or a negative error code */ -int asn1_write_bitstring( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t bits ); /** - * \brief Write an octet string tag (ASN1_OCTET_STRING) and + * \brief Write an octet string tag (MBEDTLS_ASN1_OCTET_STRING) and * value in ASN.1 format * Note: function works backwards in data buffer * @@ -209,7 +209,7 @@ int asn1_write_bitstring( unsigned char **p, unsigned char *start, * * \return the length written or a negative error code */ -int asn1_write_octet_string( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t size ); /** @@ -228,7 +228,7 @@ int asn1_write_octet_string( unsigned char **p, unsigned char *start, * \return NULL if if there was a memory allocation error, or a pointer * to the new / existing entry. */ -asn1_named_data *asn1_store_named_data( asn1_named_data **list, +mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len ); @@ -237,4 +237,4 @@ asn1_named_data *asn1_store_named_data( asn1_named_data **list, } #endif -#endif /* POLARSSL_ASN1_WRITE_H */ +#endif /* MBEDTLS_ASN1_WRITE_H */ diff --git a/ext/mbedtls/include/polarssl/base64.h b/ext/mbedtls/include/mbedtls/base64.h similarity index 59% rename from ext/mbedtls/include/polarssl/base64.h rename to ext/mbedtls/include/mbedtls/base64.h index 0f1e8549b7..b7318853d2 100644 --- a/ext/mbedtls/include/polarssl/base64.h +++ b/ext/mbedtls/include/mbedtls/base64.h @@ -21,13 +21,13 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_BASE64_H -#define POLARSSL_BASE64_H +#ifndef MBEDTLS_BASE64_H +#define MBEDTLS_BASE64_H #include -#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */ -#define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x002C /**< Invalid character in input. */ +#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */ +#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER -0x002C /**< Invalid character in input. */ #ifdef __cplusplus extern "C" { @@ -37,37 +37,39 @@ extern "C" { * \brief Encode a buffer into base64 format * * \param dst destination buffer - * \param dlen size of the buffer + * \param dlen size of the destination buffer + * \param olen number of bytes written * \param src source buffer * \param slen amount of data to be encoded * - * \return 0 if successful, or POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL. - * *dlen is always updated to reflect the amount + * \return 0 if successful, or MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL. + * *olen is always updated to reflect the amount * of data that has (or would have) been written. * - * \note Call this function with *dlen = 0 to obtain the - * required buffer size in *dlen + * \note Call this function with dlen = 0 to obtain the + * required buffer size in *olen */ -int base64_encode( unsigned char *dst, size_t *dlen, +int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, const unsigned char *src, size_t slen ); /** * \brief Decode a base64-formatted buffer * * \param dst destination buffer (can be NULL for checking size) - * \param dlen size of the buffer + * \param dlen size of the destination buffer + * \param olen number of bytes written * \param src source buffer * \param slen amount of data to be decoded * - * \return 0 if successful, POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL, or - * POLARSSL_ERR_BASE64_INVALID_CHARACTER if the input data is - * not correct. *dlen is always updated to reflect the amount + * \return 0 if successful, MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL, or + * MBEDTLS_ERR_BASE64_INVALID_CHARACTER if the input data is + * not correct. *olen is always updated to reflect the amount * of data that has (or would have) been written. * - * \note Call this function with *dst = NULL or *dlen = 0 to obtain - * the required buffer size in *dlen + * \note Call this function with *dst = NULL or dlen = 0 to obtain + * the required buffer size in *olen */ -int base64_decode( unsigned char *dst, size_t *dlen, +int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, const unsigned char *src, size_t slen ); /** @@ -75,7 +77,7 @@ int base64_decode( unsigned char *dst, size_t *dlen, * * \return 0 if successful, or 1 if the test failed */ -int base64_self_test( int verbose ); +int mbedtls_base64_self_test( int verbose ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/bignum.h b/ext/mbedtls/include/mbedtls/bignum.h similarity index 53% rename from ext/mbedtls/include/polarssl/bignum.h rename to ext/mbedtls/include/mbedtls/bignum.h index 8e1687b976..3c9eeea5bd 100644 --- a/ext/mbedtls/include/polarssl/bignum.h +++ b/ext/mbedtls/include/mbedtls/bignum.h @@ -21,156 +21,118 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_BIGNUM_H -#define POLARSSL_BIGNUM_H +#ifndef MBEDTLS_BIGNUM_H +#define MBEDTLS_BIGNUM_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include +#include -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) #include #endif -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -#if (_MSC_VER <= 1200) -typedef signed short int16_t; -typedef unsigned short uint16_t; -#else -typedef INT16 int16_t; -typedef UINT16 uint16_t; -#endif -typedef INT32 int32_t; -typedef INT64 int64_t; -typedef UINT32 uint32_t; -typedef UINT64 uint64_t; -#else -#include -#endif /* _MSC_VER && !EFIX64 && !EFI32 */ - -#define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */ -#define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */ -#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The buffer is too small to write to. */ -#define POLARSSL_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are negative or result in illegal output. */ -#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */ -#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */ -#define POLARSSL_ERR_MPI_MALLOC_FAILED -0x0010 /**< Memory allocation failed. */ +#define MBEDTLS_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */ +#define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */ +#define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The buffer is too small to write to. */ +#define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are negative or result in illegal output. */ +#define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */ +#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */ +#define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010 /**< Memory allocation failed. */ -#define MPI_CHK(f) do { if( ( ret = f ) != 0 ) goto cleanup; } while( 0 ) +#define MBEDTLS_MPI_CHK(f) do { if( ( ret = f ) != 0 ) goto cleanup; } while( 0 ) /* * Maximum size MPIs are allowed to grow to in number of limbs. */ -#define POLARSSL_MPI_MAX_LIMBS 10000 +#define MBEDTLS_MPI_MAX_LIMBS 10000 -#if !defined(POLARSSL_MPI_WINDOW_SIZE) +#if !defined(MBEDTLS_MPI_WINDOW_SIZE) /* * Maximum window size used for modular exponentiation. Default: 6 * Minimum value: 1. Maximum value: 6. * - * Result is an array of ( 2 << POLARSSL_MPI_WINDOW_SIZE ) MPIs used + * Result is an array of ( 2 << MBEDTLS_MPI_WINDOW_SIZE ) MPIs used * for the sliding window calculation. (So 64 by default) * * Reduction in size, reduces speed. */ -#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ -#endif /* !POLARSSL_MPI_WINDOW_SIZE */ +#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ +#endif /* !MBEDTLS_MPI_WINDOW_SIZE */ -#if !defined(POLARSSL_MPI_MAX_SIZE) +#if !defined(MBEDTLS_MPI_MAX_SIZE) /* * Maximum size of MPIs allowed in bits and bytes for user-MPIs. * ( Default: 512 bytes => 4096 bits, Maximum tested: 2048 bytes => 16384 bits ) * * Note: Calculations can results temporarily in larger MPIs. So the number - * of limbs required (POLARSSL_MPI_MAX_LIMBS) is higher. + * of limbs required (MBEDTLS_MPI_MAX_LIMBS) is higher. */ -#define POLARSSL_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ -#endif /* !POLARSSL_MPI_MAX_SIZE */ +#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ +#endif /* !MBEDTLS_MPI_MAX_SIZE */ -#define POLARSSL_MPI_MAX_BITS ( 8 * POLARSSL_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */ +#define MBEDTLS_MPI_MAX_BITS ( 8 * MBEDTLS_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */ /* - * When reading from files with mpi_read_file() and writing to files with - * mpi_write_file() the buffer should have space + * When reading from files with mbedtls_mpi_read_file() and writing to files with + * mbedtls_mpi_write_file() the buffer should have space * for a (short) label, the MPI (in the provided radix), the newline * characters and the '\0'. * * By default we assume at least a 10 char label, a minimum radix of 10 * (decimal) and a maximum of 4096 bit numbers (1234 decimal chars). * Autosized at compile time for at least a 10 char label, a minimum radix - * of 10 (decimal) for a number of POLARSSL_MPI_MAX_BITS size. + * of 10 (decimal) for a number of MBEDTLS_MPI_MAX_BITS size. * * This used to be statically sized to 1250 for a maximum of 4096 bit * numbers (1234 decimal chars). * * Calculate using the formula: - * POLARSSL_MPI_RW_BUFFER_SIZE = ceil(POLARSSL_MPI_MAX_BITS / ln(10) * ln(2)) + + * MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) + * LabelSize + 6 */ -#define POLARSSL_MPI_MAX_BITS_SCALE100 ( 100 * POLARSSL_MPI_MAX_BITS ) -#define LN_2_DIV_LN_10_SCALE100 332 -#define POLARSSL_MPI_RW_BUFFER_SIZE ( ((POLARSSL_MPI_MAX_BITS_SCALE100 + LN_2_DIV_LN_10_SCALE100 - 1) / LN_2_DIV_LN_10_SCALE100) + 10 + 6 ) +#define MBEDTLS_MPI_MAX_BITS_SCALE100 ( 100 * MBEDTLS_MPI_MAX_BITS ) +#define MBEDTLS_LN_2_DIV_LN_10_SCALE100 332 +#define MBEDTLS_MPI_RW_BUFFER_SIZE ( ((MBEDTLS_MPI_MAX_BITS_SCALE100 + MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6 ) /* - * Define the base integer type, architecture-wise + * Define the base integer type, architecture-wise. + * + * 32-bit integers can be forced on 64-bit arches (eg. for testing purposes) + * by defining MBEDTLS_HAVE_INT32 and undefining MBEDTLS_HAVE_ASM */ -#if defined(POLARSSL_HAVE_INT8) -typedef signed char t_sint; -typedef unsigned char t_uint; -typedef uint16_t t_udbl; -#define POLARSSL_HAVE_UDBL -#else -#if defined(POLARSSL_HAVE_INT16) -typedef int16_t t_sint; -typedef uint16_t t_uint; -typedef uint32_t t_udbl; -#define POLARSSL_HAVE_UDBL +#if ( ! defined(MBEDTLS_HAVE_INT32) && \ + defined(_MSC_VER) && defined(_M_AMD64) ) + #define MBEDTLS_HAVE_INT64 + typedef int64_t mbedtls_mpi_sint; + typedef uint64_t mbedtls_mpi_uint; #else - /* - * 32-bit integers can be forced on 64-bit arches (eg. for testing purposes) - * by defining POLARSSL_HAVE_INT32 and undefining POLARSSL_HAVE_ASM - */ - #if ( ! defined(POLARSSL_HAVE_INT32) && \ - defined(_MSC_VER) && defined(_M_AMD64) ) - #define POLARSSL_HAVE_INT64 - typedef int64_t t_sint; - typedef uint64_t t_uint; + #if ( ! defined(MBEDTLS_HAVE_INT32) && \ + defined(__GNUC__) && ( \ + defined(__amd64__) || defined(__x86_64__) || \ + defined(__ppc64__) || defined(__powerpc64__) || \ + defined(__ia64__) || defined(__alpha__) || \ + (defined(__sparc__) && defined(__arch64__)) || \ + defined(__s390x__) || defined(__mips64) ) ) + #define MBEDTLS_HAVE_INT64 + typedef int64_t mbedtls_mpi_sint; + typedef uint64_t mbedtls_mpi_uint; + typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI))); + #define MBEDTLS_HAVE_UDBL #else - #if ( ! defined(POLARSSL_HAVE_INT32) && \ - defined(__GNUC__) && ( \ - defined(__amd64__) || defined(__x86_64__) || \ - defined(__ppc64__) || defined(__powerpc64__) || \ - defined(__ia64__) || defined(__alpha__) || \ - (defined(__sparc__) && defined(__arch64__)) || \ - defined(__s390x__) || defined(__mips64) ) ) - #define POLARSSL_HAVE_INT64 - typedef int64_t t_sint; - typedef uint64_t t_uint; - typedef unsigned int t_udbl __attribute__((mode(TI))); - #define POLARSSL_HAVE_UDBL - #else - #define POLARSSL_HAVE_INT32 - typedef int32_t t_sint; - typedef uint32_t t_uint; - #if ( defined(_MSC_VER) && defined(_M_IX86) ) - typedef uint64_t t_udbl; - #define POLARSSL_HAVE_UDBL - #else - #if defined( POLARSSL_HAVE_LONGLONG ) - typedef unsigned long long t_udbl; - #define POLARSSL_HAVE_UDBL - #endif - #endif - #endif /* !POLARSSL_HAVE_INT32 && __GNUC__ && 64-bit platform */ - #endif /* !POLARSSL_HAVE_INT32 && _MSC_VER && _M_AMD64 */ -#endif /* POLARSSL_HAVE_INT16 */ -#endif /* POLARSSL_HAVE_INT8 */ + #define MBEDTLS_HAVE_INT32 + typedef int32_t mbedtls_mpi_sint; + typedef uint32_t mbedtls_mpi_uint; + typedef uint64_t mbedtls_t_udbl; + #define MBEDTLS_HAVE_UDBL + #endif /* !MBEDTLS_HAVE_INT32 && __GNUC__ && 64-bit platform */ +#endif /* !MBEDTLS_HAVE_INT32 && _MSC_VER && _M_AMD64 */ #ifdef __cplusplus extern "C" { @@ -183,9 +145,9 @@ typedef struct { int s; /*!< integer sign */ size_t n; /*!< total # of limbs */ - t_uint *p; /*!< pointer to limbs */ + mbedtls_mpi_uint *p; /*!< pointer to limbs */ } -mpi; +mbedtls_mpi; /** * \brief Initialize one MPI (make internal references valid) @@ -194,14 +156,14 @@ mpi; * * \param X One MPI to initialize. */ -void mpi_init( mpi *X ); +void mbedtls_mpi_init( mbedtls_mpi *X ); /** * \brief Unallocate one MPI * * \param X One MPI to unallocate. */ -void mpi_free( mpi *X ); +void mbedtls_mpi_free( mbedtls_mpi *X ); /** * \brief Enlarge to the specified number of limbs @@ -210,9 +172,9 @@ void mpi_free( mpi *X ); * \param nblimbs The target number of limbs * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_grow( mpi *X, size_t nblimbs ); +int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ); /** * \brief Resize down, keeping at least the specified number of limbs @@ -221,9 +183,9 @@ int mpi_grow( mpi *X, size_t nblimbs ); * \param nblimbs The minimum number of limbs to keep * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_shrink( mpi *X, size_t nblimbs ); +int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ); /** * \brief Copy the contents of Y into X @@ -232,9 +194,9 @@ int mpi_shrink( mpi *X, size_t nblimbs ); * \param Y Source MPI * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_copy( mpi *X, const mpi *Y ); +int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ); /** * \brief Swap the contents of X and Y @@ -242,7 +204,7 @@ int mpi_copy( mpi *X, const mpi *Y ); * \param X First MPI value * \param Y Second MPI value */ -void mpi_swap( mpi *X, mpi *Y ); +void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ); /** * \brief Safe conditional assignement X = Y if assign is 1 @@ -252,35 +214,35 @@ void mpi_swap( mpi *X, mpi *Y ); * \param assign 1: perform the assignment, 0: keep X's original value * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, * * \note This function is equivalent to - * if( assign ) mpi_copy( X, Y ); + * if( assign ) mbedtls_mpi_copy( X, Y ); * except that it avoids leaking any information about whether * the assignment was done or not (the above code may leak * information through branch prediction and/or memory access * patterns analysis). */ -int mpi_safe_cond_assign( mpi *X, const mpi *Y, unsigned char assign ); +int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign ); /** * \brief Safe conditional swap X <-> Y if swap is 1 * - * \param X First mpi value - * \param Y Second mpi value + * \param X First mbedtls_mpi value + * \param Y Second mbedtls_mpi value * \param assign 1: perform the swap, 0: keep X and Y's original values * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, * * \note This function is equivalent to - * if( assign ) mpi_swap( X, Y ); + * if( assign ) mbedtls_mpi_swap( X, Y ); * except that it avoids leaking any information about whether * the assignment was done or not (the above code may leak * information through branch prediction and/or memory access * patterns analysis). */ -int mpi_safe_cond_swap( mpi *X, mpi *Y, unsigned char assign ); +int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char assign ); /** * \brief Set value from integer @@ -289,9 +251,9 @@ int mpi_safe_cond_swap( mpi *X, mpi *Y, unsigned char assign ); * \param z Value to use * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_lset( mpi *X, t_sint z ); +int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ); /** * \brief Get a specific bit from X @@ -301,7 +263,7 @@ int mpi_lset( mpi *X, t_sint z ); * * \return Either a 0 or a 1 */ -int mpi_get_bit( const mpi *X, size_t pos ); +int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos ); /** * \brief Set a bit of X to a specific value of 0 or 1 @@ -314,10 +276,10 @@ int mpi_get_bit( const mpi *X, size_t pos ); * \param val The value to set the bit to (0 or 1) * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_BAD_INPUT_DATA if val is not 0 or 1 + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if val is not 0 or 1 */ -int mpi_set_bit( mpi *X, size_t pos, unsigned char val ); +int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val ); /** * \brief Return the number of zero-bits before the least significant @@ -327,7 +289,7 @@ int mpi_set_bit( mpi *X, size_t pos, unsigned char val ); * * \param X MPI to use */ -size_t mpi_lsb( const mpi *X ); +size_t mbedtls_mpi_lsb( const mbedtls_mpi *X ); /** * \brief Return the number of bits up to and including the most @@ -337,14 +299,14 @@ size_t mpi_lsb( const mpi *X ); * * \param X MPI to use */ -size_t mpi_msb( const mpi *X ); +size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X ); /** * \brief Return the total size in bytes * * \param X MPI to use */ -size_t mpi_size( const mpi *X ); +size_t mbedtls_mpi_size( const mbedtls_mpi *X ); /** * \brief Import from an ASCII string @@ -353,28 +315,30 @@ size_t mpi_size( const mpi *X ); * \param radix Input numeric base * \param s Null-terminated string buffer * - * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code + * \return 0 if successful, or a MBEDTLS_ERR_MPI_XXX error code */ -int mpi_read_string( mpi *X, int radix, const char *s ); +int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ); /** * \brief Export into an ASCII string * * \param X Source MPI * \param radix Output numeric base - * \param s String buffer - * \param slen String buffer size + * \param buf Buffer to write the string to + * \param buflen Length of buf + * \param olen Length of the string written, including final NUL byte * - * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code. - * *slen is always updated to reflect the amount + * \return 0 if successful, or a MBEDTLS_ERR_MPI_XXX error code. + * *olen is always updated to reflect the amount * of data that has (or would have) been written. * - * \note Call this function with *slen = 0 to obtain the - * minimum required buffer size in *slen. + * \note Call this function with buflen = 0 to obtain the + * minimum required buffer size in *olen. */ -int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen ); +int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, + char *buf, size_t buflen, size_t *olen ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /** * \brief Read X from an opened file * @@ -382,11 +346,11 @@ int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen ); * \param radix Input numeric base * \param fin Input file handle * - * \return 0 if successful, POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if + * \return 0 if successful, MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if * the file read buffer is too small or a - * POLARSSL_ERR_MPI_XXX error code + * MBEDTLS_ERR_MPI_XXX error code */ -int mpi_read_file( mpi *X, int radix, FILE *fin ); +int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ); /** * \brief Write X into an opened file, or stdout if fout is NULL @@ -396,12 +360,12 @@ int mpi_read_file( mpi *X, int radix, FILE *fin ); * \param radix Output numeric base * \param fout Output file handle (can be NULL) * - * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code + * \return 0 if successful, or a MBEDTLS_ERR_MPI_XXX error code * * \note Set fout == NULL to print X on the console. */ -int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ); -#endif /* POLARSSL_FS_IO */ +int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE *fout ); +#endif /* MBEDTLS_FS_IO */ /** * \brief Import X from unsigned binary data, big endian @@ -411,9 +375,9 @@ int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ); * \param buflen Input buffer size * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen ); +int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen ); /** * \brief Export X into unsigned binary data, big endian. @@ -425,9 +389,9 @@ int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen ); * \param buflen Output buffer size * * \return 0 if successful, - * POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough + * MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough */ -int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen ); +int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, size_t buflen ); /** * \brief Left-shift: X <<= count @@ -436,9 +400,9 @@ int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen ); * \param count Amount to shift * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_shift_l( mpi *X, size_t count ); +int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ); /** * \brief Right-shift: X >>= count @@ -447,9 +411,9 @@ int mpi_shift_l( mpi *X, size_t count ); * \param count Amount to shift * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_shift_r( mpi *X, size_t count ); +int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ); /** * \brief Compare unsigned values @@ -461,7 +425,7 @@ int mpi_shift_r( mpi *X, size_t count ); * -1 if |X| is lesser than |Y| or * 0 if |X| is equal to |Y| */ -int mpi_cmp_abs( const mpi *X, const mpi *Y ); +int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ); /** * \brief Compare signed values @@ -473,7 +437,7 @@ int mpi_cmp_abs( const mpi *X, const mpi *Y ); * -1 if X is lesser than Y or * 0 if X is equal to Y */ -int mpi_cmp_mpi( const mpi *X, const mpi *Y ); +int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ); /** * \brief Compare signed values @@ -485,7 +449,7 @@ int mpi_cmp_mpi( const mpi *X, const mpi *Y ); * -1 if X is lesser than z or * 0 if X is equal to z */ -int mpi_cmp_int( const mpi *X, t_sint z ); +int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ); /** * \brief Unsigned addition: X = |A| + |B| @@ -495,9 +459,9 @@ int mpi_cmp_int( const mpi *X, t_sint z ); * \param B Right-hand MPI * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ); +int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ); /** * \brief Unsigned subtraction: X = |A| - |B| @@ -507,9 +471,9 @@ int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ); * \param B Right-hand MPI * * \return 0 if successful, - * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A + * MBEDTLS_ERR_MPI_NEGATIVE_VALUE if B is greater than A */ -int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ); +int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ); /** * \brief Signed addition: X = A + B @@ -519,9 +483,9 @@ int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ); * \param B Right-hand MPI * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B ); +int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ); /** * \brief Signed subtraction: X = A - B @@ -531,9 +495,9 @@ int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B ); * \param B Right-hand MPI * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B ); +int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ); /** * \brief Signed addition: X = A + b @@ -543,9 +507,9 @@ int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B ); * \param b The integer value to add * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_add_int( mpi *X, const mpi *A, t_sint b ); +int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ); /** * \brief Signed subtraction: X = A - b @@ -555,9 +519,9 @@ int mpi_add_int( mpi *X, const mpi *A, t_sint b ); * \param b The integer value to subtract * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_sub_int( mpi *X, const mpi *A, t_sint b ); +int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ); /** * \brief Baseline multiplication: X = A * B @@ -567,27 +531,26 @@ int mpi_sub_int( mpi *X, const mpi *A, t_sint b ); * \param B Right-hand MPI * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ); +int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ); /** * \brief Baseline multiplication: X = A * b - * Note: despite the functon signature, b is treated as a - * t_uint. Negative values of b are treated as large positive - * values. * * \param X Destination MPI * \param A Left-hand MPI - * \param b The integer value to multiply with + * \param b The unsigned integer value to multiply with + * + * \note b is unsigned * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_mul_int( mpi *X, const mpi *A, t_sint b ); +int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b ); /** - * \brief Division by mpi: A = Q * B + R + * \brief Division by mbedtls_mpi: A = Q * B + R * * \param Q Destination MPI for the quotient * \param R Destination MPI for the rest value @@ -595,12 +558,12 @@ int mpi_mul_int( mpi *X, const mpi *A, t_sint b ); * \param B Right-hand MPI * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0 + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if B == 0 * * \note Either Q or R can be NULL. */ -int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ); +int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ); /** * \brief Division by int: A = Q * b + R @@ -611,12 +574,12 @@ int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ); * \param b Integer to divide by * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0 + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if b == 0 * * \note Either Q or R can be NULL. */ -int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_sint b ); +int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, mbedtls_mpi_sint b ); /** * \brief Modulo: R = A mod B @@ -626,25 +589,25 @@ int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_sint b ); * \param B Right-hand MPI * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0, - * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B < 0 + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if B == 0, + * MBEDTLS_ERR_MPI_NEGATIVE_VALUE if B < 0 */ -int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B ); +int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ); /** * \brief Modulo: r = A mod b * - * \param r Destination t_uint + * \param r Destination mbedtls_mpi_uint * \param A Left-hand MPI * \param b Integer to divide by * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0, - * POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0 + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if b == 0, + * MBEDTLS_ERR_MPI_NEGATIVE_VALUE if b < 0 */ -int mpi_mod_int( t_uint *r, const mpi *A, t_sint b ); +int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b ); /** * \brief Sliding-window exponentiation: X = A^E mod N @@ -656,15 +619,15 @@ int mpi_mod_int( t_uint *r, const mpi *A, t_sint b ); * \param _RR Speed-up MPI used for recalculations * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even or + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if N is negative or even or * if E is negative * * \note _RR is used to avoid re-computing R*R mod N across * multiple calls, which speeds up things a bit. It can * be set to NULL if the extra performance is unneeded. */ -int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ); +int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, mbedtls_mpi *_RR ); /** * \brief Fill an MPI X with size bytes of random @@ -675,9 +638,9 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ); * \param p_rng RNG parameter * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_fill_random( mpi *X, size_t size, +int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -689,9 +652,9 @@ int mpi_fill_random( mpi *X, size_t size, * \param B Right-hand MPI * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mpi_gcd( mpi *G, const mpi *A, const mpi *B ); +int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B ); /** * \brief Modular inverse: X = A^-1 mod N @@ -701,11 +664,11 @@ int mpi_gcd( mpi *G, const mpi *A, const mpi *B ); * \param N Right-hand MPI * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil - POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if N is negative or nil + MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N */ -int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N ); +int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N ); /** * \brief Miller-Rabin primality test @@ -715,10 +678,10 @@ int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N ); * \param p_rng RNG parameter * * \return 0 if successful (probably prime), - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if X is not prime */ -int mpi_is_prime( mpi *X, +int mbedtls_mpi_is_prime( const mbedtls_mpi *X, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -727,16 +690,16 @@ int mpi_is_prime( mpi *X, * * \param X Destination MPI * \param nbits Required size of X in bits - * ( 3 <= nbits <= POLARSSL_MPI_MAX_BITS ) + * ( 3 <= nbits <= MBEDTLS_MPI_MAX_BITS ) * \param dh_flag If 1, then (X-1)/2 will be prime too * \param f_rng RNG function * \param p_rng RNG parameter * * \return 0 if successful (probably prime), - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3 + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if nbits is < 3 */ -int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, +int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -745,7 +708,7 @@ int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, * * \return 0 if successful, or 1 if the test failed */ -int mpi_self_test( int verbose ); +int mbedtls_mpi_self_test( int verbose ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/blowfish.h b/ext/mbedtls/include/mbedtls/blowfish.h similarity index 66% rename from ext/mbedtls/include/polarssl/blowfish.h rename to ext/mbedtls/include/mbedtls/blowfish.h index 21ba7d463f..a829d80d9c 100644 --- a/ext/mbedtls/include/polarssl/blowfish.h +++ b/ext/mbedtls/include/mbedtls/blowfish.h @@ -21,35 +21,29 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_BLOWFISH_H -#define POLARSSL_BLOWFISH_H +#ifndef MBEDTLS_BLOWFISH_H +#define MBEDTLS_BLOWFISH_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include +#include -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif - -#define BLOWFISH_ENCRYPT 1 -#define BLOWFISH_DECRYPT 0 -#define BLOWFISH_MAX_KEY 448 -#define BLOWFISH_MIN_KEY 32 -#define BLOWFISH_ROUNDS 16 /**< Rounds to use. When increasing this value, make sure to extend the initialisation vectors */ -#define BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */ +#define MBEDTLS_BLOWFISH_ENCRYPT 1 +#define MBEDTLS_BLOWFISH_DECRYPT 0 +#define MBEDTLS_BLOWFISH_MAX_KEY_BITS 448 +#define MBEDTLS_BLOWFISH_MIN_KEY_BITS 32 +#define MBEDTLS_BLOWFISH_ROUNDS 16 /**< Rounds to use. When increasing this value, make sure to extend the initialisation vectors */ +#define MBEDTLS_BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */ -#define POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH -0x0016 /**< Invalid key length. */ -#define POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */ +#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH -0x0016 /**< Invalid key length. */ +#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */ -#if !defined(POLARSSL_BLOWFISH_ALT) +#if !defined(MBEDTLS_BLOWFISH_ALT) // Regular implementation // @@ -62,53 +56,53 @@ extern "C" { */ typedef struct { - uint32_t P[BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */ + uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */ uint32_t S[4][256]; /*!< key dependent S-boxes */ } -blowfish_context; +mbedtls_blowfish_context; /** * \brief Initialize Blowfish context * * \param ctx Blowfish context to be initialized */ -void blowfish_init( blowfish_context *ctx ); +void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ); /** * \brief Clear Blowfish context * * \param ctx Blowfish context to be cleared */ -void blowfish_free( blowfish_context *ctx ); +void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ); /** * \brief Blowfish key schedule * * \param ctx Blowfish context to be initialized * \param key encryption key - * \param keysize must be between 32 and 448 bits + * \param keybits must be between 32 and 448 bits * - * \return 0 if successful, or POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH + * \return 0 if successful, or MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH */ -int blowfish_setkey( blowfish_context *ctx, const unsigned char *key, - unsigned int keysize ); +int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key, + unsigned int keybits ); /** * \brief Blowfish-ECB block encryption/decryption * * \param ctx Blowfish context - * \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT + * \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT * \param input 8-byte input block * \param output 8-byte output block * * \return 0 if successful */ -int blowfish_crypt_ecb( blowfish_context *ctx, +int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, int mode, - const unsigned char input[BLOWFISH_BLOCKSIZE], - unsigned char output[BLOWFISH_BLOCKSIZE] ); + const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE], + unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] ); -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /** * \brief Blowfish-CBC buffer encryption/decryption * Length should be a multiple of the block @@ -123,24 +117,24 @@ int blowfish_crypt_ecb( blowfish_context *ctx, * module instead. * * \param ctx Blowfish context - * \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT + * \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT * \param length length of the input data * \param iv initialization vector (updated after use) * \param input buffer holding the input data * \param output buffer holding the output data * * \return 0 if successful, or - * POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH + * MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH */ -int blowfish_crypt_cbc( blowfish_context *ctx, +int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, int mode, size_t length, - unsigned char iv[BLOWFISH_BLOCKSIZE], + unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], const unsigned char *input, unsigned char *output ); -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) /** * \brief Blowfish CFB buffer encryption/decryption. * @@ -153,7 +147,7 @@ int blowfish_crypt_cbc( blowfish_context *ctx, * module instead. * * \param ctx Blowfish context - * \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT + * \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT * \param length length of the input data * \param iv_off offset in IV (updated after use) * \param iv initialization vector (updated after use) @@ -162,16 +156,16 @@ int blowfish_crypt_cbc( blowfish_context *ctx, * * \return 0 if successful */ -int blowfish_crypt_cfb64( blowfish_context *ctx, +int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, int mode, size_t length, size_t *iv_off, - unsigned char iv[BLOWFISH_BLOCKSIZE], + unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], const unsigned char *input, unsigned char *output ); -#endif /*POLARSSL_CIPHER_MODE_CFB */ +#endif /*MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) /** * \brief Blowfish-CTR buffer encryption/decryption * @@ -190,21 +184,21 @@ int blowfish_crypt_cfb64( blowfish_context *ctx, * * \return 0 if successful */ -int blowfish_crypt_ctr( blowfish_context *ctx, +int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx, size_t length, size_t *nc_off, - unsigned char nonce_counter[BLOWFISH_BLOCKSIZE], - unsigned char stream_block[BLOWFISH_BLOCKSIZE], + unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE], + unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE], const unsigned char *input, unsigned char *output ); -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ #ifdef __cplusplus } #endif -#else /* POLARSSL_BLOWFISH_ALT */ +#else /* MBEDTLS_BLOWFISH_ALT */ #include "blowfish_alt.h" -#endif /* POLARSSL_BLOWFISH_ALT */ +#endif /* MBEDTLS_BLOWFISH_ALT */ #endif /* blowfish.h */ diff --git a/ext/mbedtls/include/polarssl/bn_mul.h b/ext/mbedtls/include/mbedtls/bn_mul.h similarity index 98% rename from ext/mbedtls/include/polarssl/bn_mul.h rename to ext/mbedtls/include/mbedtls/bn_mul.h index b2eb1e8c7f..188d7f3bbb 100644 --- a/ext/mbedtls/include/polarssl/bn_mul.h +++ b/ext/mbedtls/include/mbedtls/bn_mul.h @@ -35,16 +35,18 @@ * . Alpha . MIPS32 * . C, longlong . C, generic */ -#ifndef POLARSSL_BN_MUL_H -#define POLARSSL_BN_MUL_H +#ifndef MBEDTLS_BN_MUL_H +#define MBEDTLS_BN_MUL_H #include "bignum.h" -#if defined(POLARSSL_HAVE_ASM) +#if defined(MBEDTLS_HAVE_ASM) -/* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */ -#if defined(__GNUC__) && \ - ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) +#ifndef asm +#define asm __asm +#endif + +#if defined(__GNUC__) #if defined(__i386__) #define MULADDC_INIT \ @@ -65,7 +67,7 @@ "movl %%edx, %%ecx \n\t" \ "stosl \n\t" -#if defined(POLARSSL_HAVE_SSE2) +#if defined(MBEDTLS_HAVE_SSE2) #define MULADDC_HUIT \ "movd %%ecx, %%mm1 \n\t" \ @@ -737,7 +739,7 @@ __asm mov ecx, edx \ __asm stosd -#if defined(POLARSSL_HAVE_SSE2) +#if defined(MBEDTLS_HAVE_SSE2) #define EMIT __asm _emit @@ -820,20 +822,20 @@ #endif /* SSE2 */ #endif /* MSVC */ -#endif /* POLARSSL_HAVE_ASM */ +#endif /* MBEDTLS_HAVE_ASM */ #if !defined(MULADDC_CORE) -#if defined(POLARSSL_HAVE_UDBL) +#if defined(MBEDTLS_HAVE_UDBL) #define MULADDC_INIT \ { \ - t_udbl r; \ - t_uint r0, r1; + mbedtls_t_udbl r; \ + mbedtls_mpi_uint r0, r1; #define MULADDC_CORE \ - r = *(s++) * (t_udbl) b; \ - r0 = (t_uint) r; \ - r1 = (t_uint)( r >> biL ); \ + r = *(s++) * (mbedtls_t_udbl) b; \ + r0 = (mbedtls_mpi_uint) r; \ + r1 = (mbedtls_mpi_uint)( r >> biL ); \ r0 += c; r1 += (r0 < c); \ r0 += *d; r1 += (r0 < *d); \ c = r1; *(d++) = r0; @@ -844,8 +846,8 @@ #else #define MULADDC_INIT \ { \ - t_uint s0, s1, b0, b1; \ - t_uint r0, r1, rx, ry; \ + mbedtls_mpi_uint s0, s1, b0, b1; \ + mbedtls_mpi_uint r0, r1, rx, ry; \ b0 = ( b << biH ) >> biH; \ b1 = ( b >> biH ); diff --git a/ext/mbedtls/include/polarssl/camellia.h b/ext/mbedtls/include/mbedtls/camellia.h similarity index 72% rename from ext/mbedtls/include/polarssl/camellia.h rename to ext/mbedtls/include/mbedtls/camellia.h index 03218d18e0..37675d11c5 100644 --- a/ext/mbedtls/include/polarssl/camellia.h +++ b/ext/mbedtls/include/mbedtls/camellia.h @@ -21,31 +21,25 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_CAMELLIA_H -#define POLARSSL_CAMELLIA_H +#ifndef MBEDTLS_CAMELLIA_H +#define MBEDTLS_CAMELLIA_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include +#include -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif - -#define CAMELLIA_ENCRYPT 1 -#define CAMELLIA_DECRYPT 0 +#define MBEDTLS_CAMELLIA_ENCRYPT 1 +#define MBEDTLS_CAMELLIA_DECRYPT 0 -#define POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */ -#define POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */ +#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */ +#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */ -#if !defined(POLARSSL_CAMELLIA_ALT) +#if !defined(MBEDTLS_CAMELLIA_ALT) // Regular implementation // @@ -61,62 +55,62 @@ typedef struct int nr; /*!< number of rounds */ uint32_t rk[68]; /*!< CAMELLIA round keys */ } -camellia_context; +mbedtls_camellia_context; /** * \brief Initialize CAMELLIA context * * \param ctx CAMELLIA context to be initialized */ -void camellia_init( camellia_context *ctx ); +void mbedtls_camellia_init( mbedtls_camellia_context *ctx ); /** * \brief Clear CAMELLIA context * * \param ctx CAMELLIA context to be cleared */ -void camellia_free( camellia_context *ctx ); +void mbedtls_camellia_free( mbedtls_camellia_context *ctx ); /** * \brief CAMELLIA key schedule (encryption) * * \param ctx CAMELLIA context to be initialized * \param key encryption key - * \param keysize must be 128, 192 or 256 + * \param keybits must be 128, 192 or 256 * - * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH + * \return 0 if successful, or MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH */ -int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, - unsigned int keysize ); +int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned char *key, + unsigned int keybits ); /** * \brief CAMELLIA key schedule (decryption) * * \param ctx CAMELLIA context to be initialized * \param key decryption key - * \param keysize must be 128, 192 or 256 + * \param keybits must be 128, 192 or 256 * - * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH + * \return 0 if successful, or MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH */ -int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, - unsigned int keysize ); +int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, const unsigned char *key, + unsigned int keybits ); /** * \brief CAMELLIA-ECB block encryption/decryption * * \param ctx CAMELLIA context - * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT + * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT * \param input 16-byte input block * \param output 16-byte output block * * \return 0 if successful */ -int camellia_crypt_ecb( camellia_context *ctx, +int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, int mode, const unsigned char input[16], unsigned char output[16] ); -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /** * \brief CAMELLIA-CBC buffer encryption/decryption * Length should be a multiple of the block @@ -131,30 +125,30 @@ int camellia_crypt_ecb( camellia_context *ctx, * module instead. * * \param ctx CAMELLIA context - * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT + * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT * \param length length of the input data * \param iv initialization vector (updated after use) * \param input buffer holding the input data * \param output buffer holding the output data * * \return 0 if successful, or - * POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH + * MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH */ -int camellia_crypt_cbc( camellia_context *ctx, +int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, int mode, size_t length, unsigned char iv[16], const unsigned char *input, unsigned char *output ); -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) /** * \brief CAMELLIA-CFB128 buffer encryption/decryption * * Note: Due to the nature of CFB you should use the same key schedule for * both encryption and decryption. So a context initialized with - * camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT. + * mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT. * * \note Upon exit, the content of the IV is updated so that you can * call the function same function again on the following @@ -165,7 +159,7 @@ int camellia_crypt_cbc( camellia_context *ctx, * module instead. * * \param ctx CAMELLIA context - * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT + * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT * \param length length of the input data * \param iv_off offset in IV (updated after use) * \param iv initialization vector (updated after use) @@ -173,18 +167,18 @@ int camellia_crypt_cbc( camellia_context *ctx, * \param output buffer holding the output data * * \return 0 if successful, or - * POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH + * MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH */ -int camellia_crypt_cfb128( camellia_context *ctx, +int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, int mode, size_t length, size_t *iv_off, unsigned char iv[16], const unsigned char *input, unsigned char *output ); -#endif /* POLARSSL_CIPHER_MODE_CFB */ +#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) /** * \brief CAMELLIA-CTR buffer encryption/decryption * @@ -192,7 +186,7 @@ int camellia_crypt_cfb128( camellia_context *ctx, * * Note: Due to the nature of CTR you should use the same key schedule for * both encryption and decryption. So a context initialized with - * camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIA_DECRYPT. + * mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and MBEDTLS_CAMELLIA_DECRYPT. * * \param ctx CAMELLIA context * \param length The length of the data @@ -207,22 +201,22 @@ int camellia_crypt_cfb128( camellia_context *ctx, * * \return 0 if successful */ -int camellia_crypt_ctr( camellia_context *ctx, +int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, size_t length, size_t *nc_off, unsigned char nonce_counter[16], unsigned char stream_block[16], const unsigned char *input, unsigned char *output ); -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ #ifdef __cplusplus } #endif -#else /* POLARSSL_CAMELLIA_ALT */ +#else /* MBEDTLS_CAMELLIA_ALT */ #include "camellia_alt.h" -#endif /* POLARSSL_CAMELLIA_ALT */ +#endif /* MBEDTLS_CAMELLIA_ALT */ #ifdef __cplusplus extern "C" { @@ -233,7 +227,7 @@ extern "C" { * * \return 0 if successful, or 1 if the test failed */ -int camellia_self_test( int verbose ); +int mbedtls_camellia_self_test( int verbose ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/ccm.h b/ext/mbedtls/include/mbedtls/ccm.h similarity index 74% rename from ext/mbedtls/include/polarssl/ccm.h rename to ext/mbedtls/include/mbedtls/ccm.h index f1f24bda05..a1dba4fda9 100644 --- a/ext/mbedtls/include/polarssl/ccm.h +++ b/ext/mbedtls/include/mbedtls/ccm.h @@ -21,13 +21,13 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_CCM_H -#define POLARSSL_CCM_H +#ifndef MBEDTLS_CCM_H +#define MBEDTLS_CCM_H #include "cipher.h" -#define POLARSSL_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to function. */ -#define POLARSSL_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */ +#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */ #ifdef __cplusplus extern "C" { @@ -37,9 +37,18 @@ extern "C" { * \brief CCM context structure */ typedef struct { - cipher_context_t cipher_ctx; /*!< cipher context used */ + mbedtls_cipher_context_t cipher_ctx; /*!< cipher context used */ } -ccm_context; +mbedtls_ccm_context; + +/** + * \brief Initialize CCM context (just makes references valid) + * Makes the context ready for mbedtls_ccm_setkey() or + * mbedtls_ccm_free(). + * + * \param ctx CCM context to initialize + */ +void mbedtls_ccm_init( mbedtls_ccm_context *ctx ); /** * \brief CCM initialization (encryption and decryption) @@ -47,19 +56,21 @@ ccm_context; * \param ctx CCM context to be initialized * \param cipher cipher to use (a 128-bit block cipher) * \param key encryption key - * \param keysize key size in bits (must be acceptable by the cipher) + * \param keybits key size in bits (must be acceptable by the cipher) * * \return 0 if successful, or a cipher specific error code */ -int ccm_init( ccm_context *ctx, cipher_id_t cipher, - const unsigned char *key, unsigned int keysize ); +int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits ); /** * \brief Free a CCM context and underlying cipher sub-context * * \param ctx CCM context to free */ -void ccm_free( ccm_context *ctx ); +void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); /** * \brief CCM buffer encryption @@ -86,7 +97,7 @@ void ccm_free( ccm_context *ctx ); * * \return 0 if successful */ -int ccm_encrypt_and_tag( ccm_context *ctx, size_t length, +int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, @@ -107,25 +118,25 @@ int ccm_encrypt_and_tag( ccm_context *ctx, size_t length, * \param tag_len length of the tag * * \return 0 if successful and authenticated, - * POLARSSL_ERR_CCM_AUTH_FAILED if tag does not match + * MBEDTLS_ERR_CCM_AUTH_FAILED if tag does not match */ -int ccm_auth_decrypt( ccm_context *ctx, size_t length, +int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len ); -#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) +#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) /** * \brief Checkup routine * * \return 0 if successful, or 1 if the test failed */ -int ccm_self_test( int verbose ); -#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ +int mbedtls_ccm_self_test( int verbose ); +#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #ifdef __cplusplus } #endif -#endif /* POLARSSL_CGM_H */ +#endif /* MBEDTLS_CCM_H */ diff --git a/ext/mbedtls/include/mbedtls/certs.h b/ext/mbedtls/include/mbedtls/certs.h new file mode 100644 index 0000000000..d0aa555c9e --- /dev/null +++ b/ext/mbedtls/include/mbedtls/certs.h @@ -0,0 +1,100 @@ +/** + * \file certs.h + * + * \brief Sample certificates and DHM parameters for testing + * + * Copyright (C) 2006-2010, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_CERTS_H +#define MBEDTLS_CERTS_H + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#if defined(MBEDTLS_PEM_PARSE_C) +/* Concatenation of all CA certificates in PEM format if available */ +extern const char mbedtls_test_cas_pem[]; +extern const size_t mbedtls_test_cas_pem_len; +#endif + +/* List of all CA certificates, terminated by NULL */ +extern const char * mbedtls_test_cas[]; +extern const size_t mbedtls_test_cas_len[]; + +/* + * Convenience for users who just want a certificate: + * RSA by default, or ECDSA if RSA is not available + */ +extern const char * mbedtls_test_ca_crt; +extern const size_t mbedtls_test_ca_crt_len; +extern const char * mbedtls_test_ca_key; +extern const size_t mbedtls_test_ca_key_len; +extern const char * mbedtls_test_ca_pwd; +extern const size_t mbedtls_test_ca_pwd_len; +extern const char * mbedtls_test_srv_crt; +extern const size_t mbedtls_test_srv_crt_len; +extern const char * mbedtls_test_srv_key; +extern const size_t mbedtls_test_srv_key_len; +extern const char * mbedtls_test_cli_crt; +extern const size_t mbedtls_test_cli_crt_len; +extern const char * mbedtls_test_cli_key; +extern const size_t mbedtls_test_cli_key_len; + +#if defined(MBEDTLS_ECDSA_C) +extern const char mbedtls_test_ca_crt_ec[]; +extern const size_t mbedtls_test_ca_crt_ec_len; +extern const char mbedtls_test_ca_key_ec[]; +extern const size_t mbedtls_test_ca_key_ec_len; +extern const char mbedtls_test_ca_pwd_ec[]; +extern const size_t mbedtls_test_ca_pwd_ec_len; +extern const char mbedtls_test_srv_crt_ec[]; +extern const size_t mbedtls_test_srv_crt_ec_len; +extern const char mbedtls_test_srv_key_ec[]; +extern const size_t mbedtls_test_srv_key_ec_len; +extern const char mbedtls_test_cli_crt_ec[]; +extern const size_t mbedtls_test_cli_crt_ec_len; +extern const char mbedtls_test_cli_key_ec[]; +extern const size_t mbedtls_test_cli_key_ec_len; +#endif + +#if defined(MBEDTLS_RSA_C) +extern const char mbedtls_test_ca_crt_rsa[]; +extern const size_t mbedtls_test_ca_crt_rsa_len; +extern const char mbedtls_test_ca_key_rsa[]; +extern const size_t mbedtls_test_ca_key_rsa_len; +extern const char mbedtls_test_ca_pwd_rsa[]; +extern const size_t mbedtls_test_ca_pwd_rsa_len; +extern const char mbedtls_test_srv_crt_rsa[]; +extern const size_t mbedtls_test_srv_crt_rsa_len; +extern const char mbedtls_test_srv_key_rsa[]; +extern const size_t mbedtls_test_srv_key_rsa_len; +extern const char mbedtls_test_cli_crt_rsa[]; +extern const size_t mbedtls_test_cli_crt_rsa_len; +extern const char mbedtls_test_cli_key_rsa[]; +extern const size_t mbedtls_test_cli_key_rsa_len; +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* certs.h */ diff --git a/ext/mbedtls/include/mbedtls/check_config.h b/ext/mbedtls/include/mbedtls/check_config.h new file mode 100644 index 0000000000..87054c7073 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/check_config.h @@ -0,0 +1,520 @@ +/** + * \file check_config.h + * + * \brief Consistency checks for configuration options + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +/* + * It is recommended to include this file from your config.h + * in order to catch dependency issues early. + */ + +#ifndef MBEDTLS_CHECK_CONFIG_H +#define MBEDTLS_CHECK_CONFIG_H + +/* + * We assume CHAR_BIT is 8 in many places. In practice, this is true on our + * target platforms, so not an issue, but let's just be extra sure. + */ +#include +#if CHAR_BIT != 8 +#error "mbed TLS requires a platform with 8-bit chars" +#endif + +#if defined(_WIN32) +#if !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_C is required on Windows" +#endif + +/* Fix the config here. Not convenient to put an #ifdef _WIN32 in config.h as + * it would confuse config.pl. */ +#if !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && \ + !defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) +#define MBEDTLS_PLATFORM_SNPRINTF_ALT +#endif +#endif /* _WIN32 */ + +#if defined(MBEDTLS_DEPRECATED_WARNING) && \ + !defined(__GNUC__) && !defined(__clang__) +#error "MBEDTLS_DEPRECATED_WARNING only works with GCC and Clang" +#endif + +#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_HAVE_TIME) +#error "MBEDTLS_HAVE_TIME_DATE without MBEDTLS_HAVE_TIME does not make sense" +#endif + +#if defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_HAVE_ASM) +#error "MBEDTLS_AESNI_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C) +#error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_DHM_C) && !defined(MBEDTLS_BIGNUM_C) +#error "MBEDTLS_DHM_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C) +#error "MBEDTLS_ECDH_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_ECDSA_C) && \ + ( !defined(MBEDTLS_ECP_C) || \ + !defined(MBEDTLS_ASN1_PARSE_C) || \ + !defined(MBEDTLS_ASN1_WRITE_C) ) +#error "MBEDTLS_ECDSA_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C) +#error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_ECP_C) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ + !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) ) ) +#error "MBEDTLS_ECP_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) && \ + !defined(MBEDTLS_SHA256_C)) +#error "MBEDTLS_ENTROPY_C defined, but not all prerequisites" +#endif +#if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 64) +#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high" +#endif +#if defined(MBEDTLS_ENTROPY_C) && \ + ( !defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_ENTROPY_FORCE_SHA256) ) \ + && defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 32) +#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high" +#endif +#if defined(MBEDTLS_ENTROPY_C) && \ + defined(MBEDTLS_ENTROPY_FORCE_SHA256) && !defined(MBEDTLS_SHA256_C) +#error "MBEDTLS_ENTROPY_FORCE_SHA256 defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_GCM_C) && ( \ + !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) ) +#error "MBEDTLS_GCM_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_HAVEGE_C) && !defined(MBEDTLS_TIMING_C) +#error "MBEDTLS_HAVEGE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_HMAC_DRBG_C) && !defined(MBEDTLS_MD_C) +#error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \ + ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) ) +#error "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \ + ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) ) +#error "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(MBEDTLS_DHM_C) +#error "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \ + !defined(MBEDTLS_ECDH_C) +#error "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ + ( !defined(MBEDTLS_DHM_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) ) +#error "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ + ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_RSA_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) ) +#error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \ + ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \ + !defined(MBEDTLS_X509_CRT_PARSE_C) ) +#error "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) && \ + ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ + !defined(MBEDTLS_PKCS1_V15) ) +#error "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \ + ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ + !defined(MBEDTLS_PKCS1_V15) ) +#error "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ + ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) ) +#error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM) +#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PEM_PARSE_C) && !defined(MBEDTLS_BASE64_C) +#error "MBEDTLS_PEM_PARSE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PEM_WRITE_C) && !defined(MBEDTLS_BASE64_C) +#error "MBEDTLS_PEM_WRITE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PK_C) && \ + ( !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_C) ) +#error "MBEDTLS_PK_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_PK_C) +#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PK_WRITE_C) && !defined(MBEDTLS_PK_C) +#error "MBEDTLS_PK_WRITE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PKCS11_C) && !defined(MBEDTLS_PK_C) +#error "MBEDTLS_PKCS11_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_EXIT_ALT) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_EXIT_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_EXIT_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_EXIT) ||\ + defined(MBEDTLS_PLATFORM_EXIT_ALT) ) +#error "MBEDTLS_PLATFORM_EXIT_MACRO and MBEDTLS_PLATFORM_STD_EXIT/MBEDTLS_PLATFORM_EXIT_ALT cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_FPRINTF_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_FPRINTF_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_FPRINTF) ||\ + defined(MBEDTLS_PLATFORM_FPRINTF_ALT) ) +#error "MBEDTLS_PLATFORM_FPRINTF_MACRO and MBEDTLS_PLATFORM_STD_FPRINTF/MBEDTLS_PLATFORM_FPRINTF_ALT cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\ + ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) ) +#error "MBEDTLS_PLATFORM_FREE_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\ + defined(MBEDTLS_PLATFORM_STD_FREE) +#error "MBEDTLS_PLATFORM_FREE_MACRO and MBEDTLS_PLATFORM_STD_FREE cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && !defined(MBEDTLS_PLATFORM_CALLOC_MACRO) +#error "MBEDTLS_PLATFORM_CALLOC_MACRO must be defined if MBEDTLS_PLATFORM_FREE_MACRO is" +#endif + +#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\ + ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) ) +#error "MBEDTLS_PLATFORM_CALLOC_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\ + defined(MBEDTLS_PLATFORM_STD_CALLOC) +#error "MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && !defined(MBEDTLS_PLATFORM_FREE_MACRO) +#error "MBEDTLS_PLATFORM_FREE_MACRO must be defined if MBEDTLS_PLATFORM_CALLOC_MACRO is" +#endif + +#if defined(MBEDTLS_PLATFORM_MEMORY) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_MEMORY defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_PRINTF_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_PRINTF_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_PRINTF) ||\ + defined(MBEDTLS_PLATFORM_PRINTF_ALT) ) +#error "MBEDTLS_PLATFORM_PRINTF_MACRO and MBEDTLS_PLATFORM_STD_PRINTF/MBEDTLS_PLATFORM_PRINTF_ALT cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_SNPRINTF_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_SNPRINTF) ||\ + defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) ) +#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_SNPRINTF/MBEDTLS_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) &&\ + !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) +#error "MBEDTLS_PLATFORM_STD_MEM_HDR defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY) +#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY) +#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY) +#error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_EXIT) &&\ + !defined(MBEDTLS_PLATFORM_EXIT_ALT) +#error "MBEDTLS_PLATFORM_STD_EXIT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_FPRINTF) &&\ + !defined(MBEDTLS_PLATFORM_FPRINTF_ALT) +#error "MBEDTLS_PLATFORM_STD_FPRINTF defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_PRINTF) &&\ + !defined(MBEDTLS_PLATFORM_PRINTF_ALT) +#error "MBEDTLS_PLATFORM_STD_PRINTF defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF) &&\ + !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) +#error "MBEDTLS_PLATFORM_STD_SNPRINTF defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ + !defined(MBEDTLS_OID_C) ) +#error "MBEDTLS_RSA_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ + ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_PKCS1_V21) ) +#error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_PROTO_SSL3) && ( !defined(MBEDTLS_MD5_C) || \ + !defined(MBEDTLS_SHA1_C) ) +#error "MBEDTLS_SSL_PROTO_SSL3 defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1) && ( !defined(MBEDTLS_MD5_C) || \ + !defined(MBEDTLS_SHA1_C) ) +#error "MBEDTLS_SSL_PROTO_TLS1 defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) && ( !defined(MBEDTLS_MD5_C) || \ + !defined(MBEDTLS_SHA1_C) ) +#error "MBEDTLS_SSL_PROTO_TLS1_1 defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && ( !defined(MBEDTLS_SHA1_C) && \ + !defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA512_C) ) +#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_PROTO_DTLS) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_2) +#error "MBEDTLS_SSL_PROTO_DTLS defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_CLI_C) && !defined(MBEDTLS_SSL_TLS_C) +#error "MBEDTLS_SSL_CLI_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_TLS_C) && ( !defined(MBEDTLS_CIPHER_C) || \ + !defined(MBEDTLS_MD_C) ) +#error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_SRV_C) && !defined(MBEDTLS_SSL_TLS_C) +#error "MBEDTLS_SSL_SRV_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_TLS_C) && (!defined(MBEDTLS_SSL_PROTO_SSL3) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1) && !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_2)) +#error "MBEDTLS_SSL_TLS_C defined, but no protocols are active" +#endif + +#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) && !defined(MBEDTLS_SSL_PROTO_TLS1)) +#error "Illegal protocol selection" +#endif + +#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_TLS1) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) && !defined(MBEDTLS_SSL_PROTO_TLS1_1)) +#error "Illegal protocol selection" +#endif + +#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) && (!defined(MBEDTLS_SSL_PROTO_TLS1) || \ + !defined(MBEDTLS_SSL_PROTO_TLS1_1))) +#error "Illegal protocol selection" +#endif + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && !defined(MBEDTLS_SSL_PROTO_DTLS) +#error "MBEDTLS_SSL_DTLS_HELLO_VERIFY defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) && \ + ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ) +#error "MBEDTLS_SSL_DTLS_ANTI_REPLAY defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) && \ + ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ) +#error "MBEDTLS_SSL_DTLS_BADMAC_LIMIT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_2) +#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites" +#endif + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_2) +#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequsites" +#endif + +#if defined(MBEDTLS_SSL_TICKET_C) && !defined(MBEDTLS_CIPHER_C) +#error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) && \ + !defined(MBEDTLS_SSL_PROTO_SSL3) && !defined(MBEDTLS_SSL_PROTO_TLS1) +#error "MBEDTLS_SSL_CBC_RECORD_SPLITTING defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \ + !defined(MBEDTLS_X509_CRT_PARSE_C) +#error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_THREADING_PTHREAD) +#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL) +#error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites" +#endif +#define MBEDTLS_THREADING_IMPL +#endif + +#if defined(MBEDTLS_THREADING_ALT) +#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL) +#error "MBEDTLS_THREADING_ALT defined, but not all prerequisites" +#endif +#define MBEDTLS_THREADING_IMPL +#endif + +#if defined(MBEDTLS_THREADING_C) && !defined(MBEDTLS_THREADING_IMPL) +#error "MBEDTLS_THREADING_C defined, single threading implementation required" +#endif +#undef MBEDTLS_THREADING_IMPL + +#if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C) +#error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_USE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ + !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \ + !defined(MBEDTLS_PK_PARSE_C) ) +#error "MBEDTLS_X509_USE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_CREATE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ + !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_WRITE_C) || \ + !defined(MBEDTLS_PK_WRITE_C) ) +#error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) +#error "MBEDTLS_X509_CRT_PARSE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_CRL_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) +#error "MBEDTLS_X509_CRL_PARSE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_CSR_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) ) +#error "MBEDTLS_X509_CSR_PARSE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_CRT_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) ) +#error "MBEDTLS_X509_CRT_WRITE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_X509_CSR_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) ) +#error "MBEDTLS_X509_CSR_WRITE_C defined, but not all prerequisites" +#endif + +/* + * Avoid warning from -pedantic. This is a convenient place for this + * workaround since this is included by every single file before the + * #if defined(MBEDTLS_xxx_C) that results in emtpy translation units. + */ +typedef int mbedtls_iso_c_forbids_empty_translation_units; + +#endif /* MBEDTLS_CHECK_CONFIG_H */ diff --git a/ext/mbedtls/include/polarssl/cipher.h b/ext/mbedtls/include/mbedtls/cipher.h similarity index 57% rename from ext/mbedtls/include/polarssl/cipher.h rename to ext/mbedtls/include/mbedtls/cipher.h index 00c42c1d4d..7c2d303ad2 100644 --- a/ext/mbedtls/include/polarssl/cipher.h +++ b/ext/mbedtls/include/mbedtls/cipher.h @@ -24,224 +24,170 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_CIPHER_H -#define POLARSSL_CIPHER_H +#ifndef MBEDTLS_CIPHER_H +#define MBEDTLS_CIPHER_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include -#if defined(POLARSSL_GCM_C) || defined(POLARSSL_CCM_C) -#define POLARSSL_CIPHER_MODE_AEAD +#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) +#define MBEDTLS_CIPHER_MODE_AEAD #endif -#if defined(POLARSSL_CIPHER_MODE_CBC) -#define POLARSSL_CIPHER_MODE_WITH_PADDING +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#define MBEDTLS_CIPHER_MODE_WITH_PADDING #endif -#if defined(POLARSSL_ARC4_C) -#define POLARSSL_CIPHER_MODE_STREAM +#if defined(MBEDTLS_ARC4_C) +#define MBEDTLS_CIPHER_MODE_STREAM #endif -#if defined(_MSC_VER) && !defined(inline) -#define inline _inline -#else -#if defined(__ARMCC_VERSION) && !defined(inline) +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && !defined(inline) #define inline __inline -#endif /* __ARMCC_VERSION */ -#endif /*_MSC_VER */ +#endif -#define POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */ -#define POLARSSL_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */ -#define POLARSSL_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */ -#define POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */ -#define POLARSSL_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */ +#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */ +#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */ +#define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */ +#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */ +#define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */ -#define POLARSSL_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length */ -#define POLARSSL_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length */ +#define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length */ +#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length */ #ifdef __cplusplus extern "C" { #endif typedef enum { - POLARSSL_CIPHER_ID_NONE = 0, - POLARSSL_CIPHER_ID_NULL, - POLARSSL_CIPHER_ID_AES, - POLARSSL_CIPHER_ID_DES, - POLARSSL_CIPHER_ID_3DES, /* Unused! */ - POLARSSL_CIPHER_ID_CAMELLIA, - POLARSSL_CIPHER_ID_BLOWFISH, - POLARSSL_CIPHER_ID_ARC4, -} cipher_id_t; + MBEDTLS_CIPHER_ID_NONE = 0, + MBEDTLS_CIPHER_ID_NULL, + MBEDTLS_CIPHER_ID_AES, + MBEDTLS_CIPHER_ID_DES, + MBEDTLS_CIPHER_ID_3DES, + MBEDTLS_CIPHER_ID_CAMELLIA, + MBEDTLS_CIPHER_ID_BLOWFISH, + MBEDTLS_CIPHER_ID_ARC4, +} mbedtls_cipher_id_t; typedef enum { - POLARSSL_CIPHER_NONE = 0, - POLARSSL_CIPHER_NULL, - POLARSSL_CIPHER_AES_128_ECB, - POLARSSL_CIPHER_AES_192_ECB, - POLARSSL_CIPHER_AES_256_ECB, - POLARSSL_CIPHER_AES_128_CBC, - POLARSSL_CIPHER_AES_192_CBC, - POLARSSL_CIPHER_AES_256_CBC, - POLARSSL_CIPHER_AES_128_CFB128, - POLARSSL_CIPHER_AES_192_CFB128, - POLARSSL_CIPHER_AES_256_CFB128, - POLARSSL_CIPHER_AES_128_CTR, - POLARSSL_CIPHER_AES_192_CTR, - POLARSSL_CIPHER_AES_256_CTR, - POLARSSL_CIPHER_AES_128_GCM, - POLARSSL_CIPHER_AES_192_GCM, - POLARSSL_CIPHER_AES_256_GCM, - POLARSSL_CIPHER_CAMELLIA_128_ECB, - POLARSSL_CIPHER_CAMELLIA_192_ECB, - POLARSSL_CIPHER_CAMELLIA_256_ECB, - POLARSSL_CIPHER_CAMELLIA_128_CBC, - POLARSSL_CIPHER_CAMELLIA_192_CBC, - POLARSSL_CIPHER_CAMELLIA_256_CBC, - POLARSSL_CIPHER_CAMELLIA_128_CFB128, - POLARSSL_CIPHER_CAMELLIA_192_CFB128, - POLARSSL_CIPHER_CAMELLIA_256_CFB128, - POLARSSL_CIPHER_CAMELLIA_128_CTR, - POLARSSL_CIPHER_CAMELLIA_192_CTR, - POLARSSL_CIPHER_CAMELLIA_256_CTR, - POLARSSL_CIPHER_CAMELLIA_128_GCM, - POLARSSL_CIPHER_CAMELLIA_192_GCM, - POLARSSL_CIPHER_CAMELLIA_256_GCM, - POLARSSL_CIPHER_DES_ECB, - POLARSSL_CIPHER_DES_CBC, - POLARSSL_CIPHER_DES_EDE_ECB, - POLARSSL_CIPHER_DES_EDE_CBC, - POLARSSL_CIPHER_DES_EDE3_ECB, - POLARSSL_CIPHER_DES_EDE3_CBC, - POLARSSL_CIPHER_BLOWFISH_ECB, - POLARSSL_CIPHER_BLOWFISH_CBC, - POLARSSL_CIPHER_BLOWFISH_CFB64, - POLARSSL_CIPHER_BLOWFISH_CTR, - POLARSSL_CIPHER_ARC4_128, - POLARSSL_CIPHER_AES_128_CCM, - POLARSSL_CIPHER_AES_192_CCM, - POLARSSL_CIPHER_AES_256_CCM, - POLARSSL_CIPHER_CAMELLIA_128_CCM, - POLARSSL_CIPHER_CAMELLIA_192_CCM, - POLARSSL_CIPHER_CAMELLIA_256_CCM, -} cipher_type_t; + MBEDTLS_CIPHER_NONE = 0, + MBEDTLS_CIPHER_NULL, + MBEDTLS_CIPHER_AES_128_ECB, + MBEDTLS_CIPHER_AES_192_ECB, + MBEDTLS_CIPHER_AES_256_ECB, + MBEDTLS_CIPHER_AES_128_CBC, + MBEDTLS_CIPHER_AES_192_CBC, + MBEDTLS_CIPHER_AES_256_CBC, + MBEDTLS_CIPHER_AES_128_CFB128, + MBEDTLS_CIPHER_AES_192_CFB128, + MBEDTLS_CIPHER_AES_256_CFB128, + MBEDTLS_CIPHER_AES_128_CTR, + MBEDTLS_CIPHER_AES_192_CTR, + MBEDTLS_CIPHER_AES_256_CTR, + MBEDTLS_CIPHER_AES_128_GCM, + MBEDTLS_CIPHER_AES_192_GCM, + MBEDTLS_CIPHER_AES_256_GCM, + MBEDTLS_CIPHER_CAMELLIA_128_ECB, + MBEDTLS_CIPHER_CAMELLIA_192_ECB, + MBEDTLS_CIPHER_CAMELLIA_256_ECB, + MBEDTLS_CIPHER_CAMELLIA_128_CBC, + MBEDTLS_CIPHER_CAMELLIA_192_CBC, + MBEDTLS_CIPHER_CAMELLIA_256_CBC, + MBEDTLS_CIPHER_CAMELLIA_128_CFB128, + MBEDTLS_CIPHER_CAMELLIA_192_CFB128, + MBEDTLS_CIPHER_CAMELLIA_256_CFB128, + MBEDTLS_CIPHER_CAMELLIA_128_CTR, + MBEDTLS_CIPHER_CAMELLIA_192_CTR, + MBEDTLS_CIPHER_CAMELLIA_256_CTR, + MBEDTLS_CIPHER_CAMELLIA_128_GCM, + MBEDTLS_CIPHER_CAMELLIA_192_GCM, + MBEDTLS_CIPHER_CAMELLIA_256_GCM, + MBEDTLS_CIPHER_DES_ECB, + MBEDTLS_CIPHER_DES_CBC, + MBEDTLS_CIPHER_DES_EDE_ECB, + MBEDTLS_CIPHER_DES_EDE_CBC, + MBEDTLS_CIPHER_DES_EDE3_ECB, + MBEDTLS_CIPHER_DES_EDE3_CBC, + MBEDTLS_CIPHER_BLOWFISH_ECB, + MBEDTLS_CIPHER_BLOWFISH_CBC, + MBEDTLS_CIPHER_BLOWFISH_CFB64, + MBEDTLS_CIPHER_BLOWFISH_CTR, + MBEDTLS_CIPHER_ARC4_128, + MBEDTLS_CIPHER_AES_128_CCM, + MBEDTLS_CIPHER_AES_192_CCM, + MBEDTLS_CIPHER_AES_256_CCM, + MBEDTLS_CIPHER_CAMELLIA_128_CCM, + MBEDTLS_CIPHER_CAMELLIA_192_CCM, + MBEDTLS_CIPHER_CAMELLIA_256_CCM, +} mbedtls_cipher_type_t; typedef enum { - POLARSSL_MODE_NONE = 0, - POLARSSL_MODE_ECB, - POLARSSL_MODE_CBC, - POLARSSL_MODE_CFB, - POLARSSL_MODE_OFB, /* Unused! */ - POLARSSL_MODE_CTR, - POLARSSL_MODE_GCM, - POLARSSL_MODE_STREAM, - POLARSSL_MODE_CCM, -} cipher_mode_t; + MBEDTLS_MODE_NONE = 0, + MBEDTLS_MODE_ECB, + MBEDTLS_MODE_CBC, + MBEDTLS_MODE_CFB, + MBEDTLS_MODE_OFB, /* Unused! */ + MBEDTLS_MODE_CTR, + MBEDTLS_MODE_GCM, + MBEDTLS_MODE_STREAM, + MBEDTLS_MODE_CCM, +} mbedtls_cipher_mode_t; typedef enum { - POLARSSL_PADDING_PKCS7 = 0, /**< PKCS7 padding (default) */ - POLARSSL_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding */ - POLARSSL_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding */ - POLARSSL_PADDING_ZEROS, /**< zero padding (not reversible!) */ - POLARSSL_PADDING_NONE, /**< never pad (full blocks only) */ -} cipher_padding_t; + MBEDTLS_PADDING_PKCS7 = 0, /**< PKCS7 padding (default) */ + MBEDTLS_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding */ + MBEDTLS_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding */ + MBEDTLS_PADDING_ZEROS, /**< zero padding (not reversible!) */ + MBEDTLS_PADDING_NONE, /**< never pad (full blocks only) */ +} mbedtls_cipher_padding_t; typedef enum { - POLARSSL_OPERATION_NONE = -1, - POLARSSL_DECRYPT = 0, - POLARSSL_ENCRYPT, -} operation_t; + MBEDTLS_OPERATION_NONE = -1, + MBEDTLS_DECRYPT = 0, + MBEDTLS_ENCRYPT, +} mbedtls_operation_t; enum { /** Undefined key length */ - POLARSSL_KEY_LENGTH_NONE = 0, + MBEDTLS_KEY_LENGTH_NONE = 0, /** Key length, in bits (including parity), for DES keys */ - POLARSSL_KEY_LENGTH_DES = 64, + MBEDTLS_KEY_LENGTH_DES = 64, /** Key length, in bits (including parity), for DES in two key EDE */ - POLARSSL_KEY_LENGTH_DES_EDE = 128, + MBEDTLS_KEY_LENGTH_DES_EDE = 128, /** Key length, in bits (including parity), for DES in three-key EDE */ - POLARSSL_KEY_LENGTH_DES_EDE3 = 192, + MBEDTLS_KEY_LENGTH_DES_EDE3 = 192, }; /** Maximum length of any IV, in bytes */ -#define POLARSSL_MAX_IV_LENGTH 16 +#define MBEDTLS_MAX_IV_LENGTH 16 /** Maximum block size of any cipher, in bytes */ -#define POLARSSL_MAX_BLOCK_LENGTH 16 +#define MBEDTLS_MAX_BLOCK_LENGTH 16 /** - * Base cipher information. The non-mode specific functions and values. + * Base cipher information (opaque struct). */ -typedef struct { - - /** Base Cipher type (e.g. POLARSSL_CIPHER_ID_AES) */ - cipher_id_t cipher; - - /** Encrypt using ECB */ - int (*ecb_func)( void *ctx, operation_t mode, - const unsigned char *input, unsigned char *output ); - -#if defined(POLARSSL_CIPHER_MODE_CBC) - /** Encrypt using CBC */ - int (*cbc_func)( void *ctx, operation_t mode, size_t length, - unsigned char *iv, const unsigned char *input, - unsigned char *output ); -#endif - -#if defined(POLARSSL_CIPHER_MODE_CFB) - /** Encrypt using CFB (Full length) */ - int (*cfb_func)( void *ctx, operation_t mode, size_t length, size_t *iv_off, - unsigned char *iv, const unsigned char *input, - unsigned char *output ); -#endif - -#if defined(POLARSSL_CIPHER_MODE_CTR) - /** Encrypt using CTR */ - int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ); -#endif - -#if defined(POLARSSL_CIPHER_MODE_STREAM) - /** Encrypt using STREAM */ - int (*stream_func)( void *ctx, size_t length, - const unsigned char *input, unsigned char *output ); -#endif - - /** Set key for encryption purposes */ - int (*setkey_enc_func)( void *ctx, const unsigned char *key, - unsigned int key_length ); - - /** Set key for decryption purposes */ - int (*setkey_dec_func)( void *ctx, const unsigned char *key, - unsigned int key_length); - - /** Allocate a new context */ - void * (*ctx_alloc_func)( void ); - - /** Free the given context */ - void (*ctx_free_func)( void *ctx ); - -} cipher_base_t; +typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t; /** * Cipher information. Allows cipher functions to be called in a generic way. */ typedef struct { - /** Full cipher identifier (e.g. POLARSSL_CIPHER_AES_256_CBC) */ - cipher_type_t type; + /** Full cipher identifier (e.g. MBEDTLS_CIPHER_AES_256_CBC) */ + mbedtls_cipher_type_t type; - /** Cipher mode (e.g. POLARSSL_MODE_CBC) */ - cipher_mode_t mode; + /** Cipher mode (e.g. MBEDTLS_MODE_CBC) */ + mbedtls_cipher_mode_t mode; /** Cipher key length, in bits (default length for variable sized ciphers) * (Includes parity bits for ciphers like DES) */ - unsigned int key_length; + unsigned int key_bitlen; /** Name of the cipher */ const char * name; @@ -257,44 +203,44 @@ typedef struct { unsigned int block_size; /** Base cipher information and functions */ - const cipher_base_t *base; + const mbedtls_cipher_base_t *base; -} cipher_info_t; +} mbedtls_cipher_info_t; /** * Generic cipher context. */ typedef struct { /** Information about the associated cipher */ - const cipher_info_t *cipher_info; + const mbedtls_cipher_info_t *cipher_info; /** Key length to use */ - int key_length; + int key_bitlen; /** Operation that the context's key has been initialised for */ - operation_t operation; + mbedtls_operation_t operation; -#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /** Padding functions to use, if relevant for cipher mode */ void (*add_padding)( unsigned char *output, size_t olen, size_t data_len ); int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len ); #endif /** Buffer for data that hasn't been encrypted yet */ - unsigned char unprocessed_data[POLARSSL_MAX_BLOCK_LENGTH]; + unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH]; /** Number of bytes that still need processing */ size_t unprocessed_len; /** Current IV or NONCE_COUNTER for CTR-mode */ - unsigned char iv[POLARSSL_MAX_IV_LENGTH]; + unsigned char iv[MBEDTLS_MAX_IV_LENGTH]; /** IV size in bytes (for ciphers with variable-length IVs) */ size_t iv_size; /** Cipher-specific context */ void *cipher_ctx; -} cipher_context_t; +} mbedtls_cipher_context_t; /** * \brief Returns the list of ciphers supported by the generic cipher module. @@ -302,7 +248,7 @@ typedef struct { * \return a statically allocated array of ciphers, the last entry * is 0. */ -const int *cipher_list( void ); +const int *mbedtls_cipher_list( void ); /** * \brief Returns the cipher information structure associated @@ -313,7 +259,7 @@ const int *cipher_list( void ); * \return the cipher information structure associated with the * given cipher_name, or NULL if not found. */ -const cipher_info_t *cipher_info_from_string( const char *cipher_name ); +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name ); /** * \brief Returns the cipher information structure associated @@ -324,73 +270,53 @@ const cipher_info_t *cipher_info_from_string( const char *cipher_name ); * \return the cipher information structure associated with the * given cipher_type, or NULL if not found. */ -const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type ); +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type ); /** * \brief Returns the cipher information structure associated * with the given cipher id, key size and mode. * * \param cipher_id Id of the cipher to search for - * (e.g. POLARSSL_CIPHER_ID_AES) - * \param key_length Length of the key in bits - * \param mode Cipher mode (e.g. POLARSSL_MODE_CBC) + * (e.g. MBEDTLS_CIPHER_ID_AES) + * \param key_bitlen Length of the key in bits + * \param mode Cipher mode (e.g. MBEDTLS_MODE_CBC) * * \return the cipher information structure associated with the * given cipher_type, or NULL if not found. */ -const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id, - int key_length, - const cipher_mode_t mode ); +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id, + int key_bitlen, + const mbedtls_cipher_mode_t mode ); /** * \brief Initialize a cipher_context (as NONE) */ -void cipher_init( cipher_context_t *ctx ); +void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ); /** * \brief Free and clear the cipher-specific context of ctx. * Freeing ctx itself remains the responsibility of the * caller. */ -void cipher_free( cipher_context_t *ctx ); +void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); /** * \brief Initialises and fills the cipher context structure with * the appropriate values. * * \note Currently also clears structure. In future versions you - * will be required to call cipher_init() on the structure + * will be required to call mbedtls_cipher_init() on the structure * first. * * \param ctx context to initialise. May not be NULL. * \param cipher_info cipher to use. * * \return 0 on success, - * POLARSSL_ERR_CIPHER_BAD_INPUT_DATA on parameter failure, - * POLARSSL_ERR_CIPHER_ALLOC_FAILED if allocation of the + * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on parameter failure, + * MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the * cipher-specific context failed. */ -int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ); - -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -#if defined(POLARSSL_DEPRECATED_WARNING) -#define DEPRECATED __attribute__((deprecated)) -#else -#define DEPRECATED -#endif -/** - * \brief Free the cipher-specific context of ctx. Freeing ctx - * itself remains the responsibility of the caller. - * - * \deprecated Use cipher_free() instead - * - * \param ctx Free the cipher-specific context - * - * \returns 0 - */ -int cipher_free_ctx( cipher_context_t *ctx ) DEPRECATED; -#undef DEPRECATED -#endif /* POLARSSL_DEPRECATED_REMOVED */ +int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ); /** * \brief Returns the block size of the given cipher. @@ -400,7 +326,7 @@ int cipher_free_ctx( cipher_context_t *ctx ) DEPRECATED; * \return size of the cipher's blocks, or 0 if ctx has not been * initialised. */ -static inline unsigned int cipher_get_block_size( const cipher_context_t *ctx ) +static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) return 0; @@ -410,17 +336,17 @@ static inline unsigned int cipher_get_block_size( const cipher_context_t *ctx ) /** * \brief Returns the mode of operation for the cipher. - * (e.g. POLARSSL_MODE_CBC) + * (e.g. MBEDTLS_MODE_CBC) * * \param ctx cipher's context. Must have been initialised. * - * \return mode of operation, or POLARSSL_MODE_NONE if ctx + * \return mode of operation, or MBEDTLS_MODE_NONE if ctx * has not been initialised. */ -static inline cipher_mode_t cipher_get_cipher_mode( const cipher_context_t *ctx ) +static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) - return POLARSSL_MODE_NONE; + return MBEDTLS_MODE_NONE; return ctx->cipher_info->mode; } @@ -434,7 +360,7 @@ static inline cipher_mode_t cipher_get_cipher_mode( const cipher_context_t *ctx * (0 for ciphers not using IV/NONCE). * If IV has already been set: actual size. */ -static inline int cipher_get_iv_size( const cipher_context_t *ctx ) +static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) return 0; @@ -450,13 +376,13 @@ static inline int cipher_get_iv_size( const cipher_context_t *ctx ) * * \param ctx cipher's context. Must have been initialised. * - * \return type of the cipher, or POLARSSL_CIPHER_NONE if ctx has + * \return type of the cipher, or MBEDTLS_CIPHER_NONE if ctx has * not been initialised. */ -static inline cipher_type_t cipher_get_type( const cipher_context_t *ctx ) +static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) - return POLARSSL_CIPHER_NONE; + return MBEDTLS_CIPHER_NONE; return ctx->cipher_info->type; } @@ -468,7 +394,7 @@ static inline cipher_type_t cipher_get_type( const cipher_context_t *ctx ) * * \return name of the cipher, or NULL if ctx was not initialised. */ -static inline const char *cipher_get_name( const cipher_context_t *ctx ) +static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) return 0; @@ -482,15 +408,15 @@ static inline const char *cipher_get_name( const cipher_context_t *ctx ) * \param ctx cipher's context. Must have been initialised. * * \return cipher's key length, in bits, or - * POLARSSL_KEY_LENGTH_NONE if ctx has not been + * MBEDTLS_KEY_LENGTH_NONE if ctx has not been * initialised. */ -static inline int cipher_get_key_size( const cipher_context_t *ctx ) +static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) - return POLARSSL_KEY_LENGTH_NONE; + return MBEDTLS_KEY_LENGTH_NONE; - return ctx->cipher_info->key_length; + return ctx->cipher_info->key_bitlen; } /** @@ -498,14 +424,14 @@ static inline int cipher_get_key_size( const cipher_context_t *ctx ) * * \param ctx cipher's context. Must have been initialised. * - * \return operation (POLARSSL_ENCRYPT or POLARSSL_DECRYPT), - * or POLARSSL_OPERATION_NONE if ctx has not been + * \return operation (MBEDTLS_ENCRYPT or MBEDTLS_DECRYPT), + * or MBEDTLS_OPERATION_NONE if ctx has not been * initialised. */ -static inline operation_t cipher_get_operation( const cipher_context_t *ctx ) +static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) - return POLARSSL_OPERATION_NONE; + return MBEDTLS_OPERATION_NONE; return ctx->operation; } @@ -517,18 +443,18 @@ static inline operation_t cipher_get_operation( const cipher_context_t *ctx ) * initialised using cipher_context_from_type or * cipher_context_from_string. * \param key The key to use. - * \param key_length key length to use, in bits. + * \param key_bitlen key length to use, in bits. * \param operation Operation that the key will be used for, either - * POLARSSL_ENCRYPT or POLARSSL_DECRYPT. + * MBEDTLS_ENCRYPT or MBEDTLS_DECRYPT. * - * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if + * \returns 0 on success, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if * parameter verification fails or a cipher specific * error code. */ -int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, - int key_length, const operation_t operation ); +int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key, + int key_bitlen, const mbedtls_operation_t operation ); -#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /** * \brief Set padding mode, for cipher modes that use padding. * (Default: PKCS7 padding.) @@ -536,13 +462,13 @@ int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, * \param ctx generic cipher context * \param mode padding mode * - * \returns 0 on success, POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE + * \returns 0 on success, MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE * if selected padding mode is not supported, or - * POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode + * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode * does not support padding. */ -int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode ); -#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ +int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode ); +#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ /** * \brief Set the initialization vector (IV) or nonce @@ -552,12 +478,12 @@ int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode ); * \param iv_len IV length for ciphers with variable-size IV; * discarded by ciphers with fixed-size IV. * - * \returns 0 on success, or POLARSSL_ERR_CIPHER_BAD_INPUT_DATA + * \returns 0 on success, or MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA * * \note Some ciphers don't use IVs nor NONCE. For these * ciphers, this function has no effect. */ -int cipher_set_iv( cipher_context_t *ctx, +int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len ); /** @@ -565,16 +491,16 @@ int cipher_set_iv( cipher_context_t *ctx, * * \param ctx generic cipher context * - * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA + * \returns 0 on success, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA * if parameter verification fails. */ -int cipher_reset( cipher_context_t *ctx ); +int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ); -#if defined(POLARSSL_GCM_C) +#if defined(MBEDTLS_GCM_C) /** * \brief Add additional data (for AEAD ciphers). * Currently only supported with GCM. - * Must be called exactly once, after cipher_reset(). + * Must be called exactly once, after mbedtls_cipher_reset(). * * \param ctx generic cipher context * \param ad Additional data to use. @@ -582,9 +508,9 @@ int cipher_reset( cipher_context_t *ctx ); * * \return 0 on success, or a specific error code. */ -int cipher_update_ad( cipher_context_t *ctx, +int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len ); -#endif /* POLARSSL_GCM_C */ +#endif /* MBEDTLS_GCM_C */ /** * \brief Generic cipher update function. Encrypts/decrypts @@ -593,7 +519,7 @@ int cipher_update_ad( cipher_context_t *ctx, * that cannot be written immediately will either be added * to the next block, or flushed when cipher_final is * called. - * Exception: for POLARSSL_MODE_ECB, expects single block + * Exception: for MBEDTLS_MODE_ECB, expects single block * in size (e.g. 16 bytes for AES) * * \param ctx generic cipher context @@ -605,17 +531,17 @@ int cipher_update_ad( cipher_context_t *ctx, * \param olen length of the output data, will be filled with the * actual number of bytes written. * - * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if + * \returns 0 on success, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if * parameter verification fails, - * POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE on an + * MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE on an * unsupported mode for a cipher or a cipher specific * error code. * * \note If the underlying cipher is GCM, all calls to this - * function, except the last one before cipher_finish(), + * function, except the last one before mbedtls_cipher_finish(), * must have ilen a multiple of the block size. */ -int cipher_update( cipher_context_t *ctx, const unsigned char *input, +int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen ); /** @@ -628,21 +554,21 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, * \param output buffer to write data to. Needs block_size available. * \param olen length of the data written to the output buffer. * - * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if + * \returns 0 on success, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if * parameter verification fails, - * POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption + * MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption * expected a full block but was not provided one, - * POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padding + * MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding * while decrypting or a cipher specific error code. */ -int cipher_finish( cipher_context_t *ctx, +int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen ); -#if defined(POLARSSL_GCM_C) +#if defined(MBEDTLS_GCM_C) /** * \brief Write tag for AEAD ciphers. * Currently only supported with GCM. - * Must be called after cipher_finish(). + * Must be called after mbedtls_cipher_finish(). * * \param ctx Generic cipher context * \param tag buffer to write the tag @@ -650,13 +576,13 @@ int cipher_finish( cipher_context_t *ctx, * * \return 0 on success, or a specific error code. */ -int cipher_write_tag( cipher_context_t *ctx, +int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len ); /** * \brief Check tag for AEAD ciphers. * Currently only supported with GCM. - * Must be called after cipher_finish(). + * Must be called after mbedtls_cipher_finish(). * * \param ctx Generic cipher context * \param tag Buffer holding the tag @@ -664,9 +590,9 @@ int cipher_write_tag( cipher_context_t *ctx, * * \return 0 on success, or a specific error code. */ -int cipher_check_tag( cipher_context_t *ctx, +int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len ); -#endif /* POLARSSL_GCM_C */ +#endif /* MBEDTLS_GCM_C */ /** * \brief Generic all-in-one encryption/decryption @@ -688,19 +614,19 @@ int cipher_check_tag( cipher_context_t *ctx, * ciphers, use iv = NULL and iv_len = 0. * * \returns 0 on success, or - * POLARSSL_ERR_CIPHER_BAD_INPUT_DATA, or - * POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption + * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, or + * MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption * expected a full block but was not provided one, or - * POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padding + * MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding * while decrypting, or * a cipher specific error code. */ -int cipher_crypt( cipher_context_t *ctx, +int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen ); -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) /** * \brief Generic autenticated encryption (AEAD ciphers). * @@ -720,10 +646,10 @@ int cipher_crypt( cipher_context_t *ctx, * \param tag_len desired tag length * * \returns 0 on success, or - * POLARSSL_ERR_CIPHER_BAD_INPUT_DATA, or + * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, or * a cipher specific error code. */ -int cipher_auth_encrypt( cipher_context_t *ctx, +int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, @@ -749,31 +675,24 @@ int cipher_auth_encrypt( cipher_context_t *ctx, * \param tag_len length of the authentication tag * * \returns 0 on success, or - * POLARSSL_ERR_CIPHER_BAD_INPUT_DATA, or - * POLARSSL_ERR_CIPHER_AUTH_FAILED if data isn't authentic, + * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, or + * MBEDTLS_ERR_CIPHER_AUTH_FAILED if data isn't authentic, * or a cipher specific error code. * * \note If the data is not authentic, then the output buffer * is zeroed out to prevent the unauthentic plaintext to * be used by mistake, making this interface safer. */ -int cipher_auth_decrypt( cipher_context_t *ctx, +int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, const unsigned char *tag, size_t tag_len ); -#endif /* POLARSSL_CIPHER_MODE_AEAD */ - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int cipher_self_test( int verbose ); +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ #ifdef __cplusplus } #endif -#endif /* POLARSSL_CIPHER_H */ +#endif /* MBEDTLS_CIPHER_H */ diff --git a/ext/mbedtls/include/mbedtls/cipher_internal.h b/ext/mbedtls/include/mbedtls/cipher_internal.h new file mode 100644 index 0000000000..587e3eaf06 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/cipher_internal.h @@ -0,0 +1,110 @@ +/** + * \file cipher_internal.h + * + * \brief Cipher wrappers. + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_CIPHER_WRAP_H +#define MBEDTLS_CIPHER_WRAP_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "cipher.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * Base cipher information. The non-mode specific functions and values. + */ +struct mbedtls_cipher_base_t +{ + /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */ + mbedtls_cipher_id_t cipher; + + /** Encrypt using ECB */ + int (*ecb_func)( void *ctx, mbedtls_operation_t mode, + const unsigned char *input, unsigned char *output ); + +#if defined(MBEDTLS_CIPHER_MODE_CBC) + /** Encrypt using CBC */ + int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length, + unsigned char *iv, const unsigned char *input, + unsigned char *output ); +#endif + +#if defined(MBEDTLS_CIPHER_MODE_CFB) + /** Encrypt using CFB (Full length) */ + int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off, + unsigned char *iv, const unsigned char *input, + unsigned char *output ); +#endif + +#if defined(MBEDTLS_CIPHER_MODE_CTR) + /** Encrypt using CTR */ + int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, + unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output ); +#endif + +#if defined(MBEDTLS_CIPHER_MODE_STREAM) + /** Encrypt using STREAM */ + int (*stream_func)( void *ctx, size_t length, + const unsigned char *input, unsigned char *output ); +#endif + + /** Set key for encryption purposes */ + int (*setkey_enc_func)( void *ctx, const unsigned char *key, + unsigned int key_bitlen ); + + /** Set key for decryption purposes */ + int (*setkey_dec_func)( void *ctx, const unsigned char *key, + unsigned int key_bitlen); + + /** Allocate a new context */ + void * (*ctx_alloc_func)( void ); + + /** Free the given context */ + void (*ctx_free_func)( void *ctx ); + +}; + +typedef struct +{ + mbedtls_cipher_type_t type; + const mbedtls_cipher_info_t *info; +} mbedtls_cipher_definition_t; + +extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[]; + +extern int mbedtls_cipher_supported[]; + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_CIPHER_WRAP_H */ diff --git a/ext/mbedtls/include/mbedtls/compat-1.3.h b/ext/mbedtls/include/mbedtls/compat-1.3.h new file mode 100644 index 0000000000..dae63c1484 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/compat-1.3.h @@ -0,0 +1,2634 @@ +/** + * \file config.h + * + * \brief Compatibility names (set of defines) + * + * \deprecated Use the new names directly instead + * + * Copyright (C) 2015, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#if ! defined(MBEDTLS_DEPRECATED_REMOVED) + +#if defined(MBEDTLS_DEPRECATED_WARNING) +#warning "Including compat-1.3.h is deprecated" +#endif + +#ifndef MBEDTLS_COMPAT13_H +#define MBEDTLS_COMPAT13_H + +/* + * config.h options + */ +#if defined MBEDTLS_AESNI_C +#define POLARSSL_AESNI_C MBEDTLS_AESNI_C +#endif +#if defined MBEDTLS_AES_ALT +#define POLARSSL_AES_ALT MBEDTLS_AES_ALT +#endif +#if defined MBEDTLS_AES_C +#define POLARSSL_AES_C MBEDTLS_AES_C +#endif +#if defined MBEDTLS_AES_ROM_TABLES +#define POLARSSL_AES_ROM_TABLES MBEDTLS_AES_ROM_TABLES +#endif +#if defined MBEDTLS_ARC4_ALT +#define POLARSSL_ARC4_ALT MBEDTLS_ARC4_ALT +#endif +#if defined MBEDTLS_ARC4_C +#define POLARSSL_ARC4_C MBEDTLS_ARC4_C +#endif +#if defined MBEDTLS_ASN1_PARSE_C +#define POLARSSL_ASN1_PARSE_C MBEDTLS_ASN1_PARSE_C +#endif +#if defined MBEDTLS_ASN1_WRITE_C +#define POLARSSL_ASN1_WRITE_C MBEDTLS_ASN1_WRITE_C +#endif +#if defined MBEDTLS_BASE64_C +#define POLARSSL_BASE64_C MBEDTLS_BASE64_C +#endif +#if defined MBEDTLS_BIGNUM_C +#define POLARSSL_BIGNUM_C MBEDTLS_BIGNUM_C +#endif +#if defined MBEDTLS_BLOWFISH_ALT +#define POLARSSL_BLOWFISH_ALT MBEDTLS_BLOWFISH_ALT +#endif +#if defined MBEDTLS_BLOWFISH_C +#define POLARSSL_BLOWFISH_C MBEDTLS_BLOWFISH_C +#endif +#if defined MBEDTLS_CAMELLIA_ALT +#define POLARSSL_CAMELLIA_ALT MBEDTLS_CAMELLIA_ALT +#endif +#if defined MBEDTLS_CAMELLIA_C +#define POLARSSL_CAMELLIA_C MBEDTLS_CAMELLIA_C +#endif +#if defined MBEDTLS_CAMELLIA_SMALL_MEMORY +#define POLARSSL_CAMELLIA_SMALL_MEMORY MBEDTLS_CAMELLIA_SMALL_MEMORY +#endif +#if defined MBEDTLS_CCM_C +#define POLARSSL_CCM_C MBEDTLS_CCM_C +#endif +#if defined MBEDTLS_CERTS_C +#define POLARSSL_CERTS_C MBEDTLS_CERTS_C +#endif +#if defined MBEDTLS_CIPHER_C +#define POLARSSL_CIPHER_C MBEDTLS_CIPHER_C +#endif +#if defined MBEDTLS_CIPHER_MODE_CBC +#define POLARSSL_CIPHER_MODE_CBC MBEDTLS_CIPHER_MODE_CBC +#endif +#if defined MBEDTLS_CIPHER_MODE_CFB +#define POLARSSL_CIPHER_MODE_CFB MBEDTLS_CIPHER_MODE_CFB +#endif +#if defined MBEDTLS_CIPHER_MODE_CTR +#define POLARSSL_CIPHER_MODE_CTR MBEDTLS_CIPHER_MODE_CTR +#endif +#if defined MBEDTLS_CIPHER_NULL_CIPHER +#define POLARSSL_CIPHER_NULL_CIPHER MBEDTLS_CIPHER_NULL_CIPHER +#endif +#if defined MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS +#define POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS +#endif +#if defined MBEDTLS_CIPHER_PADDING_PKCS7 +#define POLARSSL_CIPHER_PADDING_PKCS7 MBEDTLS_CIPHER_PADDING_PKCS7 +#endif +#if defined MBEDTLS_CIPHER_PADDING_ZEROS +#define POLARSSL_CIPHER_PADDING_ZEROS MBEDTLS_CIPHER_PADDING_ZEROS +#endif +#if defined MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN +#define POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN +#endif +#if defined MBEDTLS_CTR_DRBG_C +#define POLARSSL_CTR_DRBG_C MBEDTLS_CTR_DRBG_C +#endif +#if defined MBEDTLS_DEBUG_C +#define POLARSSL_DEBUG_C MBEDTLS_DEBUG_C +#endif +#if defined MBEDTLS_DEPRECATED_REMOVED +#define POLARSSL_DEPRECATED_REMOVED MBEDTLS_DEPRECATED_REMOVED +#endif +#if defined MBEDTLS_DEPRECATED_WARNING +#define POLARSSL_DEPRECATED_WARNING MBEDTLS_DEPRECATED_WARNING +#endif +#if defined MBEDTLS_DES_ALT +#define POLARSSL_DES_ALT MBEDTLS_DES_ALT +#endif +#if defined MBEDTLS_DES_C +#define POLARSSL_DES_C MBEDTLS_DES_C +#endif +#if defined MBEDTLS_DHM_C +#define POLARSSL_DHM_C MBEDTLS_DHM_C +#endif +#if defined MBEDTLS_ECDH_C +#define POLARSSL_ECDH_C MBEDTLS_ECDH_C +#endif +#if defined MBEDTLS_ECDSA_C +#define POLARSSL_ECDSA_C MBEDTLS_ECDSA_C +#endif +#if defined MBEDTLS_ECDSA_DETERMINISTIC +#define POLARSSL_ECDSA_DETERMINISTIC MBEDTLS_ECDSA_DETERMINISTIC +#endif +#if defined MBEDTLS_ECP_C +#define POLARSSL_ECP_C MBEDTLS_ECP_C +#endif +#if defined MBEDTLS_ECP_DP_BP256R1_ENABLED +#define POLARSSL_ECP_DP_BP256R1_ENABLED MBEDTLS_ECP_DP_BP256R1_ENABLED +#endif +#if defined MBEDTLS_ECP_DP_BP384R1_ENABLED +#define POLARSSL_ECP_DP_BP384R1_ENABLED MBEDTLS_ECP_DP_BP384R1_ENABLED +#endif +#if defined MBEDTLS_ECP_DP_BP512R1_ENABLED +#define POLARSSL_ECP_DP_BP512R1_ENABLED MBEDTLS_ECP_DP_BP512R1_ENABLED +#endif +#if defined MBEDTLS_ECP_DP_CURVE25519_ENABLED +#define POLARSSL_ECP_DP_M255_ENABLED MBEDTLS_ECP_DP_CURVE25519_ENABLED +#endif +#if defined MBEDTLS_ECP_DP_SECP192K1_ENABLED +#define POLARSSL_ECP_DP_SECP192K1_ENABLED MBEDTLS_ECP_DP_SECP192K1_ENABLED +#endif +#if defined MBEDTLS_ECP_DP_SECP192R1_ENABLED +#define POLARSSL_ECP_DP_SECP192R1_ENABLED MBEDTLS_ECP_DP_SECP192R1_ENABLED +#endif +#if defined MBEDTLS_ECP_DP_SECP224K1_ENABLED +#define POLARSSL_ECP_DP_SECP224K1_ENABLED MBEDTLS_ECP_DP_SECP224K1_ENABLED +#endif +#if defined MBEDTLS_ECP_DP_SECP224R1_ENABLED +#define POLARSSL_ECP_DP_SECP224R1_ENABLED MBEDTLS_ECP_DP_SECP224R1_ENABLED +#endif +#if defined MBEDTLS_ECP_DP_SECP256K1_ENABLED +#define POLARSSL_ECP_DP_SECP256K1_ENABLED MBEDTLS_ECP_DP_SECP256K1_ENABLED +#endif +#if defined MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define POLARSSL_ECP_DP_SECP256R1_ENABLED MBEDTLS_ECP_DP_SECP256R1_ENABLED +#endif +#if defined MBEDTLS_ECP_DP_SECP384R1_ENABLED +#define POLARSSL_ECP_DP_SECP384R1_ENABLED MBEDTLS_ECP_DP_SECP384R1_ENABLED +#endif +#if defined MBEDTLS_ECP_DP_SECP521R1_ENABLED +#define POLARSSL_ECP_DP_SECP521R1_ENABLED MBEDTLS_ECP_DP_SECP521R1_ENABLED +#endif +#if defined MBEDTLS_ECP_FIXED_POINT_OPTIM +#define POLARSSL_ECP_FIXED_POINT_OPTIM MBEDTLS_ECP_FIXED_POINT_OPTIM +#endif +#if defined MBEDTLS_ECP_MAX_BITS +#define POLARSSL_ECP_MAX_BITS MBEDTLS_ECP_MAX_BITS +#endif +#if defined MBEDTLS_ECP_NIST_OPTIM +#define POLARSSL_ECP_NIST_OPTIM MBEDTLS_ECP_NIST_OPTIM +#endif +#if defined MBEDTLS_ECP_WINDOW_SIZE +#define POLARSSL_ECP_WINDOW_SIZE MBEDTLS_ECP_WINDOW_SIZE +#endif +#if defined MBEDTLS_ENABLE_WEAK_CIPHERSUITES +#define POLARSSL_ENABLE_WEAK_CIPHERSUITES MBEDTLS_ENABLE_WEAK_CIPHERSUITES +#endif +#if defined MBEDTLS_ENTROPY_C +#define POLARSSL_ENTROPY_C MBEDTLS_ENTROPY_C +#endif +#if defined MBEDTLS_ENTROPY_FORCE_SHA256 +#define POLARSSL_ENTROPY_FORCE_SHA256 MBEDTLS_ENTROPY_FORCE_SHA256 +#endif +#if defined MBEDTLS_ERROR_C +#define POLARSSL_ERROR_C MBEDTLS_ERROR_C +#endif +#if defined MBEDTLS_ERROR_STRERROR_BC +#define POLARSSL_ERROR_STRERROR_BC MBEDTLS_ERROR_STRERROR_BC +#endif +#if defined MBEDTLS_ERROR_STRERROR_DUMMY +#define POLARSSL_ERROR_STRERROR_DUMMY MBEDTLS_ERROR_STRERROR_DUMMY +#endif +#if defined MBEDTLS_FS_IO +#define POLARSSL_FS_IO MBEDTLS_FS_IO +#endif +#if defined MBEDTLS_GCM_C +#define POLARSSL_GCM_C MBEDTLS_GCM_C +#endif +#if defined MBEDTLS_GENPRIME +#define POLARSSL_GENPRIME MBEDTLS_GENPRIME +#endif +#if defined MBEDTLS_HAVEGE_C +#define POLARSSL_HAVEGE_C MBEDTLS_HAVEGE_C +#endif +#if defined MBEDTLS_HAVE_ASM +#define POLARSSL_HAVE_ASM MBEDTLS_HAVE_ASM +#endif +#if defined MBEDTLS_HAVE_SSE2 +#define POLARSSL_HAVE_SSE2 MBEDTLS_HAVE_SSE2 +#endif +#if defined MBEDTLS_HAVE_TIME +#define POLARSSL_HAVE_TIME MBEDTLS_HAVE_TIME +#endif +#if defined MBEDTLS_HMAC_DRBG_C +#define POLARSSL_HMAC_DRBG_C MBEDTLS_HMAC_DRBG_C +#endif +#if defined MBEDTLS_HMAC_DRBG_MAX_INPUT +#define POLARSSL_HMAC_DRBG_MAX_INPUT MBEDTLS_HMAC_DRBG_MAX_INPUT +#endif +#if defined MBEDTLS_HMAC_DRBG_MAX_REQUEST +#define POLARSSL_HMAC_DRBG_MAX_REQUEST MBEDTLS_HMAC_DRBG_MAX_REQUEST +#endif +#if defined MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT +#define POLARSSL_HMAC_DRBG_MAX_SEED_INPUT MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT +#endif +#if defined MBEDTLS_HMAC_DRBG_RESEED_INTERVAL +#define POLARSSL_HMAC_DRBG_RESEED_INTERVAL MBEDTLS_HMAC_DRBG_RESEED_INTERVAL +#endif +#if defined MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED +#define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED +#endif +#if defined MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED +#define POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED +#endif +#if defined MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +#endif +#if defined MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +#endif +#if defined MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +#define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +#endif +#if defined MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +#define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +#endif +#if defined MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED +#define POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED +#endif +#if defined MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +#endif +#if defined MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +#define POLARSSL_KEY_EXCHANGE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +#endif +#if defined MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED +#define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED +#endif +#if defined MBEDTLS_MD2_ALT +#define POLARSSL_MD2_ALT MBEDTLS_MD2_ALT +#endif +#if defined MBEDTLS_MD2_C +#define POLARSSL_MD2_C MBEDTLS_MD2_C +#endif +#if defined MBEDTLS_MD2_PROCESS_ALT +#define POLARSSL_MD2_PROCESS_ALT MBEDTLS_MD2_PROCESS_ALT +#endif +#if defined MBEDTLS_MD4_ALT +#define POLARSSL_MD4_ALT MBEDTLS_MD4_ALT +#endif +#if defined MBEDTLS_MD4_C +#define POLARSSL_MD4_C MBEDTLS_MD4_C +#endif +#if defined MBEDTLS_MD4_PROCESS_ALT +#define POLARSSL_MD4_PROCESS_ALT MBEDTLS_MD4_PROCESS_ALT +#endif +#if defined MBEDTLS_MD5_ALT +#define POLARSSL_MD5_ALT MBEDTLS_MD5_ALT +#endif +#if defined MBEDTLS_MD5_C +#define POLARSSL_MD5_C MBEDTLS_MD5_C +#endif +#if defined MBEDTLS_MD5_PROCESS_ALT +#define POLARSSL_MD5_PROCESS_ALT MBEDTLS_MD5_PROCESS_ALT +#endif +#if defined MBEDTLS_MD_C +#define POLARSSL_MD_C MBEDTLS_MD_C +#endif +#if defined MBEDTLS_MEMORY_ALIGN_MULTIPLE +#define POLARSSL_MEMORY_ALIGN_MULTIPLE MBEDTLS_MEMORY_ALIGN_MULTIPLE +#endif +#if defined MBEDTLS_MEMORY_BACKTRACE +#define POLARSSL_MEMORY_BACKTRACE MBEDTLS_MEMORY_BACKTRACE +#endif +#if defined MBEDTLS_MEMORY_BUFFER_ALLOC_C +#define POLARSSL_MEMORY_BUFFER_ALLOC_C MBEDTLS_MEMORY_BUFFER_ALLOC_C +#endif +#if defined MBEDTLS_MEMORY_C +#define POLARSSL_MEMORY_C MBEDTLS_MEMORY_C +#endif +#if defined MBEDTLS_MEMORY_DEBUG +#define POLARSSL_MEMORY_DEBUG MBEDTLS_MEMORY_DEBUG +#endif +#if defined MBEDTLS_MPI_MAX_SIZE +#define POLARSSL_MPI_MAX_SIZE MBEDTLS_MPI_MAX_SIZE +#endif +#if defined MBEDTLS_MPI_WINDOW_SIZE +#define POLARSSL_MPI_WINDOW_SIZE MBEDTLS_MPI_WINDOW_SIZE +#endif +#if defined MBEDTLS_NET_C +#define POLARSSL_NET_C MBEDTLS_NET_C +#endif +#if defined MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES +#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES +#endif +#if defined MBEDTLS_NO_PLATFORM_ENTROPY +#define POLARSSL_NO_PLATFORM_ENTROPY MBEDTLS_NO_PLATFORM_ENTROPY +#endif +#if defined MBEDTLS_OID_C +#define POLARSSL_OID_C MBEDTLS_OID_C +#endif +#if defined MBEDTLS_PADLOCK_C +#define POLARSSL_PADLOCK_C MBEDTLS_PADLOCK_C +#endif +#if defined MBEDTLS_PBKDF2_C +#define POLARSSL_PBKDF2_C MBEDTLS_PBKDF2_C +#endif +#if defined MBEDTLS_PEM_PARSE_C +#define POLARSSL_PEM_PARSE_C MBEDTLS_PEM_PARSE_C +#endif +#if defined MBEDTLS_PEM_WRITE_C +#define POLARSSL_PEM_WRITE_C MBEDTLS_PEM_WRITE_C +#endif +#if defined MBEDTLS_PKCS11_C +#define POLARSSL_PKCS11_C MBEDTLS_PKCS11_C +#endif +#if defined MBEDTLS_PKCS12_C +#define POLARSSL_PKCS12_C MBEDTLS_PKCS12_C +#endif +#if defined MBEDTLS_PKCS1_V15 +#define POLARSSL_PKCS1_V15 MBEDTLS_PKCS1_V15 +#endif +#if defined MBEDTLS_PKCS1_V21 +#define POLARSSL_PKCS1_V21 MBEDTLS_PKCS1_V21 +#endif +#if defined MBEDTLS_PKCS5_C +#define POLARSSL_PKCS5_C MBEDTLS_PKCS5_C +#endif +#if defined MBEDTLS_PK_C +#define POLARSSL_PK_C MBEDTLS_PK_C +#endif +#if defined MBEDTLS_PK_PARSE_C +#define POLARSSL_PK_PARSE_C MBEDTLS_PK_PARSE_C +#endif +#if defined MBEDTLS_PK_PARSE_EC_EXTENDED +#define POLARSSL_PK_PARSE_EC_EXTENDED MBEDTLS_PK_PARSE_EC_EXTENDED +#endif +#if defined MBEDTLS_PK_RSA_ALT_SUPPORT +#define POLARSSL_PK_RSA_ALT_SUPPORT MBEDTLS_PK_RSA_ALT_SUPPORT +#endif +#if defined MBEDTLS_PK_WRITE_C +#define POLARSSL_PK_WRITE_C MBEDTLS_PK_WRITE_C +#endif +#if defined MBEDTLS_PLATFORM_C +#define POLARSSL_PLATFORM_C MBEDTLS_PLATFORM_C +#endif +#if defined MBEDTLS_PLATFORM_EXIT_ALT +#define POLARSSL_PLATFORM_EXIT_ALT MBEDTLS_PLATFORM_EXIT_ALT +#endif +#if defined MBEDTLS_PLATFORM_EXIT_MACRO +#define POLARSSL_PLATFORM_EXIT_MACRO MBEDTLS_PLATFORM_EXIT_MACRO +#endif +#if defined MBEDTLS_PLATFORM_FPRINTF_ALT +#define POLARSSL_PLATFORM_FPRINTF_ALT MBEDTLS_PLATFORM_FPRINTF_ALT +#endif +#if defined MBEDTLS_PLATFORM_FPRINTF_MACRO +#define POLARSSL_PLATFORM_FPRINTF_MACRO MBEDTLS_PLATFORM_FPRINTF_MACRO +#endif +#if defined MBEDTLS_PLATFORM_FREE_MACRO +#define POLARSSL_PLATFORM_FREE_MACRO MBEDTLS_PLATFORM_FREE_MACRO +#endif +#if defined MBEDTLS_PLATFORM_MEMORY +#define POLARSSL_PLATFORM_MEMORY MBEDTLS_PLATFORM_MEMORY +#endif +#if defined MBEDTLS_PLATFORM_NO_STD_FUNCTIONS +#define POLARSSL_PLATFORM_NO_STD_FUNCTIONS MBEDTLS_PLATFORM_NO_STD_FUNCTIONS +#endif +#if defined MBEDTLS_PLATFORM_PRINTF_ALT +#define POLARSSL_PLATFORM_PRINTF_ALT MBEDTLS_PLATFORM_PRINTF_ALT +#endif +#if defined MBEDTLS_PLATFORM_PRINTF_MACRO +#define POLARSSL_PLATFORM_PRINTF_MACRO MBEDTLS_PLATFORM_PRINTF_MACRO +#endif +#if defined MBEDTLS_PLATFORM_SNPRINTF_ALT +#define POLARSSL_PLATFORM_SNPRINTF_ALT MBEDTLS_PLATFORM_SNPRINTF_ALT +#endif +#if defined MBEDTLS_PLATFORM_SNPRINTF_MACRO +#define POLARSSL_PLATFORM_SNPRINTF_MACRO MBEDTLS_PLATFORM_SNPRINTF_MACRO +#endif +#if defined MBEDTLS_PLATFORM_STD_EXIT +#define POLARSSL_PLATFORM_STD_EXIT MBEDTLS_PLATFORM_STD_EXIT +#endif +#if defined MBEDTLS_PLATFORM_STD_FPRINTF +#define POLARSSL_PLATFORM_STD_FPRINTF MBEDTLS_PLATFORM_STD_FPRINTF +#endif +#if defined MBEDTLS_PLATFORM_STD_FREE +#define POLARSSL_PLATFORM_STD_FREE MBEDTLS_PLATFORM_STD_FREE +#endif +#if defined MBEDTLS_PLATFORM_STD_MALLOC +#define POLARSSL_PLATFORM_STD_MALLOC MBEDTLS_PLATFORM_STD_MALLOC +#endif +#if defined MBEDTLS_PLATFORM_STD_MEM_HDR +#define POLARSSL_PLATFORM_STD_MEM_HDR MBEDTLS_PLATFORM_STD_MEM_HDR +#endif +#if defined MBEDTLS_PLATFORM_STD_PRINTF +#define POLARSSL_PLATFORM_STD_PRINTF MBEDTLS_PLATFORM_STD_PRINTF +#endif +#if defined MBEDTLS_PLATFORM_STD_SNPRINTF +#define POLARSSL_PLATFORM_STD_SNPRINTF MBEDTLS_PLATFORM_STD_SNPRINTF +#endif +#if defined MBEDTLS_PSK_MAX_LEN +#define POLARSSL_PSK_MAX_LEN MBEDTLS_PSK_MAX_LEN +#endif +#if defined MBEDTLS_REMOVE_ARC4_CIPHERSUITES +#define POLARSSL_REMOVE_ARC4_CIPHERSUITES MBEDTLS_REMOVE_ARC4_CIPHERSUITES +#endif +#if defined MBEDTLS_RIPEMD160_ALT +#define POLARSSL_RIPEMD160_ALT MBEDTLS_RIPEMD160_ALT +#endif +#if defined MBEDTLS_RIPEMD160_C +#define POLARSSL_RIPEMD160_C MBEDTLS_RIPEMD160_C +#endif +#if defined MBEDTLS_RIPEMD160_PROCESS_ALT +#define POLARSSL_RIPEMD160_PROCESS_ALT MBEDTLS_RIPEMD160_PROCESS_ALT +#endif +#if defined MBEDTLS_RSA_C +#define POLARSSL_RSA_C MBEDTLS_RSA_C +#endif +#if defined MBEDTLS_RSA_NO_CRT +#define POLARSSL_RSA_NO_CRT MBEDTLS_RSA_NO_CRT +#endif +#if defined MBEDTLS_SELF_TEST +#define POLARSSL_SELF_TEST MBEDTLS_SELF_TEST +#endif +#if defined MBEDTLS_SHA1_ALT +#define POLARSSL_SHA1_ALT MBEDTLS_SHA1_ALT +#endif +#if defined MBEDTLS_SHA1_C +#define POLARSSL_SHA1_C MBEDTLS_SHA1_C +#endif +#if defined MBEDTLS_SHA1_PROCESS_ALT +#define POLARSSL_SHA1_PROCESS_ALT MBEDTLS_SHA1_PROCESS_ALT +#endif +#if defined MBEDTLS_SHA256_ALT +#define POLARSSL_SHA256_ALT MBEDTLS_SHA256_ALT +#endif +#if defined MBEDTLS_SHA256_C +#define POLARSSL_SHA256_C MBEDTLS_SHA256_C +#endif +#if defined MBEDTLS_SHA256_PROCESS_ALT +#define POLARSSL_SHA256_PROCESS_ALT MBEDTLS_SHA256_PROCESS_ALT +#endif +#if defined MBEDTLS_SHA512_ALT +#define POLARSSL_SHA512_ALT MBEDTLS_SHA512_ALT +#endif +#if defined MBEDTLS_SHA512_C +#define POLARSSL_SHA512_C MBEDTLS_SHA512_C +#endif +#if defined MBEDTLS_SHA512_PROCESS_ALT +#define POLARSSL_SHA512_PROCESS_ALT MBEDTLS_SHA512_PROCESS_ALT +#endif +#if defined MBEDTLS_SSL_AEAD_RANDOM_IV +#define POLARSSL_SSL_AEAD_RANDOM_IV MBEDTLS_SSL_AEAD_RANDOM_IV +#endif +#if defined MBEDTLS_SSL_ALERT_MESSAGES +#define POLARSSL_SSL_ALERT_MESSAGES MBEDTLS_SSL_ALERT_MESSAGES +#endif +#if defined MBEDTLS_SSL_ALL_ALERT_MESSAGES +#define POLARSSL_SSL_ALL_ALERT_MESSAGES MBEDTLS_SSL_ALL_ALERT_MESSAGES +#endif +#if defined MBEDTLS_SSL_ALPN +#define POLARSSL_SSL_ALPN MBEDTLS_SSL_ALPN +#endif +#if defined MBEDTLS_SSL_CACHE_C +#define POLARSSL_SSL_CACHE_C MBEDTLS_SSL_CACHE_C +#endif +#if defined MBEDTLS_SSL_CBC_RECORD_SPLITTING +#define POLARSSL_SSL_CBC_RECORD_SPLITTING MBEDTLS_SSL_CBC_RECORD_SPLITTING +#endif +#if defined MBEDTLS_SSL_CLI_C +#define POLARSSL_SSL_CLI_C MBEDTLS_SSL_CLI_C +#endif +#if defined MBEDTLS_SSL_COOKIE_C +#define POLARSSL_SSL_COOKIE_C MBEDTLS_SSL_COOKIE_C +#endif +#if defined MBEDTLS_SSL_COOKIE_TIMEOUT +#define POLARSSL_SSL_COOKIE_TIMEOUT MBEDTLS_SSL_COOKIE_TIMEOUT +#endif +#if defined MBEDTLS_SSL_DEBUG_ALL +#define POLARSSL_SSL_DEBUG_ALL MBEDTLS_SSL_DEBUG_ALL +#endif +#if defined MBEDTLS_SSL_DISABLE_RENEGOTIATION +#define POLARSSL_SSL_DISABLE_RENEGOTIATION MBEDTLS_SSL_DISABLE_RENEGOTIATION +#endif +#if defined MBEDTLS_SSL_DTLS_ANTI_REPLAY +#define POLARSSL_SSL_DTLS_ANTI_REPLAY MBEDTLS_SSL_DTLS_ANTI_REPLAY +#endif +#if defined MBEDTLS_SSL_DTLS_BADMAC_LIMIT +#define POLARSSL_SSL_DTLS_BADMAC_LIMIT MBEDTLS_SSL_DTLS_BADMAC_LIMIT +#endif +#if defined MBEDTLS_SSL_DTLS_HELLO_VERIFY +#define POLARSSL_SSL_DTLS_HELLO_VERIFY MBEDTLS_SSL_DTLS_HELLO_VERIFY +#endif +#if defined MBEDTLS_SSL_ENCRYPT_THEN_MAC +#define POLARSSL_SSL_ENCRYPT_THEN_MAC MBEDTLS_SSL_ENCRYPT_THEN_MAC +#endif +#if defined MBEDTLS_SSL_EXTENDED_MASTER_SECRET +#define POLARSSL_SSL_EXTENDED_MASTER_SECRET MBEDTLS_SSL_EXTENDED_MASTER_SECRET +#endif +#if defined MBEDTLS_SSL_FALLBACK_SCSV +#define POLARSSL_SSL_FALLBACK_SCSV MBEDTLS_SSL_FALLBACK_SCSV +#endif +#if defined MBEDTLS_SSL_HW_RECORD_ACCEL +#define POLARSSL_SSL_HW_RECORD_ACCEL MBEDTLS_SSL_HW_RECORD_ACCEL +#endif +#if defined MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +#define POLARSSL_SSL_MAX_FRAGMENT_LENGTH MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +#endif +#if defined MBEDTLS_SSL_PROTO_DTLS +#define POLARSSL_SSL_PROTO_DTLS MBEDTLS_SSL_PROTO_DTLS +#endif +#if defined MBEDTLS_SSL_PROTO_SSL3 +#define POLARSSL_SSL_PROTO_SSL3 MBEDTLS_SSL_PROTO_SSL3 +#endif +#if defined MBEDTLS_SSL_PROTO_TLS1 +#define POLARSSL_SSL_PROTO_TLS1 MBEDTLS_SSL_PROTO_TLS1 +#endif +#if defined MBEDTLS_SSL_PROTO_TLS1_1 +#define POLARSSL_SSL_PROTO_TLS1_1 MBEDTLS_SSL_PROTO_TLS1_1 +#endif +#if defined MBEDTLS_SSL_PROTO_TLS1_2 +#define POLARSSL_SSL_PROTO_TLS1_2 MBEDTLS_SSL_PROTO_TLS1_2 +#endif +#if defined MBEDTLS_SSL_RENEGOTIATION +#define POLARSSL_SSL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION +#endif +#if defined MBEDTLS_SSL_SERVER_NAME_INDICATION +#define POLARSSL_SSL_SERVER_NAME_INDICATION MBEDTLS_SSL_SERVER_NAME_INDICATION +#endif +#if defined MBEDTLS_SSL_SESSION_TICKETS +#define POLARSSL_SSL_SESSION_TICKETS MBEDTLS_SSL_SESSION_TICKETS +#endif +#if defined MBEDTLS_SSL_SRV_C +#define POLARSSL_SSL_SRV_C MBEDTLS_SSL_SRV_C +#endif +#if defined MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE +#define POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE +#endif +#if defined MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO +#define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO +#endif +#if defined MBEDTLS_SSL_TLS_C +#define POLARSSL_SSL_TLS_C MBEDTLS_SSL_TLS_C +#endif +#if defined MBEDTLS_SSL_TRUNCATED_HMAC +#define POLARSSL_SSL_TRUNCATED_HMAC MBEDTLS_SSL_TRUNCATED_HMAC +#endif +#if defined MBEDTLS_THREADING_ALT +#define POLARSSL_THREADING_ALT MBEDTLS_THREADING_ALT +#endif +#if defined MBEDTLS_THREADING_C +#define POLARSSL_THREADING_C MBEDTLS_THREADING_C +#endif +#if defined MBEDTLS_THREADING_PTHREAD +#define POLARSSL_THREADING_PTHREAD MBEDTLS_THREADING_PTHREAD +#endif +#if defined MBEDTLS_TIMING_ALT +#define POLARSSL_TIMING_ALT MBEDTLS_TIMING_ALT +#endif +#if defined MBEDTLS_TIMING_C +#define POLARSSL_TIMING_C MBEDTLS_TIMING_C +#endif +#if defined MBEDTLS_VERSION_C +#define POLARSSL_VERSION_C MBEDTLS_VERSION_C +#endif +#if defined MBEDTLS_VERSION_FEATURES +#define POLARSSL_VERSION_FEATURES MBEDTLS_VERSION_FEATURES +#endif +#if defined MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 +#define POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 +#endif +#if defined MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION +#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION +#endif +#if defined MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE +#define POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE +#endif +#if defined MBEDTLS_X509_CHECK_KEY_USAGE +#define POLARSSL_X509_CHECK_KEY_USAGE MBEDTLS_X509_CHECK_KEY_USAGE +#endif +#if defined MBEDTLS_X509_CREATE_C +#define POLARSSL_X509_CREATE_C MBEDTLS_X509_CREATE_C +#endif +#if defined MBEDTLS_X509_CRL_PARSE_C +#define POLARSSL_X509_CRL_PARSE_C MBEDTLS_X509_CRL_PARSE_C +#endif +#if defined MBEDTLS_X509_CRT_PARSE_C +#define POLARSSL_X509_CRT_PARSE_C MBEDTLS_X509_CRT_PARSE_C +#endif +#if defined MBEDTLS_X509_CRT_WRITE_C +#define POLARSSL_X509_CRT_WRITE_C MBEDTLS_X509_CRT_WRITE_C +#endif +#if defined MBEDTLS_X509_CSR_PARSE_C +#define POLARSSL_X509_CSR_PARSE_C MBEDTLS_X509_CSR_PARSE_C +#endif +#if defined MBEDTLS_X509_CSR_WRITE_C +#define POLARSSL_X509_CSR_WRITE_C MBEDTLS_X509_CSR_WRITE_C +#endif +#if defined MBEDTLS_X509_MAX_INTERMEDIATE_CA +#define POLARSSL_X509_MAX_INTERMEDIATE_CA MBEDTLS_X509_MAX_INTERMEDIATE_CA +#endif +#if defined MBEDTLS_X509_RSASSA_PSS_SUPPORT +#define POLARSSL_X509_RSASSA_PSS_SUPPORT MBEDTLS_X509_RSASSA_PSS_SUPPORT +#endif +#if defined MBEDTLS_X509_USE_C +#define POLARSSL_X509_USE_C MBEDTLS_X509_USE_C +#endif +#if defined MBEDTLS_XTEA_ALT +#define POLARSSL_XTEA_ALT MBEDTLS_XTEA_ALT +#endif +#if defined MBEDTLS_XTEA_C +#define POLARSSL_XTEA_C MBEDTLS_XTEA_C +#endif +#if defined MBEDTLS_ZLIB_SUPPORT +#define POLARSSL_ZLIB_SUPPORT MBEDTLS_ZLIB_SUPPORT +#endif + +/* + * Misc names (macros, types, functions, enum constants...) + */ +#define AES_DECRYPT MBEDTLS_AES_DECRYPT +#define AES_ENCRYPT MBEDTLS_AES_ENCRYPT +#define ASN1_BIT_STRING MBEDTLS_ASN1_BIT_STRING +#define ASN1_BMP_STRING MBEDTLS_ASN1_BMP_STRING +#define ASN1_BOOLEAN MBEDTLS_ASN1_BOOLEAN +#define ASN1_CHK_ADD MBEDTLS_ASN1_CHK_ADD +#define ASN1_CONSTRUCTED MBEDTLS_ASN1_CONSTRUCTED +#define ASN1_CONTEXT_SPECIFIC MBEDTLS_ASN1_CONTEXT_SPECIFIC +#define ASN1_GENERALIZED_TIME MBEDTLS_ASN1_GENERALIZED_TIME +#define ASN1_IA5_STRING MBEDTLS_ASN1_IA5_STRING +#define ASN1_INTEGER MBEDTLS_ASN1_INTEGER +#define ASN1_NULL MBEDTLS_ASN1_NULL +#define ASN1_OCTET_STRING MBEDTLS_ASN1_OCTET_STRING +#define ASN1_OID MBEDTLS_ASN1_OID +#define ASN1_PRIMITIVE MBEDTLS_ASN1_PRIMITIVE +#define ASN1_PRINTABLE_STRING MBEDTLS_ASN1_PRINTABLE_STRING +#define ASN1_SEQUENCE MBEDTLS_ASN1_SEQUENCE +#define ASN1_SET MBEDTLS_ASN1_SET +#define ASN1_T61_STRING MBEDTLS_ASN1_T61_STRING +#define ASN1_UNIVERSAL_STRING MBEDTLS_ASN1_UNIVERSAL_STRING +#define ASN1_UTC_TIME MBEDTLS_ASN1_UTC_TIME +#define ASN1_UTF8_STRING MBEDTLS_ASN1_UTF8_STRING +#define BADCERT_CN_MISMATCH MBEDTLS_X509_BADCERT_CN_MISMATCH +#define BADCERT_EXPIRED MBEDTLS_X509_BADCERT_EXPIRED +#define BADCERT_FUTURE MBEDTLS_X509_BADCERT_FUTURE +#define BADCERT_MISSING MBEDTLS_X509_BADCERT_MISSING +#define BADCERT_NOT_TRUSTED MBEDTLS_X509_BADCERT_NOT_TRUSTED +#define BADCERT_OTHER MBEDTLS_X509_BADCERT_OTHER +#define BADCERT_REVOKED MBEDTLS_X509_BADCERT_REVOKED +#define BADCERT_SKIP_VERIFY MBEDTLS_X509_BADCERT_SKIP_VERIFY +#define BADCRL_EXPIRED MBEDTLS_X509_BADCRL_EXPIRED +#define BADCRL_FUTURE MBEDTLS_X509_BADCRL_FUTURE +#define BADCRL_NOT_TRUSTED MBEDTLS_X509_BADCRL_NOT_TRUSTED +#define BLOWFISH_BLOCKSIZE MBEDTLS_BLOWFISH_BLOCKSIZE +#define BLOWFISH_DECRYPT MBEDTLS_BLOWFISH_DECRYPT +#define BLOWFISH_ENCRYPT MBEDTLS_BLOWFISH_ENCRYPT +#define BLOWFISH_MAX_KEY MBEDTLS_BLOWFISH_MAX_KEY_BITS +#define BLOWFISH_MIN_KEY MBEDTLS_BLOWFISH_MIN_KEY_BITS +#define BLOWFISH_ROUNDS MBEDTLS_BLOWFISH_ROUNDS +#define CAMELLIA_DECRYPT MBEDTLS_CAMELLIA_DECRYPT +#define CAMELLIA_ENCRYPT MBEDTLS_CAMELLIA_ENCRYPT +#define COLLECT_SIZE MBEDTLS_HAVEGE_COLLECT_SIZE +#define CTR_DRBG_BLOCKSIZE MBEDTLS_CTR_DRBG_BLOCKSIZE +#define CTR_DRBG_ENTROPY_LEN MBEDTLS_CTR_DRBG_ENTROPY_LEN +#define CTR_DRBG_KEYBITS MBEDTLS_CTR_DRBG_KEYBITS +#define CTR_DRBG_KEYSIZE MBEDTLS_CTR_DRBG_KEYSIZE +#define CTR_DRBG_MAX_INPUT MBEDTLS_CTR_DRBG_MAX_INPUT +#define CTR_DRBG_MAX_REQUEST MBEDTLS_CTR_DRBG_MAX_REQUEST +#define CTR_DRBG_MAX_SEED_INPUT MBEDTLS_CTR_DRBG_MAX_SEED_INPUT +#define CTR_DRBG_PR_OFF MBEDTLS_CTR_DRBG_PR_OFF +#define CTR_DRBG_PR_ON MBEDTLS_CTR_DRBG_PR_ON +#define CTR_DRBG_RESEED_INTERVAL MBEDTLS_CTR_DRBG_RESEED_INTERVAL +#define CTR_DRBG_SEEDLEN MBEDTLS_CTR_DRBG_SEEDLEN +#define DEPRECATED MBEDTLS_DEPRECATED +#define DES_DECRYPT MBEDTLS_DES_DECRYPT +#define DES_ENCRYPT MBEDTLS_DES_ENCRYPT +#define DES_KEY_SIZE MBEDTLS_DES_KEY_SIZE +#define ENTROPY_BLOCK_SIZE MBEDTLS_ENTROPY_BLOCK_SIZE +#define ENTROPY_MAX_GATHER MBEDTLS_ENTROPY_MAX_GATHER +#define ENTROPY_MAX_SEED_SIZE MBEDTLS_ENTROPY_MAX_SEED_SIZE +#define ENTROPY_MAX_SOURCES MBEDTLS_ENTROPY_MAX_SOURCES +#define ENTROPY_MIN_HARDCLOCK MBEDTLS_ENTROPY_MIN_HARDCLOCK +#define ENTROPY_MIN_HAVEGE MBEDTLS_ENTROPY_MIN_HAVEGE +#define ENTROPY_MIN_PLATFORM MBEDTLS_ENTROPY_MIN_PLATFORM +#define ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_SOURCE_MANUAL +#define EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER +#define EXT_BASIC_CONSTRAINTS MBEDTLS_X509_EXT_BASIC_CONSTRAINTS +#define EXT_CERTIFICATE_POLICIES MBEDTLS_X509_EXT_CERTIFICATE_POLICIES +#define EXT_CRL_DISTRIBUTION_POINTS MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS +#define EXT_EXTENDED_KEY_USAGE MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE +#define EXT_FRESHEST_CRL MBEDTLS_X509_EXT_FRESHEST_CRL +#define EXT_INIHIBIT_ANYPOLICY MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY +#define EXT_ISSUER_ALT_NAME MBEDTLS_X509_EXT_ISSUER_ALT_NAME +#define EXT_KEY_USAGE MBEDTLS_X509_EXT_KEY_USAGE +#define EXT_NAME_CONSTRAINTS MBEDTLS_X509_EXT_NAME_CONSTRAINTS +#define EXT_NS_CERT_TYPE MBEDTLS_X509_EXT_NS_CERT_TYPE +#define EXT_POLICY_CONSTRAINTS MBEDTLS_X509_EXT_POLICY_CONSTRAINTS +#define EXT_POLICY_MAPPINGS MBEDTLS_X509_EXT_POLICY_MAPPINGS +#define EXT_SUBJECT_ALT_NAME MBEDTLS_X509_EXT_SUBJECT_ALT_NAME +#define EXT_SUBJECT_DIRECTORY_ATTRS MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS +#define EXT_SUBJECT_KEY_IDENTIFIER MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER +#define GCM_DECRYPT MBEDTLS_GCM_DECRYPT +#define GCM_ENCRYPT MBEDTLS_GCM_ENCRYPT +#define KU_CRL_SIGN MBEDTLS_X509_KU_CRL_SIGN +#define KU_DATA_ENCIPHERMENT MBEDTLS_X509_KU_DATA_ENCIPHERMENT +#define KU_DIGITAL_SIGNATURE MBEDTLS_X509_KU_DIGITAL_SIGNATURE +#define KU_KEY_AGREEMENT MBEDTLS_X509_KU_KEY_AGREEMENT +#define KU_KEY_CERT_SIGN MBEDTLS_X509_KU_KEY_CERT_SIGN +#define KU_KEY_ENCIPHERMENT MBEDTLS_X509_KU_KEY_ENCIPHERMENT +#define KU_NON_REPUDIATION MBEDTLS_X509_KU_NON_REPUDIATION +#define LN_2_DIV_LN_10_SCALE100 MBEDTLS_LN_2_DIV_LN_10_SCALE100 +#define MD_CONTEXT_T_INIT MBEDTLS_MD_CONTEXT_T_INIT +#define MEMORY_VERIFY_ALLOC MBEDTLS_MEMORY_VERIFY_ALLOC +#define MEMORY_VERIFY_ALWAYS MBEDTLS_MEMORY_VERIFY_ALWAYS +#define MEMORY_VERIFY_FREE MBEDTLS_MEMORY_VERIFY_FREE +#define MEMORY_VERIFY_NONE MBEDTLS_MEMORY_VERIFY_NONE +#define MPI_CHK MBEDTLS_MPI_CHK +#define NET_PROTO_TCP MBEDTLS_NET_PROTO_TCP +#define NET_PROTO_UDP MBEDTLS_NET_PROTO_UDP +#define NS_CERT_TYPE_EMAIL MBEDTLS_X509_NS_CERT_TYPE_EMAIL +#define NS_CERT_TYPE_EMAIL_CA MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA +#define NS_CERT_TYPE_OBJECT_SIGNING MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING +#define NS_CERT_TYPE_OBJECT_SIGNING_CA MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA +#define NS_CERT_TYPE_RESERVED MBEDTLS_X509_NS_CERT_TYPE_RESERVED +#define NS_CERT_TYPE_SSL_CA MBEDTLS_X509_NS_CERT_TYPE_SSL_CA +#define NS_CERT_TYPE_SSL_CLIENT MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT +#define NS_CERT_TYPE_SSL_SERVER MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER +#define OID_ANSI_X9_62 MBEDTLS_OID_ANSI_X9_62 +#define OID_ANSI_X9_62_FIELD_TYPE MBEDTLS_OID_ANSI_X9_62_FIELD_TYPE +#define OID_ANSI_X9_62_PRIME_FIELD MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD +#define OID_ANSI_X9_62_SIG MBEDTLS_OID_ANSI_X9_62_SIG +#define OID_ANSI_X9_62_SIG_SHA2 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 +#define OID_ANY_EXTENDED_KEY_USAGE MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE +#define OID_AT MBEDTLS_OID_AT +#define OID_AT_CN MBEDTLS_OID_AT_CN +#define OID_AT_COUNTRY MBEDTLS_OID_AT_COUNTRY +#define OID_AT_DN_QUALIFIER MBEDTLS_OID_AT_DN_QUALIFIER +#define OID_AT_GENERATION_QUALIFIER MBEDTLS_OID_AT_GENERATION_QUALIFIER +#define OID_AT_GIVEN_NAME MBEDTLS_OID_AT_GIVEN_NAME +#define OID_AT_INITIALS MBEDTLS_OID_AT_INITIALS +#define OID_AT_LOCALITY MBEDTLS_OID_AT_LOCALITY +#define OID_AT_ORGANIZATION MBEDTLS_OID_AT_ORGANIZATION +#define OID_AT_ORG_UNIT MBEDTLS_OID_AT_ORG_UNIT +#define OID_AT_POSTAL_ADDRESS MBEDTLS_OID_AT_POSTAL_ADDRESS +#define OID_AT_POSTAL_CODE MBEDTLS_OID_AT_POSTAL_CODE +#define OID_AT_PSEUDONYM MBEDTLS_OID_AT_PSEUDONYM +#define OID_AT_SERIAL_NUMBER MBEDTLS_OID_AT_SERIAL_NUMBER +#define OID_AT_STATE MBEDTLS_OID_AT_STATE +#define OID_AT_SUR_NAME MBEDTLS_OID_AT_SUR_NAME +#define OID_AT_TITLE MBEDTLS_OID_AT_TITLE +#define OID_AT_UNIQUE_IDENTIFIER MBEDTLS_OID_AT_UNIQUE_IDENTIFIER +#define OID_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER +#define OID_BASIC_CONSTRAINTS MBEDTLS_OID_BASIC_CONSTRAINTS +#define OID_CERTICOM MBEDTLS_OID_CERTICOM +#define OID_CERTIFICATE_POLICIES MBEDTLS_OID_CERTIFICATE_POLICIES +#define OID_CLIENT_AUTH MBEDTLS_OID_CLIENT_AUTH +#define OID_CMP MBEDTLS_OID_CMP +#define OID_CODE_SIGNING MBEDTLS_OID_CODE_SIGNING +#define OID_COUNTRY_US MBEDTLS_OID_COUNTRY_US +#define OID_CRL_DISTRIBUTION_POINTS MBEDTLS_OID_CRL_DISTRIBUTION_POINTS +#define OID_CRL_NUMBER MBEDTLS_OID_CRL_NUMBER +#define OID_DES_CBC MBEDTLS_OID_DES_CBC +#define OID_DES_EDE3_CBC MBEDTLS_OID_DES_EDE3_CBC +#define OID_DIGEST_ALG_MD2 MBEDTLS_OID_DIGEST_ALG_MD2 +#define OID_DIGEST_ALG_MD4 MBEDTLS_OID_DIGEST_ALG_MD4 +#define OID_DIGEST_ALG_MD5 MBEDTLS_OID_DIGEST_ALG_MD5 +#define OID_DIGEST_ALG_SHA1 MBEDTLS_OID_DIGEST_ALG_SHA1 +#define OID_DIGEST_ALG_SHA224 MBEDTLS_OID_DIGEST_ALG_SHA224 +#define OID_DIGEST_ALG_SHA256 MBEDTLS_OID_DIGEST_ALG_SHA256 +#define OID_DIGEST_ALG_SHA384 MBEDTLS_OID_DIGEST_ALG_SHA384 +#define OID_DIGEST_ALG_SHA512 MBEDTLS_OID_DIGEST_ALG_SHA512 +#define OID_DOMAIN_COMPONENT MBEDTLS_OID_DOMAIN_COMPONENT +#define OID_ECDSA_SHA1 MBEDTLS_OID_ECDSA_SHA1 +#define OID_ECDSA_SHA224 MBEDTLS_OID_ECDSA_SHA224 +#define OID_ECDSA_SHA256 MBEDTLS_OID_ECDSA_SHA256 +#define OID_ECDSA_SHA384 MBEDTLS_OID_ECDSA_SHA384 +#define OID_ECDSA_SHA512 MBEDTLS_OID_ECDSA_SHA512 +#define OID_EC_ALG_ECDH MBEDTLS_OID_EC_ALG_ECDH +#define OID_EC_ALG_UNRESTRICTED MBEDTLS_OID_EC_ALG_UNRESTRICTED +#define OID_EC_BRAINPOOL_V1 MBEDTLS_OID_EC_BRAINPOOL_V1 +#define OID_EC_GRP_BP256R1 MBEDTLS_OID_EC_GRP_BP256R1 +#define OID_EC_GRP_BP384R1 MBEDTLS_OID_EC_GRP_BP384R1 +#define OID_EC_GRP_BP512R1 MBEDTLS_OID_EC_GRP_BP512R1 +#define OID_EC_GRP_SECP192K1 MBEDTLS_OID_EC_GRP_SECP192K1 +#define OID_EC_GRP_SECP192R1 MBEDTLS_OID_EC_GRP_SECP192R1 +#define OID_EC_GRP_SECP224K1 MBEDTLS_OID_EC_GRP_SECP224K1 +#define OID_EC_GRP_SECP224R1 MBEDTLS_OID_EC_GRP_SECP224R1 +#define OID_EC_GRP_SECP256K1 MBEDTLS_OID_EC_GRP_SECP256K1 +#define OID_EC_GRP_SECP256R1 MBEDTLS_OID_EC_GRP_SECP256R1 +#define OID_EC_GRP_SECP384R1 MBEDTLS_OID_EC_GRP_SECP384R1 +#define OID_EC_GRP_SECP521R1 MBEDTLS_OID_EC_GRP_SECP521R1 +#define OID_EMAIL_PROTECTION MBEDTLS_OID_EMAIL_PROTECTION +#define OID_EXTENDED_KEY_USAGE MBEDTLS_OID_EXTENDED_KEY_USAGE +#define OID_FRESHEST_CRL MBEDTLS_OID_FRESHEST_CRL +#define OID_GOV MBEDTLS_OID_GOV +#define OID_HMAC_SHA1 MBEDTLS_OID_HMAC_SHA1 +#define OID_ID_CE MBEDTLS_OID_ID_CE +#define OID_INIHIBIT_ANYPOLICY MBEDTLS_OID_INIHIBIT_ANYPOLICY +#define OID_ISO_CCITT_DS MBEDTLS_OID_ISO_CCITT_DS +#define OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ISO_IDENTIFIED_ORG +#define OID_ISO_ITU_COUNTRY MBEDTLS_OID_ISO_ITU_COUNTRY +#define OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_US_ORG +#define OID_ISO_MEMBER_BODIES MBEDTLS_OID_ISO_MEMBER_BODIES +#define OID_ISSUER_ALT_NAME MBEDTLS_OID_ISSUER_ALT_NAME +#define OID_KEY_USAGE MBEDTLS_OID_KEY_USAGE +#define OID_KP MBEDTLS_OID_KP +#define OID_MGF1 MBEDTLS_OID_MGF1 +#define OID_NAME_CONSTRAINTS MBEDTLS_OID_NAME_CONSTRAINTS +#define OID_NETSCAPE MBEDTLS_OID_NETSCAPE +#define OID_NS_BASE_URL MBEDTLS_OID_NS_BASE_URL +#define OID_NS_CA_POLICY_URL MBEDTLS_OID_NS_CA_POLICY_URL +#define OID_NS_CA_REVOCATION_URL MBEDTLS_OID_NS_CA_REVOCATION_URL +#define OID_NS_CERT MBEDTLS_OID_NS_CERT +#define OID_NS_CERT_SEQUENCE MBEDTLS_OID_NS_CERT_SEQUENCE +#define OID_NS_CERT_TYPE MBEDTLS_OID_NS_CERT_TYPE +#define OID_NS_COMMENT MBEDTLS_OID_NS_COMMENT +#define OID_NS_DATA_TYPE MBEDTLS_OID_NS_DATA_TYPE +#define OID_NS_RENEWAL_URL MBEDTLS_OID_NS_RENEWAL_URL +#define OID_NS_REVOCATION_URL MBEDTLS_OID_NS_REVOCATION_URL +#define OID_NS_SSL_SERVER_NAME MBEDTLS_OID_NS_SSL_SERVER_NAME +#define OID_OCSP_SIGNING MBEDTLS_OID_OCSP_SIGNING +#define OID_OIW_SECSIG MBEDTLS_OID_OIW_SECSIG +#define OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG_ALG +#define OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_SHA1 +#define OID_ORGANIZATION MBEDTLS_OID_ORGANIZATION +#define OID_ORG_ANSI_X9_62 MBEDTLS_OID_ORG_ANSI_X9_62 +#define OID_ORG_CERTICOM MBEDTLS_OID_ORG_CERTICOM +#define OID_ORG_DOD MBEDTLS_OID_ORG_DOD +#define OID_ORG_GOV MBEDTLS_OID_ORG_GOV +#define OID_ORG_NETSCAPE MBEDTLS_OID_ORG_NETSCAPE +#define OID_ORG_OIW MBEDTLS_OID_ORG_OIW +#define OID_ORG_RSA_DATA_SECURITY MBEDTLS_OID_ORG_RSA_DATA_SECURITY +#define OID_ORG_TELETRUST MBEDTLS_OID_ORG_TELETRUST +#define OID_PKCS MBEDTLS_OID_PKCS +#define OID_PKCS1 MBEDTLS_OID_PKCS1 +#define OID_PKCS12 MBEDTLS_OID_PKCS12 +#define OID_PKCS12_PBE MBEDTLS_OID_PKCS12_PBE +#define OID_PKCS12_PBE_SHA1_DES2_EDE_CBC MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC +#define OID_PKCS12_PBE_SHA1_DES3_EDE_CBC MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC +#define OID_PKCS12_PBE_SHA1_RC2_128_CBC MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_128_CBC +#define OID_PKCS12_PBE_SHA1_RC2_40_CBC MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_40_CBC +#define OID_PKCS12_PBE_SHA1_RC4_128 MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128 +#define OID_PKCS12_PBE_SHA1_RC4_40 MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_40 +#define OID_PKCS1_MD2 MBEDTLS_OID_PKCS1_MD2 +#define OID_PKCS1_MD4 MBEDTLS_OID_PKCS1_MD4 +#define OID_PKCS1_MD5 MBEDTLS_OID_PKCS1_MD5 +#define OID_PKCS1_RSA MBEDTLS_OID_PKCS1_RSA +#define OID_PKCS1_SHA1 MBEDTLS_OID_PKCS1_SHA1 +#define OID_PKCS1_SHA224 MBEDTLS_OID_PKCS1_SHA224 +#define OID_PKCS1_SHA256 MBEDTLS_OID_PKCS1_SHA256 +#define OID_PKCS1_SHA384 MBEDTLS_OID_PKCS1_SHA384 +#define OID_PKCS1_SHA512 MBEDTLS_OID_PKCS1_SHA512 +#define OID_PKCS5 MBEDTLS_OID_PKCS5 +#define OID_PKCS5_PBES2 MBEDTLS_OID_PKCS5_PBES2 +#define OID_PKCS5_PBE_MD2_DES_CBC MBEDTLS_OID_PKCS5_PBE_MD2_DES_CBC +#define OID_PKCS5_PBE_MD2_RC2_CBC MBEDTLS_OID_PKCS5_PBE_MD2_RC2_CBC +#define OID_PKCS5_PBE_MD5_DES_CBC MBEDTLS_OID_PKCS5_PBE_MD5_DES_CBC +#define OID_PKCS5_PBE_MD5_RC2_CBC MBEDTLS_OID_PKCS5_PBE_MD5_RC2_CBC +#define OID_PKCS5_PBE_SHA1_DES_CBC MBEDTLS_OID_PKCS5_PBE_SHA1_DES_CBC +#define OID_PKCS5_PBE_SHA1_RC2_CBC MBEDTLS_OID_PKCS5_PBE_SHA1_RC2_CBC +#define OID_PKCS5_PBKDF2 MBEDTLS_OID_PKCS5_PBKDF2 +#define OID_PKCS5_PBMAC1 MBEDTLS_OID_PKCS5_PBMAC1 +#define OID_PKCS9 MBEDTLS_OID_PKCS9 +#define OID_PKCS9_CSR_EXT_REQ MBEDTLS_OID_PKCS9_CSR_EXT_REQ +#define OID_PKCS9_EMAIL MBEDTLS_OID_PKCS9_EMAIL +#define OID_PKIX MBEDTLS_OID_PKIX +#define OID_POLICY_CONSTRAINTS MBEDTLS_OID_POLICY_CONSTRAINTS +#define OID_POLICY_MAPPINGS MBEDTLS_OID_POLICY_MAPPINGS +#define OID_PRIVATE_KEY_USAGE_PERIOD MBEDTLS_OID_PRIVATE_KEY_USAGE_PERIOD +#define OID_RSASSA_PSS MBEDTLS_OID_RSASSA_PSS +#define OID_RSA_COMPANY MBEDTLS_OID_RSA_COMPANY +#define OID_RSA_SHA_OBS MBEDTLS_OID_RSA_SHA_OBS +#define OID_SERVER_AUTH MBEDTLS_OID_SERVER_AUTH +#define OID_SIZE MBEDTLS_OID_SIZE +#define OID_SUBJECT_ALT_NAME MBEDTLS_OID_SUBJECT_ALT_NAME +#define OID_SUBJECT_DIRECTORY_ATTRS MBEDTLS_OID_SUBJECT_DIRECTORY_ATTRS +#define OID_SUBJECT_KEY_IDENTIFIER MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER +#define OID_TELETRUST MBEDTLS_OID_TELETRUST +#define OID_TIME_STAMPING MBEDTLS_OID_TIME_STAMPING +#define PADLOCK_ACE MBEDTLS_PADLOCK_ACE +#define PADLOCK_ALIGN16 MBEDTLS_PADLOCK_ALIGN16 +#define PADLOCK_PHE MBEDTLS_PADLOCK_PHE +#define PADLOCK_PMM MBEDTLS_PADLOCK_PMM +#define PADLOCK_RNG MBEDTLS_PADLOCK_RNG +#define PKCS12_DERIVE_IV MBEDTLS_PKCS12_DERIVE_IV +#define PKCS12_DERIVE_KEY MBEDTLS_PKCS12_DERIVE_KEY +#define PKCS12_DERIVE_MAC_KEY MBEDTLS_PKCS12_DERIVE_MAC_KEY +#define PKCS12_PBE_DECRYPT MBEDTLS_PKCS12_PBE_DECRYPT +#define PKCS12_PBE_ENCRYPT MBEDTLS_PKCS12_PBE_ENCRYPT +#define PKCS5_DECRYPT MBEDTLS_PKCS5_DECRYPT +#define PKCS5_ENCRYPT MBEDTLS_PKCS5_ENCRYPT +#define POLARSSL_AESNI_AES MBEDTLS_AESNI_AES +#define POLARSSL_AESNI_CLMUL MBEDTLS_AESNI_CLMUL +#define POLARSSL_AESNI_H MBEDTLS_AESNI_H +#define POLARSSL_AES_H MBEDTLS_AES_H +#define POLARSSL_ARC4_H MBEDTLS_ARC4_H +#define POLARSSL_ASN1_H MBEDTLS_ASN1_H +#define POLARSSL_ASN1_WRITE_H MBEDTLS_ASN1_WRITE_H +#define POLARSSL_BASE64_H MBEDTLS_BASE64_H +#define POLARSSL_BIGNUM_H MBEDTLS_BIGNUM_H +#define POLARSSL_BLOWFISH_H MBEDTLS_BLOWFISH_H +#define POLARSSL_BN_MUL_H MBEDTLS_BN_MUL_H +#define POLARSSL_CAMELLIA_H MBEDTLS_CAMELLIA_H +#define POLARSSL_CCM_H MBEDTLS_CCM_H +#define POLARSSL_CERTS_H MBEDTLS_CERTS_H +#define POLARSSL_CHECK_CONFIG_H MBEDTLS_CHECK_CONFIG_H +#define POLARSSL_CIPHERSUITE_NODTLS MBEDTLS_CIPHERSUITE_NODTLS +#define POLARSSL_CIPHERSUITE_SHORT_TAG MBEDTLS_CIPHERSUITE_SHORT_TAG +#define POLARSSL_CIPHERSUITE_WEAK MBEDTLS_CIPHERSUITE_WEAK +#define POLARSSL_CIPHER_AES_128_CBC MBEDTLS_CIPHER_AES_128_CBC +#define POLARSSL_CIPHER_AES_128_CCM MBEDTLS_CIPHER_AES_128_CCM +#define POLARSSL_CIPHER_AES_128_CFB128 MBEDTLS_CIPHER_AES_128_CFB128 +#define POLARSSL_CIPHER_AES_128_CTR MBEDTLS_CIPHER_AES_128_CTR +#define POLARSSL_CIPHER_AES_128_ECB MBEDTLS_CIPHER_AES_128_ECB +#define POLARSSL_CIPHER_AES_128_GCM MBEDTLS_CIPHER_AES_128_GCM +#define POLARSSL_CIPHER_AES_192_CBC MBEDTLS_CIPHER_AES_192_CBC +#define POLARSSL_CIPHER_AES_192_CCM MBEDTLS_CIPHER_AES_192_CCM +#define POLARSSL_CIPHER_AES_192_CFB128 MBEDTLS_CIPHER_AES_192_CFB128 +#define POLARSSL_CIPHER_AES_192_CTR MBEDTLS_CIPHER_AES_192_CTR +#define POLARSSL_CIPHER_AES_192_ECB MBEDTLS_CIPHER_AES_192_ECB +#define POLARSSL_CIPHER_AES_192_GCM MBEDTLS_CIPHER_AES_192_GCM +#define POLARSSL_CIPHER_AES_256_CBC MBEDTLS_CIPHER_AES_256_CBC +#define POLARSSL_CIPHER_AES_256_CCM MBEDTLS_CIPHER_AES_256_CCM +#define POLARSSL_CIPHER_AES_256_CFB128 MBEDTLS_CIPHER_AES_256_CFB128 +#define POLARSSL_CIPHER_AES_256_CTR MBEDTLS_CIPHER_AES_256_CTR +#define POLARSSL_CIPHER_AES_256_ECB MBEDTLS_CIPHER_AES_256_ECB +#define POLARSSL_CIPHER_AES_256_GCM MBEDTLS_CIPHER_AES_256_GCM +#define POLARSSL_CIPHER_ARC4_128 MBEDTLS_CIPHER_ARC4_128 +#define POLARSSL_CIPHER_BLOWFISH_CBC MBEDTLS_CIPHER_BLOWFISH_CBC +#define POLARSSL_CIPHER_BLOWFISH_CFB64 MBEDTLS_CIPHER_BLOWFISH_CFB64 +#define POLARSSL_CIPHER_BLOWFISH_CTR MBEDTLS_CIPHER_BLOWFISH_CTR +#define POLARSSL_CIPHER_BLOWFISH_ECB MBEDTLS_CIPHER_BLOWFISH_ECB +#define POLARSSL_CIPHER_CAMELLIA_128_CBC MBEDTLS_CIPHER_CAMELLIA_128_CBC +#define POLARSSL_CIPHER_CAMELLIA_128_CCM MBEDTLS_CIPHER_CAMELLIA_128_CCM +#define POLARSSL_CIPHER_CAMELLIA_128_CFB128 MBEDTLS_CIPHER_CAMELLIA_128_CFB128 +#define POLARSSL_CIPHER_CAMELLIA_128_CTR MBEDTLS_CIPHER_CAMELLIA_128_CTR +#define POLARSSL_CIPHER_CAMELLIA_128_ECB MBEDTLS_CIPHER_CAMELLIA_128_ECB +#define POLARSSL_CIPHER_CAMELLIA_128_GCM MBEDTLS_CIPHER_CAMELLIA_128_GCM +#define POLARSSL_CIPHER_CAMELLIA_192_CBC MBEDTLS_CIPHER_CAMELLIA_192_CBC +#define POLARSSL_CIPHER_CAMELLIA_192_CCM MBEDTLS_CIPHER_CAMELLIA_192_CCM +#define POLARSSL_CIPHER_CAMELLIA_192_CFB128 MBEDTLS_CIPHER_CAMELLIA_192_CFB128 +#define POLARSSL_CIPHER_CAMELLIA_192_CTR MBEDTLS_CIPHER_CAMELLIA_192_CTR +#define POLARSSL_CIPHER_CAMELLIA_192_ECB MBEDTLS_CIPHER_CAMELLIA_192_ECB +#define POLARSSL_CIPHER_CAMELLIA_192_GCM MBEDTLS_CIPHER_CAMELLIA_192_GCM +#define POLARSSL_CIPHER_CAMELLIA_256_CBC MBEDTLS_CIPHER_CAMELLIA_256_CBC +#define POLARSSL_CIPHER_CAMELLIA_256_CCM MBEDTLS_CIPHER_CAMELLIA_256_CCM +#define POLARSSL_CIPHER_CAMELLIA_256_CFB128 MBEDTLS_CIPHER_CAMELLIA_256_CFB128 +#define POLARSSL_CIPHER_CAMELLIA_256_CTR MBEDTLS_CIPHER_CAMELLIA_256_CTR +#define POLARSSL_CIPHER_CAMELLIA_256_ECB MBEDTLS_CIPHER_CAMELLIA_256_ECB +#define POLARSSL_CIPHER_CAMELLIA_256_GCM MBEDTLS_CIPHER_CAMELLIA_256_GCM +#define POLARSSL_CIPHER_DES_CBC MBEDTLS_CIPHER_DES_CBC +#define POLARSSL_CIPHER_DES_ECB MBEDTLS_CIPHER_DES_ECB +#define POLARSSL_CIPHER_DES_EDE3_CBC MBEDTLS_CIPHER_DES_EDE3_CBC +#define POLARSSL_CIPHER_DES_EDE3_ECB MBEDTLS_CIPHER_DES_EDE3_ECB +#define POLARSSL_CIPHER_DES_EDE_CBC MBEDTLS_CIPHER_DES_EDE_CBC +#define POLARSSL_CIPHER_DES_EDE_ECB MBEDTLS_CIPHER_DES_EDE_ECB +#define POLARSSL_CIPHER_H MBEDTLS_CIPHER_H +#define POLARSSL_CIPHER_ID_3DES MBEDTLS_CIPHER_ID_3DES +#define POLARSSL_CIPHER_ID_AES MBEDTLS_CIPHER_ID_AES +#define POLARSSL_CIPHER_ID_ARC4 MBEDTLS_CIPHER_ID_ARC4 +#define POLARSSL_CIPHER_ID_BLOWFISH MBEDTLS_CIPHER_ID_BLOWFISH +#define POLARSSL_CIPHER_ID_CAMELLIA MBEDTLS_CIPHER_ID_CAMELLIA +#define POLARSSL_CIPHER_ID_DES MBEDTLS_CIPHER_ID_DES +#define POLARSSL_CIPHER_ID_NONE MBEDTLS_CIPHER_ID_NONE +#define POLARSSL_CIPHER_ID_NULL MBEDTLS_CIPHER_ID_NULL +#define POLARSSL_CIPHER_MODE_AEAD MBEDTLS_CIPHER_MODE_AEAD +#define POLARSSL_CIPHER_MODE_STREAM MBEDTLS_CIPHER_MODE_STREAM +#define POLARSSL_CIPHER_MODE_WITH_PADDING MBEDTLS_CIPHER_MODE_WITH_PADDING +#define POLARSSL_CIPHER_NONE MBEDTLS_CIPHER_NONE +#define POLARSSL_CIPHER_NULL MBEDTLS_CIPHER_NULL +#define POLARSSL_CIPHER_VARIABLE_IV_LEN MBEDTLS_CIPHER_VARIABLE_IV_LEN +#define POLARSSL_CIPHER_VARIABLE_KEY_LEN MBEDTLS_CIPHER_VARIABLE_KEY_LEN +#define POLARSSL_CIPHER_WRAP_H MBEDTLS_CIPHER_WRAP_H +#define POLARSSL_CONFIG_H MBEDTLS_CONFIG_H +#define POLARSSL_CTR_DRBG_H MBEDTLS_CTR_DRBG_H +#define POLARSSL_DEBUG_H MBEDTLS_DEBUG_H +#define POLARSSL_DEBUG_LOG_FULL MBEDTLS_DEBUG_LOG_FULL +#define POLARSSL_DEBUG_LOG_RAW MBEDTLS_DEBUG_LOG_RAW +#define POLARSSL_DECRYPT MBEDTLS_DECRYPT +#define POLARSSL_DES_H MBEDTLS_DES_H +#define POLARSSL_DHM_H MBEDTLS_DHM_H +#define POLARSSL_DHM_RFC2409_MODP_1024_G MBEDTLS_DHM_RFC2409_MODP_1024_G +#define POLARSSL_DHM_RFC2409_MODP_1024_P MBEDTLS_DHM_RFC2409_MODP_1024_P +#define POLARSSL_DHM_RFC3526_MODP_2048_G MBEDTLS_DHM_RFC3526_MODP_2048_G +#define POLARSSL_DHM_RFC3526_MODP_2048_P MBEDTLS_DHM_RFC3526_MODP_2048_P +#define POLARSSL_DHM_RFC3526_MODP_3072_G MBEDTLS_DHM_RFC3526_MODP_3072_G +#define POLARSSL_DHM_RFC3526_MODP_3072_P MBEDTLS_DHM_RFC3526_MODP_3072_P +#define POLARSSL_DHM_RFC5114_MODP_1024_G MBEDTLS_DHM_RFC5114_MODP_1024_G +#define POLARSSL_DHM_RFC5114_MODP_1024_P MBEDTLS_DHM_RFC5114_MODP_1024_P +#define POLARSSL_DHM_RFC5114_MODP_2048_G MBEDTLS_DHM_RFC5114_MODP_2048_G +#define POLARSSL_DHM_RFC5114_MODP_2048_P MBEDTLS_DHM_RFC5114_MODP_2048_P +#define POLARSSL_ECDH_H MBEDTLS_ECDH_H +#define POLARSSL_ECDH_OURS MBEDTLS_ECDH_OURS +#define POLARSSL_ECDH_THEIRS MBEDTLS_ECDH_THEIRS +#define POLARSSL_ECDSA_H MBEDTLS_ECDSA_H +#define POLARSSL_ECP_DP_BP256R1 MBEDTLS_ECP_DP_BP256R1 +#define POLARSSL_ECP_DP_BP384R1 MBEDTLS_ECP_DP_BP384R1 +#define POLARSSL_ECP_DP_BP512R1 MBEDTLS_ECP_DP_BP512R1 +#define POLARSSL_ECP_DP_M255 MBEDTLS_ECP_DP_CURVE25519 +#define POLARSSL_ECP_DP_MAX MBEDTLS_ECP_DP_MAX +#define POLARSSL_ECP_DP_NONE MBEDTLS_ECP_DP_NONE +#define POLARSSL_ECP_DP_SECP192K1 MBEDTLS_ECP_DP_SECP192K1 +#define POLARSSL_ECP_DP_SECP192R1 MBEDTLS_ECP_DP_SECP192R1 +#define POLARSSL_ECP_DP_SECP224K1 MBEDTLS_ECP_DP_SECP224K1 +#define POLARSSL_ECP_DP_SECP224R1 MBEDTLS_ECP_DP_SECP224R1 +#define POLARSSL_ECP_DP_SECP256K1 MBEDTLS_ECP_DP_SECP256K1 +#define POLARSSL_ECP_DP_SECP256R1 MBEDTLS_ECP_DP_SECP256R1 +#define POLARSSL_ECP_DP_SECP384R1 MBEDTLS_ECP_DP_SECP384R1 +#define POLARSSL_ECP_DP_SECP521R1 MBEDTLS_ECP_DP_SECP521R1 +#define POLARSSL_ECP_H MBEDTLS_ECP_H +#define POLARSSL_ECP_MAX_BYTES MBEDTLS_ECP_MAX_BYTES +#define POLARSSL_ECP_MAX_PT_LEN MBEDTLS_ECP_MAX_PT_LEN +#define POLARSSL_ECP_PF_COMPRESSED MBEDTLS_ECP_PF_COMPRESSED +#define POLARSSL_ECP_PF_UNCOMPRESSED MBEDTLS_ECP_PF_UNCOMPRESSED +#define POLARSSL_ECP_TLS_NAMED_CURVE MBEDTLS_ECP_TLS_NAMED_CURVE +#define POLARSSL_ENCRYPT MBEDTLS_ENCRYPT +#define POLARSSL_ENTROPY_H MBEDTLS_ENTROPY_H +#define POLARSSL_ENTROPY_POLL_H MBEDTLS_ENTROPY_POLL_H +#define POLARSSL_ENTROPY_SHA256_ACCUMULATOR MBEDTLS_ENTROPY_SHA256_ACCUMULATOR +#define POLARSSL_ENTROPY_SHA512_ACCUMULATOR MBEDTLS_ENTROPY_SHA512_ACCUMULATOR +#define POLARSSL_ERROR_H MBEDTLS_ERROR_H +#define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH +#define POLARSSL_ERR_AES_INVALID_KEY_LENGTH MBEDTLS_ERR_AES_INVALID_KEY_LENGTH +#define POLARSSL_ERR_ASN1_BUF_TOO_SMALL MBEDTLS_ERR_ASN1_BUF_TOO_SMALL +#define POLARSSL_ERR_ASN1_INVALID_DATA MBEDTLS_ERR_ASN1_INVALID_DATA +#define POLARSSL_ERR_ASN1_INVALID_LENGTH MBEDTLS_ERR_ASN1_INVALID_LENGTH +#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +#define POLARSSL_ERR_ASN1_MALLOC_FAILED MBEDTLS_ERR_ASN1_ALLOC_FAILED +#define POLARSSL_ERR_ASN1_OUT_OF_DATA MBEDTLS_ERR_ASN1_OUT_OF_DATA +#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL +#define POLARSSL_ERR_BASE64_INVALID_CHARACTER MBEDTLS_ERR_BASE64_INVALID_CHARACTER +#define POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH +#define POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH +#define POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH +#define POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH +#define POLARSSL_ERR_CCM_AUTH_FAILED MBEDTLS_ERR_CCM_AUTH_FAILED +#define POLARSSL_ERR_CCM_BAD_INPUT MBEDTLS_ERR_CCM_BAD_INPUT +#define POLARSSL_ERR_CIPHER_ALLOC_FAILED MBEDTLS_ERR_CIPHER_ALLOC_FAILED +#define POLARSSL_ERR_CIPHER_AUTH_FAILED MBEDTLS_ERR_CIPHER_AUTH_FAILED +#define POLARSSL_ERR_CIPHER_BAD_INPUT_DATA MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA +#define POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE +#define POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED +#define POLARSSL_ERR_CIPHER_INVALID_PADDING MBEDTLS_ERR_CIPHER_INVALID_PADDING +#define POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED +#define POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR +#define POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG +#define POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG +#define POLARSSL_ERR_DES_INVALID_INPUT_LENGTH MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH +#define POLARSSL_ERR_DHM_BAD_INPUT_DATA MBEDTLS_ERR_DHM_BAD_INPUT_DATA +#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED MBEDTLS_ERR_DHM_CALC_SECRET_FAILED +#define POLARSSL_ERR_DHM_FILE_IO_ERROR MBEDTLS_ERR_DHM_FILE_IO_ERROR +#define POLARSSL_ERR_DHM_INVALID_FORMAT MBEDTLS_ERR_DHM_INVALID_FORMAT +#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED +#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED +#define POLARSSL_ERR_DHM_MALLOC_FAILED MBEDTLS_ERR_DHM_ALLOC_FAILED +#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED MBEDTLS_ERR_DHM_READ_PARAMS_FAILED +#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED +#define POLARSSL_ERR_ECP_BAD_INPUT_DATA MBEDTLS_ERR_ECP_BAD_INPUT_DATA +#define POLARSSL_ERR_ECP_BUFFER_TOO_SMALL MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL +#define POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE +#define POLARSSL_ERR_ECP_INVALID_KEY MBEDTLS_ERR_ECP_INVALID_KEY +#define POLARSSL_ERR_ECP_MALLOC_FAILED MBEDTLS_ERR_ECP_ALLOC_FAILED +#define POLARSSL_ERR_ECP_RANDOM_FAILED MBEDTLS_ERR_ECP_RANDOM_FAILED +#define POLARSSL_ERR_ECP_SIG_LEN_MISMATCH MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH +#define POLARSSL_ERR_ECP_VERIFY_FAILED MBEDTLS_ERR_ECP_VERIFY_FAILED +#define POLARSSL_ERR_ENTROPY_FILE_IO_ERROR MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR +#define POLARSSL_ERR_ENTROPY_MAX_SOURCES MBEDTLS_ERR_ENTROPY_MAX_SOURCES +#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED +#define POLARSSL_ERR_ENTROPY_SOURCE_FAILED MBEDTLS_ERR_ENTROPY_SOURCE_FAILED +#define POLARSSL_ERR_GCM_AUTH_FAILED MBEDTLS_ERR_GCM_AUTH_FAILED +#define POLARSSL_ERR_GCM_BAD_INPUT MBEDTLS_ERR_GCM_BAD_INPUT +#define POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED +#define POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR +#define POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG +#define POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG +#define POLARSSL_ERR_MD2_FILE_IO_ERROR MBEDTLS_ERR_MD2_FILE_IO_ERROR +#define POLARSSL_ERR_MD4_FILE_IO_ERROR MBEDTLS_ERR_MD4_FILE_IO_ERROR +#define POLARSSL_ERR_MD5_FILE_IO_ERROR MBEDTLS_ERR_MD5_FILE_IO_ERROR +#define POLARSSL_ERR_MD_ALLOC_FAILED MBEDTLS_ERR_MD_ALLOC_FAILED +#define POLARSSL_ERR_MD_BAD_INPUT_DATA MBEDTLS_ERR_MD_BAD_INPUT_DATA +#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE +#define POLARSSL_ERR_MD_FILE_IO_ERROR MBEDTLS_ERR_MD_FILE_IO_ERROR +#define POLARSSL_ERR_MPI_BAD_INPUT_DATA MBEDTLS_ERR_MPI_BAD_INPUT_DATA +#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL +#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO MBEDTLS_ERR_MPI_DIVISION_BY_ZERO +#define POLARSSL_ERR_MPI_FILE_IO_ERROR MBEDTLS_ERR_MPI_FILE_IO_ERROR +#define POLARSSL_ERR_MPI_INVALID_CHARACTER MBEDTLS_ERR_MPI_INVALID_CHARACTER +#define POLARSSL_ERR_MPI_MALLOC_FAILED MBEDTLS_ERR_MPI_ALLOC_FAILED +#define POLARSSL_ERR_MPI_NEGATIVE_VALUE MBEDTLS_ERR_MPI_NEGATIVE_VALUE +#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE MBEDTLS_ERR_MPI_NOT_ACCEPTABLE +#define POLARSSL_ERR_NET_ACCEPT_FAILED MBEDTLS_ERR_NET_ACCEPT_FAILED +#define POLARSSL_ERR_NET_BIND_FAILED MBEDTLS_ERR_NET_BIND_FAILED +#define POLARSSL_ERR_NET_CONNECT_FAILED MBEDTLS_ERR_NET_CONNECT_FAILED +#define POLARSSL_ERR_NET_CONN_RESET MBEDTLS_ERR_NET_CONN_RESET +#define POLARSSL_ERR_NET_LISTEN_FAILED MBEDTLS_ERR_NET_LISTEN_FAILED +#define POLARSSL_ERR_NET_RECV_FAILED MBEDTLS_ERR_NET_RECV_FAILED +#define POLARSSL_ERR_NET_SEND_FAILED MBEDTLS_ERR_NET_SEND_FAILED +#define POLARSSL_ERR_NET_SOCKET_FAILED MBEDTLS_ERR_NET_SOCKET_FAILED +#define POLARSSL_ERR_NET_TIMEOUT MBEDTLS_ERR_SSL_TIMEOUT +#define POLARSSL_ERR_NET_UNKNOWN_HOST MBEDTLS_ERR_NET_UNKNOWN_HOST +#define POLARSSL_ERR_NET_WANT_READ MBEDTLS_ERR_SSL_WANT_READ +#define POLARSSL_ERR_NET_WANT_WRITE MBEDTLS_ERR_SSL_WANT_WRITE +#define POLARSSL_ERR_OID_BUF_TOO_SMALL MBEDTLS_ERR_OID_BUF_TOO_SMALL +#define POLARSSL_ERR_OID_NOT_FOUND MBEDTLS_ERR_OID_NOT_FOUND +#define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED +#define POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA MBEDTLS_ERR_PBKDF2_BAD_INPUT_DATA +#define POLARSSL_ERR_PEM_BAD_INPUT_DATA MBEDTLS_ERR_PEM_BAD_INPUT_DATA +#define POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE +#define POLARSSL_ERR_PEM_INVALID_DATA MBEDTLS_ERR_PEM_INVALID_DATA +#define POLARSSL_ERR_PEM_INVALID_ENC_IV MBEDTLS_ERR_PEM_INVALID_ENC_IV +#define POLARSSL_ERR_PEM_MALLOC_FAILED MBEDTLS_ERR_PEM_ALLOC_FAILED +#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT +#define POLARSSL_ERR_PEM_PASSWORD_MISMATCH MBEDTLS_ERR_PEM_PASSWORD_MISMATCH +#define POLARSSL_ERR_PEM_PASSWORD_REQUIRED MBEDTLS_ERR_PEM_PASSWORD_REQUIRED +#define POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG +#define POLARSSL_ERR_PKCS12_BAD_INPUT_DATA MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA +#define POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE +#define POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH +#define POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +#define POLARSSL_ERR_PKCS5_BAD_INPUT_DATA MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA +#define POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE +#define POLARSSL_ERR_PKCS5_INVALID_FORMAT MBEDTLS_ERR_PKCS5_INVALID_FORMAT +#define POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH +#define POLARSSL_ERR_PK_BAD_INPUT_DATA MBEDTLS_ERR_PK_BAD_INPUT_DATA +#define POLARSSL_ERR_PK_FEATURE_UNAVAILABLE MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE +#define POLARSSL_ERR_PK_FILE_IO_ERROR MBEDTLS_ERR_PK_FILE_IO_ERROR +#define POLARSSL_ERR_PK_INVALID_ALG MBEDTLS_ERR_PK_INVALID_ALG +#define POLARSSL_ERR_PK_INVALID_PUBKEY MBEDTLS_ERR_PK_INVALID_PUBKEY +#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +#define POLARSSL_ERR_PK_KEY_INVALID_VERSION MBEDTLS_ERR_PK_KEY_INVALID_VERSION +#define POLARSSL_ERR_PK_MALLOC_FAILED MBEDTLS_ERR_PK_ALLOC_FAILED +#define POLARSSL_ERR_PK_PASSWORD_MISMATCH MBEDTLS_ERR_PK_PASSWORD_MISMATCH +#define POLARSSL_ERR_PK_PASSWORD_REQUIRED MBEDTLS_ERR_PK_PASSWORD_REQUIRED +#define POLARSSL_ERR_PK_SIG_LEN_MISMATCH MBEDTLS_ERR_PK_SIG_LEN_MISMATCH +#define POLARSSL_ERR_PK_TYPE_MISMATCH MBEDTLS_ERR_PK_TYPE_MISMATCH +#define POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE +#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG MBEDTLS_ERR_PK_UNKNOWN_PK_ALG +#define POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR MBEDTLS_ERR_RIPEMD160_FILE_IO_ERROR +#define POLARSSL_ERR_RSA_BAD_INPUT_DATA MBEDTLS_ERR_RSA_BAD_INPUT_DATA +#define POLARSSL_ERR_RSA_INVALID_PADDING MBEDTLS_ERR_RSA_INVALID_PADDING +#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +#define POLARSSL_ERR_RSA_KEY_GEN_FAILED MBEDTLS_ERR_RSA_KEY_GEN_FAILED +#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE +#define POLARSSL_ERR_RSA_PRIVATE_FAILED MBEDTLS_ERR_RSA_PRIVATE_FAILED +#define POLARSSL_ERR_RSA_PUBLIC_FAILED MBEDTLS_ERR_RSA_PUBLIC_FAILED +#define POLARSSL_ERR_RSA_RNG_FAILED MBEDTLS_ERR_RSA_RNG_FAILED +#define POLARSSL_ERR_RSA_VERIFY_FAILED MBEDTLS_ERR_RSA_VERIFY_FAILED +#define POLARSSL_ERR_SHA1_FILE_IO_ERROR MBEDTLS_ERR_SHA1_FILE_IO_ERROR +#define POLARSSL_ERR_SHA256_FILE_IO_ERROR MBEDTLS_ERR_SHA256_FILE_IO_ERROR +#define POLARSSL_ERR_SHA512_FILE_IO_ERROR MBEDTLS_ERR_SHA512_FILE_IO_ERROR +#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE +#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST +#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY +#define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC +#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO +#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE +#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS +#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP +#define POLARSSL_ERR_SSL_BAD_HS_FINISHED MBEDTLS_ERR_SSL_BAD_HS_FINISHED +#define POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET +#define POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION +#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO +#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE +#define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE +#define POLARSSL_ERR_SSL_BAD_INPUT_DATA MBEDTLS_ERR_SSL_BAD_INPUT_DATA +#define POLARSSL_ERR_SSL_BUFFER_TOO_SMALL MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL +#define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED +#define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED +#define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE +#define POLARSSL_ERR_SSL_COMPRESSION_FAILED MBEDTLS_ERR_SSL_COMPRESSION_FAILED +#define POLARSSL_ERR_SSL_CONN_EOF MBEDTLS_ERR_SSL_CONN_EOF +#define POLARSSL_ERR_SSL_COUNTER_WRAPPING MBEDTLS_ERR_SSL_COUNTER_WRAPPING +#define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE +#define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE +#define POLARSSL_ERR_SSL_HELLO_VERIFY_REQUIRED MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED +#define POLARSSL_ERR_SSL_HW_ACCEL_FAILED MBEDTLS_ERR_SSL_HW_ACCEL_FAILED +#define POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH +#define POLARSSL_ERR_SSL_INTERNAL_ERROR MBEDTLS_ERR_SSL_INTERNAL_ERROR +#define POLARSSL_ERR_SSL_INVALID_MAC MBEDTLS_ERR_SSL_INVALID_MAC +#define POLARSSL_ERR_SSL_INVALID_RECORD MBEDTLS_ERR_SSL_INVALID_RECORD +#define POLARSSL_ERR_SSL_MALLOC_FAILED MBEDTLS_ERR_SSL_ALLOC_FAILED +#define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN +#define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE +#define POLARSSL_ERR_SSL_NO_RNG MBEDTLS_ERR_SSL_NO_RNG +#define POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE +#define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY +#define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED +#define POLARSSL_ERR_SSL_PK_TYPE_MISMATCH MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH +#define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED +#define POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED +#define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE +#define POLARSSL_ERR_SSL_UNKNOWN_CIPHER MBEDTLS_ERR_SSL_UNKNOWN_CIPHER +#define POLARSSL_ERR_SSL_UNKNOWN_IDENTITY MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY +#define POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO +#define POLARSSL_ERR_THREADING_BAD_INPUT_DATA MBEDTLS_ERR_THREADING_BAD_INPUT_DATA +#define POLARSSL_ERR_THREADING_FEATURE_UNAVAILABLE MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE +#define POLARSSL_ERR_THREADING_MUTEX_ERROR MBEDTLS_ERR_THREADING_MUTEX_ERROR +#define POLARSSL_ERR_X509_BAD_INPUT_DATA MBEDTLS_ERR_X509_BAD_INPUT_DATA +#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT +#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED MBEDTLS_ERR_X509_CERT_VERIFY_FAILED +#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE +#define POLARSSL_ERR_X509_FILE_IO_ERROR MBEDTLS_ERR_X509_FILE_IO_ERROR +#define POLARSSL_ERR_X509_INVALID_ALG MBEDTLS_ERR_X509_INVALID_ALG +#define POLARSSL_ERR_X509_INVALID_DATE MBEDTLS_ERR_X509_INVALID_DATE +#define POLARSSL_ERR_X509_INVALID_EXTENSIONS MBEDTLS_ERR_X509_INVALID_EXTENSIONS +#define POLARSSL_ERR_X509_INVALID_FORMAT MBEDTLS_ERR_X509_INVALID_FORMAT +#define POLARSSL_ERR_X509_INVALID_NAME MBEDTLS_ERR_X509_INVALID_NAME +#define POLARSSL_ERR_X509_INVALID_SERIAL MBEDTLS_ERR_X509_INVALID_SERIAL +#define POLARSSL_ERR_X509_INVALID_SIGNATURE MBEDTLS_ERR_X509_INVALID_SIGNATURE +#define POLARSSL_ERR_X509_INVALID_VERSION MBEDTLS_ERR_X509_INVALID_VERSION +#define POLARSSL_ERR_X509_MALLOC_FAILED MBEDTLS_ERR_X509_ALLOC_FAILED +#define POLARSSL_ERR_X509_SIG_MISMATCH MBEDTLS_ERR_X509_SIG_MISMATCH +#define POLARSSL_ERR_X509_UNKNOWN_OID MBEDTLS_ERR_X509_UNKNOWN_OID +#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG +#define POLARSSL_ERR_X509_UNKNOWN_VERSION MBEDTLS_ERR_X509_UNKNOWN_VERSION +#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH +#define POLARSSL_GCM_H MBEDTLS_GCM_H +#define POLARSSL_HAVEGE_H MBEDTLS_HAVEGE_H +#define POLARSSL_HAVE_INT32 MBEDTLS_HAVE_INT32 +#define POLARSSL_HAVE_INT64 MBEDTLS_HAVE_INT64 +#define POLARSSL_HAVE_UDBL MBEDTLS_HAVE_UDBL +#define POLARSSL_HAVE_X86 MBEDTLS_HAVE_X86 +#define POLARSSL_HAVE_X86_64 MBEDTLS_HAVE_X86_64 +#define POLARSSL_HMAC_DRBG_H MBEDTLS_HMAC_DRBG_H +#define POLARSSL_HMAC_DRBG_PR_OFF MBEDTLS_HMAC_DRBG_PR_OFF +#define POLARSSL_HMAC_DRBG_PR_ON MBEDTLS_HMAC_DRBG_PR_ON +#define POLARSSL_KEY_EXCHANGE_DHE_PSK MBEDTLS_KEY_EXCHANGE_DHE_PSK +#define POLARSSL_KEY_EXCHANGE_DHE_RSA MBEDTLS_KEY_EXCHANGE_DHE_RSA +#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK MBEDTLS_KEY_EXCHANGE_ECDHE_PSK +#define POLARSSL_KEY_EXCHANGE_ECDHE_RSA MBEDTLS_KEY_EXCHANGE_ECDHE_RSA +#define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA +#define POLARSSL_KEY_EXCHANGE_ECDH_RSA MBEDTLS_KEY_EXCHANGE_ECDH_RSA +#define POLARSSL_KEY_EXCHANGE_NONE MBEDTLS_KEY_EXCHANGE_NONE +#define POLARSSL_KEY_EXCHANGE_PSK MBEDTLS_KEY_EXCHANGE_PSK +#define POLARSSL_KEY_EXCHANGE_RSA MBEDTLS_KEY_EXCHANGE_RSA +#define POLARSSL_KEY_EXCHANGE_RSA_PSK MBEDTLS_KEY_EXCHANGE_RSA_PSK +#define POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED +#define POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED +#define POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED +#define POLARSSL_KEY_LENGTH_DES MBEDTLS_KEY_LENGTH_DES +#define POLARSSL_KEY_LENGTH_DES_EDE MBEDTLS_KEY_LENGTH_DES_EDE +#define POLARSSL_KEY_LENGTH_DES_EDE3 MBEDTLS_KEY_LENGTH_DES_EDE3 +#define POLARSSL_KEY_LENGTH_NONE MBEDTLS_KEY_LENGTH_NONE +#define POLARSSL_MAX_BLOCK_LENGTH MBEDTLS_MAX_BLOCK_LENGTH +#define POLARSSL_MAX_IV_LENGTH MBEDTLS_MAX_IV_LENGTH +#define POLARSSL_MD2_H MBEDTLS_MD2_H +#define POLARSSL_MD4_H MBEDTLS_MD4_H +#define POLARSSL_MD5_H MBEDTLS_MD5_H +#define POLARSSL_MD_H MBEDTLS_MD_H +#define POLARSSL_MD_MAX_SIZE MBEDTLS_MD_MAX_SIZE +#define POLARSSL_MD_MD2 MBEDTLS_MD_MD2 +#define POLARSSL_MD_MD4 MBEDTLS_MD_MD4 +#define POLARSSL_MD_MD5 MBEDTLS_MD_MD5 +#define POLARSSL_MD_NONE MBEDTLS_MD_NONE +#define POLARSSL_MD_RIPEMD160 MBEDTLS_MD_RIPEMD160 +#define POLARSSL_MD_SHA1 MBEDTLS_MD_SHA1 +#define POLARSSL_MD_SHA224 MBEDTLS_MD_SHA224 +#define POLARSSL_MD_SHA256 MBEDTLS_MD_SHA256 +#define POLARSSL_MD_SHA384 MBEDTLS_MD_SHA384 +#define POLARSSL_MD_SHA512 MBEDTLS_MD_SHA512 +#define POLARSSL_MD_WRAP_H MBEDTLS_MD_WRAP_H +#define POLARSSL_MEMORY_BUFFER_ALLOC_H MBEDTLS_MEMORY_BUFFER_ALLOC_H +#define POLARSSL_MEMORY_H MBEDTLS_MEMORY_H +#define POLARSSL_MODE_CBC MBEDTLS_MODE_CBC +#define POLARSSL_MODE_CCM MBEDTLS_MODE_CCM +#define POLARSSL_MODE_CFB MBEDTLS_MODE_CFB +#define POLARSSL_MODE_CTR MBEDTLS_MODE_CTR +#define POLARSSL_MODE_ECB MBEDTLS_MODE_ECB +#define POLARSSL_MODE_GCM MBEDTLS_MODE_GCM +#define POLARSSL_MODE_NONE MBEDTLS_MODE_NONE +#define POLARSSL_MODE_OFB MBEDTLS_MODE_OFB +#define POLARSSL_MODE_STREAM MBEDTLS_MODE_STREAM +#define POLARSSL_MPI_MAX_BITS MBEDTLS_MPI_MAX_BITS +#define POLARSSL_MPI_MAX_BITS_SCALE100 MBEDTLS_MPI_MAX_BITS_SCALE100 +#define POLARSSL_MPI_MAX_LIMBS MBEDTLS_MPI_MAX_LIMBS +#define POLARSSL_MPI_RW_BUFFER_SIZE MBEDTLS_MPI_RW_BUFFER_SIZE +#define POLARSSL_NET_H MBEDTLS_NET_H +#define POLARSSL_NET_LISTEN_BACKLOG MBEDTLS_NET_LISTEN_BACKLOG +#define POLARSSL_OID_H MBEDTLS_OID_H +#define POLARSSL_OPERATION_NONE MBEDTLS_OPERATION_NONE +#define POLARSSL_PADDING_NONE MBEDTLS_PADDING_NONE +#define POLARSSL_PADDING_ONE_AND_ZEROS MBEDTLS_PADDING_ONE_AND_ZEROS +#define POLARSSL_PADDING_PKCS7 MBEDTLS_PADDING_PKCS7 +#define POLARSSL_PADDING_ZEROS MBEDTLS_PADDING_ZEROS +#define POLARSSL_PADDING_ZEROS_AND_LEN MBEDTLS_PADDING_ZEROS_AND_LEN +#define POLARSSL_PADLOCK_H MBEDTLS_PADLOCK_H +#define POLARSSL_PBKDF2_H MBEDTLS_PBKDF2_H +#define POLARSSL_PEM_H MBEDTLS_PEM_H +#define POLARSSL_PKCS11_H MBEDTLS_PKCS11_H +#define POLARSSL_PKCS12_H MBEDTLS_PKCS12_H +#define POLARSSL_PKCS5_H MBEDTLS_PKCS5_H +#define POLARSSL_PK_DEBUG_ECP MBEDTLS_PK_DEBUG_ECP +#define POLARSSL_PK_DEBUG_MAX_ITEMS MBEDTLS_PK_DEBUG_MAX_ITEMS +#define POLARSSL_PK_DEBUG_MPI MBEDTLS_PK_DEBUG_MPI +#define POLARSSL_PK_DEBUG_NONE MBEDTLS_PK_DEBUG_NONE +#define POLARSSL_PK_ECDSA MBEDTLS_PK_ECDSA +#define POLARSSL_PK_ECKEY MBEDTLS_PK_ECKEY +#define POLARSSL_PK_ECKEY_DH MBEDTLS_PK_ECKEY_DH +#define POLARSSL_PK_H MBEDTLS_PK_H +#define POLARSSL_PK_NONE MBEDTLS_PK_NONE +#define POLARSSL_PK_RSA MBEDTLS_PK_RSA +#define POLARSSL_PK_RSASSA_PSS MBEDTLS_PK_RSASSA_PSS +#define POLARSSL_PK_RSA_ALT MBEDTLS_PK_RSA_ALT +#define POLARSSL_PK_WRAP_H MBEDTLS_PK_WRAP_H +#define POLARSSL_PLATFORM_H MBEDTLS_PLATFORM_H +#define POLARSSL_PREMASTER_SIZE MBEDTLS_PREMASTER_SIZE +#define POLARSSL_RIPEMD160_H MBEDTLS_RIPEMD160_H +#define POLARSSL_RSA_H MBEDTLS_RSA_H +#define POLARSSL_SHA1_H MBEDTLS_SHA1_H +#define POLARSSL_SHA256_H MBEDTLS_SHA256_H +#define POLARSSL_SHA512_H MBEDTLS_SHA512_H +#define POLARSSL_SSL_CACHE_H MBEDTLS_SSL_CACHE_H +#define POLARSSL_SSL_CIPHERSUITES_H MBEDTLS_SSL_CIPHERSUITES_H +#define POLARSSL_SSL_COOKIE_H MBEDTLS_SSL_COOKIE_H +#define POLARSSL_SSL_H MBEDTLS_SSL_H +#define POLARSSL_THREADING_H MBEDTLS_THREADING_H +#define POLARSSL_THREADING_IMPL MBEDTLS_THREADING_IMPL +#define POLARSSL_TIMING_H MBEDTLS_TIMING_H +#define POLARSSL_VERSION_H MBEDTLS_VERSION_H +#define POLARSSL_VERSION_MAJOR MBEDTLS_VERSION_MAJOR +#define POLARSSL_VERSION_MINOR MBEDTLS_VERSION_MINOR +#define POLARSSL_VERSION_NUMBER MBEDTLS_VERSION_NUMBER +#define POLARSSL_VERSION_PATCH MBEDTLS_VERSION_PATCH +#define POLARSSL_VERSION_STRING MBEDTLS_VERSION_STRING +#define POLARSSL_VERSION_STRING_FULL MBEDTLS_VERSION_STRING_FULL +#define POLARSSL_X509_CRL_H MBEDTLS_X509_CRL_H +#define POLARSSL_X509_CRT_H MBEDTLS_X509_CRT_H +#define POLARSSL_X509_CSR_H MBEDTLS_X509_CSR_H +#define POLARSSL_X509_H MBEDTLS_X509_H +#define POLARSSL_XTEA_H MBEDTLS_XTEA_H +#define RSA_CRYPT MBEDTLS_RSA_CRYPT +#define RSA_PKCS_V15 MBEDTLS_RSA_PKCS_V15 +#define RSA_PKCS_V21 MBEDTLS_RSA_PKCS_V21 +#define RSA_PRIVATE MBEDTLS_RSA_PRIVATE +#define RSA_PUBLIC MBEDTLS_RSA_PUBLIC +#define RSA_SALT_LEN_ANY MBEDTLS_RSA_SALT_LEN_ANY +#define RSA_SIGN MBEDTLS_RSA_SIGN +#define SSL_ALERT_LEVEL_FATAL MBEDTLS_SSL_ALERT_LEVEL_FATAL +#define SSL_ALERT_LEVEL_WARNING MBEDTLS_SSL_ALERT_LEVEL_WARNING +#define SSL_ALERT_MSG_ACCESS_DENIED MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED +#define SSL_ALERT_MSG_BAD_CERT MBEDTLS_SSL_ALERT_MSG_BAD_CERT +#define SSL_ALERT_MSG_BAD_RECORD_MAC MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC +#define SSL_ALERT_MSG_CERT_EXPIRED MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED +#define SSL_ALERT_MSG_CERT_REVOKED MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED +#define SSL_ALERT_MSG_CERT_UNKNOWN MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN +#define SSL_ALERT_MSG_CLOSE_NOTIFY MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY +#define SSL_ALERT_MSG_DECODE_ERROR MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR +#define SSL_ALERT_MSG_DECOMPRESSION_FAILURE MBEDTLS_SSL_ALERT_MSG_DECOMPRESSION_FAILURE +#define SSL_ALERT_MSG_DECRYPTION_FAILED MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED +#define SSL_ALERT_MSG_DECRYPT_ERROR MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR +#define SSL_ALERT_MSG_EXPORT_RESTRICTION MBEDTLS_SSL_ALERT_MSG_EXPORT_RESTRICTION +#define SSL_ALERT_MSG_HANDSHAKE_FAILURE MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE +#define SSL_ALERT_MSG_ILLEGAL_PARAMETER MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER +#define SSL_ALERT_MSG_INAPROPRIATE_FALLBACK MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK +#define SSL_ALERT_MSG_INSUFFICIENT_SECURITY MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY +#define SSL_ALERT_MSG_INTERNAL_ERROR MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR +#define SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL +#define SSL_ALERT_MSG_NO_CERT MBEDTLS_SSL_ALERT_MSG_NO_CERT +#define SSL_ALERT_MSG_NO_RENEGOTIATION MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION +#define SSL_ALERT_MSG_PROTOCOL_VERSION MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION +#define SSL_ALERT_MSG_RECORD_OVERFLOW MBEDTLS_SSL_ALERT_MSG_RECORD_OVERFLOW +#define SSL_ALERT_MSG_UNEXPECTED_MESSAGE MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE +#define SSL_ALERT_MSG_UNKNOWN_CA MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA +#define SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY +#define SSL_ALERT_MSG_UNRECOGNIZED_NAME MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME +#define SSL_ALERT_MSG_UNSUPPORTED_CERT MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT +#define SSL_ALERT_MSG_UNSUPPORTED_EXT MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT +#define SSL_ALERT_MSG_USER_CANCELED MBEDTLS_SSL_ALERT_MSG_USER_CANCELED +#define SSL_ANTI_REPLAY_DISABLED MBEDTLS_SSL_ANTI_REPLAY_DISABLED +#define SSL_ANTI_REPLAY_ENABLED MBEDTLS_SSL_ANTI_REPLAY_ENABLED +#define SSL_ARC4_DISABLED MBEDTLS_SSL_ARC4_DISABLED +#define SSL_ARC4_ENABLED MBEDTLS_SSL_ARC4_ENABLED +#define SSL_BUFFER_LEN MBEDTLS_SSL_BUFFER_LEN +#define SSL_CACHE_DEFAULT_MAX_ENTRIES MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES +#define SSL_CACHE_DEFAULT_TIMEOUT MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT +#define SSL_CBC_RECORD_SPLITTING_DISABLED MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED +#define SSL_CBC_RECORD_SPLITTING_ENABLED MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED +#define SSL_CERTIFICATE_REQUEST MBEDTLS_SSL_CERTIFICATE_REQUEST +#define SSL_CERTIFICATE_VERIFY MBEDTLS_SSL_CERTIFICATE_VERIFY +#define SSL_CERT_TYPE_ECDSA_SIGN MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN +#define SSL_CERT_TYPE_RSA_SIGN MBEDTLS_SSL_CERT_TYPE_RSA_SIGN +#define SSL_CHANNEL_INBOUND MBEDTLS_SSL_CHANNEL_INBOUND +#define SSL_CHANNEL_OUTBOUND MBEDTLS_SSL_CHANNEL_OUTBOUND +#define SSL_CIPHERSUITES MBEDTLS_SSL_CIPHERSUITES +#define SSL_CLIENT_CERTIFICATE MBEDTLS_SSL_CLIENT_CERTIFICATE +#define SSL_CLIENT_CHANGE_CIPHER_SPEC MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC +#define SSL_CLIENT_FINISHED MBEDTLS_SSL_CLIENT_FINISHED +#define SSL_CLIENT_HELLO MBEDTLS_SSL_CLIENT_HELLO +#define SSL_CLIENT_KEY_EXCHANGE MBEDTLS_SSL_CLIENT_KEY_EXCHANGE +#define SSL_COMPRESSION_ADD MBEDTLS_SSL_COMPRESSION_ADD +#define SSL_COMPRESS_DEFLATE MBEDTLS_SSL_COMPRESS_DEFLATE +#define SSL_COMPRESS_NULL MBEDTLS_SSL_COMPRESS_NULL +#define SSL_DEBUG_BUF MBEDTLS_SSL_DEBUG_BUF +#define SSL_DEBUG_CRT MBEDTLS_SSL_DEBUG_CRT +#define SSL_DEBUG_ECP MBEDTLS_SSL_DEBUG_ECP +#define SSL_DEBUG_MPI MBEDTLS_SSL_DEBUG_MPI +#define SSL_DEBUG_MSG MBEDTLS_SSL_DEBUG_MSG +#define SSL_DEBUG_RET MBEDTLS_SSL_DEBUG_RET +#define SSL_DEFAULT_TICKET_LIFETIME MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME +#define SSL_DTLS_TIMEOUT_DFL_MAX MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX +#define SSL_DTLS_TIMEOUT_DFL_MIN MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN +#define SSL_EMPTY_RENEGOTIATION_INFO MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO +#define SSL_ETM_DISABLED MBEDTLS_SSL_ETM_DISABLED +#define SSL_ETM_ENABLED MBEDTLS_SSL_ETM_ENABLED +#define SSL_EXTENDED_MS_DISABLED MBEDTLS_SSL_EXTENDED_MS_DISABLED +#define SSL_EXTENDED_MS_ENABLED MBEDTLS_SSL_EXTENDED_MS_ENABLED +#define SSL_FALLBACK_SCSV MBEDTLS_SSL_FALLBACK_SCSV +#define SSL_FLUSH_BUFFERS MBEDTLS_SSL_FLUSH_BUFFERS +#define SSL_HANDSHAKE_OVER MBEDTLS_SSL_HANDSHAKE_OVER +#define SSL_HANDSHAKE_WRAPUP MBEDTLS_SSL_HANDSHAKE_WRAPUP +#define SSL_HASH_MD5 MBEDTLS_SSL_HASH_MD5 +#define SSL_HASH_NONE MBEDTLS_SSL_HASH_NONE +#define SSL_HASH_SHA1 MBEDTLS_SSL_HASH_SHA1 +#define SSL_HASH_SHA224 MBEDTLS_SSL_HASH_SHA224 +#define SSL_HASH_SHA256 MBEDTLS_SSL_HASH_SHA256 +#define SSL_HASH_SHA384 MBEDTLS_SSL_HASH_SHA384 +#define SSL_HASH_SHA512 MBEDTLS_SSL_HASH_SHA512 +#define SSL_HELLO_REQUEST MBEDTLS_SSL_HELLO_REQUEST +#define SSL_HS_CERTIFICATE MBEDTLS_SSL_HS_CERTIFICATE +#define SSL_HS_CERTIFICATE_REQUEST MBEDTLS_SSL_HS_CERTIFICATE_REQUEST +#define SSL_HS_CERTIFICATE_VERIFY MBEDTLS_SSL_HS_CERTIFICATE_VERIFY +#define SSL_HS_CLIENT_HELLO MBEDTLS_SSL_HS_CLIENT_HELLO +#define SSL_HS_CLIENT_KEY_EXCHANGE MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE +#define SSL_HS_FINISHED MBEDTLS_SSL_HS_FINISHED +#define SSL_HS_HELLO_REQUEST MBEDTLS_SSL_HS_HELLO_REQUEST +#define SSL_HS_HELLO_VERIFY_REQUEST MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST +#define SSL_HS_NEW_SESSION_TICKET MBEDTLS_SSL_HS_NEW_SESSION_TICKET +#define SSL_HS_SERVER_HELLO MBEDTLS_SSL_HS_SERVER_HELLO +#define SSL_HS_SERVER_HELLO_DONE MBEDTLS_SSL_HS_SERVER_HELLO_DONE +#define SSL_HS_SERVER_KEY_EXCHANGE MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE +#define SSL_INITIAL_HANDSHAKE MBEDTLS_SSL_INITIAL_HANDSHAKE +#define SSL_IS_CLIENT MBEDTLS_SSL_IS_CLIENT +#define SSL_IS_FALLBACK MBEDTLS_SSL_IS_FALLBACK +#define SSL_IS_NOT_FALLBACK MBEDTLS_SSL_IS_NOT_FALLBACK +#define SSL_IS_SERVER MBEDTLS_SSL_IS_SERVER +#define SSL_LEGACY_ALLOW_RENEGOTIATION MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION +#define SSL_LEGACY_BREAK_HANDSHAKE MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE +#define SSL_LEGACY_NO_RENEGOTIATION MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION +#define SSL_LEGACY_RENEGOTIATION MBEDTLS_SSL_LEGACY_RENEGOTIATION +#define SSL_MAC_ADD MBEDTLS_SSL_MAC_ADD +#define SSL_MAJOR_VERSION_3 MBEDTLS_SSL_MAJOR_VERSION_3 +#define SSL_MAX_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN +#define SSL_MAX_FRAG_LEN_1024 MBEDTLS_SSL_MAX_FRAG_LEN_1024 +#define SSL_MAX_FRAG_LEN_2048 MBEDTLS_SSL_MAX_FRAG_LEN_2048 +#define SSL_MAX_FRAG_LEN_4096 MBEDTLS_SSL_MAX_FRAG_LEN_4096 +#define SSL_MAX_FRAG_LEN_512 MBEDTLS_SSL_MAX_FRAG_LEN_512 +#define SSL_MAX_FRAG_LEN_INVALID MBEDTLS_SSL_MAX_FRAG_LEN_INVALID +#define SSL_MAX_FRAG_LEN_NONE MBEDTLS_SSL_MAX_FRAG_LEN_NONE +#define SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAX_MAJOR_VERSION +#define SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MAX_MINOR_VERSION +#define SSL_MINOR_VERSION_0 MBEDTLS_SSL_MINOR_VERSION_0 +#define SSL_MINOR_VERSION_1 MBEDTLS_SSL_MINOR_VERSION_1 +#define SSL_MINOR_VERSION_2 MBEDTLS_SSL_MINOR_VERSION_2 +#define SSL_MINOR_VERSION_3 MBEDTLS_SSL_MINOR_VERSION_3 +#define SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MIN_MAJOR_VERSION +#define SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MIN_MINOR_VERSION +#define SSL_MSG_ALERT MBEDTLS_SSL_MSG_ALERT +#define SSL_MSG_APPLICATION_DATA MBEDTLS_SSL_MSG_APPLICATION_DATA +#define SSL_MSG_CHANGE_CIPHER_SPEC MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC +#define SSL_MSG_HANDSHAKE MBEDTLS_SSL_MSG_HANDSHAKE +#define SSL_PADDING_ADD MBEDTLS_SSL_PADDING_ADD +#define SSL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION +#define SSL_RENEGOTIATION_DISABLED MBEDTLS_SSL_RENEGOTIATION_DISABLED +#define SSL_RENEGOTIATION_DONE MBEDTLS_SSL_RENEGOTIATION_DONE +#define SSL_RENEGOTIATION_ENABLED MBEDTLS_SSL_RENEGOTIATION_ENABLED +#define SSL_RENEGOTIATION_NOT_ENFORCED MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED +#define SSL_RENEGOTIATION_PENDING MBEDTLS_SSL_RENEGOTIATION_PENDING +#define SSL_RENEGO_MAX_RECORDS_DEFAULT MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT +#define SSL_RETRANS_FINISHED MBEDTLS_SSL_RETRANS_FINISHED +#define SSL_RETRANS_PREPARING MBEDTLS_SSL_RETRANS_PREPARING +#define SSL_RETRANS_SENDING MBEDTLS_SSL_RETRANS_SENDING +#define SSL_RETRANS_WAITING MBEDTLS_SSL_RETRANS_WAITING +#define SSL_SECURE_RENEGOTIATION MBEDTLS_SSL_SECURE_RENEGOTIATION +#define SSL_SERVER_CERTIFICATE MBEDTLS_SSL_SERVER_CERTIFICATE +#define SSL_SERVER_CHANGE_CIPHER_SPEC MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC +#define SSL_SERVER_FINISHED MBEDTLS_SSL_SERVER_FINISHED +#define SSL_SERVER_HELLO MBEDTLS_SSL_SERVER_HELLO +#define SSL_SERVER_HELLO_DONE MBEDTLS_SSL_SERVER_HELLO_DONE +#define SSL_SERVER_HELLO_VERIFY_REQUEST_SENT MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT +#define SSL_SERVER_KEY_EXCHANGE MBEDTLS_SSL_SERVER_KEY_EXCHANGE +#define SSL_SERVER_NEW_SESSION_TICKET MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET +#define SSL_SESSION_TICKETS_DISABLED MBEDTLS_SSL_SESSION_TICKETS_DISABLED +#define SSL_SESSION_TICKETS_ENABLED MBEDTLS_SSL_SESSION_TICKETS_ENABLED +#define SSL_SIG_ANON MBEDTLS_SSL_SIG_ANON +#define SSL_SIG_ECDSA MBEDTLS_SSL_SIG_ECDSA +#define SSL_SIG_RSA MBEDTLS_SSL_SIG_RSA +#define SSL_TRANSPORT_DATAGRAM MBEDTLS_SSL_TRANSPORT_DATAGRAM +#define SSL_TRANSPORT_STREAM MBEDTLS_SSL_TRANSPORT_STREAM +#define SSL_TRUNCATED_HMAC_LEN MBEDTLS_SSL_TRUNCATED_HMAC_LEN +#define SSL_TRUNC_HMAC_DISABLED MBEDTLS_SSL_TRUNC_HMAC_DISABLED +#define SSL_TRUNC_HMAC_ENABLED MBEDTLS_SSL_TRUNC_HMAC_ENABLED +#define SSL_VERIFY_DATA_MAX_LEN MBEDTLS_SSL_VERIFY_DATA_MAX_LEN +#define SSL_VERIFY_NONE MBEDTLS_SSL_VERIFY_NONE +#define SSL_VERIFY_OPTIONAL MBEDTLS_SSL_VERIFY_OPTIONAL +#define SSL_VERIFY_REQUIRED MBEDTLS_SSL_VERIFY_REQUIRED +#define TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA +#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA +#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 +#define TLS_DHE_PSK_WITH_AES_128_CCM MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM +#define TLS_DHE_PSK_WITH_AES_128_CCM_8 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 +#define TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 +#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA +#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 +#define TLS_DHE_PSK_WITH_AES_256_CCM MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM +#define TLS_DHE_PSK_WITH_AES_256_CCM_8 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 +#define TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 +#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_DHE_PSK_WITH_NULL_SHA MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA +#define TLS_DHE_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 +#define TLS_DHE_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 +#define TLS_DHE_PSK_WITH_RC4_128_SHA MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA +#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 +#define TLS_DHE_RSA_WITH_AES_128_CCM MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM +#define TLS_DHE_RSA_WITH_AES_128_CCM_8 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 +#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 +#define TLS_DHE_RSA_WITH_AES_256_CCM MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM +#define TLS_DHE_RSA_WITH_AES_256_CCM_8 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 +#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 +#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA +#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA +#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 +#define TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_DHE_RSA_WITH_DES_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA +#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA +#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA +#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 +#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM +#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 +#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 +#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA +#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 +#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM +#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 +#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_ECDHE_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA +#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA +#define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA +#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA +#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 +#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA +#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 +#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDHE_PSK_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA +#define TLS_ECDHE_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 +#define TLS_ECDHE_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 +#define TLS_ECDHE_PSK_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA +#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA +#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA +#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 +#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 +#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA +#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 +#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_ECDHE_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA +#define TLS_ECDHE_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA +#define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA +#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA +#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 +#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 +#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA +#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 +#define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_ECDH_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA +#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA +#define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA +#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA +#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 +#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 +#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA +#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 +#define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 +#define TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_ECDH_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA +#define TLS_ECDH_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA +#define TLS_EXT_ALPN MBEDTLS_TLS_EXT_ALPN +#define TLS_EXT_ENCRYPT_THEN_MAC MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC +#define TLS_EXT_EXTENDED_MASTER_SECRET MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET +#define TLS_EXT_MAX_FRAGMENT_LENGTH MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH +#define TLS_EXT_RENEGOTIATION_INFO MBEDTLS_TLS_EXT_RENEGOTIATION_INFO +#define TLS_EXT_SERVERNAME MBEDTLS_TLS_EXT_SERVERNAME +#define TLS_EXT_SERVERNAME_HOSTNAME MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME +#define TLS_EXT_SESSION_TICKET MBEDTLS_TLS_EXT_SESSION_TICKET +#define TLS_EXT_SIG_ALG MBEDTLS_TLS_EXT_SIG_ALG +#define TLS_EXT_SUPPORTED_ELLIPTIC_CURVES MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES +#define TLS_EXT_SUPPORTED_POINT_FORMATS MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS +#define TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT +#define TLS_EXT_TRUNCATED_HMAC MBEDTLS_TLS_EXT_TRUNCATED_HMAC +#define TLS_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA +#define TLS_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA +#define TLS_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 +#define TLS_PSK_WITH_AES_128_CCM MBEDTLS_TLS_PSK_WITH_AES_128_CCM +#define TLS_PSK_WITH_AES_128_CCM_8 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 +#define TLS_PSK_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 +#define TLS_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA +#define TLS_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 +#define TLS_PSK_WITH_AES_256_CCM MBEDTLS_TLS_PSK_WITH_AES_256_CCM +#define TLS_PSK_WITH_AES_256_CCM_8 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 +#define TLS_PSK_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 +#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_PSK_WITH_NULL_SHA MBEDTLS_TLS_PSK_WITH_NULL_SHA +#define TLS_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_PSK_WITH_NULL_SHA256 +#define TLS_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_PSK_WITH_NULL_SHA384 +#define TLS_PSK_WITH_RC4_128_SHA MBEDTLS_TLS_PSK_WITH_RC4_128_SHA +#define TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA +#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA +#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 +#define TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 +#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA +#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 +#define TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 +#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_RSA_PSK_WITH_NULL_SHA MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA +#define TLS_RSA_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 +#define TLS_RSA_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 +#define TLS_RSA_PSK_WITH_RC4_128_SHA MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA +#define TLS_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA +#define TLS_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA +#define TLS_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 +#define TLS_RSA_WITH_AES_128_CCM MBEDTLS_TLS_RSA_WITH_AES_128_CCM +#define TLS_RSA_WITH_AES_128_CCM_8 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 +#define TLS_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 +#define TLS_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA +#define TLS_RSA_WITH_AES_256_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 +#define TLS_RSA_WITH_AES_256_CCM MBEDTLS_TLS_RSA_WITH_AES_256_CCM +#define TLS_RSA_WITH_AES_256_CCM_8 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 +#define TLS_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 +#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA +#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA +#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 +#define TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_RSA_WITH_DES_CBC_SHA MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA +#define TLS_RSA_WITH_NULL_MD5 MBEDTLS_TLS_RSA_WITH_NULL_MD5 +#define TLS_RSA_WITH_NULL_SHA MBEDTLS_TLS_RSA_WITH_NULL_SHA +#define TLS_RSA_WITH_NULL_SHA256 MBEDTLS_TLS_RSA_WITH_NULL_SHA256 +#define TLS_RSA_WITH_RC4_128_MD5 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 +#define TLS_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_RSA_WITH_RC4_128_SHA +#define UL64 MBEDTLS_UL64 +#define X509_CRT_VERSION_1 MBEDTLS_X509_CRT_VERSION_1 +#define X509_CRT_VERSION_2 MBEDTLS_X509_CRT_VERSION_2 +#define X509_CRT_VERSION_3 MBEDTLS_X509_CRT_VERSION_3 +#define X509_FORMAT_DER MBEDTLS_X509_FORMAT_DER +#define X509_FORMAT_PEM MBEDTLS_X509_FORMAT_PEM +#define X509_MAX_DN_NAME_SIZE MBEDTLS_X509_MAX_DN_NAME_SIZE +#define X509_RFC5280_MAX_SERIAL_LEN MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN +#define X509_RFC5280_UTC_TIME_LEN MBEDTLS_X509_RFC5280_UTC_TIME_LEN +#define XTEA_DECRYPT MBEDTLS_XTEA_DECRYPT +#define XTEA_ENCRYPT MBEDTLS_XTEA_ENCRYPT +#define _asn1_bitstring mbedtls_asn1_bitstring +#define _asn1_buf mbedtls_asn1_buf +#define _asn1_named_data mbedtls_asn1_named_data +#define _asn1_sequence mbedtls_asn1_sequence +#define _ssl_cache_context mbedtls_ssl_cache_context +#define _ssl_cache_entry mbedtls_ssl_cache_entry +#define _ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t +#define _ssl_context mbedtls_ssl_context +#define _ssl_flight_item mbedtls_ssl_flight_item +#define _ssl_handshake_params mbedtls_ssl_handshake_params +#define _ssl_key_cert mbedtls_ssl_key_cert +#define _ssl_premaster_secret mbedtls_ssl_premaster_secret +#define _ssl_session mbedtls_ssl_session +#define _ssl_ticket_keys mbedtls_ssl_ticket_keys +#define _ssl_transform mbedtls_ssl_transform +#define _x509_crl mbedtls_x509_crl +#define _x509_crl_entry mbedtls_x509_crl_entry +#define _x509_crt mbedtls_x509_crt +#define _x509_csr mbedtls_x509_csr +#define _x509_time mbedtls_x509_time +#define _x509write_cert mbedtls_x509write_cert +#define _x509write_csr mbedtls_x509write_csr +#define aes_context mbedtls_aes_context +#define aes_crypt_cbc mbedtls_aes_crypt_cbc +#define aes_crypt_cfb128 mbedtls_aes_crypt_cfb128 +#define aes_crypt_cfb8 mbedtls_aes_crypt_cfb8 +#define aes_crypt_ctr mbedtls_aes_crypt_ctr +#define aes_crypt_ecb mbedtls_aes_crypt_ecb +#define aes_free mbedtls_aes_free +#define aes_init mbedtls_aes_init +#define aes_self_test mbedtls_aes_self_test +#define aes_setkey_dec mbedtls_aes_setkey_dec +#define aes_setkey_enc mbedtls_aes_setkey_enc +#define aesni_crypt_ecb mbedtls_aesni_crypt_ecb +#define aesni_gcm_mult mbedtls_aesni_gcm_mult +#define aesni_inverse_key mbedtls_aesni_inverse_key +#define aesni_setkey_enc mbedtls_aesni_setkey_enc +#define aesni_supports mbedtls_aesni_has_support +#define alarmed mbedtls_timing_alarmed +#define arc4_context mbedtls_arc4_context +#define arc4_crypt mbedtls_arc4_crypt +#define arc4_free mbedtls_arc4_free +#define arc4_init mbedtls_arc4_init +#define arc4_self_test mbedtls_arc4_self_test +#define arc4_setup mbedtls_arc4_setup +#define asn1_bitstring mbedtls_asn1_bitstring +#define asn1_buf mbedtls_asn1_buf +#define asn1_find_named_data mbedtls_asn1_find_named_data +#define asn1_free_named_data mbedtls_asn1_free_named_data +#define asn1_free_named_data_list mbedtls_asn1_free_named_data_list +#define asn1_get_alg mbedtls_asn1_get_alg +#define asn1_get_alg_null mbedtls_asn1_get_alg_null +#define asn1_get_bitstring mbedtls_asn1_get_bitstring +#define asn1_get_bitstring_null mbedtls_asn1_get_bitstring_null +#define asn1_get_bool mbedtls_asn1_get_bool +#define asn1_get_int mbedtls_asn1_get_int +#define asn1_get_len mbedtls_asn1_get_len +#define asn1_get_mpi mbedtls_asn1_get_mpi +#define asn1_get_sequence_of mbedtls_asn1_get_sequence_of +#define asn1_get_tag mbedtls_asn1_get_tag +#define asn1_named_data mbedtls_asn1_named_data +#define asn1_sequence mbedtls_asn1_sequence +#define asn1_store_named_data mbedtls_asn1_store_named_data +#define asn1_write_algorithm_identifier mbedtls_asn1_write_algorithm_identifier +#define asn1_write_bitstring mbedtls_asn1_write_bitstring +#define asn1_write_bool mbedtls_asn1_write_bool +#define asn1_write_ia5_string mbedtls_asn1_write_ia5_string +#define asn1_write_int mbedtls_asn1_write_int +#define asn1_write_len mbedtls_asn1_write_len +#define asn1_write_mpi mbedtls_asn1_write_mpi +#define asn1_write_null mbedtls_asn1_write_null +#define asn1_write_octet_string mbedtls_asn1_write_octet_string +#define asn1_write_oid mbedtls_asn1_write_oid +#define asn1_write_printable_string mbedtls_asn1_write_printable_string +#define asn1_write_raw_buffer mbedtls_asn1_write_raw_buffer +#define asn1_write_tag mbedtls_asn1_write_tag +#define base64_decode mbedtls_base64_decode +#define base64_encode mbedtls_base64_encode +#define base64_self_test mbedtls_base64_self_test +#define blowfish_context mbedtls_blowfish_context +#define blowfish_crypt_cbc mbedtls_blowfish_crypt_cbc +#define blowfish_crypt_cfb64 mbedtls_blowfish_crypt_cfb64 +#define blowfish_crypt_ctr mbedtls_blowfish_crypt_ctr +#define blowfish_crypt_ecb mbedtls_blowfish_crypt_ecb +#define blowfish_free mbedtls_blowfish_free +#define blowfish_init mbedtls_blowfish_init +#define blowfish_setkey mbedtls_blowfish_setkey +#define camellia_context mbedtls_camellia_context +#define camellia_crypt_cbc mbedtls_camellia_crypt_cbc +#define camellia_crypt_cfb128 mbedtls_camellia_crypt_cfb128 +#define camellia_crypt_ctr mbedtls_camellia_crypt_ctr +#define camellia_crypt_ecb mbedtls_camellia_crypt_ecb +#define camellia_free mbedtls_camellia_free +#define camellia_init mbedtls_camellia_init +#define camellia_self_test mbedtls_camellia_self_test +#define camellia_setkey_dec mbedtls_camellia_setkey_dec +#define camellia_setkey_enc mbedtls_camellia_setkey_enc +#define ccm_auth_decrypt mbedtls_ccm_auth_decrypt +#define ccm_context mbedtls_ccm_context +#define ccm_encrypt_and_tag mbedtls_ccm_encrypt_and_tag +#define ccm_free mbedtls_ccm_free +#define ccm_init mbedtls_ccm_init +#define ccm_self_test mbedtls_ccm_self_test +#define cipher_auth_decrypt mbedtls_cipher_auth_decrypt +#define cipher_auth_encrypt mbedtls_cipher_auth_encrypt +#define cipher_base_t mbedtls_cipher_base_t +#define cipher_check_tag mbedtls_cipher_check_tag +#define cipher_context_t mbedtls_cipher_context_t +#define cipher_crypt mbedtls_cipher_crypt +#define cipher_definition_t mbedtls_cipher_definition_t +#define cipher_definitions mbedtls_cipher_definitions +#define cipher_finish mbedtls_cipher_finish +#define cipher_free mbedtls_cipher_free +#define cipher_free_ctx mbedtls_cipher_free_ctx +#define cipher_get_block_size mbedtls_cipher_get_block_size +#define cipher_get_cipher_mode mbedtls_cipher_get_cipher_mode +#define cipher_get_iv_size mbedtls_cipher_get_iv_size +#define cipher_get_key_size mbedtls_cipher_get_key_bitlen +#define cipher_get_name mbedtls_cipher_get_name +#define cipher_get_operation mbedtls_cipher_get_operation +#define cipher_get_type mbedtls_cipher_get_type +#define cipher_id_t mbedtls_cipher_id_t +#define cipher_info_from_string mbedtls_cipher_info_from_string +#define cipher_info_from_type mbedtls_cipher_info_from_type +#define cipher_info_from_values mbedtls_cipher_info_from_values +#define cipher_info_t mbedtls_cipher_info_t +#define cipher_init mbedtls_cipher_init +#define cipher_init_ctx mbedtls_cipher_setup +#define cipher_list mbedtls_cipher_list +#define cipher_mode_t mbedtls_cipher_mode_t +#define cipher_padding_t mbedtls_cipher_padding_t +#define cipher_reset mbedtls_cipher_reset +#define cipher_self_test mbedtls_cipher_self_test +#define cipher_set_iv mbedtls_cipher_set_iv +#define cipher_set_padding_mode mbedtls_cipher_set_padding_mode +#define cipher_setkey mbedtls_cipher_setkey +#define cipher_type_t mbedtls_cipher_type_t +#define cipher_update mbedtls_cipher_update +#define cipher_update_ad mbedtls_cipher_update_ad +#define cipher_write_tag mbedtls_cipher_write_tag +#define ctr_drbg_context mbedtls_ctr_drbg_context +#define ctr_drbg_free mbedtls_ctr_drbg_free +#define ctr_drbg_init mbedtls_ctr_drbg_init +#define ctr_drbg_init_entropy_len mbedtls_ctr_drbg_init_entropy_len +#define ctr_drbg_random mbedtls_ctr_drbg_random +#define ctr_drbg_random_with_add mbedtls_ctr_drbg_random_with_add +#define ctr_drbg_reseed mbedtls_ctr_drbg_reseed +#define ctr_drbg_self_test mbedtls_ctr_drbg_self_test +#define ctr_drbg_set_entropy_len mbedtls_ctr_drbg_set_entropy_len +#define ctr_drbg_set_prediction_resistance mbedtls_ctr_drbg_set_prediction_resistance +#define ctr_drbg_set_reseed_interval mbedtls_ctr_drbg_set_reseed_interval +#define ctr_drbg_update mbedtls_ctr_drbg_update +#define ctr_drbg_update_seed_file mbedtls_ctr_drbg_update_seed_file +#define ctr_drbg_write_seed_file mbedtls_ctr_drbg_write_seed_file +#define debug_fmt mbedtls_debug_fmt +#define debug_print_buf mbedtls_debug_print_buf +#define debug_print_crt mbedtls_debug_print_crt +#define debug_print_ecp mbedtls_debug_print_ecp +#define debug_print_mpi mbedtls_debug_print_mpi +#define debug_print_msg mbedtls_debug_print_msg +#define debug_print_ret mbedtls_debug_print_ret +#define debug_set_log_mode mbedtls_debug_set_log_mode +#define debug_set_threshold mbedtls_debug_set_threshold +#define des3_context mbedtls_des3_context +#define des3_crypt_cbc mbedtls_des3_crypt_cbc +#define des3_crypt_ecb mbedtls_des3_crypt_ecb +#define des3_free mbedtls_des3_free +#define des3_init mbedtls_des3_init +#define des3_set2key_dec mbedtls_des3_set2key_dec +#define des3_set2key_enc mbedtls_des3_set2key_enc +#define des3_set3key_dec mbedtls_des3_set3key_dec +#define des3_set3key_enc mbedtls_des3_set3key_enc +#define des_context mbedtls_des_context +#define des_crypt_cbc mbedtls_des_crypt_cbc +#define des_crypt_ecb mbedtls_des_crypt_ecb +#define des_free mbedtls_des_free +#define des_init mbedtls_des_init +#define des_key_check_key_parity mbedtls_des_key_check_key_parity +#define des_key_check_weak mbedtls_des_key_check_weak +#define des_key_set_parity mbedtls_des_key_set_parity +#define des_self_test mbedtls_des_self_test +#define des_setkey_dec mbedtls_des_setkey_dec +#define des_setkey_enc mbedtls_des_setkey_enc +#define dhm_calc_secret mbedtls_dhm_calc_secret +#define dhm_context mbedtls_dhm_context +#define dhm_free mbedtls_dhm_free +#define dhm_init mbedtls_dhm_init +#define dhm_make_params mbedtls_dhm_make_params +#define dhm_make_public mbedtls_dhm_make_public +#define dhm_parse_dhm mbedtls_dhm_parse_dhm +#define dhm_parse_dhmfile mbedtls_dhm_parse_dhmfile +#define dhm_read_params mbedtls_dhm_read_params +#define dhm_read_public mbedtls_dhm_read_public +#define dhm_self_test mbedtls_dhm_self_test +#define ecdh_calc_secret mbedtls_ecdh_calc_secret +#define ecdh_compute_shared mbedtls_ecdh_compute_shared +#define ecdh_context mbedtls_ecdh_context +#define ecdh_free mbedtls_ecdh_free +#define ecdh_gen_public mbedtls_ecdh_gen_public +#define ecdh_get_params mbedtls_ecdh_get_params +#define ecdh_init mbedtls_ecdh_init +#define ecdh_make_params mbedtls_ecdh_make_params +#define ecdh_make_public mbedtls_ecdh_make_public +#define ecdh_read_params mbedtls_ecdh_read_params +#define ecdh_read_public mbedtls_ecdh_read_public +#define ecdh_self_test mbedtls_ecdh_self_test +#define ecdh_side mbedtls_ecdh_side +#define ecdsa_context mbedtls_ecdsa_context +#define ecdsa_free mbedtls_ecdsa_free +#define ecdsa_from_keypair mbedtls_ecdsa_from_keypair +#define ecdsa_genkey mbedtls_ecdsa_genkey +#define ecdsa_info mbedtls_ecdsa_info +#define ecdsa_init mbedtls_ecdsa_init +#define ecdsa_read_signature mbedtls_ecdsa_read_signature +#define ecdsa_self_test mbedtls_ecdsa_self_test +#define ecdsa_sign mbedtls_ecdsa_sign +#define ecdsa_sign_det mbedtls_ecdsa_sign_det +#define ecdsa_verify mbedtls_ecdsa_verify +#define ecdsa_write_signature mbedtls_ecdsa_write_signature +#define ecdsa_write_signature_det mbedtls_ecdsa_write_signature_det +#define eckey_info mbedtls_eckey_info +#define eckeydh_info mbedtls_eckeydh_info +#define ecp_add mbedtls_ecp_add +#define ecp_check_privkey mbedtls_ecp_check_privkey +#define ecp_check_pub_priv mbedtls_ecp_check_pub_priv +#define ecp_check_pubkey mbedtls_ecp_check_pubkey +#define ecp_copy mbedtls_ecp_copy +#define ecp_curve_info mbedtls_ecp_curve_info +#define ecp_curve_info_from_grp_id mbedtls_ecp_curve_info_from_grp_id +#define ecp_curve_info_from_name mbedtls_ecp_curve_info_from_name +#define ecp_curve_info_from_tls_id mbedtls_ecp_curve_info_from_tls_id +#define ecp_curve_list mbedtls_ecp_curve_list +#define ecp_gen_key mbedtls_ecp_gen_key +#define ecp_gen_keypair mbedtls_ecp_gen_keypair +#define ecp_group mbedtls_ecp_group +#define ecp_group_copy mbedtls_ecp_group_copy +#define ecp_group_free mbedtls_ecp_group_free +#define ecp_group_id mbedtls_ecp_group_id +#define ecp_group_init mbedtls_ecp_group_init +#define ecp_group_read_string mbedtls_ecp_group_read_string +#define ecp_grp_id_list mbedtls_ecp_grp_id_list +#define ecp_is_zero mbedtls_ecp_is_zero +#define ecp_keypair mbedtls_ecp_keypair +#define ecp_keypair_free mbedtls_ecp_keypair_free +#define ecp_keypair_init mbedtls_ecp_keypair_init +#define ecp_mul mbedtls_ecp_mul +#define ecp_point mbedtls_ecp_point +#define ecp_point_free mbedtls_ecp_point_free +#define ecp_point_init mbedtls_ecp_point_init +#define ecp_point_read_binary mbedtls_ecp_point_read_binary +#define ecp_point_read_string mbedtls_ecp_point_read_string +#define ecp_point_write_binary mbedtls_ecp_point_write_binary +#define ecp_self_test mbedtls_ecp_self_test +#define ecp_set_zero mbedtls_ecp_set_zero +#define ecp_sub mbedtls_ecp_sub +#define ecp_tls_read_group mbedtls_ecp_tls_read_group +#define ecp_tls_read_point mbedtls_ecp_tls_read_point +#define ecp_tls_write_group mbedtls_ecp_tls_write_group +#define ecp_tls_write_point mbedtls_ecp_tls_write_point +#define ecp_use_known_dp mbedtls_ecp_group_load +#define entropy_add_source mbedtls_entropy_add_source +#define entropy_context mbedtls_entropy_context +#define entropy_free mbedtls_entropy_free +#define entropy_func mbedtls_entropy_func +#define entropy_gather mbedtls_entropy_gather +#define entropy_init mbedtls_entropy_init +#define entropy_self_test mbedtls_entropy_self_test +#define entropy_update_manual mbedtls_entropy_update_manual +#define entropy_update_seed_file mbedtls_entropy_update_seed_file +#define entropy_write_seed_file mbedtls_entropy_write_seed_file +#define error_strerror mbedtls_error_strerror +#define f_source_ptr mbedtls_entropy_f_source_ptr +#define gcm_auth_decrypt mbedtls_gcm_auth_decrypt +#define gcm_context mbedtls_gcm_context +#define gcm_crypt_and_tag mbedtls_gcm_crypt_and_tag +#define gcm_finish mbedtls_gcm_finish +#define gcm_free mbedtls_gcm_free +#define gcm_init mbedtls_gcm_init +#define gcm_self_test mbedtls_gcm_self_test +#define gcm_starts mbedtls_gcm_starts +#define gcm_update mbedtls_gcm_update +#define get_timer mbedtls_timing_get_timer +#define hardclock mbedtls_timing_hardclock +#define hardclock_poll mbedtls_hardclock_poll +#define havege_free mbedtls_havege_free +#define havege_init mbedtls_havege_init +#define havege_poll mbedtls_havege_poll +#define havege_random mbedtls_havege_random +#define havege_state mbedtls_havege_state +#define hmac_drbg_context mbedtls_hmac_drbg_context +#define hmac_drbg_free mbedtls_hmac_drbg_free +#define hmac_drbg_init mbedtls_hmac_drbg_init +#define hmac_drbg_init_buf mbedtls_hmac_drbg_init_buf +#define hmac_drbg_random mbedtls_hmac_drbg_random +#define hmac_drbg_random_with_add mbedtls_hmac_drbg_random_with_add +#define hmac_drbg_reseed mbedtls_hmac_drbg_reseed +#define hmac_drbg_self_test mbedtls_hmac_drbg_self_test +#define hmac_drbg_set_entropy_len mbedtls_hmac_drbg_set_entropy_len +#define hmac_drbg_set_prediction_resistance mbedtls_hmac_drbg_set_prediction_resistance +#define hmac_drbg_set_reseed_interval mbedtls_hmac_drbg_set_reseed_interval +#define hmac_drbg_update mbedtls_hmac_drbg_update +#define hmac_drbg_update_seed_file mbedtls_hmac_drbg_update_seed_file +#define hmac_drbg_write_seed_file mbedtls_hmac_drbg_write_seed_file +#define hr_time mbedtls_timing_hr_time +#define key_exchange_type_t mbedtls_key_exchange_type_t +#define md mbedtls_md +#define md2 mbedtls_md2 +#define md2_context mbedtls_md2_context +#define md2_file mbedtls_md2_file +#define md2_finish mbedtls_md2_finish +#define md2_free mbedtls_md2_free +#define md2_hmac mbedtls_md2_hmac +#define md2_hmac_finish mbedtls_md2_hmac_finish +#define md2_hmac_reset mbedtls_md2_hmac_reset +#define md2_hmac_starts mbedtls_md2_hmac_starts +#define md2_hmac_update mbedtls_md2_hmac_update +#define md2_info mbedtls_md2_info +#define md2_init mbedtls_md2_init +#define md2_process mbedtls_md2_process +#define md2_self_test mbedtls_md2_self_test +#define md2_starts mbedtls_md2_starts +#define md2_update mbedtls_md2_update +#define md4 mbedtls_md4 +#define md4_context mbedtls_md4_context +#define md4_file mbedtls_md4_file +#define md4_finish mbedtls_md4_finish +#define md4_free mbedtls_md4_free +#define md4_hmac mbedtls_md4_hmac +#define md4_hmac_finish mbedtls_md4_hmac_finish +#define md4_hmac_reset mbedtls_md4_hmac_reset +#define md4_hmac_starts mbedtls_md4_hmac_starts +#define md4_hmac_update mbedtls_md4_hmac_update +#define md4_info mbedtls_md4_info +#define md4_init mbedtls_md4_init +#define md4_process mbedtls_md4_process +#define md4_self_test mbedtls_md4_self_test +#define md4_starts mbedtls_md4_starts +#define md4_update mbedtls_md4_update +#define md5 mbedtls_md5 +#define md5_context mbedtls_md5_context +#define md5_file mbedtls_md5_file +#define md5_finish mbedtls_md5_finish +#define md5_free mbedtls_md5_free +#define md5_hmac mbedtls_md5_hmac +#define md5_hmac_finish mbedtls_md5_hmac_finish +#define md5_hmac_reset mbedtls_md5_hmac_reset +#define md5_hmac_starts mbedtls_md5_hmac_starts +#define md5_hmac_update mbedtls_md5_hmac_update +#define md5_info mbedtls_md5_info +#define md5_init mbedtls_md5_init +#define md5_process mbedtls_md5_process +#define md5_self_test mbedtls_md5_self_test +#define md5_starts mbedtls_md5_starts +#define md5_update mbedtls_md5_update +#define md_context_t mbedtls_md_context_t +#define md_file mbedtls_md_file +#define md_finish mbedtls_md_finish +#define md_free mbedtls_md_free +#define md_free_ctx mbedtls_md_free_ctx +#define md_get_name mbedtls_md_get_name +#define md_get_size mbedtls_md_get_size +#define md_get_type mbedtls_md_get_type +#define md_hmac mbedtls_md_hmac +#define md_hmac_finish mbedtls_md_hmac_finish +#define md_hmac_reset mbedtls_md_hmac_reset +#define md_hmac_starts mbedtls_md_hmac_starts +#define md_hmac_update mbedtls_md_hmac_update +#define md_info_from_string mbedtls_md_info_from_string +#define md_info_from_type mbedtls_md_info_from_type +#define md_info_t mbedtls_md_info_t +#define md_init mbedtls_md_init +#define md_init_ctx mbedtls_md_init_ctx +#define md_list mbedtls_md_list +#define md_process mbedtls_md_process +#define md_starts mbedtls_md_starts +#define md_type_t mbedtls_md_type_t +#define md_update mbedtls_md_update +#define memory_buffer_alloc_cur_get mbedtls_memory_buffer_alloc_cur_get +#define memory_buffer_alloc_free mbedtls_memory_buffer_alloc_free +#define memory_buffer_alloc_init mbedtls_memory_buffer_alloc_init +#define memory_buffer_alloc_max_get mbedtls_memory_buffer_alloc_max_get +#define memory_buffer_alloc_max_reset mbedtls_memory_buffer_alloc_max_reset +#define memory_buffer_alloc_self_test mbedtls_memory_buffer_alloc_self_test +#define memory_buffer_alloc_status mbedtls_memory_buffer_alloc_status +#define memory_buffer_alloc_verify mbedtls_memory_buffer_alloc_verify +#define memory_buffer_set_verify mbedtls_memory_buffer_set_verify +#define memory_set_own mbedtls_memory_set_own +#define mpi mbedtls_mpi +#define mpi_add_abs mbedtls_mpi_add_abs +#define mpi_add_int mbedtls_mpi_add_int +#define mpi_add_mpi mbedtls_mpi_add_mpi +#define mpi_cmp_abs mbedtls_mpi_cmp_abs +#define mpi_cmp_int mbedtls_mpi_cmp_int +#define mpi_cmp_mpi mbedtls_mpi_cmp_mpi +#define mpi_copy mbedtls_mpi_copy +#define mpi_div_int mbedtls_mpi_div_int +#define mpi_div_mpi mbedtls_mpi_div_mpi +#define mpi_exp_mod mbedtls_mpi_exp_mod +#define mpi_fill_random mbedtls_mpi_fill_random +#define mpi_free mbedtls_mpi_free +#define mpi_gcd mbedtls_mpi_gcd +#define mpi_gen_prime mbedtls_mpi_gen_prime +#define mpi_get_bit mbedtls_mpi_get_bit +#define mpi_grow mbedtls_mpi_grow +#define mpi_init mbedtls_mpi_init +#define mpi_inv_mod mbedtls_mpi_inv_mod +#define mpi_is_prime mbedtls_mpi_is_prime +#define mpi_lsb mbedtls_mpi_lsb +#define mpi_lset mbedtls_mpi_lset +#define mpi_mod_int mbedtls_mpi_mod_int +#define mpi_mod_mpi mbedtls_mpi_mod_mpi +#define mpi_msb mbedtls_mpi_bitlen +#define mpi_mul_int mbedtls_mpi_mul_int +#define mpi_mul_mpi mbedtls_mpi_mul_mpi +#define mpi_read_binary mbedtls_mpi_read_binary +#define mpi_read_file mbedtls_mpi_read_file +#define mpi_read_string mbedtls_mpi_read_string +#define mpi_safe_cond_assign mbedtls_mpi_safe_cond_assign +#define mpi_safe_cond_swap mbedtls_mpi_safe_cond_swap +#define mpi_self_test mbedtls_mpi_self_test +#define mpi_set_bit mbedtls_mpi_set_bit +#define mpi_shift_l mbedtls_mpi_shift_l +#define mpi_shift_r mbedtls_mpi_shift_r +#define mpi_shrink mbedtls_mpi_shrink +#define mpi_size mbedtls_mpi_size +#define mpi_sub_abs mbedtls_mpi_sub_abs +#define mpi_sub_int mbedtls_mpi_sub_int +#define mpi_sub_mpi mbedtls_mpi_sub_mpi +#define mpi_swap mbedtls_mpi_swap +#define mpi_write_binary mbedtls_mpi_write_binary +#define mpi_write_file mbedtls_mpi_write_file +#define mpi_write_string mbedtls_mpi_write_string +#define net_accept mbedtls_net_accept +#define net_bind mbedtls_net_bind +#define net_close mbedtls_net_free +#define net_connect mbedtls_net_connect +#define net_recv mbedtls_net_recv +#define net_recv_timeout mbedtls_net_recv_timeout +#define net_send mbedtls_net_send +#define net_set_block mbedtls_net_set_block +#define net_set_nonblock mbedtls_net_set_nonblock +#define net_usleep mbedtls_net_usleep +#define oid_descriptor_t mbedtls_oid_descriptor_t +#define oid_get_attr_short_name mbedtls_oid_get_attr_short_name +#define oid_get_cipher_alg mbedtls_oid_get_cipher_alg +#define oid_get_ec_grp mbedtls_oid_get_ec_grp +#define oid_get_extended_key_usage mbedtls_oid_get_extended_key_usage +#define oid_get_md_alg mbedtls_oid_get_md_alg +#define oid_get_numeric_string mbedtls_oid_get_numeric_string +#define oid_get_oid_by_ec_grp mbedtls_oid_get_oid_by_ec_grp +#define oid_get_oid_by_md mbedtls_oid_get_oid_by_md +#define oid_get_oid_by_pk_alg mbedtls_oid_get_oid_by_pk_alg +#define oid_get_oid_by_sig_alg mbedtls_oid_get_oid_by_sig_alg +#define oid_get_pk_alg mbedtls_oid_get_pk_alg +#define oid_get_pkcs12_pbe_alg mbedtls_oid_get_pkcs12_pbe_alg +#define oid_get_sig_alg mbedtls_oid_get_sig_alg +#define oid_get_sig_alg_desc mbedtls_oid_get_sig_alg_desc +#define oid_get_x509_ext_type mbedtls_oid_get_x509_ext_type +#define operation_t mbedtls_operation_t +#define padlock_supports mbedtls_padlock_has_support +#define padlock_xcryptcbc mbedtls_padlock_xcryptcbc +#define padlock_xcryptecb mbedtls_padlock_xcryptecb +#define pbkdf2_hmac mbedtls_pbkdf2_hmac +#define pbkdf2_self_test mbedtls_pbkdf2_self_test +#define pem_context mbedtls_pem_context +#define pem_free mbedtls_pem_free +#define pem_init mbedtls_pem_init +#define pem_read_buffer mbedtls_pem_read_buffer +#define pem_write_buffer mbedtls_pem_write_buffer +#define pk_can_do mbedtls_pk_can_do +#define pk_check_pair mbedtls_pk_check_pair +#define pk_context mbedtls_pk_context +#define pk_debug mbedtls_pk_debug +#define pk_debug_item mbedtls_pk_debug_item +#define pk_debug_type mbedtls_pk_debug_type +#define pk_decrypt mbedtls_pk_decrypt +#define pk_ec mbedtls_pk_ec +#define pk_encrypt mbedtls_pk_encrypt +#define pk_free mbedtls_pk_free +#define pk_get_len mbedtls_pk_get_len +#define pk_get_name mbedtls_pk_get_name +#define pk_get_size mbedtls_pk_get_bitlen +#define pk_get_type mbedtls_pk_get_type +#define pk_info_from_type mbedtls_pk_info_from_type +#define pk_info_t mbedtls_pk_info_t +#define pk_init mbedtls_pk_init +#define pk_init_ctx mbedtls_pk_setup +#define pk_init_ctx_rsa_alt mbedtls_pk_setup_rsa_alt +#define pk_load_file mbedtls_pk_load_file +#define pk_parse_key mbedtls_pk_parse_key +#define pk_parse_keyfile mbedtls_pk_parse_keyfile +#define pk_parse_public_key mbedtls_pk_parse_public_key +#define pk_parse_public_keyfile mbedtls_pk_parse_public_keyfile +#define pk_parse_subpubkey mbedtls_pk_parse_subpubkey +#define pk_rsa mbedtls_pk_rsa +#define pk_rsa_alt_decrypt_func mbedtls_pk_rsa_alt_decrypt_func +#define pk_rsa_alt_key_len_func mbedtls_pk_rsa_alt_key_len_func +#define pk_rsa_alt_sign_func mbedtls_pk_rsa_alt_sign_func +#define pk_rsassa_pss_options mbedtls_pk_rsassa_pss_options +#define pk_sign mbedtls_pk_sign +#define pk_type_t mbedtls_pk_type_t +#define pk_verify mbedtls_pk_verify +#define pk_verify_ext mbedtls_pk_verify_ext +#define pk_write_key_der mbedtls_pk_write_key_der +#define pk_write_key_pem mbedtls_pk_write_key_pem +#define pk_write_pubkey mbedtls_pk_write_pubkey +#define pk_write_pubkey_der mbedtls_pk_write_pubkey_der +#define pk_write_pubkey_pem mbedtls_pk_write_pubkey_pem +#define pkcs11_context mbedtls_pkcs11_context +#define pkcs11_decrypt mbedtls_pkcs11_decrypt +#define pkcs11_priv_key_free mbedtls_pkcs11_priv_key_free +#define pkcs11_priv_key_init mbedtls_pkcs11_priv_key_bind +#define pkcs11_sign mbedtls_pkcs11_sign +#define pkcs11_x509_cert_init mbedtls_pkcs11_x509_cert_bind +#define pkcs12_derivation mbedtls_pkcs12_derivation +#define pkcs12_pbe mbedtls_pkcs12_pbe +#define pkcs12_pbe_sha1_rc4_128 mbedtls_pkcs12_pbe_sha1_rc4_128 +#define pkcs5_pbes2 mbedtls_pkcs5_pbes2 +#define pkcs5_pbkdf2_hmac mbedtls_pkcs5_pbkdf2_hmac +#define pkcs5_self_test mbedtls_pkcs5_self_test +#define platform_entropy_poll mbedtls_platform_entropy_poll +#define platform_set_exit mbedtls_platform_set_exit +#define platform_set_fprintf mbedtls_platform_set_fprintf +#define platform_set_malloc_free mbedtls_platform_set_malloc_free +#define platform_set_printf mbedtls_platform_set_printf +#define platform_set_snprintf mbedtls_platform_set_snprintf +#define polarssl_exit mbedtls_exit +#define polarssl_fprintf mbedtls_fprintf +#define polarssl_free mbedtls_free +#define polarssl_malloc mbedtls_malloc +#define polarssl_mutex_free mbedtls_mutex_free +#define polarssl_mutex_init mbedtls_mutex_init +#define polarssl_mutex_lock mbedtls_mutex_lock +#define polarssl_mutex_unlock mbedtls_mutex_unlock +#define polarssl_printf mbedtls_printf +#define polarssl_snprintf mbedtls_snprintf +#define polarssl_strerror mbedtls_strerror +#define ripemd160 mbedtls_ripemd160 +#define ripemd160_context mbedtls_ripemd160_context +#define ripemd160_file mbedtls_ripemd160_file +#define ripemd160_finish mbedtls_ripemd160_finish +#define ripemd160_free mbedtls_ripemd160_free +#define ripemd160_hmac mbedtls_ripemd160_hmac +#define ripemd160_hmac_finish mbedtls_ripemd160_hmac_finish +#define ripemd160_hmac_reset mbedtls_ripemd160_hmac_reset +#define ripemd160_hmac_starts mbedtls_ripemd160_hmac_starts +#define ripemd160_hmac_update mbedtls_ripemd160_hmac_update +#define ripemd160_info mbedtls_ripemd160_info +#define ripemd160_init mbedtls_ripemd160_init +#define ripemd160_process mbedtls_ripemd160_process +#define ripemd160_self_test mbedtls_ripemd160_self_test +#define ripemd160_starts mbedtls_ripemd160_starts +#define ripemd160_update mbedtls_ripemd160_update +#define rsa_alt_context mbedtls_rsa_alt_context +#define rsa_alt_info mbedtls_rsa_alt_info +#define rsa_check_privkey mbedtls_rsa_check_privkey +#define rsa_check_pub_priv mbedtls_rsa_check_pub_priv +#define rsa_check_pubkey mbedtls_rsa_check_pubkey +#define rsa_context mbedtls_rsa_context +#define rsa_copy mbedtls_rsa_copy +#define rsa_decrypt_func mbedtls_rsa_decrypt_func +#define rsa_free mbedtls_rsa_free +#define rsa_gen_key mbedtls_rsa_gen_key +#define rsa_info mbedtls_rsa_info +#define rsa_init mbedtls_rsa_init +#define rsa_key_len_func mbedtls_rsa_key_len_func +#define rsa_pkcs1_decrypt mbedtls_rsa_pkcs1_decrypt +#define rsa_pkcs1_encrypt mbedtls_rsa_pkcs1_encrypt +#define rsa_pkcs1_sign mbedtls_rsa_pkcs1_sign +#define rsa_pkcs1_verify mbedtls_rsa_pkcs1_verify +#define rsa_private mbedtls_rsa_private +#define rsa_public mbedtls_rsa_public +#define rsa_rsaes_oaep_decrypt mbedtls_rsa_rsaes_oaep_decrypt +#define rsa_rsaes_oaep_encrypt mbedtls_rsa_rsaes_oaep_encrypt +#define rsa_rsaes_pkcs1_v15_decrypt mbedtls_rsa_rsaes_pkcs1_v15_decrypt +#define rsa_rsaes_pkcs1_v15_encrypt mbedtls_rsa_rsaes_pkcs1_v15_encrypt +#define rsa_rsassa_pkcs1_v15_sign mbedtls_rsa_rsassa_pkcs1_v15_sign +#define rsa_rsassa_pkcs1_v15_verify mbedtls_rsa_rsassa_pkcs1_v15_verify +#define rsa_rsassa_pss_sign mbedtls_rsa_rsassa_pss_sign +#define rsa_rsassa_pss_verify mbedtls_rsa_rsassa_pss_verify +#define rsa_rsassa_pss_verify_ext mbedtls_rsa_rsassa_pss_verify_ext +#define rsa_self_test mbedtls_rsa_self_test +#define rsa_set_padding mbedtls_rsa_set_padding +#define rsa_sign_func mbedtls_rsa_sign_func +#define safer_memcmp mbedtls_ssl_safer_memcmp +#define set_alarm mbedtls_set_alarm +#define sha1 mbedtls_sha1 +#define sha1_context mbedtls_sha1_context +#define sha1_file mbedtls_sha1_file +#define sha1_finish mbedtls_sha1_finish +#define sha1_free mbedtls_sha1_free +#define sha1_hmac mbedtls_sha1_hmac +#define sha1_hmac_finish mbedtls_sha1_hmac_finish +#define sha1_hmac_reset mbedtls_sha1_hmac_reset +#define sha1_hmac_starts mbedtls_sha1_hmac_starts +#define sha1_hmac_update mbedtls_sha1_hmac_update +#define sha1_info mbedtls_sha1_info +#define sha1_init mbedtls_sha1_init +#define sha1_process mbedtls_sha1_process +#define sha1_self_test mbedtls_sha1_self_test +#define sha1_starts mbedtls_sha1_starts +#define sha1_update mbedtls_sha1_update +#define sha224_info mbedtls_sha224_info +#define sha256 mbedtls_sha256 +#define sha256_context mbedtls_sha256_context +#define sha256_file mbedtls_sha256_file +#define sha256_finish mbedtls_sha256_finish +#define sha256_free mbedtls_sha256_free +#define sha256_hmac mbedtls_sha256_hmac +#define sha256_hmac_finish mbedtls_sha256_hmac_finish +#define sha256_hmac_reset mbedtls_sha256_hmac_reset +#define sha256_hmac_starts mbedtls_sha256_hmac_starts +#define sha256_hmac_update mbedtls_sha256_hmac_update +#define sha256_info mbedtls_sha256_info +#define sha256_init mbedtls_sha256_init +#define sha256_process mbedtls_sha256_process +#define sha256_self_test mbedtls_sha256_self_test +#define sha256_starts mbedtls_sha256_starts +#define sha256_update mbedtls_sha256_update +#define sha384_info mbedtls_sha384_info +#define sha512 mbedtls_sha512 +#define sha512_context mbedtls_sha512_context +#define sha512_file mbedtls_sha512_file +#define sha512_finish mbedtls_sha512_finish +#define sha512_free mbedtls_sha512_free +#define sha512_hmac mbedtls_sha512_hmac +#define sha512_hmac_finish mbedtls_sha512_hmac_finish +#define sha512_hmac_reset mbedtls_sha512_hmac_reset +#define sha512_hmac_starts mbedtls_sha512_hmac_starts +#define sha512_hmac_update mbedtls_sha512_hmac_update +#define sha512_info mbedtls_sha512_info +#define sha512_init mbedtls_sha512_init +#define sha512_process mbedtls_sha512_process +#define sha512_self_test mbedtls_sha512_self_test +#define sha512_starts mbedtls_sha512_starts +#define sha512_update mbedtls_sha512_update +#define source_state mbedtls_entropy_source_state +#define ssl_cache_context mbedtls_ssl_cache_context +#define ssl_cache_entry mbedtls_ssl_cache_entry +#define ssl_cache_free mbedtls_ssl_cache_free +#define ssl_cache_get mbedtls_ssl_cache_get +#define ssl_cache_init mbedtls_ssl_cache_init +#define ssl_cache_set mbedtls_ssl_cache_set +#define ssl_cache_set_max_entries mbedtls_ssl_cache_set_max_entries +#define ssl_cache_set_timeout mbedtls_ssl_cache_set_timeout +#define ssl_check_cert_usage mbedtls_ssl_check_cert_usage +#define ssl_ciphersuite_from_id mbedtls_ssl_ciphersuite_from_id +#define ssl_ciphersuite_from_string mbedtls_ssl_ciphersuite_from_string +#define ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t +#define ssl_ciphersuite_uses_ec mbedtls_ssl_ciphersuite_uses_ec +#define ssl_ciphersuite_uses_psk mbedtls_ssl_ciphersuite_uses_psk +#define ssl_close_notify mbedtls_ssl_close_notify +#define ssl_context mbedtls_ssl_context +#define ssl_cookie_check mbedtls_ssl_cookie_check +#define ssl_cookie_check_t mbedtls_ssl_cookie_check_t +#define ssl_cookie_ctx mbedtls_ssl_cookie_ctx +#define ssl_cookie_free mbedtls_ssl_cookie_free +#define ssl_cookie_init mbedtls_ssl_cookie_init +#define ssl_cookie_set_timeout mbedtls_ssl_cookie_set_timeout +#define ssl_cookie_setup mbedtls_ssl_cookie_setup +#define ssl_cookie_write mbedtls_ssl_cookie_write +#define ssl_cookie_write_t mbedtls_ssl_cookie_write_t +#define ssl_curve_is_acceptable mbedtls_ssl_curve_is_acceptable +#define ssl_derive_keys mbedtls_ssl_derive_keys +#define ssl_dtls_replay_check mbedtls_ssl_dtls_replay_check +#define ssl_dtls_replay_update mbedtls_ssl_dtls_replay_update +#define ssl_fetch_input mbedtls_ssl_fetch_input +#define ssl_flight_item mbedtls_ssl_flight_item +#define ssl_flush_output mbedtls_ssl_flush_output +#define ssl_free mbedtls_ssl_free +#define ssl_get_alpn_protocol mbedtls_ssl_get_alpn_protocol +#define ssl_get_bytes_avail mbedtls_ssl_get_bytes_avail +#define ssl_get_ciphersuite mbedtls_ssl_get_ciphersuite +#define ssl_get_ciphersuite_id mbedtls_ssl_get_ciphersuite_id +#define ssl_get_ciphersuite_name mbedtls_ssl_get_ciphersuite_name +#define ssl_get_ciphersuite_sig_pk_alg mbedtls_ssl_get_ciphersuite_sig_pk_alg +#define ssl_get_peer_cert mbedtls_ssl_get_peer_cert +#define ssl_get_record_expansion mbedtls_ssl_get_record_expansion +#define ssl_get_session mbedtls_ssl_get_session +#define ssl_get_verify_result mbedtls_ssl_get_verify_result +#define ssl_get_version mbedtls_ssl_get_version +#define ssl_handshake mbedtls_ssl_handshake +#define ssl_handshake_client_step mbedtls_ssl_handshake_client_step +#define ssl_handshake_free mbedtls_ssl_handshake_free +#define ssl_handshake_params mbedtls_ssl_handshake_params +#define ssl_handshake_server_step mbedtls_ssl_handshake_server_step +#define ssl_handshake_step mbedtls_ssl_handshake_step +#define ssl_handshake_wrapup mbedtls_ssl_handshake_wrapup +#define ssl_hdr_len mbedtls_ssl_hdr_len +#define ssl_hs_hdr_len mbedtls_ssl_hs_hdr_len +#define ssl_hw_record_activate mbedtls_ssl_hw_record_activate +#define ssl_hw_record_finish mbedtls_ssl_hw_record_finish +#define ssl_hw_record_init mbedtls_ssl_hw_record_init +#define ssl_hw_record_read mbedtls_ssl_hw_record_read +#define ssl_hw_record_reset mbedtls_ssl_hw_record_reset +#define ssl_hw_record_write mbedtls_ssl_hw_record_write +#define ssl_init mbedtls_ssl_init +#define ssl_key_cert mbedtls_ssl_key_cert +#define ssl_legacy_renegotiation mbedtls_ssl_conf_legacy_renegotiation +#define ssl_list_ciphersuites mbedtls_ssl_list_ciphersuites +#define ssl_md_alg_from_hash mbedtls_ssl_md_alg_from_hash +#define ssl_optimize_checksum mbedtls_ssl_optimize_checksum +#define ssl_own_cert mbedtls_ssl_own_cert +#define ssl_own_key mbedtls_ssl_own_key +#define ssl_parse_certificate mbedtls_ssl_parse_certificate +#define ssl_parse_change_cipher_spec mbedtls_ssl_parse_change_cipher_spec +#define ssl_parse_finished mbedtls_ssl_parse_finished +#define ssl_pk_alg_from_sig mbedtls_ssl_pk_alg_from_sig +#define ssl_pkcs11_decrypt mbedtls_ssl_pkcs11_decrypt +#define ssl_pkcs11_key_len mbedtls_ssl_pkcs11_key_len +#define ssl_pkcs11_sign mbedtls_ssl_pkcs11_sign +#define ssl_psk_derive_premaster mbedtls_ssl_psk_derive_premaster +#define ssl_read mbedtls_ssl_read +#define ssl_read_record mbedtls_ssl_read_record +#define ssl_read_version mbedtls_ssl_read_version +#define ssl_recv_flight_completed mbedtls_ssl_recv_flight_completed +#define ssl_renegotiate mbedtls_ssl_renegotiate +#define ssl_resend mbedtls_ssl_resend +#define ssl_reset_checksum mbedtls_ssl_reset_checksum +#define ssl_send_alert_message mbedtls_ssl_send_alert_message +#define ssl_send_fatal_handshake_failure mbedtls_ssl_send_fatal_handshake_failure +#define ssl_send_flight_completed mbedtls_ssl_send_flight_completed +#define ssl_session mbedtls_ssl_session +#define ssl_session_free mbedtls_ssl_session_free +#define ssl_session_init mbedtls_ssl_session_init +#define ssl_session_reset mbedtls_ssl_session_reset +#define ssl_set_alpn_protocols mbedtls_ssl_conf_alpn_protocols +#define ssl_set_arc4_support mbedtls_ssl_conf_arc4_support +#define ssl_set_authmode mbedtls_ssl_conf_authmode +#define ssl_set_bio mbedtls_ssl_set_bio +#define ssl_set_bio mbedtls_ssl_set_bio_timeout +#define ssl_set_ca_chain mbedtls_ssl_conf_ca_chain +#define ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting +#define ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites +#define ssl_set_ciphersuites_for_version mbedtls_ssl_conf_ciphersuites_for_version +#define ssl_set_client_transport_id mbedtls_ssl_set_client_transport_id +#define ssl_set_curves mbedtls_ssl_conf_curves +#define ssl_set_dbg mbedtls_ssl_conf_dbg +#define ssl_set_dh_param mbedtls_ssl_conf_dh_param +#define ssl_set_dh_param_ctx mbedtls_ssl_conf_dh_param_ctx +#define ssl_set_dtls_anti_replay mbedtls_ssl_conf_dtls_anti_replay +#define ssl_set_dtls_badmac_limit mbedtls_ssl_conf_dtls_badmac_limit +#define ssl_set_dtls_cookies mbedtls_ssl_conf_dtls_cookies +#define ssl_set_encrypt_then_mac mbedtls_ssl_conf_encrypt_then_mac +#define ssl_set_endpoint mbedtls_ssl_conf_endpoint +#define ssl_set_extended_master_secret mbedtls_ssl_conf_extended_master_secret +#define ssl_set_fallback mbedtls_ssl_conf_fallback +#define ssl_set_handshake_timeout mbedtls_ssl_conf_handshake_timeout +#define ssl_set_hostname mbedtls_ssl_set_hostname +#define ssl_set_max_frag_len mbedtls_ssl_conf_max_frag_len +#define ssl_set_max_version mbedtls_ssl_conf_max_version +#define ssl_set_min_version mbedtls_ssl_conf_min_version +#define ssl_set_own_cert mbedtls_ssl_conf_own_cert +#define ssl_set_own_cert_alt mbedtls_ssl_set_own_cert_alt +#define ssl_set_own_cert_rsa mbedtls_ssl_set_own_cert_rsa +#define ssl_set_psk mbedtls_ssl_conf_psk +#define ssl_set_psk_cb mbedtls_ssl_conf_psk_cb +#define ssl_set_renegotiation mbedtls_ssl_conf_renegotiation +#define ssl_set_renegotiation_enforced mbedtls_ssl_conf_renegotiation_enforced +#define ssl_set_renegotiation_period mbedtls_ssl_conf_renegotiation_period +#define ssl_set_rng mbedtls_ssl_conf_rng +#define ssl_set_session mbedtls_ssl_set_session +#define ssl_set_session_cache mbedtls_ssl_conf_session_cache +#define ssl_set_session_ticket_lifetime mbedtls_ssl_conf_session_ticket_lifetime +#define ssl_set_session_tickets mbedtls_ssl_conf_session_tickets +#define ssl_set_sni mbedtls_ssl_conf_sni +#define ssl_set_transport mbedtls_ssl_conf_transport +#define ssl_set_truncated_hmac mbedtls_ssl_conf_truncated_hmac +#define ssl_set_verify mbedtls_ssl_conf_verify +#define ssl_sig_from_pk mbedtls_ssl_sig_from_pk +#define ssl_states mbedtls_ssl_states +#define ssl_ticket_keys mbedtls_ssl_ticket_keys +#define ssl_transform mbedtls_ssl_transform +#define ssl_transform_free mbedtls_ssl_transform_free +#define ssl_write mbedtls_ssl_write +#define ssl_write_certificate mbedtls_ssl_write_certificate +#define ssl_write_change_cipher_spec mbedtls_ssl_write_change_cipher_spec +#define ssl_write_finished mbedtls_ssl_write_finished +#define ssl_write_record mbedtls_ssl_write_record +#define ssl_write_version mbedtls_ssl_write_version +#define supported_ciphers mbedtls_cipher_supported +#define t_sint mbedtls_mpi_sint +#define t_udbl mbedtls_t_udbl +#define t_uint mbedtls_mpi_uint +#define test_ca_crt mbedtls_test_ca_crt +#define test_ca_crt_ec mbedtls_test_ca_crt_ec +#define test_ca_crt_rsa mbedtls_test_ca_crt_rsa +#define test_ca_key mbedtls_test_ca_key +#define test_ca_key_ec mbedtls_test_ca_key_ec +#define test_ca_key_rsa mbedtls_test_ca_key_rsa +#define test_ca_list mbedtls_test_cas_pem +#define test_ca_pwd mbedtls_test_ca_pwd +#define test_ca_pwd_ec mbedtls_test_ca_pwd_ec +#define test_ca_pwd_rsa mbedtls_test_ca_pwd_rsa +#define test_cli_crt mbedtls_test_cli_crt +#define test_cli_crt_ec mbedtls_test_cli_crt_ec +#define test_cli_crt_rsa mbedtls_test_cli_crt_rsa +#define test_cli_key mbedtls_test_cli_key +#define test_cli_key_ec mbedtls_test_cli_key_ec +#define test_cli_key_rsa mbedtls_test_cli_key_rsa +#define test_dhm_params mbedtls_test_dhm_params +#define test_srv_crt mbedtls_test_srv_crt +#define test_srv_crt_ec mbedtls_test_srv_crt_ec +#define test_srv_crt_rsa mbedtls_test_srv_crt_rsa +#define test_srv_key mbedtls_test_srv_key +#define test_srv_key_ec mbedtls_test_srv_key_ec +#define test_srv_key_rsa mbedtls_test_srv_key_rsa +#define threading_mutex_t mbedtls_threading_mutex_t +#define threading_set_alt mbedtls_threading_set_alt +#define timing_self_test mbedtls_timing_self_test +#define version_check_feature mbedtls_version_check_feature +#define version_get_number mbedtls_version_get_number +#define version_get_string mbedtls_version_get_string +#define version_get_string_full mbedtls_version_get_string_full +#define x509_bitstring mbedtls_x509_bitstring +#define x509_buf mbedtls_x509_buf +#define x509_crl mbedtls_x509_crl +#define x509_crl_entry mbedtls_x509_crl_entry +#define x509_crl_free mbedtls_x509_crl_free +#define x509_crl_info mbedtls_x509_crl_info +#define x509_crl_init mbedtls_x509_crl_init +#define x509_crl_parse mbedtls_x509_crl_parse +#define x509_crl_parse_der mbedtls_x509_crl_parse_der +#define x509_crl_parse_file mbedtls_x509_crl_parse_file +#define x509_crt mbedtls_x509_crt +#define x509_crt_check_extended_key_usage mbedtls_x509_crt_check_extended_key_usage +#define x509_crt_check_key_usage mbedtls_x509_crt_check_key_usage +#define x509_crt_free mbedtls_x509_crt_free +#define x509_crt_info mbedtls_x509_crt_info +#define x509_crt_init mbedtls_x509_crt_init +#define x509_crt_parse mbedtls_x509_crt_parse +#define x509_crt_parse_der mbedtls_x509_crt_parse_der +#define x509_crt_parse_file mbedtls_x509_crt_parse_file +#define x509_crt_parse_path mbedtls_x509_crt_parse_path +#define x509_crt_revoked mbedtls_x509_crt_is_revoked +#define x509_crt_verify mbedtls_x509_crt_verify +#define x509_csr mbedtls_x509_csr +#define x509_csr_free mbedtls_x509_csr_free +#define x509_csr_info mbedtls_x509_csr_info +#define x509_csr_init mbedtls_x509_csr_init +#define x509_csr_parse mbedtls_x509_csr_parse +#define x509_csr_parse_der mbedtls_x509_csr_parse_der +#define x509_csr_parse_file mbedtls_x509_csr_parse_file +#define x509_dn_gets mbedtls_x509_dn_gets +#define x509_get_alg mbedtls_x509_get_alg +#define x509_get_alg_null mbedtls_x509_get_alg_null +#define x509_get_ext mbedtls_x509_get_ext +#define x509_get_name mbedtls_x509_get_name +#define x509_get_rsassa_pss_params mbedtls_x509_get_rsassa_pss_params +#define x509_get_serial mbedtls_x509_get_serial +#define x509_get_sig mbedtls_x509_get_sig +#define x509_get_sig_alg mbedtls_x509_get_sig_alg +#define x509_get_time mbedtls_x509_get_time +#define x509_key_size_helper mbedtls_x509_key_size_helper +#define x509_name mbedtls_x509_name +#define x509_oid_get_description mbedtls_x509_oid_get_description +#define x509_oid_get_numeric_string mbedtls_x509_oid_get_numeric_string +#define x509_self_test mbedtls_x509_self_test +#define x509_sequence mbedtls_x509_sequence +#define x509_serial_gets mbedtls_x509_serial_gets +#define x509_set_extension mbedtls_x509_set_extension +#define x509_sig_alg_gets mbedtls_x509_sig_alg_gets +#define x509_string_to_names mbedtls_x509_string_to_names +#define x509_time mbedtls_x509_time +#define x509_time_expired mbedtls_x509_time_is_past +#define x509_time_future mbedtls_x509_time_is_future +#define x509_write_extensions mbedtls_x509_write_extensions +#define x509_write_names mbedtls_x509_write_names +#define x509_write_sig mbedtls_x509_write_sig +#define x509write_cert mbedtls_x509write_cert +#define x509write_crt_der mbedtls_x509write_crt_der +#define x509write_crt_free mbedtls_x509write_crt_free +#define x509write_crt_init mbedtls_x509write_crt_init +#define x509write_crt_pem mbedtls_x509write_crt_pem +#define x509write_crt_set_authority_key_identifier mbedtls_x509write_crt_set_authority_key_identifier +#define x509write_crt_set_basic_constraints mbedtls_x509write_crt_set_basic_constraints +#define x509write_crt_set_extension mbedtls_x509write_crt_set_extension +#define x509write_crt_set_issuer_key mbedtls_x509write_crt_set_issuer_key +#define x509write_crt_set_issuer_name mbedtls_x509write_crt_set_issuer_name +#define x509write_crt_set_key_usage mbedtls_x509write_crt_set_key_usage +#define x509write_crt_set_md_alg mbedtls_x509write_crt_set_md_alg +#define x509write_crt_set_ns_cert_type mbedtls_x509write_crt_set_ns_cert_type +#define x509write_crt_set_serial mbedtls_x509write_crt_set_serial +#define x509write_crt_set_subject_key mbedtls_x509write_crt_set_subject_key +#define x509write_crt_set_subject_key_identifier mbedtls_x509write_crt_set_subject_key_identifier +#define x509write_crt_set_subject_name mbedtls_x509write_crt_set_subject_name +#define x509write_crt_set_validity mbedtls_x509write_crt_set_validity +#define x509write_crt_set_version mbedtls_x509write_crt_set_version +#define x509write_csr mbedtls_x509write_csr +#define x509write_csr_der mbedtls_x509write_csr_der +#define x509write_csr_free mbedtls_x509write_csr_free +#define x509write_csr_init mbedtls_x509write_csr_init +#define x509write_csr_pem mbedtls_x509write_csr_pem +#define x509write_csr_set_extension mbedtls_x509write_csr_set_extension +#define x509write_csr_set_key mbedtls_x509write_csr_set_key +#define x509write_csr_set_key_usage mbedtls_x509write_csr_set_key_usage +#define x509write_csr_set_md_alg mbedtls_x509write_csr_set_md_alg +#define x509write_csr_set_ns_cert_type mbedtls_x509write_csr_set_ns_cert_type +#define x509write_csr_set_subject_name mbedtls_x509write_csr_set_subject_name +#define xtea_context mbedtls_xtea_context +#define xtea_crypt_cbc mbedtls_xtea_crypt_cbc +#define xtea_crypt_ecb mbedtls_xtea_crypt_ecb +#define xtea_free mbedtls_xtea_free +#define xtea_init mbedtls_xtea_init +#define xtea_self_test mbedtls_xtea_self_test +#define xtea_setup mbedtls_xtea_setup + +#endif /* compat-1.3.h */ +#endif /* MBEDTLS_DEPRECATED_REMOVED */ diff --git a/ext/mbedtls/include/mbedtls/config.h b/ext/mbedtls/include/mbedtls/config.h new file mode 100644 index 0000000000..db385927e5 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/config.h @@ -0,0 +1,2426 @@ +/** + * \file config.h + * + * \brief Configuration options (set of defines) + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + * This set of compile-time options may be used to enable + * or disable features selectively, and reduce the global + * memory footprint. + */ +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) +#define _CRT_SECURE_NO_DEPRECATE 1 +#endif + +/** + * \name SECTION: System support + * + * This section sets system specific settings. + * \{ + */ + +/** + * \def MBEDTLS_HAVE_ASM + * + * The compiler has support for asm(). + * + * Requires support for asm() in compiler. + * + * Used in: + * library/timing.c + * library/padlock.c + * include/mbedtls/bn_mul.h + * + * Comment to disable the use of assembly code. + */ +#define MBEDTLS_HAVE_ASM + +/** + * \def MBEDTLS_HAVE_SSE2 + * + * CPU supports SSE2 instruction set. + * + * Uncomment if the CPU supports SSE2 (IA-32 specific). + */ +//#define MBEDTLS_HAVE_SSE2 + +/** + * \def MBEDTLS_HAVE_TIME + * + * System has time.h and time(). + * The time does not need to be correct, only time differences are used, + * by contrast with MBEDTLS_HAVE_TIME_DATE + * + * Comment if your system does not support time functions + */ +#define MBEDTLS_HAVE_TIME + +/** + * \def MBEDTLS_HAVE_TIME_DATE + * + * System has time.h and time(), gmtime() and the clock is correct. + * The time needs to be correct (not necesarily very accurate, but at least + * the date should be correct). This is used to verify the validity period of + * X.509 certificates. + * + * Comment if your system does not have a correct clock. + */ +#define MBEDTLS_HAVE_TIME_DATE + +/** + * \def MBEDTLS_PLATFORM_MEMORY + * + * Enable the memory allocation layer. + * + * By default mbed TLS uses the system-provided calloc() and free(). + * This allows different allocators (self-implemented or provided) to be + * provided to the platform abstraction layer. + * + * Enabling MBEDTLS_PLATFORM_MEMORY without the + * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide + * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and + * free() function pointer at runtime. + * + * Enabling MBEDTLS_PLATFORM_MEMORY and specifying + * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the + * alternate function at compile time. + * + * Requires: MBEDTLS_PLATFORM_C + * + * Enable this layer to allow use of alternative memory allocators. + */ +//#define MBEDTLS_PLATFORM_MEMORY + +/** + * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS + * + * Do not assign standard functions in the platform layer (e.g. calloc() to + * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) + * + * This makes sure there are no linking errors on platforms that do not support + * these functions. You will HAVE to provide alternatives, either at runtime + * via the platform_set_xxx() functions or at compile time by setting + * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a + * MBEDTLS_PLATFORM_XXX_MACRO. + * + * Requires: MBEDTLS_PLATFORM_C + * + * Uncomment to prevent default assignment of standard functions in the + * platform layer. + */ +//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS + +/** + * \def MBEDTLS_PLATFORM_XXX_ALT + * + * Uncomment a macro to let mbed TLS support the function in the platform + * abstraction layer. + * + * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will + * provide a function "mbedtls_platform_set_printf()" that allows you to set an + * alternative printf function pointer. + * + * All these define require MBEDTLS_PLATFORM_C to be defined! + * + * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; + * it will be enabled automatically by check_config.h + * + * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as + * MBEDTLS_PLATFORM_XXX_MACRO! + * + * Uncomment a macro to enable alternate implementation of specific base + * platform function + */ +//#define MBEDTLS_PLATFORM_EXIT_ALT +//#define MBEDTLS_PLATFORM_FPRINTF_ALT +//#define MBEDTLS_PLATFORM_PRINTF_ALT +//#define MBEDTLS_PLATFORM_SNPRINTF_ALT + +/** + * \def MBEDTLS_DEPRECATED_WARNING + * + * Mark deprecated functions so that they generate a warning if used. + * Functions deprecated in one version will usually be removed in the next + * version. You can enable this to help you prepare the transition to a new + * major version by making sure your code is not using these functions. + * + * This only works with GCC and Clang. With other compilers, you may want to + * use MBEDTLS_DEPRECATED_REMOVED + * + * Uncomment to get warnings on using deprecated functions. + */ +//#define MBEDTLS_DEPRECATED_WARNING + +/** + * \def MBEDTLS_DEPRECATED_REMOVED + * + * Remove deprecated functions so that they generate an error if used. + * Functions deprecated in one version will usually be removed in the next + * version. You can enable this to help you prepare the transition to a new + * major version by making sure your code is not using these functions. + * + * Uncomment to get errors on using deprecated functions. + */ +//#define MBEDTLS_DEPRECATED_REMOVED + +/* \} name SECTION: System support */ + +/** + * \name SECTION: mbed TLS feature support + * + * This section sets support for features that are or are not needed + * within the modules that are enabled. + * \{ + */ + +/** + * \def MBEDTLS_TIMING_ALT + * + * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), + * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() + * + * Only works if you have MBEDTLS_TIMING_C enabled. + * + * You will need to provide a header "timing_alt.h" and an implementation at + * compile time. + */ +//#define MBEDTLS_TIMING_ALT + +/** + * \def MBEDTLS__MODULE_NAME__ALT + * + * Uncomment a macro to let mbed TLS use your alternate core implementation of + * a symmetric crypto or hash module (e.g. platform specific assembly + * optimized implementations). Keep in mind that the function prototypes + * should remain the same. + * + * This replaces the whole module. If you only want to replace one of the + * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. + * + * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer + * provide the "struct mbedtls_aes_context" definition and omit the base function + * declarations and implementations. "aes_alt.h" will be included from + * "aes.h" to include the new function definitions. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * module. + */ +//#define MBEDTLS_AES_ALT +//#define MBEDTLS_ARC4_ALT +//#define MBEDTLS_BLOWFISH_ALT +//#define MBEDTLS_CAMELLIA_ALT +//#define MBEDTLS_DES_ALT +//#define MBEDTLS_XTEA_ALT +//#define MBEDTLS_MD2_ALT +//#define MBEDTLS_MD4_ALT +//#define MBEDTLS_MD5_ALT +//#define MBEDTLS_RIPEMD160_ALT +//#define MBEDTLS_SHA1_ALT +//#define MBEDTLS_SHA256_ALT +//#define MBEDTLS_SHA512_ALT + +/** + * \def MBEDTLS__FUNCTION_NAME__ALT + * + * Uncomment a macro to let mbed TLS use you alternate core implementation of + * symmetric crypto or hash function. Keep in mind that function prototypes + * should remain the same. + * + * This replaces only one function. The header file from mbed TLS is still + * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. + * + * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will + * no longer provide the mbedtls_sha1_process() function, but it will still provide + * the other function (using your mbedtls_sha1_process() function) and the definition + * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible + * with this definition. + * + * Note: if you use the AES_xxx_ALT macros, then is is recommended to also set + * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES + * tables. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * function. + */ +//#define MBEDTLS_MD2_PROCESS_ALT +//#define MBEDTLS_MD4_PROCESS_ALT +//#define MBEDTLS_MD5_PROCESS_ALT +//#define MBEDTLS_RIPEMD160_PROCESS_ALT +//#define MBEDTLS_SHA1_PROCESS_ALT +//#define MBEDTLS_SHA256_PROCESS_ALT +//#define MBEDTLS_SHA512_PROCESS_ALT +//#define MBEDTLS_DES_SETKEY_ALT +//#define MBEDTLS_DES_CRYPT_ECB_ALT +//#define MBEDTLS_DES3_CRYPT_ECB_ALT +//#define MBEDTLS_AES_SETKEY_ENC_ALT +//#define MBEDTLS_AES_SETKEY_DEC_ALT +//#define MBEDTLS_AES_ENCRYPT_ALT +//#define MBEDTLS_AES_DECRYPT_ALT + +/** + * \def MBEDTLS_ENTROPY_HARDWARE_ALT + * + * Uncomment this macro to let mbed TLS use your own implementation of a + * hardware entropy collector. + * + * Your function must be called \c mbedtls_hardware_poll(), have the same + * prototype as declared in entropy_poll.h, and accept NULL as first argument. + * + * Uncomment to use your own hardware entropy collector. + */ +//#define MBEDTLS_ENTROPY_HARDWARE_ALT + +/** + * \def MBEDTLS_AES_ROM_TABLES + * + * Store the AES tables in ROM. + * + * Uncomment this macro to store the AES tables in ROM. + */ +//#define MBEDTLS_AES_ROM_TABLES + +/** + * \def MBEDTLS_CAMELLIA_SMALL_MEMORY + * + * Use less ROM for the Camellia implementation (saves about 768 bytes). + * + * Uncomment this macro to use less memory for Camellia. + */ +//#define MBEDTLS_CAMELLIA_SMALL_MEMORY + +/** + * \def MBEDTLS_CIPHER_MODE_CBC + * + * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_CBC + +/** + * \def MBEDTLS_CIPHER_MODE_CFB + * + * Enable Cipher Feedback mode (CFB) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_CFB + +/** + * \def MBEDTLS_CIPHER_MODE_CTR + * + * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. + */ +#define MBEDTLS_CIPHER_MODE_CTR + +/** + * \def MBEDTLS_CIPHER_NULL_CIPHER + * + * Enable NULL cipher. + * Warning: Only do so when you know what you are doing. This allows for + * encryption or channels without any security! + * + * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable + * the following ciphersuites: + * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 + * MBEDTLS_TLS_RSA_WITH_NULL_SHA + * MBEDTLS_TLS_RSA_WITH_NULL_MD5 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA + * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 + * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 + * MBEDTLS_TLS_PSK_WITH_NULL_SHA + * + * Uncomment this macro to enable the NULL cipher and ciphersuites + */ +//#define MBEDTLS_CIPHER_NULL_CIPHER + +/** + * \def MBEDTLS_CIPHER_PADDING_XXX + * + * Uncomment or comment macros to add support for specific padding modes + * in the cipher layer with cipher modes that support padding (e.g. CBC) + * + * If you disable all padding modes, only full blocks can be used with CBC. + * + * Enable padding modes in the cipher layer. + */ +#define MBEDTLS_CIPHER_PADDING_PKCS7 +#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS +#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN +#define MBEDTLS_CIPHER_PADDING_ZEROS + +/** + * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES + * + * Enable weak ciphersuites in SSL / TLS. + * Warning: Only do so when you know what you are doing. This allows for + * channels with virtually no security at all! + * + * This enables the following ciphersuites: + * MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA + * + * Uncomment this macro to enable weak ciphersuites + */ +//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES + +/** + * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES + * + * Remove RC4 ciphersuites by default in SSL / TLS. + * This flag removes the ciphersuites based on RC4 from the default list as + * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to + * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them + * explicitly. + * + * Uncomment this macro to remove RC4 ciphersuites by default. + */ +#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES + +/** + * \def MBEDTLS_ECP_XXXX_ENABLED + * + * Enables specific curves within the Elliptic Curve module. + * By default all supported curves are enabled. + * + * Comment macros to disable the curve and functions for it + */ +#define MBEDTLS_ECP_DP_SECP192R1_ENABLED +#define MBEDTLS_ECP_DP_SECP224R1_ENABLED +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define MBEDTLS_ECP_DP_SECP384R1_ENABLED +#define MBEDTLS_ECP_DP_SECP521R1_ENABLED +#define MBEDTLS_ECP_DP_SECP192K1_ENABLED +#define MBEDTLS_ECP_DP_SECP224K1_ENABLED +#define MBEDTLS_ECP_DP_SECP256K1_ENABLED +#define MBEDTLS_ECP_DP_BP256R1_ENABLED +#define MBEDTLS_ECP_DP_BP384R1_ENABLED +#define MBEDTLS_ECP_DP_BP512R1_ENABLED +#define MBEDTLS_ECP_DP_CURVE25519_ENABLED + +/** + * \def MBEDTLS_ECP_NIST_OPTIM + * + * Enable specific 'modulo p' routines for each NIST prime. + * Depending on the prime and architecture, makes operations 4 to 8 times + * faster on the corresponding curve. + * + * Comment this macro to disable NIST curves optimisation. + */ +#define MBEDTLS_ECP_NIST_OPTIM + +/** + * \def MBEDTLS_ECDSA_DETERMINISTIC + * + * Enable deterministic ECDSA (RFC 6979). + * Standard ECDSA is "fragile" in the sense that lack of entropy when signing + * may result in a compromise of the long-term signing key. This is avoided by + * the deterministic variant. + * + * Requires: MBEDTLS_HMAC_DRBG_C + * + * Comment this macro to disable deterministic ECDSA. + */ +#define MBEDTLS_ECDSA_DETERMINISTIC + +/** + * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + * + * Enable the PSK based ciphersuite modes in SSL / TLS. + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + * + * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + * + * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + * + * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + * + * Enable the RSA-only based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + */ +#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + * + * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + * + * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + * + * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + */ +#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + * + * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED + +/** + * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + * + * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. + * + * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + */ +#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + +/** + * \def MBEDTLS_PK_PARSE_EC_EXTENDED + * + * Enhance support for reading EC keys using variants of SEC1 not allowed by + * RFC 5915 and RFC 5480. + * + * Currently this means parsing the SpecifiedECDomain choice of EC + * parameters (only known groups are supported, not arbitrary domains, to + * avoid validation issues). + * + * Disable if you only need to support RFC 5915 + 5480 key formats. + */ +#define MBEDTLS_PK_PARSE_EC_EXTENDED + +/** + * \def MBEDTLS_ERROR_STRERROR_DUMMY + * + * Enable a dummy error function to make use of mbedtls_strerror() in + * third party libraries easier when MBEDTLS_ERROR_C is disabled + * (no effect when MBEDTLS_ERROR_C is enabled). + * + * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're + * not using mbedtls_strerror() or error_strerror() in your application. + * + * Disable if you run into name conflicts and want to really remove the + * mbedtls_strerror() + */ +#define MBEDTLS_ERROR_STRERROR_DUMMY + +/** + * \def MBEDTLS_GENPRIME + * + * Enable the prime-number generation code. + * + * Requires: MBEDTLS_BIGNUM_C + */ +#define MBEDTLS_GENPRIME + +/** + * \def MBEDTLS_FS_IO + * + * Enable functions that use the filesystem. + */ +#define MBEDTLS_FS_IO + +/** + * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + * + * Do not add default entropy sources. These are the platform specific, + * mbedtls_timing_hardclock and HAVEGE based poll functions. + * + * This is useful to have more control over the added entropy sources in an + * application. + * + * Uncomment this macro to prevent loading of default entropy functions. + */ +//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + +/** + * \def MBEDTLS_NO_PLATFORM_ENTROPY + * + * Do not use built-in platform entropy functions. + * This is useful if your platform does not support + * standards like the /dev/urandom or Windows CryptoAPI. + * + * Uncomment this macro to disable the built-in platform entropy functions. + */ +//#define MBEDTLS_NO_PLATFORM_ENTROPY + +/** + * \def MBEDTLS_ENTROPY_FORCE_SHA256 + * + * Force the entropy accumulator to use a SHA-256 accumulator instead of the + * default SHA-512 based one (if both are available). + * + * Requires: MBEDTLS_SHA256_C + * + * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option + * if you have performance concerns. + * + * This option is only useful if both MBEDTLS_SHA256_C and + * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. + */ +//#define MBEDTLS_ENTROPY_FORCE_SHA256 + +/** + * \def MBEDTLS_MEMORY_DEBUG + * + * Enable debugging of buffer allocator memory issues. Automatically prints + * (to stderr) all (fatal) messages on memory allocation issues. Enables + * function for 'debug output' of allocated memory. + * + * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C + * + * Uncomment this macro to let the buffer allocator print out error messages. + */ +//#define MBEDTLS_MEMORY_DEBUG + +/** + * \def MBEDTLS_MEMORY_BACKTRACE + * + * Include backtrace information with each allocated block. + * + * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C + * GLIBC-compatible backtrace() an backtrace_symbols() support + * + * Uncomment this macro to include backtrace information + */ +//#define MBEDTLS_MEMORY_BACKTRACE + +/** + * \def MBEDTLS_PK_RSA_ALT_SUPPORT + * + * Support external private RSA keys (eg from a HSM) in the PK layer. + * + * Comment this macro to disable support for external private RSA keys. + */ +#define MBEDTLS_PK_RSA_ALT_SUPPORT + +/** + * \def MBEDTLS_PKCS1_V15 + * + * Enable support for PKCS#1 v1.5 encoding. + * + * Requires: MBEDTLS_RSA_C + * + * This enables support for PKCS#1 v1.5 operations. + */ +#define MBEDTLS_PKCS1_V15 + +/** + * \def MBEDTLS_PKCS1_V21 + * + * Enable support for PKCS#1 v2.1 encoding. + * + * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C + * + * This enables support for RSAES-OAEP and RSASSA-PSS operations. + */ +#define MBEDTLS_PKCS1_V21 + +/** + * \def MBEDTLS_RSA_NO_CRT + * + * Do not use the Chinese Remainder Theorem for the RSA private operation. + * + * Uncomment this macro to disable the use of CRT in RSA. + * + */ +//#define MBEDTLS_RSA_NO_CRT + +/** + * \def MBEDTLS_SELF_TEST + * + * Enable the checkup functions (*_self_test). + */ +#define MBEDTLS_SELF_TEST + +/** + * \def MBEDTLS_SHA256_SMALLER + * + * Enable an implementation of SHA-256 that has lower ROM footprint but also + * lower performance. + * + * The default implementation is meant to be a reasonnable compromise between + * performance and size. This version optimizes more aggressively for size at + * the expense of performance. Eg on Cortex-M4 it reduces the size of + * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about + * 30%. + * + * Uncomment to enable the smaller implementation of SHA256. + */ +//#define MBEDTLS_SHA256_SMALLER + +/** + * \def MBEDTLS_SSL_AEAD_RANDOM_IV + * + * Generate a random IV rather than using the record sequence number as a + * nonce for ciphersuites using and AEAD algorithm (GCM or CCM). + * + * Using the sequence number is generally recommended. + * + * Uncomment this macro to always use random IVs with AEAD ciphersuites. + */ +//#define MBEDTLS_SSL_AEAD_RANDOM_IV + +/** + * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES + * + * Enable sending of alert messages in case of encountered errors as per RFC. + * If you choose not to send the alert messages, mbed TLS can still communicate + * with other servers, only debugging of failures is harder. + * + * The advantage of not sending alert messages, is that no information is given + * about reasons for failures thus preventing adversaries of gaining intel. + * + * Enable sending of all alert messages + */ +#define MBEDTLS_SSL_ALL_ALERT_MESSAGES + +/** + * \def MBEDTLS_SSL_DEBUG_ALL + * + * Enable the debug messages in SSL module for all issues. + * Debug messages have been disabled in some places to prevent timing + * attacks due to (unbalanced) debugging function calls. + * + * If you need all error reporting you should enable this during debugging, + * but remove this for production servers that should log as well. + * + * Uncomment this macro to report all debug messages on errors introducing + * a timing side-channel. + * + */ +//#define MBEDTLS_SSL_DEBUG_ALL + +/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC + * + * Enable support for Encrypt-then-MAC, RFC 7366. + * + * This allows peers that both support it to use a more robust protection for + * ciphersuites using CBC, providing deep resistance against timing attacks + * on the padding or underlying cipher. + * + * This only affects CBC ciphersuites, and is useless if none is defined. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Encrypt-then-MAC + */ +#define MBEDTLS_SSL_ENCRYPT_THEN_MAC + +/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET + * + * Enable support for Extended Master Secret, aka Session Hash + * (draft-ietf-tls-session-hash-02). + * + * This was introduced as "the proper fix" to the Triple Handshake familiy of + * attacks, but it is recommended to always use it (even if you disable + * renegotiation), since it actually fixes a more fundamental issue in the + * original SSL/TLS design, and has implications beyond Triple Handshake. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1 or + * MBEDTLS_SSL_PROTO_TLS1_1 or + * MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for Extended Master Secret. + */ +#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET + +/** + * \def MBEDTLS_SSL_FALLBACK_SCSV + * + * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). + * + * For servers, it is recommended to always enable this, unless you support + * only one version of TLS, or know for sure that none of your clients + * implements a fallback strategy. + * + * For clients, you only need this if you're using a fallback strategy, which + * is not recommended in the first place, unless you absolutely need it to + * interoperate with buggy (version-intolerant) servers. + * + * Comment this macro to disable support for FALLBACK_SCSV + */ +#define MBEDTLS_SSL_FALLBACK_SCSV + +/** + * \def MBEDTLS_SSL_HW_RECORD_ACCEL + * + * Enable hooking functions in SSL module for hardware acceleration of + * individual records. + * + * Uncomment this macro to enable hooking functions. + */ +//#define MBEDTLS_SSL_HW_RECORD_ACCEL + +/** + * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING + * + * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. + * + * This is a countermeasure to the BEAST attack, which also minimizes the risk + * of interoperability issues compared to sending 0-length records. + * + * Comment this macro to disable 1/n-1 record splitting. + */ +#define MBEDTLS_SSL_CBC_RECORD_SPLITTING + +/** + * \def MBEDTLS_SSL_RENEGOTIATION + * + * Disable support for TLS renegotiation. + * + * The two main uses of renegotiation are (1) refresh keys on long-lived + * connections and (2) client authentication after the initial handshake. + * If you don't need renegotiation, it's probably better to disable it, since + * it has been associated with security issues in the past and is easy to + * misuse/misunderstand. + * + * Comment this to disable support for renegotiation. + */ +#define MBEDTLS_SSL_RENEGOTIATION + +/** + * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + * + * Enable support for receiving and parsing SSLv2 Client Hello messages for the + * SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to enable support for SSLv2 Client Hello messages. + */ +//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + +/** + * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + * + * Pick the ciphersuite according to the client's preferences rather than ours + * in the SSL Server module (MBEDTLS_SSL_SRV_C). + * + * Uncomment this macro to respect client's ciphersuite order + */ +//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE + +/** + * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + * + * Enable support for RFC 6066 max_fragment_length extension in SSL. + * + * Comment this macro to disable support for the max_fragment_length extension + */ +#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + +/** + * \def MBEDTLS_SSL_PROTO_SSL3 + * + * Enable support for SSL 3.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for SSL 3.0 + */ +#define MBEDTLS_SSL_PROTO_SSL3 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1 + * + * Enable support for TLS 1.0. + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_1 + * + * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). + * + * Requires: MBEDTLS_MD5_C + * MBEDTLS_SHA1_C + * + * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 + */ +#define MBEDTLS_SSL_PROTO_TLS1_1 + +/** + * \def MBEDTLS_SSL_PROTO_TLS1_2 + * + * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). + * + * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C + * (Depends on ciphersuites) + * + * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 + */ +#define MBEDTLS_SSL_PROTO_TLS1_2 + +/** + * \def MBEDTLS_SSL_PROTO_DTLS + * + * Enable support for DTLS (all available versions). + * + * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, + * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1_1 + * or MBEDTLS_SSL_PROTO_TLS1_2 + * + * Comment this macro to disable support for DTLS + */ +#define MBEDTLS_SSL_PROTO_DTLS + +/** + * \def MBEDTLS_SSL_ALPN + * + * Enable support for RFC 7301 Application Layer Protocol Negotiation. + * + * Comment this macro to disable support for ALPN. + */ +#define MBEDTLS_SSL_ALPN + +/** + * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY + * + * Enable support for the anti-replay mechanism in DTLS. + * + * Requires: MBEDTLS_SSL_TLS_C + * MBEDTLS_SSL_PROTO_DTLS + * + * \warning Disabling this is often a security risk! + * See mbedtls_ssl_conf_dtls_anti_replay() for details. + * + * Comment this to disable anti-replay in DTLS. + */ +#define MBEDTLS_SSL_DTLS_ANTI_REPLAY + +/** + * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY + * + * Enable support for HelloVerifyRequest on DTLS servers. + * + * This feature is highly recommended to prevent DTLS servers being used as + * amplifiers in DoS attacks against other hosts. It should always be enabled + * unless you know for sure amplification cannot be a problem in the + * environment in which your server operates. + * + * \warning Disabling this can ba a security risk! (see above) + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + * + * Comment this to disable support for HelloVerifyRequest. + */ +#define MBEDTLS_SSL_DTLS_HELLO_VERIFY + +/** + * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT + * + * Enable support for a limit of records with bad MAC. + * + * See mbedtls_ssl_conf_dtls_badmac_limit(). + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + */ +#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT + +/** + * \def MBEDTLS_SSL_SESSION_TICKETS + * + * Enable support for RFC 5077 session tickets in SSL. + * Client-side, provides full support for session tickets (maintainance of a + * session store remains the responsibility of the application, though). + * Server-side, you also need to provide callbacks for writing and parsing + * tickets, including authenticated encryption and key management. Example + * callbacks are provided by MBEDTLS_SSL_TICKET_C. + * + * Comment this macro to disable support for SSL session tickets + */ +#define MBEDTLS_SSL_SESSION_TICKETS + +/** + * \def MBEDTLS_SSL_SERVER_NAME_INDICATION + * + * Enable support for RFC 6066 server name indication (SNI) in SSL. + * + * Requires: MBEDTLS_X509_CRT_PARSE_C + * + * Comment this macro to disable support for server name indication in SSL + */ +#define MBEDTLS_SSL_SERVER_NAME_INDICATION + +/** + * \def MBEDTLS_SSL_TRUNCATED_HMAC + * + * Enable support for RFC 6066 truncated HMAC in SSL. + * + * Comment this macro to disable support for truncated HMAC in SSL + */ +#define MBEDTLS_SSL_TRUNCATED_HMAC + +/** + * \def MBEDTLS_THREADING_ALT + * + * Provide your own alternate threading implementation. + * + * Requires: MBEDTLS_THREADING_C + * + * Uncomment this to allow your own alternate threading implementation. + */ +//#define MBEDTLS_THREADING_ALT + +/** + * \def MBEDTLS_THREADING_PTHREAD + * + * Enable the pthread wrapper layer for the threading layer. + * + * Requires: MBEDTLS_THREADING_C + * + * Uncomment this to enable pthread mutexes. + */ +//#define MBEDTLS_THREADING_PTHREAD + +/** + * \def MBEDTLS_VERSION_FEATURES + * + * Allow run-time checking of compile-time enabled features. Thus allowing users + * to check at run-time if the library is for instance compiled with threading + * support via mbedtls_version_check_feature(). + * + * Requires: MBEDTLS_VERSION_C + * + * Comment this to disable run-time checking and save ROM space + */ +#define MBEDTLS_VERSION_FEATURES + +/** + * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an extension in a v1 or v2 certificate. + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 + +/** + * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an unknown critical extension. + * + * Uncomment to prevent an error. + */ +//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + +/** + * \def MBEDTLS_X509_CHECK_KEY_USAGE + * + * Enable verification of the keyUsage extension (CA and leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused + * (intermediate) CA and leaf certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip keyUsage checking for both CA and leaf certificates. + */ +#define MBEDTLS_X509_CHECK_KEY_USAGE + +/** + * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + * + * Enable verification of the extendedKeyUsage extension (leaf certificates). + * + * Disabling this avoids problems with mis-issued and/or misused certificates. + * + * \warning Depending on your PKI use, disabling this can be a security risk! + * + * Comment to skip extendedKeyUsage checking for certificates. + */ +#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE + +/** + * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT + * + * Enable parsing and verification of X.509 certificates, CRLs and CSRS + * signed with RSASSA-PSS (aka PKCS#1 v2.1). + * + * Comment this macro to disallow using RSASSA-PSS in certificates. + */ +#define MBEDTLS_X509_RSASSA_PSS_SUPPORT + +/** + * \def MBEDTLS_ZLIB_SUPPORT + * + * If set, the SSL/TLS module uses ZLIB to support compression and + * decompression of packet data. + * + * \warning TLS-level compression MAY REDUCE SECURITY! See for example the + * CRIME attack. Before enabling this option, you should examine with care if + * CRIME or similar exploits may be a applicable to your use case. + * + * \note Currently compression can't be used with DTLS. + * + * Used in: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * This feature requires zlib library and headers to be present. + * + * Uncomment to enable use of ZLIB + */ +//#define MBEDTLS_ZLIB_SUPPORT +/* \} name SECTION: mbed TLS feature support */ + +/** + * \name SECTION: mbed TLS modules + * + * This section enables or disables entire modules in mbed TLS + * \{ + */ + +/** + * \def MBEDTLS_AESNI_C + * + * Enable AES-NI support on x86-64. + * + * Module: library/aesni.c + * Caller: library/aes.c + * + * Requires: MBEDTLS_HAVE_ASM + * + * This modules adds support for the AES-NI instructions on x86-64 + */ +//#define MBEDTLS_AESNI_C + +/** + * \def MBEDTLS_AES_C + * + * Enable the AES block cipher. + * + * Module: library/aes.c + * Caller: library/ssl_tls.c + * library/pem.c + * library/ctr_drbg.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA + * + * PEM_PARSE uses AES for decrypting encrypted keys. + */ +#define MBEDTLS_AES_C + +/** + * \def MBEDTLS_ARC4_C + * + * Enable the ARCFOUR stream cipher. + * + * Module: library/arc4.c + * Caller: library/ssl_tls.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_SHA + * MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 + * MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA + * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA + */ +#define MBEDTLS_ARC4_C + +/** + * \def MBEDTLS_ASN1_PARSE_C + * + * Enable the generic ASN1 parser. + * + * Module: library/asn1.c + * Caller: library/x509.c + * library/dhm.c + * library/pkcs12.c + * library/pkcs5.c + * library/pkparse.c + */ +#define MBEDTLS_ASN1_PARSE_C + +/** + * \def MBEDTLS_ASN1_WRITE_C + * + * Enable the generic ASN1 writer. + * + * Module: library/asn1write.c + * Caller: library/ecdsa.c + * library/pkwrite.c + * library/x509_create.c + * library/x509write_crt.c + * library/mbedtls_x509write_csr.c + */ +#define MBEDTLS_ASN1_WRITE_C + +/** + * \def MBEDTLS_BASE64_C + * + * Enable the Base64 module. + * + * Module: library/base64.c + * Caller: library/pem.c + * + * This module is required for PEM support (required by X.509). + */ +#define MBEDTLS_BASE64_C + +/** + * \def MBEDTLS_BIGNUM_C + * + * Enable the multi-precision integer library. + * + * Module: library/bignum.c + * Caller: library/dhm.c + * library/ecp.c + * library/ecdsa.c + * library/rsa.c + * library/ssl_tls.c + * + * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. + */ +#define MBEDTLS_BIGNUM_C + +/** + * \def MBEDTLS_BLOWFISH_C + * + * Enable the Blowfish block cipher. + * + * Module: library/blowfish.c + */ +#define MBEDTLS_BLOWFISH_C + +/** + * \def MBEDTLS_CAMELLIA_C + * + * Enable the Camellia block cipher. + * + * Module: library/camellia.c + * Caller: library/ssl_tls.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 + * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + */ +#define MBEDTLS_CAMELLIA_C + +/** + * \def MBEDTLS_CCM_C + * + * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. + * + * Module: library/ccm.c + * + * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C + * + * This module enables the AES-CCM ciphersuites, if other requisites are + * enabled as well. + */ +#define MBEDTLS_CCM_C + +/** + * \def MBEDTLS_CERTS_C + * + * Enable the test certificates. + * + * Module: library/certs.c + * Caller: + * + * This module is used for testing (ssl_client/server). + */ +#define MBEDTLS_CERTS_C + +/** + * \def MBEDTLS_CIPHER_C + * + * Enable the generic cipher layer. + * + * Module: library/cipher.c + * Caller: library/ssl_tls.c + * + * Uncomment to enable generic cipher wrappers. + */ +#define MBEDTLS_CIPHER_C + +/** + * \def MBEDTLS_CTR_DRBG_C + * + * Enable the CTR_DRBG AES-256-based random generator. + * + * Module: library/ctr_drbg.c + * Caller: + * + * Requires: MBEDTLS_AES_C + * + * This module provides the CTR_DRBG AES-256 random number generator. + */ +#define MBEDTLS_CTR_DRBG_C + +/** + * \def MBEDTLS_DEBUG_C + * + * Enable the debug functions. + * + * Module: library/debug.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * This module provides debugging functions. + */ +#define MBEDTLS_DEBUG_C + +/** + * \def MBEDTLS_DES_C + * + * Enable the DES block cipher. + * + * Module: library/des.c + * Caller: library/pem.c + * library/ssl_tls.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA + * + * PEM_PARSE uses DES/3DES for decrypting encrypted keys. + */ +#define MBEDTLS_DES_C + +/** + * \def MBEDTLS_DHM_C + * + * Enable the Diffie-Hellman-Merkle module. + * + * Module: library/dhm.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * This module is used by the following key exchanges: + * DHE-RSA, DHE-PSK + */ +#define MBEDTLS_DHM_C + +/** + * \def MBEDTLS_ECDH_C + * + * Enable the elliptic curve Diffie-Hellman library. + * + * Module: library/ecdh.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * This module is used by the following key exchanges: + * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK + * + * Requires: MBEDTLS_ECP_C + */ +#define MBEDTLS_ECDH_C + +/** + * \def MBEDTLS_ECDSA_C + * + * Enable the elliptic curve DSA library. + * + * Module: library/ecdsa.c + * Caller: + * + * This module is used by the following key exchanges: + * ECDHE-ECDSA + * + * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C + */ +#define MBEDTLS_ECDSA_C + +/** + * \def MBEDTLS_ECP_C + * + * Enable the elliptic curve over GF(p) library. + * + * Module: library/ecp.c + * Caller: library/ecdh.c + * library/ecdsa.c + * + * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED + */ +#define MBEDTLS_ECP_C + +/** + * \def MBEDTLS_ENTROPY_C + * + * Enable the platform-specific entropy code. + * + * Module: library/entropy.c + * Caller: + * + * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C + * + * This module provides a generic entropy pool + */ +#define MBEDTLS_ENTROPY_C + +/** + * \def MBEDTLS_ERROR_C + * + * Enable error code to error string conversion. + * + * Module: library/error.c + * Caller: + * + * This module enables mbedtls_strerror(). + */ +#define MBEDTLS_ERROR_C + +/** + * \def MBEDTLS_GCM_C + * + * Enable the Galois/Counter Mode (GCM) for AES. + * + * Module: library/gcm.c + * + * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C + * + * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other + * requisites are enabled as well. + */ +#define MBEDTLS_GCM_C + +/** + * \def MBEDTLS_HAVEGE_C + * + * Enable the HAVEGE random generator. + * + * Warning: the HAVEGE random generator is not suitable for virtualized + * environments + * + * Warning: the HAVEGE random generator is dependent on timing and specific + * processor traits. It is therefore not advised to use HAVEGE as + * your applications primary random generator or primary entropy pool + * input. As a secondary input to your entropy pool, it IS able add + * the (limited) extra entropy it provides. + * + * Module: library/havege.c + * Caller: + * + * Requires: MBEDTLS_TIMING_C + * + * Uncomment to enable the HAVEGE random generator. + */ +//#define MBEDTLS_HAVEGE_C + +/** + * \def MBEDTLS_HMAC_DRBG_C + * + * Enable the HMAC_DRBG random generator. + * + * Module: library/hmac_drbg.c + * Caller: + * + * Requires: MBEDTLS_MD_C + * + * Uncomment to enable the HMAC_DRBG random number geerator. + */ +#define MBEDTLS_HMAC_DRBG_C + +/** + * \def MBEDTLS_MD_C + * + * Enable the generic message digest layer. + * + * Module: library/mbedtls_md.c + * Caller: + * + * Uncomment to enable generic message digest wrappers. + */ +#define MBEDTLS_MD_C + +/** + * \def MBEDTLS_MD2_C + * + * Enable the MD2 hash algorithm. + * + * Module: library/mbedtls_md2.c + * Caller: + * + * Uncomment to enable support for (rare) MD2-signed X.509 certs. + */ +//#define MBEDTLS_MD2_C + +/** + * \def MBEDTLS_MD4_C + * + * Enable the MD4 hash algorithm. + * + * Module: library/mbedtls_md4.c + * Caller: + * + * Uncomment to enable support for (rare) MD4-signed X.509 certs. + */ +//#define MBEDTLS_MD4_C + +/** + * \def MBEDTLS_MD5_C + * + * Enable the MD5 hash algorithm. + * + * Module: library/mbedtls_md5.c + * Caller: library/mbedtls_md.c + * library/pem.c + * library/ssl_tls.c + * + * This module is required for SSL/TLS and X.509. + * PEM_PARSE uses MD5 for decrypting encrypted keys. + */ +#define MBEDTLS_MD5_C + +/** + * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C + * + * Enable the buffer allocator implementation that makes use of a (stack) + * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() + * calls) + * + * Module: library/memory_buffer_alloc.c + * + * Requires: MBEDTLS_PLATFORM_C + * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) + * + * Enable this module to enable the buffer memory allocator. + */ +//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C + +/** + * \def MBEDTLS_NET_C + * + * Enable the TCP/IP networking routines. + * + * Module: library/net.c + * + * This module provides TCP/IP networking routines. + */ +#define MBEDTLS_NET_C + +/** + * \def MBEDTLS_OID_C + * + * Enable the OID database. + * + * Module: library/oid.c + * Caller: library/asn1write.c + * library/pkcs5.c + * library/pkparse.c + * library/pkwrite.c + * library/rsa.c + * library/x509.c + * library/x509_create.c + * library/mbedtls_x509_crl.c + * library/mbedtls_x509_crt.c + * library/mbedtls_x509_csr.c + * library/x509write_crt.c + * library/mbedtls_x509write_csr.c + * + * This modules translates between OIDs and internal values. + */ +#define MBEDTLS_OID_C + +/** + * \def MBEDTLS_PADLOCK_C + * + * Enable VIA Padlock support on x86. + * + * Module: library/padlock.c + * Caller: library/aes.c + * + * Requires: MBEDTLS_HAVE_ASM + * + * This modules adds support for the VIA PadLock on x86. + */ +//#define MBEDTLS_PADLOCK_C + +/** + * \def MBEDTLS_PEM_PARSE_C + * + * Enable PEM decoding / parsing. + * + * Module: library/pem.c + * Caller: library/dhm.c + * library/pkparse.c + * library/mbedtls_x509_crl.c + * library/mbedtls_x509_crt.c + * library/mbedtls_x509_csr.c + * + * Requires: MBEDTLS_BASE64_C + * + * This modules adds support for decoding / parsing PEM files. + */ +#define MBEDTLS_PEM_PARSE_C + +/** + * \def MBEDTLS_PEM_WRITE_C + * + * Enable PEM encoding / writing. + * + * Module: library/pem.c + * Caller: library/pkwrite.c + * library/x509write_crt.c + * library/mbedtls_x509write_csr.c + * + * Requires: MBEDTLS_BASE64_C + * + * This modules adds support for encoding / writing PEM files. + */ +#define MBEDTLS_PEM_WRITE_C + +/** + * \def MBEDTLS_PK_C + * + * Enable the generic public (asymetric) key layer. + * + * Module: library/pk.c + * Caller: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C + * + * Uncomment to enable generic public key wrappers. + */ +#define MBEDTLS_PK_C + +/** + * \def MBEDTLS_PK_PARSE_C + * + * Enable the generic public (asymetric) key parser. + * + * Module: library/pkparse.c + * Caller: library/mbedtls_x509_crt.c + * library/mbedtls_x509_csr.c + * + * Requires: MBEDTLS_PK_C + * + * Uncomment to enable generic public key parse functions. + */ +#define MBEDTLS_PK_PARSE_C + +/** + * \def MBEDTLS_PK_WRITE_C + * + * Enable the generic public (asymetric) key writer. + * + * Module: library/pkwrite.c + * Caller: library/x509write.c + * + * Requires: MBEDTLS_PK_C + * + * Uncomment to enable generic public key write functions. + */ +#define MBEDTLS_PK_WRITE_C + +/** + * \def MBEDTLS_PKCS5_C + * + * Enable PKCS#5 functions. + * + * Module: library/pkcs5.c + * + * Requires: MBEDTLS_MD_C + * + * This module adds support for the PKCS#5 functions. + */ +#define MBEDTLS_PKCS5_C + +/** + * \def MBEDTLS_PKCS11_C + * + * Enable wrapper for PKCS#11 smartcard support. + * + * Module: library/pkcs11.c + * Caller: library/pk.c + * + * Requires: MBEDTLS_PK_C + * + * This module enables SSL/TLS PKCS #11 smartcard support. + * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) + */ +//#define MBEDTLS_PKCS11_C + +/** + * \def MBEDTLS_PKCS12_C + * + * Enable PKCS#12 PBE functions. + * Adds algorithms for parsing PKCS#8 encrypted private keys + * + * Module: library/pkcs12.c + * Caller: library/pkparse.c + * + * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C + * Can use: MBEDTLS_ARC4_C + * + * This module enables PKCS#12 functions. + */ +#define MBEDTLS_PKCS12_C + +/** + * \def MBEDTLS_PLATFORM_C + * + * Enable the platform abstraction layer that allows you to re-assign + * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). + * + * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT + * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned + * above to be specified at runtime or compile time respectively. + * + * \note This abstraction layer must be enabled on Windows (including MSYS2) + * as other module rely on it for a fixed snprintf implementation. + * + * Module: library/platform.c + * Caller: Most other .c files + * + * This module enables abstraction of common (libc) functions. + */ +#define MBEDTLS_PLATFORM_C + +/** + * \def MBEDTLS_RIPEMD160_C + * + * Enable the RIPEMD-160 hash algorithm. + * + * Module: library/mbedtls_ripemd160.c + * Caller: library/mbedtls_md.c + * + */ +#define MBEDTLS_RIPEMD160_C + +/** + * \def MBEDTLS_RSA_C + * + * Enable the RSA public-key cryptosystem. + * + * Module: library/rsa.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * library/x509.c + * + * This module is used by the following key exchanges: + * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK + * + * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C + */ +#define MBEDTLS_RSA_C + +/** + * \def MBEDTLS_SHA1_C + * + * Enable the SHA1 cryptographic hash algorithm. + * + * Module: library/mbedtls_sha1.c + * Caller: library/mbedtls_md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * library/x509write_crt.c + * + * This module is required for SSL/TLS and SHA1-signed certificates. + */ +#define MBEDTLS_SHA1_C + +/** + * \def MBEDTLS_SHA256_C + * + * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. + * + * Module: library/mbedtls_sha256.c + * Caller: library/entropy.c + * library/mbedtls_md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * This module adds support for SHA-224 and SHA-256. + * This module is required for the SSL/TLS 1.2 PRF function. + */ +#define MBEDTLS_SHA256_C + +/** + * \def MBEDTLS_SHA512_C + * + * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. + * + * Module: library/mbedtls_sha512.c + * Caller: library/entropy.c + * library/mbedtls_md.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * This module adds support for SHA-384 and SHA-512. + */ +#define MBEDTLS_SHA512_C + +/** + * \def MBEDTLS_SSL_CACHE_C + * + * Enable simple SSL cache implementation. + * + * Module: library/ssl_cache.c + * Caller: + * + * Requires: MBEDTLS_SSL_CACHE_C + */ +#define MBEDTLS_SSL_CACHE_C + +/** + * \def MBEDTLS_SSL_COOKIE_C + * + * Enable basic implementation of DTLS cookies for hello verification. + * + * Module: library/ssl_cookie.c + * Caller: + */ +#define MBEDTLS_SSL_COOKIE_C + +/** + * \def MBEDTLS_SSL_TICKET_C + * + * Enable an implementation of TLS server-side callbacks for session tickets. + * + * Module: library/ssl_ticket.c + * Caller: + * + * Requires: MBEDTLS_CIPHER_C + */ +#define MBEDTLS_SSL_TICKET_C + +/** + * \def MBEDTLS_SSL_CLI_C + * + * Enable the SSL/TLS client code. + * + * Module: library/ssl_cli.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS client support. + */ +#define MBEDTLS_SSL_CLI_C + +/** + * \def MBEDTLS_SSL_SRV_C + * + * Enable the SSL/TLS server code. + * + * Module: library/ssl_srv.c + * Caller: + * + * Requires: MBEDTLS_SSL_TLS_C + * + * This module is required for SSL/TLS server support. + */ +#define MBEDTLS_SSL_SRV_C + +/** + * \def MBEDTLS_SSL_TLS_C + * + * Enable the generic SSL/TLS code. + * + * Module: library/ssl_tls.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C + * and at least one of the MBEDTLS_SSL_PROTO_XXX defines + * + * This module is required for SSL/TLS. + */ +#define MBEDTLS_SSL_TLS_C + +/** + * \def MBEDTLS_THREADING_C + * + * Enable the threading abstraction layer. + * By default mbed TLS assumes it is used in a non-threaded environment or that + * contexts are not shared between threads. If you do intend to use contexts + * between threads, you will need to enable this layer to prevent race + * conditions. + * + * Module: library/threading.c + * + * This allows different threading implementations (self-implemented or + * provided). + * + * You will have to enable either MBEDTLS_THREADING_ALT or + * MBEDTLS_THREADING_PTHREAD. + * + * Enable this layer to allow use of mutexes within mbed TLS + */ +//#define MBEDTLS_THREADING_C + +/** + * \def MBEDTLS_TIMING_C + * + * Enable the portable timing interface. + * + * Module: library/timing.c + * Caller: library/havege.c + * + * This module is used by the HAVEGE random number generator. + */ +#define MBEDTLS_TIMING_C + +/** + * \def MBEDTLS_VERSION_C + * + * Enable run-time version information. + * + * Module: library/version.c + * + * This module provides run-time version information. + */ +#define MBEDTLS_VERSION_C + +/** + * \def MBEDTLS_X509_USE_C + * + * Enable X.509 core for using certificates. + * + * Module: library/x509.c + * Caller: library/mbedtls_x509_crl.c + * library/mbedtls_x509_crt.c + * library/mbedtls_x509_csr.c + * + * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, + * MBEDTLS_PK_PARSE_C + * + * This module is required for the X.509 parsing modules. + */ +#define MBEDTLS_X509_USE_C + +/** + * \def MBEDTLS_X509_CRT_PARSE_C + * + * Enable X.509 certificate parsing. + * + * Module: library/mbedtls_x509_crt.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 certificate parsing. + */ +#define MBEDTLS_X509_CRT_PARSE_C + +/** + * \def MBEDTLS_X509_CRL_PARSE_C + * + * Enable X.509 CRL parsing. + * + * Module: library/mbedtls_x509_crl.c + * Caller: library/mbedtls_x509_crt.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is required for X.509 CRL parsing. + */ +#define MBEDTLS_X509_CRL_PARSE_C + +/** + * \def MBEDTLS_X509_CSR_PARSE_C + * + * Enable X.509 Certificate Signing Request (CSR) parsing. + * + * Module: library/mbedtls_x509_csr.c + * Caller: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_USE_C + * + * This module is used for reading X.509 certificate request. + */ +#define MBEDTLS_X509_CSR_PARSE_C + +/** + * \def MBEDTLS_X509_CREATE_C + * + * Enable X.509 core for creating certificates. + * + * Module: library/x509_create.c + * + * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C + * + * This module is the basis for creating X.509 certificates and CSRs. + */ +#define MBEDTLS_X509_CREATE_C + +/** + * \def MBEDTLS_X509_CRT_WRITE_C + * + * Enable creating X.509 certificates. + * + * Module: library/x509_crt_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate creation. + */ +#define MBEDTLS_X509_CRT_WRITE_C + +/** + * \def MBEDTLS_X509_CSR_WRITE_C + * + * Enable creating X.509 Certificate Signing Requests (CSR). + * + * Module: library/x509_csr_write.c + * + * Requires: MBEDTLS_X509_CREATE_C + * + * This module is required for X.509 certificate request writing. + */ +#define MBEDTLS_X509_CSR_WRITE_C + +/** + * \def MBEDTLS_XTEA_C + * + * Enable the XTEA block cipher. + * + * Module: library/xtea.c + * Caller: + */ +#define MBEDTLS_XTEA_C + +/* \} name SECTION: mbed TLS modules */ + +/** + * \name SECTION: Module configuration options + * + * This section allows for the setting of module specific sizes and + * configuration options. The default values are already present in the + * relevant header files and should suffice for the regular use cases. + * + * Our advice is to enable options and change their values here + * only if you have a good reason and know the consequences. + * + * Please check the respective header file for documentation on these + * parameters (to prevent duplicate documentation). + * \{ + */ + +/* MPI / BIGNUM options */ +//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ +//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ + +/* CTR_DRBG options */ +//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ +//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ +//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ +//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ +//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ + +/* HMAC_DRBG options */ +//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ +//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ +//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ +//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ + +/* ECP options */ +//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ +//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ +//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ + +/* Entropy options */ +//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ +//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ + +/* Memory buffer allocator options */ +//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ + +/* Platform options */ +//#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ +//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ +/* Note: your snprintf must correclty zero-terminate the buffer! */ +//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ + +/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ +/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ +//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ +/* Note: your snprintf must correclty zero-terminate the buffer! */ +//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ + +/* SSL Cache options */ +//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ +//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ + +/* SSL options */ +//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ +//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ +//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ +//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ + +/** + * Complete list of ciphersuites to use, in order of preference. + * + * \warning No dependency checking is done on that field! This option can only + * be used to restrict the set of available ciphersuites. It is your + * responsibility to make sure the needed modules are active. + * + * Use this to save a few hundred bytes of ROM (default ordering of all + * available ciphersuites) and a few to a few hundred bytes of RAM. + * + * The value below is only an example, not the default. + */ +//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + +/* X509 options */ +//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ + +/* \} name SECTION: Module configuration options */ + +#include "check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ diff --git a/ext/mbedtls/include/polarssl/ctr_drbg.h b/ext/mbedtls/include/mbedtls/ctr_drbg.h similarity index 56% rename from ext/mbedtls/include/polarssl/ctr_drbg.h rename to ext/mbedtls/include/mbedtls/ctr_drbg.h index ebab55f29f..cebf43b09c 100644 --- a/ext/mbedtls/include/polarssl/ctr_drbg.h +++ b/ext/mbedtls/include/mbedtls/ctr_drbg.h @@ -21,20 +21,24 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_CTR_DRBG_H -#define POLARSSL_CTR_DRBG_H +#ifndef MBEDTLS_CTR_DRBG_H +#define MBEDTLS_CTR_DRBG_H #include "aes.h" -#define POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */ -#define POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< Too many random requested in single call. */ -#define POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< Input too large (Entropy + additional). */ -#define POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read/write error in file. */ +#if defined(MBEDTLS_THREADING_C) +#include "mbedtls/threading.h" +#endif + +#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */ +#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< Too many random requested in single call. */ +#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< Input too large (Entropy + additional). */ +#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read/write error in file. */ -#define CTR_DRBG_BLOCKSIZE 16 /**< Block size used by the cipher */ -#define CTR_DRBG_KEYSIZE 32 /**< Key size used by the cipher */ -#define CTR_DRBG_KEYBITS ( CTR_DRBG_KEYSIZE * 8 ) -#define CTR_DRBG_SEEDLEN ( CTR_DRBG_KEYSIZE + CTR_DRBG_BLOCKSIZE ) +#define MBEDTLS_CTR_DRBG_BLOCKSIZE 16 /**< Block size used by the cipher */ +#define MBEDTLS_CTR_DRBG_KEYSIZE 32 /**< Key size used by the cipher */ +#define MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 ) +#define MBEDTLS_CTR_DRBG_SEEDLEN ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE ) /**< The seed length (counter + AES key) */ /** @@ -45,34 +49,34 @@ * \{ */ -#if !defined(CTR_DRBG_ENTROPY_LEN) -#if defined(POLARSSL_SHA512_C) && !defined(POLARSSL_ENTROPY_FORCE_SHA256) -#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ +#if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) +#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) +#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ #else -#define CTR_DRBG_ENTROPY_LEN 32 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ +#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ #endif #endif -#if !defined(CTR_DRBG_RESEED_INTERVAL) -#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ +#if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL) +#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ #endif -#if !defined(CTR_DRBG_MAX_INPUT) -#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ +#if !defined(MBEDTLS_CTR_DRBG_MAX_INPUT) +#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ #endif -#if !defined(CTR_DRBG_MAX_REQUEST) -#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ +#if !defined(MBEDTLS_CTR_DRBG_MAX_REQUEST) +#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ #endif -#if !defined(CTR_DRBG_MAX_SEED_INPUT) -#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ +#if !defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) +#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ #endif /* \} name SECTION: Module settings */ -#define CTR_DRBG_PR_OFF 0 /**< No prediction resistance */ -#define CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */ +#define MBEDTLS_CTR_DRBG_PR_OFF 0 /**< No prediction resistance */ +#define MBEDTLS_CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */ #ifdef __cplusplus extern "C" { @@ -91,7 +95,7 @@ typedef struct (re)seed */ int reseed_interval; /*!< reseed interval */ - aes_context aes_ctx; /*!< AES context */ + mbedtls_aes_context aes_ctx; /*!< AES context */ /* * Callbacks (Entropy) @@ -99,16 +103,30 @@ typedef struct int (*f_entropy)(void *, unsigned char *, size_t); void *p_entropy; /*!< context for the entropy function */ + +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; +#endif } -ctr_drbg_context; +mbedtls_ctr_drbg_context; + +/** + * \brief CTR_DRBG context initialization + * Makes the context ready for mbetls_ctr_drbg_seed() or + * mbedtls_ctr_drbg_free(). + * + * \param ctx CTR_DRBG context to be initialized + */ +void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); /** - * \brief CTR_DRBG initialization + * \brief CTR_DRBG initial seeding + * Seed and setup entropy source for future reseeds. * * Note: Personalization data can be provided in addition to the more generic * entropy source to make this instantiation as unique as possible. * - * \param ctx CTR_DRBG context to be initialized + * \param ctx CTR_DRBG context to be seeded * \param f_entropy Entropy callback (p_entropy, buffer to fill, buffer * length) * \param p_entropy Entropy context @@ -117,9 +135,9 @@ ctr_drbg_context; * \param len Length of personalization data * * \return 0 if successful, or - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED + * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED */ -int ctr_drbg_init( ctr_drbg_context *ctx, +int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, @@ -130,7 +148,7 @@ int ctr_drbg_init( ctr_drbg_context *ctx, * * \param ctx CTR_DRBG context to clear */ -void ctr_drbg_free( ctr_drbg_context *ctx ); +void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ); /** * \brief Enable / disable prediction resistance (Default: Off) @@ -139,29 +157,29 @@ void ctr_drbg_free( ctr_drbg_context *ctx ); * Only use this if you have ample supply of good entropy! * * \param ctx CTR_DRBG context - * \param resistance CTR_DRBG_PR_ON or CTR_DRBG_PR_OFF + * \param resistance MBEDTLS_CTR_DRBG_PR_ON or MBEDTLS_CTR_DRBG_PR_OFF */ -void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx, +void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, int resistance ); /** * \brief Set the amount of entropy grabbed on each (re)seed - * (Default: CTR_DRBG_ENTROPY_LEN) + * (Default: MBEDTLS_CTR_DRBG_ENTROPY_LEN) * * \param ctx CTR_DRBG context * \param len Amount of entropy to grab */ -void ctr_drbg_set_entropy_len( ctr_drbg_context *ctx, +void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, size_t len ); /** * \brief Set the reseed interval - * (Default: CTR_DRBG_RESEED_INTERVAL) + * (Default: MBEDTLS_CTR_DRBG_RESEED_INTERVAL) * * \param ctx CTR_DRBG context * \param interval Reseed interval */ -void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, +void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, int interval ); /** @@ -172,9 +190,9 @@ void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, * \param len Length of additional data * * \return 0 if successful, or - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED + * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED */ -int ctr_drbg_reseed( ctr_drbg_context *ctx, +int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t len ); /** @@ -184,11 +202,11 @@ int ctr_drbg_reseed( ctr_drbg_context *ctx, * \param additional Additional data to update state with * \param add_len Length of additional data * - * \note If add_len is greater than CTR_DRBG_MAX_SEED_INPUT, - * only the first CTR_DRBG_MAX_SEED_INPUT bytes are used, + * \note If add_len is greater than MBEDTLS_CTR_DRBG_MAX_SEED_INPUT, + * only the first MBEDTLS_CTR_DRBG_MAX_SEED_INPUT bytes are used, * the remaining ones are silently discarded. */ -void ctr_drbg_update( ctr_drbg_context *ctx, +void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len ); /** @@ -203,10 +221,10 @@ void ctr_drbg_update( ctr_drbg_context *ctx, * \param add_len Length of additional data * * \return 0 if successful, or - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or - * POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG + * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or + * MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG */ -int ctr_drbg_random_with_add( void *p_rng, +int mbedtls_ctr_drbg_random_with_add( void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len ); @@ -220,13 +238,13 @@ int ctr_drbg_random_with_add( void *p_rng, * \param output_len Length of the buffer * * \return 0 if successful, or - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or - * POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG + * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or + * MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG */ -int ctr_drbg_random( void *p_rng, +int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /** * \brief Write a seed file * @@ -234,10 +252,10 @@ int ctr_drbg_random( void *p_rng, * \param path Name of the file * * \return 0 if successful, - * POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR on file error, or - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED + * MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR on file error, or + * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED */ -int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path ); +int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); /** * \brief Read and update a seed file. Seed is added to this @@ -247,22 +265,22 @@ int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path ); * \param path Name of the file * * \return 0 if successful, - * POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR on file error, - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or - * POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG + * MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR on file error, + * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or + * MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG */ -int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path ); -#endif /* POLARSSL_FS_IO */ +int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); +#endif /* MBEDTLS_FS_IO */ /** * \brief Checkup routine * * \return 0 if successful, or 1 if the test failed */ -int ctr_drbg_self_test( int verbose ); +int mbedtls_ctr_drbg_self_test( int verbose ); /* Internal functions (do not call directly) */ -int ctr_drbg_init_entropy_len( ctr_drbg_context *, +int mbedtls_ctr_drbg_seed_entropy_len( mbedtls_ctr_drbg_context *, int (*)(void *, unsigned char *, size_t), void *, const unsigned char *, size_t, size_t ); diff --git a/ext/mbedtls/include/mbedtls/debug.h b/ext/mbedtls/include/mbedtls/debug.h new file mode 100644 index 0000000000..6b44f1f4d9 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/debug.h @@ -0,0 +1,126 @@ +/** + * \file debug.h + * + * \brief Debug functions + * + * Copyright (C) 2006-2011, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_DEBUG_H +#define MBEDTLS_DEBUG_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "ssl.h" + +#if defined(MBEDTLS_ECP_C) +#include "ecp.h" +#endif + +#if defined(MBEDTLS_DEBUG_C) + +#define MBEDTLS_DEBUG_STRIP_PARENS( ... ) __VA_ARGS__ + +#define MBEDTLS_SSL_DEBUG_MSG( level, args ) \ + mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__, \ + MBEDTLS_DEBUG_STRIP_PARENS args ) + +#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) \ + mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret ) + +#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) \ + mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len ) + +#if defined(MBEDTLS_BIGNUM_C) +#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) \ + mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X ) +#endif + +#if defined(MBEDTLS_ECP_C) +#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) \ + mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X ) +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \ + mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ) +#endif + +#else /* MBEDTLS_DEBUG_C */ + +#define MBEDTLS_SSL_DEBUG_MSG( level, args ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) + +#endif /* MBEDTLS_DEBUG_C */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Set the level threshold to handle globally. Messages that have a + * level over the threshold value are ignored. + * (Default value: 0 (No debug)) + * + * \param threshold maximum level of messages to pass on + */ +void mbedtls_debug_set_threshold( int threshold ); + +void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *format, ... ); + +void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, int ret ); + +void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text, + const unsigned char *buf, size_t len ); + +#if defined(MBEDTLS_BIGNUM_C) +void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_mpi *X ); +#endif + +#if defined(MBEDTLS_ECP_C) +void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_ecp_point *X ); +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_x509_crt *crt ); +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* debug.h */ diff --git a/ext/mbedtls/include/polarssl/des.h b/ext/mbedtls/include/mbedtls/des.h similarity index 71% rename from ext/mbedtls/include/polarssl/des.h rename to ext/mbedtls/include/mbedtls/des.h index 3f7236c1ca..af89979c8c 100644 --- a/ext/mbedtls/include/polarssl/des.h +++ b/ext/mbedtls/include/mbedtls/des.h @@ -21,32 +21,26 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_DES_H -#define POLARSSL_DES_H +#ifndef MBEDTLS_DES_H +#define MBEDTLS_DES_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include +#include -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif - -#define DES_ENCRYPT 1 -#define DES_DECRYPT 0 +#define MBEDTLS_DES_ENCRYPT 1 +#define MBEDTLS_DES_DECRYPT 0 -#define POLARSSL_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */ +#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */ -#define DES_KEY_SIZE 8 +#define MBEDTLS_DES_KEY_SIZE 8 -#if !defined(POLARSSL_DES_ALT) +#if !defined(MBEDTLS_DES_ALT) // Regular implementation // @@ -59,48 +53,46 @@ extern "C" { */ typedef struct { - int mode; /*!< encrypt/decrypt */ uint32_t sk[32]; /*!< DES subkeys */ } -des_context; +mbedtls_des_context; /** * \brief Triple-DES context structure */ typedef struct { - int mode; /*!< encrypt/decrypt */ uint32_t sk[96]; /*!< 3DES subkeys */ } -des3_context; +mbedtls_des3_context; /** * \brief Initialize DES context * * \param ctx DES context to be initialized */ -void des_init( des_context *ctx ); +void mbedtls_des_init( mbedtls_des_context *ctx ); /** * \brief Clear DES context * * \param ctx DES context to be cleared */ -void des_free( des_context *ctx ); +void mbedtls_des_free( mbedtls_des_context *ctx ); /** * \brief Initialize Triple-DES context * * \param ctx DES3 context to be initialized */ -void des3_init( des3_context *ctx ); +void mbedtls_des3_init( mbedtls_des3_context *ctx ); /** * \brief Clear Triple-DES context * * \param ctx DES3 context to be cleared */ -void des3_free( des3_context *ctx ); +void mbedtls_des3_free( mbedtls_des3_context *ctx ); /** * \brief Set key parity on the given key to odd. @@ -110,7 +102,7 @@ void des3_free( des3_context *ctx ); * * \param key 8-byte secret key */ -void des_key_set_parity( unsigned char key[DES_KEY_SIZE] ); +void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] ); /** * \brief Check that key parity on the given key is odd. @@ -122,7 +114,7 @@ void des_key_set_parity( unsigned char key[DES_KEY_SIZE] ); * * \return 0 is parity was ok, 1 if parity was not correct. */ -int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] ); +int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); /** * \brief Check that key is not a weak or semi-weak DES key @@ -131,7 +123,7 @@ int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] ); * * \return 0 if no weak key was found, 1 if a weak key was identified. */ -int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] ); +int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); /** * \brief DES key schedule (56-bit, encryption) @@ -141,7 +133,7 @@ int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] ); * * \return 0 */ -int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ); +int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); /** * \brief DES key schedule (56-bit, decryption) @@ -151,7 +143,7 @@ int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ); * * \return 0 */ -int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ); +int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); /** * \brief Triple-DES key schedule (112-bit, encryption) @@ -161,8 +153,8 @@ int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ); * * \return 0 */ -int des3_set2key_enc( des3_context *ctx, - const unsigned char key[DES_KEY_SIZE * 2] ); +int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ); /** * \brief Triple-DES key schedule (112-bit, decryption) @@ -172,8 +164,8 @@ int des3_set2key_enc( des3_context *ctx, * * \return 0 */ -int des3_set2key_dec( des3_context *ctx, - const unsigned char key[DES_KEY_SIZE * 2] ); +int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ); /** * \brief Triple-DES key schedule (168-bit, encryption) @@ -183,8 +175,8 @@ int des3_set2key_dec( des3_context *ctx, * * \return 0 */ -int des3_set3key_enc( des3_context *ctx, - const unsigned char key[DES_KEY_SIZE * 3] ); +int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ); /** * \brief Triple-DES key schedule (168-bit, decryption) @@ -194,8 +186,8 @@ int des3_set3key_enc( des3_context *ctx, * * \return 0 */ -int des3_set3key_dec( des3_context *ctx, - const unsigned char key[DES_KEY_SIZE * 3] ); +int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ); /** * \brief DES-ECB block encryption/decryption @@ -206,11 +198,11 @@ int des3_set3key_dec( des3_context *ctx, * * \return 0 if successful */ -int des_crypt_ecb( des_context *ctx, +int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, const unsigned char input[8], unsigned char output[8] ); -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /** * \brief DES-CBC buffer encryption/decryption * @@ -223,19 +215,19 @@ int des_crypt_ecb( des_context *ctx, * module instead. * * \param ctx DES context - * \param mode DES_ENCRYPT or DES_DECRYPT + * \param mode MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT * \param length length of the input data * \param iv initialization vector (updated after use) * \param input buffer holding the input data * \param output buffer holding the output data */ -int des_crypt_cbc( des_context *ctx, +int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, int mode, size_t length, unsigned char iv[8], const unsigned char *input, unsigned char *output ); -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ /** * \brief 3DES-ECB block encryption/decryption @@ -246,11 +238,11 @@ int des_crypt_cbc( des_context *ctx, * * \return 0 if successful */ -int des3_crypt_ecb( des3_context *ctx, +int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, const unsigned char input[8], unsigned char output[8] ); -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /** * \brief 3DES-CBC buffer encryption/decryption * @@ -263,29 +255,39 @@ int des3_crypt_ecb( des3_context *ctx, * module instead. * * \param ctx 3DES context - * \param mode DES_ENCRYPT or DES_DECRYPT + * \param mode MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT * \param length length of the input data * \param iv initialization vector (updated after use) * \param input buffer holding the input data * \param output buffer holding the output data * - * \return 0 if successful, or POLARSSL_ERR_DES_INVALID_INPUT_LENGTH + * \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH */ -int des3_crypt_cbc( des3_context *ctx, +int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx, int mode, size_t length, unsigned char iv[8], const unsigned char *input, unsigned char *output ); -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +/** + * \brief Internal function for key expansion. + * (Only exposed to allow overriding it, + * see MBEDTLS_DES_SETKEY_ALT) + * + * \param SK Round keys + * \param key Base key + */ +void mbedtls_des_setkey( uint32_t SK[32], + const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); #ifdef __cplusplus } #endif -#else /* POLARSSL_DES_ALT */ +#else /* MBEDTLS_DES_ALT */ #include "des_alt.h" -#endif /* POLARSSL_DES_ALT */ +#endif /* MBEDTLS_DES_ALT */ #ifdef __cplusplus extern "C" { @@ -296,7 +298,7 @@ extern "C" { * * \return 0 if successful, or 1 if the test failed */ -int des_self_test( int verbose ); +int mbedtls_des_self_test( int verbose ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/dhm.h b/ext/mbedtls/include/mbedtls/dhm.h similarity index 63% rename from ext/mbedtls/include/polarssl/dhm.h rename to ext/mbedtls/include/mbedtls/dhm.h index 8d64a5f913..2de728b4f7 100644 --- a/ext/mbedtls/include/polarssl/dhm.h +++ b/ext/mbedtls/include/mbedtls/dhm.h @@ -21,27 +21,25 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_DHM_H -#define POLARSSL_DHM_H +#ifndef MBEDTLS_DHM_H +#define MBEDTLS_DHM_H #include "bignum.h" /* * DHM Error codes */ -#define POLARSSL_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */ -#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */ -#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */ -#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */ -#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */ -#define POLARSSL_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */ -#define POLARSSL_ERR_DHM_MALLOC_FAILED -0x3400 /**< Allocation of memory failed. */ -#define POLARSSL_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read/write of file failed. */ +#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */ +#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */ +#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */ +#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */ +#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */ +#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */ +#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 /**< Allocation of memory failed. */ +#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read/write of file failed. */ /** - * RFC 2409 defines a number of standardized Diffie-Hellman groups - * that can be used. * RFC 3526 defines a number of standardized Diffie-Hellman groups * for IKE. * RFC 5114 defines a number of standardized Diffie-Hellman groups @@ -50,23 +48,27 @@ * Some are included here for convenience. * * Included are: - * RFC 2409 6.2. 1024-bit MODP Group (Second Oakley Group) * RFC 3526 3. 2048-bit MODP Group * RFC 3526 4. 3072-bit MODP Group - * RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup + * RFC 3526 5. 4096-bit MODP Group * RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup */ -#define POLARSSL_DHM_RFC2409_MODP_1024_P \ +#define MBEDTLS_DHM_RFC3526_MODP_2048_P \ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ - "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" \ - "FFFFFFFFFFFFFFFF" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ + "15728E5A8AACAA68FFFFFFFFFFFFFFFF" -#define POLARSSL_DHM_RFC2409_MODP_1024_G "02" +#define MBEDTLS_DHM_RFC3526_MODP_2048_G "02" -#define POLARSSL_DHM_RFC3526_MODP_2048_P \ +#define MBEDTLS_DHM_RFC3526_MODP_3072_P \ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ @@ -77,11 +79,16 @@ "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ - "15728E5A8AACAA68FFFFFFFFFFFFFFFF" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \ + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \ + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ + "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" -#define POLARSSL_DHM_RFC3526_MODP_2048_G "02" +#define MBEDTLS_DHM_RFC3526_MODP_3072_G "02" -#define POLARSSL_DHM_RFC3526_MODP_3072_P \ +#define MBEDTLS_DHM_RFC3526_MODP_4096_P \ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ @@ -97,27 +104,17 @@ "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ - "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" - -#define POLARSSL_DHM_RFC3526_MODP_3072_G "02" - -#define POLARSSL_DHM_RFC5114_MODP_1024_P \ - "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6" \ - "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0" \ - "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70" \ - "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0" \ - "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" \ - "DF1FB2BC2E4A4371" + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" \ + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" \ + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" \ + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" \ + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" \ + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" \ + "FFFFFFFFFFFFFFFF" -#define POLARSSL_DHM_RFC5114_MODP_1024_G \ - "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F" \ - "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213" \ - "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1" \ - "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A" \ - "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" \ - "855E6EEB22B3B2E5" +#define MBEDTLS_DHM_RFC3526_MODP_4096_G "02" -#define POLARSSL_DHM_RFC5114_MODP_2048_P \ +#define MBEDTLS_DHM_RFC5114_MODP_2048_P \ "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \ "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \ "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212" \ @@ -130,7 +127,7 @@ "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \ "CF9DE5384E71B81C0AC4DFFE0C10E64F" -#define POLARSSL_DHM_RFC5114_MODP_2048_G \ +#define MBEDTLS_DHM_RFC5114_MODP_2048_G \ "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"\ "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"\ "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"\ @@ -153,25 +150,25 @@ extern "C" { typedef struct { size_t len; /*!< size(P) in chars */ - mpi P; /*!< prime modulus */ - mpi G; /*!< generator */ - mpi X; /*!< secret value */ - mpi GX; /*!< self = G^X mod P */ - mpi GY; /*!< peer = G^Y mod P */ - mpi K; /*!< key = GY^X mod P */ - mpi RP; /*!< cached R^2 mod P */ - mpi Vi; /*!< blinding value */ - mpi Vf; /*!< un-blinding value */ - mpi pX; /*!< previous X */ + mbedtls_mpi P; /*!< prime modulus */ + mbedtls_mpi G; /*!< generator */ + mbedtls_mpi X; /*!< secret value */ + mbedtls_mpi GX; /*!< self = G^X mod P */ + mbedtls_mpi GY; /*!< peer = G^Y mod P */ + mbedtls_mpi K; /*!< key = GY^X mod P */ + mbedtls_mpi RP; /*!< cached R^2 mod P */ + mbedtls_mpi Vi; /*!< blinding value */ + mbedtls_mpi Vf; /*!< un-blinding value */ + mbedtls_mpi pX; /*!< previous X */ } -dhm_context; +mbedtls_dhm_context; /** * \brief Initialize DHM context * * \param ctx DHM context to be initialized */ -void dhm_init( dhm_context *ctx ); +void mbedtls_dhm_init( mbedtls_dhm_context *ctx ); /** * \brief Parse the ServerKeyExchange parameters @@ -180,9 +177,9 @@ void dhm_init( dhm_context *ctx ); * \param p &(start of input buffer) * \param end end of buffer * - * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code */ -int dhm_read_params( dhm_context *ctx, +int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, unsigned char **p, const unsigned char *end ); @@ -198,11 +195,11 @@ int dhm_read_params( dhm_context *ctx, * * \note This function assumes that ctx->P and ctx->G * have already been properly set (for example - * using mpi_read_string or mpi_read_binary). + * using mbedtls_mpi_read_string or mbedtls_mpi_read_binary). * - * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code */ -int dhm_make_params( dhm_context *ctx, int x_size, +int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, unsigned char *output, size_t *olen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -214,9 +211,9 @@ int dhm_make_params( dhm_context *ctx, int x_size, * \param input input buffer * \param ilen size of buffer * - * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code */ -int dhm_read_public( dhm_context *ctx, +int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, const unsigned char *input, size_t ilen ); /** @@ -229,9 +226,9 @@ int dhm_read_public( dhm_context *ctx, * \param f_rng RNG function * \param p_rng RNG parameter * - * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code */ -int dhm_make_public( dhm_context *ctx, int x_size, +int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, unsigned char *output, size_t olen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -241,12 +238,12 @@ int dhm_make_public( dhm_context *ctx, int x_size, * * \param ctx DHM context * \param output destination buffer - * \param olen on entry, must hold the size of the destination buffer - * on exit, holds the actual number of bytes written + * \param output_size size of the destination buffer + * \param olen on exit, holds the actual number of bytes written * \param f_rng RNG function, for blinding purposes * \param p_rng RNG parameter * - * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code * * \note If non-NULL, f_rng is used to blind the input as * countermeasure against timing attacks. Blinding is @@ -254,8 +251,8 @@ int dhm_make_public( dhm_context *ctx, int x_size, * re-used and costs nothing otherwise, so it is recommended * to always pass a non-NULL f_rng argument. */ -int dhm_calc_secret( dhm_context *ctx, - unsigned char *output, size_t *olen, +int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, + unsigned char *output, size_t output_size, size_t *olen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -264,23 +261,24 @@ int dhm_calc_secret( dhm_context *ctx, * * \param ctx DHM context to free and clear */ -void dhm_free( dhm_context *ctx ); +void mbedtls_dhm_free( mbedtls_dhm_context *ctx ); -#if defined(POLARSSL_ASN1_PARSE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) /** \ingroup x509_module */ /** - * \brief Parse DHM parameters + * \brief Parse DHM parameters in PEM or DER format * * \param dhm DHM context to be initialized * \param dhmin input buffer * \param dhminlen size of the buffer + * (including the terminating null byte for PEM data) * * \return 0 if successful, or a specific DHM or PEM error code */ -int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin, +int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /** \ingroup x509_module */ /** * \brief Load and parse DHM parameters @@ -290,16 +288,16 @@ int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin, * * \return 0 if successful, or a specific DHM or PEM error code */ -int dhm_parse_dhmfile( dhm_context *dhm, const char *path ); -#endif /* POLARSSL_FS_IO */ -#endif /* POLARSSL_ASN1_PARSE_C */ +int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ); +#endif /* MBEDTLS_FS_IO */ +#endif /* MBEDTLS_ASN1_PARSE_C */ /** * \brief Checkup routine * * \return 0 if successful, or 1 if the test failed */ -int dhm_self_test( int verbose ); +int mbedtls_dhm_self_test( int verbose ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/ecdh.h b/ext/mbedtls/include/mbedtls/ecdh.h similarity index 69% rename from ext/mbedtls/include/polarssl/ecdh.h rename to ext/mbedtls/include/mbedtls/ecdh.h index 60f913d98c..53eb8d355d 100644 --- a/ext/mbedtls/include/polarssl/ecdh.h +++ b/ext/mbedtls/include/mbedtls/ecdh.h @@ -21,8 +21,8 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_ECDH_H -#define POLARSSL_ECDH_H +#ifndef MBEDTLS_ECDH_H +#define MBEDTLS_ECDH_H #include "ecp.h" @@ -35,26 +35,26 @@ extern "C" { */ typedef enum { - POLARSSL_ECDH_OURS, - POLARSSL_ECDH_THEIRS, -} ecdh_side; + MBEDTLS_ECDH_OURS, + MBEDTLS_ECDH_THEIRS, +} mbedtls_ecdh_side; /** * \brief ECDH context structure */ typedef struct { - ecp_group grp; /*!< elliptic curve used */ - mpi d; /*!< our secret value (private key) */ - ecp_point Q; /*!< our public value (public key) */ - ecp_point Qp; /*!< peer's public value (public key) */ - mpi z; /*!< shared secret */ + mbedtls_ecp_group grp; /*!< elliptic curve used */ + mbedtls_mpi d; /*!< our secret value (private key) */ + mbedtls_ecp_point Q; /*!< our public value (public key) */ + mbedtls_ecp_point Qp; /*!< peer's public value (public key) */ + mbedtls_mpi z; /*!< shared secret */ int point_format; /*!< format for point export in TLS messages */ - ecp_point Vi; /*!< blinding value (for later) */ - ecp_point Vf; /*!< un-blinding value (for later) */ - mpi _d; /*!< previous d (for later) */ + mbedtls_ecp_point Vi; /*!< blinding value (for later) */ + mbedtls_ecp_point Vf; /*!< un-blinding value (for later) */ + mbedtls_mpi _d; /*!< previous d (for later) */ } -ecdh_context; +mbedtls_ecdh_context; /** * \brief Generate a public key. @@ -67,9 +67,9 @@ ecdh_context; * \param p_rng RNG parameter * * \return 0 if successful, - * or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code + * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code */ -int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q, +int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -85,14 +85,14 @@ int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q, * \param p_rng RNG parameter * * \return 0 if successful, - * or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code + * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code * * \note If f_rng is not NULL, it is used to implement * countermeasures against potential elaborate timing - * attacks, see \c ecp_mul() for details. + * attacks, see \c mbedtls_ecp_mul() for details. */ -int ecdh_compute_shared( ecp_group *grp, mpi *z, - const ecp_point *Q, const mpi *d, +int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, + const mbedtls_ecp_point *Q, const mbedtls_mpi *d, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -101,14 +101,14 @@ int ecdh_compute_shared( ecp_group *grp, mpi *z, * * \param ctx Context to initialize */ -void ecdh_init( ecdh_context *ctx ); +void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ); /** * \brief Free context * * \param ctx Context to free */ -void ecdh_free( ecdh_context *ctx ); +void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ); /** * \brief Generate a public key and a TLS ServerKeyExchange payload. @@ -122,11 +122,11 @@ void ecdh_free( ecdh_context *ctx ); * \param p_rng RNG parameter * * \note This function assumes that ctx->grp has already been - * properly set (for example using ecp_use_known_dp). + * properly set (for example using mbedtls_ecp_group_load). * - * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code */ -int ecdh_make_params( ecdh_context *ctx, size_t *olen, +int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -139,9 +139,9 @@ int ecdh_make_params( ecdh_context *ctx, size_t *olen, * \param buf pointer to start of input buffer * \param end one past end of buffer * - * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code */ -int ecdh_read_params( ecdh_context *ctx, +int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, const unsigned char **buf, const unsigned char *end ); /** @@ -154,10 +154,10 @@ int ecdh_read_params( ecdh_context *ctx, * \param key EC key to use * \param side Is it our key (1) or the peer's key (0) ? * - * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code */ -int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key, - ecdh_side side ); +int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, + mbedtls_ecdh_side side ); /** * \brief Generate a public key and a TLS ClientKeyExchange payload. @@ -170,9 +170,9 @@ int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key, * \param f_rng RNG function * \param p_rng RNG parameter * - * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code */ -int ecdh_make_public( ecdh_context *ctx, size_t *olen, +int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -185,9 +185,9 @@ int ecdh_make_public( ecdh_context *ctx, size_t *olen, * \param buf start of input buffer * \param blen length of input buffer * - * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code */ -int ecdh_read_public( ecdh_context *ctx, +int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, const unsigned char *buf, size_t blen ); /** @@ -198,23 +198,16 @@ int ecdh_read_public( ecdh_context *ctx, * \param olen number of bytes written * \param buf destination buffer * \param blen buffer length - * \param f_rng RNG function, see notes for \c ecdh_compute_shared() + * \param f_rng RNG function, see notes for \c mbedtls_ecdh_compute_shared() * \param p_rng RNG parameter * - * \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code */ -int ecdh_calc_secret( ecdh_context *ctx, size_t *olen, +int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int ecdh_self_test( int verbose ); - #ifdef __cplusplus } #endif diff --git a/ext/mbedtls/include/polarssl/ecdsa.h b/ext/mbedtls/include/mbedtls/ecdsa.h similarity index 57% rename from ext/mbedtls/include/polarssl/ecdsa.h rename to ext/mbedtls/include/mbedtls/ecdsa.h index 5eb83d9d27..82921b3245 100644 --- a/ext/mbedtls/include/polarssl/ecdsa.h +++ b/ext/mbedtls/include/mbedtls/ecdsa.h @@ -21,26 +21,36 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_ECDSA_H -#define POLARSSL_ECDSA_H +#ifndef MBEDTLS_ECDSA_H +#define MBEDTLS_ECDSA_H #include "ecp.h" #include "md.h" +/* + * RFC 4492 page 20: + * + * Ecdsa-Sig-Value ::= SEQUENCE { + * r INTEGER, + * s INTEGER + * } + * + * Size is at most + * 1 (tag) + 1 (len) + 1 (initial 0) + ECP_MAX_BYTES for each of r and s, + * twice that + 1 (tag) + 2 (len) for the sequence + * (assuming ECP_MAX_BYTES is less than 126 for r and s, + * and less than 124 (total len <= 255) for the sequence) + */ +#if MBEDTLS_ECP_MAX_BYTES > 124 +#error "MBEDTLS_ECP_MAX_BYTES bigger than expected, please fix MBEDTLS_ECDSA_MAX_LEN" +#endif +/** Maximum size of an ECDSA signature in bytes */ +#define MBEDTLS_ECDSA_MAX_LEN ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) ) + /** * \brief ECDSA context structure - * - * \note Purposefully begins with the same members as struct ecp_keypair. */ -typedef struct -{ - ecp_group grp; /*!< elliptic curve used */ - mpi d; /*!< secret signature key */ - ecp_point Q; /*!< public signature key */ - mpi r; /*!< first integer from signature */ - mpi s; /*!< second integer from signature */ -} -ecdsa_context; +typedef mbedtls_ecp_keypair mbedtls_ecdsa_context; #ifdef __cplusplus extern "C" { @@ -49,6 +59,8 @@ extern "C" { /** * \brief Compute ECDSA signature of a previously hashed message * + * \note The deterministic version is usually prefered. + * * \param grp ECP group * \param r First output integer * \param s Second output integer @@ -59,16 +71,16 @@ extern "C" { * \param p_rng RNG parameter * * \return 0 if successful, - * or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code + * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code */ -int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s, - const mpi *d, const unsigned char *buf, size_t blen, +int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); -#if defined(POLARSSL_ECDSA_DETERMINISTIC) +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) /** - * \brief Compute ECDSA signature of a previously hashed message - * (deterministic version) + * \brief Compute ECDSA signature of a previously hashed message, + * deterministic version (RFC 6979). * * \param grp ECP group * \param r First output integer @@ -79,12 +91,12 @@ int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s, * \param md_alg MD algorithm used to hash the message * * \return 0 if successful, - * or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code + * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code */ -int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s, - const mpi *d, const unsigned char *buf, size_t blen, - md_type_t md_alg ); -#endif /* POLARSSL_ECDSA_DETERMINISTIC */ +int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg ); +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ /** * \brief Verify ECDSA signature of a previously hashed message @@ -97,19 +109,23 @@ int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s, * \param s Second integer of the signature * * \return 0 if successful, - * POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid - * or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code + * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid + * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code */ -int ecdsa_verify( ecp_group *grp, +int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, const unsigned char *buf, size_t blen, - const ecp_point *Q, const mpi *r, const mpi *s); + const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s); /** * \brief Compute ECDSA signature and write it to buffer, * serialized as defined in RFC 4492 page 20. * (Not thread-safe to use same context in multiple threads) * + * \note The deterministice version (RFC 6979) is used if + * MBEDTLS_ECDSA_DETERMINISTIC is defined. + * * \param ctx ECDSA context + * \param md_alg Algorithm that was used to hash the message * \param hash Message hash * \param hlen Length of hash * \param sig Buffer that will hold the signature @@ -118,26 +134,34 @@ int ecdsa_verify( ecp_group *grp, * \param p_rng RNG parameter * * \note The "sig" buffer must be at least as large as twice the - * size of the curve used, plus 7 (eg. 71 bytes if a 256-bit - * curve is used). + * size of the curve used, plus 9 (eg. 73 bytes if a 256-bit + * curve is used). MBEDTLS_ECDSA_MAX_LEN is always safe. * * \return 0 if successful, - * or a POLARSSL_ERR_ECP, POLARSSL_ERR_MPI or - * POLARSSL_ERR_ASN1 error code + * or a MBEDTLS_ERR_ECP_XXX, MBEDTLS_ERR_MPI_XXX or + * MBEDTLS_ERR_ASN1_XXX error code */ -int ecdsa_write_signature( ecdsa_context *ctx, +int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); -#if defined(POLARSSL_ECDSA_DETERMINISTIC) +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) +#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_DEPRECATED_WARNING) +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_DEPRECATED +#endif /** * \brief Compute ECDSA signature and write it to buffer, * serialized as defined in RFC 4492 page 20. * Deterministic version, RFC 6979. * (Not thread-safe to use same context in multiple threads) * + * \deprecated Superseded by mbedtls_ecdsa_write_signature() in 2.0.0 + * * \param ctx ECDSA context * \param hash Message hash * \param hlen Length of hash @@ -146,18 +170,20 @@ int ecdsa_write_signature( ecdsa_context *ctx, * \param md_alg MD algorithm used to hash the message * * \note The "sig" buffer must be at least as large as twice the - * size of the curve used, plus 7 (eg. 71 bytes if a 256-bit - * curve is used). + * size of the curve used, plus 9 (eg. 73 bytes if a 256-bit + * curve is used). MBEDTLS_ECDSA_MAX_LEN is always safe. * * \return 0 if successful, - * or a POLARSSL_ERR_ECP, POLARSSL_ERR_MPI or - * POLARSSL_ERR_ASN1 error code + * or a MBEDTLS_ERR_ECP_XXX, MBEDTLS_ERR_MPI_XXX or + * MBEDTLS_ERR_ASN1_XXX error code */ -int ecdsa_write_signature_det( ecdsa_context *ctx, +int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, - md_type_t md_alg ); -#endif /* POLARSSL_ECDSA_DETERMINISTIC */ + mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED; +#undef MBEDTLS_DEPRECATED +#endif /* MBEDTLS_DEPRECATED_REMOVED */ +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ /** * \brief Read and verify an ECDSA signature @@ -169,12 +195,12 @@ int ecdsa_write_signature_det( ecdsa_context *ctx, * \param slen Size of sig * * \return 0 if successful, - * POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid, - * POLARSSL_ERR_ECP_SIG_LEN_MISTMATCH if the signature is + * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid, + * MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH if the signature is * valid but its actual length is less than siglen, - * or a POLARSSL_ERR_ECP or POLARSSL_ERR_MPI error code + * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_ERR_MPI_XXX error code */ -int ecdsa_read_signature( ecdsa_context *ctx, +int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen ); @@ -183,13 +209,13 @@ int ecdsa_read_signature( ecdsa_context *ctx, * * \param ctx ECDSA context in which the keypair should be stored * \param gid Group (elliptic curve) to use. One of the various - * POLARSSL_ECP_DP_XXX macros depending on configuration. + * MBEDTLS_ECP_DP_XXX macros depending on configuration. * \param f_rng RNG function * \param p_rng RNG parameter * - * \return 0 on success, or a POLARSSL_ERR_ECP code. + * \return 0 on success, or a MBEDTLS_ERR_ECP_XXX code. */ -int ecdsa_genkey( ecdsa_context *ctx, ecp_group_id gid, +int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); /** @@ -198,30 +224,23 @@ int ecdsa_genkey( ecdsa_context *ctx, ecp_group_id gid, * \param ctx ECDSA context to set * \param key EC key to use * - * \return 0 on success, or a POLARSSL_ERR_ECP code. + * \return 0 on success, or a MBEDTLS_ERR_ECP_XXX code. */ -int ecdsa_from_keypair( ecdsa_context *ctx, const ecp_keypair *key ); +int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key ); /** * \brief Initialize context * * \param ctx Context to initialize */ -void ecdsa_init( ecdsa_context *ctx ); +void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ); /** * \brief Free context * * \param ctx Context to free */ -void ecdsa_free( ecdsa_context *ctx ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int ecdsa_self_test( int verbose ); +void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/ecp.h b/ext/mbedtls/include/mbedtls/ecp.h similarity index 55% rename from ext/mbedtls/include/polarssl/ecp.h rename to ext/mbedtls/include/mbedtls/ecp.h index 094a8407cb..2009a364ac 100644 --- a/ext/mbedtls/include/polarssl/ecp.h +++ b/ext/mbedtls/include/mbedtls/ecp.h @@ -21,22 +21,22 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_ECP_H -#define POLARSSL_ECP_H +#ifndef MBEDTLS_ECP_H +#define MBEDTLS_ECP_H #include "bignum.h" /* * ECP error codes */ -#define POLARSSL_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to write to. */ -#define POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 /**< Requested curve not available. */ -#define POLARSSL_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid. */ -#define POLARSSL_ERR_ECP_MALLOC_FAILED -0x4D80 /**< Memory allocation failed. */ -#define POLARSSL_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as (ephemeral) key, failed. */ -#define POLARSSL_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */ -#define POLARSSL_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< Signature is valid but shorter than the user-supplied length. */ +#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to write to. */ +#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 /**< Requested curve not available. */ +#define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid. */ +#define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80 /**< Memory allocation failed. */ +#define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as (ephemeral) key, failed. */ +#define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */ +#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< Signature is valid but shorter than the user-supplied length. */ #ifdef __cplusplus extern "C" { @@ -49,45 +49,42 @@ extern "C" { * * \warning This library does not support validation of arbitrary domain * parameters. Therefore, only well-known domain parameters from trusted - * sources should be used. See ecp_use_known_dp(). + * sources should be used. See mbedtls_ecp_group_load(). */ typedef enum { - POLARSSL_ECP_DP_NONE = 0, - POLARSSL_ECP_DP_SECP192R1, /*!< 192-bits NIST curve */ - POLARSSL_ECP_DP_SECP224R1, /*!< 224-bits NIST curve */ - POLARSSL_ECP_DP_SECP256R1, /*!< 256-bits NIST curve */ - POLARSSL_ECP_DP_SECP384R1, /*!< 384-bits NIST curve */ - POLARSSL_ECP_DP_SECP521R1, /*!< 521-bits NIST curve */ - POLARSSL_ECP_DP_BP256R1, /*!< 256-bits Brainpool curve */ - POLARSSL_ECP_DP_BP384R1, /*!< 384-bits Brainpool curve */ - POLARSSL_ECP_DP_BP512R1, /*!< 512-bits Brainpool curve */ - POLARSSL_ECP_DP_M221, /*!< (not implemented yet) */ - POLARSSL_ECP_DP_M255, /*!< Curve25519 */ - POLARSSL_ECP_DP_M383, /*!< (not implemented yet) */ - POLARSSL_ECP_DP_M511, /*!< (not implemented yet) */ - POLARSSL_ECP_DP_SECP192K1, /*!< 192-bits "Koblitz" curve */ - POLARSSL_ECP_DP_SECP224K1, /*!< 224-bits "Koblitz" curve */ - POLARSSL_ECP_DP_SECP256K1, /*!< 256-bits "Koblitz" curve */ -} ecp_group_id; + MBEDTLS_ECP_DP_NONE = 0, + MBEDTLS_ECP_DP_SECP192R1, /*!< 192-bits NIST curve */ + MBEDTLS_ECP_DP_SECP224R1, /*!< 224-bits NIST curve */ + MBEDTLS_ECP_DP_SECP256R1, /*!< 256-bits NIST curve */ + MBEDTLS_ECP_DP_SECP384R1, /*!< 384-bits NIST curve */ + MBEDTLS_ECP_DP_SECP521R1, /*!< 521-bits NIST curve */ + MBEDTLS_ECP_DP_BP256R1, /*!< 256-bits Brainpool curve */ + MBEDTLS_ECP_DP_BP384R1, /*!< 384-bits Brainpool curve */ + MBEDTLS_ECP_DP_BP512R1, /*!< 512-bits Brainpool curve */ + MBEDTLS_ECP_DP_CURVE25519, /*!< Curve25519 */ + MBEDTLS_ECP_DP_SECP192K1, /*!< 192-bits "Koblitz" curve */ + MBEDTLS_ECP_DP_SECP224K1, /*!< 224-bits "Koblitz" curve */ + MBEDTLS_ECP_DP_SECP256K1, /*!< 256-bits "Koblitz" curve */ +} mbedtls_ecp_group_id; /** * Number of supported curves (plus one for NONE). * * (Montgomery curves excluded for now.) */ -#define POLARSSL_ECP_DP_MAX 12 +#define MBEDTLS_ECP_DP_MAX 12 /** * Curve information for use by other modules */ typedef struct { - ecp_group_id grp_id; /*!< Internal identifier */ - uint16_t tls_id; /*!< TLS NamedCurve identifier */ - uint16_t size; /*!< Curve size in bits */ - const char *name; /*!< Human-friendly name */ -} ecp_curve_info; + mbedtls_ecp_group_id grp_id; /*!< Internal identifier */ + uint16_t tls_id; /*!< TLS NamedCurve identifier */ + uint16_t bit_size; /*!< Curve size in bits */ + const char *name; /*!< Human-friendly name */ +} mbedtls_ecp_curve_info; /** * \brief ECP point structure (jacobian coordinates) @@ -100,31 +97,31 @@ typedef struct */ typedef struct { - mpi X; /*!< the point's X coordinate */ - mpi Y; /*!< the point's Y coordinate */ - mpi Z; /*!< the point's Z coordinate */ + mbedtls_mpi X; /*!< the point's X coordinate */ + mbedtls_mpi Y; /*!< the point's Y coordinate */ + mbedtls_mpi Z; /*!< the point's Z coordinate */ } -ecp_point; +mbedtls_ecp_point; /** * \brief ECP group structure * * We consider two types of curves equations: * 1. Short Weierstrass y^2 = x^3 + A x + B mod P (SEC1 + RFC 4492) - * 2. Montgomery, y^2 = x^3 + A x^2 + x mod P (M255 + draft) + * 2. Montgomery, y^2 = x^3 + A x^2 + x mod P (Curve25519 + draft) * In both cases, a generator G for a prime-order subgroup is fixed. In the * short weierstrass, this subgroup is actually the whole curve, and its * cardinal is denoted by N. * * In the case of Short Weierstrass curves, our code requires that N is an odd - * prime. (Use odd in ecp_mul() and prime in ecdsa_sign() for blinding.) + * prime. (Use odd in mbedtls_ecp_mul() and prime in mbedtls_ecdsa_sign() for blinding.) * * In the case of Montgomery curves, we don't store A but (A + 2) / 4 which is * the quantity actually used in the formulas. Also, nbits is not the size of N * but the required size for private keys. * * If modp is NULL, reduction modulo P is done using a generic algorithm. - * Otherwise, it must point to a function that takes an mpi in the range + * Otherwise, it must point to a function that takes an mbedtls_mpi in the range * 0..2^(2*pbits)-1 and transforms it in-place in an integer of little more * than pbits, so that the integer may be efficiently brought in the 0..P-1 * range by a few additions or substractions. It must return 0 on success and @@ -132,38 +129,38 @@ ecp_point; */ typedef struct { - ecp_group_id id; /*!< internal group identifier */ - mpi P; /*!< prime modulus of the base field */ - mpi A; /*!< 1. A in the equation, or 2. (A + 2) / 4 */ - mpi B; /*!< 1. B in the equation, or 2. unused */ - ecp_point G; /*!< generator of the (sub)group used */ - mpi N; /*!< 1. the order of G, or 2. unused */ + mbedtls_ecp_group_id id; /*!< internal group identifier */ + mbedtls_mpi P; /*!< prime modulus of the base field */ + mbedtls_mpi A; /*!< 1. A in the equation, or 2. (A + 2) / 4 */ + mbedtls_mpi B; /*!< 1. B in the equation, or 2. unused */ + mbedtls_ecp_point G; /*!< generator of the (sub)group used */ + mbedtls_mpi N; /*!< 1. the order of G, or 2. unused */ size_t pbits; /*!< number of bits in P */ size_t nbits; /*!< number of bits in 1. P, or 2. private keys */ unsigned int h; /*!< internal: 1 if the constants are static */ - int (*modp)(mpi *); /*!< function for fast reduction mod P */ - int (*t_pre)(ecp_point *, void *); /*!< unused */ - int (*t_post)(ecp_point *, void *); /*!< unused */ + int (*modp)(mbedtls_mpi *); /*!< function for fast reduction mod P */ + int (*t_pre)(mbedtls_ecp_point *, void *); /*!< unused */ + int (*t_post)(mbedtls_ecp_point *, void *); /*!< unused */ void *t_data; /*!< unused */ - ecp_point *T; /*!< pre-computed points for ecp_mul_comb() */ + mbedtls_ecp_point *T; /*!< pre-computed points for ecp_mul_comb() */ size_t T_size; /*!< number for pre-computed points */ } -ecp_group; +mbedtls_ecp_group; /** * \brief ECP key pair structure * * A generic key pair that could be used for ECDSA, fixed ECDH, etc. * - * \note Members purposefully in the same order as struc ecdsa_context. + * \note Members purposefully in the same order as struc mbedtls_ecdsa_context. */ typedef struct { - ecp_group grp; /*!< Elliptic curve and base point */ - mpi d; /*!< our secret value */ - ecp_point Q; /*!< our public value */ + mbedtls_ecp_group grp; /*!< Elliptic curve and base point */ + mbedtls_mpi d; /*!< our secret value */ + mbedtls_ecp_point Q; /*!< our public value */ } -ecp_keypair; +mbedtls_ecp_keypair; /** * \name SECTION: Module settings @@ -173,23 +170,23 @@ ecp_keypair; * \{ */ -#if !defined(POLARSSL_ECP_MAX_BITS) +#if !defined(MBEDTLS_ECP_MAX_BITS) /** * Maximum size of the groups (that is, of N and P) */ -#define POLARSSL_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ +#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ #endif -#define POLARSSL_ECP_MAX_BYTES ( ( POLARSSL_ECP_MAX_BITS + 7 ) / 8 ) -#define POLARSSL_ECP_MAX_PT_LEN ( 2 * POLARSSL_ECP_MAX_BYTES + 1 ) +#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 ) +#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 ) -#if !defined(POLARSSL_ECP_WINDOW_SIZE) +#if !defined(MBEDTLS_ECP_WINDOW_SIZE) /* * Maximum "window" size used for point multiplication. * Default: 6. * Minimum value: 2. Maximum value: 7. * - * Result is an array of at most ( 1 << ( POLARSSL_ECP_WINDOW_SIZE - 1 ) ) + * Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) ) * points used for point multiplication. This value is directly tied to EC * peak memory usage, so decreasing it by one should roughly cut memory usage * by two (if large curves are in use). @@ -204,10 +201,10 @@ ecp_keypair; * 224 475 475 453 398 342 * 192 640 640 633 587 476 */ -#define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ -#endif /* POLARSSL_ECP_WINDOW_SIZE */ +#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ +#endif /* MBEDTLS_ECP_WINDOW_SIZE */ -#if !defined(POLARSSL_ECP_FIXED_POINT_OPTIM) +#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM) /* * Trade memory for speed on fixed-point multiplication. * @@ -219,21 +216,21 @@ ecp_keypair; * * Change this value to 0 to reduce peak memory usage. */ -#define POLARSSL_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ -#endif /* POLARSSL_ECP_FIXED_POINT_OPTIM */ +#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ +#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */ /* \} name SECTION: Module settings */ /* * Point formats, from RFC 4492's enum ECPointFormat */ -#define POLARSSL_ECP_PF_UNCOMPRESSED 0 /**< Uncompressed point format */ -#define POLARSSL_ECP_PF_COMPRESSED 1 /**< Compressed point format */ +#define MBEDTLS_ECP_PF_UNCOMPRESSED 0 /**< Uncompressed point format */ +#define MBEDTLS_ECP_PF_COMPRESSED 1 /**< Compressed point format */ /* * Some other constants from RFC 4492 */ -#define POLARSSL_ECP_TLS_NAMED_CURVE 3 /**< ECCurveType's named_curve */ +#define MBEDTLS_ECP_TLS_NAMED_CURVE 3 /**< ECCurveType's named_curve */ /** * \brief Get the list of supported curves in order of preferrence @@ -241,34 +238,34 @@ ecp_keypair; * * \return A statically allocated array, the last entry is 0. */ -const ecp_curve_info *ecp_curve_list( void ); +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void ); /** * \brief Get the list of supported curves in order of preferrence * (grp_id only) * * \return A statically allocated array, - * terminated with POLARSSL_ECP_DP_NONE. + * terminated with MBEDTLS_ECP_DP_NONE. */ -const ecp_group_id *ecp_grp_id_list( void ); +const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void ); /** * \brief Get curve information from an internal group identifier * - * \param grp_id A POLARSSL_ECP_DP_XXX value + * \param grp_id A MBEDTLS_ECP_DP_XXX value * * \return The associated curve information or NULL */ -const ecp_curve_info *ecp_curve_info_from_grp_id( ecp_group_id grp_id ); +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id ); /** * \brief Get curve information from a TLS NamedCurve value * - * \param tls_id A POLARSSL_ECP_DP_XXX value + * \param tls_id A MBEDTLS_ECP_DP_XXX value * * \return The associated curve information or NULL */ -const ecp_curve_info *ecp_curve_info_from_tls_id( uint16_t tls_id ); +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id ); /** * \brief Get curve information from a human-readable name @@ -277,37 +274,37 @@ const ecp_curve_info *ecp_curve_info_from_tls_id( uint16_t tls_id ); * * \return The associated curve information or NULL */ -const ecp_curve_info *ecp_curve_info_from_name( const char *name ); +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name ); /** * \brief Initialize a point (as zero) */ -void ecp_point_init( ecp_point *pt ); +void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ); /** * \brief Initialize a group (to something meaningless) */ -void ecp_group_init( ecp_group *grp ); +void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ); /** * \brief Initialize a key pair (as an invalid one) */ -void ecp_keypair_init( ecp_keypair *key ); +void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key ); /** * \brief Free the components of a point */ -void ecp_point_free( ecp_point *pt ); +void mbedtls_ecp_point_free( mbedtls_ecp_point *pt ); /** * \brief Free the components of an ECP group */ -void ecp_group_free( ecp_group *grp ); +void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ); /** * \brief Free the components of a key pair */ -void ecp_keypair_free( ecp_keypair *key ); +void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ); /** * \brief Copy the contents of point Q into P @@ -316,9 +313,9 @@ void ecp_keypair_free( ecp_keypair *key ); * \param Q Source point * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int ecp_copy( ecp_point *P, const ecp_point *Q ); +int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ); /** * \brief Copy the contents of a group object @@ -327,9 +324,9 @@ int ecp_copy( ecp_point *P, const ecp_point *Q ); * \param src Source group * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int ecp_group_copy( ecp_group *dst, const ecp_group *src ); +int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src ); /** * \brief Set a point to zero @@ -337,9 +334,9 @@ int ecp_group_copy( ecp_group *dst, const ecp_group *src ); * \param pt Destination point * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int ecp_set_zero( ecp_point *pt ); +int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ); /** * \brief Tell if a point is zero @@ -348,7 +345,7 @@ int ecp_set_zero( ecp_point *pt ); * * \return 1 if point is zero, 0 otherwise */ -int ecp_is_zero( ecp_point *pt ); +int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ); /** * \brief Import a non-zero point from two ASCII strings @@ -358,9 +355,9 @@ int ecp_is_zero( ecp_point *pt ); * \param x First affine coordinate as a null-terminated string * \param y Second affine coordinate as a null-terminated string * - * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code + * \return 0 if successful, or a MBEDTLS_ERR_MPI_XXX error code */ -int ecp_point_read_string( ecp_point *P, int radix, +int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, const char *x, const char *y ); /** @@ -368,16 +365,16 @@ int ecp_point_read_string( ecp_point *P, int radix, * * \param grp Group to which the point should belong * \param P Point to export - * \param format Point format, should be a POLARSSL_ECP_PF_XXX macro + * \param format Point format, should be a MBEDTLS_ECP_PF_XXX macro * \param olen Length of the actual output * \param buf Output buffer * \param buflen Length of the output buffer * * \return 0 if successful, - * or POLARSSL_ERR_ECP_BAD_INPUT_DATA - * or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL + * or MBEDTLS_ERR_ECP_BAD_INPUT_DATA + * or MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL */ -int ecp_point_write_binary( const ecp_group *grp, const ecp_point *P, +int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, int format, size_t *olen, unsigned char *buf, size_t buflen ); @@ -390,16 +387,16 @@ int ecp_point_write_binary( const ecp_group *grp, const ecp_point *P, * \param ilen Actual length of input * * \return 0 if successful, - * POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE if the point format + * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid, + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the point format * is not implemented. * * \note This function does NOT check that the point actually - * belongs to the given group, see ecp_check_pubkey() for + * belongs to the given group, see mbedtls_ecp_check_pubkey() for * that. */ -int ecp_point_read_binary( const ecp_group *grp, ecp_point *P, +int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, const unsigned char *buf, size_t ilen ); /** @@ -413,10 +410,10 @@ int ecp_point_read_binary( const ecp_group *grp, ecp_point *P, * \note buf is updated to point right after the ECPoint on exit * * \return 0 if successful, - * POLARSSL_ERR_MPI_XXX if initialization failed - * POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid + * MBEDTLS_ERR_MPI_XXX if initialization failed + * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid */ -int ecp_tls_read_point( const ecp_group *grp, ecp_point *pt, +int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, const unsigned char **buf, size_t len ); /** @@ -430,32 +427,13 @@ int ecp_tls_read_point( const ecp_group *grp, ecp_point *pt, * \param blen Buffer length * * \return 0 if successful, - * or POLARSSL_ERR_ECP_BAD_INPUT_DATA - * or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL + * or MBEDTLS_ERR_ECP_BAD_INPUT_DATA + * or MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL */ -int ecp_tls_write_point( const ecp_group *grp, const ecp_point *pt, +int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, int format, size_t *olen, unsigned char *buf, size_t blen ); -/** - * \brief Import an ECP group from null-terminated ASCII strings - * - * \param grp Destination group - * \param radix Input numeric base - * \param p Prime modulus of the base field - * \param b Constant term in the equation - * \param gx The generator's X coordinate - * \param gy The generator's Y coordinate - * \param n The generator's order - * - * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code - * - * \note Sets all fields except modp. - */ -int ecp_group_read_string( ecp_group *grp, int radix, - const char *p, const char *b, - const char *gx, const char *gy, const char *n); - /** * \brief Set a group using well-known domain parameters * @@ -463,13 +441,13 @@ int ecp_group_read_string( ecp_group *grp, int radix, * \param index Index in the list of well-known domain parameters * * \return 0 if successful, - * POLARSSL_ERR_MPI_XXX if initialization failed - * POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE for unkownn groups + * MBEDTLS_ERR_MPI_XXX if initialization failed + * MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE for unkownn groups * - * \note Index should be a value of RFC 4492's enum NamdeCurve, - * possibly in the form of a POLARSSL_ECP_DP_XXX macro. + * \note Index should be a value of RFC 4492's enum NamedCurve, + * usually in the form of a MBEDTLS_ECP_DP_XXX macro. */ -int ecp_use_known_dp( ecp_group *grp, ecp_group_id index ); +int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id index ); /** * \brief Set a group from a TLS ECParameters record @@ -481,10 +459,10 @@ int ecp_use_known_dp( ecp_group *grp, ecp_group_id index ); * \note buf is updated to point right after ECParameters on exit * * \return 0 if successful, - * POLARSSL_ERR_MPI_XXX if initialization failed - * POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid + * MBEDTLS_ERR_MPI_XXX if initialization failed + * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid */ -int ecp_tls_read_group( ecp_group *grp, const unsigned char **buf, size_t len ); +int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, const unsigned char **buf, size_t len ); /** * \brief Write the TLS ECParameters record for a group @@ -495,74 +473,64 @@ int ecp_tls_read_group( ecp_group *grp, const unsigned char **buf, size_t len ); * \param blen Buffer length * * \return 0 if successful, - * or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL + * or MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL */ -int ecp_tls_write_group( const ecp_group *grp, size_t *olen, +int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, unsigned char *buf, size_t blen ); /** - * \brief Addition: R = P + Q - * - * \param grp ECP group - * \param R Destination point - * \param P Left-hand point - * \param Q Right-hand point + * \brief Multiplication by an integer: R = m * P + * (Not thread-safe to use same group in multiple threads) * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * \note In order to prevent timing attacks, this function + * executes the exact same sequence of (base field) + * operations for any valid m. It avoids any if-branch or + * array index depending on the value of m. * - * \note This function does not support Montgomery curves, such as - * Curve25519. - */ -int ecp_add( const ecp_group *grp, ecp_point *R, - const ecp_point *P, const ecp_point *Q ); - -/** - * \brief Subtraction: R = P - Q + * \note If f_rng is not NULL, it is used to randomize intermediate + * results in order to prevent potential timing attacks + * targeting these results. It is recommended to always + * provide a non-NULL f_rng (the overhead is negligible). * * \param grp ECP group * \param R Destination point - * \param P Left-hand point - * \param Q Right-hand point + * \param m Integer by which to multiply + * \param P Point to multiply + * \param f_rng RNG function (see notes) + * \param p_rng RNG parameter * * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - * - * \note This function does not support Montgomery curves, such as - * Curve25519. + * MBEDTLS_ERR_ECP_INVALID_KEY if m is not a valid privkey + * or P is not a valid pubkey, + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int ecp_sub( const ecp_group *grp, ecp_point *R, - const ecp_point *P, const ecp_point *Q ); +int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); /** - * \brief Multiplication by an integer: R = m * P + * \brief Multiplication and addition of two points by integers: + * R = m * P + n * Q * (Not thread-safe to use same group in multiple threads) * + * \note In contrast to mbedtls_ecp_mul(), this function does not guarantee + * a constant execution flow and timing. + * * \param grp ECP group * \param R Destination point - * \param m Integer by which to multiply - * \param P Point to multiply - * \param f_rng RNG function (see notes) - * \param p_rng RNG parameter + * \param m Integer by which to multiply P + * \param P Point to multiply by m + * \param n Integer by which to multiply Q + * \param Q Point to be multiplied by n * * \return 0 if successful, - * POLARSSL_ERR_ECP_INVALID_KEY if m is not a valid privkey - * or P is not a valid pubkey, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - * - * \note In order to prevent timing attacks, this function - * executes the exact same sequence of (base field) - * operations for any valid m. It avoids any if-branch or - * array index depending on the value of m. - * - * \note If f_rng is not NULL, it is used to randomize intermediate - * results in order to prevent potential timing attacks - * targeting these results. It is recommended to always - * provide a non-NULL f_rng (the overhead is negligible). + * MBEDTLS_ERR_ECP_INVALID_KEY if m or n is not a valid privkey + * or P or Q is not a valid pubkey, + * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int ecp_mul( ecp_group *grp, ecp_point *R, - const mpi *m, const ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + const mbedtls_mpi *n, const mbedtls_ecp_point *Q ); /** * \brief Check that a point is a valid public key on this curve @@ -571,7 +539,7 @@ int ecp_mul( ecp_group *grp, ecp_point *R, * \param pt Point to check * * \return 0 if point is a valid public key, - * POLARSSL_ERR_ECP_INVALID_KEY otherwise. + * MBEDTLS_ERR_ECP_INVALID_KEY otherwise. * * \note This function only checks the point is non-zero, has valid * coordinates and lies on the curve, but not that it is @@ -581,26 +549,26 @@ int ecp_mul( ecp_group *grp, ecp_point *R, * particular, it is useless for the NIST groups which all * have a cofactor of 1. * - * \note Uses bare components rather than an ecp_keypair structure + * \note Uses bare components rather than an mbedtls_ecp_keypair structure * in order to ease use with other structures such as - * ecdh_context of ecdsa_context. + * mbedtls_ecdh_context of mbedtls_ecdsa_context. */ -int ecp_check_pubkey( const ecp_group *grp, const ecp_point *pt ); +int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ); /** - * \brief Check that an mpi is a valid private key for this curve + * \brief Check that an mbedtls_mpi is a valid private key for this curve * * \param grp Group used * \param d Integer to check * * \return 0 if point is a valid private key, - * POLARSSL_ERR_ECP_INVALID_KEY otherwise. + * MBEDTLS_ERR_ECP_INVALID_KEY otherwise. * - * \note Uses bare components rather than an ecp_keypair structure + * \note Uses bare components rather than an mbedtls_ecp_keypair structure * in order to ease use with other structures such as - * ecdh_context of ecdsa_context. + * mbedtls_ecdh_context of mbedtls_ecdsa_context. */ -int ecp_check_privkey( const ecp_group *grp, const mpi *d ); +int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *d ); /** * \brief Generate a keypair @@ -612,13 +580,13 @@ int ecp_check_privkey( const ecp_group *grp, const mpi *d ); * \param p_rng RNG parameter * * \return 0 if successful, - * or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code + * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code * - * \note Uses bare components rather than an ecp_keypair structure + * \note Uses bare components rather than an mbedtls_ecp_keypair structure * in order to ease use with other structures such as - * ecdh_context of ecdsa_context. + * mbedtls_ecdh_context of mbedtls_ecdsa_context. */ -int ecp_gen_keypair( ecp_group *grp, mpi *d, ecp_point *Q, +int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -631,9 +599,9 @@ int ecp_gen_keypair( ecp_group *grp, mpi *d, ecp_point *Q, * \param p_rng RNG parameter * * \return 0 if successful, - * or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code + * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code */ -int ecp_gen_key( ecp_group_id grp_id, ecp_keypair *key, +int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); /** @@ -643,18 +611,18 @@ int ecp_gen_key( ecp_group_id grp_id, ecp_keypair *key, * \param prv Keypair structure holding a private (plus public) key * * \return 0 if successful (keys are valid and match), or - * POLARSSL_ERR_ECP_BAD_INPUT_DATA, or - * a POLARSSL_ERR_ECP_XXX or POLARSSL_ERR_MPI_XXX code. + * MBEDTLS_ERR_ECP_BAD_INPUT_DATA, or + * a MBEDTLS_ERR_ECP_XXX or MBEDTLS_ERR_MPI_XXX code. */ -int ecp_check_pub_priv( const ecp_keypair *pub, const ecp_keypair *prv ); +int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv ); -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /** * \brief Checkup routine * * \return 0 if successful, or 1 if a test failed */ -int ecp_self_test( int verbose ); +int mbedtls_ecp_self_test( int verbose ); #endif #ifdef __cplusplus diff --git a/ext/mbedtls/include/mbedtls/entropy.h b/ext/mbedtls/include/mbedtls/entropy.h new file mode 100644 index 0000000000..597f03d0b2 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/entropy.h @@ -0,0 +1,253 @@ +/** + * \file entropy.h + * + * \brief Entropy accumulator implementation + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_ENTROPY_H +#define MBEDTLS_ENTROPY_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include + +#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) +#include "sha512.h" +#define MBEDTLS_ENTROPY_SHA512_ACCUMULATOR +#else +#if defined(MBEDTLS_SHA256_C) +#define MBEDTLS_ENTROPY_SHA256_ACCUMULATOR +#include "sha256.h" +#endif +#endif + +#if defined(MBEDTLS_THREADING_C) +#include "threading.h" +#endif + +#if defined(MBEDTLS_HAVEGE_C) +#include "havege.h" +#endif + +#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */ +#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */ +#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */ +#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE -0x003D /**< No strong sources have been added to poll. */ +#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR -0x003F /**< Read/write error in file. */ + +/** + * \name SECTION: Module settings + * + * The configuration options you can set for this module are in this section. + * Either change them in config.h or define them on the compiler command line. + * \{ + */ + +#if !defined(MBEDTLS_ENTROPY_MAX_SOURCES) +#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ +#endif + +#if !defined(MBEDTLS_ENTROPY_MAX_GATHER) +#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ +#endif + +/* \} name SECTION: Module settings */ + +#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) +#define MBEDTLS_ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */ +#else +#define MBEDTLS_ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */ +#endif + +#define MBEDTLS_ENTROPY_MAX_SEED_SIZE 1024 /**< Maximum size of seed we read from seed file */ +#define MBEDTLS_ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_MAX_SOURCES + +#define MBEDTLS_ENTROPY_SOURCE_STRONG 1 /**< Entropy source is strong */ +#define MBEDTLS_ENTROPY_SOURCE_WEAK 0 /**< Entropy source is weak */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Entropy poll callback pointer + * + * \param data Callback-specific data pointer + * \param output Data to fill + * \param len Maximum size to provide + * \param olen The actual amount of bytes put into the buffer (Can be 0) + * + * \return 0 if no critical failures occurred, + * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise + */ +typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, size_t len, + size_t *olen); + +/** + * \brief Entropy source state + */ +typedef struct +{ + mbedtls_entropy_f_source_ptr f_source; /**< The entropy source callback */ + void * p_source; /**< The callback data pointer */ + size_t size; /**< Amount received in bytes */ + size_t threshold; /**< Minimum bytes required before release */ + int strong; /**< Is the source strong? */ +} +mbedtls_entropy_source_state; + +/** + * \brief Entropy context structure + */ +typedef struct +{ +#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) + mbedtls_sha512_context accumulator; +#else + mbedtls_sha256_context accumulator; +#endif + int source_count; + mbedtls_entropy_source_state source[MBEDTLS_ENTROPY_MAX_SOURCES]; +#if defined(MBEDTLS_HAVEGE_C) + mbedtls_havege_state havege_data; +#endif +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; /*!< mutex */ +#endif +} +mbedtls_entropy_context; + +/** + * \brief Initialize the context + * + * \param ctx Entropy context to initialize + */ +void mbedtls_entropy_init( mbedtls_entropy_context *ctx ); + +/** + * \brief Free the data in the context + * + * \param ctx Entropy context to free + */ +void mbedtls_entropy_free( mbedtls_entropy_context *ctx ); + +/** + * \brief Adds an entropy source to poll + * (Thread-safe if MBEDTLS_THREADING_C is enabled) + * + * \param ctx Entropy context + * \param f_source Entropy function + * \param p_source Function data + * \param threshold Minimum required from source before entropy is released + * ( with mbedtls_entropy_func() ) (in bytes) + * \param strong MBEDTLS_ENTROPY_SOURCE_STRONG or + * MBEDTSL_ENTROPY_SOURCE_WEAK. + * At least one strong source needs to be added. + * Weaker sources (such as the cycle counter) can be used as + * a complement. + * + * \return 0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES + */ +int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, + mbedtls_entropy_f_source_ptr f_source, void *p_source, + size_t threshold, int strong ); + +/** + * \brief Trigger an extra gather poll for the accumulator + * (Thread-safe if MBEDTLS_THREADING_C is enabled) + * + * \param ctx Entropy context + * + * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED + */ +int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ); + +/** + * \brief Retrieve entropy from the accumulator + * (Maximum length: MBEDTLS_ENTROPY_BLOCK_SIZE) + * (Thread-safe if MBEDTLS_THREADING_C is enabled) + * + * \param data Entropy context + * \param output Buffer to fill + * \param len Number of bytes desired, must be at most MBEDTLS_ENTROPY_BLOCK_SIZE + * + * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED + */ +int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ); + +/** + * \brief Add data to the accumulator manually + * (Thread-safe if MBEDTLS_THREADING_C is enabled) + * + * \param ctx Entropy context + * \param data Data to add + * \param len Length of data + * + * \return 0 if successful + */ +int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, + const unsigned char *data, size_t len ); + +#if defined(MBEDTLS_FS_IO) +/** + * \brief Write a seed file + * + * \param ctx Entropy context + * \param path Name of the file + * + * \return 0 if successful, + * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or + * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED + */ +int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path ); + +/** + * \brief Read and update a seed file. Seed is added to this + * instance. No more than MBEDTLS_ENTROPY_MAX_SEED_SIZE bytes are + * read from the seed file. The rest is ignored. + * + * \param ctx Entropy context + * \param path Name of the file + * + * \return 0 if successful, + * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, + * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED + */ +int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path ); +#endif /* MBEDTLS_FS_IO */ + +#if defined(MBEDTLS_SELF_TEST) +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if a test failed + */ +int mbedtls_entropy_self_test( int verbose ); +#endif /* MBEDTLS_SELF_TEST */ + +#ifdef __cplusplus +} +#endif + +#endif /* entropy.h */ diff --git a/ext/mbedtls/include/polarssl/entropy_poll.h b/ext/mbedtls/include/mbedtls/entropy_poll.h similarity index 54% rename from ext/mbedtls/include/polarssl/entropy_poll.h rename to ext/mbedtls/include/mbedtls/entropy_poll.h index 94b5a6eff9..8ee1e1a251 100644 --- a/ext/mbedtls/include/polarssl/entropy_poll.h +++ b/ext/mbedtls/include/mbedtls/entropy_poll.h @@ -21,13 +21,13 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_ENTROPY_POLL_H -#define POLARSSL_ENTROPY_POLL_H +#ifndef MBEDTLS_ENTROPY_POLL_H +#define MBEDTLS_ENTROPY_POLL_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include @@ -37,38 +37,52 @@ extern "C" { #endif /* - * Default thresholds for built-in sources + * Default thresholds for built-in sources, in bytes */ -#define ENTROPY_MIN_PLATFORM 128 /**< Minimum for platform source */ -#define ENTROPY_MIN_HAVEGE 128 /**< Minimum for HAVEGE */ -#define ENTROPY_MIN_HARDCLOCK 32 /**< Minimum for hardclock() */ +#define MBEDTLS_ENTROPY_MIN_PLATFORM 32 /**< Minimum for platform source */ +#define MBEDTLS_ENTROPY_MIN_HAVEGE 32 /**< Minimum for HAVEGE */ +#define MBEDTLS_ENTROPY_MIN_HARDCLOCK 4 /**< Minimum for mbedtls_timing_hardclock() */ +#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */ -#if !defined(POLARSSL_NO_PLATFORM_ENTROPY) +#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) /** * \brief Platform-specific entropy poll callback */ -int platform_entropy_poll( void *data, +int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len, size_t *olen ); #endif -#if defined(POLARSSL_HAVEGE_C) +#if defined(MBEDTLS_HAVEGE_C) /** * \brief HAVEGE based entropy poll callback * * Requires an HAVEGE state as its data pointer. */ -int havege_poll( void *data, +int mbedtls_havege_poll( void *data, unsigned char *output, size_t len, size_t *olen ); #endif -#if defined(POLARSSL_TIMING_C) +#if defined(MBEDTLS_TIMING_C) /** - * \brief hardclock-based entropy poll callback + * \brief mbedtls_timing_hardclock-based entropy poll callback */ -int hardclock_poll( void *data, +int mbedtls_hardclock_poll( void *data, unsigned char *output, size_t len, size_t *olen ); #endif +#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) +/** + * \brief Entropy poll callback for a hardware source + * + * \warning This is not provided by mbed TLS! + * See \c MBEDTLS_ENTROPY_HARDWARE_ALT in config.h. + * + * \note This must accept NULL as its first argument. + */ +int mbedtls_hardware_poll( void *data, + unsigned char *output, size_t len, size_t *olen ); +#endif + #ifdef __cplusplus } #endif diff --git a/ext/mbedtls/include/polarssl/error.h b/ext/mbedtls/include/mbedtls/error.h similarity index 78% rename from ext/mbedtls/include/polarssl/error.h rename to ext/mbedtls/include/mbedtls/error.h index 3041155456..81c358e43c 100644 --- a/ext/mbedtls/include/polarssl/error.h +++ b/ext/mbedtls/include/mbedtls/error.h @@ -21,8 +21,8 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_ERROR_H -#define POLARSSL_ERROR_H +#ifndef MBEDTLS_ERROR_H +#define MBEDTLS_ERROR_H #include @@ -30,7 +30,7 @@ * Error code layout. * * Currently we try to keep all error codes within the negative space of 16 - * bytes signed integers to support all platforms (-0x0000 - -0x8000). In + * bits signed integers to support all platforms (-0x0001 - -0x7FFF). In * addition we'd like to give two layers of information on the error if * possible. * @@ -38,7 +38,7 @@ * * 16 bit error code bit-segmentation * - * 1 bit - Sign bit + * 1 bit - Unused (sign bit) * 3 bits - High level module ID * 5 bits - Module-dependent error code * 7 bits - Low level module errors @@ -61,18 +61,10 @@ * PADLOCK 1 0x0030-0x0030 * DES 1 0x0032-0x0032 * CTR_DBRG 4 0x0034-0x003A - * ENTROPY 3 0x003C-0x0040 - * NET 11 0x0042-0x0056 - * ENTROPY 1 0x0058-0x0058 + * ENTROPY 3 0x003C-0x0040 0x003D-0x003F + * NET 11 0x0042-0x0052 0x0043-0x0045 * ASN1 7 0x0060-0x006C - * MD2 1 0x0070-0x0070 - * MD4 1 0x0072-0x0072 - * MD5 1 0x0074-0x0074 - * SHA1 1 0x0076-0x0076 - * SHA256 1 0x0078-0x0078 - * SHA512 1 0x007A-0x007A * PBKDF2 1 0x007C-0x007C - * RIPEMD160 1 0x007E-0x007E * HMAC_DRBG 4 0x0003-0x0009 * CCM 2 0x000D-0x000F * @@ -80,15 +72,15 @@ * Name ID Nr of Errors * PEM 1 9 * PKCS#12 1 4 (Started from top) - * X509 2 18 - * PK 2 14 (Started from top, plus 0x2000) + * X509 2 19 + * PKCS5 2 4 (Started from top) * DHM 3 9 - * PKCS5 3 4 (Started from top) + * PK 3 14 (Started from top) * RSA 4 9 * ECP 4 8 (Started from top) * MD 5 4 * CIPHER 6 6 - * SSL 6 11 (Started from top) + * SSL 6 16 (Started from top) * SSL 7 31 * * Module dependent error code (5 bits 0x.00.-0x.F8.) @@ -107,11 +99,7 @@ extern "C" { * \param buffer buffer to place representation in * \param buflen length of the buffer */ -void polarssl_strerror( int errnum, char *buffer, size_t buflen ); - -#if defined(POLARSSL_ERROR_STRERROR_BC) -void error_strerror( int errnum, char *buffer, size_t buflen ); -#endif +void mbedtls_strerror( int errnum, char *buffer, size_t buflen ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/gcm.h b/ext/mbedtls/include/mbedtls/gcm.h similarity index 78% rename from ext/mbedtls/include/polarssl/gcm.h rename to ext/mbedtls/include/mbedtls/gcm.h index 5a9472298e..c6e9d26c53 100644 --- a/ext/mbedtls/include/polarssl/gcm.h +++ b/ext/mbedtls/include/mbedtls/gcm.h @@ -21,24 +21,18 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_GCM_H -#define POLARSSL_GCM_H +#ifndef MBEDTLS_GCM_H +#define MBEDTLS_GCM_H #include "cipher.h" -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -typedef UINT64 uint64_t; -#else #include -#endif -#define GCM_ENCRYPT 1 -#define GCM_DECRYPT 0 +#define MBEDTLS_GCM_ENCRYPT 1 +#define MBEDTLS_GCM_DECRYPT 0 -#define POLARSSL_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */ -#define POLARSSL_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */ +#define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */ #ifdef __cplusplus extern "C" { @@ -48,7 +42,7 @@ extern "C" { * \brief GCM context structure */ typedef struct { - cipher_context_t cipher_ctx;/*!< cipher context used */ + mbedtls_cipher_context_t cipher_ctx;/*!< cipher context used */ uint64_t HL[16]; /*!< Precalculated HTable */ uint64_t HH[16]; /*!< Precalculated HTable */ uint64_t len; /*!< Total data length */ @@ -58,7 +52,16 @@ typedef struct { unsigned char buf[16]; /*!< buf working value */ int mode; /*!< Encrypt or Decrypt */ } -gcm_context; +mbedtls_gcm_context; + +/** + * \brief Initialize GCM context (just makes references valid) + * Makes the context ready for mbedtls_gcm_setkey() or + * mbedtls_gcm_free(). + * + * \param ctx GCM context to initialize + */ +void mbedtls_gcm_init( mbedtls_gcm_context *ctx ); /** * \brief GCM initialization (encryption) @@ -66,12 +69,14 @@ gcm_context; * \param ctx GCM context to be initialized * \param cipher cipher to use (a 128-bit block cipher) * \param key encryption key - * \param keysize must be 128, 192 or 256 + * \param keybits must be 128, 192 or 256 * * \return 0 if successful, or a cipher specific error code */ -int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key, - unsigned int keysize ); +int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits ); /** * \brief GCM buffer encryption/decryption using a block cipher @@ -82,7 +87,7 @@ int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key, * behind the input buffer. * * \param ctx GCM context - * \param mode GCM_ENCRYPT or GCM_DECRYPT + * \param mode MBEDTLS_GCM_ENCRYPT or MBEDTLS_GCM_DECRYPT * \param length length of the input data * \param iv initialization vector * \param iv_len length of IV @@ -95,7 +100,7 @@ int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key, * * \return 0 if successful */ -int gcm_crypt_and_tag( gcm_context *ctx, +int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, int mode, size_t length, const unsigned char *iv, @@ -126,9 +131,9 @@ int gcm_crypt_and_tag( gcm_context *ctx, * \param output buffer for holding the output data * * \return 0 if successful and authenticated, - * POLARSSL_ERR_GCM_AUTH_FAILED if tag does not match + * MBEDTLS_ERR_GCM_AUTH_FAILED if tag does not match */ -int gcm_auth_decrypt( gcm_context *ctx, +int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, @@ -143,7 +148,7 @@ int gcm_auth_decrypt( gcm_context *ctx, * \brief Generic GCM stream start function * * \param ctx GCM context - * \param mode GCM_ENCRYPT or GCM_DECRYPT + * \param mode MBEDTLS_GCM_ENCRYPT or MBEDTLS_GCM_DECRYPT * \param iv initialization vector * \param iv_len length of IV * \param add additional data (or NULL if length is 0) @@ -151,7 +156,7 @@ int gcm_auth_decrypt( gcm_context *ctx, * * \return 0 if successful */ -int gcm_starts( gcm_context *ctx, +int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, int mode, const unsigned char *iv, size_t iv_len, @@ -161,7 +166,7 @@ int gcm_starts( gcm_context *ctx, /** * \brief Generic GCM update function. Encrypts/decrypts using the * given GCM context. Expects input to be a multiple of 16 - * bytes! Only the last call before gcm_finish() can be less + * bytes! Only the last call before mbedtls_gcm_finish() can be less * than 16 bytes! * * \note On decryption, the output buffer cannot be the same as input buffer. @@ -173,9 +178,9 @@ int gcm_starts( gcm_context *ctx, * \param input buffer holding the input data * \param output buffer for holding the output data * - * \return 0 if successful or POLARSSL_ERR_GCM_BAD_INPUT + * \return 0 if successful or MBEDTLS_ERR_GCM_BAD_INPUT */ -int gcm_update( gcm_context *ctx, +int mbedtls_gcm_update( mbedtls_gcm_context *ctx, size_t length, const unsigned char *input, unsigned char *output ); @@ -189,9 +194,9 @@ int gcm_update( gcm_context *ctx, * \param tag buffer for holding the tag (may be NULL if tag_len is 0) * \param tag_len length of the tag to generate * - * \return 0 if successful or POLARSSL_ERR_GCM_BAD_INPUT + * \return 0 if successful or MBEDTLS_ERR_GCM_BAD_INPUT */ -int gcm_finish( gcm_context *ctx, +int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, unsigned char *tag, size_t tag_len ); @@ -200,14 +205,14 @@ int gcm_finish( gcm_context *ctx, * * \param ctx GCM context to free */ -void gcm_free( gcm_context *ctx ); +void mbedtls_gcm_free( mbedtls_gcm_context *ctx ); /** * \brief Checkup routine * * \return 0 if successful, or 1 if the test failed */ -int gcm_self_test( int verbose ); +int mbedtls_gcm_self_test( int verbose ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/havege.h b/ext/mbedtls/include/mbedtls/havege.h similarity index 82% rename from ext/mbedtls/include/polarssl/havege.h rename to ext/mbedtls/include/mbedtls/havege.h index 825a1daab9..76538e9f96 100644 --- a/ext/mbedtls/include/polarssl/havege.h +++ b/ext/mbedtls/include/mbedtls/havege.h @@ -21,12 +21,12 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_HAVEGE_H -#define POLARSSL_HAVEGE_H +#ifndef MBEDTLS_HAVEGE_H +#define MBEDTLS_HAVEGE_H #include -#define COLLECT_SIZE 1024 +#define MBEDTLS_HAVEGE_COLLECT_SIZE 1024 #ifdef __cplusplus extern "C" { @@ -38,24 +38,24 @@ extern "C" { typedef struct { int PT1, PT2, offset[2]; - int pool[COLLECT_SIZE]; + int pool[MBEDTLS_HAVEGE_COLLECT_SIZE]; int WALK[8192]; } -havege_state; +mbedtls_havege_state; /** * \brief HAVEGE initialization * * \param hs HAVEGE state to be initialized */ -void havege_init( havege_state *hs ); +void mbedtls_havege_init( mbedtls_havege_state *hs ); /** * \brief Clear HAVEGE state * * \param hs HAVEGE state to be cleared */ -void havege_free( havege_state *hs ); +void mbedtls_havege_free( mbedtls_havege_state *hs ); /** * \brief HAVEGE rand function @@ -66,7 +66,7 @@ void havege_free( havege_state *hs ); * * \return 0 */ -int havege_random( void *p_rng, unsigned char *output, size_t len ); +int mbedtls_havege_random( void *p_rng, unsigned char *output, size_t len ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/hmac_drbg.h b/ext/mbedtls/include/mbedtls/hmac_drbg.h similarity index 61% rename from ext/mbedtls/include/polarssl/hmac_drbg.h rename to ext/mbedtls/include/mbedtls/hmac_drbg.h index 0fe7b0311b..eeac3e3208 100644 --- a/ext/mbedtls/include/polarssl/hmac_drbg.h +++ b/ext/mbedtls/include/mbedtls/hmac_drbg.h @@ -21,18 +21,22 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_HMAC_DRBG_H -#define POLARSSL_HMAC_DRBG_H +#ifndef MBEDTLS_HMAC_DRBG_H +#define MBEDTLS_HMAC_DRBG_H #include "md.h" +#if defined(MBEDTLS_THREADING_C) +#include "mbedtls/threading.h" +#endif + /* * Error codes */ -#define POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003 /**< Too many random requested in single call. */ -#define POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005 /**< Input too large (Entropy + additional). */ -#define POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007 /**< Read/write error in file. */ -#define POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009 /**< The entropy source failed. */ +#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003 /**< Too many random requested in single call. */ +#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005 /**< Input too large (Entropy + additional). */ +#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007 /**< Read/write error in file. */ +#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009 /**< The entropy source failed. */ /** * \name SECTION: Module settings @@ -42,26 +46,26 @@ * \{ */ -#if !defined(POLARSSL_HMAC_DRBG_RESEED_INTERVAL) -#define POLARSSL_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ +#if !defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL) +#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ #endif -#if !defined(POLARSSL_HMAC_DRBG_MAX_INPUT) -#define POLARSSL_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ +#if !defined(MBEDTLS_HMAC_DRBG_MAX_INPUT) +#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ #endif -#if !defined(POLARSSL_HMAC_DRBG_MAX_REQUEST) -#define POLARSSL_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ +#if !defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST) +#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ #endif -#if !defined(POLARSSL_HMAC_DRBG_MAX_SEED_INPUT) -#define POLARSSL_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ +#if !defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT) +#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ #endif /* \} name SECTION: Module settings */ -#define POLARSSL_HMAC_DRBG_PR_OFF 0 /**< No prediction resistance */ -#define POLARSSL_HMAC_DRBG_PR_ON 1 /**< Prediction resistance enabled */ +#define MBEDTLS_HMAC_DRBG_PR_OFF 0 /**< No prediction resistance */ +#define MBEDTLS_HMAC_DRBG_PR_ON 1 /**< Prediction resistance enabled */ #ifdef __cplusplus extern "C" { @@ -74,8 +78,8 @@ typedef struct { /* Working state: the key K is not stored explicitely, * but is implied by the HMAC context */ - md_context_t md_ctx; /*!< HMAC context (inc. K) */ - unsigned char V[POLARSSL_MD_MAX_SIZE]; /*!< V in the spec */ + mbedtls_md_context_t md_ctx; /*!< HMAC context (inc. K) */ + unsigned char V[MBEDTLS_MD_MAX_SIZE]; /*!< V in the spec */ int reseed_counter; /*!< reseed counter */ /* Administrative state */ @@ -87,12 +91,27 @@ typedef struct /* Callbacks */ int (*f_entropy)(void *, unsigned char *, size_t); /*!< entropy function */ void *p_entropy; /*!< context for the entropy function */ -} hmac_drbg_context; + +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; +#endif +} mbedtls_hmac_drbg_context; /** - * \brief HMAC_DRBG initialisation + * \brief HMAC_DRBG context initialization + * Makes the context ready for mbetls_hmac_drbg_seed(), + * mbedtls_hmac_drbg_seed_buf() or + * mbedtls_hmac_drbg_free(). * - * \param ctx HMAC_DRBG context to be initialised + * \param ctx HMAC_DRBG context to be initialized + */ +void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); + +/** + * \brief HMAC_DRBG initial seeding + * Seed and setup entropy source for future reseeds. + * + * \param ctx HMAC_DRBG context to be seeded * \param md_info MD algorithm to use for HMAC_DRBG * \param f_entropy Entropy callback (p_entropy, buffer to fill, buffer * length) @@ -108,12 +127,12 @@ typedef struct * Note that SHA-256 is just as efficient as SHA-224. * * \return 0 if successful, or - * POLARSSL_ERR_MD_BAD_INPUT_DATA, or - * POLARSSL_ERR_MD_ALLOC_FAILED, or - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED. + * MBEDTLS_ERR_MD_BAD_INPUT_DATA, or + * MBEDTLS_ERR_MD_ALLOC_FAILED, or + * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED. */ -int hmac_drbg_init( hmac_drbg_context *ctx, - const md_info_t * md_info, +int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, + const mbedtls_md_info_t * md_info, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, @@ -129,11 +148,11 @@ int hmac_drbg_init( hmac_drbg_context *ctx, * \param data_len Length of data in bytes * * \return 0 if successful, or - * POLARSSL_ERR_MD_BAD_INPUT_DATA, or - * POLARSSL_ERR_MD_ALLOC_FAILED. + * MBEDTLS_ERR_MD_BAD_INPUT_DATA, or + * MBEDTLS_ERR_MD_ALLOC_FAILED. */ -int hmac_drbg_init_buf( hmac_drbg_context *ctx, - const md_info_t * md_info, +int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, + const mbedtls_md_info_t * md_info, const unsigned char *data, size_t data_len ); /** @@ -143,30 +162,30 @@ int hmac_drbg_init_buf( hmac_drbg_context *ctx, * Only use this if you have ample supply of good entropy! * * \param ctx HMAC_DRBG context - * \param resistance POLARSSL_HMAC_DRBG_PR_ON or POLARSSL_HMAC_DRBG_PR_OFF + * \param resistance MBEDTLS_HMAC_DRBG_PR_ON or MBEDTLS_HMAC_DRBG_PR_OFF */ -void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx, +void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx, int resistance ); /** * \brief Set the amount of entropy grabbed on each reseed * (Default: given by the security strength, which - * depends on the hash used, see \c hmac_drbg_init() ) + * depends on the hash used, see \c mbedtls_hmac_drbg_init() ) * * \param ctx HMAC_DRBG context * \param len Amount of entropy to grab, in bytes */ -void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx, +void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len ); /** * \brief Set the reseed interval - * (Default: POLARSSL_HMAC_DRBG_RESEED_INTERVAL) + * (Default: MBEDTLS_HMAC_DRBG_RESEED_INTERVAL) * * \param ctx HMAC_DRBG context * \param interval Reseed interval */ -void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx, +void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, int interval ); /** @@ -179,7 +198,7 @@ void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx, * \note Additional data is optional, pass NULL and 0 as second * third argument if no additional data is being used. */ -void hmac_drbg_update( hmac_drbg_context *ctx, +void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len ); /** @@ -190,9 +209,9 @@ void hmac_drbg_update( hmac_drbg_context *ctx, * \param len Length of additional data * * \return 0 if successful, or - * POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED + * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED */ -int hmac_drbg_reseed( hmac_drbg_context *ctx, +int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t len ); /** @@ -207,11 +226,11 @@ int hmac_drbg_reseed( hmac_drbg_context *ctx, * \param add_len Length of additional data (can be 0) * * \return 0 if successful, or - * POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or - * POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG, or - * POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG. + * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or + * MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG, or + * MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG. */ -int hmac_drbg_random_with_add( void *p_rng, +int mbedtls_hmac_drbg_random_with_add( void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len ); @@ -226,19 +245,19 @@ int hmac_drbg_random_with_add( void *p_rng, * \param out_len Length of the buffer * * \return 0 if successful, or - * POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or - * POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG + * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or + * MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG */ -int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ); +int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ); /** * \brief Free an HMAC_DRBG context * * \param ctx HMAC_DRBG context to free. */ -void hmac_drbg_free( hmac_drbg_context *ctx ); +void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /** * \brief Write a seed file * @@ -246,9 +265,9 @@ void hmac_drbg_free( hmac_drbg_context *ctx ); * \param path Name of the file * * \return 0 if successful, 1 on file error, or - * POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED + * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED */ -int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path ); +int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ); /** * \brief Read and update a seed file. Seed is added to this @@ -258,20 +277,20 @@ int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path ); * \param path Name of the file * * \return 0 if successful, 1 on file error, - * POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED or - * POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG + * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED or + * MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG */ -int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path ); -#endif /* POLARSSL_FS_IO */ +int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ); +#endif /* MBEDTLS_FS_IO */ -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /** * \brief Checkup routine * * \return 0 if successful, or 1 if the test failed */ -int hmac_drbg_self_test( int verbose ); +int mbedtls_hmac_drbg_self_test( int verbose ); #endif #ifdef __cplusplus diff --git a/ext/mbedtls/include/mbedtls/md.h b/ext/mbedtls/include/mbedtls/md.h new file mode 100644 index 0000000000..2a6cc0c7ba --- /dev/null +++ b/ext/mbedtls/include/mbedtls/md.h @@ -0,0 +1,358 @@ +/** + * \file mbedtls_md.h + * + * \brief Generic message digest wrapper + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_MD_H +#define MBEDTLS_MD_H + +#include + +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && !defined(inline) +#define inline __inline +#endif + +#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ +#define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ +#define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */ + +#ifdef __cplusplus +extern "C" { +#endif + +typedef enum { + MBEDTLS_MD_NONE=0, + MBEDTLS_MD_MD2, + MBEDTLS_MD_MD4, + MBEDTLS_MD_MD5, + MBEDTLS_MD_SHA1, + MBEDTLS_MD_SHA224, + MBEDTLS_MD_SHA256, + MBEDTLS_MD_SHA384, + MBEDTLS_MD_SHA512, + MBEDTLS_MD_RIPEMD160, +} mbedtls_md_type_t; + +#if defined(MBEDTLS_SHA512_C) +#define MBEDTLS_MD_MAX_SIZE 64 /* longest known is SHA512 */ +#else +#define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 or less */ +#endif + +/** + * Opaque struct defined in md_internal.h + */ +typedef struct mbedtls_md_info_t mbedtls_md_info_t; + +/** + * Generic message digest context. + */ +typedef struct { + /** Information about the associated message digest */ + const mbedtls_md_info_t *md_info; + + /** Digest-specific context */ + void *md_ctx; + + /** HMAC part of the context */ + void *hmac_ctx; +} mbedtls_md_context_t; + +/** + * \brief Returns the list of digests supported by the generic digest module. + * + * \return a statically allocated array of digests, the last entry + * is 0. + */ +const int *mbedtls_md_list( void ); + +/** + * \brief Returns the message digest information associated with the + * given digest name. + * + * \param md_name Name of the digest to search for. + * + * \return The message digest information associated with md_name or + * NULL if not found. + */ +const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); + +/** + * \brief Returns the message digest information associated with the + * given digest type. + * + * \param md_type type of digest to search for. + * + * \return The message digest information associated with md_type or + * NULL if not found. + */ +const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); + +/** + * \brief Initialize a md_context (as NONE) + * This should always be called first. + * Prepares the context for mbedtls_md_setup() or mbedtls_md_free(). + */ +void mbedtls_md_init( mbedtls_md_context_t *ctx ); + +/** + * \brief Free and clear the internal structures of ctx. + * Can be called at any time after mbedtls_md_init(). + * Mandatory once mbedtls_md_setup() has been called. + */ +void mbedtls_md_free( mbedtls_md_context_t *ctx ); + +#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_DEPRECATED_WARNING) +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_DEPRECATED +#endif +/** + * \brief Select MD to use and allocate internal structures. + * Should be called after mbedtls_md_init() or mbedtls_md_free(). + * Makes it necessary to call mbedtls_md_free() later. + * + * \deprecated Superseded by mbedtls_md_setup() in 2.0.0 + * + * \param ctx Context to set up. + * \param md_info Message digest to use. + * + * \returns \c 0 on success, + * \c MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure, + * \c MBEDTLS_ERR_MD_ALLOC_FAILED memory allocation failure. + */ +int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED; +#undef MBEDTLS_DEPRECATED +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +/** + * \brief Select MD to use and allocate internal structures. + * Should be called after mbedtls_md_init() or mbedtls_md_free(). + * Makes it necessary to call mbedtls_md_free() later. + * + * \param ctx Context to set up. + * \param md_info Message digest to use. + * \param hmac 0 to save some meory is HMAC will not be use, + * non-zero is HMAC is going to be used with this context. + * + * \returns \c 0 on success, + * \c MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure, + * \c MBEDTLS_ERR_MD_ALLOC_FAILED memory allocation failure. + */ +int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ); + +/** + * \brief Clone the state of an MD context + * + * \note The two contexts must have been setup to the same type + * (cloning from SHA-256 to SHA-512 make no sense). + * + * \warning Only clones the MD state, not the HMAC state! (for now) + * + * \param dst The destination context + * \param src The context to be cloned + * + * \return \c 0 on success, + * \c MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure. + */ +int mbedtls_md_clone( mbedtls_md_context_t *dst, + const mbedtls_md_context_t *src ); + +/** + * \brief Returns the size of the message digest output. + * + * \param md_info message digest info + * + * \return size of the message digest output in bytes. + */ +unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); + +/** + * \brief Returns the type of the message digest output. + * + * \param md_info message digest info + * + * \return type of the message digest output. + */ +mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); + +/** + * \brief Returns the name of the message digest output. + * + * \param md_info message digest info + * + * \return name of the message digest output. + */ +const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); + +/** + * \brief Prepare the context to digest a new message. + * Generally called after mbedtls_md_setup() or mbedtls_md_finish(). + * Followed by mbedtls_md_update(). + * + * \param ctx generic message digest context. + * + * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int mbedtls_md_starts( mbedtls_md_context_t *ctx ); + +/** + * \brief Generic message digest process buffer + * Called between mbedtls_md_starts() and mbedtls_md_finish(). + * May be called repeatedly. + * + * \param ctx Generic message digest context + * \param input buffer holding the datal + * \param ilen length of the input data + * + * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief Generic message digest final digest + * Called after mbedtls_md_update(). + * Usually followed by mbedtls_md_free() or mbedtls_md_starts(). + * + * \param ctx Generic message digest context + * \param output Generic message digest checksum result + * + * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); + +/** + * \brief Output = message_digest( input buffer ) + * + * \param md_info message digest info + * \param input buffer holding the data + * \param ilen length of the input data + * \param output Generic message digest checksum result + * + * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, + unsigned char *output ); + +#if defined(MBEDTLS_FS_IO) +/** + * \brief Output = message_digest( file contents ) + * + * \param md_info message digest info + * \param path input file name + * \param output generic message digest checksum result + * + * \return 0 if successful, + * MBEDTLS_ERR_MD_FILE_IO_ERROR if file input failed, + * MBEDTLS_ERR_MD_BAD_INPUT_DATA if md_info was NULL. + */ +int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, + unsigned char *output ); +#endif /* MBEDTLS_FS_IO */ + +/** + * \brief Set HMAC key and prepare to authenticate a new message. + * Usually called after mbedtls_md_setup() or mbedtls_md_hmac_finish(). + * + * \param ctx HMAC context + * \param key HMAC secret key + * \param keylen length of the HMAC key in bytes + * + * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, + size_t keylen ); + +/** + * \brief Generic HMAC process buffer. + * Called between mbedtls_md_hmac_starts() or mbedtls_md_hmac_reset() + * and mbedtls_md_hmac_finish(). + * May be called repeatedly. + * + * \param ctx HMAC context + * \param input buffer holding the data + * \param ilen length of the input data + * + * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, + size_t ilen ); + +/** + * \brief Output HMAC. + * Called after mbedtls_md_hmac_update(). + * Usually followed my mbedtls_md_hmac_reset(), mbedtls_md_hmac_starts(), + * or mbedtls_md_free(). + * + * \param ctx HMAC context + * \param output Generic HMAC checksum result + * + * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output); + +/** + * \brief Prepare to authenticate a new message with the same key. + * Called after mbedtls_md_hmac_finish() and before mbedtls_md_hmac_update(). + * + * \param ctx HMAC context to be reset + * + * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); + +/** + * \brief Output = Generic_HMAC( hmac key, input buffer ) + * + * \param md_info message digest info + * \param key HMAC secret key + * \param keylen length of the HMAC key in bytes + * \param input buffer holding the data + * \param ilen length of the input data + * \param output Generic HMAC-result + * + * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output ); + +/* Internal use */ +int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ); + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_MD_H */ diff --git a/ext/mbedtls/include/mbedtls/md2.h b/ext/mbedtls/include/mbedtls/md2.h new file mode 100644 index 0000000000..151a8f45de --- /dev/null +++ b/ext/mbedtls/include/mbedtls/md2.h @@ -0,0 +1,137 @@ +/** + * \file mbedtls_md2.h + * + * \brief MD2 message digest algorithm (hash function) + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_MD2_H +#define MBEDTLS_MD2_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include + +#if !defined(MBEDTLS_MD2_ALT) +// Regular implementation +// + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief MD2 context structure + */ +typedef struct +{ + unsigned char cksum[16]; /*!< checksum of the data block */ + unsigned char state[48]; /*!< intermediate digest state */ + unsigned char buffer[16]; /*!< data block being processed */ + size_t left; /*!< amount of data in buffer */ +} +mbedtls_md2_context; + +/** + * \brief Initialize MD2 context + * + * \param ctx MD2 context to be initialized + */ +void mbedtls_md2_init( mbedtls_md2_context *ctx ); + +/** + * \brief Clear MD2 context + * + * \param ctx MD2 context to be cleared + */ +void mbedtls_md2_free( mbedtls_md2_context *ctx ); + +/** + * \brief Clone (the state of) an MD2 context + * + * \param dst The destination context + * \param src The context to be cloned + */ +void mbedtls_md2_clone( mbedtls_md2_context *dst, + const mbedtls_md2_context *src ); + +/** + * \brief MD2 context setup + * + * \param ctx context to be initialized + */ +void mbedtls_md2_starts( mbedtls_md2_context *ctx ); + +/** + * \brief MD2 process buffer + * + * \param ctx MD2 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief MD2 final digest + * + * \param ctx MD2 context + * \param output MD2 checksum result + */ +void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] ); + +#ifdef __cplusplus +} +#endif + +#else /* MBEDTLS_MD2_ALT */ +#include "md2_alt.h" +#endif /* MBEDTLS_MD2_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = MD2( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output MD2 checksum result + */ +void mbedtls_md2( const unsigned char *input, size_t ilen, unsigned char output[16] ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int mbedtls_md2_self_test( int verbose ); + +/* Internal use */ +void mbedtls_md2_process( mbedtls_md2_context *ctx ); + +#ifdef __cplusplus +} +#endif + +#endif /* mbedtls_md2.h */ diff --git a/ext/mbedtls/include/mbedtls/md4.h b/ext/mbedtls/include/mbedtls/md4.h new file mode 100644 index 0000000000..fd756b91b6 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/md4.h @@ -0,0 +1,137 @@ +/** + * \file mbedtls_md4.h + * + * \brief MD4 message digest algorithm (hash function) + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_MD4_H +#define MBEDTLS_MD4_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include +#include + +#if !defined(MBEDTLS_MD4_ALT) +// Regular implementation +// + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief MD4 context structure + */ +typedef struct +{ + uint32_t total[2]; /*!< number of bytes processed */ + uint32_t state[4]; /*!< intermediate digest state */ + unsigned char buffer[64]; /*!< data block being processed */ +} +mbedtls_md4_context; + +/** + * \brief Initialize MD4 context + * + * \param ctx MD4 context to be initialized + */ +void mbedtls_md4_init( mbedtls_md4_context *ctx ); + +/** + * \brief Clear MD4 context + * + * \param ctx MD4 context to be cleared + */ +void mbedtls_md4_free( mbedtls_md4_context *ctx ); + +/** + * \brief Clone (the state of) an MD4 context + * + * \param dst The destination context + * \param src The context to be cloned + */ +void mbedtls_md4_clone( mbedtls_md4_context *dst, + const mbedtls_md4_context *src ); + +/** + * \brief MD4 context setup + * + * \param ctx context to be initialized + */ +void mbedtls_md4_starts( mbedtls_md4_context *ctx ); + +/** + * \brief MD4 process buffer + * + * \param ctx MD4 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief MD4 final digest + * + * \param ctx MD4 context + * \param output MD4 checksum result + */ +void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] ); + +#ifdef __cplusplus +} +#endif + +#else /* MBEDTLS_MD4_ALT */ +#include "md4_alt.h" +#endif /* MBEDTLS_MD4_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = MD4( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output MD4 checksum result + */ +void mbedtls_md4( const unsigned char *input, size_t ilen, unsigned char output[16] ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int mbedtls_md4_self_test( int verbose ); + +/* Internal use */ +void mbedtls_md4_process( mbedtls_md4_context *ctx, const unsigned char data[64] ); + +#ifdef __cplusplus +} +#endif + +#endif /* mbedtls_md4.h */ diff --git a/ext/mbedtls/include/mbedtls/md5.h b/ext/mbedtls/include/mbedtls/md5.h new file mode 100644 index 0000000000..40273d4801 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/md5.h @@ -0,0 +1,137 @@ +/** + * \file mbedtls_md5.h + * + * \brief MD5 message digest algorithm (hash function) + * + * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_MD5_H +#define MBEDTLS_MD5_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include +#include + +#if !defined(MBEDTLS_MD5_ALT) +// Regular implementation +// + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief MD5 context structure + */ +typedef struct +{ + uint32_t total[2]; /*!< number of bytes processed */ + uint32_t state[4]; /*!< intermediate digest state */ + unsigned char buffer[64]; /*!< data block being processed */ +} +mbedtls_md5_context; + +/** + * \brief Initialize MD5 context + * + * \param ctx MD5 context to be initialized + */ +void mbedtls_md5_init( mbedtls_md5_context *ctx ); + +/** + * \brief Clear MD5 context + * + * \param ctx MD5 context to be cleared + */ +void mbedtls_md5_free( mbedtls_md5_context *ctx ); + +/** + * \brief Clone (the state of) an MD5 context + * + * \param dst The destination context + * \param src The context to be cloned + */ +void mbedtls_md5_clone( mbedtls_md5_context *dst, + const mbedtls_md5_context *src ); + +/** + * \brief MD5 context setup + * + * \param ctx context to be initialized + */ +void mbedtls_md5_starts( mbedtls_md5_context *ctx ); + +/** + * \brief MD5 process buffer + * + * \param ctx MD5 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief MD5 final digest + * + * \param ctx MD5 context + * \param output MD5 checksum result + */ +void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] ); + +/* Internal use */ +void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64] ); + +#ifdef __cplusplus +} +#endif + +#else /* MBEDTLS_MD5_ALT */ +#include "md5_alt.h" +#endif /* MBEDTLS_MD5_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = MD5( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output MD5 checksum result + */ +void mbedtls_md5( const unsigned char *input, size_t ilen, unsigned char output[16] ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int mbedtls_md5_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* mbedtls_md5.h */ diff --git a/ext/mbedtls/include/mbedtls/md_internal.h b/ext/mbedtls/include/mbedtls/md_internal.h new file mode 100644 index 0000000000..f2a063251b --- /dev/null +++ b/ext/mbedtls/include/mbedtls/md_internal.h @@ -0,0 +1,115 @@ +/** + * \file md_internal.h + * + * \brief Message digest wrappers. + * + * \warning This in an internal header. Do not include directly. + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_MD_WRAP_H +#define MBEDTLS_MD_WRAP_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "md.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * Message digest information. + * Allows message digest functions to be called in a generic way. + */ +struct mbedtls_md_info_t +{ + /** Digest identifier */ + mbedtls_md_type_t type; + + /** Name of the message digest */ + const char * name; + + /** Output length of the digest function in bytes */ + int size; + + /** Block length of the digest function in bytes */ + int block_size; + + /** Digest initialisation function */ + void (*starts_func)( void *ctx ); + + /** Digest update function */ + void (*update_func)( void *ctx, const unsigned char *input, size_t ilen ); + + /** Digest finalisation function */ + void (*finish_func)( void *ctx, unsigned char *output ); + + /** Generic digest function */ + void (*digest_func)( const unsigned char *input, size_t ilen, + unsigned char *output ); + + /** Allocate a new context */ + void * (*ctx_alloc_func)( void ); + + /** Free the given context */ + void (*ctx_free_func)( void *ctx ); + + /** Clone state from a context */ + void (*clone_func)( void *dst, const void *src ); + + /** Internal use only */ + void (*process_func)( void *ctx, const unsigned char *input ); +}; + +#if defined(MBEDTLS_MD2_C) +extern const mbedtls_md_info_t mbedtls_md2_info; +#endif +#if defined(MBEDTLS_MD4_C) +extern const mbedtls_md_info_t mbedtls_md4_info; +#endif +#if defined(MBEDTLS_MD5_C) +extern const mbedtls_md_info_t mbedtls_md5_info; +#endif +#if defined(MBEDTLS_RIPEMD160_C) +extern const mbedtls_md_info_t mbedtls_ripemd160_info; +#endif +#if defined(MBEDTLS_SHA1_C) +extern const mbedtls_md_info_t mbedtls_sha1_info; +#endif +#if defined(MBEDTLS_SHA256_C) +extern const mbedtls_md_info_t mbedtls_sha224_info; +extern const mbedtls_md_info_t mbedtls_sha256_info; +#endif +#if defined(MBEDTLS_SHA512_C) +extern const mbedtls_md_info_t mbedtls_sha384_info; +extern const mbedtls_md_info_t mbedtls_sha512_info; +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_MD_WRAP_H */ diff --git a/ext/mbedtls/include/polarssl/memory_buffer_alloc.h b/ext/mbedtls/include/mbedtls/memory_buffer_alloc.h similarity index 60% rename from ext/mbedtls/include/polarssl/memory_buffer_alloc.h rename to ext/mbedtls/include/mbedtls/memory_buffer_alloc.h index 19abe55fa5..5e14823b7e 100644 --- a/ext/mbedtls/include/polarssl/memory_buffer_alloc.h +++ b/ext/mbedtls/include/mbedtls/memory_buffer_alloc.h @@ -21,13 +21,13 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_MEMORY_BUFFER_ALLOC_H -#define POLARSSL_MEMORY_BUFFER_ALLOC_H +#ifndef MBEDTLS_MEMORY_BUFFER_ALLOC_H +#define MBEDTLS_MEMORY_BUFFER_ALLOC_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include @@ -40,16 +40,16 @@ * \{ */ -#if !defined(POLARSSL_MEMORY_ALIGN_MULTIPLE) -#define POLARSSL_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ +#if !defined(MBEDTLS_MEMORY_ALIGN_MULTIPLE) +#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ #endif /* \} name SECTION: Module settings */ -#define MEMORY_VERIFY_NONE 0 -#define MEMORY_VERIFY_ALLOC (1 << 0) -#define MEMORY_VERIFY_FREE (1 << 1) -#define MEMORY_VERIFY_ALWAYS (MEMORY_VERIFY_ALLOC | MEMORY_VERIFY_FREE) +#define MBEDTLS_MEMORY_VERIFY_NONE 0 +#define MBEDTLS_MEMORY_VERIFY_ALLOC (1 << 0) +#define MBEDTLS_MEMORY_VERIFY_FREE (1 << 1) +#define MBEDTLS_MEMORY_VERIFY_ALWAYS (MBEDTLS_MEMORY_VERIFY_ALLOC | MBEDTLS_MEMORY_VERIFY_FREE) #ifdef __cplusplus extern "C" { @@ -58,45 +58,43 @@ extern "C" { /** * \brief Initialize use of stack-based memory allocator. * The stack-based allocator does memory management inside the - * presented buffer and does not call malloc() and free(). - * It sets the global polarssl_malloc() and polarssl_free() pointers + * presented buffer and does not call calloc() and free(). + * It sets the global mbedtls_calloc() and mbedtls_free() pointers * to its own functions. - * (Provided polarssl_malloc() and polarssl_free() are thread-safe if - * POLARSSL_THREADING_C is defined) + * (Provided mbedtls_calloc() and mbedtls_free() are thread-safe if + * MBEDTLS_THREADING_C is defined) * * \note This code is not optimized and provides a straight-forward * implementation of a stack-based memory allocator. * * \param buf buffer to use as heap * \param len size of the buffer - * - * \return 0 if successful */ -int memory_buffer_alloc_init( unsigned char *buf, size_t len ); +void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len ); /** * \brief Free the mutex for thread-safety and clear remaining memory */ -void memory_buffer_alloc_free( void ); +void mbedtls_memory_buffer_alloc_free( void ); /** * \brief Determine when the allocator should automatically verify the state * of the entire chain of headers / meta-data. - * (Default: MEMORY_VERIFY_NONE) + * (Default: MBEDTLS_MEMORY_VERIFY_NONE) * - * \param verify One of MEMORY_VERIFY_NONE, MEMORY_VERIFY_ALLOC, - * MEMORY_VERIFY_FREE or MEMORY_VERIFY_ALWAYS + * \param verify One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC, + * MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS */ -void memory_buffer_set_verify( int verify ); +void mbedtls_memory_buffer_set_verify( int verify ); -#if defined(POLARSSL_MEMORY_DEBUG) +#if defined(MBEDTLS_MEMORY_DEBUG) /** * \brief Print out the status of the allocated memory (primarily for use * after a program should have de-allocated all memory) * Prints out a list of 'still allocated' blocks and their stack - * trace if POLARSSL_MEMORY_BACKTRACE is defined. + * trace if MBEDTLS_MEMORY_BACKTRACE is defined. */ -void memory_buffer_alloc_status( void ); +void mbedtls_memory_buffer_alloc_status( void ); /** * \brief Get the peak heap usage so far @@ -104,12 +102,12 @@ void memory_buffer_alloc_status( void ); * \param max_used Peak number of bytes reauested by the application * \param max_blocks Peak number of blocks reauested by the application */ -void memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ); +void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ); /** * \brief Reset peak statistics */ -void memory_buffer_alloc_max_reset( void ); +void mbedtls_memory_buffer_alloc_max_reset( void ); /** * \brief Get the current heap usage @@ -117,29 +115,29 @@ void memory_buffer_alloc_max_reset( void ); * \param cur_used Number of bytes reauested by the application * \param cur_blocks Number of blocks reauested by the application */ -void memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ); -#endif /* POLARSSL_MEMORY_DEBUG */ +void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ); +#endif /* MBEDTLS_MEMORY_DEBUG */ /** * \brief Verifies that all headers in the memory buffer are correct * and contain sane values. Helps debug buffer-overflow errors. * - * Prints out first failure if POLARSSL_MEMORY_DEBUG is defined. - * Prints out full header information if POLARSSL_MEMORY_DEBUG_HEADERS + * Prints out first failure if MBEDTLS_MEMORY_DEBUG is defined. + * Prints out full header information if MBEDTLS_MEMORY_DEBUG * is defined. (Includes stack trace information for each block if - * POLARSSL_MEMORY_BACKTRACE is defined as well). + * MBEDTLS_MEMORY_BACKTRACE is defined as well). * - * \returns 0 if verified, 1 otherwise + * \return 0 if verified, 1 otherwise */ -int memory_buffer_alloc_verify( void ); +int mbedtls_memory_buffer_alloc_verify( void ); -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /** * \brief Checkup routine * * \return 0 if successful, or 1 if a test failed */ -int memory_buffer_alloc_self_test( int verbose ); +int mbedtls_memory_buffer_alloc_self_test( int verbose ); #endif #ifdef __cplusplus diff --git a/ext/mbedtls/include/mbedtls/net.h b/ext/mbedtls/include/mbedtls/net.h new file mode 100644 index 0000000000..1c49763ab4 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/net.h @@ -0,0 +1,226 @@ +/** + * \file net.h + * + * \brief Network communication functions + * + * Copyright (C) 2006-2011, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_NET_H +#define MBEDTLS_NET_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "ssl.h" + +#include +#include + +#define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */ +#define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */ +#define MBEDTLS_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */ +#define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */ +#define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */ +#define MBEDTLS_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */ +#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */ +#define MBEDTLS_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */ +#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052 /**< Failed to get an IP address for the given hostname. */ +#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043 /**< Buffer is too small to hold the data. */ +#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045 /**< The context is invalid, eg because it was free()ed. */ + +#define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */ + +#define MBEDTLS_NET_PROTO_TCP 0 /**< The TCP transport protocol */ +#define MBEDTLS_NET_PROTO_UDP 1 /**< The UDP transport protocol */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * Wrapper type for sockets. + * + * Currently backed by just a file descriptor, but might be more in the future + * (eg two file descriptors for combined IPv4 + IPv6 support, or additional + * structures for hand-made UDP demultiplexing). + */ +typedef struct +{ + int fd; /**< The underlying file descriptor */ +} +mbedtls_net_context; + +/** + * \brief Initialize a context + * Just makes the context ready to be used or freed safely. + * + * \param ctx Context to initialize + */ +void mbedtls_net_init( mbedtls_net_context *ctx ); + +/** + * \brief Initiate a connection with host:port in the given protocol + * + * \param ctx Socket to use + * \param host Host to connect to + * \param port Port to connect to + * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP + * + * \return 0 if successful, or one of: + * MBEDTLS_ERR_NET_SOCKET_FAILED, + * MBEDTLS_ERR_NET_UNKNOWN_HOST, + * MBEDTLS_ERR_NET_CONNECT_FAILED + * + * \note Sets the socket in connected mode even with UDP. + */ +int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto ); + +/** + * \brief Create a receiving socket on bind_ip:port in the chosen + * protocol. If bind_ip == NULL, all interfaces are bound. + * + * \param ctx Socket to use + * \param bind_ip IP to bind to, can be NULL + * \param port Port number to use + * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP + * + * \return 0 if successful, or one of: + * MBEDTLS_ERR_NET_SOCKET_FAILED, + * MBEDTLS_ERR_NET_BIND_FAILED, + * MBEDTLS_ERR_NET_LISTEN_FAILED + * + * \note Regardless of the protocol, opens the sockets and binds it. + * In addition, make the socket listening if protocol is TCP. + */ +int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ); + +/** + * \brief Accept a connection from a remote client + * + * \param bind_ctx Relevant socket + * \param client_ctx Will contain the connected client socket + * \param client_ip Will contain the client IP address + * \param buf_size Size of the client_ip buffer + * \param ip_len Will receive the size of the client IP written + * + * \return 0 if successful, or + * MBEDTLS_ERR_NET_ACCEPT_FAILED, or + * MBEDTLS_ERR_NET_BUFFER_TOO_SMALL if buf_size is too small, + * MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to + * non-blocking and accept() would block. + */ +int mbedtls_net_accept( mbedtls_net_context *bind_ctx, + mbedtls_net_context *client_ctx, + void *client_ip, size_t buf_size, size_t *ip_len ); + +/** + * \brief Set the socket blocking + * + * \param ctx Socket to set + * + * \return 0 if successful, or a non-zero error code + */ +int mbedtls_net_set_block( mbedtls_net_context *ctx ); + +/** + * \brief Set the socket non-blocking + * + * \param ctx Socket to set + * + * \return 0 if successful, or a non-zero error code + */ +int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ); + +/** + * \brief Portable usleep helper + * + * \param usec Amount of microseconds to sleep + * + * \note Real amount of time slept will not be less than + * select()'s timeout granularity (typically, 10ms). + */ +void mbedtls_net_usleep( unsigned long usec ); + +/** + * \brief Read at most 'len' characters. If no error occurs, + * the actual amount read is returned. + * + * \param ctx Socket + * \param buf The buffer to write to + * \param len Maximum length of the buffer + * + * \return the number of bytes received, + * or a non-zero error code; with a non-blocking socket, + * MBEDTLS_ERR_SSL_WANT_READ indicates read() would block. + */ +int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ); + +/** + * \brief Write at most 'len' characters. If no error occurs, + * the actual amount read is returned. + * + * \param ctx Socket + * \param buf The buffer to read from + * \param len The length of the buffer + * + * \return the number of bytes sent, + * or a non-zero error code; with a non-blocking socket, + * MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block. + */ +int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ); + +/** + * \brief Read at most 'len' characters, blocking for at most + * 'timeout' seconds. If no error occurs, the actual amount + * read is returned. + * + * \param ctx Socket + * \param buf The buffer to write to + * \param len Maximum length of the buffer + * \param timeout Maximum number of milliseconds to wait for data + * 0 means no timeout (wait forever) + * + * \return the number of bytes received, + * or a non-zero error code: + * MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out, + * MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal. + * + * \note This function will block (until data becomes available or + * timeout is reached) even if the socket is set to + * non-blocking. Handling timeouts with non-blocking reads + * requires a different strategy. + */ +int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len, + uint32_t timeout ); + +/** + * \brief Gracefully shutdown the connection and free associated data + * + * \param ctx The context to free + */ +void mbedtls_net_free( mbedtls_net_context *ctx ); + +#ifdef __cplusplus +} +#endif + +#endif /* net.h */ diff --git a/ext/mbedtls/include/mbedtls/oid.h b/ext/mbedtls/include/mbedtls/oid.h new file mode 100644 index 0000000000..02921c41c6 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/oid.h @@ -0,0 +1,571 @@ +/** + * \file oid.h + * + * \brief Object Identifier (OID) database + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_OID_H +#define MBEDTLS_OID_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "asn1.h" +#include "pk.h" + +#include + +#if defined(MBEDTLS_CIPHER_C) +#include "cipher.h" +#endif + +#if defined(MBEDTLS_MD_C) +#include "md.h" +#endif + +#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) +#include "x509.h" +#endif + +#define MBEDTLS_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */ +#define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */ + +/* + * Top level OID tuples + */ +#define MBEDTLS_OID_ISO_MEMBER_BODIES "\x2a" /* {iso(1) member-body(2)} */ +#define MBEDTLS_OID_ISO_IDENTIFIED_ORG "\x2b" /* {iso(1) identified-organization(3)} */ +#define MBEDTLS_OID_ISO_CCITT_DS "\x55" /* {joint-iso-ccitt(2) ds(5)} */ +#define MBEDTLS_OID_ISO_ITU_COUNTRY "\x60" /* {joint-iso-itu-t(2) country(16)} */ + +/* + * ISO Member bodies OID parts + */ +#define MBEDTLS_OID_COUNTRY_US "\x86\x48" /* {us(840)} */ +#define MBEDTLS_OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */ +#define MBEDTLS_OID_RSA_COMPANY MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \ + MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */ +#define MBEDTLS_OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */ +#define MBEDTLS_OID_ANSI_X9_62 MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \ + MBEDTLS_OID_ORG_ANSI_X9_62 + +/* + * ISO Identified organization OID parts + */ +#define MBEDTLS_OID_ORG_DOD "\x06" /* {dod(6)} */ +#define MBEDTLS_OID_ORG_OIW "\x0e" +#define MBEDTLS_OID_OIW_SECSIG MBEDTLS_OID_ORG_OIW "\x03" +#define MBEDTLS_OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG "\x02" +#define MBEDTLS_OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_ALG "\x1a" +#define MBEDTLS_OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */ +#define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_CERTICOM +#define MBEDTLS_OID_ORG_TELETRUST "\x24" /* teletrust(36) */ +#define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_TELETRUST + +/* + * ISO ITU OID parts + */ +#define MBEDTLS_OID_ORGANIZATION "\x01" /* {organization(1)} */ +#define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */ + +#define MBEDTLS_OID_ORG_GOV "\x65" /* {gov(101)} */ +#define MBEDTLS_OID_GOV MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */ + +#define MBEDTLS_OID_ORG_NETSCAPE "\x86\xF8\x42" /* {netscape(113730)} */ +#define MBEDTLS_OID_NETSCAPE MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_NETSCAPE /* Netscape OID {joint-iso-itu-t(2) country(16) us(840) organization(1) netscape(113730)} */ + +/* ISO arc for standard certificate and CRL extensions */ +#define MBEDTLS_OID_ID_CE MBEDTLS_OID_ISO_CCITT_DS "\x1D" /**< id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} */ + +/** + * Private Internet Extensions + * { iso(1) identified-organization(3) dod(6) internet(1) + * security(5) mechanisms(5) pkix(7) } + */ +#define MBEDTLS_OID_PKIX MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01\x05\x05\x07" + +/* + * Arc for standard naming attributes + */ +#define MBEDTLS_OID_AT MBEDTLS_OID_ISO_CCITT_DS "\x04" /**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */ +#define MBEDTLS_OID_AT_CN MBEDTLS_OID_AT "\x03" /**< id-at-commonName AttributeType:= {id-at 3} */ +#define MBEDTLS_OID_AT_SUR_NAME MBEDTLS_OID_AT "\x04" /**< id-at-surName AttributeType:= {id-at 4} */ +#define MBEDTLS_OID_AT_SERIAL_NUMBER MBEDTLS_OID_AT "\x05" /**< id-at-serialNumber AttributeType:= {id-at 5} */ +#define MBEDTLS_OID_AT_COUNTRY MBEDTLS_OID_AT "\x06" /**< id-at-countryName AttributeType:= {id-at 6} */ +#define MBEDTLS_OID_AT_LOCALITY MBEDTLS_OID_AT "\x07" /**< id-at-locality AttributeType:= {id-at 7} */ +#define MBEDTLS_OID_AT_STATE MBEDTLS_OID_AT "\x08" /**< id-at-state AttributeType:= {id-at 8} */ +#define MBEDTLS_OID_AT_ORGANIZATION MBEDTLS_OID_AT "\x0A" /**< id-at-organizationName AttributeType:= {id-at 10} */ +#define MBEDTLS_OID_AT_ORG_UNIT MBEDTLS_OID_AT "\x0B" /**< id-at-organizationalUnitName AttributeType:= {id-at 11} */ +#define MBEDTLS_OID_AT_TITLE MBEDTLS_OID_AT "\x0C" /**< id-at-title AttributeType:= {id-at 12} */ +#define MBEDTLS_OID_AT_POSTAL_ADDRESS MBEDTLS_OID_AT "\x10" /**< id-at-postalAddress AttributeType:= {id-at 16} */ +#define MBEDTLS_OID_AT_POSTAL_CODE MBEDTLS_OID_AT "\x11" /**< id-at-postalCode AttributeType:= {id-at 17} */ +#define MBEDTLS_OID_AT_GIVEN_NAME MBEDTLS_OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */ +#define MBEDTLS_OID_AT_INITIALS MBEDTLS_OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */ +#define MBEDTLS_OID_AT_GENERATION_QUALIFIER MBEDTLS_OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */ +#define MBEDTLS_OID_AT_UNIQUE_IDENTIFIER MBEDTLS_OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributType:= {id-at 45} */ +#define MBEDTLS_OID_AT_DN_QUALIFIER MBEDTLS_OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */ +#define MBEDTLS_OID_AT_PSEUDONYM MBEDTLS_OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */ + +#define MBEDTLS_OID_DOMAIN_COMPONENT "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */ + +/* + * OIDs for standard certificate extensions + */ +#define MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_ID_CE "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } */ +#define MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER MBEDTLS_OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } */ +#define MBEDTLS_OID_KEY_USAGE MBEDTLS_OID_ID_CE "\x0F" /**< id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } */ +#define MBEDTLS_OID_CERTIFICATE_POLICIES MBEDTLS_OID_ID_CE "\x20" /**< id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } */ +#define MBEDTLS_OID_POLICY_MAPPINGS MBEDTLS_OID_ID_CE "\x21" /**< id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } */ +#define MBEDTLS_OID_SUBJECT_ALT_NAME MBEDTLS_OID_ID_CE "\x11" /**< id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } */ +#define MBEDTLS_OID_ISSUER_ALT_NAME MBEDTLS_OID_ID_CE "\x12" /**< id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } */ +#define MBEDTLS_OID_SUBJECT_DIRECTORY_ATTRS MBEDTLS_OID_ID_CE "\x09" /**< id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } */ +#define MBEDTLS_OID_BASIC_CONSTRAINTS MBEDTLS_OID_ID_CE "\x13" /**< id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } */ +#define MBEDTLS_OID_NAME_CONSTRAINTS MBEDTLS_OID_ID_CE "\x1E" /**< id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } */ +#define MBEDTLS_OID_POLICY_CONSTRAINTS MBEDTLS_OID_ID_CE "\x24" /**< id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } */ +#define MBEDTLS_OID_EXTENDED_KEY_USAGE MBEDTLS_OID_ID_CE "\x25" /**< id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } */ +#define MBEDTLS_OID_CRL_DISTRIBUTION_POINTS MBEDTLS_OID_ID_CE "\x1F" /**< id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 } */ +#define MBEDTLS_OID_INIHIBIT_ANYPOLICY MBEDTLS_OID_ID_CE "\x36" /**< id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } */ +#define MBEDTLS_OID_FRESHEST_CRL MBEDTLS_OID_ID_CE "\x2E" /**< id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46 } */ + +/* + * Netscape certificate extensions + */ +#define MBEDTLS_OID_NS_CERT MBEDTLS_OID_NETSCAPE "\x01" +#define MBEDTLS_OID_NS_CERT_TYPE MBEDTLS_OID_NS_CERT "\x01" +#define MBEDTLS_OID_NS_BASE_URL MBEDTLS_OID_NS_CERT "\x02" +#define MBEDTLS_OID_NS_REVOCATION_URL MBEDTLS_OID_NS_CERT "\x03" +#define MBEDTLS_OID_NS_CA_REVOCATION_URL MBEDTLS_OID_NS_CERT "\x04" +#define MBEDTLS_OID_NS_RENEWAL_URL MBEDTLS_OID_NS_CERT "\x07" +#define MBEDTLS_OID_NS_CA_POLICY_URL MBEDTLS_OID_NS_CERT "\x08" +#define MBEDTLS_OID_NS_SSL_SERVER_NAME MBEDTLS_OID_NS_CERT "\x0C" +#define MBEDTLS_OID_NS_COMMENT MBEDTLS_OID_NS_CERT "\x0D" +#define MBEDTLS_OID_NS_DATA_TYPE MBEDTLS_OID_NETSCAPE "\x02" +#define MBEDTLS_OID_NS_CERT_SEQUENCE MBEDTLS_OID_NS_DATA_TYPE "\x05" + +/* + * OIDs for CRL extensions + */ +#define MBEDTLS_OID_PRIVATE_KEY_USAGE_PERIOD MBEDTLS_OID_ID_CE "\x10" +#define MBEDTLS_OID_CRL_NUMBER MBEDTLS_OID_ID_CE "\x14" /**< id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } */ + +/* + * X.509 v3 Extended key usage OIDs + */ +#define MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE MBEDTLS_OID_EXTENDED_KEY_USAGE "\x00" /**< anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } */ + +#define MBEDTLS_OID_KP MBEDTLS_OID_PKIX "\x03" /**< id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } */ +#define MBEDTLS_OID_SERVER_AUTH MBEDTLS_OID_KP "\x01" /**< id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } */ +#define MBEDTLS_OID_CLIENT_AUTH MBEDTLS_OID_KP "\x02" /**< id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } */ +#define MBEDTLS_OID_CODE_SIGNING MBEDTLS_OID_KP "\x03" /**< id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } */ +#define MBEDTLS_OID_EMAIL_PROTECTION MBEDTLS_OID_KP "\x04" /**< id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } */ +#define MBEDTLS_OID_TIME_STAMPING MBEDTLS_OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */ +#define MBEDTLS_OID_OCSP_SIGNING MBEDTLS_OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */ + +/* + * PKCS definition OIDs + */ + +#define MBEDTLS_OID_PKCS MBEDTLS_OID_RSA_COMPANY "\x01" /**< pkcs OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) 1 } */ +#define MBEDTLS_OID_PKCS1 MBEDTLS_OID_PKCS "\x01" /**< pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } */ +#define MBEDTLS_OID_PKCS5 MBEDTLS_OID_PKCS "\x05" /**< pkcs-5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 } */ +#define MBEDTLS_OID_PKCS9 MBEDTLS_OID_PKCS "\x09" /**< pkcs-9 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } */ +#define MBEDTLS_OID_PKCS12 MBEDTLS_OID_PKCS "\x0c" /**< pkcs-12 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 12 } */ + +/* + * PKCS#1 OIDs + */ +#define MBEDTLS_OID_PKCS1_RSA MBEDTLS_OID_PKCS1 "\x01" /**< rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } */ +#define MBEDTLS_OID_PKCS1_MD2 MBEDTLS_OID_PKCS1 "\x02" /**< md2WithRSAEncryption ::= { pkcs-1 2 } */ +#define MBEDTLS_OID_PKCS1_MD4 MBEDTLS_OID_PKCS1 "\x03" /**< md4WithRSAEncryption ::= { pkcs-1 3 } */ +#define MBEDTLS_OID_PKCS1_MD5 MBEDTLS_OID_PKCS1 "\x04" /**< md5WithRSAEncryption ::= { pkcs-1 4 } */ +#define MBEDTLS_OID_PKCS1_SHA1 MBEDTLS_OID_PKCS1 "\x05" /**< sha1WithRSAEncryption ::= { pkcs-1 5 } */ +#define MBEDTLS_OID_PKCS1_SHA224 MBEDTLS_OID_PKCS1 "\x0e" /**< sha224WithRSAEncryption ::= { pkcs-1 14 } */ +#define MBEDTLS_OID_PKCS1_SHA256 MBEDTLS_OID_PKCS1 "\x0b" /**< sha256WithRSAEncryption ::= { pkcs-1 11 } */ +#define MBEDTLS_OID_PKCS1_SHA384 MBEDTLS_OID_PKCS1 "\x0c" /**< sha384WithRSAEncryption ::= { pkcs-1 12 } */ +#define MBEDTLS_OID_PKCS1_SHA512 MBEDTLS_OID_PKCS1 "\x0d" /**< sha512WithRSAEncryption ::= { pkcs-1 13 } */ + +#define MBEDTLS_OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D" + +#define MBEDTLS_OID_PKCS9_EMAIL MBEDTLS_OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */ + +/* RFC 4055 */ +#define MBEDTLS_OID_RSASSA_PSS MBEDTLS_OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */ +#define MBEDTLS_OID_MGF1 MBEDTLS_OID_PKCS1 "\x08" /**< id-mgf1 ::= { pkcs-1 8 } */ + +/* + * Digest algorithms + */ +#define MBEDTLS_OID_DIGEST_ALG_MD2 MBEDTLS_OID_RSA_COMPANY "\x02\x02" /**< id-mbedtls_md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */ +#define MBEDTLS_OID_DIGEST_ALG_MD4 MBEDTLS_OID_RSA_COMPANY "\x02\x04" /**< id-mbedtls_md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */ +#define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_GOV "\x03\x04\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA256 MBEDTLS_OID_GOV "\x03\x04\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */ + +#define MBEDTLS_OID_DIGEST_ALG_SHA384 MBEDTLS_OID_GOV "\x03\x04\x02\x02" /**< id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 2 } */ + +#define MBEDTLS_OID_DIGEST_ALG_SHA512 MBEDTLS_OID_GOV "\x03\x04\x02\x03" /**< id-mbedtls_sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 3 } */ + +#define MBEDTLS_OID_HMAC_SHA1 MBEDTLS_OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */ + +/* + * Encryption algorithms + */ +#define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */ +#define MBEDTLS_OID_DES_EDE3_CBC MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */ + +/* + * PKCS#5 OIDs + */ +#define MBEDTLS_OID_PKCS5_PBKDF2 MBEDTLS_OID_PKCS5 "\x0c" /**< id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12} */ +#define MBEDTLS_OID_PKCS5_PBES2 MBEDTLS_OID_PKCS5 "\x0d" /**< id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13} */ +#define MBEDTLS_OID_PKCS5_PBMAC1 MBEDTLS_OID_PKCS5 "\x0e" /**< id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14} */ + +/* + * PKCS#5 PBES1 algorithms + */ +#define MBEDTLS_OID_PKCS5_PBE_MD2_DES_CBC MBEDTLS_OID_PKCS5 "\x01" /**< pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1} */ +#define MBEDTLS_OID_PKCS5_PBE_MD2_RC2_CBC MBEDTLS_OID_PKCS5 "\x04" /**< pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4} */ +#define MBEDTLS_OID_PKCS5_PBE_MD5_DES_CBC MBEDTLS_OID_PKCS5 "\x03" /**< pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3} */ +#define MBEDTLS_OID_PKCS5_PBE_MD5_RC2_CBC MBEDTLS_OID_PKCS5 "\x06" /**< pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6} */ +#define MBEDTLS_OID_PKCS5_PBE_SHA1_DES_CBC MBEDTLS_OID_PKCS5 "\x0a" /**< pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10} */ +#define MBEDTLS_OID_PKCS5_PBE_SHA1_RC2_CBC MBEDTLS_OID_PKCS5 "\x0b" /**< pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11} */ + +/* + * PKCS#8 OIDs + */ +#define MBEDTLS_OID_PKCS9_CSR_EXT_REQ MBEDTLS_OID_PKCS9 "\x0e" /**< extensionRequest OBJECT IDENTIFIER ::= {pkcs-9 14} */ + +/* + * PKCS#12 PBE OIDs + */ +#define MBEDTLS_OID_PKCS12_PBE MBEDTLS_OID_PKCS12 "\x01" /**< pkcs-12PbeIds OBJECT IDENTIFIER ::= {pkcs-12 1} */ + +#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128 MBEDTLS_OID_PKCS12_PBE "\x01" /**< pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1} */ +#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_40 MBEDTLS_OID_PKCS12_PBE "\x02" /**< pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2} */ +#define MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC MBEDTLS_OID_PKCS12_PBE "\x03" /**< pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3} */ +#define MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC MBEDTLS_OID_PKCS12_PBE "\x04" /**< pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4} */ +#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_128_CBC MBEDTLS_OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */ +#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_40_CBC MBEDTLS_OID_PKCS12_PBE "\x06" /**< pbeWithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6} */ + +/* + * EC key algorithms from RFC 5480 + */ + +/* id-ecPublicKey OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } */ +#define MBEDTLS_OID_EC_ALG_UNRESTRICTED MBEDTLS_OID_ANSI_X9_62 "\x02\01" + +/* id-ecDH OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) + * schemes(1) ecdh(12) } */ +#define MBEDTLS_OID_EC_ALG_ECDH MBEDTLS_OID_CERTICOM "\x01\x0c" + +/* + * ECParameters namedCurve identifiers, from RFC 5480, RFC 5639, and SEC2 + */ + +/* secp192r1 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 1 } */ +#define MBEDTLS_OID_EC_GRP_SECP192R1 MBEDTLS_OID_ANSI_X9_62 "\x03\x01\x01" + +/* secp224r1 OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) 33 } */ +#define MBEDTLS_OID_EC_GRP_SECP224R1 MBEDTLS_OID_CERTICOM "\x00\x21" + +/* secp256r1 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 7 } */ +#define MBEDTLS_OID_EC_GRP_SECP256R1 MBEDTLS_OID_ANSI_X9_62 "\x03\x01\x07" + +/* secp384r1 OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) 34 } */ +#define MBEDTLS_OID_EC_GRP_SECP384R1 MBEDTLS_OID_CERTICOM "\x00\x22" + +/* secp521r1 OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) 35 } */ +#define MBEDTLS_OID_EC_GRP_SECP521R1 MBEDTLS_OID_CERTICOM "\x00\x23" + +/* secp192k1 OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) 31 } */ +#define MBEDTLS_OID_EC_GRP_SECP192K1 MBEDTLS_OID_CERTICOM "\x00\x1f" + +/* secp224k1 OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) 32 } */ +#define MBEDTLS_OID_EC_GRP_SECP224K1 MBEDTLS_OID_CERTICOM "\x00\x20" + +/* secp256k1 OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) 10 } */ +#define MBEDTLS_OID_EC_GRP_SECP256K1 MBEDTLS_OID_CERTICOM "\x00\x0a" + +/* RFC 5639 4.1 + * ecStdCurvesAndGeneration OBJECT IDENTIFIER::= {iso(1) + * identified-organization(3) teletrust(36) algorithm(3) signature- + * algorithm(3) ecSign(2) 8} + * ellipticCurve OBJECT IDENTIFIER ::= {ecStdCurvesAndGeneration 1} + * versionOne OBJECT IDENTIFIER ::= {ellipticCurve 1} */ +#define MBEDTLS_OID_EC_BRAINPOOL_V1 MBEDTLS_OID_TELETRUST "\x03\x03\x02\x08\x01\x01" + +/* brainpoolP256r1 OBJECT IDENTIFIER ::= {versionOne 7} */ +#define MBEDTLS_OID_EC_GRP_BP256R1 MBEDTLS_OID_EC_BRAINPOOL_V1 "\x07" + +/* brainpoolP384r1 OBJECT IDENTIFIER ::= {versionOne 11} */ +#define MBEDTLS_OID_EC_GRP_BP384R1 MBEDTLS_OID_EC_BRAINPOOL_V1 "\x0B" + +/* brainpoolP512r1 OBJECT IDENTIFIER ::= {versionOne 13} */ +#define MBEDTLS_OID_EC_GRP_BP512R1 MBEDTLS_OID_EC_BRAINPOOL_V1 "\x0D" + +/* + * SEC1 C.1 + * + * prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 } + * id-fieldType OBJECT IDENTIFIER ::= { ansi-X9-62 fieldType(1)} + */ +#define MBEDTLS_OID_ANSI_X9_62_FIELD_TYPE MBEDTLS_OID_ANSI_X9_62 "\x01" +#define MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD MBEDTLS_OID_ANSI_X9_62_FIELD_TYPE "\x01" + +/* + * ECDSA signature identifiers, from RFC 5480 + */ +#define MBEDTLS_OID_ANSI_X9_62_SIG MBEDTLS_OID_ANSI_X9_62 "\x04" /* signatures(4) */ +#define MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 MBEDTLS_OID_ANSI_X9_62_SIG "\x03" /* ecdsa-with-SHA2(3) */ + +/* ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 1 } */ +#define MBEDTLS_OID_ECDSA_SHA1 MBEDTLS_OID_ANSI_X9_62_SIG "\x01" + +/* ecdsa-with-SHA224 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + * ecdsa-with-SHA2(3) 1 } */ +#define MBEDTLS_OID_ECDSA_SHA224 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x01" + +/* ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + * ecdsa-with-SHA2(3) 2 } */ +#define MBEDTLS_OID_ECDSA_SHA256 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x02" + +/* ecdsa-with-SHA384 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + * ecdsa-with-SHA2(3) 3 } */ +#define MBEDTLS_OID_ECDSA_SHA384 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x03" + +/* ecdsa-with-SHA512 OBJECT IDENTIFIER ::= { + * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) + * ecdsa-with-SHA2(3) 4 } */ +#define MBEDTLS_OID_ECDSA_SHA512 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x04" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Base OID descriptor structure + */ +typedef struct { + const char *asn1; /*!< OID ASN.1 representation */ + size_t asn1_len; /*!< length of asn1 */ + const char *name; /*!< official name (e.g. from RFC) */ + const char *description; /*!< human friendly description */ +} mbedtls_oid_descriptor_t; + +/** + * \brief Translate an ASN.1 OID into its numeric representation + * (e.g. "\x2A\x86\x48\x86\xF7\x0D" into "1.2.840.113549") + * + * \param buf buffer to put representation in + * \param size size of the buffer + * \param oid OID to translate + * + * \return Length of the string written (excluding final NULL) or + * MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error + */ +int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid ); + +#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) +/** + * \brief Translate an X.509 extension OID into local values + * + * \param oid OID to use + * \param ext_type place to store the extension type + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type ); +#endif + +/** + * \brief Translate an X.509 attribute type OID into the short name + * (e.g. the OID for an X520 Common Name into "CN") + * + * \param oid OID to use + * \param short_name place to store the string pointer + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **short_name ); + +/** + * \brief Translate PublicKeyAlgorithm OID into pk_type + * + * \param oid OID to use + * \param pk_alg place to store public key algorithm + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg ); + +/** + * \brief Translate pk_type into PublicKeyAlgorithm OID + * + * \param pk_alg Public key type to look for + * \param oid place to store ASN.1 OID string pointer + * \param olen length of the OID + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg, + const char **oid, size_t *olen ); + +#if defined(MBEDTLS_ECP_C) +/** + * \brief Translate NamedCurve OID into an EC group identifier + * + * \param oid OID to use + * \param grp_id place to store group id + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id ); + +/** + * \brief Translate EC group identifier into NamedCurve OID + * + * \param grp_id EC group identifier + * \param oid place to store ASN.1 OID string pointer + * \param olen length of the OID + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id, + const char **oid, size_t *olen ); +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_MD_C) +/** + * \brief Translate SignatureAlgorithm OID into md_type and pk_type + * + * \param oid OID to use + * \param md_alg place to store message digest algorithm + * \param pk_alg place to store public key algorithm + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid, + mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg ); + +/** + * \brief Translate SignatureAlgorithm OID into description + * + * \param oid OID to use + * \param desc place to store string pointer + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc ); + +/** + * \brief Translate md_type and pk_type into SignatureAlgorithm OID + * + * \param md_alg message digest algorithm + * \param pk_alg public key algorithm + * \param oid place to store ASN.1 OID string pointer + * \param olen length of the OID + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, + const char **oid, size_t *olen ); + +/** + * \brief Translate hash algorithm OID into md_type + * + * \param oid OID to use + * \param md_alg place to store message digest algorithm + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg ); +#endif /* MBEDTLS_MD_C */ + +/** + * \brief Translate Extended Key Usage OID into description + * + * \param oid OID to use + * \param desc place to store string pointer + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc ); + +/** + * \brief Translate md_type into hash algorithm OID + * + * \param md_alg message digest algorithm + * \param oid place to store ASN.1 OID string pointer + * \param olen length of the OID + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_t *olen ); + +#if defined(MBEDTLS_CIPHER_C) +/** + * \brief Translate encryption algorithm OID into cipher_type + * + * \param oid OID to use + * \param cipher_alg place to store cipher algorithm + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg ); +#endif /* MBEDTLS_CIPHER_C */ + +#if defined(MBEDTLS_PKCS12_C) +/** + * \brief Translate PKCS#12 PBE algorithm OID into md_type and + * cipher_type + * + * \param oid OID to use + * \param md_alg place to store message digest algorithm + * \param cipher_alg place to store cipher algorithm + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_pkcs12_pbe_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg, + mbedtls_cipher_type_t *cipher_alg ); +#endif /* MBEDTLS_PKCS12_C */ + +#ifdef __cplusplus +} +#endif + +#endif /* oid.h */ diff --git a/ext/mbedtls/include/polarssl/padlock.h b/ext/mbedtls/include/mbedtls/padlock.h similarity index 68% rename from ext/mbedtls/include/polarssl/padlock.h rename to ext/mbedtls/include/mbedtls/padlock.h index c4ac54cb97..6ef0d5a5ed 100644 --- a/ext/mbedtls/include/polarssl/padlock.h +++ b/ext/mbedtls/include/mbedtls/padlock.h @@ -22,40 +22,27 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_PADLOCK_H -#define POLARSSL_PADLOCK_H +#ifndef MBEDTLS_PADLOCK_H +#define MBEDTLS_PADLOCK_H #include "aes.h" -#define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */ +#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */ -#if defined(__has_feature) -#if __has_feature(address_sanitizer) -#define POLARSSL_HAVE_ASAN -#endif -#endif +#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) -/* Some versions of ASan result in errors about not enough registers */ -#if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \ - !defined(POLARSSL_HAVE_ASAN) - -#ifndef POLARSSL_HAVE_X86 -#define POLARSSL_HAVE_X86 +#ifndef MBEDTLS_HAVE_X86 +#define MBEDTLS_HAVE_X86 #endif -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef INT32 int32_t; -#else -#include -#endif +#include -#define PADLOCK_RNG 0x000C -#define PADLOCK_ACE 0x00C0 -#define PADLOCK_PHE 0x0C00 -#define PADLOCK_PMM 0x3000 +#define MBEDTLS_PADLOCK_RNG 0x000C +#define MBEDTLS_PADLOCK_ACE 0x00C0 +#define MBEDTLS_PADLOCK_PHE 0x0C00 +#define MBEDTLS_PADLOCK_PMM 0x3000 -#define PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) x & ~15)) +#define MBEDTLS_PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) x & ~15)) #ifdef __cplusplus extern "C" { @@ -68,19 +55,19 @@ extern "C" { * * \return 1 if CPU has support for the feature, 0 otherwise */ -int padlock_supports( int feature ); +int mbedtls_padlock_has_support( int feature ); /** * \brief PadLock AES-ECB block en(de)cryption * * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT + * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT * \param input 16-byte input block * \param output 16-byte output block * * \return 0 if success, 1 if operation failed */ -int padlock_xcryptecb( aes_context *ctx, +int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, int mode, const unsigned char input[16], unsigned char output[16] ); @@ -89,7 +76,7 @@ int padlock_xcryptecb( aes_context *ctx, * \brief PadLock AES-CBC buffer en(de)cryption * * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT + * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT * \param length length of the input data * \param iv initialization vector (updated after use) * \param input buffer holding the input data @@ -97,7 +84,7 @@ int padlock_xcryptecb( aes_context *ctx, * * \return 0 if success, 1 if operation failed */ -int padlock_xcryptcbc( aes_context *ctx, +int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx, int mode, size_t length, unsigned char iv[16], diff --git a/ext/mbedtls/include/polarssl/pem.h b/ext/mbedtls/include/mbedtls/pem.h similarity index 65% rename from ext/mbedtls/include/polarssl/pem.h rename to ext/mbedtls/include/mbedtls/pem.h index b47e0e9fc5..8a5ed9079b 100644 --- a/ext/mbedtls/include/polarssl/pem.h +++ b/ext/mbedtls/include/mbedtls/pem.h @@ -21,8 +21,8 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_PEM_H -#define POLARSSL_PEM_H +#ifndef MBEDTLS_PEM_H +#define MBEDTLS_PEM_H #include @@ -32,22 +32,22 @@ * PEM data. * \{ */ -#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 /**< No PEM header or footer found. */ -#define POLARSSL_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */ -#define POLARSSL_ERR_PEM_MALLOC_FAILED -0x1180 /**< Failed to allocate memory. */ -#define POLARSSL_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */ -#define POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */ -#define POLARSSL_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */ -#define POLARSSL_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */ -#define POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */ -#define POLARSSL_ERR_PEM_BAD_INPUT_DATA -0x1480 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 /**< No PEM header or footer found. */ +#define MBEDTLS_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */ +#define MBEDTLS_ERR_PEM_ALLOC_FAILED -0x1180 /**< Failed to allocate memory. */ +#define MBEDTLS_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */ +#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */ +#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */ +#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */ +#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */ +#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA -0x1480 /**< Bad input parameters to function. */ /* \} name */ #ifdef __cplusplus extern "C" { #endif -#if defined(POLARSSL_PEM_PARSE_C) +#if defined(MBEDTLS_PEM_PARSE_C) /** * \brief PEM context structure */ @@ -57,14 +57,14 @@ typedef struct size_t buflen; /*!< length of the buffer */ unsigned char *info; /*!< buffer for extra header information */ } -pem_context; +mbedtls_pem_context; /** * \brief PEM context setup * * \param ctx context to be initialized */ -void pem_init( pem_context *ctx ); +void mbedtls_pem_init( mbedtls_pem_context *ctx ); /** * \brief Read a buffer for PEM information and store the resulting @@ -73,13 +73,13 @@ void pem_init( pem_context *ctx ); * \param ctx context to use * \param header header string to seek and expect * \param footer footer string to seek and expect - * \param data source data to look in + * \param data source data to look in (must be nul-terminated) * \param pwd password for decryption (can be NULL) * \param pwdlen length of password * \param use_len destination for total length used (set after header is * correctly read, so unless you get - * POLARSSL_ERR_PEM_BAD_INPUT_DATA or - * POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT, use_len is + * MBEDTLS_ERR_PEM_BAD_INPUT_DATA or + * MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT, use_len is * the length to skip) * * \note Attempts to check password correctness by verifying if @@ -88,7 +88,7 @@ void pem_init( pem_context *ctx ); * * \return 0 on success, or a specific PEM error code */ -int pem_read_buffer( pem_context *ctx, const char *header, const char *footer, +int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer, const unsigned char *data, const unsigned char *pwd, size_t pwdlen, size_t *use_len ); @@ -98,10 +98,10 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer, * * \param ctx context to be freed */ -void pem_free( pem_context *ctx ); -#endif /* POLARSSL_PEM_PARSE_C */ +void mbedtls_pem_free( mbedtls_pem_context *ctx ); +#endif /* MBEDTLS_PEM_PARSE_C */ -#if defined(POLARSSL_PEM_WRITE_C) +#if defined(MBEDTLS_PEM_WRITE_C) /** * \brief Write a buffer of PEM information from a DER encoded * buffer. @@ -115,13 +115,13 @@ void pem_free( pem_context *ctx ); * \param olen total length written / required (if buf_len is not enough) * * \return 0 on success, or a specific PEM or BASE64 error code. On - * POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL olen is the required + * MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL olen is the required * size. */ -int pem_write_buffer( const char *header, const char *footer, +int mbedtls_pem_write_buffer( const char *header, const char *footer, const unsigned char *der_data, size_t der_len, unsigned char *buf, size_t buf_len, size_t *olen ); -#endif /* POLARSSL_PEM_WRITE_C */ +#endif /* MBEDTLS_PEM_WRITE_C */ #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/pk.h b/ext/mbedtls/include/mbedtls/pk.h similarity index 59% rename from ext/mbedtls/include/polarssl/pk.h rename to ext/mbedtls/include/mbedtls/pk.h index 8d9407c417..1e2a293433 100644 --- a/ext/mbedtls/include/polarssl/pk.h +++ b/ext/mbedtls/include/mbedtls/pk.h @@ -22,64 +22,43 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_PK_H -#define POLARSSL_PK_H +#ifndef MBEDTLS_PK_H +#define MBEDTLS_PK_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include "md.h" -#if defined(POLARSSL_RSA_C) +#if defined(MBEDTLS_RSA_C) #include "rsa.h" #endif -#if defined(POLARSSL_ECP_C) +#if defined(MBEDTLS_ECP_C) #include "ecp.h" #endif -#if defined(POLARSSL_ECDSA_C) +#if defined(MBEDTLS_ECDSA_C) #include "ecdsa.h" #endif -#define POLARSSL_ERR_PK_MALLOC_FAILED -0x2F80 /**< Memory alloation failed. */ -#define POLARSSL_ERR_PK_TYPE_MISMATCH -0x2F00 /**< Type mismatch, eg attempt to encrypt with an ECDSA key */ -#define POLARSSL_ERR_PK_BAD_INPUT_DATA -0x2E80 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_PK_FILE_IO_ERROR -0x2E00 /**< Read/write of file failed. */ -#define POLARSSL_ERR_PK_KEY_INVALID_VERSION -0x2D80 /**< Unsupported key version */ -#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT -0x2D00 /**< Invalid key tag or value. */ -#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG -0x2C80 /**< Key algorithm is unsupported (only RSA and EC are supported). */ -#define POLARSSL_ERR_PK_PASSWORD_REQUIRED -0x2C00 /**< Private key password can't be empty. */ -#define POLARSSL_ERR_PK_PASSWORD_MISMATCH -0x2B80 /**< Given private key password does not allow for correct decryption. */ -#define POLARSSL_ERR_PK_INVALID_PUBKEY -0x2B00 /**< The pubkey tag or value is invalid (only RSA and EC are supported). */ -#define POLARSSL_ERR_PK_INVALID_ALG -0x2A80 /**< The algorithm tag or value is invalid. */ -#define POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE -0x2A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */ -#define POLARSSL_ERR_PK_FEATURE_UNAVAILABLE -0x2980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */ -#define POLARSSL_ERR_PK_SIG_LEN_MISMATCH -0x2000 /**< The signature is valid but its length is less than expected. */ - - -#if defined(POLARSSL_RSA_C) -/** - * Quick access to an RSA context inside a PK context. - * - * \warning You must make sure the PK context actually holds an RSA context - * before using this macro! - */ -#define pk_rsa( pk ) ( (rsa_context *) (pk).pk_ctx ) -#endif /* POLARSSL_RSA_C */ - -#if defined(POLARSSL_ECP_C) -/** - * Quick access to an EC context inside a PK context. - * - * \warning You must make sure the PK context actually holds an EC context - * before using this macro! - */ -#define pk_ec( pk ) ( (ecp_keypair *) (pk).pk_ctx ) -#endif /* POLARSSL_ECP_C */ +#define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80 /**< Memory allocation failed. */ +#define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00 /**< Type mismatch, eg attempt to encrypt with an ECDSA key */ +#define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00 /**< Read/write of file failed. */ +#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80 /**< Unsupported key version */ +#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00 /**< Invalid key tag or value. */ +#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80 /**< Key algorithm is unsupported (only RSA and EC are supported). */ +#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00 /**< Private key password can't be empty. */ +#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80 /**< Given private key password does not allow for correct decryption. */ +#define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00 /**< The pubkey tag or value is invalid (only RSA and EC are supported). */ +#define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80 /**< The algorithm tag or value is invalid. */ +#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */ +#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */ +#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 /**< The signature is valid but its length is less than expected. */ #ifdef __cplusplus @@ -90,124 +69,102 @@ extern "C" { * \brief Public key types */ typedef enum { - POLARSSL_PK_NONE=0, - POLARSSL_PK_RSA, - POLARSSL_PK_ECKEY, - POLARSSL_PK_ECKEY_DH, - POLARSSL_PK_ECDSA, - POLARSSL_PK_RSA_ALT, - POLARSSL_PK_RSASSA_PSS, -} pk_type_t; + MBEDTLS_PK_NONE=0, + MBEDTLS_PK_RSA, + MBEDTLS_PK_ECKEY, + MBEDTLS_PK_ECKEY_DH, + MBEDTLS_PK_ECDSA, + MBEDTLS_PK_RSA_ALT, + MBEDTLS_PK_RSASSA_PSS, +} mbedtls_pk_type_t; /** * \brief Options for RSASSA-PSS signature verification. - * See \c rsa_rsassa_pss_verify_ext() + * See \c mbedtls_rsa_rsassa_pss_verify_ext() */ typedef struct { - md_type_t mgf1_hash_id; + mbedtls_md_type_t mgf1_hash_id; int expected_salt_len; -} pk_rsassa_pss_options; +} mbedtls_pk_rsassa_pss_options; /** * \brief Types for interfacing with the debug module */ typedef enum { - POLARSSL_PK_DEBUG_NONE = 0, - POLARSSL_PK_DEBUG_MPI, - POLARSSL_PK_DEBUG_ECP, -} pk_debug_type; + MBEDTLS_PK_DEBUG_NONE = 0, + MBEDTLS_PK_DEBUG_MPI, + MBEDTLS_PK_DEBUG_ECP, +} mbedtls_pk_debug_type; /** * \brief Item to send to the debug module */ typedef struct { - pk_debug_type type; + mbedtls_pk_debug_type type; const char *name; void *value; -} pk_debug_item; +} mbedtls_pk_debug_item; /** Maximum number of item send for debugging, plus 1 */ -#define POLARSSL_PK_DEBUG_MAX_ITEMS 3 +#define MBEDTLS_PK_DEBUG_MAX_ITEMS 3 /** * \brief Public key information and operations */ +typedef struct mbedtls_pk_info_t mbedtls_pk_info_t; + +/** + * \brief Public key container + */ typedef struct { - /** Public key type */ - pk_type_t type; - - /** Type name */ - const char *name; - - /** Get key size in bits */ - size_t (*get_size)( const void * ); - - /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */ - int (*can_do)( pk_type_t type ); + const mbedtls_pk_info_t * pk_info; /**< Public key informations */ + void * pk_ctx; /**< Underlying public key context */ +} mbedtls_pk_context; - /** Verify signature */ - int (*verify_func)( void *ctx, md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ); - - /** Make signature */ - int (*sign_func)( void *ctx, md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - - /** Decrypt message */ - int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - - /** Encrypt message */ - int (*encrypt_func)( void *ctx, const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - - /** Check public-private key pair */ - int (*check_pair_func)( const void *pub, const void *prv ); - - /** Allocate a new context */ - void * (*ctx_alloc_func)( void ); - - /** Free the given context */ - void (*ctx_free_func)( void *ctx ); - - /** Interface with the debug module */ - void (*debug_func)( const void *ctx, pk_debug_item *items ); - -} pk_info_t; +#if defined(MBEDTLS_RSA_C) +/** + * Quick access to an RSA context inside a PK context. + * + * \warning You must make sure the PK context actually holds an RSA context + * before using this function! + */ +static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) +{ + return( (mbedtls_rsa_context *) (pk).pk_ctx ); +} +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECP_C) /** - * \brief Public key container + * Quick access to an EC context inside a PK context. + * + * \warning You must make sure the PK context actually holds an EC context + * before using this function! */ -typedef struct +static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) { - const pk_info_t * pk_info; /**< Public key informations */ - void * pk_ctx; /**< Underlying public key context */ -} pk_context; + return( (mbedtls_ecp_keypair *) (pk).pk_ctx ); +} +#endif /* MBEDTLS_ECP_C */ +#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /** * \brief Types for RSA-alt abstraction */ -typedef int (*pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen, +typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len ); -typedef int (*pk_rsa_alt_sign_func)( void *ctx, +typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, md_type_t md_alg, unsigned int hashlen, + int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ); -typedef size_t (*pk_rsa_alt_key_len_func)( void *ctx ); +typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx ); +#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ /** * \brief Return information associated with the given PK type @@ -216,17 +173,17 @@ typedef size_t (*pk_rsa_alt_key_len_func)( void *ctx ); * * \return The PK info associated with the type or NULL if not found. */ -const pk_info_t *pk_info_from_type( pk_type_t pk_type ); +const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ); /** - * \brief Initialize a pk_context (as NONE) + * \brief Initialize a mbedtls_pk_context (as NONE) */ -void pk_init( pk_context *ctx ); +void mbedtls_pk_init( mbedtls_pk_context *ctx ); /** - * \brief Free a pk_context + * \brief Free a mbedtls_pk_context */ -void pk_free( pk_context *ctx ); +void mbedtls_pk_free( mbedtls_pk_context *ctx ); /** * \brief Initialize a PK context with the information given @@ -236,14 +193,15 @@ void pk_free( pk_context *ctx ); * \param info Information to use * * \return 0 on success, - * POLARSSL_ERR_PK_BAD_INPUT_DATA on invalid input, - * POLARSSL_ERR_PK_MALLOC_FAILED on allocation failure. + * MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input, + * MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. * * \note For contexts holding an RSA-alt key, use - * \c pk_init_ctx_rsa_alt() instead. + * \c mbedtls_pk_setup_rsa_alt() instead. */ -int pk_init_ctx( pk_context *ctx, const pk_info_t *info ); +int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); +#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /** * \brief Initialize an RSA-alt context * @@ -253,15 +211,16 @@ int pk_init_ctx( pk_context *ctx, const pk_info_t *info ); * \param sign_func Signing function * \param key_len_func Function returning key length in bytes * - * \return 0 on success, or POLARSSL_ERR_PK_BAD_INPUT_DATA if the + * \return 0 on success, or MBEDTLS_ERR_PK_BAD_INPUT_DATA if the * context wasn't already initialized as RSA_ALT. * - * \note This function replaces \c pk_init_ctx() for RSA-alt. + * \note This function replaces \c mbedtls_pk_setup() for RSA-alt. */ -int pk_init_ctx_rsa_alt( pk_context *ctx, void * key, - pk_rsa_alt_decrypt_func decrypt_func, - pk_rsa_alt_sign_func sign_func, - pk_rsa_alt_key_len_func key_len_func ); +int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, + mbedtls_pk_rsa_alt_decrypt_func decrypt_func, + mbedtls_pk_rsa_alt_sign_func sign_func, + mbedtls_pk_rsa_alt_key_len_func key_len_func ); +#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ /** * \brief Get the size in bits of the underlying key @@ -270,7 +229,7 @@ int pk_init_ctx_rsa_alt( pk_context *ctx, void * key, * * \return Key size in bits, or 0 on error */ -size_t pk_get_size( const pk_context *ctx ); +size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ); /** * \brief Get the length in bytes of the underlying key @@ -278,9 +237,9 @@ size_t pk_get_size( const pk_context *ctx ); * * \return Key length in bytes, or 0 on error */ -static inline size_t pk_get_len( const pk_context *ctx ) +static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx ) { - return( ( pk_get_size( ctx ) + 7 ) / 8 ); + return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 ); } /** @@ -292,7 +251,7 @@ static inline size_t pk_get_len( const pk_context *ctx ) * \return 0 if context can't do the operations, * 1 otherwise. */ -int pk_can_do( pk_context *ctx, pk_type_t type ); +int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ); /** * \brief Verify signature (including padding if relevant). @@ -305,20 +264,20 @@ int pk_can_do( pk_context *ctx, pk_type_t type ); * \param sig_len Signature length * * \return 0 on success (signature is valid), - * POLARSSL_ERR_PK_SIG_LEN_MISMATCH if the signature is + * MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if the signature is * valid but its actual length is less than sig_len, * or a specific error code. * * \note For RSA keys, the default padding type is PKCS#1 v1.5. - * Use \c pk_verify_ext( POLARSSL_PK_RSASSA_PSS, ... ) + * Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... ) * to verify RSASSA_PSS signatures. * * \note If hash_len is 0, then the length associated with md_alg * is used instead, or an error returned if it is invalid. * - * \note md_alg may be POLARSSL_MD_NONE, only if hash_len != 0 + * \note md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0 */ -int pk_verify( pk_context *ctx, md_type_t md_alg, +int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ); @@ -336,23 +295,23 @@ int pk_verify( pk_context *ctx, md_type_t md_alg, * \param sig_len Signature length * * \return 0 on success (signature is valid), - * POLARSSL_ERR_PK_TYPE_MISMATCH if the PK context can't be + * MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be * used for this type of signatures, - * POLARSSL_ERR_PK_SIG_LEN_MISMATCH if the signature is + * MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if the signature is * valid but its actual length is less than sig_len, * or a specific error code. * * \note If hash_len is 0, then the length associated with md_alg * is used instead, or an error returned if it is invalid. * - * \note md_alg may be POLARSSL_MD_NONE, only if hash_len != 0 + * \note md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0 * - * \note If type is POLARSSL_PK_RSASSA_PSS, then options must point - * to a pk_rsassa_pss_options structure, + * \note If type is MBEDTLS_PK_RSASSA_PSS, then options must point + * to a mbedtls_pk_rsassa_pss_options structure, * otherwise it must be NULL. */ -int pk_verify_ext( pk_type_t type, const void *options, - pk_context *ctx, md_type_t md_alg, +int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, + mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ); @@ -377,9 +336,10 @@ int pk_verify_ext( pk_type_t type, const void *options, * \note If hash_len is 0, then the length associated with md_alg * is used instead, or an error returned if it is invalid. * - * \note md_alg may be POLARSSL_MD_NONE, only if hash_len != 0 + * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0. + * For ECDSA, md_alg may never be MBEDTLS_MD_NONE. */ -int pk_sign( pk_context *ctx, md_type_t md_alg, +int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -400,7 +360,7 @@ int pk_sign( pk_context *ctx, md_type_t md_alg, * * \return 0 on success, or a specific error code. */ -int pk_decrypt( pk_context *ctx, +int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -421,7 +381,7 @@ int pk_decrypt( pk_context *ctx, * * \return 0 on success, or a specific error code. */ -int pk_encrypt( pk_context *ctx, +int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); @@ -432,9 +392,9 @@ int pk_encrypt( pk_context *ctx, * \param pub Context holding a public key. * \param prv Context holding a private (and public) key. * - * \return 0 on success or POLARSSL_ERR_PK_BAD_INPUT_DATA + * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA */ -int pk_check_pair( const pk_context *pub, const pk_context *prv ); +int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ); /** * \brief Export debug information @@ -442,9 +402,9 @@ int pk_check_pair( const pk_context *pub, const pk_context *prv ); * \param ctx Context to use * \param items Place to write debug items * - * \return 0 on success or POLARSSL_ERR_PK_BAD_INPUT_DATA + * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA */ -int pk_debug( const pk_context *ctx, pk_debug_item *items ); +int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items ); /** * \brief Access the type name @@ -453,60 +413,62 @@ int pk_debug( const pk_context *ctx, pk_debug_item *items ); * * \return Type name on success, or "invalid PK" */ -const char * pk_get_name( const pk_context *ctx ); +const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx ); /** * \brief Get the key type * * \param ctx Context to use * - * \return Type on success, or POLARSSL_PK_NONE + * \return Type on success, or MBEDTLS_PK_NONE */ -pk_type_t pk_get_type( const pk_context *ctx ); +mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); -#if defined(POLARSSL_PK_PARSE_C) +#if defined(MBEDTLS_PK_PARSE_C) /** \ingroup pk_module */ /** - * \brief Parse a private key + * \brief Parse a private key in PEM or DER format * * \param ctx key to be initialized * \param key input buffer * \param keylen size of the buffer + * (including the terminating null byte for PEM data) * \param pwd password for decryption (optional) * \param pwdlen size of the password * * \note On entry, ctx must be empty, either freshly initialised - * with pk_init() or reset with pk_free(). If you need a - * specific key type, check the result with pk_can_do(). + * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a + * specific key type, check the result with mbedtls_pk_can_do(). * * \note The key is also checked for correctness. * * \return 0 if successful, or a specific PK or PEM error code */ -int pk_parse_key( pk_context *ctx, +int mbedtls_pk_parse_key( mbedtls_pk_context *ctx, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen ); /** \ingroup pk_module */ /** - * \brief Parse a public key + * \brief Parse a public key in PEM or DER format * * \param ctx key to be initialized * \param key input buffer * \param keylen size of the buffer + * (including the terminating null byte for PEM data) * * \note On entry, ctx must be empty, either freshly initialised - * with pk_init() or reset with pk_free(). If you need a - * specific key type, check the result with pk_can_do(). + * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a + * specific key type, check the result with mbedtls_pk_can_do(). * * \note The key is also checked for correctness. * * \return 0 if successful, or a specific PK or PEM error code */ -int pk_parse_public_key( pk_context *ctx, +int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, const unsigned char *key, size_t keylen ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /** \ingroup pk_module */ /** * \brief Load and parse a private key @@ -516,14 +478,14 @@ int pk_parse_public_key( pk_context *ctx, * \param password password to decrypt the file (can be NULL) * * \note On entry, ctx must be empty, either freshly initialised - * with pk_init() or reset with pk_free(). If you need a - * specific key type, check the result with pk_can_do(). + * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a + * specific key type, check the result with mbedtls_pk_can_do(). * * \note The key is also checked for correctness. * * \return 0 if successful, or a specific PK or PEM error code */ -int pk_parse_keyfile( pk_context *ctx, +int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, const char *path, const char *password ); /** \ingroup pk_module */ @@ -534,18 +496,18 @@ int pk_parse_keyfile( pk_context *ctx, * \param path filename to read the private key from * * \note On entry, ctx must be empty, either freshly initialised - * with pk_init() or reset with pk_free(). If you need a - * specific key type, check the result with pk_can_do(). + * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a + * specific key type, check the result with mbedtls_pk_can_do(). * * \note The key is also checked for correctness. * * \return 0 if successful, or a specific PK or PEM error code */ -int pk_parse_public_keyfile( pk_context *ctx, const char *path ); -#endif /* POLARSSL_FS_IO */ -#endif /* POLARSSL_PK_PARSE_C */ +int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ); +#endif /* MBEDTLS_FS_IO */ +#endif /* MBEDTLS_PK_PARSE_C */ -#if defined(POLARSSL_PK_WRITE_C) +#if defined(MBEDTLS_PK_WRITE_C) /** * \brief Write a private key to a PKCS#1 or SEC1 DER structure * Note: data is written at the end of the buffer! Use the @@ -559,7 +521,7 @@ int pk_parse_public_keyfile( pk_context *ctx, const char *path ); * \return length of data written if successful, or a specific * error code */ -int pk_write_key_der( pk_context *ctx, unsigned char *buf, size_t size ); +int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); /** * \brief Write a public key to a SubjectPublicKeyInfo DER structure @@ -574,9 +536,9 @@ int pk_write_key_der( pk_context *ctx, unsigned char *buf, size_t size ); * \return length of data written if successful, or a specific * error code */ -int pk_write_pubkey_der( pk_context *ctx, unsigned char *buf, size_t size ); +int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); -#if defined(POLARSSL_PEM_WRITE_C) +#if defined(MBEDTLS_PEM_WRITE_C) /** * \brief Write a public key to a PEM string * @@ -584,9 +546,9 @@ int pk_write_pubkey_der( pk_context *ctx, unsigned char *buf, size_t size ); * \param buf buffer to write to * \param size size of the buffer * - * \return 0 successful, or a specific error code + * \return 0 if successful, or a specific error code */ -int pk_write_pubkey_pem( pk_context *ctx, unsigned char *buf, size_t size ); +int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); /** * \brief Write a private key to a PKCS#1 or SEC1 PEM string @@ -595,18 +557,18 @@ int pk_write_pubkey_pem( pk_context *ctx, unsigned char *buf, size_t size ); * \param buf buffer to write to * \param size size of the buffer * - * \return 0 successful, or a specific error code + * \return 0 if successful, or a specific error code */ -int pk_write_key_pem( pk_context *ctx, unsigned char *buf, size_t size ); -#endif /* POLARSSL_PEM_WRITE_C */ -#endif /* POLARSSL_PK_WRITE_C */ +int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); +#endif /* MBEDTLS_PEM_WRITE_C */ +#endif /* MBEDTLS_PK_WRITE_C */ /* * WARNING: Low-level functions. You probably do not want to use these unless * you are certain you do ;) */ -#if defined(POLARSSL_PK_PARSE_C) +#if defined(MBEDTLS_PK_PARSE_C) /** * \brief Parse a SubjectPublicKeyInfo DER structure * @@ -616,11 +578,11 @@ int pk_write_key_pem( pk_context *ctx, unsigned char *buf, size_t size ); * * \return 0 if successful, or a specific PK error code */ -int pk_parse_subpubkey( unsigned char **p, const unsigned char *end, - pk_context *pk ); -#endif /* POLARSSL_PK_PARSE_C */ +int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, + mbedtls_pk_context *pk ); +#endif /* MBEDTLS_PK_PARSE_C */ -#if defined(POLARSSL_PK_WRITE_C) +#if defined(MBEDTLS_PK_WRITE_C) /** * \brief Write a subjectPublicKey to ASN.1 data * Note: function works backwards in data buffer @@ -631,20 +593,20 @@ int pk_parse_subpubkey( unsigned char **p, const unsigned char *end, * * \return the length written or a negative error code */ -int pk_write_pubkey( unsigned char **p, unsigned char *start, - const pk_context *key ); -#endif /* POLARSSL_PK_WRITE_C */ +int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, + const mbedtls_pk_context *key ); +#endif /* MBEDTLS_PK_WRITE_C */ /* * Internal module functions. You probably do not want to use these unless you * know you do. */ -#if defined(POLARSSL_FS_IO) -int pk_load_file( const char *path, unsigned char **buf, size_t *n ); +#if defined(MBEDTLS_FS_IO) +int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); #endif #ifdef __cplusplus } #endif -#endif /* POLARSSL_PK_H */ +#endif /* MBEDTLS_PK_H */ diff --git a/ext/mbedtls/include/mbedtls/pk_internal.h b/ext/mbedtls/include/mbedtls/pk_internal.h new file mode 100644 index 0000000000..f2e0a772b1 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/pk_internal.h @@ -0,0 +1,115 @@ +/** + * \file pk.h + * + * \brief Public Key abstraction layer: wrapper functions + * + * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#ifndef MBEDTLS_PK_WRAP_H +#define MBEDTLS_PK_WRAP_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "pk.h" + +struct mbedtls_pk_info_t +{ + /** Public key type */ + mbedtls_pk_type_t type; + + /** Type name */ + const char *name; + + /** Get key size in bits */ + size_t (*get_bitlen)( const void * ); + + /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */ + int (*can_do)( mbedtls_pk_type_t type ); + + /** Verify signature */ + int (*verify_func)( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len ); + + /** Make signature */ + int (*sign_func)( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + + /** Decrypt message */ + int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + + /** Encrypt message */ + int (*encrypt_func)( void *ctx, const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + + /** Check public-private key pair */ + int (*check_pair_func)( const void *pub, const void *prv ); + + /** Allocate a new context */ + void * (*ctx_alloc_func)( void ); + + /** Free the given context */ + void (*ctx_free_func)( void *ctx ); + + /** Interface with the debug module */ + void (*debug_func)( const void *ctx, mbedtls_pk_debug_item *items ); + +}; +#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) +/* Container for RSA-alt */ +typedef struct +{ + void *key; + mbedtls_pk_rsa_alt_decrypt_func decrypt_func; + mbedtls_pk_rsa_alt_sign_func sign_func; + mbedtls_pk_rsa_alt_key_len_func key_len_func; +} mbedtls_rsa_alt_context; +#endif + +#if defined(MBEDTLS_RSA_C) +extern const mbedtls_pk_info_t mbedtls_rsa_info; +#endif + +#if defined(MBEDTLS_ECP_C) +extern const mbedtls_pk_info_t mbedtls_eckey_info; +extern const mbedtls_pk_info_t mbedtls_eckeydh_info; +#endif + +#if defined(MBEDTLS_ECDSA_C) +extern const mbedtls_pk_info_t mbedtls_ecdsa_info; +#endif + +#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) +extern const mbedtls_pk_info_t mbedtls_rsa_alt_info; +#endif + +#endif /* MBEDTLS_PK_WRAP_H */ diff --git a/ext/mbedtls/include/polarssl/pkcs11.h b/ext/mbedtls/include/mbedtls/pkcs11.h similarity index 65% rename from ext/mbedtls/include/polarssl/pkcs11.h rename to ext/mbedtls/include/mbedtls/pkcs11.h index 18c3370fce..05def7be97 100644 --- a/ext/mbedtls/include/polarssl/pkcs11.h +++ b/ext/mbedtls/include/mbedtls/pkcs11.h @@ -23,28 +23,24 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_PKCS11_H -#define POLARSSL_PKCS11_H +#ifndef MBEDTLS_PKCS11_H +#define MBEDTLS_PKCS11_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PKCS11_C) +#if defined(MBEDTLS_PKCS11_C) #include "x509_crt.h" #include -#if defined(_MSC_VER) && !defined(inline) -#define inline _inline -#else -#if defined(__ARMCC_VERSION) && !defined(inline) +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && !defined(inline) #define inline __inline -#endif /* __ARMCC_VERSION */ -#endif /*_MSC_VER */ +#endif #ifdef __cplusplus extern "C" { @@ -56,7 +52,13 @@ extern "C" { typedef struct { pkcs11h_certificate_t pkcs11h_cert; int len; -} pkcs11_context; +} mbedtls_pkcs11_context; + +/** + * Initialize a mbetls_pkcs11_context. + * (Just making memory references valid.) + */ +void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ); /** * Fill in a mbed TLS certificate, based on the given PKCS11 helper certificate. @@ -66,11 +68,11 @@ typedef struct { * * \return 0 on success. */ -int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert ); +int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert ); /** - * Initialise a pkcs11_context, storing the given certificate. Note that the - * pkcs11_context will take over control of the certificate, freeing it when + * Set up a mbedtls_pkcs11_context storing the given certificate. Note that the + * mbedtls_pkcs11_context will take over control of the certificate, freeing it when * done. * * \param priv_key Private key structure to fill. @@ -78,7 +80,7 @@ int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert ); * * \return 0 on success */ -int pkcs11_priv_key_init( pkcs11_context *priv_key, +int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key, pkcs11h_certificate_t pkcs11_cert ); /** @@ -87,26 +89,26 @@ int pkcs11_priv_key_init( pkcs11_context *priv_key, * * \param priv_key Private key structure to cleanup */ -void pkcs11_priv_key_free( pkcs11_context *priv_key ); +void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key ); /** * \brief Do an RSA private key decrypt, then remove the message * padding * * \param ctx PKCS #11 context - * \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature + * \param mode must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature * \param input buffer holding the encrypted data * \param output buffer that will hold the plaintext * \param olen will contain the plaintext length * \param output_max_len maximum length of the output buffer * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code * * \note The output buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * an error is thrown. */ -int pkcs11_decrypt( pkcs11_context *ctx, +int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, @@ -116,21 +118,21 @@ int pkcs11_decrypt( pkcs11_context *ctx, * \brief Do a private RSA to sign a message digest * * \param ctx PKCS #11 context - * \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature - * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) - * \param hashlen message digest length (for POLARSSL_MD_NONE only) + * \param mode must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature + * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for MBEDTLS_MD_NONE only) * \param hash buffer holding the message digest * \param sig buffer that will hold the ciphertext * * \return 0 if the signing operation was successful, - * or an POLARSSL_ERR_RSA_XXX error code + * or an MBEDTLS_ERR_RSA_XXX error code * * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). */ -int pkcs11_sign( pkcs11_context *ctx, +int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ); @@ -138,34 +140,34 @@ int pkcs11_sign( pkcs11_context *ctx, /** * SSL/TLS wrappers for PKCS#11 functions */ -static inline int ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen, +static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len ) { - return pkcs11_decrypt( (pkcs11_context *) ctx, mode, olen, input, output, + return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output, output_max_len ); } -static inline int ssl_pkcs11_sign( void *ctx, +static inline int mbedtls_ssl_pkcs11_sign( void *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, md_type_t md_alg, unsigned int hashlen, + int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) { ((void) f_rng); ((void) p_rng); - return pkcs11_sign( (pkcs11_context *) ctx, mode, md_alg, + return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg, hashlen, hash, sig ); } -static inline size_t ssl_pkcs11_key_len( void *ctx ) +static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx ) { - return ( (pkcs11_context *) ctx )->len; + return ( (mbedtls_pkcs11_context *) ctx )->len; } #ifdef __cplusplus } #endif -#endif /* POLARSSL_PKCS11_C */ +#endif /* MBEDTLS_PKCS11_C */ -#endif /* POLARSSL_PKCS11_H */ +#endif /* MBEDTLS_PKCS11_H */ diff --git a/ext/mbedtls/include/polarssl/pkcs12.h b/ext/mbedtls/include/mbedtls/pkcs12.h similarity index 63% rename from ext/mbedtls/include/polarssl/pkcs12.h rename to ext/mbedtls/include/mbedtls/pkcs12.h index cb53fe2472..c5085da328 100644 --- a/ext/mbedtls/include/polarssl/pkcs12.h +++ b/ext/mbedtls/include/mbedtls/pkcs12.h @@ -21,8 +21,8 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_PKCS12_H -#define POLARSSL_PKCS12_H +#ifndef MBEDTLS_PKCS12_H +#define MBEDTLS_PKCS12_H #include "md.h" #include "cipher.h" @@ -30,17 +30,17 @@ #include -#define POLARSSL_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */ -#define POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */ -#define POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */ +#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */ +#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */ +#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */ -#define PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */ -#define PKCS12_DERIVE_IV 2 /**< initialization vector */ -#define PKCS12_DERIVE_MAC_KEY 3 /**< integrity / MAC key */ +#define MBEDTLS_PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */ +#define MBEDTLS_PKCS12_DERIVE_IV 2 /**< initialization vector */ +#define MBEDTLS_PKCS12_DERIVE_MAC_KEY 3 /**< integrity / MAC key */ -#define PKCS12_PBE_DECRYPT 0 -#define PKCS12_PBE_ENCRYPT 1 +#define MBEDTLS_PKCS12_PBE_DECRYPT 0 +#define MBEDTLS_PKCS12_PBE_ENCRYPT 1 #ifdef __cplusplus extern "C" { @@ -51,38 +51,38 @@ extern "C" { * for pbeWithSHAAnd128BitRC4 * * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure - * \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT + * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT * \param pwd the password used (may be NULL if no password is used) * \param pwdlen length of the password (may be 0) * \param input the input data * \param len data length * \param output the output buffer * - * \return 0 if successful, or a POLARSSL_ERR_xxx code + * \return 0 if successful, or a MBEDTLS_ERR_XXX code */ -int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode, +int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, const unsigned char *pwd, size_t pwdlen, const unsigned char *input, size_t len, unsigned char *output ); /** * \brief PKCS12 Password Based function (encryption / decryption) - * for cipher-based and md-based PBE's + * for cipher-based and mbedtls_md-based PBE's * * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure - * \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT + * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT * \param cipher_type the cipher used - * \param md_type the md used + * \param md_type the mbedtls_md used * \param pwd the password used (may be NULL if no password is used) * \param pwdlen length of the password (may be 0) * \param input the input data * \param len data length * \param output the output buffer * - * \return 0 if successful, or a POLARSSL_ERR_xxx code + * \return 0 if successful, or a MBEDTLS_ERR_XXX code */ -int pkcs12_pbe( asn1_buf *pbe_params, int mode, - cipher_type_t cipher_type, md_type_t md_type, +int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, const unsigned char *pwd, size_t pwdlen, const unsigned char *input, size_t len, unsigned char *output ); @@ -101,17 +101,17 @@ int pkcs12_pbe( asn1_buf *pbe_params, int mode, * \param pwdlen length of the password (may be 0) * \param salt salt buffer to use * \param saltlen length of the salt - * \param md md type to use during the derivation - * \param id id that describes the purpose (can be PKCS12_DERIVE_KEY, - * PKCS12_DERIVE_IV or PKCS12_DERIVE_MAC_KEY) + * \param mbedtls_md mbedtls_md type to use during the derivation + * \param id id that describes the purpose (can be MBEDTLS_PKCS12_DERIVE_KEY, + * MBEDTLS_PKCS12_DERIVE_IV or MBEDTLS_PKCS12_DERIVE_MAC_KEY) * \param iterations number of iterations * * \return 0 if successful, or a MD, BIGNUM type error. */ -int pkcs12_derivation( unsigned char *data, size_t datalen, +int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, const unsigned char *pwd, size_t pwdlen, const unsigned char *salt, size_t saltlen, - md_type_t md, int id, int iterations ); + mbedtls_md_type_t mbedtls_md, int id, int iterations ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/pkcs5.h b/ext/mbedtls/include/mbedtls/pkcs5.h similarity index 66% rename from ext/mbedtls/include/polarssl/pkcs5.h rename to ext/mbedtls/include/mbedtls/pkcs5.h index 6a21af10b4..cfd42a2f6c 100644 --- a/ext/mbedtls/include/polarssl/pkcs5.h +++ b/ext/mbedtls/include/mbedtls/pkcs5.h @@ -23,28 +23,22 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_PKCS5_H -#define POLARSSL_PKCS5_H +#ifndef MBEDTLS_PKCS5_H +#define MBEDTLS_PKCS5_H #include "asn1.h" #include "md.h" #include +#include -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif - -#define POLARSSL_ERR_PKCS5_BAD_INPUT_DATA -0x3f80 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_PKCS5_INVALID_FORMAT -0x3f00 /**< Unexpected ASN.1 data. */ -#define POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE -0x3e80 /**< Requested encryption or digest alg not available. */ -#define POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH -0x3e00 /**< Given private key password does not allow for correct decryption. */ +#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00 /**< Unexpected ASN.1 data. */ +#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80 /**< Requested encryption or digest alg not available. */ +#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00 /**< Given private key password does not allow for correct decryption. */ -#define PKCS5_DECRYPT 0 -#define PKCS5_ENCRYPT 1 +#define MBEDTLS_PKCS5_DECRYPT 0 +#define MBEDTLS_PKCS5_ENCRYPT 1 #ifdef __cplusplus extern "C" { @@ -54,16 +48,16 @@ extern "C" { * \brief PKCS#5 PBES2 function * * \param pbe_params the ASN.1 algorithm parameters - * \param mode either PKCS5_DECRYPT or PKCS5_ENCRYPT + * \param mode either MBEDTLS_PKCS5_DECRYPT or MBEDTLS_PKCS5_ENCRYPT * \param pwd password to use when generating key * \param pwdlen length of password * \param data data to process * \param datalen length of data * \param output output buffer * - * \returns 0 on success, or a POLARSSL_ERR_xxx code if verification fails. + * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. */ -int pkcs5_pbes2( asn1_buf *pbe_params, int mode, +int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, const unsigned char *pwd, size_t pwdlen, const unsigned char *data, size_t datalen, unsigned char *output ); @@ -77,12 +71,12 @@ int pkcs5_pbes2( asn1_buf *pbe_params, int mode, * \param salt Salt to use when generating key * \param slen Length of salt * \param iteration_count Iteration count - * \param key_length Length of generated key + * \param key_length Length of generated key in bytes * \param output Generated key. Must be at least as big as key_length * - * \returns 0 on success, or a POLARSSL_ERR_xxx code if verification fails. + * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. */ -int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, +int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password, size_t plen, const unsigned char *salt, size_t slen, unsigned int iteration_count, uint32_t key_length, unsigned char *output ); @@ -92,7 +86,7 @@ int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, * * \return 0 if successful, or 1 if the test failed */ -int pkcs5_self_test( int verbose ); +int mbedtls_pkcs5_self_test( int verbose ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/mbedtls/platform.h b/ext/mbedtls/include/mbedtls/platform.h new file mode 100644 index 0000000000..5dab974fdb --- /dev/null +++ b/ext/mbedtls/include/mbedtls/platform.h @@ -0,0 +1,215 @@ +/** + * \file platform.h + * + * \brief mbed TLS Platform abstraction layer + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_PLATFORM_H +#define MBEDTLS_PLATFORM_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \name SECTION: Module settings + * + * The configuration options you can set for this module are in this section. + * Either change them in config.h or define them on the compiler command line. + * \{ + */ + +#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) +#include +#include +#if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF) +#if defined(_WIN32) +#define MBEDTLS_PLATFORM_STD_SNPRINTF mbedtls_platform_win32_snprintf /**< Default snprintf to use */ +#else +#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use */ +#endif +#endif +#if !defined(MBEDTLS_PLATFORM_STD_PRINTF) +#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use */ +#endif +#if !defined(MBEDTLS_PLATFORM_STD_FPRINTF) +#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use */ +#endif +#if !defined(MBEDTLS_PLATFORM_STD_CALLOC) +#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use */ +#endif +#if !defined(MBEDTLS_PLATFORM_STD_FREE) +#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use */ +#endif +#if !defined(MBEDTLS_PLATFORM_STD_EXIT) +#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default free to use */ +#endif +#else /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ +#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) +#include MBEDTLS_PLATFORM_STD_MEM_HDR +#endif +#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ + +/* \} name SECTION: Module settings */ + +/* + * The function pointers for calloc and free + */ +#if defined(MBEDTLS_PLATFORM_MEMORY) +#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \ + defined(MBEDTLS_PLATFORM_CALLOC_MACRO) +#define mbedtls_free MBEDTLS_PLATFORM_FREE_MACRO +#define mbedtls_calloc MBEDTLS_PLATFORM_CALLOC_MACRO +#else +/* For size_t */ +#include +extern void * (*mbedtls_calloc)( size_t n, size_t size ); +extern void (*mbedtls_free)( void *ptr ); + +/** + * \brief Set your own memory implementation function pointers + * + * \param calloc_func the calloc function implementation + * \param free_func the free function implementation + * + * \return 0 if successful + */ +int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), + void (*free_func)( void * ) ); +#endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */ +#else /* !MBEDTLS_PLATFORM_MEMORY */ +#define mbedtls_free free +#define mbedtls_calloc calloc +#endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,CALLOC}_MACRO */ + +/* + * The function pointers for fprintf + */ +#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) +/* We need FILE * */ +#include +extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... ); + +/** + * \brief Set your own fprintf function pointer + * + * \param fprintf_func the fprintf function implementation + * + * \return 0 + */ +int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *, + ... ) ); +#else +#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) +#define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO +#else +#define mbedtls_fprintf fprintf +#endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */ +#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ + +/* + * The function pointers for printf + */ +#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) +extern int (*mbedtls_printf)( const char *format, ... ); + +/** + * \brief Set your own printf function pointer + * + * \param printf_func the printf function implementation + * + * \return 0 + */ +int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ); +#else /* !MBEDTLS_PLATFORM_PRINTF_ALT */ +#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) +#define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO +#else +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */ +#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ + +/* + * The function pointers for snprintf + * + * The snprintf implementation should conform to C99: + * - it *must* always correctly zero-terminate the buffer + * (except when n == 0, then it must leave the buffer untouched) + * - however it is acceptable to return -1 instead of the required length when + * the destination buffer is too short. + */ +#if defined(_WIN32) +/* For Windows (inc. MSYS2), we provide our own fixed implementation */ +int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ); +#endif + +#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) +extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... ); + +/** + * \brief Set your own snprintf function pointer + * + * \param snprintf_func the snprintf function implementation + * + * \return 0 + */ +int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, + const char * format, ... ) ); +#else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ +#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) +#define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO +#else +#define mbedtls_snprintf snprintf +#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */ +#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ + +/* + * The function pointers for exit + */ +#if defined(MBEDTLS_PLATFORM_EXIT_ALT) +extern void (*mbedtls_exit)( int status ); + +/** + * \brief Set your own exit function pointer + * + * \param exit_func the exit function implementation + * + * \return 0 + */ +int mbedtls_platform_set_exit( void (*exit_func)( int status ) ); +#else +#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) +#define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO +#else +#define mbedtls_exit exit +#endif /* MBEDTLS_PLATFORM_EXIT_MACRO */ +#endif /* MBEDTLS_PLATFORM_EXIT_ALT */ + +#ifdef __cplusplus +} +#endif + +#endif /* platform.h */ diff --git a/ext/mbedtls/include/mbedtls/ripemd160.h b/ext/mbedtls/include/mbedtls/ripemd160.h new file mode 100644 index 0000000000..9013f208ea --- /dev/null +++ b/ext/mbedtls/include/mbedtls/ripemd160.h @@ -0,0 +1,139 @@ +/** + * \file mbedtls_ripemd160.h + * + * \brief RIPE MD-160 message digest + * + * Copyright (C) 2014-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_RIPEMD160_H +#define MBEDTLS_RIPEMD160_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include +#include + +#if !defined(MBEDTLS_RIPEMD160_ALT) +// Regular implementation +// + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief RIPEMD-160 context structure + */ +typedef struct +{ + uint32_t total[2]; /*!< number of bytes processed */ + uint32_t state[5]; /*!< intermediate digest state */ + unsigned char buffer[64]; /*!< data block being processed */ +} +mbedtls_ripemd160_context; + +/** + * \brief Initialize RIPEMD-160 context + * + * \param ctx RIPEMD-160 context to be initialized + */ +void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx ); + +/** + * \brief Clear RIPEMD-160 context + * + * \param ctx RIPEMD-160 context to be cleared + */ +void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx ); + +/** + * \brief Clone (the state of) an RIPEMD-160 context + * + * \param dst The destination context + * \param src The context to be cloned + */ +void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, + const mbedtls_ripemd160_context *src ); + +/** + * \brief RIPEMD-160 context setup + * + * \param ctx context to be initialized + */ +void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx ); + +/** + * \brief RIPEMD-160 process buffer + * + * \param ctx RIPEMD-160 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx, + const unsigned char *input, size_t ilen ); + +/** + * \brief RIPEMD-160 final digest + * + * \param ctx RIPEMD-160 context + * \param output RIPEMD-160 checksum result + */ +void mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, unsigned char output[20] ); + +/* Internal use */ +void mbedtls_ripemd160_process( mbedtls_ripemd160_context *ctx, const unsigned char data[64] ); + +#ifdef __cplusplus +} +#endif + +#else /* MBEDTLS_RIPEMD160_ALT */ +#include "ripemd160.h" +#endif /* MBEDTLS_RIPEMD160_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = RIPEMD-160( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output RIPEMD-160 checksum result + */ +void mbedtls_ripemd160( const unsigned char *input, size_t ilen, + unsigned char output[20] ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int mbedtls_ripemd160_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* mbedtls_ripemd160.h */ diff --git a/ext/mbedtls/include/polarssl/rsa.h b/ext/mbedtls/include/mbedtls/rsa.h similarity index 65% rename from ext/mbedtls/include/polarssl/rsa.h rename to ext/mbedtls/include/mbedtls/rsa.h index e80bb4da08..3898687e0e 100644 --- a/ext/mbedtls/include/polarssl/rsa.h +++ b/ext/mbedtls/include/mbedtls/rsa.h @@ -21,54 +21,54 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_RSA_H -#define POLARSSL_RSA_H +#ifndef MBEDTLS_RSA_H +#define MBEDTLS_RSA_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include "bignum.h" #include "md.h" -#if defined(POLARSSL_THREADING_C) +#if defined(MBEDTLS_THREADING_C) #include "threading.h" #endif /* * RSA Error codes */ -#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */ -#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */ -#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the library's validity check. */ -#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */ -#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */ -#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */ -#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */ -#define POLARSSL_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */ +#define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */ +#define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */ +#define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the library's validity check. */ +#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */ +#define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */ +#define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */ +#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */ +#define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */ /* * RSA constants */ -#define RSA_PUBLIC 0 -#define RSA_PRIVATE 1 +#define MBEDTLS_RSA_PUBLIC 0 +#define MBEDTLS_RSA_PRIVATE 1 -#define RSA_PKCS_V15 0 -#define RSA_PKCS_V21 1 +#define MBEDTLS_RSA_PKCS_V15 0 +#define MBEDTLS_RSA_PKCS_V21 1 -#define RSA_SIGN 1 -#define RSA_CRYPT 2 +#define MBEDTLS_RSA_SIGN 1 +#define MBEDTLS_RSA_CRYPT 2 -#define RSA_SALT_LEN_ANY -1 +#define MBEDTLS_RSA_SALT_LEN_ANY -1 /* * The above constants may be used even if the RSA module is compile out, * eg for alternative (PKCS#11) RSA implemenations in the PK layers. */ -#if defined(POLARSSL_RSA_C) +#if defined(MBEDTLS_RSA_C) #ifdef __cplusplus extern "C" { @@ -82,47 +82,47 @@ typedef struct int ver; /*!< always 0 */ size_t len; /*!< size(N) in chars */ - mpi N; /*!< public modulus */ - mpi E; /*!< public exponent */ + mbedtls_mpi N; /*!< public modulus */ + mbedtls_mpi E; /*!< public exponent */ - mpi D; /*!< private exponent */ - mpi P; /*!< 1st prime factor */ - mpi Q; /*!< 2nd prime factor */ - mpi DP; /*!< D % (P - 1) */ - mpi DQ; /*!< D % (Q - 1) */ - mpi QP; /*!< 1 / (Q % P) */ + mbedtls_mpi D; /*!< private exponent */ + mbedtls_mpi P; /*!< 1st prime factor */ + mbedtls_mpi Q; /*!< 2nd prime factor */ + mbedtls_mpi DP; /*!< D % (P - 1) */ + mbedtls_mpi DQ; /*!< D % (Q - 1) */ + mbedtls_mpi QP; /*!< 1 / (Q % P) */ - mpi RN; /*!< cached R^2 mod N */ - mpi RP; /*!< cached R^2 mod P */ - mpi RQ; /*!< cached R^2 mod Q */ + mbedtls_mpi RN; /*!< cached R^2 mod N */ + mbedtls_mpi RP; /*!< cached R^2 mod P */ + mbedtls_mpi RQ; /*!< cached R^2 mod Q */ - mpi Vi; /*!< cached blinding value */ - mpi Vf; /*!< cached un-blinding value */ + mbedtls_mpi Vi; /*!< cached blinding value */ + mbedtls_mpi Vf; /*!< cached un-blinding value */ - int padding; /*!< RSA_PKCS_V15 for 1.5 padding and + int padding; /*!< MBEDTLS_RSA_PKCS_V15 for 1.5 padding and RSA_PKCS_v21 for OAEP/PSS */ - int hash_id; /*!< Hash identifier of md_type_t as - specified in the md.h header file + int hash_id; /*!< Hash identifier of mbedtls_md_type_t as + specified in the mbedtls_md.h header file for the EME-OAEP and EMSA-PSS encoding */ -#if defined(POLARSSL_THREADING_C) - threading_mutex_t mutex; /*!< Thread-safety mutex */ +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; /*!< Thread-safety mutex */ #endif } -rsa_context; +mbedtls_rsa_context; /** * \brief Initialize an RSA context * - * Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP + * Note: Set padding to MBEDTLS_RSA_PKCS_V21 for the RSAES-OAEP * encryption scheme and the RSASSA-PSS signature scheme. * * \param ctx RSA context to be initialized - * \param padding RSA_PKCS_V15 or RSA_PKCS_V21 - * \param hash_id RSA_PKCS_V21 hash identifier + * \param padding MBEDTLS_RSA_PKCS_V15 or MBEDTLS_RSA_PKCS_V21 + * \param hash_id MBEDTLS_RSA_PKCS_V21 hash identifier * * \note The hash_id parameter is actually ignored - * when using RSA_PKCS_V15 padding. + * when using MBEDTLS_RSA_PKCS_V15 padding. * * \note Choice of padding mode is strictly enforced for private key * operations, since there might be security concerns in @@ -133,21 +133,21 @@ rsa_context; * \note The chosen hash is always used for OEAP encryption. * For PSS signatures, it's always used for making signatures, * but can be overriden (and always is, if set to - * POLARSSL_MD_NONE) for verifying them. + * MBEDTLS_MD_NONE) for verifying them. */ -void rsa_init( rsa_context *ctx, +void mbedtls_rsa_init( mbedtls_rsa_context *ctx, int padding, int hash_id); /** * \brief Set padding for an already initialized RSA context - * See \c rsa_init() for details. + * See \c mbedtls_rsa_init() for details. * * \param ctx RSA context to be set - * \param padding RSA_PKCS_V15 or RSA_PKCS_V21 - * \param hash_id RSA_PKCS_V21 hash identifier + * \param padding MBEDTLS_RSA_PKCS_V15 or MBEDTLS_RSA_PKCS_V21 + * \param hash_id MBEDTLS_RSA_PKCS_V21 hash identifier */ -void rsa_set_padding( rsa_context *ctx, int padding, int hash_id); +void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int hash_id); /** * \brief Generate an RSA keypair @@ -158,12 +158,12 @@ void rsa_set_padding( rsa_context *ctx, int padding, int hash_id); * \param nbits size of the public key in bits * \param exponent public exponent (e.g., 65537) * - * \note rsa_init() must be called beforehand to setup + * \note mbedtls_rsa_init() must be called beforehand to setup * the RSA context. * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code */ -int rsa_gen_key( rsa_context *ctx, +int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent ); @@ -173,18 +173,18 @@ int rsa_gen_key( rsa_context *ctx, * * \param ctx RSA context to be checked * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code */ -int rsa_check_pubkey( const rsa_context *ctx ); +int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ); /** * \brief Check a private RSA key * * \param ctx RSA context to be checked * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code */ -int rsa_check_privkey( const rsa_context *ctx ); +int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ); /** * \brief Check a public-private RSA key pair. @@ -193,19 +193,18 @@ int rsa_check_privkey( const rsa_context *ctx ); * \param pub RSA context holding the public key * \param prv RSA context holding the private key * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code */ -int rsa_check_pub_priv( const rsa_context *pub, const rsa_context *prv ); +int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, const mbedtls_rsa_context *prv ); /** * \brief Do an RSA public key operation - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx RSA context * \param input input buffer * \param output output buffer * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code * * \note This function does NOT take care of message * padding. Also, be sure to set input[0] = 0 or assure that @@ -214,13 +213,12 @@ int rsa_check_pub_priv( const rsa_context *pub, const rsa_context *prv ); * \note The input and output buffers must be large * enough (eg. 128 bytes if RSA-1024 is used). */ -int rsa_public( rsa_context *ctx, +int mbedtls_rsa_public( mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output ); /** * \brief Do an RSA private key operation - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx RSA context * \param f_rng RNG function (Needed for blinding) @@ -228,12 +226,12 @@ int rsa_public( rsa_context *ctx, * \param input input buffer * \param output output buffer * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code * * \note The input and output buffers must be large * enough (eg. 128 bytes if RSA-1024 is used). */ -int rsa_private( rsa_context *ctx, +int mbedtls_rsa_private( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *input, @@ -243,23 +241,22 @@ int rsa_private( rsa_context *ctx, * \brief Generic wrapper to perform a PKCS#1 encryption using the * mode from the context. Add the message padding, then do an * RSA operation. - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx RSA context * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding - * and RSA_PRIVATE) + * and MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE * \param ilen contains the plaintext length * \param input buffer holding the data to be encrypted * \param output buffer that will hold the ciphertext * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code * * \note The output buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). */ -int rsa_pkcs1_encrypt( rsa_context *ctx, +int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, @@ -268,22 +265,21 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, /** * \brief Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRYPT) - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx RSA context - * \param f_rng RNG function (Needed for padding and RSA_PRIVATE) + * \param f_rng RNG function (Needed for padding and MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE * \param ilen contains the plaintext length * \param input buffer holding the data to be encrypted * \param output buffer that will hold the ciphertext * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code * * \note The output buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). */ -int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, +int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, @@ -292,25 +288,24 @@ int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, /** * \brief Perform a PKCS#1 v2.1 OAEP encryption (RSAES-OAEP-ENCRYPT) - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx RSA context * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding - * and RSA_PRIVATE) + * and MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE * \param label buffer holding the custom label to use * \param label_len contains the label length * \param ilen contains the plaintext length * \param input buffer holding the data to be encrypted * \param output buffer that will hold the ciphertext * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code * * \note The output buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). */ -int rsa_rsaes_oaep_encrypt( rsa_context *ctx, +int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, @@ -323,24 +318,23 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx, * \brief Generic wrapper to perform a PKCS#1 decryption using the * mode from the context. Do an RSA operation, then remove * the message padding - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx RSA context - * \param f_rng RNG function (Only needed for RSA_PRIVATE) + * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE * \param olen will contain the plaintext length * \param input buffer holding the encrypted data * \param output buffer that will hold the plaintext * \param output_max_len maximum length of the output buffer * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code * * \note The output buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * an error is thrown. */ -int rsa_pkcs1_decrypt( rsa_context *ctx, +int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, @@ -350,24 +344,23 @@ int rsa_pkcs1_decrypt( rsa_context *ctx, /** * \brief Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRYPT) - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx RSA context - * \param f_rng RNG function (Only needed for RSA_PRIVATE) + * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE * \param olen will contain the plaintext length * \param input buffer holding the encrypted data * \param output buffer that will hold the plaintext * \param output_max_len maximum length of the output buffer * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code * * \note The output buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * an error is thrown. */ -int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, +int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, @@ -377,12 +370,11 @@ int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, /** * \brief Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYPT) - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx RSA context - * \param f_rng RNG function (Only needed for RSA_PRIVATE) + * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE * \param label buffer holding the custom label to use * \param label_len contains the label length * \param olen will contain the plaintext length @@ -390,13 +382,13 @@ int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, * \param output buffer that will hold the plaintext * \param output_max_len maximum length of the output buffer * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code * * \note The output buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * an error is thrown. */ -int rsa_rsaes_oaep_decrypt( rsa_context *ctx, +int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, @@ -410,32 +402,31 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx, * \brief Generic wrapper to perform a PKCS#1 signature using the * mode from the context. Do a private RSA operation to sign * a message digest - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx RSA context * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for - * RSA_PRIVATE) + * MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE - * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) - * \param hashlen message digest length (for POLARSSL_MD_NONE only) + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE + * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for MBEDTLS_MD_NONE only) * \param hash buffer holding the message digest * \param sig buffer that will hold the ciphertext * * \return 0 if the signing operation was successful, - * or an POLARSSL_ERR_RSA_XXX error code + * or an MBEDTLS_ERR_RSA_XXX error code * * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). * * \note In case of PKCS#1 v2.1 encoding, see comments on - * \note \c rsa_rsassa_pss_sign() for details on md_alg and hash_id. + * \note \c mbedtls_rsa_rsassa_pss_sign() for details on md_alg and hash_id. */ -int rsa_pkcs1_sign( rsa_context *ctx, +int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ); @@ -444,45 +435,44 @@ int rsa_pkcs1_sign( rsa_context *ctx, * \brief Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN) * * \param ctx RSA context - * \param f_rng RNG function (Only needed for RSA_PRIVATE) + * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE - * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) - * \param hashlen message digest length (for POLARSSL_MD_NONE only) + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE + * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for MBEDTLS_MD_NONE only) * \param hash buffer holding the message digest * \param sig buffer that will hold the ciphertext * * \return 0 if the signing operation was successful, - * or an POLARSSL_ERR_RSA_XXX error code + * or an MBEDTLS_ERR_RSA_XXX error code * * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). */ -int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, +int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ); /** * \brief Perform a PKCS#1 v2.1 PSS signature (RSASSA-PSS-SIGN) - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx RSA context * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for - * RSA_PRIVATE) + * MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE - * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) - * \param hashlen message digest length (for POLARSSL_MD_NONE only) + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE + * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for MBEDTLS_MD_NONE only) * \param hash buffer holding the message digest * \param sig buffer that will hold the ciphertext * * \return 0 if the signing operation was successful, - * or an POLARSSL_ERR_RSA_XXX error code + * or an MBEDTLS_ERR_RSA_XXX error code * * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). @@ -492,11 +482,11 @@ int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, * that is encoded. According to RFC 3447 it is advised to * keep both hashes the same. */ -int rsa_rsassa_pss_sign( rsa_context *ctx, +int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ); @@ -505,59 +495,57 @@ int rsa_rsassa_pss_sign( rsa_context *ctx, * \brief Generic wrapper to perform a PKCS#1 verification using the * mode from the context. Do a public RSA operation and check * the message digest - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx points to an RSA public key - * \param f_rng RNG function (Only needed for RSA_PRIVATE) + * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE - * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) - * \param hashlen message digest length (for POLARSSL_MD_NONE only) + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE + * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for MBEDTLS_MD_NONE only) * \param hash buffer holding the message digest * \param sig buffer holding the ciphertext * * \return 0 if the verify operation was successful, - * or an POLARSSL_ERR_RSA_XXX error code + * or an MBEDTLS_ERR_RSA_XXX error code * * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). * * \note In case of PKCS#1 v2.1 encoding, see comments on - * \c rsa_rsassa_pss_verify() about md_alg and hash_id. + * \c mbedtls_rsa_rsassa_pss_verify() about md_alg and hash_id. */ -int rsa_pkcs1_verify( rsa_context *ctx, +int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig ); /** * \brief Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY) - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx points to an RSA public key - * \param f_rng RNG function (Only needed for RSA_PRIVATE) + * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE - * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) - * \param hashlen message digest length (for POLARSSL_MD_NONE only) + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE + * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for MBEDTLS_MD_NONE only) * \param hash buffer holding the message digest * \param sig buffer holding the ciphertext * * \return 0 if the verify operation was successful, - * or an POLARSSL_ERR_RSA_XXX error code + * or an MBEDTLS_ERR_RSA_XXX error code * * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). */ -int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, +int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig ); @@ -565,19 +553,18 @@ int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, /** * \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY) * (This is the "simple" version.) - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx points to an RSA public key - * \param f_rng RNG function (Only needed for RSA_PRIVATE) + * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE - * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) - * \param hashlen message digest length (for POLARSSL_MD_NONE only) + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE + * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for MBEDTLS_MD_NONE only) * \param hash buffer holding the message digest * \param sig buffer holding the ciphertext * * \return 0 if the verify operation was successful, - * or an POLARSSL_ERR_RSA_XXX error code + * or an MBEDTLS_ERR_RSA_XXX error code * * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). @@ -588,11 +575,11 @@ int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, * keep both hashes the same. If hash_id in the RSA context is * unset, the md_alg from the function call is used. */ -int rsa_rsassa_pss_verify( rsa_context *ctx, +int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig ); @@ -600,36 +587,35 @@ int rsa_rsassa_pss_verify( rsa_context *ctx, /** * \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY) * (This is the version with "full" options.) - * (Thread-safe if POLARSSL_THREADING_C is enabled) * * \param ctx points to an RSA public key - * \param f_rng RNG function (Only needed for RSA_PRIVATE) + * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE) * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE - * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) - * \param hashlen message digest length (for POLARSSL_MD_NONE only) + * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE + * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data) + * \param hashlen message digest length (for MBEDTLS_MD_NONE only) * \param hash buffer holding the message digest * \param mgf1_hash_id message digest used for mask generation * \param expected_salt_len Length of the salt used in padding, use - * RSA_SALT_LEN_ANY to accept any salt length + * MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length * \param sig buffer holding the ciphertext * * \return 0 if the verify operation was successful, - * or an POLARSSL_ERR_RSA_XXX error code + * or an MBEDTLS_ERR_RSA_XXX error code * * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). * * \note The hash_id in the RSA context is ignored. */ -int rsa_rsassa_pss_verify_ext( rsa_context *ctx, +int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, - md_type_t mgf1_hash_id, + mbedtls_md_type_t mgf1_hash_id, int expected_salt_len, const unsigned char *sig ); @@ -639,29 +625,29 @@ int rsa_rsassa_pss_verify_ext( rsa_context *ctx, * \param dst Destination context * \param src Source context * - * \return O on success, - * POLARSSL_ERR_MPI_MALLOC_FAILED on memory allocation failure + * \return 0 on success, + * MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure */ -int rsa_copy( rsa_context *dst, const rsa_context *src ); +int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ); /** * \brief Free the components of an RSA key * * \param ctx RSA Context to free */ -void rsa_free( rsa_context *ctx ); +void mbedtls_rsa_free( mbedtls_rsa_context *ctx ); /** * \brief Checkup routine * * \return 0 if successful, or 1 if the test failed */ -int rsa_self_test( int verbose ); +int mbedtls_rsa_self_test( int verbose ); #ifdef __cplusplus } #endif -#endif /* POLARSSL_RSA_C */ +#endif /* MBEDTLS_RSA_C */ #endif /* rsa.h */ diff --git a/ext/mbedtls/include/mbedtls/sha1.h b/ext/mbedtls/include/mbedtls/sha1.h new file mode 100644 index 0000000000..e8bd65e388 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/sha1.h @@ -0,0 +1,137 @@ +/** + * \file mbedtls_sha1.h + * + * \brief SHA-1 cryptographic hash function + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_SHA1_H +#define MBEDTLS_SHA1_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include +#include + +#if !defined(MBEDTLS_SHA1_ALT) +// Regular implementation +// + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief SHA-1 context structure + */ +typedef struct +{ + uint32_t total[2]; /*!< number of bytes processed */ + uint32_t state[5]; /*!< intermediate digest state */ + unsigned char buffer[64]; /*!< data block being processed */ +} +mbedtls_sha1_context; + +/** + * \brief Initialize SHA-1 context + * + * \param ctx SHA-1 context to be initialized + */ +void mbedtls_sha1_init( mbedtls_sha1_context *ctx ); + +/** + * \brief Clear SHA-1 context + * + * \param ctx SHA-1 context to be cleared + */ +void mbedtls_sha1_free( mbedtls_sha1_context *ctx ); + +/** + * \brief Clone (the state of) a SHA-1 context + * + * \param dst The destination context + * \param src The context to be cloned + */ +void mbedtls_sha1_clone( mbedtls_sha1_context *dst, + const mbedtls_sha1_context *src ); + +/** + * \brief SHA-1 context setup + * + * \param ctx context to be initialized + */ +void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ); + +/** + * \brief SHA-1 process buffer + * + * \param ctx SHA-1 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief SHA-1 final digest + * + * \param ctx SHA-1 context + * \param output SHA-1 checksum result + */ +void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] ); + +/* Internal use */ +void mbedtls_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] ); + +#ifdef __cplusplus +} +#endif + +#else /* MBEDTLS_SHA1_ALT */ +#include "sha1_alt.h" +#endif /* MBEDTLS_SHA1_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = SHA-1( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output SHA-1 checksum result + */ +void mbedtls_sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int mbedtls_sha1_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* mbedtls_sha1.h */ diff --git a/ext/mbedtls/include/mbedtls/sha256.h b/ext/mbedtls/include/mbedtls/sha256.h new file mode 100644 index 0000000000..0dbc4b256e --- /dev/null +++ b/ext/mbedtls/include/mbedtls/sha256.h @@ -0,0 +1,142 @@ +/** + * \file mbedtls_sha256.h + * + * \brief SHA-224 and SHA-256 cryptographic hash function + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_SHA256_H +#define MBEDTLS_SHA256_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include +#include + +#if !defined(MBEDTLS_SHA256_ALT) +// Regular implementation +// + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief SHA-256 context structure + */ +typedef struct +{ + uint32_t total[2]; /*!< number of bytes processed */ + uint32_t state[8]; /*!< intermediate digest state */ + unsigned char buffer[64]; /*!< data block being processed */ + int is224; /*!< 0 => SHA-256, else SHA-224 */ +} +mbedtls_sha256_context; + +/** + * \brief Initialize SHA-256 context + * + * \param ctx SHA-256 context to be initialized + */ +void mbedtls_sha256_init( mbedtls_sha256_context *ctx ); + +/** + * \brief Clear SHA-256 context + * + * \param ctx SHA-256 context to be cleared + */ +void mbedtls_sha256_free( mbedtls_sha256_context *ctx ); + +/** + * \brief Clone (the state of) a SHA-256 context + * + * \param dst The destination context + * \param src The context to be cloned + */ +void mbedtls_sha256_clone( mbedtls_sha256_context *dst, + const mbedtls_sha256_context *src ); + +/** + * \brief SHA-256 context setup + * + * \param ctx context to be initialized + * \param is224 0 = use SHA256, 1 = use SHA224 + */ +void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ); + +/** + * \brief SHA-256 process buffer + * + * \param ctx SHA-256 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input, + size_t ilen ); + +/** + * \brief SHA-256 final digest + * + * \param ctx SHA-256 context + * \param output SHA-224/256 checksum result + */ +void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] ); + +/* Internal use */ +void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ); + +#ifdef __cplusplus +} +#endif + +#else /* MBEDTLS_SHA256_ALT */ +#include "sha256_alt.h" +#endif /* MBEDTLS_SHA256_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = SHA-256( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output SHA-224/256 checksum result + * \param is224 0 = use SHA256, 1 = use SHA224 + */ +void mbedtls_sha256( const unsigned char *input, size_t ilen, + unsigned char output[32], int is224 ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int mbedtls_sha256_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* mbedtls_sha256.h */ diff --git a/ext/mbedtls/include/mbedtls/sha512.h b/ext/mbedtls/include/mbedtls/sha512.h new file mode 100644 index 0000000000..7e1bc1e33b --- /dev/null +++ b/ext/mbedtls/include/mbedtls/sha512.h @@ -0,0 +1,142 @@ +/** + * \file mbedtls_sha512.h + * + * \brief SHA-384 and SHA-512 cryptographic hash function + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_SHA512_H +#define MBEDTLS_SHA512_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include +#include + +#if !defined(MBEDTLS_SHA512_ALT) +// Regular implementation +// + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief SHA-512 context structure + */ +typedef struct +{ + uint64_t total[2]; /*!< number of bytes processed */ + uint64_t state[8]; /*!< intermediate digest state */ + unsigned char buffer[128]; /*!< data block being processed */ + int is384; /*!< 0 => SHA-512, else SHA-384 */ +} +mbedtls_sha512_context; + +/** + * \brief Initialize SHA-512 context + * + * \param ctx SHA-512 context to be initialized + */ +void mbedtls_sha512_init( mbedtls_sha512_context *ctx ); + +/** + * \brief Clear SHA-512 context + * + * \param ctx SHA-512 context to be cleared + */ +void mbedtls_sha512_free( mbedtls_sha512_context *ctx ); + +/** + * \brief Clone (the state of) a SHA-512 context + * + * \param dst The destination context + * \param src The context to be cloned + */ +void mbedtls_sha512_clone( mbedtls_sha512_context *dst, + const mbedtls_sha512_context *src ); + +/** + * \brief SHA-512 context setup + * + * \param ctx context to be initialized + * \param is384 0 = use SHA512, 1 = use SHA384 + */ +void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ); + +/** + * \brief SHA-512 process buffer + * + * \param ctx SHA-512 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input, + size_t ilen ); + +/** + * \brief SHA-512 final digest + * + * \param ctx SHA-512 context + * \param output SHA-384/512 checksum result + */ +void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] ); + +#ifdef __cplusplus +} +#endif + +#else /* MBEDTLS_SHA512_ALT */ +#include "sha512_alt.h" +#endif /* MBEDTLS_SHA512_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = SHA-512( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output SHA-384/512 checksum result + * \param is384 0 = use SHA512, 1 = use SHA384 + */ +void mbedtls_sha512( const unsigned char *input, size_t ilen, + unsigned char output[64], int is384 ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int mbedtls_sha512_self_test( int verbose ); + +/* Internal use */ +void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ); + +#ifdef __cplusplus +} +#endif + +#endif /* mbedtls_sha512.h */ diff --git a/ext/mbedtls/include/mbedtls/ssl.h b/ext/mbedtls/include/mbedtls/ssl.h new file mode 100644 index 0000000000..b7e361a72c --- /dev/null +++ b/ext/mbedtls/include/mbedtls/ssl.h @@ -0,0 +1,2232 @@ +/** + * \file ssl.h + * + * \brief SSL/TLS functions. + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_SSL_H +#define MBEDTLS_SSL_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "bignum.h" +#include "ecp.h" + +#include "ssl_ciphersuites.h" + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#include "x509_crt.h" +#include "x509_crl.h" +#endif + +#if defined(MBEDTLS_DHM_C) +#include "dhm.h" +#endif + +#if defined(MBEDTLS_ECDH_C) +#include "ecdh.h" +#endif + +#if defined(MBEDTLS_ZLIB_SUPPORT) +#include "zlib.h" +#endif + +#if defined(MBEDTLS_HAVE_TIME) +#include +#endif + +/* For convenience below and in programs */ +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED +#endif + +/* + * SSL Error codes + */ +#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */ +#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ +#define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ +#define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ +#define MBEDTLS_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */ +#define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ +#define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ +#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ +#define MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 /**< Our own certificate(s) is/are too large to send in an SSL message. */ +#define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */ +#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */ +#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ +#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ +#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ +#define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED -0x7800 /**< Verification of our peer failed. */ +#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ +#define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ +#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ +#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ +#define MBEDTLS_ERR_SSL_COMPRESSION_FAILED -0x6F00 /**< Processing of the compression / decompression failed */ +#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ +#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */ +#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ +#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ +#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ +#define MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */ +#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */ +#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */ +#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 /**< DTLS client must retry for hello verification */ +#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /**< A buffer is too small to receive or write a message */ +#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6980 /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */ +#define MBEDTLS_ERR_SSL_WANT_READ -0x6900 /**< Connection requires a read call. */ +#define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 /**< Connection requires a write call. */ +#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */ + +/* + * Various constants + */ +#define MBEDTLS_SSL_MAJOR_VERSION_3 3 +#define MBEDTLS_SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */ +#define MBEDTLS_SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */ +#define MBEDTLS_SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */ +#define MBEDTLS_SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */ + +#define MBEDTLS_SSL_TRANSPORT_STREAM 0 /*!< TLS */ +#define MBEDTLS_SSL_TRANSPORT_DATAGRAM 1 /*!< DTLS */ + +/* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c + * NONE must be zero so that memset()ing structure to zero works */ +#define MBEDTLS_SSL_MAX_FRAG_LEN_NONE 0 /*!< don't use this extension */ +#define MBEDTLS_SSL_MAX_FRAG_LEN_512 1 /*!< MaxFragmentLength 2^9 */ +#define MBEDTLS_SSL_MAX_FRAG_LEN_1024 2 /*!< MaxFragmentLength 2^10 */ +#define MBEDTLS_SSL_MAX_FRAG_LEN_2048 3 /*!< MaxFragmentLength 2^11 */ +#define MBEDTLS_SSL_MAX_FRAG_LEN_4096 4 /*!< MaxFragmentLength 2^12 */ +#define MBEDTLS_SSL_MAX_FRAG_LEN_INVALID 5 /*!< first invalid value */ + +#define MBEDTLS_SSL_IS_CLIENT 0 +#define MBEDTLS_SSL_IS_SERVER 1 + +#define MBEDTLS_SSL_IS_NOT_FALLBACK 0 +#define MBEDTLS_SSL_IS_FALLBACK 1 + +#define MBEDTLS_SSL_EXTENDED_MS_DISABLED 0 +#define MBEDTLS_SSL_EXTENDED_MS_ENABLED 1 + +#define MBEDTLS_SSL_ETM_DISABLED 0 +#define MBEDTLS_SSL_ETM_ENABLED 1 + +#define MBEDTLS_SSL_COMPRESS_NULL 0 +#define MBEDTLS_SSL_COMPRESS_DEFLATE 1 + +#define MBEDTLS_SSL_VERIFY_NONE 0 +#define MBEDTLS_SSL_VERIFY_OPTIONAL 1 +#define MBEDTLS_SSL_VERIFY_REQUIRED 2 +#define MBEDTLS_SSL_VERIFY_UNSET 3 /* Used only for sni_authmode */ + +#define MBEDTLS_SSL_LEGACY_RENEGOTIATION 0 +#define MBEDTLS_SSL_SECURE_RENEGOTIATION 1 + +#define MBEDTLS_SSL_RENEGOTIATION_DISABLED 0 +#define MBEDTLS_SSL_RENEGOTIATION_ENABLED 1 + +#define MBEDTLS_SSL_ANTI_REPLAY_DISABLED 0 +#define MBEDTLS_SSL_ANTI_REPLAY_ENABLED 1 + +#define MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED -1 +#define MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT 16 + +#define MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION 0 +#define MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION 1 +#define MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE 2 + +#define MBEDTLS_SSL_TRUNC_HMAC_DISABLED 0 +#define MBEDTLS_SSL_TRUNC_HMAC_ENABLED 1 +#define MBEDTLS_SSL_TRUNCATED_HMAC_LEN 10 /* 80 bits, rfc 6066 section 7 */ + +#define MBEDTLS_SSL_SESSION_TICKETS_DISABLED 0 +#define MBEDTLS_SSL_SESSION_TICKETS_ENABLED 1 + +#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED 0 +#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED 1 + +#define MBEDTLS_SSL_ARC4_ENABLED 0 +#define MBEDTLS_SSL_ARC4_DISABLED 1 + +#define MBEDTLS_SSL_PRESET_DEFAULT 0 +#define MBEDTLS_SSL_PRESET_SUITEB 2 + +/* + * Default range for DTLS retransmission timer value, in milliseconds. + * RFC 6347 4.2.4.1 says from 1 second to 60 seconds. + */ +#define MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN 1000 +#define MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX 60000 + +/** + * \name SECTION: Module settings + * + * The configuration options you can set for this module are in this section. + * Either change them in config.h or define them on the compiler command line. + * \{ + */ + +#if !defined(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME) +#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ +#endif + +/* + * Size of the input / output buffer. + * Note: the RFC defines the default size of SSL / TLS messages. If you + * change the value here, other clients / servers may not be able to + * communicate with you anymore. Only change this value if you control + * both sides of the connection and have it reduced at both sides, or + * if you're using the Max Fragment Length extension and you know all your + * peers are using it too! + */ +#if !defined(MBEDTLS_SSL_MAX_CONTENT_LEN) +#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ +#endif + +/* \} name SECTION: Module settings */ + +/* + * Length of the verify data for secure renegotiation + */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) +#define MBEDTLS_SSL_VERIFY_DATA_MAX_LEN 36 +#else +#define MBEDTLS_SSL_VERIFY_DATA_MAX_LEN 12 +#endif + +/* + * Signaling ciphersuite values (SCSV) + */ +#define MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */ +#define MBEDTLS_SSL_FALLBACK_SCSV_VALUE 0x5600 /**< draft-ietf-tls-downgrade-scsv-00 */ + +/* + * Supported Signature and Hash algorithms (For TLS 1.2) + * RFC 5246 section 7.4.1.4.1 + */ +#define MBEDTLS_SSL_HASH_NONE 0 +#define MBEDTLS_SSL_HASH_MD5 1 +#define MBEDTLS_SSL_HASH_SHA1 2 +#define MBEDTLS_SSL_HASH_SHA224 3 +#define MBEDTLS_SSL_HASH_SHA256 4 +#define MBEDTLS_SSL_HASH_SHA384 5 +#define MBEDTLS_SSL_HASH_SHA512 6 + +#define MBEDTLS_SSL_SIG_ANON 0 +#define MBEDTLS_SSL_SIG_RSA 1 +#define MBEDTLS_SSL_SIG_ECDSA 3 + +/* + * Client Certificate Types + * RFC 5246 section 7.4.4 plus RFC 4492 section 5.5 + */ +#define MBEDTLS_SSL_CERT_TYPE_RSA_SIGN 1 +#define MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN 64 + +/* + * Message, alert and handshake types + */ +#define MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC 20 +#define MBEDTLS_SSL_MSG_ALERT 21 +#define MBEDTLS_SSL_MSG_HANDSHAKE 22 +#define MBEDTLS_SSL_MSG_APPLICATION_DATA 23 + +#define MBEDTLS_SSL_ALERT_LEVEL_WARNING 1 +#define MBEDTLS_SSL_ALERT_LEVEL_FATAL 2 + +#define MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY 0 /* 0x00 */ +#define MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10 /* 0x0A */ +#define MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC 20 /* 0x14 */ +#define MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED 21 /* 0x15 */ +#define MBEDTLS_SSL_ALERT_MSG_RECORD_OVERFLOW 22 /* 0x16 */ +#define MBEDTLS_SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30 /* 0x1E */ +#define MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE 40 /* 0x28 */ +#define MBEDTLS_SSL_ALERT_MSG_NO_CERT 41 /* 0x29 */ +#define MBEDTLS_SSL_ALERT_MSG_BAD_CERT 42 /* 0x2A */ +#define MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 43 /* 0x2B */ +#define MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED 44 /* 0x2C */ +#define MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED 45 /* 0x2D */ +#define MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN 46 /* 0x2E */ +#define MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER 47 /* 0x2F */ +#define MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA 48 /* 0x30 */ +#define MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED 49 /* 0x31 */ +#define MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR 50 /* 0x32 */ +#define MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR 51 /* 0x33 */ +#define MBEDTLS_SSL_ALERT_MSG_EXPORT_RESTRICTION 60 /* 0x3C */ +#define MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION 70 /* 0x46 */ +#define MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71 /* 0x47 */ +#define MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR 80 /* 0x50 */ +#define MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK 86 /* 0x56 */ +#define MBEDTLS_SSL_ALERT_MSG_USER_CANCELED 90 /* 0x5A */ +#define MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION 100 /* 0x64 */ +#define MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */ +#define MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME 112 /* 0x70 */ +#define MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY 115 /* 0x73 */ +#define MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL 120 /* 0x78 */ + +#define MBEDTLS_SSL_HS_HELLO_REQUEST 0 +#define MBEDTLS_SSL_HS_CLIENT_HELLO 1 +#define MBEDTLS_SSL_HS_SERVER_HELLO 2 +#define MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST 3 +#define MBEDTLS_SSL_HS_NEW_SESSION_TICKET 4 +#define MBEDTLS_SSL_HS_CERTIFICATE 11 +#define MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE 12 +#define MBEDTLS_SSL_HS_CERTIFICATE_REQUEST 13 +#define MBEDTLS_SSL_HS_SERVER_HELLO_DONE 14 +#define MBEDTLS_SSL_HS_CERTIFICATE_VERIFY 15 +#define MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE 16 +#define MBEDTLS_SSL_HS_FINISHED 20 + +/* + * TLS extensions + */ +#define MBEDTLS_TLS_EXT_SERVERNAME 0 +#define MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME 0 + +#define MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH 1 + +#define MBEDTLS_TLS_EXT_TRUNCATED_HMAC 4 + +#define MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10 +#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS 11 + +#define MBEDTLS_TLS_EXT_SIG_ALG 13 + +#define MBEDTLS_TLS_EXT_ALPN 16 + +#define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */ +#define MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET 0x0017 /* 23 */ + +#define MBEDTLS_TLS_EXT_SESSION_TICKET 35 + +#define MBEDTLS_TLS_EXT_RENEGOTIATION_INFO 0xFF01 + +/* + * Size defines + */ +#if !defined(MBEDTLS_PSK_MAX_LEN) +#define MBEDTLS_PSK_MAX_LEN 32 /* 256 bits */ +#endif + +/* Dummy type used only for its size */ +union mbedtls_ssl_premaster_secret +{ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + unsigned char _pms_dhm[MBEDTLS_MPI_MAX_SIZE]; /* RFC 5246 8.1.2 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + unsigned char _pms_ecdh[MBEDTLS_ECP_MAX_BYTES]; /* RFC 4492 5.10 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + unsigned char _pms_psk[4 + 2 * MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 2 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + unsigned char _pms_dhe_psk[4 + MBEDTLS_MPI_MAX_SIZE + + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + unsigned char _pms_rsa_psk[52 + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 4 */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + unsigned char _pms_ecdhe_psk[4 + MBEDTLS_ECP_MAX_BYTES + + MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */ +#endif +}; + +#define MBEDTLS_PREMASTER_SIZE sizeof( union mbedtls_ssl_premaster_secret ) + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * SSL state machine + */ +typedef enum +{ + MBEDTLS_SSL_HELLO_REQUEST, + MBEDTLS_SSL_CLIENT_HELLO, + MBEDTLS_SSL_SERVER_HELLO, + MBEDTLS_SSL_SERVER_CERTIFICATE, + MBEDTLS_SSL_SERVER_KEY_EXCHANGE, + MBEDTLS_SSL_CERTIFICATE_REQUEST, + MBEDTLS_SSL_SERVER_HELLO_DONE, + MBEDTLS_SSL_CLIENT_CERTIFICATE, + MBEDTLS_SSL_CLIENT_KEY_EXCHANGE, + MBEDTLS_SSL_CERTIFICATE_VERIFY, + MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC, + MBEDTLS_SSL_CLIENT_FINISHED, + MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC, + MBEDTLS_SSL_SERVER_FINISHED, + MBEDTLS_SSL_FLUSH_BUFFERS, + MBEDTLS_SSL_HANDSHAKE_WRAPUP, + MBEDTLS_SSL_HANDSHAKE_OVER, + MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET, + MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT, +} +mbedtls_ssl_states; + +/* Defined below */ +typedef struct mbedtls_ssl_session mbedtls_ssl_session; +typedef struct mbedtls_ssl_context mbedtls_ssl_context; +typedef struct mbedtls_ssl_config mbedtls_ssl_config; + +/* Defined in ssl_internal.h */ +typedef struct mbedtls_ssl_transform mbedtls_ssl_transform; +typedef struct mbedtls_ssl_handshake_params mbedtls_ssl_handshake_params; +#if defined(MBEDTLS_X509_CRT_PARSE_C) +typedef struct mbedtls_ssl_key_cert mbedtls_ssl_key_cert; +#endif +#if defined(MBEDTLS_SSL_PROTO_DTLS) +typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item; +#endif + +/* + * This structure is used for storing current session data. + */ +struct mbedtls_ssl_session +{ +#if defined(MBEDTLS_HAVE_TIME) + time_t start; /*!< starting time */ +#endif + int ciphersuite; /*!< chosen ciphersuite */ + int compression; /*!< chosen compression */ + size_t id_len; /*!< session id length */ + unsigned char id[32]; /*!< session identifier */ + unsigned char master[48]; /*!< the master secret */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_crt *peer_cert; /*!< peer X.509 cert chain */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + uint32_t verify_result; /*!< verification result */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) + unsigned char *ticket; /*!< RFC 5077 session ticket */ + size_t ticket_len; /*!< session ticket length */ + uint32_t ticket_lifetime; /*!< ticket lifetime hint */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + unsigned char mfl_code; /*!< MaxFragmentLength negotiated by peer */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + int trunc_hmac; /*!< flag for truncated hmac activation */ +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + int encrypt_then_mac; /*!< flag for EtM activation */ +#endif +}; + +/** + * SSL/TLS configuration to be shared between mbedtls_ssl_context structures. + */ +struct mbedtls_ssl_config +{ + /* Group items by size (largest first) to minimize padding overhead */ + + /* + * Pointers + */ + + const int *ciphersuite_list[4]; /*!< allowed ciphersuites per version */ + + /** Callback for printing debug output */ + void (*f_dbg)(void *, int, const char *, int, const char *); + void *p_dbg; /*!< context for the debug function */ + + /** Callback for getting (pseudo-)random numbers */ + int (*f_rng)(void *, unsigned char *, size_t); + void *p_rng; /*!< context for the RNG function */ + + /** Callback to retrieve a session from the cache */ + int (*f_get_cache)(void *, mbedtls_ssl_session *); + /** Callback to store a session into the cache */ + int (*f_set_cache)(void *, const mbedtls_ssl_session *); + void *p_cache; /*!< context for cache callbacks */ + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + /** Callback for setting cert according to SNI extension */ + int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t); + void *p_sni; /*!< context for SNI callback */ +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + /** Callback to customize X.509 certificate chain verification */ + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *); + void *p_vrfy; /*!< context for X.509 verify calllback */ +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + /** Callback to retrieve PSK key from identity */ + int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t); + void *p_psk; /*!< context for PSK callback */ +#endif + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) + /** Callback to create & write a cookie for ClientHello veirifcation */ + int (*f_cookie_write)( void *, unsigned char **, unsigned char *, + const unsigned char *, size_t ); + /** Callback to verify validity of a ClientHello cookie */ + int (*f_cookie_check)( void *, const unsigned char *, size_t, + const unsigned char *, size_t ); + void *p_cookie; /*!< context for the cookie callbacks */ +#endif + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) + /** Callback to create & write a session ticket */ + int (*f_ticket_write)( void *, const mbedtls_ssl_session *, + unsigned char *, const unsigned char *, size_t *, uint32_t * ); + /** Callback to parse a session ticket into a session structure */ + int (*f_ticket_parse)( void *, mbedtls_ssl_session *, unsigned char *, size_t); + void *p_ticket; /*!< context for the ticket callbacks */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + const mbedtls_x509_crt_profile *cert_profile; /*!< verification profile */ + mbedtls_ssl_key_cert *key_cert; /*!< own certificate/key pair(s) */ + mbedtls_x509_crt *ca_chain; /*!< trusted CAs */ + mbedtls_x509_crl *ca_crl; /*!< trusted CAs CRLs */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED) + const int *sig_hashes; /*!< allowed signature hashes */ +#endif + +#if defined(MBEDTLS_ECP_C) + const mbedtls_ecp_group_id *curve_list; /*!< allowed curves */ +#endif + +#if defined(MBEDTLS_DHM_C) + mbedtls_mpi dhm_P; /*!< prime modulus for DHM */ + mbedtls_mpi dhm_G; /*!< generator for DHM */ +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + unsigned char *psk; /*!< pre-shared key */ + size_t psk_len; /*!< length of the pre-shared key */ + unsigned char *psk_identity; /*!< identity for PSK negotiation */ + size_t psk_identity_len;/*!< length of identity */ +#endif + +#if defined(MBEDTLS_SSL_ALPN) + const char **alpn_list; /*!< ordered list of protocols */ +#endif + + /* + * Numerical settings (int then char) + */ + + uint32_t read_timeout; /*!< timeout for mbedtls_ssl_read (ms) */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + uint32_t hs_timeout_min; /*!< initial value of the handshake + retransmission timeout (ms) */ + uint32_t hs_timeout_max; /*!< maximum value of the handshake + retransmission timeout (ms) */ +#endif + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + int renego_max_records; /*!< grace period for renegotiation */ + unsigned char renego_period[8]; /*!< value of the record counters + that triggers renegotiation */ +#endif + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) + unsigned int badmac_limit; /*!< limit of records with a bad MAC */ +#endif + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) + unsigned int dhm_min_bitlen; /*!< min. bit length of the DHM prime */ +#endif + + unsigned char max_major_ver; /*!< max. major version used */ + unsigned char max_minor_ver; /*!< max. minor version used */ + unsigned char min_major_ver; /*!< min. major version used */ + unsigned char min_minor_ver; /*!< min. minor version used */ + + /* + * Flags (bitfields) + */ + + unsigned int endpoint : 1; /*!< 0: client, 1: server */ + unsigned int transport : 1; /*!< stream (TLS) or datagram (DTLS) */ + unsigned int authmode : 2; /*!< MBEDTLS_SSL_VERIFY_XXX */ + /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE */ + unsigned int allow_legacy_renegotiation : 2 ; /*!< MBEDTLS_LEGACY_XXX */ +#if defined(MBEDTLS_ARC4_C) + unsigned int arc4_disabled : 1; /*!< blacklist RC4 ciphersuites? */ +#endif +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + unsigned int mfl_code : 3; /*!< desired fragment length */ +#endif +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + unsigned int encrypt_then_mac : 1 ; /*!< negotiate encrypt-then-mac? */ +#endif +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + unsigned int extended_ms : 1; /*!< negotiate extended master secret? */ +#endif +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + unsigned int anti_replay : 1; /*!< detect and prevent replay? */ +#endif +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + unsigned int cbc_record_splitting : 1; /*!< do cbc record splitting */ +#endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) + unsigned int disable_renegotiation : 1; /*!< disable renegotiation? */ +#endif +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + unsigned int trunc_hmac : 1; /*!< negotiate truncated hmac? */ +#endif +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + unsigned int session_tickets : 1; /*!< use session tickets? */ +#endif +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) + unsigned int fallback : 1; /*!< is this a fallback? */ +#endif +}; + + +struct mbedtls_ssl_context +{ + const mbedtls_ssl_config *conf; /*!< configuration information */ + + /* + * Miscellaneous + */ + int state; /*!< SSL handshake: current state */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + int renego_status; /*!< Initial, in progress, pending? */ + int renego_records_seen; /*!< Records since renego request, or with DTLS, + number of retransmissions of request if + renego_max_records is < 0 */ +#endif + + int major_ver; /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */ + int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */ + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) + unsigned badmac_seen; /*!< records with a bad MAC received */ +#endif + + /* + * Callbacks + */ + int (*f_send)(void *, const unsigned char *, size_t); + int (*f_recv)(void *, unsigned char *, size_t); + int (*f_recv_timeout)(void *, unsigned char *, size_t, uint32_t); + void *p_bio; /*!< context for I/O operations */ + + /* + * Session layer + */ + mbedtls_ssl_session *session_in; /*!< current session data (in) */ + mbedtls_ssl_session *session_out; /*!< current session data (out) */ + mbedtls_ssl_session *session; /*!< negotiated session data */ + mbedtls_ssl_session *session_negotiate; /*!< session data in negotiation */ + + mbedtls_ssl_handshake_params *handshake; /*!< params required only during + the handshake process */ + + /* + * Record layer transformations + */ + mbedtls_ssl_transform *transform_in; /*!< current transform params (in) */ + mbedtls_ssl_transform *transform_out; /*!< current transform params (in) */ + mbedtls_ssl_transform *transform; /*!< negotiated transform params */ + mbedtls_ssl_transform *transform_negotiate; /*!< transform params in negotiation */ + + /* + * Timers + */ + void *p_timer; /*!< context for the timer callbacks */ + void (*f_set_timer)(void *, uint32_t, uint32_t); /*!< set timer callback */ + int (*f_get_timer)(void *); /*!< get timer callback */ + + /* + * Record layer (incoming data) + */ + unsigned char *in_buf; /*!< input buffer */ + unsigned char *in_ctr; /*!< 64-bit incoming message counter + TLS: maintained by us + DTLS: read from peer */ + unsigned char *in_hdr; /*!< start of record header */ + unsigned char *in_len; /*!< two-bytes message length field */ + unsigned char *in_iv; /*!< ivlen-byte IV */ + unsigned char *in_msg; /*!< message contents (in_iv+ivlen) */ + unsigned char *in_offt; /*!< read offset in application data */ + + int in_msgtype; /*!< record header: message type */ + size_t in_msglen; /*!< record header: message length */ + size_t in_left; /*!< amount of data read so far */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + uint16_t in_epoch; /*!< DTLS epoch for incoming records */ + size_t next_record_offset; /*!< offset of the next record in datagram + (equal to in_left if none) */ +#endif +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + uint64_t in_window_top; /*!< last validated record seq_num */ + uint64_t in_window; /*!< bitmask for replay detection */ +#endif + + size_t in_hslen; /*!< current handshake message length, + including the handshake header */ + int nb_zero; /*!< # of 0-length encrypted messages */ + int record_read; /*!< record is already present */ + + /* + * Record layer (outgoing data) + */ + unsigned char *out_buf; /*!< output buffer */ + unsigned char *out_ctr; /*!< 64-bit outgoing message counter */ + unsigned char *out_hdr; /*!< start of record header */ + unsigned char *out_len; /*!< two-bytes message length field */ + unsigned char *out_iv; /*!< ivlen-byte IV */ + unsigned char *out_msg; /*!< message contents (out_iv+ivlen) */ + + int out_msgtype; /*!< record header: message type */ + size_t out_msglen; /*!< record header: message length */ + size_t out_left; /*!< amount of data not yet written */ + +#if defined(MBEDTLS_ZLIB_SUPPORT) + unsigned char *compress_buf; /*!< zlib data buffer */ +#endif +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + signed char split_done; /*!< current record already splitted? */ +#endif + + /* + * PKI layer + */ + int client_auth; /*!< flag for client auth. */ + + /* + * User settings + */ +#if defined(MBEDTLS_X509_CRT_PARSE_C) + char *hostname; /*!< expected peer CN for verification + (and SNI if available) */ +#endif + +#if defined(MBEDTLS_SSL_ALPN) + const char *alpn_chosen; /*!< negotiated protocol */ +#endif + + /* + * Information for DTLS hello verify + */ +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) + unsigned char *cli_id; /*!< transport-level ID of the client */ + size_t cli_id_len; /*!< length of cli_id */ +#endif + + /* + * Secure renegotiation + */ + /* needed to know when to send extension on server */ + int secure_renegotiation; /*!< does peer support legacy or + secure renegotiation */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + size_t verify_data_len; /*!< length of verify data stored */ + char own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ + char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ +#endif +}; + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + +#define MBEDTLS_SSL_CHANNEL_OUTBOUND 0 +#define MBEDTLS_SSL_CHANNEL_INBOUND 1 + +extern int (*mbedtls_ssl_hw_record_init)(mbedtls_ssl_context *ssl, + const unsigned char *key_enc, const unsigned char *key_dec, + size_t keylen, + const unsigned char *iv_enc, const unsigned char *iv_dec, + size_t ivlen, + const unsigned char *mac_enc, const unsigned char *mac_dec, + size_t maclen); +extern int (*mbedtls_ssl_hw_record_activate)(mbedtls_ssl_context *ssl, int direction); +extern int (*mbedtls_ssl_hw_record_reset)(mbedtls_ssl_context *ssl); +extern int (*mbedtls_ssl_hw_record_write)(mbedtls_ssl_context *ssl); +extern int (*mbedtls_ssl_hw_record_read)(mbedtls_ssl_context *ssl); +extern int (*mbedtls_ssl_hw_record_finish)(mbedtls_ssl_context *ssl); +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ + +/** + * \brief Returns the list of ciphersuites supported by the SSL/TLS module. + * + * \return a statically allocated array of ciphersuites, the last + * entry is 0. + */ +const int *mbedtls_ssl_list_ciphersuites( void ); + +/** + * \brief Return the name of the ciphersuite associated with the + * given ID + * + * \param ciphersuite_id SSL ciphersuite ID + * + * \return a string containing the ciphersuite name + */ +const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ); + +/** + * \brief Return the ID of the ciphersuite associated with the + * given name + * + * \param ciphersuite_name SSL ciphersuite name + * + * \return the ID with the ciphersuite or 0 if not found + */ +int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ); + +/** + * \brief Initialize an SSL context + * Just makes the context ready for mbetls_ssl_setup() or + * mbedtls_ssl_free() + * + * \param ssl SSL context + */ +void mbedtls_ssl_init( mbedtls_ssl_context *ssl ); + +/** + * \brief Set up an SSL context for use + * + * \note No copy of the configuration context is made, it can be + * shared by many mbedtls_ssl_context structures. + * + * \warning Modifying the conf structure after is has been used in this + * function is unsupported! + * + * \param ssl SSL context + * \param conf SSL configuration to use + * + * \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED if + * memory allocation failed + */ +int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, + const mbedtls_ssl_config *conf ); + +/** + * \brief Reset an already initialized SSL context for re-use + * while retaining application-set variables, function + * pointers and data. + * + * \param ssl SSL context + * \return 0 if successful, or POLASSL_ERR_SSL_MALLOC_FAILED, + MBEDTLS_ERR_SSL_HW_ACCEL_FAILED or + * MBEDTLS_ERR_SSL_COMPRESSION_FAILED + */ +int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ); + +/** + * \brief Set the current endpoint type + * + * \param conf SSL configuration + * \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER + */ +void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ); + +/** + * \brief Set the transport type (TLS or DTLS). + * Default: TLS + * + * \note For DTLS, you must either provide a recv callback that + * doesn't block, or one that handles timeouts, see + * \c mbedtls_ssl_set_bio(). You also need to provide timer + * callbacks with \c mbedtls_ssl_set_timer_cb(). + * + * \param conf SSL configuration + * \param transport transport type: + * MBEDTLS_SSL_TRANSPORT_STREAM for TLS, + * MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS. + */ +void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ); + +/** + * \brief Set the certificate verification mode + * Default: NONE on server, REQUIRED on client + * + * \param conf SSL configuration + * \param authmode can be: + * + * MBEDTLS_SSL_VERIFY_NONE: peer certificate is not checked + * (default on server) + * (insecure on client) + * + * MBEDTLS_SSL_VERIFY_OPTIONAL: peer certificate is checked, however the + * handshake continues even if verification failed; + * mbedtls_ssl_get_verify_result() can be called after the + * handshake is complete. + * + * MBEDTLS_SSL_VERIFY_REQUIRED: peer *must* present a valid certificate, + * handshake is aborted if verification failed. + * + * \note On client, MBEDTLS_SSL_VERIFY_REQUIRED is the recommended mode. + * With MBEDTLS_SSL_VERIFY_OPTIONAL, the user needs to call mbedtls_ssl_get_verify_result() at + * the right time(s), which may not be obvious, while REQUIRED always perform + * the verification as soon as possible. For example, REQUIRED was protecting + * against the "triple handshake" attack even before it was found. + */ +void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * \brief Set the verification callback (Optional). + * + * If set, the verify callback is called for each + * certificate in the chain. For implementation + * information, please see \c x509parse_verify() + * + * \param conf SSL configuration + * \param f_vrfy verification function + * \param p_vrfy verification parameter + */ +void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +/** + * \brief Set the random number generator callback + * + * \param conf SSL configuration + * \param f_rng RNG function + * \param p_rng RNG parameter + */ +void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief Set the debug callback + * + * The callback has the following argument: + * void * opaque context for the callback + * int debug level + * const char * file name + * int line number + * const char * message + * + * \param conf SSL configuration + * \param f_dbg debug function + * \param p_dbg debug parameter + */ +void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, + void (*f_dbg)(void *, int, const char *, int, const char *), + void *p_dbg ); + +/** + * \brief Set the underlying BIO callbacks for write, read and + * read-with-timeout. + * + * \param ssl SSL context + * \param p_bio parameter (context) shared by BIO callbacks + * \param f_send write callback + * \param f_recv read callback + * \param f_recv_timeout blocking read callback with timeout. + * The last argument is the timeout in milliseconds, + * 0 means no timeout (block forever until a message comes) + * + * \note One of f_recv or f_recv_timeout can be NULL, in which case + * the other is used. If both are non-NULL, f_recv_timeout is + * used and f_recv is ignored (as if it were NULL). + * + * \note The two most common use cases are: + * - non-blocking I/O, f_recv != NULL, f_recv_timeout == NULL + * - blocking I/O, f_recv == NULL, f_recv_timout != NULL + * + * \note For DTLS, you need to provide either a non-NULL + * f_recv_timeout callback, or a f_recv that doesn't block. + */ +void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, + void *p_bio, + int (*f_send)(void *, const unsigned char *, size_t), + int (*f_recv)(void *, unsigned char *, size_t), + int (*f_recv_timeout)(void *, unsigned char *, size_t, uint32_t) ); + +/** + * \brief Set the timeout period for mbedtls_ssl_read() + * (Default: no timeout.) + * + * \param conf SSL configuration context + * \param timeout Timeout value in milliseconds. + * Use 0 for no timeout (default). + * + * \note With blocking I/O, this will only work if a non-NULL + * \c f_recv_timeout was set with \c mbedtls_ssl_set_bio(). + * With non-blocking I/O, this will only work if timer + * callbacks were set with \c mbedtls_ssl_set_timer_cb(). + * + * \note With non-blocking I/O, you may also skip this function + * altogether and handle timeouts at the application layer. + */ +void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ); + +/** + * \brief Set the timer callbacks + * (Mandatory for DTLS.) + * + * \param ssl SSL context + * \param p_timer parameter (context) shared by timer callback + * \param f_set_timer set timer callback + * Accepts an intermediate and a final delay in milliseconcs + * If the final delay is 0, cancels the running timer. + * \param f_get_timer get timer callback. Must return: + * -1 if cancelled + * 0 if none of the delays is expired + * 1 if the intermediate delay only is expired + * 2 if the final delay is expired + */ +void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, + void *p_timer, + void (*f_set_timer)(void *, uint32_t int_ms, uint32_t fin_ms), + int (*f_get_timer)(void *) ); + +/** + * \brief Callback type: generate and write session ticket + * + * \note This describes what a callback implementation should do. + * This callback should generate and encrypted and + * authenticated ticket for the session and write it to the + * output buffer. Here, ticket means the opaque ticket part + * of the NewSessionTicket structure of RFC 5077. + * + * \param p_ticket Context for the callback + * \param session SSL session to bo written in the ticket + * \param start Start of the outpur buffer + * \param end End of the output buffer + * \param tlen On exit, holds the length written + * \param lifetime On exit, holds the lifetime of the ticket in seconds + * + * \return 0 if successful, or + * a specific MBEDTLS_ERR_XXX code. + */ +typedef int mbedtls_ssl_ticket_write_t( void *p_ticket, + const mbedtls_ssl_session *session, + unsigned char *start, + const unsigned char *end, + size_t *tlen, + uint32_t *lifetime ); + +/** + * \brief Callback type: parse and load session ticket + * + * \note This describes what a callback implementation should do. + * This callback should parse a session ticket as generated + * by the corresponding mbedtls_ssl_ticket_write_t function, + * and, if the ticket is authentic and valid, load the + * session. + * + * \note The implementation is allowed to modify the first len + * bytes of the input buffer, eg to use it as a temporary + * area for the decrypted ticket contents. + * + * \param p_ticket Context for the callback + * \param session SSL session to be loaded + * \param buf Start of the buffer containing the ticket + * \param len Length of the ticket. + * + * \return 0 if successful, or + * MBEDTLS_ERR_SSL_INVALID_MAC if not authentic, or + * MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED if expired, or + * any other non-zero code for other failures. + */ +typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket, + mbedtls_ssl_session *session, + unsigned char *buf, + size_t len ); + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) +/** + * \brief Configure SSL session ticket callbacks (server only). + * (Default: none.) + * + * \note On server, session tickets are enabled by providing + * non-NULL callbacks. + * + * \note On client, use \c mbedtls_ssl_conf_session_tickets(). + * + * \param conf SSL configuration context + * \param f_ticket_write Callback for writing a ticket + * \param f_ticket_parse Callback for parsing a ticket + * \param p_ticket Context shared by the two callbacks + */ +void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, + mbedtls_ssl_ticket_write_t *f_ticket_write, + mbedtls_ssl_ticket_parse_t *f_ticket_parse, + void *p_ticket ); +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ + +/** + * \brief Callback type: generate a cookie + * + * \param ctx Context for the callback + * \param p Buffer to write to, + * must be updated to point right after the cookie + * \param end Pointer to one past the end of the output buffer + * \param info Client ID info that was passed to + * \c mbedtls_ssl_set_client_transport_id() + * \param ilen Length of info in bytes + * + * \return The callback must return 0 on success, + * or a negative error code. + */ +typedef int mbedtls_ssl_cookie_write_t( void *ctx, + unsigned char **p, unsigned char *end, + const unsigned char *info, size_t ilen ); + +/** + * \brief Callback type: verify a cookie + * + * \param ctx Context for the callback + * \param cookie Cookie to verify + * \param clen Length of cookie + * \param info Client ID info that was passed to + * \c mbedtls_ssl_set_client_transport_id() + * \param ilen Length of info in bytes + * + * \return The callback must return 0 if cookie is valid, + * or a negative error code. + */ +typedef int mbedtls_ssl_cookie_check_t( void *ctx, + const unsigned char *cookie, size_t clen, + const unsigned char *info, size_t ilen ); + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) +/** + * \brief Register callbacks for DTLS cookies + * (Server only. DTLS only.) + * + * Default: dummy callbacks that fail, in order to force you to + * register working callbacks (and initialize their context). + * + * To disable HelloVerifyRequest, register NULL callbacks. + * + * \warning Disabling hello verification allows your server to be used + * for amplification in DoS attacks against other hosts. + * Only disable if you known this can't happen in your + * particular environment. + * + * \note See comments on \c mbedtls_ssl_handshake() about handling + * the MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED that is expected + * on the first handshake attempt when this is enabled. + * + * \param conf SSL configuration + * \param f_cookie_write Cookie write callback + * \param f_cookie_check Cookie check callback + * \param p_cookie Context for both callbacks + */ +void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, + mbedtls_ssl_cookie_write_t *f_cookie_write, + mbedtls_ssl_cookie_check_t *f_cookie_check, + void *p_cookie ); + +/** + * \brief Set client's transport-level identification info. + * (Server only. DTLS only.) + * + * This is usually the IP address (and port), but could be + * anything identify the client depending on the underlying + * network stack. Used for HelloVerifyRequest with DTLS. + * This is *not* used to route the actual packets. + * + * \param ssl SSL context + * \param info Transport-level info identifying the client (eg IP + port) + * \param ilen Length of info in bytes + * + * \note An internal copy is made, so the info buffer can be reused. + * + * \return 0 on success, + * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used on client, + * MBEDTLS_ERR_SSL_ALLOC_FAILED if out of memory. + */ +int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, + const unsigned char *info, + size_t ilen ); + +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +/** + * \brief Enable or disable anti-replay protection for DTLS. + * (DTLS only, no effect on TLS.) + * Default: enabled. + * + * \param conf SSL configuration + * \param mode MBEDTLS_SSL_ANTI_REPLAY_ENABLED or MBEDTLS_SSL_ANTI_REPLAY_DISABLED. + * + * \warning Disabling this is a security risk unless the application + * protocol handles duplicated packets in a safe way. You + * should not disable this without careful consideration. + * However, if your application already detects duplicated + * packets and needs information about them to adjust its + * transmission strategy, then you'll want to disable this. + */ +void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ); +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) +/** + * \brief Set a limit on the number of records with a bad MAC + * before terminating the connection. + * (DTLS only, no effect on TLS.) + * Default: 0 (disabled). + * + * \param conf SSL configuration + * \param limit Limit, or 0 to disable. + * + * \note If the limit is N, then the connection is terminated when + * the Nth non-authentic record is seen. + * + * \note Records with an invalid header are not counted, only the + * ones going through the authentication-decryption phase. + * + * \note This is a security trade-off related to the fact that it's + * often relatively easy for an active attacker ot inject UDP + * datagrams. On one hand, setting a low limit here makes it + * easier for such an attacker to forcibly terminated a + * connection. On the other hand, a high limit or no limit + * might make us waste resources checking authentication on + * many bogus packets. + */ +void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ); +#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +/** + * \brief Set retransmit timeout values for the DTLS handshale. + * (DTLS only, no effect on TLS.) + * + * \param conf SSL configuration + * \param min Initial timeout value in milliseconds. + * Default: 1000 (1 second). + * \param max Maximum timeout value in milliseconds. + * Default: 60000 (60 seconds). + * + * \note Default values are from RFC 6347 section 4.2.4.1. + * + * \note Higher values for initial timeout may increase average + * handshake latency. Lower values may increase the risk of + * network congestion by causing more retransmissions. + */ +void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max ); +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if defined(MBEDTLS_SSL_SRV_C) +/** + * \brief Set the session cache callbacks (server-side only) + * If not set, no session resuming is done (except if session + * tickets are enabled too). + * + * The session cache has the responsibility to check for stale + * entries based on timeout. See RFC 5246 for recommendations. + * + * Warning: session.peer_cert is cleared by the SSL/TLS layer on + * connection shutdown, so do not cache the pointer! Either set + * it to NULL or make a full copy of the certificate. + * + * The get callback is called once during the initial handshake + * to enable session resuming. The get function has the + * following parameters: (void *parameter, mbedtls_ssl_session *session) + * If a valid entry is found, it should fill the master of + * the session object with the cached values and return 0, + * return 1 otherwise. Optionally peer_cert can be set as well + * if it is properly present in cache entry. + * + * The set callback is called once during the initial handshake + * to enable session resuming after the entire handshake has + * been finished. The set function has the following parameters: + * (void *parameter, const mbedtls_ssl_session *session). The function + * should create a cache entry for future retrieval based on + * the data in the session structure and should keep in mind + * that the mbedtls_ssl_session object presented (and all its referenced + * data) is cleared by the SSL/TLS layer when the connection is + * terminated. It is recommended to add metadata to determine if + * an entry is still valid in the future. Return 0 if + * successfully cached, return 1 otherwise. + * + * \param conf SSL configuration + * \param p_cache parmater (context) for both callbacks + * \param f_get_cache session get callback + * \param f_set_cache session set callback + */ +void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, + void *p_cache, + int (*f_get_cache)(void *, mbedtls_ssl_session *), + int (*f_set_cache)(void *, const mbedtls_ssl_session *) ); +#endif /* MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_CLI_C) +/** + * \brief Request resumption of session (client-side only) + * Session data is copied from presented session structure. + * + * \param ssl SSL context + * \param session session context + * + * \return 0 if successful, + * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or + * arguments are otherwise invalid + * + * \sa mbedtls_ssl_get_session() + */ +int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session ); +#endif /* MBEDTLS_SSL_CLI_C */ + +/** + * \brief Set the list of allowed ciphersuites and the preference + * order. First in the list has the highest preference. + * (Overrides all version specific lists) + * + * The ciphersuites array is not copied, and must remain + * valid for the lifetime of the ssl_config. + * + * Note: The server uses its own preferences + * over the preference of the client unless + * MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined! + * + * \param conf SSL configuration + * \param ciphersuites 0-terminated list of allowed ciphersuites + */ +void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, + const int *ciphersuites ); + +/** + * \brief Set the list of allowed ciphersuites and the + * preference order for a specific version of the protocol. + * (Only useful on the server side) + * + * The ciphersuites array is not copied, and must remain + * valid for the lifetime of the ssl_config. + * + * \param conf SSL configuration + * \param ciphersuites 0-terminated list of allowed ciphersuites + * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 + * supported) + * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, + * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, + * MBEDTLS_SSL_MINOR_VERSION_3 supported) + * + * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 + * and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 + */ +void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, + const int *ciphersuites, + int major, int minor ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * \brief Set the X.509 security profile used for verification + * + * \param conf SSL configuration + * \param profile Profile to use + */ +void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, + mbedtls_x509_crt_profile *profile ); + +/** + * \brief Set the data required to verify peer certificate + * + * \param conf SSL configuration + * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) + * \param ca_crl trusted CA CRLs + */ +void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, + mbedtls_x509_crt *ca_chain, + mbedtls_x509_crl *ca_crl ); + +/** + * \brief Set own certificate chain and private key + * + * \note own_cert should contain in order from the bottom up your + * certificate chain. The top certificate (self-signed) + * can be omitted. + * + * \note On server, this function can be called multiple times to + * provision more than one cert/key pair (eg one ECDSA, one + * RSA with SHA-256, one RSA with SHA-1). An adequate + * certificate will be selected according to the client's + * advertised capabilities. In case mutliple certificates are + * adequate, preference is given to the one set by the first + * call to this function, then second, etc. + * + * \note On client, only the first call has any effect. + * + * \param conf SSL configuration + * \param own_cert own public certificate chain + * \param pk_key own private key + * + * \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED + */ +int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, + mbedtls_x509_crt *own_cert, + mbedtls_pk_context *pk_key ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +/** + * \brief Set the Pre Shared Key (PSK) and the expected identity name + * + * \note This is mainly useful for clients. Servers will usually + * want to use \c mbedtls_ssl_conf_psk_cb() instead. + * + * \param conf SSL configuration + * \param psk pointer to the pre-shared key + * \param psk_len pre-shared key length + * \param psk_identity pointer to the pre-shared key identity + * \param psk_identity_len identity key length + * + * \return 0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED + */ +int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, + const unsigned char *psk, size_t psk_len, + const unsigned char *psk_identity, size_t psk_identity_len ); + + +/** + * \brief Set the Pre Shared Key (PSK) for the current handshake + * + * \note This should only be called inside the PSK callback, + * ie the function passed to \c mbedtls_ssl_conf_psk_cb(). + * + * \param ssl SSL context + * \param psk pointer to the pre-shared key + * \param psk_len pre-shared key length + * + * \return 0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED + */ +int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, + const unsigned char *psk, size_t psk_len ); + +/** + * \brief Set the PSK callback (server-side only). + * + * If set, the PSK callback is called for each + * handshake where a PSK ciphersuite was negotiated. + * The caller provides the identity received and wants to + * receive the actual PSK data and length. + * + * The callback has the following parameters: (void *parameter, + * mbedtls_ssl_context *ssl, const unsigned char *psk_identity, + * size_t identity_len) + * If a valid PSK identity is found, the callback should use + * \c mbedtls_ssl_set_hs_psk() on the ssl context to set the + * correct PSK and return 0. + * Any other return value will result in a denied PSK identity. + * + * \note If you set a PSK callback using this function, then you + * don't need to set a PSK key and identity using + * \c mbedtls_ssl_conf_psk(). + * + * \param conf SSL configuration + * \param f_psk PSK identity function + * \param p_psk PSK identity parameter + */ +void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, + int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, + size_t), + void *p_psk ); +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) +/** + * \brief Set the Diffie-Hellman public P and G values, + * read as hexadecimal strings (server-side only) + * (Default: MBEDTLS_DHM_RFC5114_MODP_2048_[PG]) + * + * \param conf SSL configuration + * \param dhm_P Diffie-Hellman-Merkle modulus + * \param dhm_G Diffie-Hellman-Merkle generator + * + * \return 0 if successful + */ +int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G ); + +/** + * \brief Set the Diffie-Hellman public P and G values, + * read from existing context (server-side only) + * + * \param conf SSL configuration + * \param dhm_ctx Diffie-Hellman-Merkle context + * + * \return 0 if successful + */ +int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ); +#endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */ + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) +/** + * \brief Set the minimum length for Diffie-Hellman parameters. + * (Client-side only.) + * (Default: 1024 bits.) + * + * \param conf SSL configuration + * \param bitlen Minimum bit length of the DHM prime + */ +void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, + unsigned int bitlen ); +#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_ECP_C) +/** + * \brief Set the allowed curves in order of preference. + * (Default: all defined curves.) + * + * On server: this only affects selection of the ECDHE curve; + * the curves used for ECDH and ECDSA are determined by the + * list of available certificates instead. + * + * On client: this affects the list of curves offered for any + * use. The server can override our preference order. + * + * Both sides: limits the set of curves used by peer to the + * listed curves for any use ECDHE and the end-entity + * certificate. + * + * \note This has no influence on which curve are allowed inside the + * certificate chains, see \c mbedtls_ssl_conf_cert_profile() + * for that. For example, if the peer's certificate chain is + * EE -> CA_int -> CA_root, then the allowed curves for EE are + * controlled by \c mbedtls_ssl_conf_curves() but for CA_int + * and CA_root it's \c mbedtls_ssl_conf_cert_profile(). + * + * \note This list should be ordered by decreasing preference + * (preferred curve first). + * + * \param conf SSL configuration + * \param curves Ordered list of allowed curves, + * terminated by MBEDTLS_ECP_DP_NONE. + */ +void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, + const mbedtls_ecp_group_id *curves ); +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED) +/** + * \brief Set the allowed hashes for signatures during the handshake. + * (Default: all available hashes.) + * + * \note This only affects which hashes are offered and can be used + * for signatures during the handshake. Hashes for message + * authentication and the TLS PRF are controlled by the + * ciphersuite, see \c mbedtls_ssl_conf_ciphersuites(). Hashes + * used for certificate signature are controlled by the + * verification profile, see \c mbedtls_ssl_conf_cert_profile(). + * + * \note This list should be ordered by decreasing preference + * (preferred hash first). + * + * \param conf SSL configuration + * \param hashes Ordered list of allowed signature hashes, + * terminated by \c MBEDTLS_MD_NONE. + */ +void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, + const int *hashes ); +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * \brief Set hostname for ServerName TLS extension + * (client-side only) + * + * + * \param ssl SSL context + * \param hostname the server hostname + * + * \return 0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED + */ +int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +/** + * \brief Set own certificate and key for the current handshake + * + * \note Same as \c mbedtls_ssl_conf_own_cert() but for use within + * the SNI callback. + * + * \param ssl SSL context + * \param own_cert own public certificate chain + * \param pk_key own private key + * + * \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED + */ +int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *own_cert, + mbedtls_pk_context *pk_key ); + +/** + * \brief Set the data required to verify peer certificate for the + * current handshake + * + * \note Same as \c mbedtls_ssl_conf_ca_chain() but for use within + * the SNI callback. + * + * \param ssl SSL context + * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) + * \param ca_crl trusted CA CRLs + */ +void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *ca_chain, + mbedtls_x509_crl *ca_crl ); + +/** + * \brief Set authmode for the current handshake. + * + * \note Same as \c mbedtls_ssl_conf_authmode() but for use within + * the SNI callback. + * + * \param ssl SSL context + * \param authmode MBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL or + * MBEDTLS_SSL_VERIFY_REQUIRED + */ +void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, + int authmode ); + +/** + * \brief Set server side ServerName TLS extension callback + * (optional, server-side only). + * + * If set, the ServerName callback is called whenever the + * server receives a ServerName TLS extension from the client + * during a handshake. The ServerName callback has the + * following parameters: (void *parameter, mbedtls_ssl_context *ssl, + * const unsigned char *hostname, size_t len). If a suitable + * certificate is found, the callback must set the + * certificate(s) and key(s) to use with \c + * mbedtls_ssl_set_hs_own_cert() (can be called repeatedly), + * and may optionally adjust the CA and associated CRL with \c + * mbedtls_ssl_set_hs_ca_chain() as well as the client + * authentication mode with \c mbedtls_ssl_set_hs_authmode(), + * then must return 0. If no matching name is found, the + * callback must either set a default cert, or + * return non-zero to abort the handshake at this point. + * + * \param conf SSL configuration + * \param f_sni verification function + * \param p_sni verification parameter + */ +void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, + int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, + size_t), + void *p_sni ); +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ + +#if defined(MBEDTLS_SSL_ALPN) +/** + * \brief Set the supported Application Layer Protocols. + * + * \param conf SSL configuration + * \param protos NULL-terminated list of supported protocols, + * in decreasing preference order. + * + * \return 0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA. + */ +int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos ); + +/** + * \brief Get the name of the negotiated Application Layer Protocol. + * This function should be called after the handshake is + * completed. + * + * \param ssl SSL context + * + * \return Protcol name, or NULL if no protocol was negotiated. + */ +const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl ); +#endif /* MBEDTLS_SSL_ALPN */ + +/** + * \brief Set the maximum supported version sent from the client side + * and/or accepted at the server side + * (Default: MBEDTLS_SSL_MAX_MAJOR_VERSION, MBEDTLS_SSL_MAX_MINOR_VERSION) + * + * \note This ignores ciphersuites from higher versions. + * + * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and + * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 + * + * \param conf SSL configuration + * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) + * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, + * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, + * MBEDTLS_SSL_MINOR_VERSION_3 supported) + */ +void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ); + +/** + * \brief Set the minimum accepted SSL/TLS protocol version + * (Default: TLS 1.0) + * + * \note Input outside of the SSL_MAX_XXXXX_VERSION and + * SSL_MIN_XXXXX_VERSION range is ignored. + * + * \note MBEDTLS_SSL_MINOR_VERSION_0 (SSL v3) should be avoided. + * + * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and + * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 + * + * \param conf SSL configuration + * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) + * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, + * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, + * MBEDTLS_SSL_MINOR_VERSION_3 supported) + */ +void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ); + +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) +/** + * \brief Set the fallback flag (client-side only). + * (Default: MBEDTLS_SSL_IS_NOT_FALLBACK). + * + * \note Set to MBEDTLS_SSL_IS_FALLBACK when preparing a fallback + * connection, that is a connection with max_version set to a + * lower value than the value you're willing to use. Such + * fallback connections are not recommended but are sometimes + * necessary to interoperate with buggy (version-intolerant) + * servers. + * + * \warning You should NOT set this to MBEDTLS_SSL_IS_FALLBACK for + * non-fallback connections! This would appear to work for a + * while, then cause failures when the server is upgraded to + * support a newer TLS version. + * + * \param conf SSL configuration + * \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK + */ +void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ); +#endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +/** + * \brief Enable or disable Encrypt-then-MAC + * (Default: MBEDTLS_SSL_ETM_ENABLED) + * + * \note This should always be enabled, it is a security + * improvement, and should not cause any interoperability + * issue (used only if the peer supports it too). + * + * \param conf SSL configuration + * \param etm MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED + */ +void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ); +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +/** + * \brief Enable or disable Extended Master Secret negotiation. + * (Default: MBEDTLS_SSL_EXTENDED_MS_ENABLED) + * + * \note This should always be enabled, it is a security fix to the + * protocol, and should not cause any interoperability issue + * (used only if the peer supports it too). + * + * \param conf SSL configuration + * \param ems MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED + */ +void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ); +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + +#if defined(MBEDTLS_ARC4_C) +/** + * \brief Disable or enable support for RC4 + * (Default: MBEDTLS_SSL_ARC4_DISABLED) + * + * \warning Use of RC4 in (D)TLS has been prohibited by RFC ???? + * for security reasons. Use at your own risks. + * + * \note This function will likely be removed in future versions as + * RC4 will then be disabled by default at compile time. + * + * \param conf SSL configuration + * \param arc4 MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED + */ +void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ); +#endif /* MBEDTLS_ARC4_C */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +/** + * \brief Set the maximum fragment length to emit and/or negotiate + * (Default: MBEDTLS_SSL_MAX_CONTENT_LEN, usually 2^14 bytes) + * (Server: set maximum fragment length to emit, + * usually negotiated by the client during handshake + * (Client: set maximum fragment length to emit *and* + * negotiate with the server during handshake) + * + * \param conf SSL configuration + * \param mfl_code Code for maximum fragment length (allowed values: + * MBEDTLS_SSL_MAX_FRAG_LEN_512, MBEDTLS_SSL_MAX_FRAG_LEN_1024, + * MBEDTLS_SSL_MAX_FRAG_LEN_2048, MBEDTLS_SSL_MAX_FRAG_LEN_4096) + * + * \return 0 if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA + */ +int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ); +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +/** + * \brief Activate negotiation of truncated HMAC + * (Default: MBEDTLS_SSL_TRUNC_HMAC_DISABLED) + * + * \param conf SSL configuration + * \param truncate Enable or disable (MBEDTLS_SSL_TRUNC_HMAC_ENABLED or + * MBEDTLS_SSL_TRUNC_HMAC_DISABLED) + */ +void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ); +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) +/** + * \brief Enable / Disable 1/n-1 record splitting + * (Default: MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED) + * + * \note Only affects SSLv3 and TLS 1.0, not higher versions. + * Does not affect non-CBC ciphersuites in any version. + * + * \param conf SSL configuration + * \param split MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or + * MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED + */ +void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ); +#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) +/** + * \brief Enable / Disable session tickets (client only). + * (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED.) + * + * \note On server, use \c mbedtls_ssl_conf_session_tickets_cb(). + * + * \param conf SSL configuration + * \param use_tickets Enable or disable (MBEDTLS_SSL_SESSION_TICKETS_ENABLED or + * MBEDTLS_SSL_SESSION_TICKETS_DISABLED) + */ +void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ); +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) +/** + * \brief Enable / Disable renegotiation support for connection when + * initiated by peer + * (Default: MBEDTLS_SSL_RENEGOTIATION_DISABLED) + * + * \warning It is recommended to always disable renegotation unless you + * know you need it and you know what you're doing. In the + * past, there has been several issues associated with + * renegotiation or a poor understanding of its properties. + * + * \note Server-side, enabling renegotiation also makes the server + * susceptible to a resource DoS by a malicious client. + * + * \param conf SSL configuration + * \param renegotiation Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or + * MBEDTLS_SSL_RENEGOTIATION_DISABLED) + */ +void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation ); +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +/** + * \brief Prevent or allow legacy renegotiation. + * (Default: MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION) + * + * MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION allows connections to + * be established even if the peer does not support + * secure renegotiation, but does not allow renegotiation + * to take place if not secure. + * (Interoperable and secure option) + * + * MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION allows renegotiations + * with non-upgraded peers. Allowing legacy renegotiation + * makes the connection vulnerable to specific man in the + * middle attacks. (See RFC 5746) + * (Most interoperable and least secure option) + * + * MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE breaks off connections + * if peer does not support secure renegotiation. Results + * in interoperability issues with non-upgraded peers + * that do not support renegotiation altogether. + * (Most secure option, interoperability issues) + * + * \param conf SSL configuration + * \param allow_legacy Prevent or allow (SSL_NO_LEGACY_RENEGOTIATION, + * SSL_ALLOW_LEGACY_RENEGOTIATION or + * MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) + */ +void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ); + +#if defined(MBEDTLS_SSL_RENEGOTIATION) +/** + * \brief Enforce renegotiation requests. + * (Default: enforced, max_records = 16) + * + * When we request a renegotiation, the peer can comply or + * ignore the request. This function allows us to decide + * whether to enforce our renegotiation requests by closing + * the connection if the peer doesn't comply. + * + * However, records could already be in transit from the peer + * when the request is emitted. In order to increase + * reliability, we can accept a number of records before the + * expected handshake records. + * + * The optimal value is highly dependent on the specific usage + * scenario. + * + * \note With DTLS and server-initiated renegotiation, the + * HelloRequest is retransmited every time mbedtls_ssl_read() times + * out or receives Application Data, until: + * - max_records records have beens seen, if it is >= 0, or + * - the number of retransmits that would happen during an + * actual handshake has been reached. + * Please remember the request might be lost a few times + * if you consider setting max_records to a really low value. + * + * \warning On client, the grace period can only happen during + * mbedtls_ssl_read(), as opposed to mbedtls_ssl_write() and mbedtls_ssl_renegotiate() + * which always behave as if max_record was 0. The reason is, + * if we receive application data from the server, we need a + * place to write it, which only happens during mbedtls_ssl_read(). + * + * \param conf SSL configuration + * \param max_records Use MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED if you don't want to + * enforce renegotiation, or a non-negative value to enforce + * it but allow for a grace period of max_records records. + */ +void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records ); + +/** + * \brief Set record counter threshold for periodic renegotiation. + * (Default: 2^64 - 256.) + * + * Renegotiation is automatically triggered when a record + * counter (outgoing or ingoing) crosses the defined + * threshold. The default value is meant to prevent the + * connection from being closed when the counter is about to + * reached its maximal value (it is not allowed to wrap). + * + * Lower values can be used to enforce policies such as "keys + * must be refreshed every N packets with cipher X". + * + * \param conf SSL configuration + * \param period The threshold value: a big-endian 64-bit number. + * Set to 2^64 - 1 to disable periodic renegotiation + */ +void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, + const unsigned char period[8] ); +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +/** + * \brief Return the number of data bytes available to read + * + * \param ssl SSL context + * + * \return how many bytes are available in the read buffer + */ +size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ); + +/** + * \brief Return the result of the certificate verification + * + * \param ssl SSL context + * + * \return 0 if successful, + * -1 if result is not available (eg because the handshake was + * aborted too early), or + * a combination of BADCERT_xxx and BADCRL_xxx flags, see + * x509.h + */ +uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ); + +/** + * \brief Return the name of the current ciphersuite + * + * \param ssl SSL context + * + * \return a string containing the ciphersuite name + */ +const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ); + +/** + * \brief Return the current SSL version (SSLv3/TLSv1/etc) + * + * \param ssl SSL context + * + * \return a string containing the SSL version + */ +const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ); + +/** + * \brief Return the (maximum) number of bytes added by the record + * layer: header + encryption/MAC overhead (inc. padding) + * + * \param ssl SSL context + * + * \return Current maximum record expansion in bytes, or + * MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if compression is + * enabled, which makes expansion much less predictable + */ +int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * \brief Return the peer certificate from the current connection + * + * Note: Can be NULL in case no certificate was sent during + * the handshake. Different calls for the same connection can + * return the same or different pointers for the same + * certificate and even a different certificate altogether. + * The peer cert CAN change in a single connection if + * renegotiation is performed. + * + * \param ssl SSL context + * + * \return the current peer certificate + */ +const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_CLI_C) +/** + * \brief Save session in order to resume it later (client-side only) + * Session data is copied to presented session structure. + * + * \warning Currently, peer certificate is lost in the operation. + * + * \param ssl SSL context + * \param session session context + * + * \return 0 if successful, + * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, + * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or + * arguments are otherwise invalid + * + * \sa mbedtls_ssl_set_session() + */ +int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session ); +#endif /* MBEDTLS_SSL_CLI_C */ + +/** + * \brief Perform the SSL handshake + * + * \param ssl SSL context + * + * \return 0 if successful, MBEDTLS_ERR_SSL_WANT_READ, + * MBEDTLS_ERR_SSL_WANT_WRITE, or a specific SSL error code. + * + * \note If this function returns non-zero, then the ssl context + * becomes unusable, and you should either free it or call + * \c mbedtls_ssl_session_reset() on it before re-using it. + * If DTLS is in use, then you may choose to handle + * MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED specially for logging + * purposes, but you still need to reset/free the context. + */ +int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ); + +/** + * \brief Perform a single step of the SSL handshake + * + * Note: the state of the context (ssl->state) will be at + * the following state after execution of this function. + * Do not call this function if state is MBEDTLS_SSL_HANDSHAKE_OVER. + * + * \param ssl SSL context + * + * \return 0 if successful, MBEDTLS_ERR_SSL_WANT_READ, + * MBEDTLS_ERR_SSL_WANT_WRITE, or a specific SSL error code. + */ +int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ); + +#if defined(MBEDTLS_SSL_RENEGOTIATION) +/** + * \brief Initiate an SSL renegotiation on the running connection. + * Client: perform the renegotiation right now. + * Server: request renegotiation, which will be performed + * during the next call to mbedtls_ssl_read() if honored by client. + * + * \param ssl SSL context + * + * \return 0 if successful, or any mbedtls_ssl_handshake() return value. + */ +int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ); +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +/** + * \brief Read at most 'len' application data bytes + * + * \param ssl SSL context + * \param buf buffer that will hold the data + * \param len maximum number of bytes to read + * + * \return the number of bytes read, or + * 0 for EOF, or + * a negative error code. + */ +int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ); + +/** + * \brief Write exactly 'len' application data bytes + * + * \param ssl SSL context + * \param buf buffer holding the data + * \param len how many bytes must be written + * + * \return the number of bytes written, + * or a negative error code. + * + * \note When this function returns MBEDTLS_ERR_SSL_WANT_WRITE, + * it must be called later with the *same* arguments, + * until it returns a positive value. + * + * \note If the requested length is greater than the maximum + * fragment length (either the built-in limit or the one set + * or negotiated with the peer), then: + * - with TLS, less bytes than requested are written. (In + * order to write larger messages, this function should be + * called in a loop.) + * - with DTLS, MBEDTLS_ERR_SSL_BAD_INPUT_DATA is returned. + */ +int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ); + +/** + * \brief Send an alert message + * + * \param ssl SSL context + * \param level The alert level of the message + * (MBEDTLS_SSL_ALERT_LEVEL_WARNING or MBEDTLS_SSL_ALERT_LEVEL_FATAL) + * \param message The alert message (SSL_ALERT_MSG_*) + * + * \return 0 if successful, or a specific SSL error code. + */ +int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, + unsigned char level, + unsigned char message ); +/** + * \brief Notify the peer that the connection is being closed + * + * \param ssl SSL context + */ +int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl ); + +/** + * \brief Free referenced items in an SSL context and clear memory + * + * \param ssl SSL context + */ +void mbedtls_ssl_free( mbedtls_ssl_context *ssl ); + +/** + * \brief Initialize an SSL configuration context + * Just makes the context ready for + * mbedtls_ssl_config_defaults() or mbedtls_ssl_config_free(). + * + * \note You need to call mbedtls_ssl_config_defaults() unless you + * manually set all of the relevent fields yourself. + * + * \param conf SSL configuration context + */ +void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ); + +/** + * \brief Load reasonnable default SSL configuration values. + * (You need to call mbedtls_ssl_config_init() first.) + * + * \param conf SSL configuration context + * \param endpoint MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER + * \param transport MBEDTLS_SSL_TRANSPORT_STREAM for TLS, or + * MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS + * \param preset a MBEDTLS_SSL_PRESET_XXX value + * (currently unused). + * + * \note See \c mbedtls_ssl_conf_transport() for notes on DTLS. + * + * \return 0 if successful, or + * MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error. + */ +int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, + int endpoint, int transport, int preset ); + +/** + * \brief Free an SSL configuration context + * + * \param conf SSL configuration context + */ +void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ); + +/** + * \brief Initialize SSL session structure + * + * \param session SSL session + */ +void mbedtls_ssl_session_init( mbedtls_ssl_session *session ); + +/** + * \brief Free referenced items in an SSL session including the + * peer certificate and clear memory + * + * \param session SSL session + */ +void mbedtls_ssl_session_free( mbedtls_ssl_session *session ); + +#ifdef __cplusplus +} +#endif + +#endif /* ssl.h */ diff --git a/ext/mbedtls/include/polarssl/ssl_cache.h b/ext/mbedtls/include/mbedtls/ssl_cache.h similarity index 58% rename from ext/mbedtls/include/polarssl/ssl_cache.h rename to ext/mbedtls/include/mbedtls/ssl_cache.h index 063d7d7b1e..a92a1fa04c 100644 --- a/ext/mbedtls/include/polarssl/ssl_cache.h +++ b/ext/mbedtls/include/mbedtls/ssl_cache.h @@ -21,12 +21,12 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_SSL_CACHE_H -#define POLARSSL_SSL_CACHE_H +#ifndef MBEDTLS_SSL_CACHE_H +#define MBEDTLS_SSL_CACHE_H #include "ssl.h" -#if defined(POLARSSL_THREADING_C) +#if defined(MBEDTLS_THREADING_C) #include "threading.h" #endif @@ -38,12 +38,12 @@ * \{ */ -#if !defined(SSL_CACHE_DEFAULT_TIMEOUT) -#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */ +#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT) +#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */ #endif -#if !defined(SSL_CACHE_DEFAULT_MAX_ENTRIES) -#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */ +#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES) +#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */ #endif /* \} name SECTION: Module settings */ @@ -52,34 +52,34 @@ extern "C" { #endif -typedef struct _ssl_cache_context ssl_cache_context; -typedef struct _ssl_cache_entry ssl_cache_entry; +typedef struct mbedtls_ssl_cache_context mbedtls_ssl_cache_context; +typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry; /** * \brief This structure is used for storing cache entries */ -struct _ssl_cache_entry +struct mbedtls_ssl_cache_entry { -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) time_t timestamp; /*!< entry timestamp */ #endif - ssl_session session; /*!< entry session */ -#if defined(POLARSSL_X509_CRT_PARSE_C) - x509_buf peer_cert; /*!< entry peer_cert */ + mbedtls_ssl_session session; /*!< entry session */ +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_x509_buf peer_cert; /*!< entry peer_cert */ #endif - ssl_cache_entry *next; /*!< chain pointer */ + mbedtls_ssl_cache_entry *next; /*!< chain pointer */ }; /** * \brief Cache context */ -struct _ssl_cache_context +struct mbedtls_ssl_cache_context { - ssl_cache_entry *chain; /*!< start of the chain */ + mbedtls_ssl_cache_entry *chain; /*!< start of the chain */ int timeout; /*!< cache entry timeout */ int max_entries; /*!< maximum entries */ -#if defined(POLARSSL_THREADING_C) - threading_mutex_t mutex; /*!< mutex */ +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; /*!< mutex */ #endif }; @@ -88,54 +88,54 @@ struct _ssl_cache_context * * \param cache SSL cache context */ -void ssl_cache_init( ssl_cache_context *cache ); +void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ); /** * \brief Cache get callback implementation - * (Thread-safe if POLARSSL_THREADING_C is enabled) + * (Thread-safe if MBEDTLS_THREADING_C is enabled) * * \param data SSL cache context * \param session session to retrieve entry for */ -int ssl_cache_get( void *data, ssl_session *session ); +int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ); /** * \brief Cache set callback implementation - * (Thread-safe if POLARSSL_THREADING_C is enabled) + * (Thread-safe if MBEDTLS_THREADING_C is enabled) * * \param data SSL cache context * \param session session to store entry for */ -int ssl_cache_set( void *data, const ssl_session *session ); +int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ); -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) /** * \brief Set the cache timeout - * (Default: SSL_CACHE_DEFAULT_TIMEOUT (1 day)) + * (Default: MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT (1 day)) * * A timeout of 0 indicates no timeout. * * \param cache SSL cache context * \param timeout cache entry timeout in seconds */ -void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout ); -#endif /* POLARSSL_HAVE_TIME */ +void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ); +#endif /* MBEDTLS_HAVE_TIME */ /** * \brief Set the cache timeout - * (Default: SSL_CACHE_DEFAULT_MAX_ENTRIES (50)) + * (Default: MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES (50)) * * \param cache SSL cache context * \param max cache entry maximum */ -void ssl_cache_set_max_entries( ssl_cache_context *cache, int max ); +void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ); /** * \brief Free referenced items in a cache context and clear memory * * \param cache SSL cache context */ -void ssl_cache_free( ssl_cache_context *cache ); +void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/mbedtls/ssl_ciphersuites.h b/ext/mbedtls/include/mbedtls/ssl_ciphersuites.h new file mode 100644 index 0000000000..86df418b14 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/ssl_ciphersuites.h @@ -0,0 +1,304 @@ +/** + * \file ssl_ciphersuites.h + * + * \brief SSL Ciphersuites for mbed TLS + * + * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_SSL_CIPHERSUITES_H +#define MBEDTLS_SSL_CIPHERSUITES_H + +#include "pk.h" +#include "cipher.h" +#include "md.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * Supported ciphersuites (Official IANA names) + */ +#define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */ +#define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */ + +#define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 0x04 +#define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA 0x05 +#define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA 0x09 /**< Weak! Not in TLS 1.2 */ + +#define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A + +#define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15 /**< Weak! Not in TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16 + +#define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */ +#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */ +#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */ +#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F + +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33 +#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35 +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39 + +#define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */ +#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */ + +#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41 +#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45 + +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */ + +#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84 +#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88 + +#define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA 0x8A +#define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B +#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C +#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D + +#define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E +#define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90 +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91 + +#define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA 0x92 +#define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93 +#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94 +#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95 + +#define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F /**< TLS 1.2 */ + +#define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD /**< TLS 1.2 */ + +#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE +#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF +#define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0 /**< Weak! */ +#define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1 /**< Weak! */ + +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2 +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3 +#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4 /**< Weak! */ +#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5 /**< Weak! */ + +#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6 +#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7 +#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8 /**< Weak! */ +#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9 /**< Weak! */ + +#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */ + +#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */ + +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 /**< Not in SSL3! */ + +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 /**< Weak! */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A /**< Not in SSL3! */ + +#define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B /**< Weak! */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F /**< Not in SSL3! */ + +#define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 /**< Weak! */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 /**< Not in SSL3! */ + +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A /**< TLS 1.2 */ + +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */ + +#define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039 /**< Weak! No SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A /**< Weak! No SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B /**< Weak! No SSL3! */ + +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078 /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079 /**< Not in SSL3! */ + +#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089 /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D /**< TLS 1.2 */ + +#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 /**< TLS 1.2 */ + +#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094 +#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095 +#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096 +#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097 +#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098 +#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099 +#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< Not in SSL3! */ +#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< Not in SSL3! */ + +#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /**< TLS 1.2 */ +#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */ +#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA /**< TLS 1.2 */ +#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB /**< TLS 1.2 */ +/* The last two are named with PSK_DHE in the RFC, which looks like a typo */ + +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE /**< TLS 1.2 */ +#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF /**< TLS 1.2 */ + +/* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange. + * Reminder: update MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED below. + */ +typedef enum { + MBEDTLS_KEY_EXCHANGE_NONE = 0, + MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, +} mbedtls_key_exchange_type_t; + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED +#endif + +typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t; + +#define MBEDTLS_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */ +#define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02 /**< Short authentication tag, + eg for CCM_8 */ +#define MBEDTLS_CIPHERSUITE_NODTLS 0x04 /**< Can't be used with DTLS */ + +/** + * \brief This structure is used for storing ciphersuite information + */ +struct mbedtls_ssl_ciphersuite_t +{ + int id; + const char * name; + + mbedtls_cipher_type_t cipher; + mbedtls_md_type_t mac; + mbedtls_key_exchange_type_t key_exchange; + + int min_major_ver; + int min_minor_ver; + int max_major_ver; + int max_minor_ver; + + unsigned char flags; +}; + +const int *mbedtls_ssl_list_ciphersuites( void ); + +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name ); +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id ); + +#if defined(MBEDTLS_PK_C) +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ); +#endif + +int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ); +int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ); + +#ifdef __cplusplus +} +#endif + +#endif /* ssl_ciphersuites.h */ diff --git a/ext/mbedtls/include/mbedtls/ssl_cookie.h b/ext/mbedtls/include/mbedtls/ssl_cookie.h new file mode 100644 index 0000000000..395768b587 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/ssl_cookie.h @@ -0,0 +1,109 @@ +/** + * \file ssl_cookie.h + * + * \brief DTLS cookie callbacks implementation + * + * Copyright (C) 2014-2015, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_SSL_COOKIE_H +#define MBEDTLS_SSL_COOKIE_H + +#include "ssl.h" + +#if defined(MBEDTLS_THREADING_C) +#include "threading.h" +#endif + +/** + * \name SECTION: Module settings + * + * The configuration options you can set for this module are in this section. + * Either change them in config.h or define them on the compiler command line. + * \{ + */ +#ifndef MBEDTLS_SSL_COOKIE_TIMEOUT +#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ +#endif + +/* \} name SECTION: Module settings */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Context for the default cookie functions. + */ +typedef struct +{ + mbedtls_md_context_t hmac_ctx; /*!< context for the HMAC portion */ +#if !defined(MBEDTLS_HAVE_TIME) + unsigned long serial; /*!< serial number for expiration */ +#endif + unsigned long timeout; /*!< timeout delay, in seconds if HAVE_TIME, + or in number of tickets issued */ + +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; +#endif +} mbedtls_ssl_cookie_ctx; + +/** + * \brief Initialize cookie context + */ +void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ); + +/** + * \brief Setup cookie context (generate keys) + */ +int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief Set expiration delay for cookies + * (Default MBEDTLS_SSL_COOKIE_TIMEOUT) + * + * \param ctx Cookie contex + * \param delay Delay, in seconds if HAVE_TIME, or in number of cookies + * issued in the meantime. + * 0 to disable expiration (NOT recommended) + */ +void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ); + +/** + * \brief Free cookie context + */ +void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ); + +/** + * \brief Generate cookie, see \c mbedtls_ssl_cookie_write_t + */ +mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write; + +/** + * \brief Verify cookie, see \c mbedtls_ssl_cookie_write_t + */ +mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check; + +#ifdef __cplusplus +} +#endif + +#endif /* ssl_cookie.h */ diff --git a/ext/mbedtls/include/mbedtls/ssl_internal.h b/ext/mbedtls/include/mbedtls/ssl_internal.h new file mode 100644 index 0000000000..da81f56e6d --- /dev/null +++ b/ext/mbedtls/include/mbedtls/ssl_internal.h @@ -0,0 +1,482 @@ +/** + * \file ssl_ticket.h + * + * \brief Internal functions shared by the SSL modules + * + * Copyright (C) 2015, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_SSL_INTERNAL_H +#define MBEDTLS_SSL_INTERNAL_H + +#include "ssl.h" + +#if defined(MBEDTLS_MD5_C) +#include "md5.h" +#endif + +#if defined(MBEDTLS_SHA1_C) +#include "sha1.h" +#endif + +#if defined(MBEDTLS_SHA256_C) +#include "sha256.h" +#endif + +#if defined(MBEDTLS_SHA512_C) +#include "sha512.h" +#endif + +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && !defined(inline) +#define inline __inline +#endif + +/* Determine minimum supported version */ +#define MBEDTLS_SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 + +#if defined(MBEDTLS_SSL_PROTO_SSL3) +#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_0 +#else +#if defined(MBEDTLS_SSL_PROTO_TLS1) +#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 +#else +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) +#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_2 +#else +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1 */ +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ + +/* Determine maximum supported version */ +#define MBEDTLS_SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 +#else +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) +#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_2 +#else +#if defined(MBEDTLS_SSL_PROTO_TLS1) +#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 +#else +#if defined(MBEDTLS_SSL_PROTO_SSL3) +#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_0 +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#define MBEDTLS_SSL_INITIAL_HANDSHAKE 0 +#define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS 1 /* In progress */ +#define MBEDTLS_SSL_RENEGOTIATION_DONE 2 /* Done or aborted */ +#define MBEDTLS_SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */ + +/* + * DTLS retransmission states, see RFC 6347 4.2.4 + * + * The SENDING state is merged in PREPARING for initial sends, + * but is distinct for resends. + * + * Note: initial state is wrong for server, but is not used anyway. + */ +#define MBEDTLS_SSL_RETRANS_PREPARING 0 +#define MBEDTLS_SSL_RETRANS_SENDING 1 +#define MBEDTLS_SSL_RETRANS_WAITING 2 +#define MBEDTLS_SSL_RETRANS_FINISHED 3 + +/* + * Allow extra bytes for record, authentication and encryption overhead: + * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256) + * and allow for a maximum of 1024 of compression expansion if + * enabled. + */ +#if defined(MBEDTLS_ZLIB_SUPPORT) +#define MBEDTLS_SSL_COMPRESSION_ADD 1024 +#else +#define MBEDTLS_SSL_COMPRESSION_ADD 0 +#endif + +#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_MODE_CBC) +/* Ciphersuites using HMAC */ +#if defined(MBEDTLS_SHA512_C) +#define MBEDTLS_SSL_MAC_ADD 48 /* SHA-384 used for HMAC */ +#elif defined(MBEDTLS_SHA256_C) +#define MBEDTLS_SSL_MAC_ADD 32 /* SHA-256 used for HMAC */ +#else +#define MBEDTLS_SSL_MAC_ADD 20 /* SHA-1 used for HMAC */ +#endif +#else +/* AEAD ciphersuites: GCM and CCM use a 128 bits tag */ +#define MBEDTLS_SSL_MAC_ADD 16 +#endif + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#define MBEDTLS_SSL_PADDING_ADD 256 +#else +#define MBEDTLS_SSL_PADDING_ADD 0 +#endif + +#define MBEDTLS_SSL_BUFFER_LEN ( MBEDTLS_SSL_MAX_CONTENT_LEN \ + + MBEDTLS_SSL_COMPRESSION_ADD \ + + 29 /* counter + header + IV */ \ + + MBEDTLS_SSL_MAC_ADD \ + + MBEDTLS_SSL_PADDING_ADD \ + ) + +/* + * TLS extension flags (for extensions with outgoing ServerHello content + * that need it (e.g. for RENEGOTIATION_INFO the server already knows because + * of state of the renegotiation flag, so no indicator is required) + */ +#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0) + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * This structure contains the parameters only needed during handshake. + */ +struct mbedtls_ssl_handshake_params +{ + /* + * Handshake specific crypto variables + */ + int sig_alg; /*!< Hash algorithm for signature */ + int cert_type; /*!< Requested cert type */ + int verify_sig_alg; /*!< Signature algorithm for verify */ +#if defined(MBEDTLS_DHM_C) + mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */ +#endif +#if defined(MBEDTLS_ECDH_C) + mbedtls_ecdh_context ecdh_ctx; /*!< ECDH key exchange */ +#endif +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) + const mbedtls_ecp_curve_info **curves; /*!< Supported elliptic curves */ +#endif +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + unsigned char *psk; /*!< PSK from the callback */ + size_t psk_len; /*!< Length of PSK from callback */ +#endif +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_ssl_key_cert *key_cert; /*!< chosen key/cert pair (server) */ +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + int sni_authmode; /*!< authmode from SNI callback */ + mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI */ + mbedtls_x509_crt *sni_ca_chain; /*!< trusted CAs from SNI callback */ + mbedtls_x509_crl *sni_ca_crl; /*!< trusted CAs CRLs from SNI */ +#endif +#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + unsigned int out_msg_seq; /*!< Outgoing handshake sequence number */ + unsigned int in_msg_seq; /*!< Incoming handshake sequence number */ + + unsigned char *verify_cookie; /*!< Cli: HelloVerifyRequest cookie + Srv: unused */ + unsigned char verify_cookie_len; /*!< Cli: cookie length + Srv: flag for sending a cookie */ + + unsigned char *hs_msg; /*!< Reassembled handshake message */ + + uint32_t retransmit_timeout; /*!< Current value of timeout */ + unsigned char retransmit_state; /*!< Retransmission state */ + mbedtls_ssl_flight_item *flight; /*!< Current outgoing flight */ + mbedtls_ssl_flight_item *cur_msg; /*!< Current message in flight */ + unsigned int in_flight_start_seq; /*!< Minimum message sequence in the + flight being received */ + mbedtls_ssl_transform *alt_transform_out; /*!< Alternative transform for + resending messages */ + unsigned char alt_out_ctr[8]; /*!< Alternative record epoch/counter + for resending messages */ +#endif + + /* + * Checksum contexts + */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + mbedtls_md5_context fin_md5; + mbedtls_sha1_context fin_sha1; +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) + mbedtls_sha256_context fin_sha256; +#endif +#if defined(MBEDTLS_SHA512_C) + mbedtls_sha512_context fin_sha512; +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + + void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t); + void (*calc_verify)(mbedtls_ssl_context *, unsigned char *); + void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int); + int (*tls_prf)(const unsigned char *, size_t, const char *, + const unsigned char *, size_t, + unsigned char *, size_t); + + size_t pmslen; /*!< premaster length */ + + unsigned char randbytes[64]; /*!< random bytes */ + unsigned char premaster[MBEDTLS_PREMASTER_SIZE]; + /*!< premaster secret */ + + int resume; /*!< session resume indicator*/ + int max_major_ver; /*!< max. major version client*/ + int max_minor_ver; /*!< max. minor version client*/ + int cli_exts; /*!< client extension presence*/ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + int new_session_ticket; /*!< use NewSessionTicket? */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + int extended_ms; /*!< use Extended Master Secret? */ +#endif +}; + +/* + * This structure contains a full set of runtime transform parameters + * either in negotiation or active. + */ +struct mbedtls_ssl_transform +{ + /* + * Session specific crypto layer + */ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + /*!< Chosen cipersuite_info */ + unsigned int keylen; /*!< symmetric key length (bytes) */ + size_t minlen; /*!< min. ciphertext length */ + size_t ivlen; /*!< IV length */ + size_t fixed_ivlen; /*!< Fixed part of IV (AEAD) */ + size_t maclen; /*!< MAC length */ + + unsigned char iv_enc[16]; /*!< IV (encryption) */ + unsigned char iv_dec[16]; /*!< IV (decryption) */ + +#if defined(MBEDTLS_SSL_PROTO_SSL3) + /* Needed only for SSL v3.0 secret */ + unsigned char mac_enc[20]; /*!< SSL v3.0 secret (enc) */ + unsigned char mac_dec[20]; /*!< SSL v3.0 secret (dec) */ +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ + + mbedtls_md_context_t md_ctx_enc; /*!< MAC (encryption) */ + mbedtls_md_context_t md_ctx_dec; /*!< MAC (decryption) */ + + mbedtls_cipher_context_t cipher_ctx_enc; /*!< encryption context */ + mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */ + + /* + * Session specific compression layer + */ +#if defined(MBEDTLS_ZLIB_SUPPORT) + z_stream ctx_deflate; /*!< compression context */ + z_stream ctx_inflate; /*!< decompression context */ +#endif +}; + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/* + * List of certificate + private key pairs + */ +struct mbedtls_ssl_key_cert +{ + mbedtls_x509_crt *cert; /*!< cert */ + mbedtls_pk_context *key; /*!< private key */ + mbedtls_ssl_key_cert *next; /*!< next key/cert pair */ +}; +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +/* + * List of handshake messages kept around for resending + */ +struct mbedtls_ssl_flight_item +{ + unsigned char *p; /*!< message, including handshake headers */ + size_t len; /*!< length of p */ + unsigned char type; /*!< type of the message: handshake or CCS */ + mbedtls_ssl_flight_item *next; /*!< next handshake message(s) */ +}; +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + +/** + * \brief Free referenced items in an SSL transform context and clear + * memory + * + * \param transform SSL transform context + */ +void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ); + +/** + * \brief Free referenced items in an SSL handshake context and clear + * memory + * + * \param handshake SSL handshake context + */ +void mbedtls_ssl_handshake_free( mbedtls_ssl_handshake_params *handshake ); + +int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ); + +void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ); + +int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ); + +void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, + const mbedtls_ssl_ciphersuite_t *ciphersuite_info ); + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex ); +#endif + +#if defined(MBEDTLS_PK_C) +unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk ); +mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ); +#endif + +mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ); +unsigned char mbedtls_ssl_hash_from_md_alg( int md ); + +#if defined(MBEDTLS_ECP_C) +int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ); +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED) +int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl, + mbedtls_md_type_t md ); +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_key_cert *key_cert; + + if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL ) + key_cert = ssl->handshake->key_cert; + else + key_cert = ssl->conf->key_cert; + + return( key_cert == NULL ? NULL : key_cert->key ); +} + +static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_key_cert *key_cert; + + if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL ) + key_cert = ssl->handshake->key_cert; + else + key_cert = ssl->conf->key_cert; + + return( key_cert == NULL ? NULL : key_cert->cert ); +} + +/* + * Check usage of a certificate wrt extensions: + * keyUsage, extendedKeyUsage (later), and nSCertType (later). + * + * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we + * check a cert we received from them)! + * + * Return 0 if everything is OK, -1 if not. + */ +int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, + const mbedtls_ssl_ciphersuite_t *ciphersuite, + int cert_endpoint, + uint32_t *flags ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +void mbedtls_ssl_write_version( int major, int minor, int transport, + unsigned char ver[2] ); +void mbedtls_ssl_read_version( int *major, int *minor, int transport, + const unsigned char ver[2] ); + +static inline size_t mbedtls_ssl_hdr_len( const mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + return( 13 ); +#else + ((void) ssl); +#endif + return( 5 ); +} + +static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + return( 12 ); +#else + ((void) ssl); +#endif + return( 4 ); +} + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ); +#endif + +/* Visible for testing purposes only */ +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ); +#endif + +/* constant-time buffer comparison */ +static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t n ) +{ + size_t i; + const unsigned char *A = (const unsigned char *) a; + const unsigned char *B = (const unsigned char *) b; + unsigned char diff = 0; + + for( i = 0; i < n; i++ ) + diff |= A[i] ^ B[i]; + + return( diff ); +} + +#ifdef __cplusplus +} +#endif + +#endif /* ssl_internal.h */ diff --git a/ext/mbedtls/include/mbedtls/ssl_ticket.h b/ext/mbedtls/include/mbedtls/ssl_ticket.h new file mode 100644 index 0000000000..abce61e36f --- /dev/null +++ b/ext/mbedtls/include/mbedtls/ssl_ticket.h @@ -0,0 +1,136 @@ +/** + * \file ssl_ticket.h + * + * \brief TLS server ticket callbacks implementation + * + * Copyright (C) 2015, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_SSL_TICKET_H +#define MBEDTLS_SSL_TICKET_H + +/* + * This implementation of the session ticket callbacks includes key + * management, rotating the keys periodically in order to preserve forward + * secrecy, when MBEDTLS_HAVE_TIME is defined. + */ + +#include "ssl.h" +#include "cipher.h" + +#if defined(MBEDTLS_THREADING_C) +#include "threading.h" +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Information for session ticket protection + */ +typedef struct +{ + unsigned char name[4]; /*!< random key identifier */ + uint32_t generation_time; /*!< key generation timestamp (seconds) */ + mbedtls_cipher_context_t ctx; /*!< context for auth enc/decryption */ +} +mbedtls_ssl_ticket_key; + +/** + * \brief Context for session ticket handling functions + */ +typedef struct +{ + mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys */ + unsigned char active; /*!< index of the currently active key */ + + uint32_t ticket_lifetime; /*!< lifetime of tickets in seconds */ + + /** Callback for getting (pseudo-)random numbers */ + int (*f_rng)(void *, unsigned char *, size_t); + void *p_rng; /*!< context for the RNG function */ + +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; +#endif +} +mbedtls_ssl_ticket_context; + +/** + * \brief Initialize a ticket context. + * (Just make it ready for mbedtls_ssl_ticket_setup() + * or mbedtls_ssl_ticket_free().) + * + * \param ctx Context to be initialized + */ +void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ); + +/** + * \brief Prepare context to be actually used + * + * \param ctx Context to be set up + * \param f_rng RNG callback function + * \param p_rng RNG callback context + * \param cipher AEAD cipher to use for ticket protection. + * Recommended value: MBEDTLS_CIPHER_AES_256_GCM. + * \param lifetime Tickets lifetime in seconds + * Recommended value: 86400 (one day). + * + * \note It is highly recommended to select a cipher that is at + * least as strong as the the strongest ciphersuite + * supported. Usually that means a 256-bit key. + * + * \note The lifetime of the keys is twice the lifetime of tickets. + * It is recommended to pick a reasonnable lifetime so as not + * to negate the benefits of forward secrecy. + * + * \return 0 if successful, + * or a specific MBEDTLS_ERR_XXX error code + */ +int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_cipher_type_t cipher, + uint32_t lifetime ); + +/** + * \brief Implementation of the ticket write callback + * + * \note See \c mbedlts_ssl_ticket_write_t for description + */ +mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write; + +/** + * \brief Implementation of the ticket parse callback + * + * \note See \c mbedlts_ssl_ticket_parse_t for description + */ +mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse; + +/** + * \brief Free a context's content and zeroize it. + * + * \param ctx Context to be cleaned up + */ +void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx ); + +#ifdef __cplusplus +} +#endif + +#endif /* ssl_ticket.h */ diff --git a/ext/mbedtls/include/mbedtls/threading.h b/ext/mbedtls/include/mbedtls/threading.h new file mode 100644 index 0000000000..ed355e68d9 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/threading.h @@ -0,0 +1,105 @@ +/** + * \file threading.h + * + * \brief Threading abstraction layer + * + * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_THREADING_H +#define MBEDTLS_THREADING_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#define MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE -0x001A /**< The selected feature is not available. */ +#define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA -0x001C /**< Bad input parameters to function. */ +#define MBEDTLS_ERR_THREADING_MUTEX_ERROR -0x001E /**< Locking / unlocking / free failed with error code. */ + +#if defined(MBEDTLS_THREADING_PTHREAD) +#include +typedef struct +{ + pthread_mutex_t mutex; + char is_valid; +} mbedtls_threading_mutex_t; +#endif + +#if defined(MBEDTLS_THREADING_ALT) +/* You should define the mbedtls_threading_mutex_t type in your header */ +#include "threading_alt.h" + +/** + * \brief Set your alternate threading implementation function + * pointers and initialize global mutexes. If used, this + * function must be called once in the main thread before any + * other mbed TLS function is called, and + * mbedtls_threading_free_alt() must be called once in the main + * thread after all other mbed TLS functions. + * + * \note mutex_init() and mutex_free() don't return a status code. + * If mutex_init() fails, it should leave its argument (the + * mutex) in a state such that mutex_lock() will fail when + * called with this argument. + * + * \param mutex_init the init function implementation + * \param mutex_free the free function implementation + * \param mutex_lock the lock function implementation + * \param mutex_unlock the unlock function implementation + */ +void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ), + void (*mutex_free)( mbedtls_threading_mutex_t * ), + int (*mutex_lock)( mbedtls_threading_mutex_t * ), + int (*mutex_unlock)( mbedtls_threading_mutex_t * ) ); + +/** + * \brief Free global mutexes. + */ +void mbedtls_threading_free_alt( void ); +#endif /* MBEDTLS_THREADING_ALT */ + +/* + * The function pointers for mutex_init, mutex_free, mutex_ and mutex_unlock + * + * All these functions are expected to work or the result will be undefined. + */ +extern void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t *mutex ); +extern void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t *mutex ); +extern int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t *mutex ); +extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex ); + +/* + * Global mutexes + */ +extern mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex; +extern mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex; + +#ifdef __cplusplus +} +#endif + +#endif /* threading.h */ diff --git a/ext/mbedtls/include/mbedtls/timing.h b/ext/mbedtls/include/mbedtls/timing.h new file mode 100644 index 0000000000..75b6734f0c --- /dev/null +++ b/ext/mbedtls/include/mbedtls/timing.h @@ -0,0 +1,142 @@ +/** + * \file timing.h + * + * \brief Portable interface to the CPU cycle counter + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_TIMING_H +#define MBEDTLS_TIMING_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if !defined(MBEDTLS_TIMING_ALT) +// Regular implementation +// + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief timer structure + */ +struct mbedtls_timing_hr_time +{ + unsigned char opaque[32]; +}; + +/** + * \brief Context for mbedtls_timing_set/get_delay() + */ +typedef struct +{ + struct mbedtls_timing_hr_time timer; + uint32_t int_ms; + uint32_t fin_ms; +} mbedtls_timing_delay_context; + +extern volatile int mbedtls_timing_alarmed; + +/** + * \brief Return the CPU cycle counter value + * + * \warning This is only a best effort! Do not rely on this! + * In particular, it is known to be unreliable on virtual + * machines. + */ +unsigned long mbedtls_timing_hardclock( void ); + +/** + * \brief Return the elapsed time in milliseconds + * + * \param val points to a timer structure + * \param reset if set to 1, the timer is restarted + */ +unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ); + +/** + * \brief Setup an alarm clock + * + * \param seconds delay before the "mbedtls_timing_alarmed" flag is set + * + * \warning Only one alarm at a time is supported. In a threaded + * context, this means one for the whole process, not one per + * thread. + */ +void mbedtls_set_alarm( int seconds ); + +/** + * \brief Set a pair of delays to watch + * (See \c mbedtls_timing_get_delay().) + * + * \param data Pointer to timing data + * Must point to a valid \c mbetls_timing_delay_context struct. + * \param int_ms First (intermediate) delay in milliseconds. + * \param fin_ms Second (final) delay in milliseconds. + * Pass 0 to cancel the current delay. + */ +void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ); + +/** + * \brief Get the status of delays + * (Memory helper: number of delays passed.) + * + * \param data Pointer to timing data + * Must point to a valid \c mbetls_timing_delay_context struct. + * + * \return -1 if cancelled (fin_ms = 0) + * 0 if none of the delays are passed, + * 1 if only the intermediate delay is passed, + * 2 if the final delay is passed. + */ +int mbedtls_timing_get_delay( void *data ); + +#ifdef __cplusplus +} +#endif + +#else /* MBEDTLS_TIMING_ALT */ +#include "timing_alt.h" +#endif /* MBEDTLS_TIMING_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +#if defined(MBEDTLS_SELF_TEST) +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if a test failed + */ +int mbedtls_timing_self_test( int verbose ); +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* timing.h */ diff --git a/ext/mbedtls/include/polarssl/version.h b/ext/mbedtls/include/mbedtls/version.h similarity index 68% rename from ext/mbedtls/include/polarssl/version.h rename to ext/mbedtls/include/mbedtls/version.h index f6697770f5..75bddb1f65 100644 --- a/ext/mbedtls/include/polarssl/version.h +++ b/ext/mbedtls/include/mbedtls/version.h @@ -25,33 +25,33 @@ * This set of compile-time defines and run-time variables can be used to * determine the version number of the mbed TLS library used. */ -#ifndef POLARSSL_VERSION_H -#define POLARSSL_VERSION_H +#ifndef MBEDTLS_VERSION_H +#define MBEDTLS_VERSION_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif /** * The version number x.y.z is split into three parts. * Major, Minor, Patchlevel */ -#define POLARSSL_VERSION_MAJOR 1 -#define POLARSSL_VERSION_MINOR 3 -#define POLARSSL_VERSION_PATCH 12 +#define MBEDTLS_VERSION_MAJOR 2 +#define MBEDTLS_VERSION_MINOR 0 +#define MBEDTLS_VERSION_PATCH 0 /** * The single version number has the following structure: * MMNNPP00 * Major version | Minor version | Patch version */ -#define POLARSSL_VERSION_NUMBER 0x01030C00 -#define POLARSSL_VERSION_STRING "1.3.12" -#define POLARSSL_VERSION_STRING_FULL "mbed TLS 1.3.12" +#define MBEDTLS_VERSION_NUMBER 0x02000000 +#define MBEDTLS_VERSION_STRING "2.0.0" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.0.0" -#if defined(POLARSSL_VERSION_C) +#if defined(MBEDTLS_VERSION_C) #ifdef __cplusplus extern "C" { @@ -63,7 +63,7 @@ extern "C" { * \return The constructed version number in the format * MMNNPP00 (Major, Minor, Patch). */ -unsigned int version_get_number( void ); +unsigned int mbedtls_version_get_number( void ); /** * Get the version string ("x.y.z"). @@ -71,7 +71,7 @@ unsigned int version_get_number( void ); * \param string The string that will receive the value. * (Should be at least 9 bytes in size) */ -void version_get_string( char *string ); +void mbedtls_version_get_string( char *string ); /** * Get the full version string ("mbed TLS x.y.z"). @@ -82,7 +82,7 @@ void version_get_string( char *string ); * (So the buffer should be at least 18 bytes to receive this * version string). */ -void version_get_string_full( char *string ); +void mbedtls_version_get_string_full( char *string ); /** * \brief Check if support for a feature was compiled into this @@ -90,22 +90,23 @@ void version_get_string_full( char *string ); * library was for instance compiled with or without * Multi-threading support. * - * Note: only checks against defines in the sections "System - * support", "mbed TLS modules" and "mbed TLS feature - * support" in config.h + * \note only checks against defines in the sections "System + * support", "mbed TLS modules" and "mbed TLS feature + * support" in config.h * - * \param feature The string for the define to check (e.g. "POLARSSL_AES_C") + * \param feature The string for the define to check (e.g. "MBEDTLS_AES_C") * - * \return 0 if the feature is present, -1 if the feature is not - * present and -2 if support for feature checking as a whole - * was not compiled in. + * \return 0 if the feature is present, + * -1 if the feature is not present and + * -2 if support for feature checking as a whole was not + * compiled in. */ -int version_check_feature( const char *feature ); +int mbedtls_version_check_feature( const char *feature ); #ifdef __cplusplus } #endif -#endif /* POLARSSL_VERSION_C */ +#endif /* MBEDTLS_VERSION_C */ #endif /* version.h */ diff --git a/ext/mbedtls/include/mbedtls/x509.h b/ext/mbedtls/include/mbedtls/x509.h new file mode 100644 index 0000000000..cd658c5a86 --- /dev/null +++ b/ext/mbedtls/include/mbedtls/x509.h @@ -0,0 +1,332 @@ +/** + * \file x509.h + * + * \brief X.509 generic defines and structures + * + * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef MBEDTLS_X509_H +#define MBEDTLS_X509_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include "asn1.h" +#include "pk.h" + +#if defined(MBEDTLS_RSA_C) +#include "rsa.h" +#endif + +/** + * \addtogroup x509_module + * \{ + */ + +#if !defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA) +/** + * Maximum number of intermediate CAs in a verification chain. + * That is, maximum length of the chain, excluding the end-entity certificate + * and the trusted root certificate. + * + * Set this to a low value to prevent an adversary from making you waste + * resources verifying an overlong certificate chain. + */ +#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 +#endif + +/** + * \name X509 Error codes + * \{ + */ +#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */ +#define MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100 /**< Requested OID is unknown. */ +#define MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180 /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */ +#define MBEDTLS_ERR_X509_INVALID_VERSION -0x2200 /**< The CRT/CRL/CSR version element is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */ +#define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480 /**< The signature tag or value invalid. */ +#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */ +#define MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */ +#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */ +#define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */ +#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */ +#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */ +#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */ +#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 /**< Allocation of memory failed. */ +#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */ +#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 /**< Destination buffer is too small. */ +/* \} name */ + +/** + * \name X509 Verify codes + * \{ + */ +/* Reminder: update x509_crt_verify_strings[] in library/x509_crt.c */ +#define MBEDTLS_X509_BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */ +#define MBEDTLS_X509_BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */ +#define MBEDTLS_X509_BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */ +#define MBEDTLS_X509_BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */ +#define MBEDTLS_X509_BADCRL_NOT_TRUSTED 0x10 /**< The CRL is not correctly signed by the trusted CA. */ +#define MBEDTLS_X509_BADCRL_EXPIRED 0x20 /**< The CRL is expired. */ +#define MBEDTLS_X509_BADCERT_MISSING 0x40 /**< Certificate was missing. */ +#define MBEDTLS_X509_BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */ +#define MBEDTLS_X509_BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */ +#define MBEDTLS_X509_BADCERT_FUTURE 0x0200 /**< The certificate validity starts in the future. */ +#define MBEDTLS_X509_BADCRL_FUTURE 0x0400 /**< The CRL is from the future */ +#define MBEDTLS_X509_BADCERT_KEY_USAGE 0x0800 /**< Usage does not match the keyUsage extension. */ +#define MBEDTLS_X509_BADCERT_EXT_KEY_USAGE 0x1000 /**< Usage does not match the extendedKeyUsage extension. */ +#define MBEDTLS_X509_BADCERT_NS_CERT_TYPE 0x2000 /**< Usage does not match the nsCertType extension. */ +#define MBEDTLS_X509_BADCERT_BAD_MD 0x4000 /**< The certificate is signed with an unacceptable hash. */ +#define MBEDTLS_X509_BADCERT_BAD_PK 0x8000 /**< The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA). */ +#define MBEDTLS_X509_BADCERT_BAD_KEY 0x010000 /**< The certificate is signed with an unacceptable key (eg bad curve, RSA too short). */ +#define MBEDTLS_X509_BADCRL_BAD_MD 0x020000 /**< The CRL is signed with an unacceptable hash. */ +#define MBEDTLS_X509_BADCRL_BAD_PK 0x040000 /**< The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). */ +#define MBEDTLS_X509_BADCRL_BAD_KEY 0x080000 /**< The CRL is signed with an unacceptable key (eg bad curve, RSA too short). */ + +/* \} name */ +/* \} addtogroup x509_module */ + +/* + * X.509 v3 Key Usage Extension flags + * Reminder: update x509_info_key_usage() when adding new flags. + */ +#define MBEDTLS_X509_KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */ +#define MBEDTLS_X509_KU_NON_REPUDIATION (0x40) /* bit 1 */ +#define MBEDTLS_X509_KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */ +#define MBEDTLS_X509_KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */ +#define MBEDTLS_X509_KU_KEY_AGREEMENT (0x08) /* bit 4 */ +#define MBEDTLS_X509_KU_KEY_CERT_SIGN (0x04) /* bit 5 */ +#define MBEDTLS_X509_KU_CRL_SIGN (0x02) /* bit 6 */ +#define MBEDTLS_X509_KU_ENCIPHER_ONLY (0x01) /* bit 7 */ +#define MBEDTLS_X509_KU_DECIPHER_ONLY (0x8000) /* bit 8 */ + +/* + * Netscape certificate types + * (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html) + */ + +#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */ +#define MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */ +#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */ +#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */ +#define MBEDTLS_X509_NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */ +#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */ +#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */ +#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */ + +/* + * X.509 extension types + * + * Comments refer to the status for using certificates. Status can be + * different for writing certificates or reading CRLs or CSRs. + */ +#define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0) +#define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER (1 << 1) +#define MBEDTLS_X509_EXT_KEY_USAGE (1 << 2) +#define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES (1 << 3) +#define MBEDTLS_X509_EXT_POLICY_MAPPINGS (1 << 4) +#define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME (1 << 5) /* Supported (DNS) */ +#define MBEDTLS_X509_EXT_ISSUER_ALT_NAME (1 << 6) +#define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7) +#define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS (1 << 8) /* Supported */ +#define MBEDTLS_X509_EXT_NAME_CONSTRAINTS (1 << 9) +#define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS (1 << 10) +#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE (1 << 11) +#define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS (1 << 12) +#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY (1 << 13) +#define MBEDTLS_X509_EXT_FRESHEST_CRL (1 << 14) + +#define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16) /* Parsed (and then ?) */ + +/* + * Storage format identifiers + * Recognized formats: PEM and DER + */ +#define MBEDTLS_X509_FORMAT_DER 1 +#define MBEDTLS_X509_FORMAT_PEM 2 + +#define MBEDTLS_X509_MAX_DN_NAME_SIZE 256 /**< Maximum value size of a DN entry */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \addtogroup x509_module + * \{ */ + +/** + * \name Structures for parsing X.509 certificates, CRLs and CSRs + * \{ + */ + +/** + * Type-length-value structure that allows for ASN1 using DER. + */ +typedef mbedtls_asn1_buf mbedtls_x509_buf; + +/** + * Container for ASN1 bit strings. + */ +typedef mbedtls_asn1_bitstring mbedtls_x509_bitstring; + +/** + * Container for ASN1 named information objects. + * It allows for Relative Distinguished Names (e.g. cn=localhost,ou=code,etc.). + */ +typedef mbedtls_asn1_named_data mbedtls_x509_name; + +/** + * Container for a sequence of ASN.1 items + */ +typedef mbedtls_asn1_sequence mbedtls_x509_sequence; + +/** Container for date and time (precision in seconds). */ +typedef struct mbedtls_x509_time +{ + int year, mon, day; /**< Date. */ + int hour, min, sec; /**< Time. */ +} +mbedtls_x509_time; + +/** \} name Structures for parsing X.509 certificates, CRLs and CSRs */ +/** \} addtogroup x509_module */ + +/** + * \brief Store the certificate DN in printable form into buf; + * no more than size characters will be written. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param dn The X509 name to represent + * + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. + */ +int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ); + +/** + * \brief Store the certificate serial in printable form into buf; + * no more than size characters will be written. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param serial The X509 serial to represent + * + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. + */ +int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ); + +/** + * \brief Check a given mbedtls_x509_time against the system time + * and tell if it's in the past. + * + * \note Intended usage is "if( is_past( valid_to ) ) ERROR". + * Hence the return value of 1 if on internal errors. + * + * \param time mbedtls_x509_time to check + * + * \return 1 if the given time is in the past or an error occured, + * 0 otherwise. + */ +int mbedtls_x509_time_is_past( const mbedtls_x509_time *time ); + +/** + * \brief Check a given mbedtls_x509_time against the system time + * and tell if it's in the future. + * + * \note Intended usage is "if( is_future( valid_from ) ) ERROR". + * Hence the return value of 1 if on internal errors. + * + * \param time mbedtls_x509_time to check + * + * \return 1 if the given time is in the future or an error occured, + * 0 otherwise. + */ +int mbedtls_x509_time_is_future( const mbedtls_x509_time *time ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int mbedtls_x509_self_test( int verbose ); + +/* + * Internal module functions. You probably do not want to use these unless you + * know you do. + */ +int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, + mbedtls_x509_name *cur ); +int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg ); +int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg, mbedtls_x509_buf *params ); +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) +int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, + mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, + int *salt_len ); +#endif +int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ); +int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, + mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, + void **sig_opts ); +int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, + mbedtls_x509_time *time ); +int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *serial ); +int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *ext, int tag ); +int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, + mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, + const void *sig_opts ); +int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ); +int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ); +int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, + int critical, const unsigned char *val, + size_t val_len ); +int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first ); +int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first ); +int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len, + unsigned char *sig, size_t size ); + +#define MBEDTLS_X509_SAFE_SNPRINTF \ + do { \ + if( ret < 0 || (size_t) ret >= n ) \ + return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); \ + \ + n -= (size_t) ret; \ + p += (size_t) ret; \ + } while( 0 ) + +#ifdef __cplusplus +} +#endif + +#endif /* x509.h */ diff --git a/ext/mbedtls/include/polarssl/x509_crl.h b/ext/mbedtls/include/mbedtls/x509_crl.h similarity index 57% rename from ext/mbedtls/include/polarssl/x509_crl.h rename to ext/mbedtls/include/mbedtls/x509_crl.h index 6f4b65d56f..dbc4642b0f 100644 --- a/ext/mbedtls/include/polarssl/x509_crl.h +++ b/ext/mbedtls/include/mbedtls/x509_crl.h @@ -1,5 +1,5 @@ /** - * \file x509_crl.h + * \file mbedtls_x509_crl.h * * \brief X.509 certificate revocation list parsing * @@ -21,13 +21,13 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_X509_CRL_H -#define POLARSSL_X509_CRL_H +#ifndef MBEDTLS_X509_CRL_H +#define MBEDTLS_X509_CRL_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include "x509.h" @@ -49,63 +49,63 @@ extern "C" { * Certificate revocation list entry. * Contains the CA-specific serial numbers and revocation dates. */ -typedef struct _x509_crl_entry +typedef struct mbedtls_x509_crl_entry { - x509_buf raw; + mbedtls_x509_buf raw; - x509_buf serial; + mbedtls_x509_buf serial; - x509_time revocation_date; + mbedtls_x509_time revocation_date; - x509_buf entry_ext; + mbedtls_x509_buf entry_ext; - struct _x509_crl_entry *next; + struct mbedtls_x509_crl_entry *next; } -x509_crl_entry; +mbedtls_x509_crl_entry; /** * Certificate revocation list structure. * Every CRL may have multiple entries. */ -typedef struct _x509_crl +typedef struct mbedtls_x509_crl { - x509_buf raw; /**< The raw certificate data (DER). */ - x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ + mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ + mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ int version; /**< CRL version (1=v1, 2=v2) */ - x509_buf sig_oid1; + mbedtls_x509_buf sig_oid; /**< CRL signature type identifier */ - x509_buf issuer_raw; /**< The raw issuer data (DER). */ + mbedtls_x509_buf issuer_raw; /**< The raw issuer data (DER). */ - x509_name issuer; /**< The parsed issuer data (named information object). */ + mbedtls_x509_name issuer; /**< The parsed issuer data (named information object). */ - x509_time this_update; - x509_time next_update; + mbedtls_x509_time this_update; + mbedtls_x509_time next_update; - x509_crl_entry entry; /**< The CRL entries containing the certificate revocation times for this CA. */ + mbedtls_x509_crl_entry entry; /**< The CRL entries containing the certificate revocation times for this CA. */ - x509_buf crl_ext; + mbedtls_x509_buf crl_ext; - x509_buf sig_oid2; - x509_buf sig; - md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ - pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ - void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */ + mbedtls_x509_buf sig_oid2; + mbedtls_x509_buf sig; + mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ + mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ + void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ - struct _x509_crl *next; + struct mbedtls_x509_crl *next; } -x509_crl; +mbedtls_x509_crl; /** * \brief Parse a DER-encoded CRL and append it to the chained list * * \param chain points to the start of the chain * \param buf buffer holding the CRL data in DER format - * \param buflen size of the buffer + * (including the terminating null byte for PEM data) * * \return 0 if successful, or a specific X509 or PEM error code */ -int x509_crl_parse_der( x509_crl *chain, +int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ); /** * \brief Parse one or more CRLs and append them to the chained list @@ -115,12 +115,13 @@ int x509_crl_parse_der( x509_crl *chain, * \param chain points to the start of the chain * \param buf buffer holding the CRL data in PEM or DER format * \param buflen size of the buffer + * (including the terminating null byte for PEM data) * * \return 0 if successful, or a specific X509 or PEM error code */ -int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ); +int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /** * \brief Load one or more CRLs and append them to the chained list * @@ -131,8 +132,8 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ); * * \return 0 if successful, or a specific X509 or PEM error code */ -int x509_crl_parse_file( x509_crl *chain, const char *path ); -#endif /* POLARSSL_FS_IO */ +int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); +#endif /* MBEDTLS_FS_IO */ /** * \brief Returns an informational string about the CRL. @@ -142,25 +143,25 @@ int x509_crl_parse_file( x509_crl *chain, const char *path ); * \param prefix A line prefix * \param crl The X509 CRL to represent * - * \return The amount of data written to the buffer, or -1 in - * case of an error. + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. */ -int x509_crl_info( char *buf, size_t size, const char *prefix, - const x509_crl *crl ); +int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, + const mbedtls_x509_crl *crl ); /** * \brief Initialize a CRL (chain) * * \param crl CRL chain to initialize */ -void x509_crl_init( x509_crl *crl ); +void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ); /** * \brief Unallocate all CRL data * * \param crl CRL chain to free */ -void x509_crl_free( x509_crl *crl ); +void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ); /* \} name */ /* \} addtogroup x509_module */ @@ -169,4 +170,4 @@ void x509_crl_free( x509_crl *crl ); } #endif -#endif /* x509_crl.h */ +#endif /* mbedtls_x509_crl.h */ diff --git a/ext/mbedtls/include/polarssl/x509_crt.h b/ext/mbedtls/include/mbedtls/x509_crt.h similarity index 52% rename from ext/mbedtls/include/polarssl/x509_crt.h rename to ext/mbedtls/include/mbedtls/x509_crt.h index 24f7c7ab6b..c0abc5205b 100644 --- a/ext/mbedtls/include/polarssl/x509_crt.h +++ b/ext/mbedtls/include/mbedtls/x509_crt.h @@ -1,5 +1,5 @@ /** - * \file x509_crt.h + * \file mbedtls_x509_crt.h * * \brief X.509 certificate parsing and writing * @@ -21,13 +21,13 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_X509_CRT_H -#define POLARSSL_X509_CRT_H +#ifndef MBEDTLS_X509_CRT_H +#define MBEDTLS_X509_CRT_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include "x509.h" @@ -50,77 +50,113 @@ extern "C" { /** * Container for an X.509 certificate. The certificate may be chained. */ -typedef struct _x509_crt +typedef struct mbedtls_x509_crt { - x509_buf raw; /**< The raw certificate data (DER). */ - x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ + mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ + mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ int version; /**< The X.509 version. (1=v1, 2=v2, 3=v3) */ - x509_buf serial; /**< Unique id for certificate issued by a specific CA. */ - x509_buf sig_oid1; /**< Signature algorithm, e.g. sha1RSA */ + mbedtls_x509_buf serial; /**< Unique id for certificate issued by a specific CA. */ + mbedtls_x509_buf sig_oid; /**< Signature algorithm, e.g. sha1RSA */ - x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */ - x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */ + mbedtls_x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */ + mbedtls_x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */ - x509_name issuer; /**< The parsed issuer data (named information object). */ - x509_name subject; /**< The parsed subject data (named information object). */ + mbedtls_x509_name issuer; /**< The parsed issuer data (named information object). */ + mbedtls_x509_name subject; /**< The parsed subject data (named information object). */ - x509_time valid_from; /**< Start time of certificate validity. */ - x509_time valid_to; /**< End time of certificate validity. */ + mbedtls_x509_time valid_from; /**< Start time of certificate validity. */ + mbedtls_x509_time valid_to; /**< End time of certificate validity. */ - pk_context pk; /**< Container for the public key context. */ + mbedtls_pk_context pk; /**< Container for the public key context. */ - x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ - x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */ - x509_buf v3_ext; /**< Optional X.509 v3 extensions. */ - x509_sequence subject_alt_names; /**< Optional list of Subject Alternative Names (Only dNSName supported). */ + mbedtls_x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ + mbedtls_x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */ + mbedtls_x509_buf v3_ext; /**< Optional X.509 v3 extensions. */ + mbedtls_x509_sequence subject_alt_names; /**< Optional list of Subject Alternative Names (Only dNSName supported). */ int ext_types; /**< Bit string containing detected and parsed extensions */ int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */ int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */ - unsigned char key_usage; /**< Optional key usage extension value: See the values in x509.h */ + unsigned int key_usage; /**< Optional key usage extension value: See the values in x509.h */ - x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */ + mbedtls_x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */ unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */ - x509_buf sig_oid2; /**< Signature algorithm. Must match sig_oid1. */ - x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ - md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ - pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ - void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */ + mbedtls_x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ + mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ + mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ + void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ - struct _x509_crt *next; /**< Next certificate in the CA-chain. */ + struct mbedtls_x509_crt *next; /**< Next certificate in the CA-chain. */ } -x509_crt; +mbedtls_x509_crt; -#define X509_CRT_VERSION_1 0 -#define X509_CRT_VERSION_2 1 -#define X509_CRT_VERSION_3 2 +/** + * Build flag from an algorithm/curve identifier (pk, md, ecp) + * Since 0 is always XXX_NONE, ignore it. + */ +#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( id - 1 ) ) + +/** + * Security profile for certificate verification. + * + * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG(). + */ +typedef struct +{ + uint32_t allowed_mds; /**< MDs for signatures */ + uint32_t allowed_pks; /**< PK algs for signatures */ + uint32_t allowed_curves; /**< Elliptic curves for ECDSA */ + uint32_t rsa_min_bitlen; /**< Minimum size for RSA keys */ +} +mbedtls_x509_crt_profile; -#define X509_RFC5280_MAX_SERIAL_LEN 32 -#define X509_RFC5280_UTC_TIME_LEN 15 +#define MBEDTLS_X509_CRT_VERSION_1 0 +#define MBEDTLS_X509_CRT_VERSION_2 1 +#define MBEDTLS_X509_CRT_VERSION_3 2 + +#define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32 +#define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15 /** * Container for writing a certificate (CRT) */ -typedef struct _x509write_cert +typedef struct mbedtls_x509write_cert { int version; - mpi serial; - pk_context *subject_key; - pk_context *issuer_key; - asn1_named_data *subject; - asn1_named_data *issuer; - md_type_t md_alg; - char not_before[X509_RFC5280_UTC_TIME_LEN + 1]; - char not_after[X509_RFC5280_UTC_TIME_LEN + 1]; - asn1_named_data *extensions; + mbedtls_mpi serial; + mbedtls_pk_context *subject_key; + mbedtls_pk_context *issuer_key; + mbedtls_asn1_named_data *subject; + mbedtls_asn1_named_data *issuer; + mbedtls_md_type_t md_alg; + char not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]; + char not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1]; + mbedtls_asn1_named_data *extensions; } -x509write_cert; +mbedtls_x509write_cert; + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +/** + * Default security profile. Should provide a good balance between security + * and compatibility with current deployments. + */ +extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default; + +/** + * Expected next default profile. Recommended for new deployments. + * Currently targets a 128-bit security level, except for RSA-2048. + */ +extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next; + +/** + * NSA Suite B profile. + */ +extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb; -#if defined(POLARSSL_X509_CRT_PARSE_C) /** * \brief Parse a single DER formatted certificate and add it * to the chained list. @@ -131,7 +167,7 @@ x509write_cert; * * \return 0 if successful, or a specific X509 or PEM error code */ -int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf, +int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ); /** @@ -142,15 +178,16 @@ int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf, * correctly, the first error is returned. * * \param chain points to the start of the chain - * \param buf buffer holding the certificate data + * \param buf buffer holding the certificate data in PEM or DER format * \param buflen size of the buffer + * (including the terminating null byte for PEM data) * * \return 0 if all certificates parsed successfully, a positive number * if partly successful or a specific X509 or PEM error code */ -int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen ); +int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /** * \brief Load one or more certificates and add them * to the chained list. Parses permissively. If some @@ -164,7 +201,7 @@ int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen ); * \return 0 if all certificates parsed successfully, a positive number * if partly successful or a specific X509 or PEM error code */ -int x509_crt_parse_file( x509_crt *chain, const char *path ); +int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ); /** * \brief Load one or more certificate files from a path and add them @@ -173,19 +210,14 @@ int x509_crt_parse_file( x509_crt *chain, const char *path ); * of failed certificates it encountered. If none complete * correctly, the first error is returned. * - * \warning This function is NOT thread-safe unless - * POLARSSL_THREADING_PTHREADS is defined. If you're using an - * alternative threading implementation, you should either use - * this function only in the main thread, or mutex it. - * * \param chain points to the start of the chain * \param path directory / folder to read the certificate files from * * \return 0 if all certificates parsed successfully, a positive number * if partly successful or a specific X509 or PEM error code */ -int x509_crt_parse_path( x509_crt *chain, const char *path ); -#endif /* POLARSSL_FS_IO */ +int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); +#endif /* MBEDTLS_FS_IO */ /** * \brief Returns an informational string about the @@ -196,11 +228,11 @@ int x509_crt_parse_path( x509_crt *chain, const char *path ); * \param prefix A line prefix * \param crt The X509 certificate to represent * - * \return The amount of data written to the buffer, or -1 in - * case of an error. + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. */ -int x509_crt_info( char *buf, size_t size, const char *prefix, - const x509_crt *crt ); +int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, + const mbedtls_x509_crt *crt ); /** * \brief Returns an informational string about the @@ -209,13 +241,13 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, * \param buf Buffer to write to * \param size Maximum size of buffer * \param prefix A line prefix - * \param flags Verification flags created by x509_crt_verify() + * \param flags Verification flags created by mbedtls_x509_crt_verify() * - * \return The amount of data written to the buffer, or -1 in - * case of an error. + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. */ -int x509_crt_verify_info( char *buf, size_t size, const char *prefix, - int flags ); +int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, + uint32_t flags ); /** * \brief Verify the certificate signature @@ -225,7 +257,7 @@ int x509_crt_verify_info( char *buf, size_t size, const char *prefix, * the verification callback is called for each * certificate in the chain (from the trust-ca down to the * presented crt). The parameters for the callback are: - * (void *parameter, x509_crt *crt, int certificate_depth, + * (void *parameter, mbedtls_x509_crt *crt, int certificate_depth, * int *flags). With the flags representing current flags for * that specific certificate and the certificate depth from * the bottom (Peer cert depth = 0). @@ -235,7 +267,10 @@ int x509_crt_verify_info( char *buf, size_t size, const char *prefix, * return 0 for anything but a fatal error. * * \note In case verification failed, the results can be displayed - * using \c x509_crt_verify_info() + * using \c mbedtls_x509_crt_verify_info() + * + * \note Same as \c mbedtls_x509_crt_verify_with_profile() with the + * default security profile. * * \param crt a certificate to be verified * \param trust_ca the trusted CA chain @@ -246,58 +281,100 @@ int x509_crt_verify_info( char *buf, size_t size, const char *prefix, * \param f_vrfy verification function * \param p_vrfy verification parameter * - * \return 0 if successful or POLARSSL_ERR_X509_SIG_VERIFY_FAILED, - * in which case *flags will have one or more BADCERT_XXX or - * BADCRL_XXX flags set, + * \return 0 if successful or MBEDTLS_ERR_X509_CERT_VERIFY_FAILED + * in which case *flags will have one or more + * MBEDTLS_X509_BADCERT_XXX or MBEDTLS_X509_BADCRL_XXX flags + * set, * or another error in case of a fatal error encountered * during the verification process. */ -int x509_crt_verify( x509_crt *crt, - x509_crt *trust_ca, - x509_crl *ca_crl, - const char *cn, int *flags, - int (*f_vrfy)(void *, x509_crt *, int, int *), +int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), void *p_vrfy ); -#if defined(POLARSSL_X509_CHECK_KEY_USAGE) +/** + * \brief Verify the certificate signature according to profile + * + * \note Same as \c mbedtls_x509_crt_verify(), but with explicit + * security profile. + * + * \note The restrictions on keys (RSA minimum size, allowed curves + * for ECDSA) only applys to (intermediate) CAs, not to the + * end-entity certificate. + * + * \param crt a certificate to be verified + * \param trust_ca the trusted CA chain + * \param ca_crl the CRL chain for trusted CA's + * \param profile security profile for verification + * \param cn expected Common Name (can be set to + * NULL if the CN must not be verified) + * \param flags result of the verification + * \param f_vrfy verification function + * \param p_vrfy verification parameter + * + * \return 0 if successful or MBEDTLS_ERR_X509_CERT_VERIFY_FAILED + * in which case *flags will have one or more + * MBEDTLS_X509_BADCERT_XXX or MBEDTLS_X509_BADCRL_XXX flags + * set, + * or another error in case of a fatal error encountered + * during the verification process. + */ +int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ); + +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) /** * \brief Check usage of certificate against keyUsage extension. * * \param crt Leaf certificate used. - * \param usage Intended usage(s) (eg KU_KEY_ENCIPHERMENT before using the - * certificate to perform an RSA key exchange). + * \param usage Intended usage(s) (eg MBEDTLS_X509_KU_KEY_ENCIPHERMENT + * before using the certificate to perform an RSA key + * exchange). + * + * \note Except for decipherOnly and encipherOnly, a bit set in the + * usage argument means this bit MUST be set in the + * certificate. For decipherOnly and encipherOnly, it means + * that bit MAY be set. * * \return 0 is these uses of the certificate are allowed, - * POLARSSL_ERR_X509_BAD_INPUT_DATA if the keyUsage extension - * is present but does not contain all the bits set in the - * usage argument. + * MBEDTLS_ERR_X509_BAD_INPUT_DATA if the keyUsage extension + * is present but does not match the usage argument. * * \note You should only call this function on leaf certificates, on * (intermediate) CAs the keyUsage extension is automatically - * checked by \c x509_crt_verify(). + * checked by \c mbedtls_x509_crt_verify(). */ -int x509_crt_check_key_usage( const x509_crt *crt, int usage ); -#endif /* POLARSSL_X509_CHECK_KEY_USAGE) */ +int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, + unsigned int usage ); +#endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */ -#if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) +#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) /** * \brief Check usage of certificate against extentedJeyUsage. * * \param crt Leaf certificate used. - * \param usage_oid Intended usage (eg OID_SERVER_AUTH or OID_CLIENT_AUTH). - * \param usage_len Length of usage_oid (eg given by OID_SIZE()). + * \param usage_oid Intended usage (eg MBEDTLS_OID_SERVER_AUTH or MBEDTLS_OID_CLIENT_AUTH). + * \param usage_len Length of usage_oid (eg given by MBEDTLS_OID_SIZE()). * - * \return 0 is this use of the certificate is allowed, - * POLARSSL_ERR_X509_BAD_INPUT_DATA if not. + * \return 0 if this use of the certificate is allowed, + * MBEDTLS_ERR_X509_BAD_INPUT_DATA if not. * * \note Usually only makes sense on leaf certificates. */ -int x509_crt_check_extended_key_usage( const x509_crt *crt, +int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, const char *usage_oid, size_t usage_len ); -#endif /* POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) */ +#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) */ -#if defined(POLARSSL_X509_CRL_PARSE_C) +#if defined(MBEDTLS_X509_CRL_PARSE_C) /** * \brief Verify the certificate revocation status * @@ -307,44 +384,44 @@ int x509_crt_check_extended_key_usage( const x509_crt *crt, * \return 1 if the certificate is revoked, 0 otherwise * */ -int x509_crt_revoked( const x509_crt *crt, const x509_crl *crl ); -#endif /* POLARSSL_X509_CRL_PARSE_C */ +int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ); +#endif /* MBEDTLS_X509_CRL_PARSE_C */ /** * \brief Initialize a certificate (chain) * * \param crt Certificate chain to initialize */ -void x509_crt_init( x509_crt *crt ); +void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ); /** * \brief Unallocate all certificate data * * \param crt Certificate chain to free */ -void x509_crt_free( x509_crt *crt ); -#endif /* POLARSSL_X509_CRT_PARSE_C */ +void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ /* \} name */ /* \} addtogroup x509_module */ -#if defined(POLARSSL_X509_CRT_WRITE_C) +#if defined(MBEDTLS_X509_CRT_WRITE_C) /** * \brief Initialize a CRT writing context * * \param ctx CRT context to initialize */ -void x509write_crt_init( x509write_cert *ctx ); +void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ); /** * \brief Set the verion for a Certificate - * Default: X509_CRT_VERSION_3 + * Default: MBEDTLS_X509_CRT_VERSION_3 * * \param ctx CRT context to use - * \param version version to set (X509_CRT_VERSION_1, X509_CRT_VERSION_2 or - * X509_CRT_VERSION_3) + * \param version version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or + * MBEDTLS_X509_CRT_VERSION_3) */ -void x509write_crt_set_version( x509write_cert *ctx, int version ); +void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version ); /** * \brief Set the serial number for a Certificate. @@ -354,7 +431,7 @@ void x509write_crt_set_version( x509write_cert *ctx, int version ); * * \return 0 if successful */ -int x509write_crt_set_serial( x509write_cert *ctx, const mpi *serial ); +int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial ); /** * \brief Set the validity period for a Certificate @@ -370,7 +447,7 @@ int x509write_crt_set_serial( x509write_cert *ctx, const mpi *serial ); * \return 0 if timestamp was parsed successfully, or * a specific error code */ -int x509write_crt_set_validity( x509write_cert *ctx, const char *not_before, +int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before, const char *not_after ); /** @@ -385,7 +462,7 @@ int x509write_crt_set_validity( x509write_cert *ctx, const char *not_before, * \return 0 if issuer name was parsed successfully, or * a specific error code */ -int x509write_crt_set_issuer_name( x509write_cert *ctx, +int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, const char *issuer_name ); /** @@ -400,7 +477,7 @@ int x509write_crt_set_issuer_name( x509write_cert *ctx, * \return 0 if subject name was parsed successfully, or * a specific error code */ -int x509write_crt_set_subject_name( x509write_cert *ctx, +int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, const char *subject_name ); /** @@ -409,7 +486,7 @@ int x509write_crt_set_subject_name( x509write_cert *ctx, * \param ctx CRT context to use * \param key public key to include */ -void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key ); +void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); /** * \brief Set the issuer key used for signing the certificate @@ -417,16 +494,16 @@ void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key ); * \param ctx CRT context to use * \param key private key to sign with */ -void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key ); +void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); /** * \brief Set the MD algorithm to use for the signature - * (e.g. POLARSSL_MD_SHA1) + * (e.g. MBEDTLS_MD_SHA1) * * \param ctx CRT context to use * \param md_alg MD algorithm to use */ -void x509write_crt_set_md_alg( x509write_cert *ctx, md_type_t md_alg ); +void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg ); /** * \brief Generic function to add to or replace an extension in the @@ -439,9 +516,9 @@ void x509write_crt_set_md_alg( x509write_cert *ctx, md_type_t md_alg ); * \param val value of the extension OCTET STRING * \param val_len length of the value data * - * \return 0 if successful, or a POLARSSL_ERR_X509WRITE_MALLOC_FAILED + * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int x509write_crt_set_extension( x509write_cert *ctx, +int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, const char *oid, size_t oid_len, int critical, const unsigned char *val, size_t val_len ); @@ -455,56 +532,57 @@ int x509write_crt_set_extension( x509write_cert *ctx, * certificate (only for CA certificates, -1 is * inlimited) * - * \return 0 if successful, or a POLARSSL_ERR_X509WRITE_MALLOC_FAILED + * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int x509write_crt_set_basic_constraints( x509write_cert *ctx, +int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, int is_ca, int max_pathlen ); -#if defined(POLARSSL_SHA1_C) +#if defined(MBEDTLS_SHA1_C) /** * \brief Set the subjectKeyIdentifier extension for a CRT - * Requires that x509write_crt_set_subject_key() has been + * Requires that mbedtls_x509write_crt_set_subject_key() has been * called before * * \param ctx CRT context to use * - * \return 0 if successful, or a POLARSSL_ERR_X509WRITE_MALLOC_FAILED + * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int x509write_crt_set_subject_key_identifier( x509write_cert *ctx ); +int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ); /** * \brief Set the authorityKeyIdentifier extension for a CRT - * Requires that x509write_crt_set_issuer_key() has been + * Requires that mbedtls_x509write_crt_set_issuer_key() has been * called before * * \param ctx CRT context to use * - * \return 0 if successful, or a POLARSSL_ERR_X509WRITE_MALLOC_FAILED + * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int x509write_crt_set_authority_key_identifier( x509write_cert *ctx ); -#endif /* POLARSSL_SHA1_C */ +int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ); +#endif /* MBEDTLS_SHA1_C */ /** * \brief Set the Key Usage Extension flags - * (e.g. KU_DIGITAL_SIGNATURE | KU_KEY_CERT_SIGN) + * (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN) * * \param ctx CRT context to use * \param key_usage key usage flags to set * - * \return 0 if successful, or POLARSSL_ERR_X509WRITE_MALLOC_FAILED + * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED */ -int x509write_crt_set_key_usage( x509write_cert *ctx, unsigned char key_usage ); +int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, + unsigned int key_usage ); /** * \brief Set the Netscape Cert Type flags - * (e.g. NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_EMAIL) + * (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL) * * \param ctx CRT context to use * \param ns_cert_type Netscape Cert Type flags to set * - * \return 0 if successful, or POLARSSL_ERR_X509WRITE_MALLOC_FAILED + * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED */ -int x509write_crt_set_ns_cert_type( x509write_cert *ctx, +int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, unsigned char ns_cert_type ); /** @@ -512,7 +590,7 @@ int x509write_crt_set_ns_cert_type( x509write_cert *ctx, * * \param ctx CRT context to free */ -void x509write_crt_free( x509write_cert *ctx ); +void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ); /** * \brief Write a built up certificate to a X509 DER structure @@ -534,11 +612,11 @@ void x509write_crt_free( x509write_cert *ctx ); * for countermeasures against timing attacks). * ECDSA signatures always require a non-NULL f_rng. */ -int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size, +int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); -#if defined(POLARSSL_PEM_WRITE_C) +#if defined(MBEDTLS_PEM_WRITE_C) /** * \brief Write a built up certificate to a X509 PEM string * @@ -548,21 +626,21 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size, * \param f_rng RNG function (for signature, see note) * \param p_rng RNG parameter * - * \return 0 successful, or a specific error code + * \return 0 if successful, or a specific error code * * \note f_rng may be NULL if RSA is used for signature and the * signature is made offline (otherwise f_rng is desirable * for countermeasures against timing attacks). * ECDSA signatures always require a non-NULL f_rng. */ -int x509write_crt_pem( x509write_cert *ctx, unsigned char *buf, size_t size, +int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); -#endif /* POLARSSL_PEM_WRITE_C */ -#endif /* POLARSSL_X509_CRT_WRITE_C */ +#endif /* MBEDTLS_PEM_WRITE_C */ +#endif /* MBEDTLS_X509_CRT_WRITE_C */ #ifdef __cplusplus } #endif -#endif /* x509_crt.h */ +#endif /* mbedtls_x509_crt.h */ diff --git a/ext/mbedtls/include/polarssl/x509_csr.h b/ext/mbedtls/include/mbedtls/x509_csr.h similarity index 65% rename from ext/mbedtls/include/polarssl/x509_csr.h rename to ext/mbedtls/include/mbedtls/x509_csr.h index 34f527b8e4..64dd93732a 100644 --- a/ext/mbedtls/include/polarssl/x509_csr.h +++ b/ext/mbedtls/include/mbedtls/x509_csr.h @@ -1,5 +1,5 @@ /** - * \file x509_csr.h + * \file mbedtls_x509_csr.h * * \brief X.509 certificate signing request parsing and writing * @@ -21,13 +21,13 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_X509_CSR_H -#define POLARSSL_X509_CSR_H +#ifndef MBEDTLS_X509_CSR_H +#define MBEDTLS_X509_CSR_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include "x509.h" @@ -48,39 +48,39 @@ extern "C" { /** * Certificate Signing Request (CSR) structure. */ -typedef struct _x509_csr +typedef struct mbedtls_x509_csr { - x509_buf raw; /**< The raw CSR data (DER). */ - x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */ + mbedtls_x509_buf raw; /**< The raw CSR data (DER). */ + mbedtls_x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */ int version; /**< CSR version (1=v1). */ - x509_buf subject_raw; /**< The raw subject data (DER). */ - x509_name subject; /**< The parsed subject data (named information object). */ + mbedtls_x509_buf subject_raw; /**< The raw subject data (DER). */ + mbedtls_x509_name subject; /**< The parsed subject data (named information object). */ - pk_context pk; /**< Container for the public key context. */ + mbedtls_pk_context pk; /**< Container for the public key context. */ - x509_buf sig_oid; - x509_buf sig; - md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ - pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ - void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */ + mbedtls_x509_buf sig_oid; + mbedtls_x509_buf sig; + mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ + mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */ + void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */ } -x509_csr; +mbedtls_x509_csr; /** * Container for writing a CSR */ -typedef struct _x509write_csr +typedef struct mbedtls_x509write_csr { - pk_context *key; - asn1_named_data *subject; - md_type_t md_alg; - asn1_named_data *extensions; + mbedtls_pk_context *key; + mbedtls_asn1_named_data *subject; + mbedtls_md_type_t md_alg; + mbedtls_asn1_named_data *extensions; } -x509write_csr; +mbedtls_x509write_csr; -#if defined(POLARSSL_X509_CSR_PARSE_C) +#if defined(MBEDTLS_X509_CSR_PARSE_C) /** * \brief Load a Certificate Signing Request (CSR) in DER format * @@ -90,7 +90,7 @@ x509write_csr; * * \return 0 if successful, or a specific X509 error code */ -int x509_csr_parse_der( x509_csr *csr, +int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ); /** @@ -99,12 +99,13 @@ int x509_csr_parse_der( x509_csr *csr, * \param csr CSR context to fill * \param buf buffer holding the CRL data * \param buflen size of the buffer + * (including the terminating null byte for PEM data) * * \return 0 if successful, or a specific X509 or PEM error code */ -int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ); +int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ); -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /** * \brief Load a Certificate Signing Request (CSR) * @@ -113,8 +114,8 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ); * * \return 0 if successful, or a specific X509 or PEM error code */ -int x509_csr_parse_file( x509_csr *csr, const char *path ); -#endif /* POLARSSL_FS_IO */ +int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); +#endif /* MBEDTLS_FS_IO */ /** * \brief Returns an informational string about the @@ -125,37 +126,37 @@ int x509_csr_parse_file( x509_csr *csr, const char *path ); * \param prefix A line prefix * \param csr The X509 CSR to represent * - * \return The length of the string written (exluding the terminating - * null byte), or a negative value in case of an error. + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. */ -int x509_csr_info( char *buf, size_t size, const char *prefix, - const x509_csr *csr ); +int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, + const mbedtls_x509_csr *csr ); /** * \brief Initialize a CSR * * \param csr CSR to initialize */ -void x509_csr_init( x509_csr *csr ); +void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ); /** * \brief Unallocate all CSR data * * \param csr CSR to free */ -void x509_csr_free( x509_csr *csr ); -#endif /* POLARSSL_X509_CSR_PARSE_C */ +void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ); +#endif /* MBEDTLS_X509_CSR_PARSE_C */ /* \} name */ /* \} addtogroup x509_module */ -#if defined(POLARSSL_X509_CSR_WRITE_C) +#if defined(MBEDTLS_X509_CSR_WRITE_C) /** * \brief Initialize a CSR context * * \param ctx CSR context to initialize */ -void x509write_csr_init( x509write_csr *ctx ); +void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ); /** * \brief Set the subject name for a CSR @@ -169,7 +170,7 @@ void x509write_csr_init( x509write_csr *ctx ); * \return 0 if subject name was parsed successfully, or * a specific error code */ -int x509write_csr_set_subject_name( x509write_csr *ctx, +int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, const char *subject_name ); /** @@ -179,38 +180,38 @@ int x509write_csr_set_subject_name( x509write_csr *ctx, * \param ctx CSR context to use * \param key Asymetric key to include */ -void x509write_csr_set_key( x509write_csr *ctx, pk_context *key ); +void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ); /** * \brief Set the MD algorithm to use for the signature - * (e.g. POLARSSL_MD_SHA1) + * (e.g. MBEDTLS_MD_SHA1) * * \param ctx CSR context to use * \param md_alg MD algorithm to use */ -void x509write_csr_set_md_alg( x509write_csr *ctx, md_type_t md_alg ); +void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ); /** * \brief Set the Key Usage Extension flags - * (e.g. KU_DIGITAL_SIGNATURE | KU_KEY_CERT_SIGN) + * (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN) * * \param ctx CSR context to use * \param key_usage key usage flags to set * - * \return 0 if successful, or POLARSSL_ERR_X509WRITE_MALLOC_FAILED + * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED */ -int x509write_csr_set_key_usage( x509write_csr *ctx, unsigned char key_usage ); +int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ); /** * \brief Set the Netscape Cert Type flags - * (e.g. NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_EMAIL) + * (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL) * * \param ctx CSR context to use * \param ns_cert_type Netscape Cert Type flags to set * - * \return 0 if successful, or POLARSSL_ERR_X509WRITE_MALLOC_FAILED + * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED */ -int x509write_csr_set_ns_cert_type( x509write_csr *ctx, +int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, unsigned char ns_cert_type ); /** @@ -223,9 +224,9 @@ int x509write_csr_set_ns_cert_type( x509write_csr *ctx, * \param val value of the extension OCTET STRING * \param val_len length of the value data * - * \return 0 if successful, or a POLARSSL_ERR_X509WRITE_MALLOC_FAILED + * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int x509write_csr_set_extension( x509write_csr *ctx, +int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len ); @@ -234,7 +235,7 @@ int x509write_csr_set_extension( x509write_csr *ctx, * * \param ctx CSR context to free */ -void x509write_csr_free( x509write_csr *ctx ); +void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ); /** * \brief Write a CSR (Certificate Signing Request) to a @@ -257,11 +258,11 @@ void x509write_csr_free( x509write_csr *ctx ); * for countermeasures against timing attacks). * ECDSA signatures always require a non-NULL f_rng. */ -int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size, +int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); -#if defined(POLARSSL_PEM_WRITE_C) +#if defined(MBEDTLS_PEM_WRITE_C) /** * \brief Write a CSR (Certificate Signing Request) to a * PEM string @@ -272,21 +273,21 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size, * \param f_rng RNG function (for signature, see note) * \param p_rng RNG parameter * - * \return 0 successful, or a specific error code + * \return 0 if successful, or a specific error code * * \note f_rng may be NULL if RSA is used for signature and the * signature is made offline (otherwise f_rng is desirable * for couermeasures against timing attacks). * ECDSA signatures always require a non-NULL f_rng. */ -int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size, +int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); -#endif /* POLARSSL_PEM_WRITE_C */ -#endif /* POLARSSL_X509_CSR_WRITE_C */ +#endif /* MBEDTLS_PEM_WRITE_C */ +#endif /* MBEDTLS_X509_CSR_WRITE_C */ #ifdef __cplusplus } #endif -#endif /* x509_csr.h */ +#endif /* mbedtls_x509_csr.h */ diff --git a/ext/mbedtls/include/polarssl/xtea.h b/ext/mbedtls/include/mbedtls/xtea.h similarity index 70% rename from ext/mbedtls/include/polarssl/xtea.h rename to ext/mbedtls/include/mbedtls/xtea.h index 02cd8d6f0a..1417eca034 100644 --- a/ext/mbedtls/include/polarssl/xtea.h +++ b/ext/mbedtls/include/mbedtls/xtea.h @@ -21,30 +21,24 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef POLARSSL_XTEA_H -#define POLARSSL_XTEA_H +#ifndef MBEDTLS_XTEA_H +#define MBEDTLS_XTEA_H -#if !defined(POLARSSL_CONFIG_FILE) +#if !defined(MBEDTLS_CONFIG_FILE) #include "config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif #include +#include -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif - -#define XTEA_ENCRYPT 1 -#define XTEA_DECRYPT 0 +#define MBEDTLS_XTEA_ENCRYPT 1 +#define MBEDTLS_XTEA_DECRYPT 0 -#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */ +#define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */ -#if !defined(POLARSSL_XTEA_ALT) +#if !defined(MBEDTLS_XTEA_ALT) // Regular implementation // @@ -59,21 +53,21 @@ typedef struct { uint32_t k[4]; /*!< key */ } -xtea_context; +mbedtls_xtea_context; /** * \brief Initialize XTEA context * * \param ctx XTEA context to be initialized */ -void xtea_init( xtea_context *ctx ); +void mbedtls_xtea_init( mbedtls_xtea_context *ctx ); /** * \brief Clear XTEA context * * \param ctx XTEA context to be cleared */ -void xtea_free( xtea_context *ctx ); +void mbedtls_xtea_free( mbedtls_xtea_context *ctx ); /** * \brief XTEA key schedule @@ -81,52 +75,52 @@ void xtea_free( xtea_context *ctx ); * \param ctx XTEA context to be initialized * \param key the secret key */ -void xtea_setup( xtea_context *ctx, const unsigned char key[16] ); +void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] ); /** * \brief XTEA cipher function * * \param ctx XTEA context - * \param mode XTEA_ENCRYPT or XTEA_DECRYPT + * \param mode MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT * \param input 8-byte input block * \param output 8-byte output block * * \return 0 if successful */ -int xtea_crypt_ecb( xtea_context *ctx, +int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, int mode, const unsigned char input[8], unsigned char output[8] ); -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /** * \brief XTEA CBC cipher function * * \param ctx XTEA context - * \param mode XTEA_ENCRYPT or XTEA_DECRYPT + * \param mode MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT * \param length the length of input, multiple of 8 * \param iv initialization vector for CBC mode * \param input input block * \param output output block * * \return 0 if successful, - * POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0 + * MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0 */ -int xtea_crypt_cbc( xtea_context *ctx, +int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length, unsigned char iv[8], const unsigned char *input, unsigned char *output); -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ #ifdef __cplusplus } #endif -#else /* POLARSSL_XTEA_ALT */ +#else /* MBEDTLS_XTEA_ALT */ #include "xtea_alt.h" -#endif /* POLARSSL_XTEA_ALT */ +#endif /* MBEDTLS_XTEA_ALT */ #ifdef __cplusplus extern "C" { @@ -137,7 +131,7 @@ extern "C" { * * \return 0 if successful, or 1 if the test failed */ -int xtea_self_test( int verbose ); +int mbedtls_xtea_self_test( int verbose ); #ifdef __cplusplus } diff --git a/ext/mbedtls/include/polarssl/certs.h b/ext/mbedtls/include/polarssl/certs.h deleted file mode 100644 index d2216602f6..0000000000 --- a/ext/mbedtls/include/polarssl/certs.h +++ /dev/null @@ -1,74 +0,0 @@ -/** - * \file certs.h - * - * \brief Sample certificates and DHM parameters for testing - * - * Copyright (C) 2006-2010, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_CERTS_H -#define POLARSSL_CERTS_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* Concatenation of all available CA certificates */ -extern const char test_ca_list[]; - -/* - * Convenience for users who just want a certificate: - * RSA by default, or ECDSA if RSA i not available - */ -extern const char *test_ca_crt; -extern const char *test_ca_key; -extern const char *test_ca_pwd; -extern const char *test_srv_crt; -extern const char *test_srv_key; -extern const char *test_cli_crt; -extern const char *test_cli_key; - -#if defined(POLARSSL_ECDSA_C) -extern const char test_ca_crt_ec[]; -extern const char test_ca_key_ec[]; -extern const char test_ca_pwd_ec[]; -extern const char test_srv_crt_ec[]; -extern const char test_srv_key_ec[]; -extern const char test_cli_crt_ec[]; -extern const char test_cli_key_ec[]; -#endif - -#if defined(POLARSSL_RSA_C) -extern const char test_ca_crt_rsa[]; -extern const char test_ca_key_rsa[]; -extern const char test_ca_pwd_rsa[]; -extern const char test_srv_crt_rsa[]; -extern const char test_srv_key_rsa[]; -extern const char test_cli_crt_rsa[]; -extern const char test_cli_key_rsa[]; -#endif - -#if defined(POLARSSL_DHM_C) -extern const char test_dhm_params[]; -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* certs.h */ diff --git a/ext/mbedtls/include/polarssl/check_config.h b/ext/mbedtls/include/polarssl/check_config.h deleted file mode 100644 index bd126a68b6..0000000000 --- a/ext/mbedtls/include/polarssl/check_config.h +++ /dev/null @@ -1,540 +0,0 @@ -/** - * \file check_config.h - * - * \brief Consistency checks for configuration options - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ - -/* - * It is recommended to include this file from your config.h - * in order to catch dependency issues early. - */ - -#ifndef POLARSSL_CHECK_CONFIG_H -#define POLARSSL_CHECK_CONFIG_H - -#if defined(POLARSSL_DEPRECATED_WARNING) && \ - !defined(__GNUC__) && !defined(__clang__) -#error "POLARSSL_DEPRECATED_WARNING only works with GCC and Clang" -#endif - -#if defined(POLARSSL_NET_C) && !defined(POLARSSL_HAVE_IPV6) -#if defined(POLARSSL_DEPRECATED_WARNING) -#warning "Using POLARSSL_NET_C without POLARSSL_HAVE_IPV6 is deprecated" -#endif -#if defined(POLARSSL_DEPRECATED_REMOVED) -#define POLARSSL_HAVE_IPV6 -#endif -#endif /* POLARSSL_NET_C && !POLARSSL_HAVE_IPV6 */ - -#if defined(POLARSSL_ERROR_STRERROR_BC) -#if defined(POLARSSL_DEPRECATED_WARNING) -#warning "POLARSSL_ERROR_STRERROR_BC is deprecated" -#endif -#if defined(POLARSSL_DEPRECATED_REMOVED) -#error "POLARSSL_ERROR_STRERROR_BC is deprecated" -#endif -#endif /* POLARSSL_ERROR_STRERROR_BC */ - -#if defined(POLARSSL_MEMORY_C) -#if defined(POLARSSL_DEPRECATED_WARNING) -#warning "POLARSSL_MEMORY_C is deprecated" -#endif -#if defined(POLARSSL_DEPRECATED_REMOVED) -#error "POLARSSL_MEMORY_C is deprecated" -#endif -#endif /* POLARSSL_MEMORY_C */ - -#if defined(POLARSSL_PBKDF2_C) -#if defined(POLARSSL_DEPRECATED_WARNING) -#warning "POLARSSL_PBKDF2_C is deprecated" -#endif -#if defined(POLARSSL_DEPRECATED_REMOVED) -#error "POLARSSL_PBKDF2_C is deprecated" -#endif -#endif /* POLARSSL_PBKDF2_C */ - -#if defined(POLARSSL_HAVE_INT8) -#if defined(POLARSSL_DEPRECATED_WARNING) -#warning "POLARSSL_HAVE_INT8 is deprecated" -#endif -#if defined(POLARSSL_DEPRECATED_REMOVED) -#error "POLARSSL_HAVE_INT8 is deprecated" -#endif -#endif /* POLARSSL_HAVE_INT8 */ - -#if defined(POLARSSL_HAVE_INT16) -#if defined(POLARSSL_DEPRECATED_WARNING) -#warning "POLARSSL_HAVE_INT16 is deprecated" -#endif -#if defined(POLARSSL_DEPRECATED_REMOVED) -#error "POLARSSL_HAVE_INT16 is deprecated" -#endif -#endif /* POLARSSL_HAVE_INT16 */ - -#if defined(POLARSSL_AESNI_C) && !defined(POLARSSL_HAVE_ASM) -#error "POLARSSL_AESNI_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_CERTS_C) && !defined(POLARSSL_PEM_PARSE_C) -#error "POLARSSL_CERTS_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_CTR_DRBG_C) && !defined(POLARSSL_AES_C) -#error "POLARSSL_CTR_DRBG_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_DHM_C) && !defined(POLARSSL_BIGNUM_C) -#error "POLARSSL_DHM_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_ECDH_C) && !defined(POLARSSL_ECP_C) -#error "POLARSSL_ECDH_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_ECDSA_C) && \ - ( !defined(POLARSSL_ECP_C) || \ - !defined(POLARSSL_ASN1_PARSE_C) || \ - !defined(POLARSSL_ASN1_WRITE_C) ) -#error "POLARSSL_ECDSA_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_ECDSA_DETERMINISTIC) && !defined(POLARSSL_HMAC_DRBG_C) -#error "POLARSSL_ECDSA_DETERMINISTIC defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_ECP_C) && ( !defined(POLARSSL_BIGNUM_C) || ( \ - !defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) && \ - !defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) && \ - !defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) && \ - !defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) && \ - !defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) && \ - !defined(POLARSSL_ECP_DP_BP256R1_ENABLED) && \ - !defined(POLARSSL_ECP_DP_BP384R1_ENABLED) && \ - !defined(POLARSSL_ECP_DP_BP512R1_ENABLED) && \ - !defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) && \ - !defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) && \ - !defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) ) ) -#error "POLARSSL_ECP_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_ENTROPY_C) && (!defined(POLARSSL_SHA512_C) && \ - !defined(POLARSSL_SHA256_C)) -#error "POLARSSL_ENTROPY_C defined, but not all prerequisites" -#endif -#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SHA512_C) && \ - defined(CTR_DRBG_ENTROPY_LEN) && (CTR_DRBG_ENTROPY_LEN > 64) -#error "CTR_DRBG_ENTROPY_LEN value too high" -#endif -#if defined(POLARSSL_ENTROPY_C) && \ - ( !defined(POLARSSL_SHA512_C) || defined(POLARSSL_ENTROPY_FORCE_SHA256) ) \ - && defined(CTR_DRBG_ENTROPY_LEN) && (CTR_DRBG_ENTROPY_LEN > 32) -#error "CTR_DRBG_ENTROPY_LEN value too high" -#endif -#if defined(POLARSSL_ENTROPY_C) && \ - defined(POLARSSL_ENTROPY_FORCE_SHA256) && !defined(POLARSSL_SHA256_C) -#error "POLARSSL_ENTROPY_FORCE_SHA256 defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_GCM_C) && ( \ - !defined(POLARSSL_AES_C) && !defined(POLARSSL_CAMELLIA_C) ) -#error "POLARSSL_GCM_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_HAVEGE_C) && !defined(POLARSSL_TIMING_C) -#error "POLARSSL_HAVEGE_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_HMAC_DRBG) && !defined(POLARSSL_MD_C) -#error "POLARSSL_HMAC_DRBG_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \ - ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ) -#error "POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \ - ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ) -#error "POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(POLARSSL_DHM_C) -#error "POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \ - !defined(POLARSSL_ECDH_C) -#error "POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ - ( !defined(POLARSSL_DHM_C) || !defined(POLARSSL_RSA_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) ) -#error "POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ - ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_RSA_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) ) -#error "POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \ - ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_ECDSA_C) || \ - !defined(POLARSSL_X509_CRT_PARSE_C) ) -#error "POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) && \ - ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \ - !defined(POLARSSL_PKCS1_V15) ) -#error "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \ - ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \ - !defined(POLARSSL_PKCS1_V15) ) -#error "POLARSSL_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_MEMORY_C) && !defined(POLARSSL_PLATFORM_C) -#error "POLARSSL_MEMORY_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) && \ - ( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) ) -#error "POLARSSL_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PADLOCK_C) && !defined(POLARSSL_HAVE_ASM) -#error "POLARSSL_PADLOCK_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PBKDF2_C) && !defined(POLARSSL_MD_C) -#error "POLARSSL_PBKDF2_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PEM_PARSE_C) && !defined(POLARSSL_BASE64_C) -#error "POLARSSL_PEM_PARSE_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PEM_WRITE_C) && !defined(POLARSSL_BASE64_C) -#error "POLARSSL_PEM_WRITE_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PK_C) && \ - ( !defined(POLARSSL_RSA_C) && !defined(POLARSSL_ECP_C) ) -#error "POLARSSL_PK_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PK_PARSE_C) && !defined(POLARSSL_PK_C) -#error "POLARSSL_PK_PARSE_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PK_WRITE_C) && !defined(POLARSSL_PK_C) -#error "POLARSSL_PK_WRITE_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PKCS11_C) && !defined(POLARSSL_PK_C) -#error "POLARSSL_PKCS11_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_EXIT_ALT) && !defined(POLARSSL_PLATFORM_C) -#error "POLARSSL_PLATFORM_EXIT_ALT defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_EXIT_MACRO) && !defined(POLARSSL_PLATFORM_C) -#error "POLARSSL_PLATFORM_EXIT_MACRO defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_EXIT_MACRO) &&\ - ( defined(POLARSSL_PLATFORM_STD_EXIT) ||\ - defined(POLARSSL_PLATFORM_EXIT_ALT) ) -#error "POLARSSL_PLATFORM_EXIT_MACRO and POLARSSL_PLATFORM_STD_EXIT/POLARSSL_PLATFORM_EXIT_ALT cannot be defined simultaneously" -#endif - -#if defined(POLARSSL_PLATFORM_FPRINTF_ALT) && !defined(POLARSSL_PLATFORM_C) -#error "POLARSSL_PLATFORM_FPRINTF_ALT defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_FPRINTF_MACRO) && !defined(POLARSSL_PLATFORM_C) -#error "POLARSSL_PLATFORM_FPRINTF_MACRO defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_FPRINTF_MACRO) &&\ - ( defined(POLARSSL_PLATFORM_STD_FPRINTF) ||\ - defined(POLARSSL_PLATFORM_FPRINTF_ALT) ) -#error "POLARSSL_PLATFORM_FPRINTF_MACRO and POLARSSL_PLATFORM_STD_FPRINTF/POLARSSL_PLATFORM_FPRINTF_ALT cannot be defined simultaneously" -#endif - -#if defined(POLARSSL_PLATFORM_FREE_MACRO) &&\ - ( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) ) -#error "POLARSSL_PLATFORM_FREE_MACRO defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_FREE_MACRO) &&\ - defined(POLARSSL_PLATFORM_STD_FREE) -#error "POLARSSL_PLATFORM_FREE_MACRO and POLARSSL_PLATFORM_STD_FREE cannot be defined simultaneously" -#endif - -#if defined(POLARSSL_PLATFORM_FREE_MACRO) && !defined(POLARSSL_PLATFORM_MALLOC_MACRO) -#error "POLARSSL_PLATFORM_MALLOC_MACRO must be defined if POLARSSL_PLATFORM_FREE_MACRO is" -#endif - -#if defined(POLARSSL_PLATFORM_MALLOC_MACRO) &&\ - ( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) ) -#error "POLARSSL_PLATFORM_MALLOC_MACRO defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_MALLOC_MACRO) &&\ - defined(POLARSSL_PLATFORM_STD_MALLOC) -#error "POLARSSL_PLATFORM_MALLOC_MACRO and POLARSSL_PLATFORM_STD_MALLOC cannot be defined simultaneously" -#endif - -#if defined(POLARSSL_PLATFORM_MALLOC_MACRO) && !defined(POLARSSL_PLATFORM_FREE_MACRO) -#error "POLARSSL_PLATFORM_FREE_MACRO must be defined if POLARSSL_PLATFORM_MALLOC_MACRO is" -#endif - -#if defined(POLARSSL_PLATFORM_MEMORY) && !defined(POLARSSL_PLATFORM_C) -#error "POLARSSL_PLATFORM_MEMORY defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_PRINTF_ALT) && !defined(POLARSSL_PLATFORM_C) -#error "POLARSSL_PLATFORM_PRINTF_ALT defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_PRINTF_MACRO) && !defined(POLARSSL_PLATFORM_C) -#error "POLARSSL_PLATFORM_PRINTF_MACRO defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_PRINTF_MACRO) &&\ - ( defined(POLARSSL_PLATFORM_STD_PRINTF) ||\ - defined(POLARSSL_PLATFORM_PRINTF_ALT) ) -#error "POLARSSL_PLATFORM_PRINTF_MACRO and POLARSSL_PLATFORM_STD_PRINTF/POLARSSL_PLATFORM_PRINTF_ALT cannot be defined simultaneously" -#endif - -#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) && !defined(POLARSSL_PLATFORM_C) -#error "POLARSSL_PLATFORM_SNPRINTF_ALT defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) && ( defined(_WIN32)\ - && !defined(EFIX64) && !defined(EFI32) ) -#error "POLARSSL_PLATFORM_SNPRINTF_ALT defined but not available on Windows" -#endif - -#if defined(POLARSSL_PLATFORM_SNPRINTF_MACRO) && !defined(POLARSSL_PLATFORM_C) -#error "POLARSSL_PLATFORM_SNPRINTF_MACRO defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_SNPRINTF_MACRO) &&\ - ( defined(POLARSSL_PLATFORM_STD_SNPRINTF) ||\ - defined(POLARSSL_PLATFORM_SNPRINTF_ALT) ) -#error "POLARSSL_PLATFORM_SNPRINTF_MACRO and POLARSSL_PLATFORM_STD_SNPRINTF/POLARSSL_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously" -#endif - -#if defined(POLARSSL_PLATFORM_STD_MEM_HDR) &&\ - !defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS) -#error "POLARSSL_PLATFORM_STD_MEM_HDR defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_STD_MALLOC) && !defined(POLARSSL_PLATFORM_MEMORY) -#error "POLARSSL_PLATFORM_STD_MALLOC defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_STD_MALLOC) && !defined(POLARSSL_PLATFORM_MEMORY) -#error "POLARSSL_PLATFORM_STD_MALLOC defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_STD_FREE) && !defined(POLARSSL_PLATFORM_MEMORY) -#error "POLARSSL_PLATFORM_STD_FREE defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_STD_EXIT) &&\ - !defined(POLARSSL_PLATFORM_EXIT_ALT) -#error "POLARSSL_PLATFORM_STD_EXIT defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_STD_FPRINTF) &&\ - !defined(POLARSSL_PLATFORM_FPRINTF_ALT) -#error "POLARSSL_PLATFORM_STD_FPRINTF defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_STD_PRINTF) &&\ - !defined(POLARSSL_PLATFORM_PRINTF_ALT) -#error "POLARSSL_PLATFORM_STD_PRINTF defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_PLATFORM_STD_SNPRINTF) &&\ - !defined(POLARSSL_PLATFORM_SNPRINTF_ALT) -#error "POLARSSL_PLATFORM_STD_SNPRINTF defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_RSA_C) && ( !defined(POLARSSL_BIGNUM_C) || \ - !defined(POLARSSL_OID_C) ) -#error "POLARSSL_RSA_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) && \ - ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_PKCS1_V21) ) -#error "POLARSSL_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_SSL_PROTO_SSL3) && ( !defined(POLARSSL_MD5_C) || \ - !defined(POLARSSL_SHA1_C) ) -#error "POLARSSL_SSL_PROTO_SSL3 defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_SSL_PROTO_TLS1) && ( !defined(POLARSSL_MD5_C) || \ - !defined(POLARSSL_SHA1_C) ) -#error "POLARSSL_SSL_PROTO_TLS1 defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_SSL_PROTO_TLS1_1) && ( !defined(POLARSSL_MD5_C) || \ - !defined(POLARSSL_SHA1_C) ) -#error "POLARSSL_SSL_PROTO_TLS1_1 defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_SSL_PROTO_TLS1_2) && ( !defined(POLARSSL_SHA1_C) && \ - !defined(POLARSSL_SHA256_C) && !defined(POLARSSL_SHA512_C) ) -#error "POLARSSL_SSL_PROTO_TLS1_2 defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_SSL_CLI_C) && !defined(POLARSSL_SSL_TLS_C) -#error "POLARSSL_SSL_CLI_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_SSL_TLS_C) && ( !defined(POLARSSL_CIPHER_C) || \ - !defined(POLARSSL_MD_C) ) -#error "POLARSSL_SSL_TLS_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_SSL_SRV_C) && !defined(POLARSSL_SSL_TLS_C) -#error "POLARSSL_SSL_SRV_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_SSL_TLS_C) && (!defined(POLARSSL_SSL_PROTO_SSL3) && \ - !defined(POLARSSL_SSL_PROTO_TLS1) && !defined(POLARSSL_SSL_PROTO_TLS1_1) && \ - !defined(POLARSSL_SSL_PROTO_TLS1_2)) -#error "POLARSSL_SSL_TLS_C defined, but no protocols are active" -#endif - -#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \ - defined(POLARSSL_SSL_PROTO_TLS1_1) && !defined(POLARSSL_SSL_PROTO_TLS1)) -#error "Illegal protocol selection" -#endif - -#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_TLS1) && \ - defined(POLARSSL_SSL_PROTO_TLS1_2) && !defined(POLARSSL_SSL_PROTO_TLS1_1)) -#error "Illegal protocol selection" -#endif - -#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \ - defined(POLARSSL_SSL_PROTO_TLS1_2) && (!defined(POLARSSL_SSL_PROTO_TLS1) || \ - !defined(POLARSSL_SSL_PROTO_TLS1_1))) -#error "Illegal protocol selection" -#endif - -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) && \ - !defined(POLARSSL_SSL_PROTO_TLS1) && \ - !defined(POLARSSL_SSL_PROTO_TLS1_1) && \ - !defined(POLARSSL_SSL_PROTO_TLS1_2) -#error "POLARSSL_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites" -#endif - -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) && \ - !defined(POLARSSL_SSL_PROTO_TLS1) && \ - !defined(POLARSSL_SSL_PROTO_TLS1_1) && \ - !defined(POLARSSL_SSL_PROTO_TLS1_2) -#error "POLARSSL_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequsites" -#endif - -#if defined(POLARSSL_SSL_SESSION_TICKETS) && defined(POLARSSL_SSL_TLS_C) && \ - ( !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) || \ - !defined(POLARSSL_CIPHER_MODE_CBC) ) -#error "POLARSSL_SSL_SESSION_TICKETS_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) && \ - !defined(POLARSSL_SSL_PROTO_SSL3) && !defined(POLARSSL_SSL_PROTO_TLS1) -#error "POLARSSL_SSL_CBC_RECORD_SPLITTING defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && \ - !defined(POLARSSL_X509_CRT_PARSE_C) -#error "POLARSSL_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_THREADING_PTHREAD) -#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL) -#error "POLARSSL_THREADING_PTHREAD defined, but not all prerequisites" -#endif -#define POLARSSL_THREADING_IMPL -#endif - -#if defined(POLARSSL_THREADING_ALT) -#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL) -#error "POLARSSL_THREADING_ALT defined, but not all prerequisites" -#endif -#define POLARSSL_THREADING_IMPL -#endif - -#if defined(POLARSSL_THREADING_C) && !defined(POLARSSL_THREADING_IMPL) -#error "POLARSSL_THREADING_C defined, single threading implementation required" -#endif -#undef POLARSSL_THREADING_IMPL - -#if defined(POLARSSL_VERSION_FEATURES) && !defined(POLARSSL_VERSION_C) -#error "POLARSSL_VERSION_FEATURES defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_X509_USE_C) && ( !defined(POLARSSL_BIGNUM_C) || \ - !defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_PARSE_C) || \ - !defined(POLARSSL_PK_PARSE_C) ) -#error "POLARSSL_X509_USE_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_X509_CREATE_C) && ( !defined(POLARSSL_BIGNUM_C) || \ - !defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_WRITE_C) || \ - !defined(POLARSSL_PK_WRITE_C) ) -#error "POLARSSL_X509_CREATE_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_X509_CRT_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) ) -#error "POLARSSL_X509_CRT_PARSE_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_X509_CRL_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) ) -#error "POLARSSL_X509_CRL_PARSE_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_X509_CSR_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) ) -#error "POLARSSL_X509_CSR_PARSE_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_X509_CRT_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) ) -#error "POLARSSL_X509_CRT_WRITE_C defined, but not all prerequisites" -#endif - -#if defined(POLARSSL_X509_CSR_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) ) -#error "POLARSSL_X509_CSR_WRITE_C defined, but not all prerequisites" -#endif - -#endif /* POLARSSL_CHECK_CONFIG_H */ diff --git a/ext/mbedtls/include/polarssl/cipher_wrap.h b/ext/mbedtls/include/polarssl/cipher_wrap.h deleted file mode 100644 index 3e685b13ee..0000000000 --- a/ext/mbedtls/include/polarssl/cipher_wrap.h +++ /dev/null @@ -1,55 +0,0 @@ -/** - * \file cipher_wrap.h - * - * \brief Cipher wrappers. - * - * \author Adriaan de Jong - * - * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_CIPHER_WRAP_H -#define POLARSSL_CIPHER_WRAP_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include "cipher.h" - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct -{ - cipher_type_t type; - const cipher_info_t *info; -} cipher_definition_t; - -extern const cipher_definition_t cipher_definitions[]; - -extern int supported_ciphers[]; - -#ifdef __cplusplus -} -#endif - -#endif /* POLARSSL_CIPHER_WRAP_H */ diff --git a/ext/mbedtls/include/polarssl/compat-1.2.h b/ext/mbedtls/include/polarssl/compat-1.2.h deleted file mode 100644 index d694015e4b..0000000000 --- a/ext/mbedtls/include/polarssl/compat-1.2.h +++ /dev/null @@ -1,395 +0,0 @@ -/** - * \file compat-1.2.h - * - * \brief Backwards compatibility header for PolarSSL-1.2 from PolarSSL-1.3 - * - * \deprecated Use native PolarSSL 1.3 functions instead. - * - * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#if ! defined(POLARSSL_DEPRECATED_REMOVED) - -#if defined(POLARSSL_DEPRECATED_WARNING) -#warning "Including compat-1.2.h is deprecated" -#endif - -#ifndef POLARSSL_COMPAT_1_2_H -#define POLARSSL_COMPAT_1_2_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -// Comment out to disable prototype change warnings -#define SHOW_PROTOTYPE_CHANGE_WARNINGS - -#if defined(_MSC_VER) && !defined(inline) -#define inline _inline -#else -#if defined(__ARMCC_VERSION) && !defined(inline) -#define inline __inline -#endif /* __ARMCC_VERSION */ -#endif /* _MSC_VER */ - -#if defined(_MSC_VER) -// MSVC does not support #warning -#undef SHOW_PROTOTYPE_CHANGE_WARNINGS -#endif - -#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS) -#warning "You can disable these warnings by commenting SHOW_PROTOTYPE_CHANGE_WARNINGS in compat-1.2.h" -#endif - -#if defined(POLARSSL_SHA256_C) -#define POLARSSL_SHA2_C -#include "sha256.h" - -/* - * SHA-2 -> SHA-256 - */ -typedef sha256_context sha2_context; - -static inline void sha2_starts( sha256_context *ctx, int is224 ) { - sha256_starts( ctx, is224 ); -} -static inline void sha2_update( sha256_context *ctx, const unsigned char *input, - size_t ilen ) { - sha256_update( ctx, input, ilen ); -} -static inline void sha2_finish( sha256_context *ctx, unsigned char output[32] ) { - sha256_finish( ctx, output ); -} -static inline int sha2_file( const char *path, unsigned char output[32], int is224 ) { - return sha256_file( path, output, is224 ); -} -static inline void sha2( const unsigned char *input, size_t ilen, - unsigned char output[32], int is224 ) { - sha256( input, ilen, output, is224 ); -} -static inline void sha2_hmac_starts( sha256_context *ctx, const unsigned char *key, - size_t keylen, int is224 ) { - sha256_hmac_starts( ctx, key, keylen, is224 ); -} -static inline void sha2_hmac_update( sha256_context *ctx, const unsigned char *input, size_t ilen ) { - sha256_hmac_update( ctx, input, ilen ); -} -static inline void sha2_hmac_finish( sha256_context *ctx, unsigned char output[32] ) { - sha256_hmac_finish( ctx, output ); -} -static inline void sha2_hmac_reset( sha256_context *ctx ) { - sha256_hmac_reset( ctx ); -} -static inline void sha2_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[32], int is224 ) { - sha256_hmac( key, keylen, input, ilen, output, is224 ); -} -static inline int sha2_self_test( int verbose ) { - return sha256_self_test( verbose ); -} -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) -#define POLARSSL_SHA4_C -#include "sha512.h" - -/* - * SHA-4 -> SHA-512 - */ -typedef sha512_context sha4_context; - -static inline void sha4_starts( sha512_context *ctx, int is384 ) { - sha512_starts( ctx, is384 ); -} -static inline void sha4_update( sha512_context *ctx, const unsigned char *input, - size_t ilen ) { - sha512_update( ctx, input, ilen ); -} -static inline void sha4_finish( sha512_context *ctx, unsigned char output[64] ) { - sha512_finish( ctx, output ); -} -static inline int sha4_file( const char *path, unsigned char output[64], int is384 ) { - return sha512_file( path, output, is384 ); -} -static inline void sha4( const unsigned char *input, size_t ilen, - unsigned char output[32], int is384 ) { - sha512( input, ilen, output, is384 ); -} -static inline void sha4_hmac_starts( sha512_context *ctx, const unsigned char *key, - size_t keylen, int is384 ) { - sha512_hmac_starts( ctx, key, keylen, is384 ); -} -static inline void sha4_hmac_update( sha512_context *ctx, const unsigned char *input, size_t ilen ) { - sha512_hmac_update( ctx, input, ilen ); -} -static inline void sha4_hmac_finish( sha512_context *ctx, unsigned char output[64] ) { - sha512_hmac_finish( ctx, output ); -} -static inline void sha4_hmac_reset( sha512_context *ctx ) { - sha512_hmac_reset( ctx ); -} -static inline void sha4_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[64], int is384 ) { - sha512_hmac( key, keylen, input, ilen, output, is384 ); -} -static inline int sha4_self_test( int verbose ) { - return sha512_self_test( verbose ); -} -#endif /* POLARSSL_SHA512_C */ - -#if defined(POLARSSL_CIPHER_C) -#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS) -#warning "cipher_reset() prototype changed. Manual change required if used" -#endif -#endif - -#if defined(POLARSSL_RSA_C) -#define SIG_RSA_RAW POLARSSL_MD_NONE -#define SIG_RSA_MD2 POLARSSL_MD_MD2 -#define SIG_RSA_MD4 POLARSSL_MD_MD4 -#define SIG_RSA_MD5 POLARSSL_MD_MD5 -#define SIG_RSA_SHA1 POLARSSL_MD_SHA1 -#define SIG_RSA_SHA224 POLARSSL_MD_SHA224 -#define SIG_RSA_SHA256 POLARSSL_MD_SHA256 -#define SIG_RSA_SHA384 POLARSSL_MD_SHA384 -#define SIG_RSA_SHA512 POLARSSL_MD_SHA512 -#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS) -#warning "rsa_pkcs1_verify() prototype changed. Manual change required if used" -#warning "rsa_pkcs1_decrypt() prototype changed. Manual change required if used" -#endif -#endif /* POLARSSL_RSA_C */ - -#if defined(POLARSSL_DHM_C) -#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS) -#warning "dhm_calc_secret() prototype changed. Manual change required if used" -#endif -#endif - -#if defined(POLARSSL_GCM_C) -#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS) -#warning "gcm_init() prototype changed. Manual change required if used" -#endif -#endif - -#if defined(POLARSSL_SSL_CLI_C) -#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS) -#warning "ssl_set_own_cert() prototype changed. Change to ssl_set_own_cert_rsa(). Manual change required if used" -#endif -#endif - -#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) -#include "x509.h" - -#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT POLARSSL_ERR_X509_INVALID_FORMAT -#define POLARSSL_ERR_X509_CERT_INVALID_VERSION POLARSSL_ERR_X509_INVALID_VERSION -#define POLARSSL_ERR_X509_CERT_INVALID_ALG POLARSSL_ERR_X509_INVALID_ALG -#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG POLARSSL_ERR_X509_UNKNOWN_SIG_ALG -#define POLARSSL_ERR_X509_CERT_INVALID_NAME POLARSSL_ERR_X509_INVALID_NAME -#define POLARSSL_ERR_X509_CERT_INVALID_DATE POLARSSL_ERR_X509_INVALID_DATE -#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS POLARSSL_ERR_X509_INVALID_EXTENSIONS -#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH POLARSSL_ERR_X509_SIG_MISMATCH -#define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE POLARSSL_ERR_X509_INVALID_SIGNATURE -#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL POLARSSL_ERR_X509_INVALID_SERIAL -#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION POLARSSL_ERR_X509_UNKNOWN_VERSION - -static inline int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ) { - return x509_serial_gets( buf, size, serial ); -} -static inline int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) { - return x509_dn_gets( buf, size, dn ); -} -static inline int x509parse_time_expired( const x509_time *time ) { - return x509_time_expired( time ); -} -#endif /* POLARSSL_X509_USE_C || POLARSSL_X509_CREATE_C */ - -#if defined(POLARSSL_X509_CRT_PARSE_C) -#define POLARSSL_X509_PARSE_C -#include "x509_crt.h" -typedef x509_crt x509_cert; - -static inline int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, - size_t buflen ) { - return x509_crt_parse_der( chain, buf, buflen ); -} -static inline int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen ) { - return x509_crt_parse( chain, buf, buflen ); -} -static inline int x509parse_crtfile( x509_cert *chain, const char *path ) { - return x509_crt_parse_file( chain, path ); -} -static inline int x509parse_crtpath( x509_cert *chain, const char *path ) { - return x509_crt_parse_path( chain, path ); -} -static inline int x509parse_cert_info( char *buf, size_t size, const char *prefix, - const x509_cert *crt ) { - return x509_crt_info( buf, size, prefix, crt ); -} -static inline int x509parse_verify( x509_cert *crt, x509_cert *trust_ca, - x509_crl *ca_crl, const char *cn, int *flags, - int (*f_vrfy)(void *, x509_cert *, int, int *), - void *p_vrfy ) { - return x509_crt_verify( crt, trust_ca, ca_crl, cn, flags, f_vrfy, p_vrfy ); -} -static inline int x509parse_revoked( const x509_cert *crt, const x509_crl *crl ) { - return x509_crt_revoked( crt, crl ); -} -static inline void x509_free( x509_cert *crt ) { - x509_crt_free( crt ); -} -#endif /* POLARSSL_X509_CRT_PARSE_C */ - -#if defined(POLARSSL_X509_CRL_PARSE_C) -#define POLARSSL_X509_PARSE_C -#include "x509_crl.h" -static inline int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen ) { - return x509_crl_parse( chain, buf, buflen ); -} -static inline int x509parse_crlfile( x509_crl *chain, const char *path ) { - return x509_crl_parse_file( chain, path ); -} -static inline int x509parse_crl_info( char *buf, size_t size, const char *prefix, - const x509_crl *crl ) { - return x509_crl_info( buf, size, prefix, crl ); -} -#endif /* POLARSSL_X509_CRL_PARSE_C */ - -#if defined(POLARSSL_X509_CSR_PARSE_C) -#define POLARSSL_X509_PARSE_C -#include "x509_csr.h" -static inline int x509parse_csr( x509_csr *csr, const unsigned char *buf, size_t buflen ) { - return x509_csr_parse( csr, buf, buflen ); -} -static inline int x509parse_csrfile( x509_csr *csr, const char *path ) { - return x509_csr_parse_file( csr, path ); -} -static inline int x509parse_csr_info( char *buf, size_t size, const char *prefix, - const x509_csr *csr ) { - return x509_csr_info( buf, size, prefix, csr ); -} -#endif /* POLARSSL_X509_CSR_PARSE_C */ - -#if defined(POLARSSL_SSL_TLS_C) -#include "ssl_ciphersuites.h" - -#define ssl_default_ciphersuites ssl_list_ciphersuites() -#endif - -#if defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_RSA_C) -#include "rsa.h" -#include "pk.h" - -#define POLARSSL_ERR_X509_PASSWORD_MISMATCH POLARSSL_ERR_PK_PASSWORD_MISMATCH -#define POLARSSL_ERR_X509_KEY_INVALID_FORMAT POLARSSL_ERR_PK_KEY_INVALID_FORMAT -#define POLARSSL_ERR_X509_UNKNOWN_PK_ALG POLARSSL_ERR_PK_UNKNOWN_PK_ALG -#define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY POLARSSL_ERR_PK_INVALID_PUBKEY - -#if defined(POLARSSL_FS_IO) -static inline int x509parse_keyfile( rsa_context *rsa, const char *path, - const char *pwd ) { - int ret; - pk_context pk; - pk_init( &pk ); - ret = pk_parse_keyfile( &pk, path, pwd ); - if( ret == 0 && ! pk_can_do( &pk, POLARSSL_PK_RSA ) ) - ret = POLARSSL_ERR_PK_TYPE_MISMATCH; - if( ret == 0 ) - rsa_copy( rsa, pk_rsa( pk ) ); - else - rsa_free( rsa ); - pk_free( &pk ); - return( ret ); -} -static inline int x509parse_public_keyfile( rsa_context *rsa, const char *path ) { - int ret; - pk_context pk; - pk_init( &pk ); - ret = pk_parse_public_keyfile( &pk, path ); - if( ret == 0 && ! pk_can_do( &pk, POLARSSL_PK_RSA ) ) - ret = POLARSSL_ERR_PK_TYPE_MISMATCH; - if( ret == 0 ) - rsa_copy( rsa, pk_rsa( pk ) ); - else - rsa_free( rsa ); - pk_free( &pk ); - return( ret ); -} -#endif /* POLARSSL_FS_IO */ - -static inline int x509parse_key( rsa_context *rsa, const unsigned char *key, - size_t keylen, - const unsigned char *pwd, size_t pwdlen ) { - int ret; - pk_context pk; - pk_init( &pk ); - ret = pk_parse_key( &pk, key, keylen, pwd, pwdlen ); - if( ret == 0 && ! pk_can_do( &pk, POLARSSL_PK_RSA ) ) - ret = POLARSSL_ERR_PK_TYPE_MISMATCH; - if( ret == 0 ) - rsa_copy( rsa, pk_rsa( pk ) ); - else - rsa_free( rsa ); - pk_free( &pk ); - return( ret ); -} - -static inline int x509parse_public_key( rsa_context *rsa, - const unsigned char *key, size_t keylen ) -{ - int ret; - pk_context pk; - pk_init( &pk ); - ret = pk_parse_public_key( &pk, key, keylen ); - if( ret == 0 && ! pk_can_do( &pk, POLARSSL_PK_RSA ) ) - ret = POLARSSL_ERR_PK_TYPE_MISMATCH; - if( ret == 0 ) - rsa_copy( rsa, pk_rsa( pk ) ); - else - rsa_free( rsa ); - pk_free( &pk ); - return( ret ); -} -#endif /* POLARSSL_PK_PARSE_C && POLARSSL_RSA_C */ - -#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_RSA_C) -#include "pk.h" -static inline int x509_write_pubkey_der( unsigned char *buf, size_t len, rsa_context *rsa ) { - int ret; - pk_context ctx; - if( ( ret = pk_init_ctx( &ctx, pk_info_from_type( POLARSSL_PK_RSA ) ) ) != 0 ) return( ret ); - if( ( ret = rsa_copy( pk_rsa( ctx ), rsa ) ) != 0 ) return( ret ); - ret = pk_write_pubkey_der( &ctx, buf, len ); - pk_free( &ctx ); - return( ret ); -} -static inline int x509_write_key_der( unsigned char *buf, size_t len, rsa_context *rsa ) { - int ret; - pk_context ctx; - if( ( ret = pk_init_ctx( &ctx, pk_info_from_type( POLARSSL_PK_RSA ) ) ) != 0 ) return( ret ); - if( ( ret = rsa_copy( pk_rsa( ctx ), rsa ) ) != 0 ) return( ret ); - ret = pk_write_key_der( &ctx, buf, len ); - pk_free( &ctx ); - return( ret ); -} -#endif /* POLARSSL_PK_WRITE_C && POLARSSL_RSA_C */ -#endif /* compat-1.2.h */ -#endif /* POLARSSL_DEPRECATED_REMOVED */ diff --git a/ext/mbedtls/include/polarssl/config.h b/ext/mbedtls/include/polarssl/config.h deleted file mode 100644 index 01bb7158a6..0000000000 --- a/ext/mbedtls/include/polarssl/config.h +++ /dev/null @@ -1,2359 +0,0 @@ -/** - * \file config.h - * - * \brief Configuration options (set of defines) - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - * - * This set of compile-time options may be used to enable - * or disable features selectively, and reduce the global - * memory footprint. - */ -#ifndef POLARSSL_CONFIG_H -#define POLARSSL_CONFIG_H - -#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) -#define _CRT_SECURE_NO_DEPRECATE 1 -#endif - -/** - * \name SECTION: System support - * - * This section sets system specific settings. - * \{ - */ - -/** - * \def POLARSSL_HAVE_INT8 - * - * The system uses 8-bit wide native integers. - * - * \deprecated The compiler should be able to generate code for 32-bit - * arithmetic (required by C89). This code is likely to be at least as - * efficient as ours. - * - * Uncomment if native integers are 8-bit wide. - */ -//#define POLARSSL_HAVE_INT8 - -/** - * \def POLARSSL_HAVE_INT16 - * - * The system uses 16-bit wide native integers. - * - * \deprecated The compiler should be able to generate code for 32-bit - * arithmetic (required by C89). This code is likely to be at least as - * efficient as ours. - * - * Uncomment if native integers are 16-bit wide. - */ -//#define POLARSSL_HAVE_INT16 - -/** - * \def POLARSSL_HAVE_LONGLONG - * - * The compiler supports the 'long long' type. - * (Only used on 32-bit platforms) - */ -#define POLARSSL_HAVE_LONGLONG - -/** - * \def POLARSSL_HAVE_ASM - * - * The compiler has support for asm(). - * - * Requires support for asm() in compiler. - * - * Used in: - * library/timing.c - * library/padlock.c - * include/polarssl/bn_mul.h - * - * Comment to disable the use of assembly code. - */ -#define POLARSSL_HAVE_ASM - -/** - * \def POLARSSL_HAVE_SSE2 - * - * CPU supports SSE2 instruction set. - * - * Uncomment if the CPU supports SSE2 (IA-32 specific). - */ -//#define POLARSSL_HAVE_SSE2 - -/** - * \def POLARSSL_HAVE_TIME - * - * System has time.h and time() / localtime() / gettimeofday(). - * - * Comment if your system does not support time functions - */ -#define POLARSSL_HAVE_TIME - -/** - * \def POLARSSL_HAVE_IPV6 - * - * System supports the basic socket interface for IPv6 (RFC 3493), - * specifically getaddrinfo(), freeaddrinfo() and struct sockaddr_storage. - * - * Note: on Windows/MingW, XP or higher is required. - * - * \warning As of 1.3.11, *not* using this flag when POLARSSL_NET_C is - * defined, is deprecated. The alternative legacy code will be removed in 2.0. - * - * Comment if your system does not support the IPv6 socket interface - */ -#define POLARSSL_HAVE_IPV6 - -/** - * \def POLARSSL_PLATFORM_MEMORY - * - * Enable the memory allocation layer. - * - * By default mbed TLS uses the system-provided malloc() and free(). - * This allows different allocators (self-implemented or provided) to be - * provided to the platform abstraction layer. - * - * Enabling POLARSSL_PLATFORM_MEMORY without the - * POLARSSL_PLATFORM_{FREE,MALLOC}_MACROs will provide - * "platform_set_malloc_free()" allowing you to set an alternative malloc() and - * free() function pointer at runtime. - * - * Enabling POLARSSL_PLATFORM_MEMORY and specifying - * POLARSSL_PLATFORM_{MALLOC,FREE}_MACROs will allow you to specify the - * alternate function at compile time. - * - * Requires: POLARSSL_PLATFORM_C - * - * Enable this layer to allow use of alternative memory allocators. - */ -//#define POLARSSL_PLATFORM_MEMORY - -/** - * \def POLARSSL_PLATFORM_NO_STD_FUNCTIONS - * - * Do not assign standard functions in the platform layer (e.g. malloc() to - * POLARSSL_PLATFORM_STD_MALLOC and printf() to POLARSSL_PLATFORM_STD_PRINTF) - * - * This makes sure there are no linking errors on platforms that do not support - * these functions. You will HAVE to provide alternatives, either at runtime - * via the platform_set_xxx() functions or at compile time by setting - * the POLARSSL_PLATFORM_STD_XXX defines, or enabling a - * POLARSSL_PLATFORM_XXX_MACRO. - * - * Requires: POLARSSL_PLATFORM_C - * - * Uncomment to prevent default assignment of standard functions in the - * platform layer. - */ -//#define POLARSSL_PLATFORM_NO_STD_FUNCTIONS - -/** - * \def POLARSSL_PLATFORM_XXX_ALT - * - * Uncomment a macro to let mbed TLS support the function in the platform - * abstraction layer. - * - * Example: In case you uncomment POLARSSL_PLATFORM_PRINTF_ALT, mbed TLS will - * provide a function "platform_set_printf()" that allows you to set an - * alternative printf function pointer. - * - * All these define require POLARSSL_PLATFORM_C to be defined! - * - * WARNING: POLARSSL_PLATFORM_SNPRINTF_ALT is not available on Windows - * for compatibility reasons. - * - * WARNING: POLARSSL_PLATFORM_XXX_ALT cannot be defined at the same time as - * POLARSSL_PLATFORM_XXX_MACRO! - * - * Uncomment a macro to enable alternate implementation of specific base - * platform function - */ -//#define POLARSSL_PLATFORM_EXIT_ALT -//#define POLARSSL_PLATFORM_FPRINTF_ALT -//#define POLARSSL_PLATFORM_PRINTF_ALT -//#define POLARSSL_PLATFORM_SNPRINTF_ALT - -/** - * \def POLARSSL_DEPRECATED_WARNING - * - * Mark deprecated functions so that they generate a warning if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * This only works with GCC and Clang. With other compilers, you may want to - * use POLARSSL_DEPRECATED_REMOVED - * - * Uncomment to get warnings on using deprecated functions. - */ -//#define POLARSSL_DEPRECATED_WARNING - -/** - * \def POLARSSL_DEPRECATED_REMOVED - * - * Remove deprecated functions so that they generate an error if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * Uncomment to get errors on using deprecated functions. - */ -//#define POLARSSL_DEPRECATED_REMOVED - -/* \} name SECTION: System support */ - -/** - * \name SECTION: mbed TLS feature support - * - * This section sets support for features that are or are not needed - * within the modules that are enabled. - * \{ - */ - -/** - * \def POLARSSL_TIMING_ALT - * - * Uncomment to provide your own alternate implementation for hardclock(), - * get_timer(), set_alarm() and m_sleep(). - * - * Only works if you have POLARSSL_TIMING_C enabled. - * - * You will need to provide a header "timing_alt.h" and an implementation at - * compile time. - */ -//#define POLARSSL_TIMING_ALT - -/** - * \def POLARSSL_XXX_ALT - * - * Uncomment a macro to let mbed TLS use your alternate core implementation of - * a symmetric or hash algorithm (e.g. platform specific assembly optimized - * implementations). Keep in mind that the function prototypes should remain - * the same. - * - * Example: In case you uncomment POLARSSL_AES_ALT, mbed TLS will no longer - * provide the "struct aes_context" definition and omit the base function - * declarations and implementations. "aes_alt.h" will be included from - * "aes.h" to include the new function definitions. - * - * Uncomment a macro to enable alternate implementation for core algorithm - * functions - */ -//#define POLARSSL_AES_ALT -//#define POLARSSL_ARC4_ALT -//#define POLARSSL_BLOWFISH_ALT -//#define POLARSSL_CAMELLIA_ALT -//#define POLARSSL_DES_ALT -//#define POLARSSL_XTEA_ALT -//#define POLARSSL_MD2_ALT -//#define POLARSSL_MD4_ALT -//#define POLARSSL_MD5_ALT -//#define POLARSSL_RIPEMD160_ALT -//#define POLARSSL_SHA1_ALT -//#define POLARSSL_SHA256_ALT -//#define POLARSSL_SHA512_ALT - -/** - * \def POLARSSL_AES_ROM_TABLES - * - * Store the AES tables in ROM. - * - * Uncomment this macro to store the AES tables in ROM. - */ -//#define POLARSSL_AES_ROM_TABLES - -/** - * \def POLARSSL_CAMELLIA_SMALL_MEMORY - * - * Use less ROM for the Camellia implementation (saves about 768 bytes). - * - * Uncomment this macro to use less memory for Camellia. - */ -//#define POLARSSL_CAMELLIA_SMALL_MEMORY - -/** - * \def POLARSSL_CIPHER_MODE_CBC - * - * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. - */ -#define POLARSSL_CIPHER_MODE_CBC - -/** - * \def POLARSSL_CIPHER_MODE_CFB - * - * Enable Cipher Feedback mode (CFB) for symmetric ciphers. - */ -#define POLARSSL_CIPHER_MODE_CFB - -/** - * \def POLARSSL_CIPHER_MODE_CTR - * - * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. - */ -#define POLARSSL_CIPHER_MODE_CTR - -/** - * \def POLARSSL_CIPHER_NULL_CIPHER - * - * Enable NULL cipher. - * Warning: Only do so when you know what you are doing. This allows for - * encryption or channels without any security! - * - * Requires POLARSSL_ENABLE_WEAK_CIPHERSUITES as well to enable - * the following ciphersuites: - * TLS_ECDH_ECDSA_WITH_NULL_SHA - * TLS_ECDH_RSA_WITH_NULL_SHA - * TLS_ECDHE_ECDSA_WITH_NULL_SHA - * TLS_ECDHE_RSA_WITH_NULL_SHA - * TLS_ECDHE_PSK_WITH_NULL_SHA384 - * TLS_ECDHE_PSK_WITH_NULL_SHA256 - * TLS_ECDHE_PSK_WITH_NULL_SHA - * TLS_DHE_PSK_WITH_NULL_SHA384 - * TLS_DHE_PSK_WITH_NULL_SHA256 - * TLS_DHE_PSK_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_SHA256 - * TLS_RSA_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_MD5 - * TLS_RSA_PSK_WITH_NULL_SHA384 - * TLS_RSA_PSK_WITH_NULL_SHA256 - * TLS_RSA_PSK_WITH_NULL_SHA - * TLS_PSK_WITH_NULL_SHA384 - * TLS_PSK_WITH_NULL_SHA256 - * TLS_PSK_WITH_NULL_SHA - * - * Uncomment this macro to enable the NULL cipher and ciphersuites - */ -//#define POLARSSL_CIPHER_NULL_CIPHER - -/** - * \def POLARSSL_CIPHER_PADDING_XXX - * - * Uncomment or comment macros to add support for specific padding modes - * in the cipher layer with cipher modes that support padding (e.g. CBC) - * - * If you disable all padding modes, only full blocks can be used with CBC. - * - * Enable padding modes in the cipher layer. - */ -#define POLARSSL_CIPHER_PADDING_PKCS7 -#define POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS -#define POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN -#define POLARSSL_CIPHER_PADDING_ZEROS - -/** - * \def POLARSSL_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS. - * Warning: Only do so when you know what you are doing. This allows for - * channels with virtually no security at all! - * - * This enables the following ciphersuites: - * TLS_RSA_WITH_DES_CBC_SHA - * TLS_DHE_RSA_WITH_DES_CBC_SHA - * - * Uncomment this macro to enable weak ciphersuites - */ -//#define POLARSSL_ENABLE_WEAK_CIPHERSUITES - -/** - * \def POLARSSL_REMOVE_ARC4_CIPHERSUITES - * - * Remove RC4 ciphersuites by default in SSL / TLS. - * This flag removes the ciphersuites based on RC4 from the default list as - * returned by ssl_list_ciphersuites(). However, it is still possible to - * enable (some of) them with ssl_set_ciphersuites() by including them - * explicitly. - * - * Uncomment this macro to remove RC4 ciphersuites by default. - */ -//#define POLARSSL_REMOVE_ARC4_CIPHERSUITES - -/** - * \def POLARSSL_ECP_XXXX_ENABLED - * - * Enables specific curves within the Elliptic Curve module. - * By default all supported curves are enabled. - * - * Comment macros to disable the curve and functions for it - */ -#define POLARSSL_ECP_DP_SECP192R1_ENABLED -#define POLARSSL_ECP_DP_SECP224R1_ENABLED -#define POLARSSL_ECP_DP_SECP256R1_ENABLED -#define POLARSSL_ECP_DP_SECP384R1_ENABLED -#define POLARSSL_ECP_DP_SECP521R1_ENABLED -#define POLARSSL_ECP_DP_SECP192K1_ENABLED -#define POLARSSL_ECP_DP_SECP224K1_ENABLED -#define POLARSSL_ECP_DP_SECP256K1_ENABLED -#define POLARSSL_ECP_DP_BP256R1_ENABLED -#define POLARSSL_ECP_DP_BP384R1_ENABLED -#define POLARSSL_ECP_DP_BP512R1_ENABLED -//#define POLARSSL_ECP_DP_M221_ENABLED // Not implemented yet! -#define POLARSSL_ECP_DP_M255_ENABLED -//#define POLARSSL_ECP_DP_M383_ENABLED // Not implemented yet! -//#define POLARSSL_ECP_DP_M511_ENABLED // Not implemented yet! - -/** - * \def POLARSSL_ECP_NIST_OPTIM - * - * Enable specific 'modulo p' routines for each NIST prime. - * Depending on the prime and architecture, makes operations 4 to 8 times - * faster on the corresponding curve. - * - * Comment this macro to disable NIST curves optimisation. - */ -#define POLARSSL_ECP_NIST_OPTIM - -/** - * \def POLARSSL_ECDSA_DETERMINISTIC - * - * Enable deterministic ECDSA (RFC 6979). - * Standard ECDSA is "fragile" in the sense that lack of entropy when signing - * may result in a compromise of the long-term signing key. This is avoided by - * the deterministic variant. - * - * Requires: POLARSSL_HMAC_DRBG_C - * - * Comment this macro to disable deterministic ECDSA. - */ -#define POLARSSL_ECDSA_DETERMINISTIC - -/** - * \def POLARSSL_KEY_EXCHANGE_PSK_ENABLED - * - * Enable the PSK based ciphersuite modes in SSL / TLS. - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_PSK_WITH_AES_256_GCM_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA - * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_PSK_WITH_AES_128_GCM_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA - * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_PSK_WITH_RC4_128_SHA - */ -#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED - -/** - * \def POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED - * - * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: POLARSSL_DHM_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_PSK_WITH_RC4_128_SHA - */ -#define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED - -/** - * \def POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED - * - * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: POLARSSL_ECDH_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_PSK_WITH_RC4_128_SHA - */ -#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED - -/** - * \def POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED - * - * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15, - * POLARSSL_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_PSK_WITH_RC4_128_SHA - */ -#define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED - -/** - * \def POLARSSL_KEY_EXCHANGE_RSA_ENABLED - * - * Enable the RSA-only based ciphersuite modes in SSL / TLS. - * - * Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15, - * POLARSSL_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_RSA_WITH_AES_256_GCM_SHA384 - * TLS_RSA_WITH_AES_256_CBC_SHA256 - * TLS_RSA_WITH_AES_256_CBC_SHA - * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_RSA_WITH_AES_128_GCM_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA - * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_MD5 - */ -#define POLARSSL_KEY_EXCHANGE_RSA_ENABLED - -/** - * \def POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED - * - * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: POLARSSL_DHM_C, POLARSSL_RSA_C, POLARSSL_PKCS1_V15, - * POLARSSL_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - */ -#define POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED - -/** - * \def POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED - * - * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: POLARSSL_ECDH_C, POLARSSL_RSA_C, POLARSSL_PKCS1_V15, - * POLARSSL_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_RSA_WITH_RC4_128_SHA - */ -#define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED - -/** - * \def POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - * - * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: POLARSSL_ECDH_C, POLARSSL_ECDSA_C, POLARSSL_X509_CRT_PARSE_C, - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - */ -#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - -/** - * \def POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - * - * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: POLARSSL_ECDH_C, POLARSSL_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - -/** - * \def POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED - * - * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: POLARSSL_ECDH_C, POLARSSL_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_ECDH_RSA_WITH_RC4_128_SHA - * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED - -/** - * \def POLARSSL_PK_PARSE_EC_EXTENDED - * - * Enhance support for reading EC keys using variants of SEC1 not allowed by - * RFC 5915 and RFC 5480. - * - * Currently this means parsing the SpecifiedECDomain choice of EC - * parameters (only known groups are supported, not arbitrary domains, to - * avoid validation issues). - * - * Disable if you only need to support RFC 5915 + 5480 key formats. - */ -#define POLARSSL_PK_PARSE_EC_EXTENDED - -/** - * \def POLARSSL_ERROR_STRERROR_BC - * - * Make available the backward compatible error_strerror() next to the - * current polarssl_strerror(). - * - * \deprecated Do not define this and use polarssl_strerror() instead - * - * Disable if you want to really remove the error_strerror() name - */ -#define POLARSSL_ERROR_STRERROR_BC - -/** - * \def POLARSSL_ERROR_STRERROR_DUMMY - * - * Enable a dummy error function to make use of polarssl_strerror() in - * third party libraries easier when POLARSSL_ERROR_C is disabled - * (no effect when POLARSSL_ERROR_C is enabled). - * - * You can safely disable this if POLARSSL_ERROR_C is enabled, or if you're - * not using polarssl_strerror() or error_strerror() in your application. - * - * Disable if you run into name conflicts and want to really remove the - * polarssl_strerror() - */ -#define POLARSSL_ERROR_STRERROR_DUMMY - -/** - * \def POLARSSL_GENPRIME - * - * Enable the prime-number generation code. - * - * Requires: POLARSSL_BIGNUM_C - */ -#define POLARSSL_GENPRIME - -/** - * \def POLARSSL_FS_IO - * - * Enable functions that use the filesystem. - */ -#define POLARSSL_FS_IO - -/** - * \def POLARSSL_NO_DEFAULT_ENTROPY_SOURCES - * - * Do not add default entropy sources. These are the platform specific, - * hardclock and HAVEGE based poll functions. - * - * This is useful to have more control over the added entropy sources in an - * application. - * - * Uncomment this macro to prevent loading of default entropy functions. - */ -//#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES - -/** - * \def POLARSSL_NO_PLATFORM_ENTROPY - * - * Do not use built-in platform entropy functions. - * This is useful if your platform does not support - * standards like the /dev/urandom or Windows CryptoAPI. - * - * Uncomment this macro to disable the built-in platform entropy functions. - */ -//#define POLARSSL_NO_PLATFORM_ENTROPY - -/** - * \def POLARSSL_ENTROPY_FORCE_SHA256 - * - * Force the entropy accumulator to use a SHA-256 accumulator instead of the - * default SHA-512 based one (if both are available). - * - * Requires: POLARSSL_SHA256_C - * - * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option - * if you have performance concerns. - * - * This option is only useful if both POLARSSL_SHA256_C and - * POLARSSL_SHA512_C are defined. Otherwise the available hash module is used. - */ -//#define POLARSSL_ENTROPY_FORCE_SHA256 - -/** - * \def POLARSSL_MEMORY_DEBUG - * - * Enable debugging of buffer allocator memory issues. Automatically prints - * (to stderr) all (fatal) messages on memory allocation issues. Enables - * function for 'debug output' of allocated memory. - * - * Requires: POLARSSL_MEMORY_BUFFER_ALLOC_C - * - * Uncomment this macro to let the buffer allocator print out error messages. - */ -//#define POLARSSL_MEMORY_DEBUG - -/** - * \def POLARSSL_MEMORY_BACKTRACE - * - * Include backtrace information with each allocated block. - * - * Requires: POLARSSL_MEMORY_BUFFER_ALLOC_C - * GLIBC-compatible backtrace() an backtrace_symbols() support - * - * Uncomment this macro to include backtrace information - */ -//#define POLARSSL_MEMORY_BACKTRACE - -/** - * \def POLARSSL_PKCS1_V15 - * - * Enable support for PKCS#1 v1.5 encoding. - * - * Requires: POLARSSL_RSA_C - * - * This enables support for PKCS#1 v1.5 operations. - */ -#define POLARSSL_PKCS1_V15 - -/** - * \def POLARSSL_PKCS1_V21 - * - * Enable support for PKCS#1 v2.1 encoding. - * - * Requires: POLARSSL_MD_C, POLARSSL_RSA_C - * - * This enables support for RSAES-OAEP and RSASSA-PSS operations. - */ -#define POLARSSL_PKCS1_V21 - -/** - * \def POLARSSL_RSA_NO_CRT - * - * Do not use the Chinese Remainder Theorem for the RSA private operation. - * - * Uncomment this macro to disable the use of CRT in RSA. - * - */ -//#define POLARSSL_RSA_NO_CRT - -/** - * \def POLARSSL_SELF_TEST - * - * Enable the checkup functions (*_self_test). - */ -#define POLARSSL_SELF_TEST - -/** - * \def POLARSSL_SSL_AEAD_RANDOM_IV - * - * Generate a random IV rather than using the record sequence number as a - * nonce for ciphersuites using and AEAD algorithm (GCM or CCM). - * - * Using the sequence number is generally recommended. - * - * Uncomment this macro to always use random IVs with AEAD ciphersuites. - */ -//#define POLARSSL_SSL_AEAD_RANDOM_IV - -/** - * \def POLARSSL_SSL_ALL_ALERT_MESSAGES - * - * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate - * with other servers, only debugging of failures is harder. - * - * The advantage of not sending alert messages, is that no information is given - * about reasons for failures thus preventing adversaries of gaining intel. - * - * Enable sending of all alert messages - */ -#define POLARSSL_SSL_ALERT_MESSAGES - -/** - * \def POLARSSL_SSL_DEBUG_ALL - * - * Enable the debug messages in SSL module for all issues. - * Debug messages have been disabled in some places to prevent timing - * attacks due to (unbalanced) debugging function calls. - * - * If you need all error reporting you should enable this during debugging, - * but remove this for production servers that should log as well. - * - * Uncomment this macro to report all debug messages on errors introducing - * a timing side-channel. - * - */ -//#define POLARSSL_SSL_DEBUG_ALL - -/** \def POLARSSL_SSL_ENCRYPT_THEN_MAC - * - * Enable support for Encrypt-then-MAC, RFC 7366. - * - * This allows peers that both support it to use a more robust protection for - * ciphersuites using CBC, providing deep resistance against timing attacks - * on the padding or underlying cipher. - * - * This only affects CBC ciphersuites, and is useless if none is defined. - * - * Requires: POLARSSL_SSL_PROTO_TLS1 or - * POLARSSL_SSL_PROTO_TLS1_1 or - * POLARSSL_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Encrypt-then-MAC - */ -#define POLARSSL_SSL_ENCRYPT_THEN_MAC - -/** \def POLARSSL_SSL_EXTENDED_MASTER_SECRET - * - * Enable support for Extended Master Secret, aka Session Hash - * (draft-ietf-tls-session-hash-02). - * - * This was introduced as "the proper fix" to the Triple Handshake familiy of - * attacks, but it is recommended to always use it (even if you disable - * renegotiation), since it actually fixes a more fundamental issue in the - * original SSL/TLS design, and has implications beyond Triple Handshake. - * - * Requires: POLARSSL_SSL_PROTO_TLS1 or - * POLARSSL_SSL_PROTO_TLS1_1 or - * POLARSSL_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Extended Master Secret. - */ -#define POLARSSL_SSL_EXTENDED_MASTER_SECRET - -/** - * \def POLARSSL_SSL_FALLBACK_SCSV - * - * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). - * - * For servers, it is recommended to always enable this, unless you support - * only one version of TLS, or know for sure that none of your clients - * implements a fallback strategy. - * - * For clients, you only need this if you're using a fallback strategy, which - * is not recommended in the first place, unless you absolutely need it to - * interoperate with buggy (version-intolerant) servers. - * - * Comment this macro to disable support for FALLBACK_SCSV - */ -#define POLARSSL_SSL_FALLBACK_SCSV - -/** - * \def POLARSSL_SSL_HW_RECORD_ACCEL - * - * Enable hooking functions in SSL module for hardware acceleration of - * individual records. - * - * Uncomment this macro to enable hooking functions. - */ -//#define POLARSSL_SSL_HW_RECORD_ACCEL - -/** - * \def POLARSSL_SSL_CBC_RECORD_SPLITTING - * - * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0. - * - * This is a countermeasure to the BEAST attack, which also minimizes the risk - * of interoperability issues compared to sending 0-length records. - * - * Comment this macro to disable 1/n-1 record splitting. - */ -#define POLARSSL_SSL_CBC_RECORD_SPLITTING - -/** - * \def POLARSSL_SSL_DISABLE_RENEGOTIATION - * - * Disable support for TLS renegotiation. - * - * The two main uses of renegotiation are (1) refresh keys on long-lived - * connections and (2) client authentication after the initial handshake. - * If you don't need renegotiation, it's probably better to disable it, since - * it has been associated with security issues in the past and is easy to - * misuse/misunderstand. - * - * Warning: in the next stable branch, this switch will be replaced by - * POLARSSL_SSL_RENEGOTIATION to enable support for renegotiation. - * - * Uncomment this to disable support for renegotiation. - */ -//#define POLARSSL_SSL_DISABLE_RENEGOTIATION - -/** - * \def POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - * - * Enable support for receiving and parsing SSLv2 Client Hello messages for the - * SSL Server module (POLARSSL_SSL_SRV_C). - * - * Comment this macro to disable support for SSLv2 Client Hello messages. - */ -#define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO - -/** - * \def POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE - * - * Pick the ciphersuite according to the client's preferences rather than ours - * in the SSL Server module (POLARSSL_SSL_SRV_C). - * - * Uncomment this macro to respect client's ciphersuite order - */ -//#define POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE - -/** - * \def POLARSSL_SSL_MAX_FRAGMENT_LENGTH - * - * Enable support for RFC 6066 max_fragment_length extension in SSL. - * - * Comment this macro to disable support for the max_fragment_length extension - */ -#define POLARSSL_SSL_MAX_FRAGMENT_LENGTH - -/** - * \def POLARSSL_SSL_PROTO_SSL3 - * - * Enable support for SSL 3.0. - * - * Requires: POLARSSL_MD5_C - * POLARSSL_SHA1_C - * - * Comment this macro to disable support for SSL 3.0 - */ -#define POLARSSL_SSL_PROTO_SSL3 - -/** - * \def POLARSSL_SSL_PROTO_TLS1 - * - * Enable support for TLS 1.0. - * - * Requires: POLARSSL_MD5_C - * POLARSSL_SHA1_C - * - * Comment this macro to disable support for TLS 1.0 - */ -#define POLARSSL_SSL_PROTO_TLS1 - -/** - * \def POLARSSL_SSL_PROTO_TLS1_1 - * - * Enable support for TLS 1.1. - * - * Requires: POLARSSL_MD5_C - * POLARSSL_SHA1_C - * - * Comment this macro to disable support for TLS 1.1 - */ -#define POLARSSL_SSL_PROTO_TLS1_1 - -/** - * \def POLARSSL_SSL_PROTO_TLS1_2 - * - * Enable support for TLS 1.2. - * - * Requires: POLARSSL_SHA1_C or POLARSSL_SHA256_C or POLARSSL_SHA512_C - * (Depends on ciphersuites) - * - * Comment this macro to disable support for TLS 1.2 - */ -#define POLARSSL_SSL_PROTO_TLS1_2 - -/** - * \def POLARSSL_SSL_ALPN - * - * Enable support for RFC 7301 Application Layer Protocol Negotiation. - * - * Comment this macro to disable support for ALPN. - */ -#define POLARSSL_SSL_ALPN - -/** - * \def POLARSSL_SSL_SESSION_TICKETS - * - * Enable support for RFC 5077 session tickets in SSL. - * - * Requires: POLARSSL_AES_C - * POLARSSL_SHA256_C - * POLARSSL_CIPHER_MODE_CBC - * - * Comment this macro to disable support for SSL session tickets - */ -#define POLARSSL_SSL_SESSION_TICKETS - -/** - * \def POLARSSL_SSL_SERVER_NAME_INDICATION - * - * Enable support for RFC 6066 server name indication (SNI) in SSL. - * - * Requires: POLARSSL_X509_CRT_PARSE_C - * - * Comment this macro to disable support for server name indication in SSL - */ -#define POLARSSL_SSL_SERVER_NAME_INDICATION - -/** - * \def POLARSSL_SSL_TRUNCATED_HMAC - * - * Enable support for RFC 6066 truncated HMAC in SSL. - * - * Comment this macro to disable support for truncated HMAC in SSL - */ -#define POLARSSL_SSL_TRUNCATED_HMAC - -/** - * \def POLARSSL_SSL_SET_CURVES - * - * Enable ssl_set_curves(). - * - * This is disabled by default since it breaks binary compatibility with the - * 1.3.x line. If you choose to enable it, you will need to rebuild your - * application against the new header files, relinking will not be enough. - * It will be enabled by default, or no longer an option, in the 1.4 branch. - * - * Uncomment to make ssl_set_curves() available. - */ -//#define POLARSSL_SSL_SET_CURVES - -/** - * \def POLARSSL_THREADING_ALT - * - * Provide your own alternate threading implementation. - * - * Requires: POLARSSL_THREADING_C - * - * Uncomment this to allow your own alternate threading implementation. - */ -//#define POLARSSL_THREADING_ALT - -/** - * \def POLARSSL_THREADING_PTHREAD - * - * Enable the pthread wrapper layer for the threading layer. - * - * Requires: POLARSSL_THREADING_C - * - * Uncomment this to enable pthread mutexes. - */ -//#define POLARSSL_THREADING_PTHREAD - -/** - * \def POLARSSL_VERSION_FEATURES - * - * Allow run-time checking of compile-time enabled features. Thus allowing users - * to check at run-time if the library is for instance compiled with threading - * support via version_check_feature(). - * - * Requires: POLARSSL_VERSION_C - * - * Comment this to disable run-time checking and save ROM space - */ -#define POLARSSL_VERSION_FEATURES - -/** - * \def POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an extension in a v1 or v2 certificate. - * - * Uncomment to prevent an error. - */ -//#define POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 - -/** - * \def POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an unknown critical extension. - * - * Uncomment to prevent an error. - */ -//#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - -/** - * \def POLARSSL_X509_CHECK_KEY_USAGE - * - * Enable verification of the keyUsage extension (CA and leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused - * (intermediate) CA and leaf certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip keyUsage checking for both CA and leaf certificates. - */ -#define POLARSSL_X509_CHECK_KEY_USAGE - -/** - * \def POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE - * - * Enable verification of the extendedKeyUsage extension (leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip extendedKeyUsage checking for certificates. - */ -#define POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE - -/** - * \def POLARSSL_X509_RSASSA_PSS_SUPPORT - * - * Enable parsing and verification of X.509 certificates, CRLs and CSRS - * signed with RSASSA-PSS (aka PKCS#1 v2.1). - * - * Comment this macro to disallow using RSASSA-PSS in certificates. - */ -#define POLARSSL_X509_RSASSA_PSS_SUPPORT - -/** - * \def POLARSSL_ZLIB_SUPPORT - * - * If set, the SSL/TLS module uses ZLIB to support compression and - * decompression of packet data. - * - * \warning TLS-level compression MAY REDUCE SECURITY! See for example the - * CRIME attack. Before enabling this option, you should examine with care if - * CRIME or similar exploits may be a applicable to your use case. - * - * Used in: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This feature requires zlib library and headers to be present. - * - * Uncomment to enable use of ZLIB - */ -//#define POLARSSL_ZLIB_SUPPORT -/* \} name SECTION: mbed TLS feature support */ - -/** - * \name SECTION: mbed TLS modules - * - * This section enables or disables entire modules in mbed TLS - * \{ - */ - -/** - * \def POLARSSL_AESNI_C - * - * Enable AES-NI support on x86-64. - * - * Module: library/aesni.c - * Caller: library/aes.c - * - * Requires: POLARSSL_HAVE_ASM - * - * This modules adds support for the AES-NI instructions on x86-64 - */ -//#define POLARSSL_AESNI_C - -/** - * \def POLARSSL_AES_C - * - * Enable the AES block cipher. - * - * Module: library/aes.c - * Caller: library/ssl_tls.c - * library/pem.c - * library/ctr_drbg.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * TLS_RSA_WITH_AES_256_GCM_SHA384 - * TLS_RSA_WITH_AES_256_CBC_SHA256 - * TLS_RSA_WITH_AES_256_CBC_SHA - * TLS_RSA_WITH_AES_128_GCM_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA - * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * TLS_PSK_WITH_AES_256_GCM_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA - * TLS_PSK_WITH_AES_128_GCM_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA - * - * PEM_PARSE uses AES for decrypting encrypted keys. - */ -#define POLARSSL_AES_C - -/** - * \def POLARSSL_ARC4_C - * - * Enable the ARCFOUR stream cipher. - * - * Module: library/arc4.c - * Caller: library/ssl_tls.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * TLS_ECDH_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * TLS_ECDHE_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_PSK_WITH_RC4_128_SHA - * TLS_DHE_PSK_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_MD5 - * TLS_RSA_PSK_WITH_RC4_128_SHA - * TLS_PSK_WITH_RC4_128_SHA - */ -#define POLARSSL_ARC4_C - -/** - * \def POLARSSL_ASN1_PARSE_C - * - * Enable the generic ASN1 parser. - * - * Module: library/asn1.c - * Caller: library/x509.c - * library/dhm.c - * library/pkcs12.c - * library/pkcs5.c - * library/pkparse.c - */ -#define POLARSSL_ASN1_PARSE_C - -/** - * \def POLARSSL_ASN1_WRITE_C - * - * Enable the generic ASN1 writer. - * - * Module: library/asn1write.c - * Caller: library/ecdsa.c - * library/pkwrite.c - * library/x509_create.c - * library/x509write_crt.c - * library/x509write_csr.c - */ -#define POLARSSL_ASN1_WRITE_C - -/** - * \def POLARSSL_BASE64_C - * - * Enable the Base64 module. - * - * Module: library/base64.c - * Caller: library/pem.c - * - * This module is required for PEM support (required by X.509). - */ -#define POLARSSL_BASE64_C - -/** - * \def POLARSSL_BIGNUM_C - * - * Enable the multi-precision integer library. - * - * Module: library/bignum.c - * Caller: library/dhm.c - * library/ecp.c - * library/ecdsa.c - * library/rsa.c - * library/ssl_tls.c - * - * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. - */ -#define POLARSSL_BIGNUM_C - -/** - * \def POLARSSL_BLOWFISH_C - * - * Enable the Blowfish block cipher. - * - * Module: library/blowfish.c - */ -#define POLARSSL_BLOWFISH_C - -/** - * \def POLARSSL_CAMELLIA_C - * - * Enable the Camellia block cipher. - * - * Module: library/camellia.c - * Caller: library/ssl_tls.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - */ -#define POLARSSL_CAMELLIA_C - -/** - * \def POLARSSL_CCM_C - * - * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. - * - * Module: library/ccm.c - * - * Requires: POLARSSL_AES_C or POLARSSL_CAMELLIA_C - * - * This module enables the AES-CCM ciphersuites, if other requisites are - * enabled as well. - */ -#define POLARSSL_CCM_C - -/** - * \def POLARSSL_CERTS_C - * - * Enable the test certificates. - * - * Module: library/certs.c - * Caller: - * - * Requires: POLARSSL_PEM_PARSE_C - * - * This module is used for testing (ssl_client/server). - */ -#define POLARSSL_CERTS_C - -/** - * \def POLARSSL_CIPHER_C - * - * Enable the generic cipher layer. - * - * Module: library/cipher.c - * Caller: library/ssl_tls.c - * - * Uncomment to enable generic cipher wrappers. - */ -#define POLARSSL_CIPHER_C - -/** - * \def POLARSSL_CTR_DRBG_C - * - * Enable the CTR_DRBG AES-256-based random generator. - * - * Module: library/ctr_drbg.c - * Caller: - * - * Requires: POLARSSL_AES_C - * - * This module provides the CTR_DRBG AES-256 random number generator. - */ -#define POLARSSL_CTR_DRBG_C - -/** - * \def POLARSSL_DEBUG_C - * - * Enable the debug functions. - * - * Module: library/debug.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module provides debugging functions. - */ -#define POLARSSL_DEBUG_C - -/** - * \def POLARSSL_DES_C - * - * Enable the DES block cipher. - * - * Module: library/des.c - * Caller: library/pem.c - * library/ssl_tls.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_PSK_WITH_3DES_EDE_CBC_SHA - * - * PEM_PARSE uses DES/3DES for decrypting encrypted keys. - */ -#define POLARSSL_DES_C - -/** - * \def POLARSSL_DHM_C - * - * Enable the Diffie-Hellman-Merkle module. - * - * Module: library/dhm.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * DHE-RSA, DHE-PSK - */ -#define POLARSSL_DHM_C - -/** - * \def POLARSSL_ECDH_C - * - * Enable the elliptic curve Diffie-Hellman library. - * - * Module: library/ecdh.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK - * - * Requires: POLARSSL_ECP_C - */ -#define POLARSSL_ECDH_C - -/** - * \def POLARSSL_ECDSA_C - * - * Enable the elliptic curve DSA library. - * - * Module: library/ecdsa.c - * Caller: - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA - * - * Requires: POLARSSL_ECP_C, POLARSSL_ASN1_WRITE_C, POLARSSL_ASN1_PARSE_C - */ -#define POLARSSL_ECDSA_C - -/** - * \def POLARSSL_ECP_C - * - * Enable the elliptic curve over GF(p) library. - * - * Module: library/ecp.c - * Caller: library/ecdh.c - * library/ecdsa.c - * - * Requires: POLARSSL_BIGNUM_C and at least one POLARSSL_ECP_DP_XXX_ENABLED - */ -#define POLARSSL_ECP_C - -/** - * \def POLARSSL_ENTROPY_C - * - * Enable the platform-specific entropy code. - * - * Module: library/entropy.c - * Caller: - * - * Requires: POLARSSL_SHA512_C or POLARSSL_SHA256_C - * - * This module provides a generic entropy pool - */ -#define POLARSSL_ENTROPY_C - -/** - * \def POLARSSL_ERROR_C - * - * Enable error code to error string conversion. - * - * Module: library/error.c - * Caller: - * - * This module enables polarssl_strerror(). - */ -#define POLARSSL_ERROR_C - -/** - * \def POLARSSL_GCM_C - * - * Enable the Galois/Counter Mode (GCM) for AES. - * - * Module: library/gcm.c - * - * Requires: POLARSSL_AES_C or POLARSSL_CAMELLIA_C - * - * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other - * requisites are enabled as well. - */ -#define POLARSSL_GCM_C - -/** - * \def POLARSSL_HAVEGE_C - * - * Enable the HAVEGE random generator. - * - * Warning: the HAVEGE random generator is not suitable for virtualized - * environments - * - * Warning: the HAVEGE random generator is dependent on timing and specific - * processor traits. It is therefore not advised to use HAVEGE as - * your applications primary random generator or primary entropy pool - * input. As a secondary input to your entropy pool, it IS able add - * the (limited) extra entropy it provides. - * - * Module: library/havege.c - * Caller: - * - * Requires: POLARSSL_TIMING_C - * - * Uncomment to enable the HAVEGE random generator. - */ -//#define POLARSSL_HAVEGE_C - -/** - * \def POLARSSL_HMAC_DRBG_C - * - * Enable the HMAC_DRBG random generator. - * - * Module: library/hmac_drbg.c - * Caller: - * - * Requires: POLARSSL_MD_C - * - * Uncomment to enable the HMAC_DRBG random number geerator. - */ -#define POLARSSL_HMAC_DRBG_C - -/** - * \def POLARSSL_MD_C - * - * Enable the generic message digest layer. - * - * Module: library/md.c - * Caller: - * - * Uncomment to enable generic message digest wrappers. - */ -#define POLARSSL_MD_C - -/** - * \def POLARSSL_MD2_C - * - * Enable the MD2 hash algorithm. - * - * Module: library/md2.c - * Caller: - * - * Uncomment to enable support for (rare) MD2-signed X.509 certs. - */ -//#define POLARSSL_MD2_C - -/** - * \def POLARSSL_MD4_C - * - * Enable the MD4 hash algorithm. - * - * Module: library/md4.c - * Caller: - * - * Uncomment to enable support for (rare) MD4-signed X.509 certs. - */ -//#define POLARSSL_MD4_C - -/** - * \def POLARSSL_MD5_C - * - * Enable the MD5 hash algorithm. - * - * Module: library/md5.c - * Caller: library/md.c - * library/pem.c - * library/ssl_tls.c - * - * This module is required for SSL/TLS and X.509. - * PEM_PARSE uses MD5 for decrypting encrypted keys. - */ -#define POLARSSL_MD5_C - -/** - * \def POLARSSL_MEMORY_C - * - * \deprecated Use POLARSSL_PLATFORM_MEMORY instead. - * - * Depends on: POLARSSL_PLATFORM_C - */ -//#define POLARSSL_MEMORY_C - -/** - * \def POLARSSL_MEMORY_BUFFER_ALLOC_C - * - * Enable the buffer allocator implementation that makes use of a (stack) - * based buffer to 'allocate' dynamic memory. (replaces malloc() and free() - * calls) - * - * Module: library/memory_buffer_alloc.c - * - * Requires: POLARSSL_PLATFORM_C - * POLARSSL_PLATFORM_MEMORY (to use it within mbed TLS) - * - * Enable this module to enable the buffer memory allocator. - */ -//#define POLARSSL_MEMORY_BUFFER_ALLOC_C - -/** - * \def POLARSSL_NET_C - * - * Enable the TCP/IP networking routines. - * - * \warning As of 1.3.11, it is deprecated to enable this module without - * POLARSSL_HAVE_IPV6. The alternative legacy code will be removed in 2.0. - * - * Module: library/net.c - * - * This module provides TCP/IP networking routines. - */ -#define POLARSSL_NET_C - -/** - * \def POLARSSL_OID_C - * - * Enable the OID database. - * - * Module: library/oid.c - * Caller: library/asn1write.c - * library/pkcs5.c - * library/pkparse.c - * library/pkwrite.c - * library/rsa.c - * library/x509.c - * library/x509_create.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * This modules translates between OIDs and internal values. - */ -#define POLARSSL_OID_C - -/** - * \def POLARSSL_PADLOCK_C - * - * Enable VIA Padlock support on x86. - * - * Module: library/padlock.c - * Caller: library/aes.c - * - * Requires: POLARSSL_HAVE_ASM - * - * This modules adds support for the VIA PadLock on x86. - */ -//#define POLARSSL_PADLOCK_C - -/** - * \def POLARSSL_PBKDF2_C - * - * Enable PKCS#5 PBKDF2 key derivation function. - * - * \deprecated Use POLARSSL_PKCS5_C instead - * - * Module: library/pbkdf2.c - * - * Requires: POLARSSL_PKCS5_C - * - * This module adds support for the PKCS#5 PBKDF2 key derivation function. - */ -#define POLARSSL_PBKDF2_C - -/** - * \def POLARSSL_PEM_PARSE_C - * - * Enable PEM decoding / parsing. - * - * Module: library/pem.c - * Caller: library/dhm.c - * library/pkparse.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: POLARSSL_BASE64_C - * - * This modules adds support for decoding / parsing PEM files. - */ -#define POLARSSL_PEM_PARSE_C - -/** - * \def POLARSSL_PEM_WRITE_C - * - * Enable PEM encoding / writing. - * - * Module: library/pem.c - * Caller: library/pkwrite.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * Requires: POLARSSL_BASE64_C - * - * This modules adds support for encoding / writing PEM files. - */ -#define POLARSSL_PEM_WRITE_C - -/** - * \def POLARSSL_PK_C - * - * Enable the generic public (asymetric) key layer. - * - * Module: library/pk.c - * Caller: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: POLARSSL_RSA_C or POLARSSL_ECP_C - * - * Uncomment to enable generic public key wrappers. - */ -#define POLARSSL_PK_C - -/** - * \def POLARSSL_PK_PARSE_C - * - * Enable the generic public (asymetric) key parser. - * - * Module: library/pkparse.c - * Caller: library/x509_crt.c - * library/x509_csr.c - * - * Requires: POLARSSL_PK_C - * - * Uncomment to enable generic public key parse functions. - */ -#define POLARSSL_PK_PARSE_C - -/** - * \def POLARSSL_PK_WRITE_C - * - * Enable the generic public (asymetric) key writer. - * - * Module: library/pkwrite.c - * Caller: library/x509write.c - * - * Requires: POLARSSL_PK_C - * - * Uncomment to enable generic public key write functions. - */ -#define POLARSSL_PK_WRITE_C - -/** - * \def POLARSSL_PKCS5_C - * - * Enable PKCS#5 functions. - * - * Module: library/pkcs5.c - * - * Requires: POLARSSL_MD_C - * - * This module adds support for the PKCS#5 functions. - */ -#define POLARSSL_PKCS5_C - -/** - * \def POLARSSL_PKCS11_C - * - * Enable wrapper for PKCS#11 smartcard support. - * - * Module: library/pkcs11.c - * Caller: library/pk.c - * - * Requires: POLARSSL_PK_C - * - * This module enables SSL/TLS PKCS #11 smartcard support. - * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) - */ -//#define POLARSSL_PKCS11_C - -/** - * \def POLARSSL_PKCS12_C - * - * Enable PKCS#12 PBE functions. - * Adds algorithms for parsing PKCS#8 encrypted private keys - * - * Module: library/pkcs12.c - * Caller: library/pkparse.c - * - * Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_CIPHER_C, POLARSSL_MD_C - * Can use: POLARSSL_ARC4_C - * - * This module enables PKCS#12 functions. - */ -#define POLARSSL_PKCS12_C - -/** - * \def POLARSSL_PLATFORM_C - * - * Enable the platform abstraction layer that allows you to re-assign - * functions like malloc(), free(), snprintf(), printf(), fprintf(), exit() - * - * Enabling POLARSSL_PLATFORM_C enables to use of POLARSSL_PLATFORM_XXX_ALT - * or POLARSSL_PLATFORM_XXX_MACRO directives, allowing the functions mentioned - * above to be specified at runtime or compile time respectively. - * - * Module: library/platform.c - * Caller: Most other .c files - * - * This module enables abstraction of common (libc) functions. - */ -#define POLARSSL_PLATFORM_C - -/** - * \def POLARSSL_RIPEMD160_C - * - * Enable the RIPEMD-160 hash algorithm. - * - * Module: library/ripemd160.c - * Caller: library/md.c - * - */ -#define POLARSSL_RIPEMD160_C - -/** - * \def POLARSSL_RSA_C - * - * Enable the RSA public-key cryptosystem. - * - * Module: library/rsa.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509.c - * - * This module is used by the following key exchanges: - * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK - * - * Requires: POLARSSL_BIGNUM_C, POLARSSL_OID_C - */ -#define POLARSSL_RSA_C - -/** - * \def POLARSSL_SHA1_C - * - * Enable the SHA1 cryptographic hash algorithm. - * - * Module: library/sha1.c - * Caller: library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509write_crt.c - * - * This module is required for SSL/TLS and SHA1-signed certificates. - */ -#define POLARSSL_SHA1_C - -/** - * \def POLARSSL_SHA256_C - * - * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. - * (Used to be POLARSSL_SHA2_C) - * - * Module: library/sha256.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module adds support for SHA-224 and SHA-256. - * This module is required for the SSL/TLS 1.2 PRF function. - */ -#define POLARSSL_SHA256_C - -/** - * \def POLARSSL_SHA512_C - * - * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. - * (Used to be POLARSSL_SHA4_C) - * - * Module: library/sha512.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This module adds support for SHA-384 and SHA-512. - */ -#define POLARSSL_SHA512_C - -/** - * \def POLARSSL_SSL_CACHE_C - * - * Enable simple SSL cache implementation. - * - * Module: library/ssl_cache.c - * Caller: - * - * Requires: POLARSSL_SSL_CACHE_C - */ -#define POLARSSL_SSL_CACHE_C - -/** - * \def POLARSSL_SSL_CLI_C - * - * Enable the SSL/TLS client code. - * - * Module: library/ssl_cli.c - * Caller: - * - * Requires: POLARSSL_SSL_TLS_C - * - * This module is required for SSL/TLS client support. - */ -#define POLARSSL_SSL_CLI_C - -/** - * \def POLARSSL_SSL_SRV_C - * - * Enable the SSL/TLS server code. - * - * Module: library/ssl_srv.c - * Caller: - * - * Requires: POLARSSL_SSL_TLS_C - * - * This module is required for SSL/TLS server support. - */ -#define POLARSSL_SSL_SRV_C - -/** - * \def POLARSSL_SSL_TLS_C - * - * Enable the generic SSL/TLS code. - * - * Module: library/ssl_tls.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: POLARSSL_CIPHER_C, POLARSSL_MD_C - * and at least one of the POLARSSL_SSL_PROTO_* defines - * - * This module is required for SSL/TLS. - */ -#define POLARSSL_SSL_TLS_C - -/** - * \def POLARSSL_THREADING_C - * - * Enable the threading abstraction layer. - * By default mbed TLS assumes it is used in a non-threaded environment or that - * contexts are not shared between threads. If you do intend to use contexts - * between threads, you will need to enable this layer to prevent race - * conditions. - * - * Module: library/threading.c - * - * This allows different threading implementations (self-implemented or - * provided). - * - * You will have to enable either POLARSSL_THREADING_ALT or - * POLARSSL_THREADING_PTHREAD. - * - * Enable this layer to allow use of mutexes within mbed TLS - */ -//#define POLARSSL_THREADING_C - -/** - * \def POLARSSL_TIMING_C - * - * Enable the portable timing interface. - * - * Module: library/timing.c - * Caller: library/havege.c - * - * This module is used by the HAVEGE random number generator. - */ -#define POLARSSL_TIMING_C - -/** - * \def POLARSSL_VERSION_C - * - * Enable run-time version information. - * - * Module: library/version.c - * - * This module provides run-time version information. - */ -#define POLARSSL_VERSION_C - -/** - * \def POLARSSL_X509_USE_C - * - * Enable X.509 core for using certificates. - * - * Module: library/x509.c - * Caller: library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_BIGNUM_C, POLARSSL_OID_C, - * POLARSSL_PK_PARSE_C - * - * This module is required for the X.509 parsing modules. - */ -#define POLARSSL_X509_USE_C - -/** - * \def POLARSSL_X509_CRT_PARSE_C - * - * Enable X.509 certificate parsing. - * - * Module: library/x509_crt.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * Requires: POLARSSL_X509_USE_C - * - * This module is required for X.509 certificate parsing. - */ -#define POLARSSL_X509_CRT_PARSE_C - -/** - * \def POLARSSL_X509_CRL_PARSE_C - * - * Enable X.509 CRL parsing. - * - * Module: library/x509_crl.c - * Caller: library/x509_crt.c - * - * Requires: POLARSSL_X509_USE_C - * - * This module is required for X.509 CRL parsing. - */ -#define POLARSSL_X509_CRL_PARSE_C - -/** - * \def POLARSSL_X509_CSR_PARSE_C - * - * Enable X.509 Certificate Signing Request (CSR) parsing. - * - * Module: library/x509_csr.c - * Caller: library/x509_crt_write.c - * - * Requires: POLARSSL_X509_USE_C - * - * This module is used for reading X.509 certificate request. - */ -#define POLARSSL_X509_CSR_PARSE_C - -/** - * \def POLARSSL_X509_CREATE_C - * - * Enable X.509 core for creating certificates. - * - * Module: library/x509_create.c - * - * Requires: POLARSSL_BIGNUM_C, POLARSSL_OID_C, POLARSSL_PK_WRITE_C - * - * This module is the basis for creating X.509 certificates and CSRs. - */ -#define POLARSSL_X509_CREATE_C - -/** - * \def POLARSSL_X509_CRT_WRITE_C - * - * Enable creating X.509 certificates. - * - * Module: library/x509_crt_write.c - * - * Requires: POLARSSL_CREATE_C - * - * This module is required for X.509 certificate creation. - */ -#define POLARSSL_X509_CRT_WRITE_C - -/** - * \def POLARSSL_X509_CSR_WRITE_C - * - * Enable creating X.509 Certificate Signing Requests (CSR). - * - * Module: library/x509_csr_write.c - * - * Requires: POLARSSL_CREATE_C - * - * This module is required for X.509 certificate request writing. - */ -#define POLARSSL_X509_CSR_WRITE_C - -/** - * \def POLARSSL_XTEA_C - * - * Enable the XTEA block cipher. - * - * Module: library/xtea.c - * Caller: - */ -#define POLARSSL_XTEA_C - -/* \} name SECTION: mbed TLS modules */ - -/** - * \name SECTION: Module configuration options - * - * This section allows for the setting of module specific sizes and - * configuration options. The default values are already present in the - * relevant header files and should suffice for the regular use cases. - * - * Our advice is to enable options and change their values here - * only if you have a good reason and know the consequences. - * - * Please check the respective header file for documentation on these - * parameters (to prevent duplicate documentation). - * \{ - */ - -/* MPI / BIGNUM options */ -//#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ -//#define POLARSSL_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ - -/* CTR_DRBG options */ -//#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ -//#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ - -/* HMAC_DRBG options */ -//#define POLARSSL_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define POLARSSL_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define POLARSSL_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define POLARSSL_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ - -/* ECP options */ -//#define POLARSSL_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ -//#define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ -//#define POLARSSL_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ - -/* Entropy options */ -//#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ -//#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ - -/* Memory buffer allocator options */ -//#define POLARSSL_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ - -/* Platform options */ -//#define POLARSSL_PLATFORM_STD_MEM_HDR /**< Header to include if POLARSSL_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define POLARSSL_PLATFORM_STD_MALLOC malloc /**< Default allocator to use, can be undefined */ -//#define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ -//#define POLARSSL_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ -//#define POLARSSL_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ -//#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ -//#define POLARSSL_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ - -/* To Use Function Macros POLARSSL_PLATFORM_C must be enabled */ -/* POLARSSL_PLATFORM_XXX_MACRO and POLARSSL_PLATFORM_XXX_ALT cannot both be defined */ -//#define POLARSSL_PLATFORM_MALLOC_MACRO malloc /**< Default allocator macro to use, can be undefined */ -//#define POLARSSL_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ -//#define POLARSSL_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ -//#define POLARSSL_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ -//#define POLARSSL_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ -//#define POLARSSL_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ - -/* SSL Cache options */ -//#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ -//#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ - -/* SSL options */ -//#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ -//#define SSL_MIN_DHM_BYTES 128 /**< Min size of the Diffie-Hellman prime */ -//#define SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ -//#define POLARSSL_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ - -/** - * Complete list of ciphersuites to use, in order of preference. - * - * \warning No dependency checking is done on that field! This option can only - * be used to restrict the set of available ciphersuites. It is your - * responsibility to make sure the needed modules are active. - * - * Use this to save a few hundred bytes of ROM (default ordering of all - * available ciphersuites) and a few to a few hundred bytes of RAM. - * - * The value below is only an example, not the default. - */ -//#define SSL_CIPHERSUITES TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - -/* Debug options */ -//#define POLARSSL_DEBUG_DFL_MODE POLARSSL_DEBUG_LOG_FULL /**< Default log: Full or Raw */ - -/* X509 options */ -//#define POLARSSL_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ - -/* \} name SECTION: Module configuration options */ - -#include "check_config.h" - -#endif /* POLARSSL_CONFIG_H */ diff --git a/ext/mbedtls/include/polarssl/debug.h b/ext/mbedtls/include/polarssl/debug.h deleted file mode 100644 index 2dd89a2276..0000000000 --- a/ext/mbedtls/include/polarssl/debug.h +++ /dev/null @@ -1,154 +0,0 @@ -/** - * \file debug.h - * - * \brief Debug functions - * - * Copyright (C) 2006-2011, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_DEBUG_H -#define POLARSSL_DEBUG_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include "ssl.h" - -#if defined(POLARSSL_ECP_C) -#include "ecp.h" -#endif - -#if defined(POLARSSL_DEBUG_C) - -#define POLARSSL_DEBUG_LOG_FULL 0 /**< Include file:line in log lines */ -#define POLARSSL_DEBUG_LOG_RAW 1 /**< Only log raw debug lines */ - -/** - * \name SECTION: Module settings - * - * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. - * \{ - */ - -#if !defined(POLARSSL_DEBUG_DFL_MODE) -#define POLARSSL_DEBUG_DFL_MODE POLARSSL_DEBUG_LOG_FULL /**< Default log: Full or Raw */ -#endif - -/* \} name SECTION: Module settings */ - - -#define SSL_DEBUG_MSG( level, args ) \ - debug_print_msg_free( ssl, level, __FILE__, __LINE__, debug_fmt args ); - -#define SSL_DEBUG_RET( level, text, ret ) \ - debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret ); - -#define SSL_DEBUG_BUF( level, text, buf, len ) \ - debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len ); - -#if defined(POLARSSL_BIGNUM_C) -#define SSL_DEBUG_MPI( level, text, X ) \ - debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X ); -#endif - -#if defined(POLARSSL_ECP_C) -#define SSL_DEBUG_ECP( level, text, X ) \ - debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X ); -#endif - -#if defined(POLARSSL_X509_CRT_PARSE_C) -#define SSL_DEBUG_CRT( level, text, crt ) \ - debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ); -#endif - -#else /* POLARSSL_DEBUG_C */ - -#define SSL_DEBUG_MSG( level, args ) do { } while( 0 ) -#define SSL_DEBUG_RET( level, text, ret ) do { } while( 0 ) -#define SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 ) -#define SSL_DEBUG_MPI( level, text, X ) do { } while( 0 ) -#define SSL_DEBUG_ECP( level, text, X ) do { } while( 0 ) -#define SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) - -#endif /* POLARSSL_DEBUG_C */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Set the log mode for the debug functions globally - * (Default value: POLARSSL_DEBUG_DFL_MODE) - * - * \param log_mode The log mode to use (POLARSSL_DEBUG_LOG_FULL or - * POLARSSL_DEBUG_LOG_RAW) - */ -void debug_set_log_mode( int log_mode ); - -/** - * \brief Set the level threshold to handle globally. Messages that have a - * level over the threshold value are ignored. - * (Default value: 0 (No debug)) - * - * \param threshold maximum level of messages to pass on - */ -void debug_set_threshold( int threshold ); - -char *debug_fmt( const char *format, ... ); - -void debug_print_msg_free( const ssl_context *ssl, int level, - const char *file, int line, char *text ); - -void debug_print_msg( const ssl_context *ssl, int level, - const char *file, int line, const char *text ); - -void debug_print_ret( const ssl_context *ssl, int level, - const char *file, int line, - const char *text, int ret ); - -void debug_print_buf( const ssl_context *ssl, int level, - const char *file, int line, const char *text, - unsigned char *buf, size_t len ); - -#if defined(POLARSSL_BIGNUM_C) -void debug_print_mpi( const ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mpi *X ); -#endif - -#if defined(POLARSSL_ECP_C) -void debug_print_ecp( const ssl_context *ssl, int level, - const char *file, int line, - const char *text, const ecp_point *X ); -#endif - -#if defined(POLARSSL_X509_CRT_PARSE_C) -void debug_print_crt( const ssl_context *ssl, int level, - const char *file, int line, - const char *text, const x509_crt *crt ); -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* debug.h */ diff --git a/ext/mbedtls/include/polarssl/entropy.h b/ext/mbedtls/include/polarssl/entropy.h deleted file mode 100644 index aa23a0372c..0000000000 --- a/ext/mbedtls/include/polarssl/entropy.h +++ /dev/null @@ -1,243 +0,0 @@ -/** - * \file entropy.h - * - * \brief Entropy accumulator implementation - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_ENTROPY_H -#define POLARSSL_ENTROPY_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include - -#if defined(POLARSSL_SHA512_C) && !defined(POLARSSL_ENTROPY_FORCE_SHA256) -#include "sha512.h" -#define POLARSSL_ENTROPY_SHA512_ACCUMULATOR -#else -#if defined(POLARSSL_SHA256_C) -#define POLARSSL_ENTROPY_SHA256_ACCUMULATOR -#include "sha256.h" -#endif -#endif - -#if defined(POLARSSL_THREADING_C) -#include "threading.h" -#endif - -#if defined(POLARSSL_HAVEGE_C) -#include "havege.h" -#endif - -#define POLARSSL_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */ -#define POLARSSL_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */ -#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */ -#define POLARSSL_ERR_ENTROPY_FILE_IO_ERROR -0x0058 /**< Read/write error in file. */ - -/** - * \name SECTION: Module settings - * - * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. - * \{ - */ - -#if !defined(ENTROPY_MAX_SOURCES) -#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ -#endif - -#if !defined(ENTROPY_MAX_GATHER) -#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ -#endif - -/* \} name SECTION: Module settings */ - -#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) -#define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */ -#else -#define ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */ -#endif - -#define ENTROPY_MAX_SEED_SIZE 1024 /**< Maximum size of seed we read from seed file */ -#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Entropy poll callback pointer - * - * \param data Callback-specific data pointer - * \param output Data to fill - * \param len Maximum size to provide - * \param olen The actual amount of bytes put into the buffer (Can be 0) - * - * \return 0 if no critical failures occurred, - * POLARSSL_ERR_ENTROPY_SOURCE_FAILED otherwise - */ -typedef int (*f_source_ptr)(void *data, unsigned char *output, size_t len, - size_t *olen); - -/** - * \brief Entropy source state - */ -typedef struct -{ - f_source_ptr f_source; /**< The entropy source callback */ - void * p_source; /**< The callback data pointer */ - size_t size; /**< Amount received */ - size_t threshold; /**< Minimum level required before release */ -} -source_state; - -/** - * \brief Entropy context structure - */ -typedef struct -{ -#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) - sha512_context accumulator; -#else - sha256_context accumulator; -#endif - int source_count; - source_state source[ENTROPY_MAX_SOURCES]; -#if defined(POLARSSL_HAVEGE_C) - havege_state havege_data; -#endif -#if defined(POLARSSL_THREADING_C) - threading_mutex_t mutex; /*!< mutex */ -#endif -} -entropy_context; - -/** - * \brief Initialize the context - * - * \param ctx Entropy context to initialize - */ -void entropy_init( entropy_context *ctx ); - -/** - * \brief Free the data in the context - * - * \param ctx Entropy context to free - */ -void entropy_free( entropy_context *ctx ); - -/** - * \brief Adds an entropy source to poll - * (Thread-safe if POLARSSL_THREADING_C is enabled) - * - * \param ctx Entropy context - * \param f_source Entropy function - * \param p_source Function data - * \param threshold Minimum required from source before entropy is released - * ( with entropy_func() ) - * - * \return 0 if successful or POLARSSL_ERR_ENTROPY_MAX_SOURCES - */ -int entropy_add_source( entropy_context *ctx, - f_source_ptr f_source, void *p_source, - size_t threshold ); - -/** - * \brief Trigger an extra gather poll for the accumulator - * (Thread-safe if POLARSSL_THREADING_C is enabled) - * - * \param ctx Entropy context - * - * \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED - */ -int entropy_gather( entropy_context *ctx ); - -/** - * \brief Retrieve entropy from the accumulator - * (Maximum length: ENTROPY_BLOCK_SIZE) - * (Thread-safe if POLARSSL_THREADING_C is enabled) - * - * \param data Entropy context - * \param output Buffer to fill - * \param len Number of bytes desired, must be at most ENTROPY_BLOCK_SIZE - * - * \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED - */ -int entropy_func( void *data, unsigned char *output, size_t len ); - -/** - * \brief Add data to the accumulator manually - * (Thread-safe if POLARSSL_THREADING_C is enabled) - * - * \param ctx Entropy context - * \param data Data to add - * \param len Length of data - * - * \return 0 if successful - */ -int entropy_update_manual( entropy_context *ctx, - const unsigned char *data, size_t len ); - -#if defined(POLARSSL_FS_IO) -/** - * \brief Write a seed file - * - * \param ctx Entropy context - * \param path Name of the file - * - * \return 0 if successful, - * POLARSSL_ERR_ENTROPY_FILE_IO_ERROR on file error, or - * POLARSSL_ERR_ENTROPY_SOURCE_FAILED - */ -int entropy_write_seed_file( entropy_context *ctx, const char *path ); - -/** - * \brief Read and update a seed file. Seed is added to this - * instance. No more than ENTROPY_MAX_SEED_SIZE bytes are - * read from the seed file. The rest is ignored. - * - * \param ctx Entropy context - * \param path Name of the file - * - * \return 0 if successful, - * POLARSSL_ERR_ENTROPY_FILE_IO_ERROR on file error, - * POLARSSL_ERR_ENTROPY_SOURCE_FAILED - */ -int entropy_update_seed_file( entropy_context *ctx, const char *path ); -#endif /* POLARSSL_FS_IO */ - -#if defined(POLARSSL_SELF_TEST) -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if a test failed - */ -int entropy_self_test( int verbose ); -#endif /* POLARSSL_SELF_TEST */ - -#ifdef __cplusplus -} -#endif - -#endif /* entropy.h */ diff --git a/ext/mbedtls/include/polarssl/md.h b/ext/mbedtls/include/polarssl/md.h deleted file mode 100644 index 303aee8209..0000000000 --- a/ext/mbedtls/include/polarssl/md.h +++ /dev/null @@ -1,400 +0,0 @@ -/** - * \file md.h - * - * \brief Generic message digest wrapper - * - * \author Adriaan de Jong - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_MD_H -#define POLARSSL_MD_H - -#include - -#if defined(_MSC_VER) && !defined(inline) -#define inline _inline -#else -#if defined(__ARMCC_VERSION) && !defined(inline) -#define inline __inline -#endif /* __ARMCC_VERSION */ -#endif /*_MSC_VER */ - -#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ -#define POLARSSL_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ -#define POLARSSL_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */ - -#ifdef __cplusplus -extern "C" { -#endif - -typedef enum { - POLARSSL_MD_NONE=0, - POLARSSL_MD_MD2, - POLARSSL_MD_MD4, - POLARSSL_MD_MD5, - POLARSSL_MD_SHA1, - POLARSSL_MD_SHA224, - POLARSSL_MD_SHA256, - POLARSSL_MD_SHA384, - POLARSSL_MD_SHA512, - POLARSSL_MD_RIPEMD160, -} md_type_t; - -#if defined(POLARSSL_SHA512_C) -#define POLARSSL_MD_MAX_SIZE 64 /* longest known is SHA512 */ -#else -#define POLARSSL_MD_MAX_SIZE 32 /* longest known is SHA256 or less */ -#endif - -/** - * Message digest information. Allows message digest functions to be called - * in a generic way. - */ -typedef struct { - /** Digest identifier */ - md_type_t type; - - /** Name of the message digest */ - const char * name; - - /** Output length of the digest function */ - int size; - - /** Digest initialisation function */ - void (*starts_func)( void *ctx ); - - /** Digest update function */ - void (*update_func)( void *ctx, const unsigned char *input, size_t ilen ); - - /** Digest finalisation function */ - void (*finish_func)( void *ctx, unsigned char *output ); - - /** Generic digest function */ - void (*digest_func)( const unsigned char *input, size_t ilen, - unsigned char *output ); - - /** Generic file digest function */ - int (*file_func)( const char *path, unsigned char *output ); - - /** HMAC Initialisation function */ - void (*hmac_starts_func)( void *ctx, const unsigned char *key, - size_t keylen ); - - /** HMAC update function */ - void (*hmac_update_func)( void *ctx, const unsigned char *input, - size_t ilen ); - - /** HMAC finalisation function */ - void (*hmac_finish_func)( void *ctx, unsigned char *output); - - /** HMAC context reset function */ - void (*hmac_reset_func)( void *ctx ); - - /** Generic HMAC function */ - void (*hmac_func)( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ); - - /** Allocate a new context */ - void * (*ctx_alloc_func)( void ); - - /** Free the given context */ - void (*ctx_free_func)( void *ctx ); - - /** Internal use only */ - void (*process_func)( void *ctx, const unsigned char *input ); -} md_info_t; - -/** - * Generic message digest context. - */ -typedef struct { - /** Information about the associated message digest */ - const md_info_t *md_info; - - /** Digest-specific context */ - void *md_ctx; -} md_context_t; - -#define MD_CONTEXT_T_INIT { \ - NULL, /* md_info */ \ - NULL, /* md_ctx */ \ -} - -/** - * \brief Returns the list of digests supported by the generic digest module. - * - * \return a statically allocated array of digests, the last entry - * is 0. - */ -const int *md_list( void ); - -/** - * \brief Returns the message digest information associated with the - * given digest name. - * - * \param md_name Name of the digest to search for. - * - * \return The message digest information associated with md_name or - * NULL if not found. - */ -const md_info_t *md_info_from_string( const char *md_name ); - -/** - * \brief Returns the message digest information associated with the - * given digest type. - * - * \param md_type type of digest to search for. - * - * \return The message digest information associated with md_type or - * NULL if not found. - */ -const md_info_t *md_info_from_type( md_type_t md_type ); - -/** - * \brief Initialize a md_context (as NONE) - */ -void md_init( md_context_t *ctx ); - -/** - * \brief Free and clear the message-specific context of ctx. - * Freeing ctx itself remains the responsibility of the - * caller. - */ -void md_free( md_context_t *ctx ); - -/** - * \brief Initialises and fills the message digest context structure - * with the appropriate values. - * - * \note Currently also clears structure. In future versions you - * will be required to call md_init() on the structure - * first. - * - * \param ctx context to initialise. May not be NULL. The - * digest-specific context (ctx->md_ctx) must be NULL. It will - * be allocated, and must be freed using md_free_ctx() later. - * \param md_info message digest to use. - * - * \returns \c 0 on success, \c POLARSSL_ERR_MD_BAD_INPUT_DATA on - * parameter failure, \c POLARSSL_ERR_MD_ALLOC_FAILED if - * allocation of the digest-specific context failed. - */ -int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ); - -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -#if defined(POLARSSL_DEPRECATED_WARNING) -#define DEPRECATED __attribute__((deprecated)) -#else -#define DEPRECATED -#endif -/** - * \brief Free the message-specific context of ctx. Freeing ctx itself - * remains the responsibility of the caller. - * - * \deprecated Use md_free() instead - * - * \param ctx Free the message-specific context - * - * \returns 0 - */ -int md_free_ctx( md_context_t *ctx ) DEPRECATED; -#undef DEPRECATED -#endif /* POLARSSL_DEPRECATED_REMOVED */ - -/** - * \brief Returns the size of the message digest output. - * - * \param md_info message digest info - * - * \return size of the message digest output. - */ -static inline unsigned char md_get_size( const md_info_t *md_info ) -{ - if( md_info == NULL ) - return( 0 ); - - return md_info->size; -} - -/** - * \brief Returns the type of the message digest output. - * - * \param md_info message digest info - * - * \return type of the message digest output. - */ -static inline md_type_t md_get_type( const md_info_t *md_info ) -{ - if( md_info == NULL ) - return( POLARSSL_MD_NONE ); - - return md_info->type; -} - -/** - * \brief Returns the name of the message digest output. - * - * \param md_info message digest info - * - * \return name of the message digest output. - */ -static inline const char *md_get_name( const md_info_t *md_info ) -{ - if( md_info == NULL ) - return( NULL ); - - return md_info->name; -} - -/** - * \brief Set-up the given context for a new message digest - * - * \param ctx generic message digest context. - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_starts( md_context_t *ctx ); - -/** - * \brief Generic message digest process buffer - * - * \param ctx Generic message digest context - * \param input buffer holding the datal - * \param ilen length of the input data - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief Generic message digest final digest - * - * \param ctx Generic message digest context - * \param output Generic message digest checksum result - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_finish( md_context_t *ctx, unsigned char *output ); - -/** - * \brief Output = message_digest( input buffer ) - * - * \param md_info message digest info - * \param input buffer holding the data - * \param ilen length of the input data - * \param output Generic message digest checksum result - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md( const md_info_t *md_info, const unsigned char *input, size_t ilen, - unsigned char *output ); - -/** - * \brief Output = message_digest( file contents ) - * - * \param md_info message digest info - * \param path input file name - * \param output generic message digest checksum result - * - * \return 0 if successful, POLARSSL_ERR_MD_FILE_OPEN_FAILED if fopen - * failed, POLARSSL_ERR_MD_FILE_READ_FAILED if fread failed, - * POLARSSL_ERR_MD_BAD_INPUT_DATA if md_info was NULL. - */ -int md_file( const md_info_t *md_info, const char *path, - unsigned char *output ); - -/** - * \brief Generic HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_hmac_starts( md_context_t *ctx, const unsigned char *key, - size_t keylen ); - -/** - * \brief Generic HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_hmac_update( md_context_t *ctx, const unsigned char *input, - size_t ilen ); - -/** - * \brief Generic HMAC final digest - * - * \param ctx HMAC context - * \param output Generic HMAC checksum result - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_hmac_finish( md_context_t *ctx, unsigned char *output); - -/** - * \brief Generic HMAC context reset - * - * \param ctx HMAC context to be reset - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_hmac_reset( md_context_t *ctx ); - -/** - * \brief Output = Generic_HMAC( hmac key, input buffer ) - * - * \param md_info message digest info - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output Generic HMAC-result - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ); - -/* Internal use */ -int md_process( md_context_t *ctx, const unsigned char *data ); - -#ifdef __cplusplus -} -#endif - -#endif /* POLARSSL_MD_H */ diff --git a/ext/mbedtls/include/polarssl/md2.h b/ext/mbedtls/include/polarssl/md2.h deleted file mode 100644 index 53c85f84fb..0000000000 --- a/ext/mbedtls/include/polarssl/md2.h +++ /dev/null @@ -1,191 +0,0 @@ -/** - * \file md2.h - * - * \brief MD2 message digest algorithm (hash function) - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_MD2_H -#define POLARSSL_MD2_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include - -#define POLARSSL_ERR_MD2_FILE_IO_ERROR -0x0070 /**< Read/write error in file. */ - -#if !defined(POLARSSL_MD2_ALT) -// Regular implementation -// - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief MD2 context structure - */ -typedef struct -{ - unsigned char cksum[16]; /*!< checksum of the data block */ - unsigned char state[48]; /*!< intermediate digest state */ - unsigned char buffer[16]; /*!< data block being processed */ - - unsigned char ipad[16]; /*!< HMAC: inner padding */ - unsigned char opad[16]; /*!< HMAC: outer padding */ - size_t left; /*!< amount of data in buffer */ -} -md2_context; - -/** - * \brief Initialize MD2 context - * - * \param ctx MD2 context to be initialized - */ -void md2_init( md2_context *ctx ); - -/** - * \brief Clear MD2 context - * - * \param ctx MD2 context to be cleared - */ -void md2_free( md2_context *ctx ); - -/** - * \brief MD2 context setup - * - * \param ctx context to be initialized - */ -void md2_starts( md2_context *ctx ); - -/** - * \brief MD2 process buffer - * - * \param ctx MD2 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief MD2 final digest - * - * \param ctx MD2 context - * \param output MD2 checksum result - */ -void md2_finish( md2_context *ctx, unsigned char output[16] ); - -#ifdef __cplusplus -} -#endif - -#else /* POLARSSL_MD2_ALT */ -#include "md2_alt.h" -#endif /* POLARSSL_MD2_ALT */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Output = MD2( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output MD2 checksum result - */ -void md2( const unsigned char *input, size_t ilen, unsigned char output[16] ); - -/** - * \brief Output = MD2( file contents ) - * - * \param path input file name - * \param output MD2 checksum result - * - * \return 0 if successful, or POLARSSL_ERR_MD2_FILE_IO_ERROR - */ -int md2_file( const char *path, unsigned char output[16] ); - -/** - * \brief MD2 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - */ -void md2_hmac_starts( md2_context *ctx, const unsigned char *key, - size_t keylen ); - -/** - * \brief MD2 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void md2_hmac_update( md2_context *ctx, const unsigned char *input, - size_t ilen ); - -/** - * \brief MD2 HMAC final digest - * - * \param ctx HMAC context - * \param output MD2 HMAC checksum result - */ -void md2_hmac_finish( md2_context *ctx, unsigned char output[16] ); - -/** - * \brief MD2 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void md2_hmac_reset( md2_context *ctx ); - -/** - * \brief Output = HMAC-MD2( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-MD2 result - */ -void md2_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[16] ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int md2_self_test( int verbose ); - -/* Internal use */ -void md2_process( md2_context *ctx ); - -#ifdef __cplusplus -} -#endif - -#endif /* md2.h */ diff --git a/ext/mbedtls/include/polarssl/md4.h b/ext/mbedtls/include/polarssl/md4.h deleted file mode 100644 index 68ac6c1396..0000000000 --- a/ext/mbedtls/include/polarssl/md4.h +++ /dev/null @@ -1,197 +0,0 @@ -/** - * \file md4.h - * - * \brief MD4 message digest algorithm (hash function) - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_MD4_H -#define POLARSSL_MD4_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include - -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif - -#define POLARSSL_ERR_MD4_FILE_IO_ERROR -0x0072 /**< Read/write error in file. */ - -#if !defined(POLARSSL_MD4_ALT) -// Regular implementation -// - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief MD4 context structure - */ -typedef struct -{ - uint32_t total[2]; /*!< number of bytes processed */ - uint32_t state[4]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ - - unsigned char ipad[64]; /*!< HMAC: inner padding */ - unsigned char opad[64]; /*!< HMAC: outer padding */ -} -md4_context; - -/** - * \brief Initialize MD4 context - * - * \param ctx MD4 context to be initialized - */ -void md4_init( md4_context *ctx ); - -/** - * \brief Clear MD4 context - * - * \param ctx MD4 context to be cleared - */ -void md4_free( md4_context *ctx ); - -/** - * \brief MD4 context setup - * - * \param ctx context to be initialized - */ -void md4_starts( md4_context *ctx ); - -/** - * \brief MD4 process buffer - * - * \param ctx MD4 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief MD4 final digest - * - * \param ctx MD4 context - * \param output MD4 checksum result - */ -void md4_finish( md4_context *ctx, unsigned char output[16] ); - -#ifdef __cplusplus -} -#endif - -#else /* POLARSSL_MD4_ALT */ -#include "md4_alt.h" -#endif /* POLARSSL_MD4_ALT */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Output = MD4( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output MD4 checksum result - */ -void md4( const unsigned char *input, size_t ilen, unsigned char output[16] ); - -/** - * \brief Output = MD4( file contents ) - * - * \param path input file name - * \param output MD4 checksum result - * - * \return 0 if successful, or POLARSSL_ERR_MD4_FILE_IO_ERROR - */ -int md4_file( const char *path, unsigned char output[16] ); - -/** - * \brief MD4 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - */ -void md4_hmac_starts( md4_context *ctx, const unsigned char *key, - size_t keylen ); - -/** - * \brief MD4 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void md4_hmac_update( md4_context *ctx, const unsigned char *input, - size_t ilen ); - -/** - * \brief MD4 HMAC final digest - * - * \param ctx HMAC context - * \param output MD4 HMAC checksum result - */ -void md4_hmac_finish( md4_context *ctx, unsigned char output[16] ); - -/** - * \brief MD4 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void md4_hmac_reset( md4_context *ctx ); - -/** - * \brief Output = HMAC-MD4( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-MD4 result - */ -void md4_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[16] ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int md4_self_test( int verbose ); - -/* Internal use */ -void md4_process( md4_context *ctx, const unsigned char data[64] ); - -#ifdef __cplusplus -} -#endif - -#endif /* md4.h */ diff --git a/ext/mbedtls/include/polarssl/md5.h b/ext/mbedtls/include/polarssl/md5.h deleted file mode 100644 index d5ce136a2b..0000000000 --- a/ext/mbedtls/include/polarssl/md5.h +++ /dev/null @@ -1,197 +0,0 @@ -/** - * \file md5.h - * - * \brief MD5 message digest algorithm (hash function) - * - * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_MD5_H -#define POLARSSL_MD5_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include - -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif - -#define POLARSSL_ERR_MD5_FILE_IO_ERROR -0x0074 /**< Read/write error in file. */ - -#if !defined(POLARSSL_MD5_ALT) -// Regular implementation -// - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief MD5 context structure - */ -typedef struct -{ - uint32_t total[2]; /*!< number of bytes processed */ - uint32_t state[4]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ - - unsigned char ipad[64]; /*!< HMAC: inner padding */ - unsigned char opad[64]; /*!< HMAC: outer padding */ -} -md5_context; - -/** - * \brief Initialize MD5 context - * - * \param ctx MD5 context to be initialized - */ -void md5_init( md5_context *ctx ); - -/** - * \brief Clear MD5 context - * - * \param ctx MD5 context to be cleared - */ -void md5_free( md5_context *ctx ); - -/** - * \brief MD5 context setup - * - * \param ctx context to be initialized - */ -void md5_starts( md5_context *ctx ); - -/** - * \brief MD5 process buffer - * - * \param ctx MD5 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief MD5 final digest - * - * \param ctx MD5 context - * \param output MD5 checksum result - */ -void md5_finish( md5_context *ctx, unsigned char output[16] ); - -/* Internal use */ -void md5_process( md5_context *ctx, const unsigned char data[64] ); - -#ifdef __cplusplus -} -#endif - -#else /* POLARSSL_MD5_ALT */ -#include "md5_alt.h" -#endif /* POLARSSL_MD5_ALT */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Output = MD5( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output MD5 checksum result - */ -void md5( const unsigned char *input, size_t ilen, unsigned char output[16] ); - -/** - * \brief Output = MD5( file contents ) - * - * \param path input file name - * \param output MD5 checksum result - * - * \return 0 if successful, or POLARSSL_ERR_MD5_FILE_IO_ERROR - */ -int md5_file( const char *path, unsigned char output[16] ); - -/** - * \brief MD5 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - */ -void md5_hmac_starts( md5_context *ctx, - const unsigned char *key, size_t keylen ); - -/** - * \brief MD5 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void md5_hmac_update( md5_context *ctx, - const unsigned char *input, size_t ilen ); - -/** - * \brief MD5 HMAC final digest - * - * \param ctx HMAC context - * \param output MD5 HMAC checksum result - */ -void md5_hmac_finish( md5_context *ctx, unsigned char output[16] ); - -/** - * \brief MD5 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void md5_hmac_reset( md5_context *ctx ); - -/** - * \brief Output = HMAC-MD5( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-MD5 result - */ -void md5_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[16] ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int md5_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* md5.h */ diff --git a/ext/mbedtls/include/polarssl/md_wrap.h b/ext/mbedtls/include/polarssl/md_wrap.h deleted file mode 100644 index dd5fd6cf93..0000000000 --- a/ext/mbedtls/include/polarssl/md_wrap.h +++ /dev/null @@ -1,69 +0,0 @@ -/** - * \file md_wrap.h - * - * \brief Message digest wrappers. - * - * \author Adriaan de Jong - * - * Copyright (C) 2006-2011, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_MD_WRAP_H -#define POLARSSL_MD_WRAP_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include "md.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(POLARSSL_MD2_C) -extern const md_info_t md2_info; -#endif -#if defined(POLARSSL_MD4_C) -extern const md_info_t md4_info; -#endif -#if defined(POLARSSL_MD5_C) -extern const md_info_t md5_info; -#endif -#if defined(POLARSSL_RIPEMD160_C) -extern const md_info_t ripemd160_info; -#endif -#if defined(POLARSSL_SHA1_C) -extern const md_info_t sha1_info; -#endif -#if defined(POLARSSL_SHA256_C) -extern const md_info_t sha224_info; -extern const md_info_t sha256_info; -#endif -#if defined(POLARSSL_SHA512_C) -extern const md_info_t sha384_info; -extern const md_info_t sha512_info; -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* POLARSSL_MD_WRAP_H */ diff --git a/ext/mbedtls/include/polarssl/memory.h b/ext/mbedtls/include/polarssl/memory.h deleted file mode 100644 index 8b8ac5dc4b..0000000000 --- a/ext/mbedtls/include/polarssl/memory.h +++ /dev/null @@ -1,62 +0,0 @@ -/** - * \file memory.h - * - * \brief Memory allocation layer - * - * \deprecated Use the platform layer instead - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_MEMORY_H -#define POLARSSL_MEMORY_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include - -#include "platform.h" -#include "memory_buffer_alloc.h" - -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -#if defined(POLARSSL_DEPRECATED_WARNING) -#define DEPRECATED __attribute__((deprecated)) -#else -#define DEPRECATED -#endif -/** - * \brief Set malloc() / free() callback - * - * \deprecated Use platform_set_malloc_free instead - */ -int memory_set_own( void * (*malloc_func)( size_t ), - void (*free_func)( void * ) ) DEPRECATED; -int memory_set_own( void * (*malloc_func)( size_t ), - void (*free_func)( void * ) ) -{ - return platform_set_malloc_free( malloc_func, free_func ); -} -#undef DEPRECATED -#endif /* POLARSSL_DEPRECATED_REMOVED */ - - -#endif /* memory.h */ diff --git a/ext/mbedtls/include/polarssl/net.h b/ext/mbedtls/include/polarssl/net.h deleted file mode 100644 index d70639d1fb..0000000000 --- a/ext/mbedtls/include/polarssl/net.h +++ /dev/null @@ -1,157 +0,0 @@ -/** - * \file net.h - * - * \brief Network communication functions - * - * Copyright (C) 2006-2011, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_NET_H -#define POLARSSL_NET_H - -#include - -#define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0056 /**< Failed to get an IP address for the given hostname. */ -#define POLARSSL_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */ -#define POLARSSL_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */ -#define POLARSSL_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */ -#define POLARSSL_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */ -#define POLARSSL_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */ -#define POLARSSL_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */ -#define POLARSSL_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */ -#define POLARSSL_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */ -#define POLARSSL_ERR_NET_WANT_READ -0x0052 /**< Connection requires a read call. */ -#define POLARSSL_ERR_NET_WANT_WRITE -0x0054 /**< Connection requires a write call. */ - -#define POLARSSL_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Initiate a TCP connection with host:port - * - * \param fd Socket to use - * \param host Host to connect to - * \param port Port to connect to - * - * \return 0 if successful, or one of: - * POLARSSL_ERR_NET_SOCKET_FAILED, - * POLARSSL_ERR_NET_UNKNOWN_HOST, - * POLARSSL_ERR_NET_CONNECT_FAILED - */ -int net_connect( int *fd, const char *host, int port ); - -/** - * \brief Create a listening socket on bind_ip:port. - * If bind_ip == NULL, all interfaces are binded. - * - * \param fd Socket to use - * \param bind_ip IP to bind to, can be NULL - * \param port Port number to use - * - * \return 0 if successful, or one of: - * POLARSSL_ERR_NET_SOCKET_FAILED, - * POLARSSL_ERR_NET_BIND_FAILED, - * POLARSSL_ERR_NET_LISTEN_FAILED - */ -int net_bind( int *fd, const char *bind_ip, int port ); - -/** - * \brief Accept a connection from a remote client - * - * \param bind_fd Relevant socket - * \param client_fd Will contain the connected client socket - * \param client_ip Will contain the client IP address - * Must be at least 4 bytes, or 16 if IPv6 is supported - * - * \return 0 if successful, POLARSSL_ERR_NET_ACCEPT_FAILED, or - * POLARSSL_ERR_NET_WANT_READ is bind_fd was set to - * non-blocking and accept() is blocking. - */ -int net_accept( int bind_fd, int *client_fd, void *client_ip ); - -/** - * \brief Set the socket blocking - * - * \param fd Socket to set - * - * \return 0 if successful, or a non-zero error code - */ -int net_set_block( int fd ); - -/** - * \brief Set the socket non-blocking - * - * \param fd Socket to set - * - * \return 0 if successful, or a non-zero error code - */ -int net_set_nonblock( int fd ); - -/** - * \brief Portable usleep helper - * - * \param usec Amount of microseconds to sleep - * - * \note Real amount of time slept will not be less than - * select()'s timeout granularity (typically, 10ms). - */ -void net_usleep( unsigned long usec ); - -/** - * \brief Read at most 'len' characters. If no error occurs, - * the actual amount read is returned. - * - * \param ctx Socket - * \param buf The buffer to write to - * \param len Maximum length of the buffer - * - * \return This function returns the number of bytes received, - * or a non-zero error code; POLARSSL_ERR_NET_WANT_READ - * indicates read() is blocking. - */ -int net_recv( void *ctx, unsigned char *buf, size_t len ); - -/** - * \brief Write at most 'len' characters. If no error occurs, - * the actual amount read is returned. - * - * \param ctx Socket - * \param buf The buffer to read from - * \param len The length of the buffer - * - * \return This function returns the number of bytes sent, - * or a non-zero error code; POLARSSL_ERR_NET_WANT_WRITE - * indicates write() is blocking. - */ -int net_send( void *ctx, const unsigned char *buf, size_t len ); - -/** - * \brief Gracefully shutdown the connection - * - * \param fd The socket to close - */ -void net_close( int fd ); - -#ifdef __cplusplus -} -#endif - -#endif /* net.h */ diff --git a/ext/mbedtls/include/polarssl/oid.h b/ext/mbedtls/include/polarssl/oid.h deleted file mode 100644 index 11330f251e..0000000000 --- a/ext/mbedtls/include/polarssl/oid.h +++ /dev/null @@ -1,571 +0,0 @@ -/** - * \file oid.h - * - * \brief Object Identifier (OID) database - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_OID_H -#define POLARSSL_OID_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include "asn1.h" -#include "pk.h" - -#include - -#if defined(POLARSSL_CIPHER_C) -#include "cipher.h" -#endif - -#if defined(POLARSSL_MD_C) -#include "md.h" -#endif - -#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) -#include "x509.h" -#endif - -#define POLARSSL_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */ -#define POLARSSL_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */ - -/* - * Top level OID tuples - */ -#define OID_ISO_MEMBER_BODIES "\x2a" /* {iso(1) member-body(2)} */ -#define OID_ISO_IDENTIFIED_ORG "\x2b" /* {iso(1) identified-organization(3)} */ -#define OID_ISO_CCITT_DS "\x55" /* {joint-iso-ccitt(2) ds(5)} */ -#define OID_ISO_ITU_COUNTRY "\x60" /* {joint-iso-itu-t(2) country(16)} */ - -/* - * ISO Member bodies OID parts - */ -#define OID_COUNTRY_US "\x86\x48" /* {us(840)} */ -#define OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */ -#define OID_RSA_COMPANY OID_ISO_MEMBER_BODIES OID_COUNTRY_US \ - OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */ -#define OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */ -#define OID_ANSI_X9_62 OID_ISO_MEMBER_BODIES OID_COUNTRY_US \ - OID_ORG_ANSI_X9_62 - -/* - * ISO Identified organization OID parts - */ -#define OID_ORG_DOD "\x06" /* {dod(6)} */ -#define OID_ORG_OIW "\x0e" -#define OID_OIW_SECSIG OID_ORG_OIW "\x03" -#define OID_OIW_SECSIG_ALG OID_OIW_SECSIG "\x02" -#define OID_OIW_SECSIG_SHA1 OID_OIW_SECSIG_ALG "\x1a" -#define OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */ -#define OID_CERTICOM OID_ISO_IDENTIFIED_ORG OID_ORG_CERTICOM -#define OID_ORG_TELETRUST "\x24" /* teletrust(36) */ -#define OID_TELETRUST OID_ISO_IDENTIFIED_ORG OID_ORG_TELETRUST - -/* - * ISO ITU OID parts - */ -#define OID_ORGANIZATION "\x01" /* {organization(1)} */ -#define OID_ISO_ITU_US_ORG OID_ISO_ITU_COUNTRY OID_COUNTRY_US OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */ - -#define OID_ORG_GOV "\x65" /* {gov(101)} */ -#define OID_GOV OID_ISO_ITU_US_ORG OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */ - -#define OID_ORG_NETSCAPE "\x86\xF8\x42" /* {netscape(113730)} */ -#define OID_NETSCAPE OID_ISO_ITU_US_ORG OID_ORG_NETSCAPE /* Netscape OID {joint-iso-itu-t(2) country(16) us(840) organization(1) netscape(113730)} */ - -/* ISO arc for standard certificate and CRL extensions */ -#define OID_ID_CE OID_ISO_CCITT_DS "\x1D" /**< id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} */ - -/** - * Private Internet Extensions - * { iso(1) identified-organization(3) dod(6) internet(1) - * security(5) mechanisms(5) pkix(7) } - */ -#define OID_PKIX OID_ISO_IDENTIFIED_ORG OID_ORG_DOD "\x01\x05\x05\x07" - -/* - * Arc for standard naming attributes - */ -#define OID_AT OID_ISO_CCITT_DS "\x04" /**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */ -#define OID_AT_CN OID_AT "\x03" /**< id-at-commonName AttributeType:= {id-at 3} */ -#define OID_AT_SUR_NAME OID_AT "\x04" /**< id-at-surName AttributeType:= {id-at 4} */ -#define OID_AT_SERIAL_NUMBER OID_AT "\x05" /**< id-at-serialNumber AttributeType:= {id-at 5} */ -#define OID_AT_COUNTRY OID_AT "\x06" /**< id-at-countryName AttributeType:= {id-at 6} */ -#define OID_AT_LOCALITY OID_AT "\x07" /**< id-at-locality AttributeType:= {id-at 7} */ -#define OID_AT_STATE OID_AT "\x08" /**< id-at-state AttributeType:= {id-at 8} */ -#define OID_AT_ORGANIZATION OID_AT "\x0A" /**< id-at-organizationName AttributeType:= {id-at 10} */ -#define OID_AT_ORG_UNIT OID_AT "\x0B" /**< id-at-organizationalUnitName AttributeType:= {id-at 11} */ -#define OID_AT_TITLE OID_AT "\x0C" /**< id-at-title AttributeType:= {id-at 12} */ -#define OID_AT_POSTAL_ADDRESS OID_AT "\x10" /**< id-at-postalAddress AttributeType:= {id-at 16} */ -#define OID_AT_POSTAL_CODE OID_AT "\x11" /**< id-at-postalCode AttributeType:= {id-at 17} */ -#define OID_AT_GIVEN_NAME OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */ -#define OID_AT_INITIALS OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */ -#define OID_AT_GENERATION_QUALIFIER OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */ -#define OID_AT_UNIQUE_IDENTIFIER OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributType:= {id-at 45} */ -#define OID_AT_DN_QUALIFIER OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */ -#define OID_AT_PSEUDONYM OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */ - -#define OID_DOMAIN_COMPONENT "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */ - -/* - * OIDs for standard certificate extensions - */ -#define OID_AUTHORITY_KEY_IDENTIFIER OID_ID_CE "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } */ -#define OID_SUBJECT_KEY_IDENTIFIER OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } */ -#define OID_KEY_USAGE OID_ID_CE "\x0F" /**< id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } */ -#define OID_CERTIFICATE_POLICIES OID_ID_CE "\x20" /**< id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } */ -#define OID_POLICY_MAPPINGS OID_ID_CE "\x21" /**< id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } */ -#define OID_SUBJECT_ALT_NAME OID_ID_CE "\x11" /**< id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } */ -#define OID_ISSUER_ALT_NAME OID_ID_CE "\x12" /**< id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } */ -#define OID_SUBJECT_DIRECTORY_ATTRS OID_ID_CE "\x09" /**< id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } */ -#define OID_BASIC_CONSTRAINTS OID_ID_CE "\x13" /**< id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } */ -#define OID_NAME_CONSTRAINTS OID_ID_CE "\x1E" /**< id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } */ -#define OID_POLICY_CONSTRAINTS OID_ID_CE "\x24" /**< id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } */ -#define OID_EXTENDED_KEY_USAGE OID_ID_CE "\x25" /**< id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } */ -#define OID_CRL_DISTRIBUTION_POINTS OID_ID_CE "\x1F" /**< id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 } */ -#define OID_INIHIBIT_ANYPOLICY OID_ID_CE "\x36" /**< id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } */ -#define OID_FRESHEST_CRL OID_ID_CE "\x2E" /**< id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46 } */ - -/* - * Netscape certificate extensions - */ -#define OID_NS_CERT OID_NETSCAPE "\x01" -#define OID_NS_CERT_TYPE OID_NS_CERT "\x01" -#define OID_NS_BASE_URL OID_NS_CERT "\x02" -#define OID_NS_REVOCATION_URL OID_NS_CERT "\x03" -#define OID_NS_CA_REVOCATION_URL OID_NS_CERT "\x04" -#define OID_NS_RENEWAL_URL OID_NS_CERT "\x07" -#define OID_NS_CA_POLICY_URL OID_NS_CERT "\x08" -#define OID_NS_SSL_SERVER_NAME OID_NS_CERT "\x0C" -#define OID_NS_COMMENT OID_NS_CERT "\x0D" -#define OID_NS_DATA_TYPE OID_NETSCAPE "\x02" -#define OID_NS_CERT_SEQUENCE OID_NS_DATA_TYPE "\x05" - -/* - * OIDs for CRL extensions - */ -#define OID_PRIVATE_KEY_USAGE_PERIOD OID_ID_CE "\x10" -#define OID_CRL_NUMBER OID_ID_CE "\x14" /**< id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } */ - -/* - * X.509 v3 Extended key usage OIDs - */ -#define OID_ANY_EXTENDED_KEY_USAGE OID_EXTENDED_KEY_USAGE "\x00" /**< anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } */ - -#define OID_KP OID_PKIX "\x03" /**< id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } */ -#define OID_SERVER_AUTH OID_KP "\x01" /**< id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } */ -#define OID_CLIENT_AUTH OID_KP "\x02" /**< id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } */ -#define OID_CODE_SIGNING OID_KP "\x03" /**< id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } */ -#define OID_EMAIL_PROTECTION OID_KP "\x04" /**< id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } */ -#define OID_TIME_STAMPING OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */ -#define OID_OCSP_SIGNING OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */ - -/* - * PKCS definition OIDs - */ - -#define OID_PKCS OID_RSA_COMPANY "\x01" /**< pkcs OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) 1 } */ -#define OID_PKCS1 OID_PKCS "\x01" /**< pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } */ -#define OID_PKCS5 OID_PKCS "\x05" /**< pkcs-5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 } */ -#define OID_PKCS9 OID_PKCS "\x09" /**< pkcs-9 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } */ -#define OID_PKCS12 OID_PKCS "\x0c" /**< pkcs-12 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 12 } */ - -/* - * PKCS#1 OIDs - */ -#define OID_PKCS1_RSA OID_PKCS1 "\x01" /**< rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } */ -#define OID_PKCS1_MD2 OID_PKCS1 "\x02" /**< md2WithRSAEncryption ::= { pkcs-1 2 } */ -#define OID_PKCS1_MD4 OID_PKCS1 "\x03" /**< md4WithRSAEncryption ::= { pkcs-1 3 } */ -#define OID_PKCS1_MD5 OID_PKCS1 "\x04" /**< md5WithRSAEncryption ::= { pkcs-1 4 } */ -#define OID_PKCS1_SHA1 OID_PKCS1 "\x05" /**< sha1WithRSAEncryption ::= { pkcs-1 5 } */ -#define OID_PKCS1_SHA224 OID_PKCS1 "\x0e" /**< sha224WithRSAEncryption ::= { pkcs-1 14 } */ -#define OID_PKCS1_SHA256 OID_PKCS1 "\x0b" /**< sha256WithRSAEncryption ::= { pkcs-1 11 } */ -#define OID_PKCS1_SHA384 OID_PKCS1 "\x0c" /**< sha384WithRSAEncryption ::= { pkcs-1 12 } */ -#define OID_PKCS1_SHA512 OID_PKCS1 "\x0d" /**< sha512WithRSAEncryption ::= { pkcs-1 13 } */ - -#define OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D" - -#define OID_PKCS9_EMAIL OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */ - -/* RFC 4055 */ -#define OID_RSASSA_PSS OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */ -#define OID_MGF1 OID_PKCS1 "\x08" /**< id-mgf1 ::= { pkcs-1 8 } */ - -/* - * Digest algorithms - */ -#define OID_DIGEST_ALG_MD2 OID_RSA_COMPANY "\x02\x02" /**< id-md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */ -#define OID_DIGEST_ALG_MD4 OID_RSA_COMPANY "\x02\x04" /**< id-md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */ -#define OID_DIGEST_ALG_MD5 OID_RSA_COMPANY "\x02\x05" /**< id-md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */ -#define OID_DIGEST_ALG_SHA1 OID_ISO_IDENTIFIED_ORG OID_OIW_SECSIG_SHA1 /**< id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */ -#define OID_DIGEST_ALG_SHA224 OID_GOV "\x03\x04\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */ -#define OID_DIGEST_ALG_SHA256 OID_GOV "\x03\x04\x02\x01" /**< id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */ - -#define OID_DIGEST_ALG_SHA384 OID_GOV "\x03\x04\x02\x02" /**< id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 2 } */ - -#define OID_DIGEST_ALG_SHA512 OID_GOV "\x03\x04\x02\x03" /**< id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 3 } */ - -#define OID_HMAC_SHA1 OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */ - -/* - * Encryption algorithms - */ -#define OID_DES_CBC OID_ISO_IDENTIFIED_ORG OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */ -#define OID_DES_EDE3_CBC OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */ - -/* - * PKCS#5 OIDs - */ -#define OID_PKCS5_PBKDF2 OID_PKCS5 "\x0c" /**< id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12} */ -#define OID_PKCS5_PBES2 OID_PKCS5 "\x0d" /**< id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13} */ -#define OID_PKCS5_PBMAC1 OID_PKCS5 "\x0e" /**< id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14} */ - -/* - * PKCS#5 PBES1 algorithms - */ -#define OID_PKCS5_PBE_MD2_DES_CBC OID_PKCS5 "\x01" /**< pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1} */ -#define OID_PKCS5_PBE_MD2_RC2_CBC OID_PKCS5 "\x04" /**< pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4} */ -#define OID_PKCS5_PBE_MD5_DES_CBC OID_PKCS5 "\x03" /**< pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3} */ -#define OID_PKCS5_PBE_MD5_RC2_CBC OID_PKCS5 "\x06" /**< pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6} */ -#define OID_PKCS5_PBE_SHA1_DES_CBC OID_PKCS5 "\x0a" /**< pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10} */ -#define OID_PKCS5_PBE_SHA1_RC2_CBC OID_PKCS5 "\x0b" /**< pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11} */ - -/* - * PKCS#8 OIDs - */ -#define OID_PKCS9_CSR_EXT_REQ OID_PKCS9 "\x0e" /**< extensionRequest OBJECT IDENTIFIER ::= {pkcs-9 14} */ - -/* - * PKCS#12 PBE OIDs - */ -#define OID_PKCS12_PBE OID_PKCS12 "\x01" /**< pkcs-12PbeIds OBJECT IDENTIFIER ::= {pkcs-12 1} */ - -#define OID_PKCS12_PBE_SHA1_RC4_128 OID_PKCS12_PBE "\x01" /**< pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1} */ -#define OID_PKCS12_PBE_SHA1_RC4_40 OID_PKCS12_PBE "\x02" /**< pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2} */ -#define OID_PKCS12_PBE_SHA1_DES3_EDE_CBC OID_PKCS12_PBE "\x03" /**< pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3} */ -#define OID_PKCS12_PBE_SHA1_DES2_EDE_CBC OID_PKCS12_PBE "\x04" /**< pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4} */ -#define OID_PKCS12_PBE_SHA1_RC2_128_CBC OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */ -#define OID_PKCS12_PBE_SHA1_RC2_40_CBC OID_PKCS12_PBE "\x06" /**< pbeWithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6} */ - -/* - * EC key algorithms from RFC 5480 - */ - -/* id-ecPublicKey OBJECT IDENTIFIER ::= { - * iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } */ -#define OID_EC_ALG_UNRESTRICTED OID_ANSI_X9_62 "\x02\01" - -/* id-ecDH OBJECT IDENTIFIER ::= { - * iso(1) identified-organization(3) certicom(132) - * schemes(1) ecdh(12) } */ -#define OID_EC_ALG_ECDH OID_CERTICOM "\x01\x0c" - -/* - * ECParameters namedCurve identifiers, from RFC 5480, RFC 5639, and SEC2 - */ - -/* secp192r1 OBJECT IDENTIFIER ::= { - * iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 1 } */ -#define OID_EC_GRP_SECP192R1 OID_ANSI_X9_62 "\x03\x01\x01" - -/* secp224r1 OBJECT IDENTIFIER ::= { - * iso(1) identified-organization(3) certicom(132) curve(0) 33 } */ -#define OID_EC_GRP_SECP224R1 OID_CERTICOM "\x00\x21" - -/* secp256r1 OBJECT IDENTIFIER ::= { - * iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 7 } */ -#define OID_EC_GRP_SECP256R1 OID_ANSI_X9_62 "\x03\x01\x07" - -/* secp384r1 OBJECT IDENTIFIER ::= { - * iso(1) identified-organization(3) certicom(132) curve(0) 34 } */ -#define OID_EC_GRP_SECP384R1 OID_CERTICOM "\x00\x22" - -/* secp521r1 OBJECT IDENTIFIER ::= { - * iso(1) identified-organization(3) certicom(132) curve(0) 35 } */ -#define OID_EC_GRP_SECP521R1 OID_CERTICOM "\x00\x23" - -/* secp192k1 OBJECT IDENTIFIER ::= { - * iso(1) identified-organization(3) certicom(132) curve(0) 31 } */ -#define OID_EC_GRP_SECP192K1 OID_CERTICOM "\x00\x1f" - -/* secp224k1 OBJECT IDENTIFIER ::= { - * iso(1) identified-organization(3) certicom(132) curve(0) 32 } */ -#define OID_EC_GRP_SECP224K1 OID_CERTICOM "\x00\x20" - -/* secp256k1 OBJECT IDENTIFIER ::= { - * iso(1) identified-organization(3) certicom(132) curve(0) 10 } */ -#define OID_EC_GRP_SECP256K1 OID_CERTICOM "\x00\x0a" - -/* RFC 5639 4.1 - * ecStdCurvesAndGeneration OBJECT IDENTIFIER::= {iso(1) - * identified-organization(3) teletrust(36) algorithm(3) signature- - * algorithm(3) ecSign(2) 8} - * ellipticCurve OBJECT IDENTIFIER ::= {ecStdCurvesAndGeneration 1} - * versionOne OBJECT IDENTIFIER ::= {ellipticCurve 1} */ -#define OID_EC_BRAINPOOL_V1 OID_TELETRUST "\x03\x03\x02\x08\x01\x01" - -/* brainpoolP256r1 OBJECT IDENTIFIER ::= {versionOne 7} */ -#define OID_EC_GRP_BP256R1 OID_EC_BRAINPOOL_V1 "\x07" - -/* brainpoolP384r1 OBJECT IDENTIFIER ::= {versionOne 11} */ -#define OID_EC_GRP_BP384R1 OID_EC_BRAINPOOL_V1 "\x0B" - -/* brainpoolP512r1 OBJECT IDENTIFIER ::= {versionOne 13} */ -#define OID_EC_GRP_BP512R1 OID_EC_BRAINPOOL_V1 "\x0D" - -/* - * SEC1 C.1 - * - * prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 } - * id-fieldType OBJECT IDENTIFIER ::= { ansi-X9-62 fieldType(1)} - */ -#define OID_ANSI_X9_62_FIELD_TYPE OID_ANSI_X9_62 "\x01" -#define OID_ANSI_X9_62_PRIME_FIELD OID_ANSI_X9_62_FIELD_TYPE "\x01" - -/* - * ECDSA signature identifiers, from RFC 5480 - */ -#define OID_ANSI_X9_62_SIG OID_ANSI_X9_62 "\x04" /* signatures(4) */ -#define OID_ANSI_X9_62_SIG_SHA2 OID_ANSI_X9_62_SIG "\x03" /* ecdsa-with-SHA2(3) */ - -/* ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { - * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 1 } */ -#define OID_ECDSA_SHA1 OID_ANSI_X9_62_SIG "\x01" - -/* ecdsa-with-SHA224 OBJECT IDENTIFIER ::= { - * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) - * ecdsa-with-SHA2(3) 1 } */ -#define OID_ECDSA_SHA224 OID_ANSI_X9_62_SIG_SHA2 "\x01" - -/* ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { - * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) - * ecdsa-with-SHA2(3) 2 } */ -#define OID_ECDSA_SHA256 OID_ANSI_X9_62_SIG_SHA2 "\x02" - -/* ecdsa-with-SHA384 OBJECT IDENTIFIER ::= { - * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) - * ecdsa-with-SHA2(3) 3 } */ -#define OID_ECDSA_SHA384 OID_ANSI_X9_62_SIG_SHA2 "\x03" - -/* ecdsa-with-SHA512 OBJECT IDENTIFIER ::= { - * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) - * ecdsa-with-SHA2(3) 4 } */ -#define OID_ECDSA_SHA512 OID_ANSI_X9_62_SIG_SHA2 "\x04" - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Base OID descriptor structure - */ -typedef struct { - const char *asn1; /*!< OID ASN.1 representation */ - size_t asn1_len; /*!< length of asn1 */ - const char *name; /*!< official name (e.g. from RFC) */ - const char *description; /*!< human friendly description */ -} oid_descriptor_t; - -/** - * \brief Translate an ASN.1 OID into its numeric representation - * (e.g. "\x2A\x86\x48\x86\xF7\x0D" into "1.2.840.113549") - * - * \param buf buffer to put representation in - * \param size size of the buffer - * \param oid OID to translate - * - * \return Length of the string written (excluding final NULL) or - * POLARSSL_ERR_OID_BUF_TOO_SMALL in case of error - */ -int oid_get_numeric_string( char *buf, size_t size, const asn1_buf *oid ); - -#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) -/** - * \brief Translate an X.509 extension OID into local values - * - * \param oid OID to use - * \param ext_type place to store the extension type - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_x509_ext_type( const asn1_buf *oid, int *ext_type ); -#endif - -/** - * \brief Translate an X.509 attribute type OID into the short name - * (e.g. the OID for an X520 Common Name into "CN") - * - * \param oid OID to use - * \param short_name place to store the string pointer - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_attr_short_name( const asn1_buf *oid, const char **short_name ); - -/** - * \brief Translate PublicKeyAlgorithm OID into pk_type - * - * \param oid OID to use - * \param pk_alg place to store public key algorithm - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_pk_alg( const asn1_buf *oid, pk_type_t *pk_alg ); - -/** - * \brief Translate pk_type into PublicKeyAlgorithm OID - * - * \param pk_alg Public key type to look for - * \param oid place to store ASN.1 OID string pointer - * \param olen length of the OID - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_oid_by_pk_alg( pk_type_t pk_alg, - const char **oid, size_t *olen ); - -#if defined(POLARSSL_ECP_C) -/** - * \brief Translate NamedCurve OID into an EC group identifier - * - * \param oid OID to use - * \param grp_id place to store group id - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_ec_grp( const asn1_buf *oid, ecp_group_id *grp_id ); - -/** - * \brief Translate EC group identifier into NamedCurve OID - * - * \param grp_id EC group identifier - * \param oid place to store ASN.1 OID string pointer - * \param olen length of the OID - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_oid_by_ec_grp( ecp_group_id grp_id, - const char **oid, size_t *olen ); -#endif /* POLARSSL_ECP_C */ - -#if defined(POLARSSL_MD_C) -/** - * \brief Translate SignatureAlgorithm OID into md_type and pk_type - * - * \param oid OID to use - * \param md_alg place to store message digest algorithm - * \param pk_alg place to store public key algorithm - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_sig_alg( const asn1_buf *oid, - md_type_t *md_alg, pk_type_t *pk_alg ); - -/** - * \brief Translate SignatureAlgorithm OID into description - * - * \param oid OID to use - * \param desc place to store string pointer - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_sig_alg_desc( const asn1_buf *oid, const char **desc ); - -/** - * \brief Translate md_type and pk_type into SignatureAlgorithm OID - * - * \param md_alg message digest algorithm - * \param pk_alg public key algorithm - * \param oid place to store ASN.1 OID string pointer - * \param olen length of the OID - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_oid_by_sig_alg( pk_type_t pk_alg, md_type_t md_alg, - const char **oid, size_t *olen ); - -/** - * \brief Translate hash algorithm OID into md_type - * - * \param oid OID to use - * \param md_alg place to store message digest algorithm - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_md_alg( const asn1_buf *oid, md_type_t *md_alg ); -#endif /* POLARSSL_MD_C */ - -/** - * \brief Translate Extended Key Usage OID into description - * - * \param oid OID to use - * \param desc place to store string pointer - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_extended_key_usage( const asn1_buf *oid, const char **desc ); - -/** - * \brief Translate md_type into hash algorithm OID - * - * \param md_alg message digest algorithm - * \param oid place to store ASN.1 OID string pointer - * \param olen length of the OID - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_oid_by_md( md_type_t md_alg, const char **oid, size_t *olen ); - -#if defined(POLARSSL_CIPHER_C) -/** - * \brief Translate encryption algorithm OID into cipher_type - * - * \param oid OID to use - * \param cipher_alg place to store cipher algorithm - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_cipher_alg( const asn1_buf *oid, cipher_type_t *cipher_alg ); -#endif /* POLARSSL_CIPHER_C */ - -#if defined(POLARSSL_PKCS12_C) -/** - * \brief Translate PKCS#12 PBE algorithm OID into md_type and - * cipher_type - * - * \param oid OID to use - * \param md_alg place to store message digest algorithm - * \param cipher_alg place to store cipher algorithm - * - * \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND - */ -int oid_get_pkcs12_pbe_alg( const asn1_buf *oid, md_type_t *md_alg, - cipher_type_t *cipher_alg ); -#endif /* POLARSSL_PKCS12_C */ - -#ifdef __cplusplus -} -#endif - -#endif /* oid.h */ diff --git a/ext/mbedtls/include/polarssl/openssl.h b/ext/mbedtls/include/polarssl/openssl.h deleted file mode 100644 index 233a093249..0000000000 --- a/ext/mbedtls/include/polarssl/openssl.h +++ /dev/null @@ -1,148 +0,0 @@ -/** - * \file openssl.h - * - * \brief OpenSSL wrapper (definitions, inline functions). - * - * \deprecated Use native mbed TLS functions instead - * - * Copyright (C) 2006-2010, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ - -/* - * OpenSSL wrapper contributed by David Barett - */ - -#if ! defined(POLARSSL_DEPRECATED_REMOVED) - -#if defined(POLARSSL_DEPRECATED_WARNING) -#warning "Including openssl.h is deprecated" -#endif - -#ifndef POLARSSL_OPENSSL_H -#define POLARSSL_OPENSSL_H - -#include "aes.h" -#include "md5.h" -#include "rsa.h" -#include "sha1.h" - -#define AES_SIZE 16 -#define AES_BLOCK_SIZE 16 -#define AES_KEY aes_context -#define MD5_CTX md5_context -#define SHA_CTX sha1_context - -#define SHA1_Init( CTX ) \ - sha1_starts( (CTX) ) -#define SHA1_Update( CTX, BUF, LEN ) \ - sha1_update( (CTX), (unsigned char *)(BUF), (LEN) ) -#define SHA1_Final( OUT, CTX ) \ - sha1_finish( (CTX), (OUT) ) - -#define MD5_Init( CTX ) \ - md5_starts( (CTX) ) -#define MD5_Update( CTX, BUF, LEN ) \ - md5_update( (CTX), (unsigned char *)(BUF), (LEN) ) -#define MD5_Final( OUT, CTX ) \ - md5_finish( (CTX), (OUT) ) - -#define AES_set_encrypt_key( KEY, KEYSIZE, CTX ) \ - aes_setkey_enc( (CTX), (KEY), (KEYSIZE) ) -#define AES_set_decrypt_key( KEY, KEYSIZE, CTX ) \ - aes_setkey_dec( (CTX), (KEY), (KEYSIZE) ) -#define AES_cbc_encrypt( INPUT, OUTPUT, LEN, CTX, IV, MODE ) \ - aes_crypt_cbc( (CTX), (MODE), (LEN), (IV), (INPUT), (OUTPUT) ) - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * RSA stuff follows. TODO: needs cleanup - */ -inline int __RSA_Passthrough( void *output, void *input, int size ) -{ - memcpy( output, input, size ); - return size; -} - -inline rsa_context* d2i_RSA_PUBKEY( void *ignore, unsigned char **bufptr, - int len ) -{ - unsigned char *buffer = *(unsigned char **) bufptr; - rsa_context *rsa; - - /* - * Not a general-purpose parser: only parses public key from *exactly* - * openssl genrsa -out privkey.pem 512 (or 1024) - * openssl rsa -in privkey.pem -out privatekey.der -outform der - * openssl rsa -in privkey.pem -out pubkey.der -outform der -pubout - * - * TODO: make a general-purpose parse - */ - if( ignore != 0 || ( len != 94 && len != 162 ) ) - return( 0 ); - - rsa = (rsa_context *) malloc( sizeof( rsa_rsa ) ); - if( rsa == NULL ) - return( 0 ); - - memset( rsa, 0, sizeof( rsa_context ) ); - - if( ( len == 94 && - mpi_read_binary( &rsa->N, &buffer[ 25], 64 ) == 0 && - mpi_read_binary( &rsa->E, &buffer[ 91], 3 ) == 0 ) || - ( len == 162 && - mpi_read_binary( &rsa->N, &buffer[ 29], 128 ) == 0 ) && - mpi_read_binary( &rsa->E, &buffer[159], 3 ) == 0 ) - { - /* - * key read successfully - */ - rsa->len = ( mpi_msb( &rsa->N ) + 7 ) >> 3; - return( rsa ); - } - else - { - memset( rsa, 0, sizeof( rsa_context ) ); - free( rsa ); - return( 0 ); - } -} - -#define RSA rsa_context -#define RSA_PKCS1_PADDING 1 /* ignored; always encrypt with this */ -#define RSA_size( CTX ) (CTX)->len -#define RSA_free( CTX ) rsa_free( CTX ) -#define ERR_get_error( ) "ERR_get_error() not supported" -#define RSA_blinding_off( IGNORE ) - -#define d2i_RSAPrivateKey( a, b, c ) new rsa_context /* TODO: C++ bleh */ - -inline int RSA_public_decrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PUBLIC, &outsize, input, output ) ) return outsize; else return -1; } -inline int RSA_private_decrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PRIVATE, &outsize, input, output ) ) return outsize; else return -1; } -inline int RSA_public_encrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PUBLIC, size, input, output ) ) return RSA_size(key); else return -1; } -inline int RSA_private_encrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PRIVATE, size, input, output ) ) return RSA_size(key); else return -1; } - -#ifdef __cplusplus -} -#endif - -#endif /* openssl.h */ -#endif /* POLARSSL_DEPRECATED_REMOVED */ diff --git a/ext/mbedtls/include/polarssl/pbkdf2.h b/ext/mbedtls/include/polarssl/pbkdf2.h deleted file mode 100644 index 28987b3f7f..0000000000 --- a/ext/mbedtls/include/polarssl/pbkdf2.h +++ /dev/null @@ -1,90 +0,0 @@ -/** - * \file pbkdf2.h - * - * \brief Password-Based Key Derivation Function 2 (from PKCS#5) - * - * \deprecated Use pkcs5.h instead. - * - * \author Mathias Olsson - * - * Copyright (C) 2006-2012, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_PBKDF2_H -#define POLARSSL_PBKDF2_H - -#include "md.h" - -#include - -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif - -#define POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA -0x007C /**< Bad input parameters to function. */ - -#ifdef __cplusplus -extern "C" { -#endif - -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -#if defined(POLARSSL_DEPRECATED_WARNING) -#define DEPRECATED __attribute__((deprecated)) -#else -#define DEPRECATED -#endif -/** - * \brief PKCS#5 PBKDF2 using HMAC - * - * \deprecated Use pkcs5_pbkdf2_hmac() instead - * - * \param ctx Generic HMAC context - * \param password Password to use when generating key - * \param plen Length of password - * \param salt Salt to use when generating key - * \param slen Length of salt - * \param iteration_count Iteration count - * \param key_length Length of generated key - * \param output Generated key. Must be at least as big as key_length - * - * \returns 0 on success, or a POLARSSL_ERR_xxx code if verification fails. - */ -int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, - size_t plen, const unsigned char *salt, size_t slen, - unsigned int iteration_count, - uint32_t key_length, unsigned char *output ) DEPRECATED; - -/** - * \brief Checkup routine - * - * \deprecated Use pkcs5_self_test() instead - * - * \return 0 if successful, or 1 if the test failed - */ -int pbkdf2_self_test( int verbose ) DEPRECATED; -#undef DEPRECATED -#endif /* POLARSSL_DEPRECATED_REMOVED */ - -#ifdef __cplusplus -} -#endif - -#endif /* pbkdf2.h */ diff --git a/ext/mbedtls/include/polarssl/pk_wrap.h b/ext/mbedtls/include/polarssl/pk_wrap.h deleted file mode 100644 index 3677250073..0000000000 --- a/ext/mbedtls/include/polarssl/pk_wrap.h +++ /dev/null @@ -1,60 +0,0 @@ -/** - * \file pk.h - * - * \brief Public Key abstraction layer: wrapper functions - * - * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ - -#ifndef POLARSSL_PK_WRAP_H -#define POLARSSL_PK_WRAP_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include "pk.h" - -/* Container for RSA-alt */ -typedef struct -{ - void *key; - pk_rsa_alt_decrypt_func decrypt_func; - pk_rsa_alt_sign_func sign_func; - pk_rsa_alt_key_len_func key_len_func; -} rsa_alt_context; - -#if defined(POLARSSL_RSA_C) -extern const pk_info_t rsa_info; -#endif - -#if defined(POLARSSL_ECP_C) -extern const pk_info_t eckey_info; -extern const pk_info_t eckeydh_info; -#endif - -#if defined(POLARSSL_ECDSA_C) -extern const pk_info_t ecdsa_info; -#endif - -extern const pk_info_t rsa_alt_info; - -#endif /* POLARSSL_PK_WRAP_H */ diff --git a/ext/mbedtls/include/polarssl/platform.h b/ext/mbedtls/include/polarssl/platform.h deleted file mode 100644 index 639b180e33..0000000000 --- a/ext/mbedtls/include/polarssl/platform.h +++ /dev/null @@ -1,205 +0,0 @@ -/** - * \file platform.h - * - * \brief mbed TLS Platform abstraction layer - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_PLATFORM_H -#define POLARSSL_PLATFORM_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -/* Temporary compatibility hack for to keep MEMORY_C working */ -#if defined(POLARSSL_MEMORY_C) && !defined(POLARSSL_PLATFORM_MEMORY) -#define POLARSSL_PLATFORM_MEMORY -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \name SECTION: Module settings - * - * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. - * \{ - */ - -#if !defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS) -#include -#include -#if !defined(POLARSSL_PLATFORM_STD_SNPRINTF) -#define POLARSSL_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use */ -#endif -#if !defined(POLARSSL_PLATFORM_STD_PRINTF) -#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use */ -#endif -#if !defined(POLARSSL_PLATFORM_STD_FPRINTF) -#define POLARSSL_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use */ -#endif -#if !defined(POLARSSL_PLATFORM_STD_MALLOC) -#define POLARSSL_PLATFORM_STD_MALLOC malloc /**< Default allocator to use */ -#endif -#if !defined(POLARSSL_PLATFORM_STD_FREE) -#define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use */ -#endif -#if !defined(POLARSSL_PLATFORM_STD_EXIT) -#define POLARSSL_PLATFORM_STD_EXIT exit /**< Default free to use */ -#endif -#else /* POLARSSL_PLATFORM_NO_STD_FUNCTIONS */ -#if defined(POLARSSL_PLATFORM_STD_MEM_HDR) -#include POLARSSL_PLATFORM_STD_MEM_HDR -#endif -#endif /* POLARSSL_PLATFORM_NO_STD_FUNCTIONS */ - -/* \} name SECTION: Module settings */ - -/* - * The function pointers for malloc and free - */ -#if defined(POLARSSL_PLATFORM_MEMORY) -#if defined(POLARSSL_PLATFORM_FREE_MACRO) && \ - defined(POLARSSL_PLATFORM_MALLOC_MACRO) -#define polarssl_free POLARSSL_PLATFORM_FREE_MACRO -#define polarssl_malloc POLARSSL_PLATFORM_MALLOC_MACRO -#else -/* For size_t */ -#include -extern void * (*polarssl_malloc)( size_t len ); -extern void (*polarssl_free)( void *ptr ); - -/** - * \brief Set your own memory implementation function pointers - * - * \param malloc_func the malloc function implementation - * \param free_func the free function implementation - * - * \return 0 if successful - */ -int platform_set_malloc_free( void * (*malloc_func)( size_t ), - void (*free_func)( void * ) ); -#endif /* POLARSSL_PLATFORM_FREE_MACRO && POLARSSL_PLATFORM_MALLOC_MACRO */ -#else /* !POLARSSL_PLATFORM_MEMORY */ -#define polarssl_free free -#define polarssl_malloc malloc -#endif /* POLARSSL_PLATFORM_MEMORY && !POLARSSL_PLATFORM_{FREE,MALLOC}_MACRO */ - -/* - * The function pointers for fprintf - */ -#if defined(POLARSSL_PLATFORM_FPRINTF_ALT) -/* We need FILE * */ -#include -extern int (*polarssl_fprintf)( FILE *stream, const char *format, ... ); - -/** - * \brief Set your own fprintf function pointer - * - * \param fprintf_func the fprintf function implementation - * - * \return 0 - */ -int platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *, - ... ) ); -#else -#if defined(POLARSSL_PLATFORM_FPRINTF_MACRO) -#define polarssl_fprintf POLARSSL_PLATFORM_FPRINTF_MACRO -#else -#define polarssl_fprintf fprintf -#endif /* POLARSSL_PLATFORM_FPRINTF_MACRO */ -#endif /* POLARSSL_PLATFORM_FPRINTF_ALT */ - -/* - * The function pointers for printf - */ -#if defined(POLARSSL_PLATFORM_PRINTF_ALT) -extern int (*polarssl_printf)( const char *format, ... ); - -/** - * \brief Set your own printf function pointer - * - * \param printf_func the printf function implementation - * - * \return 0 - */ -int platform_set_printf( int (*printf_func)( const char *, ... ) ); -#else /* !POLARSSL_PLATFORM_PRINTF_ALT */ -#if defined(POLARSSL_PLATFORM_PRINTF_MACRO) -#define polarssl_printf POLARSSL_PLATFORM_PRINTF_MACRO -#else -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_PRINTF_MACRO */ -#endif /* POLARSSL_PLATFORM_PRINTF_ALT */ - -/* - * The function pointers for snprintf - */ -#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) -extern int (*polarssl_snprintf)( char * s, size_t n, const char * format, ... ); - -/** - * \brief Set your own snprintf function pointer - * - * \param snprintf_func the snprintf function implementation - * - * \return 0 - */ -int platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, - const char * format, ... ) ); -#else /* POLARSSL_PLATFORM_SNPRINTF_ALT */ -#if defined(POLARSSL_PLATFORM_SNPRINTF_MACRO) -#define polarssl_snprintf POLARSSL_PLATFORM_SNPRINTF_MACRO -#else -#define polarssl_snprintf snprintf -#endif /* POLARSSL_PLATFORM_SNPRINTF_MACRO */ -#endif /* POLARSSL_PLATFORM_SNPRINTF_ALT */ - -/* - * The function pointers for exit - */ -#if defined(POLARSSL_PLATFORM_EXIT_ALT) -extern void (*polarssl_exit)( int status ); - -/** - * \brief Set your own exit function pointer - * - * \param exit_func the exit function implementation - * - * \return 0 - */ -int platform_set_exit( void (*exit_func)( int status ) ); -#else -#if defined(POLARSSL_PLATFORM_EXIT_MACRO) -#define polarssl_exit POLARSSL_PLATFORM_EXIT_MACRO -#else -#define polarssl_exit exit -#endif /* POLARSSL_PLATFORM_EXIT_MACRO */ -#endif /* POLARSSL_PLATFORM_EXIT_ALT */ - -#ifdef __cplusplus -} -#endif - -#endif /* platform.h */ diff --git a/ext/mbedtls/include/polarssl/ripemd160.h b/ext/mbedtls/include/polarssl/ripemd160.h deleted file mode 100644 index 2555eb407f..0000000000 --- a/ext/mbedtls/include/polarssl/ripemd160.h +++ /dev/null @@ -1,201 +0,0 @@ -/** - * \file ripemd160.h - * - * \brief RIPE MD-160 message digest - * - * Copyright (C) 2014-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_RIPEMD160_H -#define POLARSSL_RIPEMD160_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include - -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif - -#define POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR -0x007E /**< Read/write error in file. */ - -#if !defined(POLARSSL_RIPEMD160_ALT) -// Regular implementation -// - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief RIPEMD-160 context structure - */ -typedef struct -{ - uint32_t total[2]; /*!< number of bytes processed */ - uint32_t state[5]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ - - unsigned char ipad[64]; /*!< HMAC: inner padding */ - unsigned char opad[64]; /*!< HMAC: outer padding */ -} -ripemd160_context; - -/** - * \brief Initialize RIPEMD-160 context - * - * \param ctx RIPEMD-160 context to be initialized - */ -void ripemd160_init( ripemd160_context *ctx ); - -/** - * \brief Clear RIPEMD-160 context - * - * \param ctx RIPEMD-160 context to be cleared - */ -void ripemd160_free( ripemd160_context *ctx ); - -/** - * \brief RIPEMD-160 context setup - * - * \param ctx context to be initialized - */ -void ripemd160_starts( ripemd160_context *ctx ); - -/** - * \brief RIPEMD-160 process buffer - * - * \param ctx RIPEMD-160 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void ripemd160_update( ripemd160_context *ctx, - const unsigned char *input, size_t ilen ); - -/** - * \brief RIPEMD-160 final digest - * - * \param ctx RIPEMD-160 context - * \param output RIPEMD-160 checksum result - */ -void ripemd160_finish( ripemd160_context *ctx, unsigned char output[20] ); - -/* Internal use */ -void ripemd160_process( ripemd160_context *ctx, const unsigned char data[64] ); - -#ifdef __cplusplus -} -#endif - -#else /* POLARSSL_RIPEMD160_ALT */ -#include "ripemd160.h" -#endif /* POLARSSL_RIPEMD160_ALT */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Output = RIPEMD-160( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output RIPEMD-160 checksum result - */ -void ripemd160( const unsigned char *input, size_t ilen, - unsigned char output[20] ); - -#if defined(POLARSSL_FS_IO) -/** - * \brief Output = RIPEMD-160( file contents ) - * - * \param path input file name - * \param output RIPEMD-160 checksum result - * - * \return 0 if successful, or POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR - */ -int ripemd160_file( const char *path, unsigned char output[20] ); -#endif /* POLARSSL_FS_IO */ - -/** - * \brief RIPEMD-160 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - */ -void ripemd160_hmac_starts( ripemd160_context *ctx, - const unsigned char *key, size_t keylen ); - -/** - * \brief RIPEMD-160 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void ripemd160_hmac_update( ripemd160_context *ctx, - const unsigned char *input, size_t ilen ); - -/** - * \brief RIPEMD-160 HMAC final digest - * - * \param ctx HMAC context - * \param output RIPEMD-160 HMAC checksum result - */ -void ripemd160_hmac_finish( ripemd160_context *ctx, unsigned char output[20] ); - -/** - * \brief RIPEMD-160 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void ripemd160_hmac_reset( ripemd160_context *ctx ); - -/** - * \brief Output = HMAC-RIPEMD-160( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-RIPEMD-160 result - */ -void ripemd160_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[20] ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int ripemd160_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* ripemd160.h */ diff --git a/ext/mbedtls/include/polarssl/sha1.h b/ext/mbedtls/include/polarssl/sha1.h deleted file mode 100644 index e9e5a8e72b..0000000000 --- a/ext/mbedtls/include/polarssl/sha1.h +++ /dev/null @@ -1,197 +0,0 @@ -/** - * \file sha1.h - * - * \brief SHA-1 cryptographic hash function - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_SHA1_H -#define POLARSSL_SHA1_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include - -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif - -#define POLARSSL_ERR_SHA1_FILE_IO_ERROR -0x0076 /**< Read/write error in file. */ - -#if !defined(POLARSSL_SHA1_ALT) -// Regular implementation -// - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief SHA-1 context structure - */ -typedef struct -{ - uint32_t total[2]; /*!< number of bytes processed */ - uint32_t state[5]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ - - unsigned char ipad[64]; /*!< HMAC: inner padding */ - unsigned char opad[64]; /*!< HMAC: outer padding */ -} -sha1_context; - -/** - * \brief Initialize SHA-1 context - * - * \param ctx SHA-1 context to be initialized - */ -void sha1_init( sha1_context *ctx ); - -/** - * \brief Clear SHA-1 context - * - * \param ctx SHA-1 context to be cleared - */ -void sha1_free( sha1_context *ctx ); - -/** - * \brief SHA-1 context setup - * - * \param ctx context to be initialized - */ -void sha1_starts( sha1_context *ctx ); - -/** - * \brief SHA-1 process buffer - * - * \param ctx SHA-1 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief SHA-1 final digest - * - * \param ctx SHA-1 context - * \param output SHA-1 checksum result - */ -void sha1_finish( sha1_context *ctx, unsigned char output[20] ); - -/* Internal use */ -void sha1_process( sha1_context *ctx, const unsigned char data[64] ); - -#ifdef __cplusplus -} -#endif - -#else /* POLARSSL_SHA1_ALT */ -#include "sha1_alt.h" -#endif /* POLARSSL_SHA1_ALT */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Output = SHA-1( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output SHA-1 checksum result - */ -void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ); - -/** - * \brief Output = SHA-1( file contents ) - * - * \param path input file name - * \param output SHA-1 checksum result - * - * \return 0 if successful, or POLARSSL_ERR_SHA1_FILE_IO_ERROR - */ -int sha1_file( const char *path, unsigned char output[20] ); - -/** - * \brief SHA-1 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - */ -void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, - size_t keylen ); - -/** - * \brief SHA-1 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, - size_t ilen ); - -/** - * \brief SHA-1 HMAC final digest - * - * \param ctx HMAC context - * \param output SHA-1 HMAC checksum result - */ -void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] ); - -/** - * \brief SHA-1 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void sha1_hmac_reset( sha1_context *ctx ); - -/** - * \brief Output = HMAC-SHA-1( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-SHA-1 result - */ -void sha1_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[20] ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int sha1_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* sha1.h */ diff --git a/ext/mbedtls/include/polarssl/sha256.h b/ext/mbedtls/include/polarssl/sha256.h deleted file mode 100644 index f8917ff82f..0000000000 --- a/ext/mbedtls/include/polarssl/sha256.h +++ /dev/null @@ -1,205 +0,0 @@ -/** - * \file sha256.h - * - * \brief SHA-224 and SHA-256 cryptographic hash function - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_SHA256_H -#define POLARSSL_SHA256_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include - -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif - -#define POLARSSL_ERR_SHA256_FILE_IO_ERROR -0x0078 /**< Read/write error in file. */ - -#if !defined(POLARSSL_SHA256_ALT) -// Regular implementation -// - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief SHA-256 context structure - */ -typedef struct -{ - uint32_t total[2]; /*!< number of bytes processed */ - uint32_t state[8]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ - - unsigned char ipad[64]; /*!< HMAC: inner padding */ - unsigned char opad[64]; /*!< HMAC: outer padding */ - int is224; /*!< 0 => SHA-256, else SHA-224 */ -} -sha256_context; - -/** - * \brief Initialize SHA-256 context - * - * \param ctx SHA-256 context to be initialized - */ -void sha256_init( sha256_context *ctx ); - -/** - * \brief Clear SHA-256 context - * - * \param ctx SHA-256 context to be cleared - */ -void sha256_free( sha256_context *ctx ); - -/** - * \brief SHA-256 context setup - * - * \param ctx context to be initialized - * \param is224 0 = use SHA256, 1 = use SHA224 - */ -void sha256_starts( sha256_context *ctx, int is224 ); - -/** - * \brief SHA-256 process buffer - * - * \param ctx SHA-256 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void sha256_update( sha256_context *ctx, const unsigned char *input, - size_t ilen ); - -/** - * \brief SHA-256 final digest - * - * \param ctx SHA-256 context - * \param output SHA-224/256 checksum result - */ -void sha256_finish( sha256_context *ctx, unsigned char output[32] ); - -/* Internal use */ -void sha256_process( sha256_context *ctx, const unsigned char data[64] ); - -#ifdef __cplusplus -} -#endif - -#else /* POLARSSL_SHA256_ALT */ -#include "sha256_alt.h" -#endif /* POLARSSL_SHA256_ALT */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Output = SHA-256( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output SHA-224/256 checksum result - * \param is224 0 = use SHA256, 1 = use SHA224 - */ -void sha256( const unsigned char *input, size_t ilen, - unsigned char output[32], int is224 ); - -/** - * \brief Output = SHA-256( file contents ) - * - * \param path input file name - * \param output SHA-224/256 checksum result - * \param is224 0 = use SHA256, 1 = use SHA224 - * - * \return 0 if successful, or POLARSSL_ERR_SHA256_FILE_IO_ERROR - */ -int sha256_file( const char *path, unsigned char output[32], int is224 ); - -/** - * \brief SHA-256 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param is224 0 = use SHA256, 1 = use SHA224 - */ -void sha256_hmac_starts( sha256_context *ctx, const unsigned char *key, - size_t keylen, int is224 ); - -/** - * \brief SHA-256 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void sha256_hmac_update( sha256_context *ctx, const unsigned char *input, - size_t ilen ); - -/** - * \brief SHA-256 HMAC final digest - * - * \param ctx HMAC context - * \param output SHA-224/256 HMAC checksum result - */ -void sha256_hmac_finish( sha256_context *ctx, unsigned char output[32] ); - -/** - * \brief SHA-256 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void sha256_hmac_reset( sha256_context *ctx ); - -/** - * \brief Output = HMAC-SHA-256( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-SHA-224/256 result - * \param is224 0 = use SHA256, 1 = use SHA224 - */ -void sha256_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[32], int is224 ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int sha256_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* sha256.h */ diff --git a/ext/mbedtls/include/polarssl/sha512.h b/ext/mbedtls/include/polarssl/sha512.h deleted file mode 100644 index 15d266cd47..0000000000 --- a/ext/mbedtls/include/polarssl/sha512.h +++ /dev/null @@ -1,204 +0,0 @@ -/** - * \file sha512.h - * - * \brief SHA-384 and SHA-512 cryptographic hash function - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_SHA512_H -#define POLARSSL_SHA512_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include - -#if defined(_MSC_VER) || defined(__WATCOMC__) - typedef unsigned __int64 uint64_t; -#else - #include -#endif - -#define POLARSSL_ERR_SHA512_FILE_IO_ERROR -0x007A /**< Read/write error in file. */ - -#if !defined(POLARSSL_SHA512_ALT) -// Regular implementation -// - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief SHA-512 context structure - */ -typedef struct -{ - uint64_t total[2]; /*!< number of bytes processed */ - uint64_t state[8]; /*!< intermediate digest state */ - unsigned char buffer[128]; /*!< data block being processed */ - - unsigned char ipad[128]; /*!< HMAC: inner padding */ - unsigned char opad[128]; /*!< HMAC: outer padding */ - int is384; /*!< 0 => SHA-512, else SHA-384 */ -} -sha512_context; - -/** - * \brief Initialize SHA-512 context - * - * \param ctx SHA-512 context to be initialized - */ -void sha512_init( sha512_context *ctx ); - -/** - * \brief Clear SHA-512 context - * - * \param ctx SHA-512 context to be cleared - */ -void sha512_free( sha512_context *ctx ); - -/** - * \brief SHA-512 context setup - * - * \param ctx context to be initialized - * \param is384 0 = use SHA512, 1 = use SHA384 - */ -void sha512_starts( sha512_context *ctx, int is384 ); - -/** - * \brief SHA-512 process buffer - * - * \param ctx SHA-512 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void sha512_update( sha512_context *ctx, const unsigned char *input, - size_t ilen ); - -/** - * \brief SHA-512 final digest - * - * \param ctx SHA-512 context - * \param output SHA-384/512 checksum result - */ -void sha512_finish( sha512_context *ctx, unsigned char output[64] ); - -#ifdef __cplusplus -} -#endif - -#else /* POLARSSL_SHA512_ALT */ -#include "sha512_alt.h" -#endif /* POLARSSL_SHA512_ALT */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Output = SHA-512( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output SHA-384/512 checksum result - * \param is384 0 = use SHA512, 1 = use SHA384 - */ -void sha512( const unsigned char *input, size_t ilen, - unsigned char output[64], int is384 ); - -/** - * \brief Output = SHA-512( file contents ) - * - * \param path input file name - * \param output SHA-384/512 checksum result - * \param is384 0 = use SHA512, 1 = use SHA384 - * - * \return 0 if successful, or POLARSSL_ERR_SHA512_FILE_IO_ERROR - */ -int sha512_file( const char *path, unsigned char output[64], int is384 ); - -/** - * \brief SHA-512 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param is384 0 = use SHA512, 1 = use SHA384 - * \param key HMAC secret key - * \param keylen length of the HMAC key - */ -void sha512_hmac_starts( sha512_context *ctx, const unsigned char *key, - size_t keylen, int is384 ); - -/** - * \brief SHA-512 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void sha512_hmac_update( sha512_context *ctx, const unsigned char *input, - size_t ilen ); - -/** - * \brief SHA-512 HMAC final digest - * - * \param ctx HMAC context - * \param output SHA-384/512 HMAC checksum result - */ -void sha512_hmac_finish( sha512_context *ctx, unsigned char output[64] ); - -/** - * \brief SHA-512 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void sha512_hmac_reset( sha512_context *ctx ); - -/** - * \brief Output = HMAC-SHA-512( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-SHA-384/512 result - * \param is384 0 = use SHA512, 1 = use SHA384 - */ -void sha512_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[64], int is384 ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int sha512_self_test( int verbose ); - -/* Internal use */ -void sha512_process( sha512_context *ctx, const unsigned char data[128] ); - -#ifdef __cplusplus -} -#endif - -#endif /* sha512.h */ diff --git a/ext/mbedtls/include/polarssl/ssl.h b/ext/mbedtls/include/polarssl/ssl.h deleted file mode 100644 index 9c6a0c5b0d..0000000000 --- a/ext/mbedtls/include/polarssl/ssl.h +++ /dev/null @@ -1,2014 +0,0 @@ -/** - * \file ssl.h - * - * \brief SSL/TLS functions. - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_SSL_H -#define POLARSSL_SSL_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -/* Temporary compatibility trick for the current stable branch */ -#if !defined(POLARSSL_SSL_DISABLE_RENEGOTIATION) -#define POLARSSL_SSL_RENEGOTIATION -#endif - -#include "net.h" -#include "bignum.h" -#include "ecp.h" - -#include "ssl_ciphersuites.h" - -#if defined(POLARSSL_MD5_C) -#include "md5.h" -#endif - -#if defined(POLARSSL_SHA1_C) -#include "sha1.h" -#endif - -#if defined(POLARSSL_SHA256_C) -#include "sha256.h" -#endif - -#if defined(POLARSSL_SHA512_C) -#include "sha512.h" -#endif - -// for session tickets -#if defined(POLARSSL_AES_C) -#include "aes.h" -#endif - -#if defined(POLARSSL_X509_CRT_PARSE_C) -#include "x509_crt.h" -#include "x509_crl.h" -#endif - -#if defined(POLARSSL_DHM_C) -#include "dhm.h" -#endif - -#if defined(POLARSSL_ECDH_C) -#include "ecdh.h" -#endif - -#if defined(POLARSSL_ZLIB_SUPPORT) -#include "zlib.h" -#endif - -#if defined(POLARSSL_HAVE_TIME) -#include -#endif - -/* For convenience below and in programs */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#define POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED -#endif - -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#define POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED -#endif - -#if defined(_MSC_VER) && !defined(inline) -#define inline _inline -#else -#if defined(__ARMCC_VERSION) && !defined(inline) -#define inline __inline -#endif /* __ARMCC_VERSION */ -#endif /*_MSC_VER */ - -/* - * SSL Error codes - */ -#define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */ -#define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ -#define POLARSSL_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ -#define POLARSSL_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ -#define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */ -#define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ -#define POLARSSL_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ -#define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ -#define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 /**< Our own certificate(s) is/are too large to send in an SSL message. */ -#define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */ -#define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */ -#define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ -#define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ -#define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ -#define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED -0x7800 /**< Verification of our peer failed. */ -#define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ -#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */ -#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ -#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ -#define POLARSSL_ERR_SSL_MALLOC_FAILED -0x7F00 /**< Memory allocation failed */ -#define POLARSSL_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ -#define POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ -#define POLARSSL_ERR_SSL_COMPRESSION_FAILED -0x6F00 /**< Processing of the compression / decompression failed */ -#define POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ -#define POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */ -#define POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ -#define POLARSSL_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ -#define POLARSSL_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ -#define POLARSSL_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */ -#define POLARSSL_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */ -#define POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */ -#define POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6A80 /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */ - -/* - * Various constants - */ -#define SSL_MAJOR_VERSION_3 3 -#define SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */ -#define SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */ -#define SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */ -#define SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */ - -/* Determine minimum supported version */ -#define SSL_MIN_MAJOR_VERSION SSL_MAJOR_VERSION_3 - -#if defined(POLARSSL_SSL_PROTO_SSL3) -#define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_0 -#else -#if defined(POLARSSL_SSL_PROTO_TLS1) -#define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_1 -#else -#if defined(POLARSSL_SSL_PROTO_TLS1_1) -#define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_2 -#else -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#define SSL_MIN_MINOR_VERSION SSL_MINOR_VERSION_3 -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ -#endif /* POLARSSL_SSL_PROTO_TLS1_1 */ -#endif /* POLARSSL_SSL_PROTO_TLS1 */ -#endif /* POLARSSL_SSL_PROTO_SSL3 */ - -/* Determine maximum supported version */ -#define SSL_MAX_MAJOR_VERSION SSL_MAJOR_VERSION_3 - -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_3 -#else -#if defined(POLARSSL_SSL_PROTO_TLS1_1) -#define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_2 -#else -#if defined(POLARSSL_SSL_PROTO_TLS1) -#define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_1 -#else -#if defined(POLARSSL_SSL_PROTO_SSL3) -#define SSL_MAX_MINOR_VERSION SSL_MINOR_VERSION_0 -#endif /* POLARSSL_SSL_PROTO_SSL3 */ -#endif /* POLARSSL_SSL_PROTO_TLS1 */ -#endif /* POLARSSL_SSL_PROTO_TLS1_1 */ -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ - -/* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c - * NONE must be zero so that memset()ing structure to zero works */ -#define SSL_MAX_FRAG_LEN_NONE 0 /*!< don't use this extension */ -#define SSL_MAX_FRAG_LEN_512 1 /*!< MaxFragmentLength 2^9 */ -#define SSL_MAX_FRAG_LEN_1024 2 /*!< MaxFragmentLength 2^10 */ -#define SSL_MAX_FRAG_LEN_2048 3 /*!< MaxFragmentLength 2^11 */ -#define SSL_MAX_FRAG_LEN_4096 4 /*!< MaxFragmentLength 2^12 */ -#define SSL_MAX_FRAG_LEN_INVALID 5 /*!< first invalid value */ - -#define SSL_IS_CLIENT 0 -#define SSL_IS_SERVER 1 - -#define SSL_IS_NOT_FALLBACK 0 -#define SSL_IS_FALLBACK 1 - -#define SSL_EXTENDED_MS_DISABLED 0 -#define SSL_EXTENDED_MS_ENABLED 1 - -#define SSL_ETM_DISABLED 0 -#define SSL_ETM_ENABLED 1 - -#define SSL_COMPRESS_NULL 0 -#define SSL_COMPRESS_DEFLATE 1 - -#define SSL_VERIFY_NONE 0 -#define SSL_VERIFY_OPTIONAL 1 -#define SSL_VERIFY_REQUIRED 2 - -#define SSL_INITIAL_HANDSHAKE 0 -#define SSL_RENEGOTIATION 1 /* In progress */ -#define SSL_RENEGOTIATION_DONE 2 /* Done */ -#define SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */ - -#define SSL_LEGACY_RENEGOTIATION 0 -#define SSL_SECURE_RENEGOTIATION 1 - -#define SSL_RENEGOTIATION_DISABLED 0 -#define SSL_RENEGOTIATION_ENABLED 1 - -#define SSL_RENEGOTIATION_NOT_ENFORCED -1 -#define SSL_RENEGO_MAX_RECORDS_DEFAULT 16 - -#define SSL_LEGACY_NO_RENEGOTIATION 0 -#define SSL_LEGACY_ALLOW_RENEGOTIATION 1 -#define SSL_LEGACY_BREAK_HANDSHAKE 2 - -#define SSL_TRUNC_HMAC_DISABLED 0 -#define SSL_TRUNC_HMAC_ENABLED 1 -#define SSL_TRUNCATED_HMAC_LEN 10 /* 80 bits, rfc 6066 section 7 */ - -#define SSL_SESSION_TICKETS_DISABLED 0 -#define SSL_SESSION_TICKETS_ENABLED 1 - -#define SSL_CBC_RECORD_SPLITTING_DISABLED -1 -#define SSL_CBC_RECORD_SPLITTING_ENABLED 0 - -#define SSL_ARC4_ENABLED 0 -#define SSL_ARC4_DISABLED 1 - -/** - * \name SECTION: Module settings - * - * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. - * \{ - */ - -#if !defined(SSL_DEFAULT_TICKET_LIFETIME) -#define SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ -#endif - -/* - * Size of the input / output buffer. - * Note: the RFC defines the default size of SSL / TLS messages. If you - * change the value here, other clients / servers may not be able to - * communicate with you anymore. Only change this value if you control - * both sides of the connection and have it reduced at both sides, or - * if you're using the Max Fragment Length extension and you know all your - * peers are using it too! - */ -#if !defined(SSL_MAX_CONTENT_LEN) -#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ -#endif - -/* - * Minimum size of the Diffie-Hellman parameters to accept from a server. - * The default is 1024 bits (128 bytes) for compatibility reasons. - * From a purely security perspective, 2048 bits would be better. - */ -#define SSL_MIN_DHM_BYTES 128 /**< Min size of the Diffie-Hellman prime */ -/* \} name SECTION: Module settings */ - -/* - * Allow extra bytes for record, authentication and encryption overhead: - * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256) - * and allow for a maximum of 1024 of compression expansion if - * enabled. - */ -#if defined(POLARSSL_ZLIB_SUPPORT) -#define SSL_COMPRESSION_ADD 1024 -#else -#define SSL_COMPRESSION_ADD 0 -#endif - -#if defined(POLARSSL_RC4_C) || defined(POLARSSL_CIPHER_MODE_CBC) -/* Ciphersuites using HMAC */ -#if defined(POLARSSL_SHA512_C) -#define SSL_MAC_ADD 48 /* SHA-384 used for HMAC */ -#elif defined(POLARSSL_SHA256_C) -#define SSL_MAC_ADD 32 /* SHA-256 used for HMAC */ -#else -#define SSL_MAC_ADD 20 /* SHA-1 used for HMAC */ -#endif -#else -/* AEAD ciphersuites: GCM and CCM use a 128 bits tag */ -#define SSL_MAC_ADD 16 -#endif - -#if defined(POLARSSL_CIPHER_MODE_CBC) -#define SSL_PADDING_ADD 256 -#else -#define SSL_PADDING_ADD 0 -#endif - -#define SSL_BUFFER_LEN ( SSL_MAX_CONTENT_LEN \ - + SSL_COMPRESSION_ADD \ - + 29 /* counter + header + IV */ \ - + SSL_MAC_ADD \ - + SSL_PADDING_ADD \ - ) - -/* - * Length of the verify data for secure renegotiation - */ -#if defined(POLARSSL_SSL_PROTO_SSL3) -#define SSL_VERIFY_DATA_MAX_LEN 36 -#else -#define SSL_VERIFY_DATA_MAX_LEN 12 -#endif - -/* - * Signaling ciphersuite values (SCSV) - */ -#define SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */ -#define SSL_FALLBACK_SCSV 0x5600 /**< draft-ietf-tls-downgrade-scsv-00 */ - -/* - * Supported Signature and Hash algorithms (For TLS 1.2) - * RFC 5246 section 7.4.1.4.1 - */ -#define SSL_HASH_NONE 0 -#define SSL_HASH_MD5 1 -#define SSL_HASH_SHA1 2 -#define SSL_HASH_SHA224 3 -#define SSL_HASH_SHA256 4 -#define SSL_HASH_SHA384 5 -#define SSL_HASH_SHA512 6 - -#define SSL_SIG_ANON 0 -#define SSL_SIG_RSA 1 -#define SSL_SIG_ECDSA 3 - -/* - * Client Certificate Types - * RFC 5246 section 7.4.4 plus RFC 4492 section 5.5 - */ -#define SSL_CERT_TYPE_RSA_SIGN 1 -#define SSL_CERT_TYPE_ECDSA_SIGN 64 - -/* - * Message, alert and handshake types - */ -#define SSL_MSG_CHANGE_CIPHER_SPEC 20 -#define SSL_MSG_ALERT 21 -#define SSL_MSG_HANDSHAKE 22 -#define SSL_MSG_APPLICATION_DATA 23 - -#define SSL_ALERT_LEVEL_WARNING 1 -#define SSL_ALERT_LEVEL_FATAL 2 - -#define SSL_ALERT_MSG_CLOSE_NOTIFY 0 /* 0x00 */ -#define SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10 /* 0x0A */ -#define SSL_ALERT_MSG_BAD_RECORD_MAC 20 /* 0x14 */ -#define SSL_ALERT_MSG_DECRYPTION_FAILED 21 /* 0x15 */ -#define SSL_ALERT_MSG_RECORD_OVERFLOW 22 /* 0x16 */ -#define SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30 /* 0x1E */ -#define SSL_ALERT_MSG_HANDSHAKE_FAILURE 40 /* 0x28 */ -#define SSL_ALERT_MSG_NO_CERT 41 /* 0x29 */ -#define SSL_ALERT_MSG_BAD_CERT 42 /* 0x2A */ -#define SSL_ALERT_MSG_UNSUPPORTED_CERT 43 /* 0x2B */ -#define SSL_ALERT_MSG_CERT_REVOKED 44 /* 0x2C */ -#define SSL_ALERT_MSG_CERT_EXPIRED 45 /* 0x2D */ -#define SSL_ALERT_MSG_CERT_UNKNOWN 46 /* 0x2E */ -#define SSL_ALERT_MSG_ILLEGAL_PARAMETER 47 /* 0x2F */ -#define SSL_ALERT_MSG_UNKNOWN_CA 48 /* 0x30 */ -#define SSL_ALERT_MSG_ACCESS_DENIED 49 /* 0x31 */ -#define SSL_ALERT_MSG_DECODE_ERROR 50 /* 0x32 */ -#define SSL_ALERT_MSG_DECRYPT_ERROR 51 /* 0x33 */ -#define SSL_ALERT_MSG_EXPORT_RESTRICTION 60 /* 0x3C */ -#define SSL_ALERT_MSG_PROTOCOL_VERSION 70 /* 0x46 */ -#define SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71 /* 0x47 */ -#define SSL_ALERT_MSG_INTERNAL_ERROR 80 /* 0x50 */ -#define SSL_ALERT_MSG_INAPROPRIATE_FALLBACK 86 /* 0x56 */ -#define SSL_ALERT_MSG_USER_CANCELED 90 /* 0x5A */ -#define SSL_ALERT_MSG_NO_RENEGOTIATION 100 /* 0x64 */ -#define SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */ -#define SSL_ALERT_MSG_UNRECOGNIZED_NAME 112 /* 0x70 */ -#define SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY 115 /* 0x73 */ -#define SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL 120 /* 0x78 */ - -#define SSL_HS_HELLO_REQUEST 0 -#define SSL_HS_CLIENT_HELLO 1 -#define SSL_HS_SERVER_HELLO 2 -#define SSL_HS_NEW_SESSION_TICKET 4 -#define SSL_HS_CERTIFICATE 11 -#define SSL_HS_SERVER_KEY_EXCHANGE 12 -#define SSL_HS_CERTIFICATE_REQUEST 13 -#define SSL_HS_SERVER_HELLO_DONE 14 -#define SSL_HS_CERTIFICATE_VERIFY 15 -#define SSL_HS_CLIENT_KEY_EXCHANGE 16 -#define SSL_HS_FINISHED 20 - -/* - * TLS extensions - */ -#define TLS_EXT_SERVERNAME 0 -#define TLS_EXT_SERVERNAME_HOSTNAME 0 - -#define TLS_EXT_MAX_FRAGMENT_LENGTH 1 - -#define TLS_EXT_TRUNCATED_HMAC 4 - -#define TLS_EXT_SUPPORTED_ELLIPTIC_CURVES 10 -#define TLS_EXT_SUPPORTED_POINT_FORMATS 11 - -#define TLS_EXT_SIG_ALG 13 - -#define TLS_EXT_ALPN 16 - -#define TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */ -#define TLS_EXT_EXTENDED_MASTER_SECRET 0x0017 /* 23 */ - -#define TLS_EXT_SESSION_TICKET 35 - -#define TLS_EXT_RENEGOTIATION_INFO 0xFF01 - -/* - * TLS extension flags (for extensions with outgoing ServerHello content - * that need it (e.g. for RENEGOTIATION_INFO the server already knows because - * of state of the renegotiation flag, so no indicator is required) - */ -#define TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0) - -/* - * Size defines - */ -#if !defined(POLARSSL_PSK_MAX_LEN) -#define POLARSSL_PSK_MAX_LEN 32 /* 256 bits */ -#endif - -/* Dummy type used only for its size */ -union _ssl_premaster_secret -{ -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) - unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */ -#endif -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) - unsigned char _pms_dhm[POLARSSL_MPI_MAX_SIZE]; /* RFC 5246 8.1.2 */ -#endif -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - unsigned char _pms_ecdh[POLARSSL_ECP_MAX_BYTES]; /* RFC 4492 5.10 */ -#endif -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) - unsigned char _pms_psk[4 + 2 * POLARSSL_PSK_MAX_LEN]; /* RFC 4279 2 */ -#endif -#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) - unsigned char _pms_dhe_psk[4 + POLARSSL_MPI_MAX_SIZE - + POLARSSL_PSK_MAX_LEN]; /* RFC 4279 3 */ -#endif -#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) - unsigned char _pms_rsa_psk[52 + POLARSSL_PSK_MAX_LEN]; /* RFC 4279 4 */ -#endif -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - unsigned char _pms_ecdhe_psk[4 + POLARSSL_ECP_MAX_BYTES - + POLARSSL_PSK_MAX_LEN]; /* RFC 5489 2 */ -#endif -}; - -#define POLARSSL_PREMASTER_SIZE sizeof( union _ssl_premaster_secret ) - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * Generic function pointers for allowing external RSA private key - * implementations. - */ -typedef int (*rsa_decrypt_func)( void *ctx, int mode, size_t *olen, - const unsigned char *input, unsigned char *output, - size_t output_max_len ); -typedef int (*rsa_sign_func)( void *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, md_type_t md_alg, unsigned int hashlen, - const unsigned char *hash, unsigned char *sig ); -typedef size_t (*rsa_key_len_func)( void *ctx ); - -/* - * SSL state machine - */ -typedef enum -{ - SSL_HELLO_REQUEST, - SSL_CLIENT_HELLO, - SSL_SERVER_HELLO, - SSL_SERVER_CERTIFICATE, - SSL_SERVER_KEY_EXCHANGE, - SSL_CERTIFICATE_REQUEST, - SSL_SERVER_HELLO_DONE, - SSL_CLIENT_CERTIFICATE, - SSL_CLIENT_KEY_EXCHANGE, - SSL_CERTIFICATE_VERIFY, - SSL_CLIENT_CHANGE_CIPHER_SPEC, - SSL_CLIENT_FINISHED, - SSL_SERVER_CHANGE_CIPHER_SPEC, - SSL_SERVER_FINISHED, - SSL_FLUSH_BUFFERS, - SSL_HANDSHAKE_WRAPUP, - SSL_HANDSHAKE_OVER, - SSL_SERVER_NEW_SESSION_TICKET, -} -ssl_states; - -typedef struct _ssl_session ssl_session; -typedef struct _ssl_context ssl_context; -typedef struct _ssl_transform ssl_transform; -typedef struct _ssl_handshake_params ssl_handshake_params; -#if defined(POLARSSL_SSL_SESSION_TICKETS) -typedef struct _ssl_ticket_keys ssl_ticket_keys; -#endif -#if defined(POLARSSL_X509_CRT_PARSE_C) -typedef struct _ssl_key_cert ssl_key_cert; -#endif - -/* - * This structure is used for storing current session data. - */ -struct _ssl_session -{ -#if defined(POLARSSL_HAVE_TIME) - time_t start; /*!< starting time */ -#endif - int ciphersuite; /*!< chosen ciphersuite */ - int compression; /*!< chosen compression */ - size_t length; /*!< session id length */ - unsigned char id[32]; /*!< session identifier */ - unsigned char master[48]; /*!< the master secret */ - -#if defined(POLARSSL_X509_CRT_PARSE_C) - x509_crt *peer_cert; /*!< peer X.509 cert chain */ -#endif /* POLARSSL_X509_CRT_PARSE_C */ - int verify_result; /*!< verification result */ - -#if defined(POLARSSL_SSL_SESSION_TICKETS) - unsigned char *ticket; /*!< RFC 5077 session ticket */ - size_t ticket_len; /*!< session ticket length */ - uint32_t ticket_lifetime; /*!< ticket lifetime hint */ -#endif /* POLARSSL_SSL_SESSION_TICKETS */ - -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) - unsigned char mfl_code; /*!< MaxFragmentLength negotiated by peer */ -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) - int trunc_hmac; /*!< flag for truncated hmac activation */ -#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ - -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) - int encrypt_then_mac; /*!< flag for EtM activation */ -#endif -}; - -/* - * This structure contains a full set of runtime transform parameters - * either in negotiation or active. - */ -struct _ssl_transform -{ - /* - * Session specific crypto layer - */ - const ssl_ciphersuite_t *ciphersuite_info; - /*!< Chosen cipersuite_info */ - unsigned int keylen; /*!< symmetric key length */ - size_t minlen; /*!< min. ciphertext length */ - size_t ivlen; /*!< IV length */ - size_t fixed_ivlen; /*!< Fixed part of IV (AEAD) */ - size_t maclen; /*!< MAC length */ - - unsigned char iv_enc[16]; /*!< IV (encryption) */ - unsigned char iv_dec[16]; /*!< IV (decryption) */ - -#if defined(POLARSSL_SSL_PROTO_SSL3) - /* Needed only for SSL v3.0 secret */ - unsigned char mac_enc[20]; /*!< SSL v3.0 secret (enc) */ - unsigned char mac_dec[20]; /*!< SSL v3.0 secret (dec) */ -#endif /* POLARSSL_SSL_PROTO_SSL3 */ - - md_context_t md_ctx_enc; /*!< MAC (encryption) */ - md_context_t md_ctx_dec; /*!< MAC (decryption) */ - - cipher_context_t cipher_ctx_enc; /*!< encryption context */ - cipher_context_t cipher_ctx_dec; /*!< decryption context */ - - /* - * Session specific compression layer - */ -#if defined(POLARSSL_ZLIB_SUPPORT) - z_stream ctx_deflate; /*!< compression context */ - z_stream ctx_inflate; /*!< decompression context */ -#endif -}; - -/* - * This structure contains the parameters only needed during handshake. - */ -struct _ssl_handshake_params -{ - /* - * Handshake specific crypto variables - */ - int sig_alg; /*!< Hash algorithm for signature */ - int cert_type; /*!< Requested cert type */ - int verify_sig_alg; /*!< Signature algorithm for verify */ -#if defined(POLARSSL_DHM_C) - dhm_context dhm_ctx; /*!< DHM key exchange */ -#endif -#if defined(POLARSSL_ECDH_C) - ecdh_context ecdh_ctx; /*!< ECDH key exchange */ -#endif -#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) - const ecp_curve_info **curves; /*!< Supported elliptic curves */ -#endif -#if defined(POLARSSL_X509_CRT_PARSE_C) - /** - * Current key/cert or key/cert list. - * On client: pointer to ssl->key_cert, only the first entry used. - * On server: starts as a pointer to ssl->key_cert, then becomes - * a pointer to the chosen key from this list or the SNI list. - */ - ssl_key_cert *key_cert; -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) - ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI */ -#endif -#endif /* POLARSSL_X509_CRT_PARSE_C */ - - /* - * Checksum contexts - */ -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_1) - md5_context fin_md5; - sha1_context fin_sha1; -#endif -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#if defined(POLARSSL_SHA256_C) - sha256_context fin_sha256; -#endif -#if defined(POLARSSL_SHA512_C) - sha512_context fin_sha512; -#endif -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ - - void (*update_checksum)(ssl_context *, const unsigned char *, size_t); - void (*calc_verify)(ssl_context *, unsigned char *); - void (*calc_finished)(ssl_context *, unsigned char *, int); - int (*tls_prf)(const unsigned char *, size_t, const char *, - const unsigned char *, size_t, - unsigned char *, size_t); - - size_t pmslen; /*!< premaster length */ - - unsigned char randbytes[64]; /*!< random bytes */ - unsigned char premaster[POLARSSL_PREMASTER_SIZE]; - /*!< premaster secret */ - - int resume; /*!< session resume indicator*/ - int max_major_ver; /*!< max. major version client*/ - int max_minor_ver; /*!< max. minor version client*/ - int cli_exts; /*!< client extension presence*/ - -#if defined(POLARSSL_SSL_SESSION_TICKETS) - int new_session_ticket; /*!< use NewSessionTicket? */ -#endif /* POLARSSL_SSL_SESSION_TICKETS */ -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) - int extended_ms; /*!< use Extended Master Secret? */ -#endif -}; - -#if defined(POLARSSL_SSL_SESSION_TICKETS) -/* - * Parameters needed to secure session tickets - */ -struct _ssl_ticket_keys -{ - unsigned char key_name[16]; /*!< name to quickly discard bad tickets */ - aes_context enc; /*!< encryption context */ - aes_context dec; /*!< decryption context */ - unsigned char mac_key[16]; /*!< authentication key */ -}; -#endif /* POLARSSL_SSL_SESSION_TICKETS */ - -#if defined(POLARSSL_X509_CRT_PARSE_C) -/* - * List of certificate + private key pairs - */ -struct _ssl_key_cert -{ - x509_crt *cert; /*!< cert */ - pk_context *key; /*!< private key */ - int key_own_alloc; /*!< did we allocate key? */ - ssl_key_cert *next; /*!< next key/cert pair */ -}; -#endif /* POLARSSL_X509_CRT_PARSE_C */ - -struct _ssl_context -{ - /* - * Miscellaneous - */ - int state; /*!< SSL handshake: current state */ - int renegotiation; /*!< Initial or renegotiation */ -#if defined(POLARSSL_SSL_RENEGOTIATION) - int renego_records_seen; /*!< Records since renego request */ -#endif - - int major_ver; /*!< equal to SSL_MAJOR_VERSION_3 */ - int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */ - - int max_major_ver; /*!< max. major version used */ - int max_minor_ver; /*!< max. minor version used */ - int min_major_ver; /*!< min. major version used */ - int min_minor_ver; /*!< min. minor version used */ - -#if defined(POLARSSL_SSL_FALLBACK_SCSV) && defined(POLARSSL_SSL_CLI_C) - char fallback; /*!< flag for fallback connections */ -#endif -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) - char encrypt_then_mac; /*!< flag for encrypt-then-mac */ -#endif -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) - char extended_ms; /*!< flag for extended master secret */ -#endif - char arc4_disabled; /*!< flag for disabling RC4 */ - - /* - * Callbacks (RNG, debug, I/O, verification) - */ - int (*f_rng)(void *, unsigned char *, size_t); - void (*f_dbg)(void *, int, const char *); - int (*f_recv)(void *, unsigned char *, size_t); - int (*f_send)(void *, const unsigned char *, size_t); - int (*f_get_cache)(void *, ssl_session *); - int (*f_set_cache)(void *, const ssl_session *); - - void *p_rng; /*!< context for the RNG function */ - void *p_dbg; /*!< context for the debug function */ - void *p_recv; /*!< context for reading operations */ - void *p_send; /*!< context for writing operations */ - void *p_get_cache; /*!< context for cache retrieval */ - void *p_set_cache; /*!< context for cache store */ - void *p_hw_data; /*!< context for HW acceleration */ - -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) - int (*f_sni)(void *, ssl_context *, const unsigned char *, size_t); - void *p_sni; /*!< context for SNI extension */ -#endif - -#if defined(POLARSSL_X509_CRT_PARSE_C) - int (*f_vrfy)(void *, x509_crt *, int, int *); - void *p_vrfy; /*!< context for verification */ -#endif - -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) - int (*f_psk)(void *, ssl_context *, const unsigned char *, size_t); - void *p_psk; /*!< context for PSK retrieval */ -#endif - - /* - * Session layer - */ - ssl_session *session_in; /*!< current session data (in) */ - ssl_session *session_out; /*!< current session data (out) */ - ssl_session *session; /*!< negotiated session data */ - ssl_session *session_negotiate; /*!< session data in negotiation */ - - ssl_handshake_params *handshake; /*!< params required only during - the handshake process */ - - /* - * Record layer transformations - */ - ssl_transform *transform_in; /*!< current transform params (in) */ - ssl_transform *transform_out; /*!< current transform params (in) */ - ssl_transform *transform; /*!< negotiated transform params */ - ssl_transform *transform_negotiate; /*!< transform params in negotiation */ - - /* - * Record layer (incoming data) - */ - unsigned char *in_ctr; /*!< 64-bit incoming message counter */ - unsigned char *in_hdr; /*!< 5-byte record header (in_ctr+8) */ - unsigned char *in_iv; /*!< ivlen-byte IV (in_hdr+5) */ - unsigned char *in_msg; /*!< message contents (in_iv+ivlen) */ - unsigned char *in_offt; /*!< read offset in application data */ - - int in_msgtype; /*!< record header: message type */ - size_t in_msglen; /*!< record header: message length */ - size_t in_left; /*!< amount of data read so far */ - - size_t in_hslen; /*!< current handshake message length */ - int nb_zero; /*!< # of 0-length encrypted messages */ - int record_read; /*!< record is already present */ - - /* - * Record layer (outgoing data) - */ - unsigned char *out_ctr; /*!< 64-bit outgoing message counter */ - unsigned char *out_hdr; /*!< 5-byte record header (out_ctr+8) */ - unsigned char *out_iv; /*!< ivlen-byte IV (out_hdr+5) */ - unsigned char *out_msg; /*!< message contents (out_iv+ivlen) */ - - int out_msgtype; /*!< record header: message type */ - size_t out_msglen; /*!< record header: message length */ - size_t out_left; /*!< amount of data not yet written */ - -#if defined(POLARSSL_ZLIB_SUPPORT) - unsigned char *compress_buf; /*!< zlib data buffer */ -#endif -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) - unsigned char mfl_code; /*!< MaxFragmentLength chosen by us */ -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) - signed char split_done; /*!< flag for record splitting: - -1 disabled, 0 todo, 1 done */ -#endif - - /* - * PKI layer - */ -#if defined(POLARSSL_X509_CRT_PARSE_C) - ssl_key_cert *key_cert; /*!< own certificate(s)/key(s) */ - - x509_crt *ca_chain; /*!< own trusted CA chain */ - x509_crl *ca_crl; /*!< trusted CA CRLs */ - const char *peer_cn; /*!< expected peer CN */ -#endif /* POLARSSL_X509_CRT_PARSE_C */ - - /* - * Support for generating and checking session tickets - */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) - ssl_ticket_keys *ticket_keys; /*!< keys for ticket encryption */ -#endif /* POLARSSL_SSL_SESSION_TICKETS */ - - /* - * User settings - */ - int endpoint; /*!< 0: client, 1: server */ - int authmode; /*!< verification mode */ - int client_auth; /*!< flag for client auth. */ - int verify_result; /*!< verification result */ -#if defined(POLARSSL_SSL_RENEGOTIATION) - int disable_renegotiation; /*!< enable/disable renegotiation */ - int renego_max_records; /*!< grace period for renegotiation */ - unsigned char renego_period[8]; /*!< value of the record counters - that triggers renegotiation */ -#endif - int allow_legacy_renegotiation; /*!< allow legacy renegotiation */ - const int *ciphersuite_list[4]; /*!< allowed ciphersuites / version */ -#if defined(POLARSSL_SSL_SET_CURVES) - const ecp_group_id *curve_list; /*!< allowed curves */ -#endif -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) - int trunc_hmac; /*!< negotiate truncated hmac? */ -#endif -#if defined(POLARSSL_SSL_SESSION_TICKETS) - int session_tickets; /*!< use session tickets? */ - int ticket_lifetime; /*!< session ticket lifetime */ -#endif - -#if defined(POLARSSL_DHM_C) - mpi dhm_P; /*!< prime modulus for DHM */ - mpi dhm_G; /*!< generator for DHM */ -#endif - -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) - /* - * PSK values - */ - unsigned char *psk; - size_t psk_len; - unsigned char *psk_identity; - size_t psk_identity_len; -#endif - -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) - /* - * SNI extension - */ - unsigned char *hostname; - size_t hostname_len; -#endif - -#if defined(POLARSSL_SSL_ALPN) - /* - * ALPN extension - */ - const char **alpn_list; /*!< ordered list of supported protocols */ - const char *alpn_chosen; /*!< negotiated protocol */ -#endif - - /* - * Secure renegotiation - */ - int secure_renegotiation; /*!< does peer support legacy or - secure renegotiation */ -#if defined(POLARSSL_SSL_RENEGOTIATION) - size_t verify_data_len; /*!< length of verify data stored */ - char own_verify_data[SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ - char peer_verify_data[SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ -#endif -}; - -#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) - -#define SSL_CHANNEL_OUTBOUND 0 -#define SSL_CHANNEL_INBOUND 1 - -extern int (*ssl_hw_record_init)(ssl_context *ssl, - const unsigned char *key_enc, const unsigned char *key_dec, - size_t keylen, - const unsigned char *iv_enc, const unsigned char *iv_dec, - size_t ivlen, - const unsigned char *mac_enc, const unsigned char *mac_dec, - size_t maclen); -extern int (*ssl_hw_record_activate)(ssl_context *ssl, int direction); -extern int (*ssl_hw_record_reset)(ssl_context *ssl); -extern int (*ssl_hw_record_write)(ssl_context *ssl); -extern int (*ssl_hw_record_read)(ssl_context *ssl); -extern int (*ssl_hw_record_finish)(ssl_context *ssl); -#endif /* POLARSSL_SSL_HW_RECORD_ACCEL */ - -/** - * \brief Returns the list of ciphersuites supported by the SSL/TLS module. - * - * \return a statically allocated array of ciphersuites, the last - * entry is 0. - */ -const int *ssl_list_ciphersuites( void ); - -/** - * \brief Return the name of the ciphersuite associated with the - * given ID - * - * \param ciphersuite_id SSL ciphersuite ID - * - * \return a string containing the ciphersuite name - */ -const char *ssl_get_ciphersuite_name( const int ciphersuite_id ); - -/** - * \brief Return the ID of the ciphersuite associated with the - * given name - * - * \param ciphersuite_name SSL ciphersuite name - * - * \return the ID with the ciphersuite or 0 if not found - */ -int ssl_get_ciphersuite_id( const char *ciphersuite_name ); - -/** - * \brief Initialize an SSL context - * (An individual SSL context is not thread-safe) - * - * \param ssl SSL context - * - * \return 0 if successful, or POLARSSL_ERR_SSL_MALLOC_FAILED if - * memory allocation failed - */ -int ssl_init( ssl_context *ssl ); - -/** - * \brief Reset an already initialized SSL context for re-use - * while retaining application-set variables, function - * pointers and data. - * - * \param ssl SSL context - * \return 0 if successful, or POLASSL_ERR_SSL_MALLOC_FAILED, - POLARSSL_ERR_SSL_HW_ACCEL_FAILED or - * POLARSSL_ERR_SSL_COMPRESSION_FAILED - */ -int ssl_session_reset( ssl_context *ssl ); - -/** - * \brief Set the current endpoint type - * - * \param ssl SSL context - * \param endpoint must be SSL_IS_CLIENT or SSL_IS_SERVER - * - * \note This function should be called right after ssl_init() since - * some other ssl_set_foo() functions depend on it. - */ -void ssl_set_endpoint( ssl_context *ssl, int endpoint ); - -/** - * \brief Set the certificate verification mode - * - * \param ssl SSL context - * \param authmode can be: - * - * SSL_VERIFY_NONE: peer certificate is not checked (default), - * this is insecure and SHOULD be avoided. - * - * SSL_VERIFY_OPTIONAL: peer certificate is checked, however the - * handshake continues even if verification failed; - * ssl_get_verify_result() can be called after the - * handshake is complete. - * - * SSL_VERIFY_REQUIRED: peer *must* present a valid certificate, - * handshake is aborted if verification failed. - * - * \note On client, SSL_VERIFY_REQUIRED is the recommended mode. - * With SSL_VERIFY_OPTIONAL, the user needs to call ssl_get_verify_result() at - * the right time(s), which may not be obvious, while REQUIRED always perform - * the verification as soon as possible. For example, REQUIRED was protecting - * against the "triple handshake" attack even before it was found. - */ -void ssl_set_authmode( ssl_context *ssl, int authmode ); - -#if defined(POLARSSL_X509_CRT_PARSE_C) -/** - * \brief Set the verification callback (Optional). - * - * If set, the verify callback is called for each - * certificate in the chain. For implementation - * information, please see \c x509parse_verify() - * - * \param ssl SSL context - * \param f_vrfy verification function - * \param p_vrfy verification parameter - */ -void ssl_set_verify( ssl_context *ssl, - int (*f_vrfy)(void *, x509_crt *, int, int *), - void *p_vrfy ); -#endif /* POLARSSL_X509_CRT_PARSE_C */ - -/** - * \brief Set the random number generator callback - * - * \param ssl SSL context - * \param f_rng RNG function - * \param p_rng RNG parameter - */ -void ssl_set_rng( ssl_context *ssl, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - -/** - * \brief Set the debug callback - * - * \param ssl SSL context - * \param f_dbg debug function - * \param p_dbg debug parameter - */ -void ssl_set_dbg( ssl_context *ssl, - void (*f_dbg)(void *, int, const char *), - void *p_dbg ); - -/** - * \brief Set the underlying BIO read and write callbacks - * - * \param ssl SSL context - * \param f_recv read callback - * \param p_recv read parameter - * \param f_send write callback - * \param p_send write parameter - */ -void ssl_set_bio( ssl_context *ssl, - int (*f_recv)(void *, unsigned char *, size_t), void *p_recv, - int (*f_send)(void *, const unsigned char *, size_t), void *p_send ); - -#if defined(POLARSSL_SSL_SRV_C) -/** - * \brief Set the session cache callbacks (server-side only) - * If not set, no session resuming is done (except if session - * tickets are enabled too). - * - * The session cache has the responsibility to check for stale - * entries based on timeout. See RFC 5246 for recommendations. - * - * Warning: session.peer_cert is cleared by the SSL/TLS layer on - * connection shutdown, so do not cache the pointer! Either set - * it to NULL or make a full copy of the certificate. - * - * The get callback is called once during the initial handshake - * to enable session resuming. The get function has the - * following parameters: (void *parameter, ssl_session *session) - * If a valid entry is found, it should fill the master of - * the session object with the cached values and return 0, - * return 1 otherwise. Optionally peer_cert can be set as well - * if it is properly present in cache entry. - * - * The set callback is called once during the initial handshake - * to enable session resuming after the entire handshake has - * been finished. The set function has the following parameters: - * (void *parameter, const ssl_session *session). The function - * should create a cache entry for future retrieval based on - * the data in the session structure and should keep in mind - * that the ssl_session object presented (and all its referenced - * data) is cleared by the SSL/TLS layer when the connection is - * terminated. It is recommended to add metadata to determine if - * an entry is still valid in the future. Return 0 if - * successfully cached, return 1 otherwise. - * - * \param ssl SSL context - * \param f_get_cache session get callback - * \param p_get_cache session get parameter - * \param f_set_cache session set callback - * \param p_set_cache session set parameter - */ -void ssl_set_session_cache( ssl_context *ssl, - int (*f_get_cache)(void *, ssl_session *), void *p_get_cache, - int (*f_set_cache)(void *, const ssl_session *), void *p_set_cache ); -#endif /* POLARSSL_SSL_SRV_C */ - -#if defined(POLARSSL_SSL_CLI_C) -/** - * \brief Request resumption of session (client-side only) - * Session data is copied from presented session structure. - * - * \param ssl SSL context - * \param session session context - * - * \return 0 if successful, - * POLARSSL_ERR_SSL_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_SSL_BAD_INPUT_DATA if used server-side or - * arguments are otherwise invalid - * - * \sa ssl_get_session() - */ -int ssl_set_session( ssl_context *ssl, const ssl_session *session ); -#endif /* POLARSSL_SSL_CLI_C */ - -/** - * \brief Set the list of allowed ciphersuites and the preference - * order. First in the list has the highest preference. - * (Overrides all version specific lists) - * - * The ciphersuites array is not copied, and must remain - * valid for the lifetime of the ssl_context. - * - * Note: The server uses its own preferences - * over the preference of the client unless - * POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined! - * - * \param ssl SSL context - * \param ciphersuites 0-terminated list of allowed ciphersuites - */ -void ssl_set_ciphersuites( ssl_context *ssl, const int *ciphersuites ); - -/** - * \brief Set the list of allowed ciphersuites and the - * preference order for a specific version of the protocol. - * (Only useful on the server side) - * - * \param ssl SSL context - * \param ciphersuites 0-terminated list of allowed ciphersuites - * \param major Major version number (only SSL_MAJOR_VERSION_3 - * supported) - * \param minor Minor version number (SSL_MINOR_VERSION_0, - * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2, - * SSL_MINOR_VERSION_3 supported) - */ -void ssl_set_ciphersuites_for_version( ssl_context *ssl, - const int *ciphersuites, - int major, int minor ); - -#if defined(POLARSSL_X509_CRT_PARSE_C) -/** - * \brief Set the data required to verify peer certificate - * - * \param ssl SSL context - * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) - * \param ca_crl trusted CA CRLs - * \param peer_cn expected peer CommonName (or NULL) - */ -void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain, - x509_crl *ca_crl, const char *peer_cn ); - -/** - * \brief Set own certificate chain and private key - * - * \note own_cert should contain in order from the bottom up your - * certificate chain. The top certificate (self-signed) - * can be omitted. - * - * \note This function may be called more than once if you want to - * support multiple certificates (eg, one using RSA and one - * using ECDSA). However, on client, currently only the first - * certificate is used (subsequent calls have no effect). - * - * \param ssl SSL context - * \param own_cert own public certificate chain - * \param pk_key own private key - * - * \return 0 on success or POLARSSL_ERR_SSL_MALLOC_FAILED - */ -int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert, - pk_context *pk_key ); - -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -#if defined(POLARSSL_DEPRECATED_WARNING) -#define DEPRECATED __attribute__((deprecated)) -#else -#define DEPRECATED -#endif -#if defined(POLARSSL_RSA_C) -/** - * \brief Set own certificate chain and private RSA key - * - * Note: own_cert should contain IN order from the bottom - * up your certificate chain. The top certificate (self-signed) - * can be omitted. - * - * \deprecated Please use \c ssl_set_own_cert() instead. - * - * \param ssl SSL context - * \param own_cert own public certificate chain - * \param rsa_key own private RSA key - * - * \return 0 on success, or a specific error code. - */ -int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert, - rsa_context *rsa_key ) DEPRECATED; -#endif /* POLARSSL_RSA_C */ - -/** - * \brief Set own certificate and external RSA private - * key and handling callbacks, such as the PKCS#11 wrappers - * or any other external private key handler. - * (see the respective RSA functions in rsa.h for documentation - * of the callback parameters, with the only change being - * that the rsa_context * is a void * in the callbacks) - * - * Note: own_cert should contain IN order from the bottom - * up your certificate chain. The top certificate (self-signed) - * can be omitted. - * - * \deprecated Please use \c pk_init_ctx_rsa_alt() - * and \c ssl_set_own_cert() instead. - * - * \param ssl SSL context - * \param own_cert own public certificate chain - * \param rsa_key alternate implementation private RSA key - * \param rsa_decrypt alternate implementation of \c rsa_pkcs1_decrypt() - * \param rsa_sign alternate implementation of \c rsa_pkcs1_sign() - * \param rsa_key_len function returning length of RSA key in bytes - * - * \return 0 on success, or a specific error code. - */ -int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, - void *rsa_key, - rsa_decrypt_func rsa_decrypt, - rsa_sign_func rsa_sign, - rsa_key_len_func rsa_key_len ) DEPRECATED; -#undef DEPRECATED -#endif /* POLARSSL_DEPRECATED_REMOVED */ -#endif /* POLARSSL_X509_CRT_PARSE_C */ - -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) -/** - * \brief Set the Pre Shared Key (PSK) and the identity name connected - * to it. - * - * \param ssl SSL context - * \param psk pointer to the pre-shared key - * \param psk_len pre-shared key length - * \param psk_identity pointer to the pre-shared key identity - * \param psk_identity_len identity key length - * - * \return 0 if successful or POLARSSL_ERR_SSL_MALLOC_FAILED - */ -int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len, - const unsigned char *psk_identity, size_t psk_identity_len ); - -/** - * \brief Set the PSK callback (server-side only) (Optional). - * - * If set, the PSK callback is called for each - * handshake where a PSK ciphersuite was negotiated. - * The caller provides the identity received and wants to - * receive the actual PSK data and length. - * - * The callback has the following parameters: (void *parameter, - * ssl_context *ssl, const unsigned char *psk_identity, - * size_t identity_len) - * If a valid PSK identity is found, the callback should use - * ssl_set_psk() on the ssl context to set the correct PSK and - * identity and return 0. - * Any other return value will result in a denied PSK identity. - * - * \param ssl SSL context - * \param f_psk PSK identity function - * \param p_psk PSK identity parameter - */ -void ssl_set_psk_cb( ssl_context *ssl, - int (*f_psk)(void *, ssl_context *, const unsigned char *, - size_t), - void *p_psk ); -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ - -#if defined(POLARSSL_DHM_C) -/** - * \brief Set the Diffie-Hellman public P and G values, - * read as hexadecimal strings (server-side only) - * (Default: POLARSSL_DHM_RFC5114_MODP_2048_[PG]) - * - * \param ssl SSL context - * \param dhm_P Diffie-Hellman-Merkle modulus - * \param dhm_G Diffie-Hellman-Merkle generator - * - * \return 0 if successful - */ -int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G ); - -/** - * \brief Set the Diffie-Hellman public P and G values, - * read from existing context (server-side only) - * - * \param ssl SSL context - * \param dhm_ctx Diffie-Hellman-Merkle context - * - * \return 0 if successful - */ -int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx ); -#endif /* POLARSSL_DHM_C */ - -#if defined(POLARSSL_SSL_SET_CURVES) -/** - * \brief Set the allowed curves in order of preference. - * (Default: all defined curves.) - * - * On server: this only affects selection of the ECDHE curve; - * the curves used for ECDH and ECDSA are determined by the - * list of available certificates instead. - * - * On client: this affects the list of curves offered for any - * use. The server can override our preference order. - * - * Both sides: limits the set of curves used by peer to the - * listed curves for any use (ECDH(E), certificates). - * - * \param ssl SSL context - * \param curves Ordered list of allowed curves, - * terminated by POLARSSL_ECP_DP_NONE. - */ -void ssl_set_curves( ssl_context *ssl, const ecp_group_id *curves ); -#endif /* POLARSSL_SSL_SET_CURVES */ - -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) -/** - * \brief Set hostname for ServerName TLS extension - * (client-side only) - * - * - * \param ssl SSL context - * \param hostname the server hostname - * - * \return 0 if successful or POLARSSL_ERR_SSL_MALLOC_FAILED - */ -int ssl_set_hostname( ssl_context *ssl, const char *hostname ); - -/** - * \brief Set server side ServerName TLS extension callback - * (optional, server-side only). - * - * If set, the ServerName callback is called whenever the - * server receives a ServerName TLS extension from the client - * during a handshake. The ServerName callback has the - * following parameters: (void *parameter, ssl_context *ssl, - * const unsigned char *hostname, size_t len). If a suitable - * certificate is found, the callback should set the - * certificate and key to use with ssl_set_own_cert() (and - * possibly adjust the CA chain as well) and return 0. The - * callback should return -1 to abort the handshake at this - * point. - * - * \param ssl SSL context - * \param f_sni verification function - * \param p_sni verification parameter - */ -void ssl_set_sni( ssl_context *ssl, - int (*f_sni)(void *, ssl_context *, const unsigned char *, - size_t), - void *p_sni ); -#endif /* POLARSSL_SSL_SERVER_NAME_INDICATION */ - -#if defined(POLARSSL_SSL_ALPN) -/** - * \brief Set the supported Application Layer Protocols. - * - * \param ssl SSL context - * \param protos NULL-terminated list of supported protocols, - * in decreasing preference order. - * - * \return 0 on success, or POLARSSL_ERR_SSL_BAD_INPUT_DATA. - */ -int ssl_set_alpn_protocols( ssl_context *ssl, const char **protos ); - -/** - * \brief Get the name of the negotiated Application Layer Protocol. - * This function should be called after the handshake is - * completed. - * - * \param ssl SSL context - * - * \return Protcol name, or NULL if no protocol was negotiated. - */ -const char *ssl_get_alpn_protocol( const ssl_context *ssl ); -#endif /* POLARSSL_SSL_ALPN */ - -/** - * \brief Set the maximum supported version sent from the client side - * and/or accepted at the server side - * (Default: SSL_MAX_MAJOR_VERSION, SSL_MAX_MINOR_VERSION) - * - * Note: This ignores ciphersuites from 'higher' versions. - * Note: Input outside of the SSL_MAX_XXXXX_VERSION and - * SSL_MIN_XXXXX_VERSION range is ignored. - * - * \param ssl SSL context - * \param major Major version number (only SSL_MAJOR_VERSION_3 supported) - * \param minor Minor version number (SSL_MINOR_VERSION_0, - * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2, - * SSL_MINOR_VERSION_3 supported) - */ -void ssl_set_max_version( ssl_context *ssl, int major, int minor ); - -/** - * \brief Set the minimum accepted SSL/TLS protocol version - * (Default: SSL_MIN_MAJOR_VERSION, SSL_MIN_MINOR_VERSION) - * - * \note Input outside of the SSL_MAX_XXXXX_VERSION and - * SSL_MIN_XXXXX_VERSION range is ignored. - * - * \note SSL_MINOR_VERSION_0 (SSL v3) should be avoided. - * - * \param ssl SSL context - * \param major Major version number (only SSL_MAJOR_VERSION_3 supported) - * \param minor Minor version number (SSL_MINOR_VERSION_0, - * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2, - * SSL_MINOR_VERSION_3 supported) - */ -void ssl_set_min_version( ssl_context *ssl, int major, int minor ); - -#if defined(POLARSSL_SSL_FALLBACK_SCSV) && defined(POLARSSL_SSL_CLI_C) -/** - * \brief Set the fallback flag (client-side only). - * (Default: SSL_IS_NOT_FALLBACK). - * - * \note Set to SSL_IS_FALLBACK when preparing a fallback - * connection, that is a connection with max_version set to a - * lower value than the value you're willing to use. Such - * fallback connections are not recommended but are sometimes - * necessary to interoperate with buggy (version-intolerant) - * servers. - * - * \warning You should NOT set this to SSL_IS_FALLBACK for - * non-fallback connections! This would appear to work for a - * while, then cause failures when the server is upgraded to - * support a newer TLS version. - * - * \param ssl SSL context - * \param fallback SSL_IS_NOT_FALLBACK or SSL_IS_FALLBACK - */ -void ssl_set_fallback( ssl_context *ssl, char fallback ); -#endif /* POLARSSL_SSL_FALLBACK_SCSV && POLARSSL_SSL_CLI_C */ - -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) -/** - * \brief Enable or disable Encrypt-then-MAC - * (Default: SSL_ETM_ENABLED) - * - * \note This should always be enabled, it is a security - * improvement, and should not cause any interoperability - * issue (used only if the peer supports it too). - * - * \param ssl SSL context - * \param etm SSL_ETM_ENABLED or SSL_ETM_DISABLED - */ -void ssl_set_encrypt_then_mac( ssl_context *ssl, char etm ); -#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */ - -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) -/** - * \brief Enable or disable Extended Master Secret negotiation. - * (Default: SSL_EXTENDED_MS_ENABLED) - * - * \note This should always be enabled, it is a security fix to the - * protocol, and should not cause any interoperability issue - * (used only if the peer supports it too). - * - * \param ssl SSL context - * \param ems SSL_EXTENDED_MS_ENABLED or SSL_EXTENDED_MS_DISABLED - */ -void ssl_set_extended_master_secret( ssl_context *ssl, char ems ); -#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */ - -/** - * \brief Disable or enable support for RC4 - * (Default: SSL_ARC4_ENABLED) - * - * \note Though the default is RC4 for compatibility reasons in the - * 1.3 branch, the recommended value is SSL_ARC4_DISABLED. - * - * \note This function will likely be removed in future versions as - * RC4 will then be disabled by default at compile time. - * - * \param ssl SSL context - * \param arc4 SSL_ARC4_ENABLED or SSL_ARC4_DISABLED - */ -void ssl_set_arc4_support( ssl_context *ssl, char arc4 ); - -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) -/** - * \brief Set the maximum fragment length to emit and/or negotiate - * (Default: SSL_MAX_CONTENT_LEN, usually 2^14 bytes) - * (Server: set maximum fragment length to emit, - * usually negotiated by the client during handshake - * (Client: set maximum fragment length to emit *and* - * negotiate with the server during handshake) - * - * \param ssl SSL context - * \param mfl_code Code for maximum fragment length (allowed values: - * SSL_MAX_FRAG_LEN_512, SSL_MAX_FRAG_LEN_1024, - * SSL_MAX_FRAG_LEN_2048, SSL_MAX_FRAG_LEN_4096) - * - * \return 0 if successful or POLARSSL_ERR_SSL_BAD_INPUT_DATA - */ -int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code ); -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) -/** - * \brief Activate negotiation of truncated HMAC - * (Default: SSL_TRUNC_HMAC_DISABLED on client, - * SSL_TRUNC_HMAC_ENABLED on server.) - * - * \param ssl SSL context - * \param truncate Enable or disable (SSL_TRUNC_HMAC_ENABLED or - * SSL_TRUNC_HMAC_DISABLED) - * - * \return Always 0. - */ -int ssl_set_truncated_hmac( ssl_context *ssl, int truncate ); -#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ - -#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) -/** - * \brief Enable / Disable 1/n-1 record splitting - * (Default: SSL_CBC_RECORD_SPLITTING_ENABLED) - * - * \note Only affects SSLv3 and TLS 1.0, not higher versions. - * Does not affect non-CBC ciphersuites in any version. - * - * \param ssl SSL context - * \param split SSL_CBC_RECORD_SPLITTING_ENABLED or - * SSL_CBC_RECORD_SPLITTING_DISABLED - */ -void ssl_set_cbc_record_splitting( ssl_context *ssl, char split ); -#endif /* POLARSSL_SSL_CBC_RECORD_SPLITTING */ - -#if defined(POLARSSL_SSL_SESSION_TICKETS) -/** - * \brief Enable / Disable session tickets - * (Default: SSL_SESSION_TICKETS_ENABLED on client, - * SSL_SESSION_TICKETS_DISABLED on server) - * - * \note On server, ssl_set_rng() must be called before this function - * to allow generating the ticket encryption and - * authentication keys. - * - * \param ssl SSL context - * \param use_tickets Enable or disable (SSL_SESSION_TICKETS_ENABLED or - * SSL_SESSION_TICKETS_DISABLED) - * - * \return 0 if successful, - * or a specific error code (server only). - */ -int ssl_set_session_tickets( ssl_context *ssl, int use_tickets ); - -/** - * \brief Set session ticket lifetime (server only) - * (Default: SSL_DEFAULT_TICKET_LIFETIME (86400 secs / 1 day)) - * - * \param ssl SSL context - * \param lifetime session ticket lifetime - */ -void ssl_set_session_ticket_lifetime( ssl_context *ssl, int lifetime ); -#endif /* POLARSSL_SSL_SESSION_TICKETS */ - -#if defined(POLARSSL_SSL_RENEGOTIATION) -/** - * \brief Enable / Disable renegotiation support for connection when - * initiated by peer - * (Default: SSL_RENEGOTIATION_DISABLED) - * - * Note: A server with support enabled is more vulnerable for a - * resource DoS by a malicious client. You should enable this on - * a client to enable server-initiated renegotiation. - * - * \param ssl SSL context - * \param renegotiation Enable or disable (SSL_RENEGOTIATION_ENABLED or - * SSL_RENEGOTIATION_DISABLED) - */ -void ssl_set_renegotiation( ssl_context *ssl, int renegotiation ); -#endif /* POLARSSL_SSL_RENEGOTIATION */ - -/** - * \brief Prevent or allow legacy renegotiation. - * (Default: SSL_LEGACY_NO_RENEGOTIATION) - * - * SSL_LEGACY_NO_RENEGOTIATION allows connections to - * be established even if the peer does not support - * secure renegotiation, but does not allow renegotiation - * to take place if not secure. - * (Interoperable and secure option) - * - * SSL_LEGACY_ALLOW_RENEGOTIATION allows renegotiations - * with non-upgraded peers. Allowing legacy renegotiation - * makes the connection vulnerable to specific man in the - * middle attacks. (See RFC 5746) - * (Most interoperable and least secure option) - * - * SSL_LEGACY_BREAK_HANDSHAKE breaks off connections - * if peer does not support secure renegotiation. Results - * in interoperability issues with non-upgraded peers - * that do not support renegotiation altogether. - * (Most secure option, interoperability issues) - * - * \param ssl SSL context - * \param allow_legacy Prevent or allow (SSL_NO_LEGACY_RENEGOTIATION, - * SSL_ALLOW_LEGACY_RENEGOTIATION or - * SSL_LEGACY_BREAK_HANDSHAKE) - */ -void ssl_legacy_renegotiation( ssl_context *ssl, int allow_legacy ); - -#if defined(POLARSSL_SSL_RENEGOTIATION) -/** - * \brief Enforce requested renegotiation. - * (Default: enforced, max_records = 16) - * - * When we request a renegotiation, the peer can comply or - * ignore the request. This function allows us to decide - * whether to enforce our renegotiation requests by closing - * the connection if the peer doesn't comply. - * - * However, records could already be in transit from the peer - * when the request is emitted. In order to increase - * reliability, we can accept a number of records before the - * expected handshake records. - * - * The optimal value is highly dependent on the specific usage - * scenario. - * - * \warning On client, the grace period can only happen during - * ssl_read(), as opposed to ssl_write() and ssl_renegotiate() - * which always behave as if max_record was 0. The reason is, - * if we receive application data from the server, we need a - * place to write it, which only happens during ssl_read(). - * - * \param ssl SSL context - * \param max_records Use SSL_RENEGOTIATION_NOT_ENFORCED if you don't want to - * enforce renegotiation, or a non-negative value to enforce - * it but allow for a grace period of max_records records. - */ -void ssl_set_renegotiation_enforced( ssl_context *ssl, int max_records ); - -/** - * \brief Set record counter threshold for periodic renegotiation. - * (Default: 2^64 - 256.) - * - * Renegotiation is automatically triggered when a record - * counter (outgoing or ingoing) crosses the defined - * threshold. The default value is meant to prevent the - * connection from being closed when the counter is about to - * reached its maximal value (it is not allowed to wrap). - * - * Lower values can be used to enforce policies such as "keys - * must be refreshed every N packets with cipher X". - * - * \param ssl SSL context - * \param period The threshold value: a big-endian 64-bit number. - * Set to 2^64 - 1 to disable periodic renegotiation - */ -void ssl_set_renegotiation_period( ssl_context *ssl, - const unsigned char period[8] ); -#endif /* POLARSSL_SSL_RENEGOTIATION */ - -/** - * \brief Return the number of data bytes available to read - * - * \param ssl SSL context - * - * \return how many bytes are available in the read buffer - */ -size_t ssl_get_bytes_avail( const ssl_context *ssl ); - -/** - * \brief Return the result of the certificate verification - * - * \param ssl SSL context - * - * \return 0 if successful, - * -1 if result is not available (eg because the handshake was - * aborted too early), or - * a combination of BADCERT_xxx and BADCRL_xxx flags, see - * x509.h - */ -int ssl_get_verify_result( const ssl_context *ssl ); - -/** - * \brief Return the name of the current ciphersuite - * - * \param ssl SSL context - * - * \return a string containing the ciphersuite name - */ -const char *ssl_get_ciphersuite( const ssl_context *ssl ); - -/** - * \brief Return the current SSL version (SSLv3/TLSv1/etc) - * - * \param ssl SSL context - * - * \return a string containing the SSL version - */ -const char *ssl_get_version( const ssl_context *ssl ); - -#if defined(POLARSSL_X509_CRT_PARSE_C) -/** - * \brief Return the peer certificate from the current connection - * - * Note: Can be NULL in case no certificate was sent during - * the handshake. Different calls for the same connection can - * return the same or different pointers for the same - * certificate and even a different certificate altogether. - * The peer cert CAN change in a single connection if - * renegotiation is performed. - * - * \param ssl SSL context - * - * \return the current peer certificate - */ -const x509_crt *ssl_get_peer_cert( const ssl_context *ssl ); -#endif /* POLARSSL_X509_CRT_PARSE_C */ - -#if defined(POLARSSL_SSL_CLI_C) -/** - * \brief Save session in order to resume it later (client-side only) - * Session data is copied to presented session structure. - * - * \warning Currently, peer certificate is lost in the operation. - * - * \param ssl SSL context - * \param session session context - * - * \return 0 if successful, - * POLARSSL_ERR_SSL_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_SSL_BAD_INPUT_DATA if used server-side or - * arguments are otherwise invalid - * - * \sa ssl_set_session() - */ -int ssl_get_session( const ssl_context *ssl, ssl_session *session ); -#endif /* POLARSSL_SSL_CLI_C */ - -/** - * \brief Perform the SSL handshake - * - * \param ssl SSL context - * - * \return 0 if successful, POLARSSL_ERR_NET_WANT_READ, - * POLARSSL_ERR_NET_WANT_WRITE, or a specific SSL error code. - */ -int ssl_handshake( ssl_context *ssl ); - -/** - * \brief Perform a single step of the SSL handshake - * - * Note: the state of the context (ssl->state) will be at - * the following state after execution of this function. - * Do not call this function if state is SSL_HANDSHAKE_OVER. - * - * \param ssl SSL context - * - * \return 0 if successful, POLARSSL_ERR_NET_WANT_READ, - * POLARSSL_ERR_NET_WANT_WRITE, or a specific SSL error code. - */ -int ssl_handshake_step( ssl_context *ssl ); - -#if defined(POLARSSL_SSL_RENEGOTIATION) -/** - * \brief Initiate an SSL renegotiation on the running connection. - * Client: perform the renegotiation right now. - * Server: request renegotiation, which will be performed - * during the next call to ssl_read() if honored by client. - * - * \param ssl SSL context - * - * \return 0 if successful, or any ssl_handshake() return value. - */ -int ssl_renegotiate( ssl_context *ssl ); -#endif /* POLARSSL_SSL_RENEGOTIATION */ - -/** - * \brief Read at most 'len' application data bytes - * - * \param ssl SSL context - * \param buf buffer that will hold the data - * \param len maximum number of bytes to read - * - * \return This function returns the number of bytes read, 0 for EOF, - * or a negative error code. - */ -int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ); - -/** - * \brief Write exactly 'len' application data bytes - * - * \param ssl SSL context - * \param buf buffer holding the data - * \param len how many bytes must be written - * - * \return This function returns the number of bytes written, - * or a negative error code. - * - * \note When this function returns POLARSSL_ERR_NET_WANT_WRITE, - * it must be called later with the *same* arguments, - * until it returns a positive value. - * - * \note This function may write less than the number of bytes - * requested if len is greater than the maximum record length. - * For arbitrary-sized messages, it should be called in a loop. - */ -int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len ); - -/** - * \brief Send an alert message - * - * \param ssl SSL context - * \param level The alert level of the message - * (SSL_ALERT_LEVEL_WARNING or SSL_ALERT_LEVEL_FATAL) - * \param message The alert message (SSL_ALERT_MSG_*) - * - * \return 0 if successful, or a specific SSL error code. - */ -int ssl_send_alert_message( ssl_context *ssl, - unsigned char level, - unsigned char message ); -/** - * \brief Notify the peer that the connection is being closed - * - * \param ssl SSL context - */ -int ssl_close_notify( ssl_context *ssl ); - -/** - * \brief Free referenced items in an SSL context and clear memory - * - * \param ssl SSL context - */ -void ssl_free( ssl_context *ssl ); - -/** - * \brief Initialize SSL session structure - * - * \param session SSL session - */ -void ssl_session_init( ssl_session *session ); - -/** - * \brief Free referenced items in an SSL session including the - * peer certificate and clear memory - * - * \param session SSL session - */ -void ssl_session_free( ssl_session *session ); - -/** - * \brief Free referenced items in an SSL transform context and clear - * memory - * - * \param transform SSL transform context - */ -void ssl_transform_free( ssl_transform *transform ); - -/** - * \brief Free referenced items in an SSL handshake context and clear - * memory - * - * \param handshake SSL handshake context - */ -void ssl_handshake_free( ssl_handshake_params *handshake ); - -/* - * Internal functions (do not call directly) - */ -int ssl_handshake_client_step( ssl_context *ssl ); -int ssl_handshake_server_step( ssl_context *ssl ); -void ssl_handshake_wrapup( ssl_context *ssl ); - -int ssl_send_fatal_handshake_failure( ssl_context *ssl ); - -int ssl_derive_keys( ssl_context *ssl ); - -int ssl_read_record( ssl_context *ssl ); -/** - * \return 0 if successful, POLARSSL_ERR_SSL_CONN_EOF on EOF or - * another negative error code. - */ -int ssl_fetch_input( ssl_context *ssl, size_t nb_want ); - -int ssl_write_record( ssl_context *ssl ); -int ssl_flush_output( ssl_context *ssl ); - -int ssl_parse_certificate( ssl_context *ssl ); -int ssl_write_certificate( ssl_context *ssl ); - -int ssl_parse_change_cipher_spec( ssl_context *ssl ); -int ssl_write_change_cipher_spec( ssl_context *ssl ); - -int ssl_parse_finished( ssl_context *ssl ); -int ssl_write_finished( ssl_context *ssl ); - -void ssl_optimize_checksum( ssl_context *ssl, - const ssl_ciphersuite_t *ciphersuite_info ); - -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) -int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ); -#endif - -#if defined(POLARSSL_PK_C) -unsigned char ssl_sig_from_pk( pk_context *pk ); -pk_type_t ssl_pk_alg_from_sig( unsigned char sig ); -#endif - -md_type_t ssl_md_alg_from_hash( unsigned char hash ); - -#if defined(POLARSSL_SSL_SET_CURVES) -int ssl_curve_is_acceptable( const ssl_context *ssl, ecp_group_id grp_id ); -#endif - -#if defined(POLARSSL_X509_CRT_PARSE_C) -static inline pk_context *ssl_own_key( ssl_context *ssl ) -{ - return( ssl->handshake->key_cert == NULL ? NULL - : ssl->handshake->key_cert->key ); -} - -static inline x509_crt *ssl_own_cert( ssl_context *ssl ) -{ - return( ssl->handshake->key_cert == NULL ? NULL - : ssl->handshake->key_cert->cert ); -} - -/* - * Check usage of a certificate wrt extensions: - * keyUsage, extendedKeyUsage (later), and nSCertType (later). - * - * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we - * check a cert we received from them)! - * - * Return 0 if everything is OK, -1 if not. - */ -int ssl_check_cert_usage( const x509_crt *cert, - const ssl_ciphersuite_t *ciphersuite, - int cert_endpoint, - int *flags ); -#endif /* POLARSSL_X509_CRT_PARSE_C */ - -/* constant-time buffer comparison */ -static inline int safer_memcmp( const void *a, const void *b, size_t n ) -{ - size_t i; - const unsigned char *A = (const unsigned char *) a; - const unsigned char *B = (const unsigned char *) b; - unsigned char diff = 0; - - for( i = 0; i < n; i++ ) - diff |= A[i] ^ B[i]; - - return( diff ); -} - -#ifdef __cplusplus -} -#endif - -#endif /* ssl.h */ diff --git a/ext/mbedtls/include/polarssl/ssl_ciphersuites.h b/ext/mbedtls/include/polarssl/ssl_ciphersuites.h deleted file mode 100644 index 1fcf4c70da..0000000000 --- a/ext/mbedtls/include/polarssl/ssl_ciphersuites.h +++ /dev/null @@ -1,303 +0,0 @@ -/** - * \file ssl_ciphersuites.h - * - * \brief SSL Ciphersuites for mbed TLS - * - * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_SSL_CIPHERSUITES_H -#define POLARSSL_SSL_CIPHERSUITES_H - -#include "pk.h" -#include "cipher.h" -#include "md.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * Supported ciphersuites (Official IANA names) - */ -#define TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */ -#define TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */ - -#define TLS_RSA_WITH_RC4_128_MD5 0x04 -#define TLS_RSA_WITH_RC4_128_SHA 0x05 -#define TLS_RSA_WITH_DES_CBC_SHA 0x09 /**< Weak! Not in TLS 1.2 */ - -#define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A - -#define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15 /**< Weak! Not in TLS 1.2 */ -#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16 - -#define TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */ -#define TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */ -#define TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */ -#define TLS_RSA_WITH_AES_128_CBC_SHA 0x2F - -#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33 -#define TLS_RSA_WITH_AES_256_CBC_SHA 0x35 -#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39 - -#define TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */ -#define TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */ -#define TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */ - -#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41 -#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45 - -#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */ -#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */ - -#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84 -#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88 - -#define TLS_PSK_WITH_RC4_128_SHA 0x8A -#define TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B -#define TLS_PSK_WITH_AES_128_CBC_SHA 0x8C -#define TLS_PSK_WITH_AES_256_CBC_SHA 0x8D - -#define TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E -#define TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F -#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90 -#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91 - -#define TLS_RSA_PSK_WITH_RC4_128_SHA 0x92 -#define TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93 -#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94 -#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95 - -#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */ -#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */ -#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */ -#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F /**< TLS 1.2 */ - -#define TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */ -#define TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */ -#define TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */ -#define TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB /**< TLS 1.2 */ -#define TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC /**< TLS 1.2 */ -#define TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD /**< TLS 1.2 */ - -#define TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE -#define TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF -#define TLS_PSK_WITH_NULL_SHA256 0xB0 /**< Weak! */ -#define TLS_PSK_WITH_NULL_SHA384 0xB1 /**< Weak! */ - -#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2 -#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3 -#define TLS_DHE_PSK_WITH_NULL_SHA256 0xB4 /**< Weak! */ -#define TLS_DHE_PSK_WITH_NULL_SHA384 0xB5 /**< Weak! */ - -#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6 -#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7 -#define TLS_RSA_PSK_WITH_NULL_SHA256 0xB8 /**< Weak! */ -#define TLS_RSA_PSK_WITH_NULL_SHA384 0xB9 /**< Weak! */ - -#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */ -#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */ - -#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */ -#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */ - -#define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */ -#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 /**< Not in SSL3! */ -#define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 /**< Not in SSL3! */ -#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 /**< Not in SSL3! */ -#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 /**< Not in SSL3! */ - -#define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 /**< Weak! */ -#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 /**< Not in SSL3! */ -#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 /**< Not in SSL3! */ -#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 /**< Not in SSL3! */ -#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A /**< Not in SSL3! */ - -#define TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B /**< Weak! */ -#define TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C /**< Not in SSL3! */ -#define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D /**< Not in SSL3! */ -#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E /**< Not in SSL3! */ -#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F /**< Not in SSL3! */ - -#define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 /**< Weak! */ -#define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 /**< Not in SSL3! */ -#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 /**< Not in SSL3! */ -#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 /**< Not in SSL3! */ -#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 /**< Not in SSL3! */ - -#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /**< TLS 1.2 */ -#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /**< TLS 1.2 */ -#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 /**< TLS 1.2 */ -#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 /**< TLS 1.2 */ -#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /**< TLS 1.2 */ -#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /**< TLS 1.2 */ -#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 /**< TLS 1.2 */ -#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A /**< TLS 1.2 */ - -#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /**< TLS 1.2 */ -#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /**< TLS 1.2 */ -#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D /**< TLS 1.2 */ -#define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E /**< TLS 1.2 */ -#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /**< TLS 1.2 */ -#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /**< TLS 1.2 */ -#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */ -#define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */ - -#define TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */ -#define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */ -#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */ -#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 /**< Not in SSL3! */ -#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 /**< Not in SSL3! */ -#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038 /**< Not in SSL3! */ -#define TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039 /**< Weak! No SSL3! */ -#define TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A /**< Weak! No SSL3! */ -#define TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B /**< Weak! No SSL3! */ - -#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< Not in SSL3! */ -#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< Not in SSL3! */ -#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074 /**< Not in SSL3! */ -#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075 /**< Not in SSL3! */ -#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 /**< Not in SSL3! */ -#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 /**< Not in SSL3! */ -#define TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078 /**< Not in SSL3! */ -#define TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079 /**< Not in SSL3! */ - -#define TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A /**< TLS 1.2 */ -#define TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B /**< TLS 1.2 */ -#define TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C /**< TLS 1.2 */ -#define TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D /**< TLS 1.2 */ -#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */ -#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */ -#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 /**< TLS 1.2 */ -#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089 /**< TLS 1.2 */ -#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A /**< TLS 1.2 */ -#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B /**< TLS 1.2 */ -#define TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C /**< TLS 1.2 */ -#define TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D /**< TLS 1.2 */ - -#define TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E /**< TLS 1.2 */ -#define TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F /**< TLS 1.2 */ -#define TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 /**< TLS 1.2 */ -#define TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 /**< TLS 1.2 */ -#define TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 /**< TLS 1.2 */ -#define TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 /**< TLS 1.2 */ - -#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094 -#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095 -#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096 -#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097 -#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098 -#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099 -#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< Not in SSL3! */ -#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< Not in SSL3! */ - -#define TLS_RSA_WITH_AES_128_CCM 0xC09C /**< TLS 1.2 */ -#define TLS_RSA_WITH_AES_256_CCM 0xC09D /**< TLS 1.2 */ -#define TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E /**< TLS 1.2 */ -#define TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F /**< TLS 1.2 */ -#define TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /**< TLS 1.2 */ -#define TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /**< TLS 1.2 */ -#define TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 /**< TLS 1.2 */ -#define TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /**< TLS 1.2 */ -#define TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */ -#define TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */ -#define TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 /**< TLS 1.2 */ -#define TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 /**< TLS 1.2 */ -#define TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */ -#define TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 /**< TLS 1.2 */ -#define TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA /**< TLS 1.2 */ -#define TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB /**< TLS 1.2 */ -/* The last two are named with PSK_DHE in the RFC, which looks like a typo */ - -#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /**< TLS 1.2 */ -#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD /**< TLS 1.2 */ -#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE /**< TLS 1.2 */ -#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF /**< TLS 1.2 */ - -/* Reminder: update _ssl_premaster_secret when adding a new key exchange. - * Reminder: update POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED below. - */ -typedef enum { - POLARSSL_KEY_EXCHANGE_NONE = 0, - POLARSSL_KEY_EXCHANGE_RSA, - POLARSSL_KEY_EXCHANGE_DHE_RSA, - POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - POLARSSL_KEY_EXCHANGE_PSK, - POLARSSL_KEY_EXCHANGE_DHE_PSK, - POLARSSL_KEY_EXCHANGE_RSA_PSK, - POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - POLARSSL_KEY_EXCHANGE_ECDH_RSA, - POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, -} key_exchange_type_t; - -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#define POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED -#endif - -typedef struct _ssl_ciphersuite_t ssl_ciphersuite_t; - -#define POLARSSL_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */ -#define POLARSSL_CIPHERSUITE_SHORT_TAG 0x02 /**< Short authentication tag, - eg for CCM_8 */ - -/** - * \brief This structure is used for storing ciphersuite information - */ -struct _ssl_ciphersuite_t -{ - int id; - const char * name; - - cipher_type_t cipher; - md_type_t mac; - key_exchange_type_t key_exchange; - - int min_major_ver; - int min_minor_ver; - int max_major_ver; - int max_minor_ver; - - unsigned char flags; -}; - -const int *ssl_list_ciphersuites( void ); - -const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name ); -const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite_id ); - -#if defined(POLARSSL_PK_C) -pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info ); -#endif - -int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info ); -int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info ); - -#ifdef __cplusplus -} -#endif - -#endif /* ssl_ciphersuites.h */ diff --git a/ext/mbedtls/include/polarssl/threading.h b/ext/mbedtls/include/polarssl/threading.h deleted file mode 100644 index 293da38c3a..0000000000 --- a/ext/mbedtls/include/polarssl/threading.h +++ /dev/null @@ -1,83 +0,0 @@ -/** - * \file threading.h - * - * \brief Threading abstraction layer - * - * Copyright (C) 2006-2013, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_THREADING_H -#define POLARSSL_THREADING_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define POLARSSL_ERR_THREADING_FEATURE_UNAVAILABLE -0x001A /**< The selected feature is not available. */ -#define POLARSSL_ERR_THREADING_BAD_INPUT_DATA -0x001C /**< Bad input parameters to function. */ -#define POLARSSL_ERR_THREADING_MUTEX_ERROR -0x001E /**< Locking / unlocking / free failed with error code. */ - -#if defined(POLARSSL_THREADING_PTHREAD) -#include -typedef pthread_mutex_t threading_mutex_t; -#endif - -#if defined(POLARSSL_THREADING_ALT) -/* You should define the threading_mutex_t type in your header */ -#include "threading_alt.h" - -/** - * \brief Set your alternate threading implementation function - * pointers - * - * \param mutex_init the init function implementation - * \param mutex_free the free function implementation - * \param mutex_lock the lock function implementation - * \param mutex_unlock the unlock function implementation - * - * \return 0 if successful - */ -int threading_set_alt( int (*mutex_init)( threading_mutex_t * ), - int (*mutex_free)( threading_mutex_t * ), - int (*mutex_lock)( threading_mutex_t * ), - int (*mutex_unlock)( threading_mutex_t * ) ); -#endif /* POLARSSL_THREADING_ALT_C */ - -/* - * The function pointers for mutex_init, mutex_free, mutex_ and mutex_unlock - * - * All these functions are expected to work or the result will be undefined. - */ -extern int (*polarssl_mutex_init)( threading_mutex_t *mutex ); -extern int (*polarssl_mutex_free)( threading_mutex_t *mutex ); -extern int (*polarssl_mutex_lock)( threading_mutex_t *mutex ); -extern int (*polarssl_mutex_unlock)( threading_mutex_t *mutex ); - -#ifdef __cplusplus -} -#endif - -#endif /* threading.h */ diff --git a/ext/mbedtls/include/polarssl/timing.h b/ext/mbedtls/include/polarssl/timing.h deleted file mode 100644 index 2dae5d9c9d..0000000000 --- a/ext/mbedtls/include/polarssl/timing.h +++ /dev/null @@ -1,99 +0,0 @@ -/** - * \file timing.h - * - * \brief Portable interface to the CPU cycle counter - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_TIMING_H -#define POLARSSL_TIMING_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#if !defined(POLARSSL_TIMING_ALT) -// Regular implementation -// - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief timer structure - */ -struct hr_time -{ - unsigned char opaque[32]; -}; - -extern volatile int alarmed; - -/** - * \brief Return the CPU cycle counter value - */ -unsigned long hardclock( void ); - -/** - * \brief Return the elapsed time in milliseconds - * - * \param val points to a timer structure - * \param reset if set to 1, the timer is restarted - */ -unsigned long get_timer( struct hr_time *val, int reset ); - -/** - * \brief Setup an alarm clock - * - * \param seconds delay before the "alarmed" flag is set - * - * \warning Only one alarm at a time is supported. In a threaded - * context, this means one for the whole process, not one per - * thread. - */ -void set_alarm( int seconds ); - -/** - * \brief Sleep for a certain amount of time - * - * \param milliseconds delay in milliseconds - */ -void m_sleep( int milliseconds ); - -#if defined(POLARSSL_SELF_TEST) -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if a test failed - */ -int timing_self_test( int verbose ); -#endif - -#ifdef __cplusplus -} -#endif - -#else /* POLARSSL_TIMING_ALT */ -#include "timing_alt.h" -#endif /* POLARSSL_TIMING_ALT */ - -#endif /* timing.h */ diff --git a/ext/mbedtls/include/polarssl/x509.h b/ext/mbedtls/include/polarssl/x509.h deleted file mode 100644 index cd01539b99..0000000000 --- a/ext/mbedtls/include/polarssl/x509.h +++ /dev/null @@ -1,342 +0,0 @@ -/** - * \file x509.h - * - * \brief X.509 generic defines and structures - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_X509_H -#define POLARSSL_X509_H - -#if !defined(POLARSSL_CONFIG_FILE) -#include "config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#include "asn1.h" -#include "pk.h" - -#if defined(POLARSSL_RSA_C) -#include "rsa.h" -#endif - -/** - * \addtogroup x509_module - * \{ - */ - -#if !defined(POLARSSL_X509_MAX_INTERMEDIATE_CA) -/** - * Maximum number of intermediate CAs in a verification chain. - * That is, maximum length of the chain, excluding the end-entity certificate - * and the trusted root certificate. - * - * Set this to a low value to prevent an adversary from making you waste - * resources verifying an overlong certificate chain. - */ -#define POLARSSL_X509_MAX_INTERMEDIATE_CA 8 -#endif - -/** - * \name X509 Error codes - * \{ - */ -#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */ -#define POLARSSL_ERR_X509_UNKNOWN_OID -0x2100 /**< Requested OID is unknown. */ -#define POLARSSL_ERR_X509_INVALID_FORMAT -0x2180 /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */ -#define POLARSSL_ERR_X509_INVALID_VERSION -0x2200 /**< The CRT/CRL/CSR version element is invalid. */ -#define POLARSSL_ERR_X509_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */ -#define POLARSSL_ERR_X509_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */ -#define POLARSSL_ERR_X509_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */ -#define POLARSSL_ERR_X509_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */ -#define POLARSSL_ERR_X509_INVALID_SIGNATURE -0x2480 /**< The signature tag or value invalid. */ -#define POLARSSL_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */ -#define POLARSSL_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */ -#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */ -#define POLARSSL_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::x509_crt sig_oid) */ -#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */ -#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */ -#define POLARSSL_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */ -#define POLARSSL_ERR_X509_MALLOC_FAILED -0x2880 /**< Allocation of memory failed. */ -#define POLARSSL_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */ -/* \} name */ - -/** - * \name X509 Verify codes - * \{ - */ -/* Reminder: update x509_crt_verify_strings[] in library/x509_crt.c */ -#define BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */ -#define BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */ -#define BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */ -#define BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */ -#define BADCRL_NOT_TRUSTED 0x10 /**< The CRL is not correctly signed by the trusted CA. */ -#define BADCRL_EXPIRED 0x20 /**< The CRL is expired. */ -#define BADCERT_MISSING 0x40 /**< Certificate was missing. */ -#define BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */ -#define BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */ -#define BADCERT_FUTURE 0x0200 /**< The certificate validity starts in the future. */ -#define BADCRL_FUTURE 0x0400 /**< The CRL is from the future */ -#define BADCERT_KEY_USAGE 0x0800 /**< Usage does not match the keyUsage extension. */ -#define BADCERT_EXT_KEY_USAGE 0x1000 /**< Usage does not match the extendedKeyUsage extension. */ -#define BADCERT_NS_CERT_TYPE 0x2000 /**< Usage does not match the nsCertType extension. */ -/* \} name */ -/* \} addtogroup x509_module */ - -/* - * X.509 v3 Key Usage Extension flags - */ -#define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */ -#define KU_NON_REPUDIATION (0x40) /* bit 1 */ -#define KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */ -#define KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */ -#define KU_KEY_AGREEMENT (0x08) /* bit 4 */ -#define KU_KEY_CERT_SIGN (0x04) /* bit 5 */ -#define KU_CRL_SIGN (0x02) /* bit 6 */ - -/* - * Netscape certificate types - * (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html) - */ - -#define NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */ -#define NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */ -#define NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */ -#define NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */ -#define NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */ -#define NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */ -#define NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */ -#define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */ - -/* - * X.509 extension types - * - * Comments refer to the status for using certificates. Status can be - * different for writing certificates or reading CRLs or CSRs. - */ -#define EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0) -#define EXT_SUBJECT_KEY_IDENTIFIER (1 << 1) -#define EXT_KEY_USAGE (1 << 2) /* Parsed but not used */ -#define EXT_CERTIFICATE_POLICIES (1 << 3) -#define EXT_POLICY_MAPPINGS (1 << 4) -#define EXT_SUBJECT_ALT_NAME (1 << 5) /* Supported (DNS) */ -#define EXT_ISSUER_ALT_NAME (1 << 6) -#define EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7) -#define EXT_BASIC_CONSTRAINTS (1 << 8) /* Supported */ -#define EXT_NAME_CONSTRAINTS (1 << 9) -#define EXT_POLICY_CONSTRAINTS (1 << 10) -#define EXT_EXTENDED_KEY_USAGE (1 << 11) /* Parsed but not used */ -#define EXT_CRL_DISTRIBUTION_POINTS (1 << 12) -#define EXT_INIHIBIT_ANYPOLICY (1 << 13) -#define EXT_FRESHEST_CRL (1 << 14) - -#define EXT_NS_CERT_TYPE (1 << 16) /* Parsed (and then ?) */ - -/* - * Storage format identifiers - * Recognized formats: PEM and DER - */ -#define X509_FORMAT_DER 1 -#define X509_FORMAT_PEM 2 - -#define X509_MAX_DN_NAME_SIZE 256 /**< Maximum value size of a DN entry */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \addtogroup x509_module - * \{ */ - -/** - * \name Structures for parsing X.509 certificates, CRLs and CSRs - * \{ - */ - -/** - * Type-length-value structure that allows for ASN1 using DER. - */ -typedef asn1_buf x509_buf; - -/** - * Container for ASN1 bit strings. - */ -typedef asn1_bitstring x509_bitstring; - -/** - * Container for ASN1 named information objects. - * It allows for Relative Distinguished Names (e.g. cn=polarssl,ou=code,etc.). - */ -typedef asn1_named_data x509_name; - -/** - * Container for a sequence of ASN.1 items - */ -typedef asn1_sequence x509_sequence; - -/** Container for date and time (precision in seconds). */ -typedef struct _x509_time -{ - int year, mon, day; /**< Date. */ - int hour, min, sec; /**< Time. */ -} -x509_time; - -/** \} name Structures for parsing X.509 certificates, CRLs and CSRs */ -/** \} addtogroup x509_module */ - -/** - * \brief Store the certificate DN in printable form into buf; - * no more than size characters will be written. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param dn The X509 name to represent - * - * \return The amount of data written to the buffer, or -1 in - * case of an error. - */ -int x509_dn_gets( char *buf, size_t size, const x509_name *dn ); - -/** - * \brief Store the certificate serial in printable form into buf; - * no more than size characters will be written. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param serial The X509 serial to represent - * - * \return The amount of data written to the buffer, or -1 in - * case of an error. - */ -int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ); - -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -#if defined(POLARSSL_DEPRECATED_WARNING) -#define DEPRECATED __attribute__((deprecated)) -#else -#define DEPRECATED -#endif -/** - * \brief Give an known OID, return its descriptive string. - * - * \deprecated Use oid_get_extended_key_usage() instead. - * - * \warning Only works for extended_key_usage OIDs! - * - * \param oid buffer containing the oid - * - * \return Return a string if the OID is known, - * or NULL otherwise. - */ -const char *x509_oid_get_description( x509_buf *oid ) DEPRECATED; - -/** - * \brief Give an OID, return a string version of its OID number. - * - * \deprecated Use oid_get_numeric_string() instead. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param oid Buffer containing the OID - * - * \return Length of the string written (excluding final NULL) or - * POLARSSL_ERR_OID_BUF_TO_SMALL in case of error - */ -int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ) DEPRECATED; -#undef DEPRECATED -#endif /* POLARSSL_DEPRECATED_REMOVED */ - -/** - * \brief Check a given x509_time against the system time and check - * if it is not expired. - * - * \param time x509_time to check - * - * \return 0 if the x509_time is still valid, - * 1 otherwise. - */ -int x509_time_expired( const x509_time *time ); - -/** - * \brief Check a given x509_time against the system time and check - * if it is not from the future. - * - * \param time x509_time to check - * - * \return 0 if the x509_time is already valid, - * 1 otherwise. - */ -int x509_time_future( const x509_time *time ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int x509_self_test( int verbose ); - -/* - * Internal module functions. You probably do not want to use these unless you - * know you do. - */ -int x509_get_name( unsigned char **p, const unsigned char *end, - x509_name *cur ); -int x509_get_alg_null( unsigned char **p, const unsigned char *end, - x509_buf *alg ); -int x509_get_alg( unsigned char **p, const unsigned char *end, - x509_buf *alg, x509_buf *params ); -#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) -int x509_get_rsassa_pss_params( const x509_buf *params, - md_type_t *md_alg, md_type_t *mgf_md, - int *salt_len ); -#endif -int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ); -int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, - md_type_t *md_alg, pk_type_t *pk_alg, - void **sig_opts ); -int x509_get_time( unsigned char **p, const unsigned char *end, - x509_time *time ); -int x509_get_serial( unsigned char **p, const unsigned char *end, - x509_buf *serial ); -int x509_get_ext( unsigned char **p, const unsigned char *end, - x509_buf *ext, int tag ); -int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, - pk_type_t pk_alg, md_type_t md_alg, - const void *sig_opts ); -int x509_key_size_helper( char *buf, size_t size, const char *name ); -int x509_string_to_names( asn1_named_data **head, const char *name ); -int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len, - int critical, const unsigned char *val, - size_t val_len ); -int x509_write_extensions( unsigned char **p, unsigned char *start, - asn1_named_data *first ); -int x509_write_names( unsigned char **p, unsigned char *start, - asn1_named_data *first ); -int x509_write_sig( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len, - unsigned char *sig, size_t size ); - -#ifdef __cplusplus -} -#endif - -#endif /* x509.h */ diff --git a/ext/mbedtls/library/.gitignore b/ext/mbedtls/library/.gitignore index f749c34590..3a63a63a43 100644 --- a/ext/mbedtls/library/.gitignore +++ b/ext/mbedtls/library/.gitignore @@ -1,6 +1,4 @@ *.o -libpolarssl.* -libmbedtls.* +libmbed* *.sln *.vcxproj -Makefile.am \ No newline at end of file diff --git a/ext/mbedtls/library/CMakeLists.txt b/ext/mbedtls/library/CMakeLists.txt index 9cbac7b018..d2a29c5b39 100644 --- a/ext/mbedtls/library/CMakeLists.txt +++ b/ext/mbedtls/library/CMakeLists.txt @@ -2,155 +2,159 @@ option(USE_STATIC_MBEDTLS_LIBRARY "Build mbed TLS static library." ON) option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." OFF) option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF) -set(src - aes.c - aesni.c - arc4.c - asn1parse.c - asn1write.c - base64.c - bignum.c - blowfish.c - camellia.c - ccm.c - certs.c - cipher.c - cipher_wrap.c - ctr_drbg.c - debug.c - des.c - dhm.c - ecp.c - ecp_curves.c - ecdh.c - ecdsa.c - entropy.c - entropy_poll.c - error.c - gcm.c - havege.c - hmac_drbg.c - md.c - md_wrap.c - md2.c - md4.c - md5.c - memory_buffer_alloc.c - net.c - oid.c - padlock.c - pbkdf2.c - pem.c - pkcs5.c - pkcs11.c - pkcs12.c - pk.c - pk_wrap.c - pkparse.c - pkwrite.c - platform.c - ripemd160.c - rsa.c - sha1.c - sha256.c - sha512.c - ssl_cache.c - ssl_ciphersuites.c - ssl_cli.c - ssl_srv.c - ssl_tls.c - threading.c - timing.c - version.c - version_features.c - x509.c - x509_crt.c - x509_crl.c - x509_csr.c - x509_create.c - x509write_crt.c - x509write_csr.c - xtea.c +set(src_crypto + aes.c + aesni.c + arc4.c + asn1parse.c + asn1write.c + base64.c + bignum.c + blowfish.c + camellia.c + ccm.c + cipher.c + cipher_wrap.c + ctr_drbg.c + des.c + dhm.c + ecdh.c + ecdsa.c + ecp.c + ecp_curves.c + entropy.c + entropy_poll.c + error.c + gcm.c + havege.c + hmac_drbg.c + md.c + md2.c + md4.c + md5.c + md_wrap.c + memory_buffer_alloc.c + oid.c + padlock.c + pem.c + pk.c + pk_wrap.c + pkcs12.c + pkcs5.c + pkparse.c + pkwrite.c + platform.c + ripemd160.c + rsa.c + sha1.c + sha256.c + sha512.c + threading.c + timing.c + version.c + version_features.c + xtea.c ) -if(WIN32) -set(libs ws2_32) -endif(WIN32) +set(src_x509 + certs.c + pkcs11.c + x509.c + x509_create.c + x509_crl.c + x509_crt.c + x509_csr.c + x509write_crt.c + x509write_csr.c +) + +set(src_tls + debug.c + net.c + ssl_cache.c + ssl_ciphersuites.c + ssl_cli.c + ssl_cookie.c + ssl_srv.c + ssl_ticket.c + ssl_tls.c +) if(CMAKE_COMPILER_IS_GNUCC) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes") endif(CMAKE_COMPILER_IS_GNUCC) if(CMAKE_COMPILER_IS_CLANG) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") endif(CMAKE_COMPILER_IS_CLANG) +if(WIN32) + set(libs ${libs} ws2_32) +endif(WIN32) + +if(USE_PKCS11_HELPER_LIBRARY) + set(libs ${libs} pkcs11-helper) +endif(USE_PKCS11_HELPER_LIBRARY) + +if(ENABLE_ZLIB_SUPPORT) + set(libs ${libs} ${ZLIB_LIBRARIES}) +endif(ENABLE_ZLIB_SUPPORT) + +if(LINK_WITH_PTHREAD) + set(libs ${libs} pthread) +endif() + if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) - message(FATAL_ERROR "Need to choose static or shared mbedtls build!") + message(FATAL_ERROR "Need to choose static or shared mbedtls build!") endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) - # if we build both static an shared, then let - # tests and programs link to the shared lib target - set(mbedtls_static_target "mbedtls_static") + set(mbedtls_static_target "mbedtls_static") + set(mbedx509_static_target "mbedx509_static") + set(mbedcrypto_static_target "mbedcrypto_static") elseif(USE_STATIC_MBEDTLS_LIBRARY) - set(mbedtls_static_target "mbedtls") + set(mbedtls_static_target "mbedtls") + set(mbedx509_static_target "mbedx509") + set(mbedcrypto_static_target "mbedcrypto") endif() if(USE_STATIC_MBEDTLS_LIBRARY) - add_library(${mbedtls_static_target} STATIC ${src}) - set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls) - target_link_libraries(${mbedtls_static_target} ${libs}) + add_library(${mbedcrypto_static_target} STATIC ${src_crypto}) + set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) + target_link_libraries(${mbedcrypto_static_target} ${libs}) - if(ZLIB_FOUND) - target_link_libraries(${mbedtls_static_target} ${ZLIB_LIBRARIES}) - endif(ZLIB_FOUND) + add_library(${mbedx509_static_target} STATIC ${src_x509}) + set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509) + target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target}) - if(LINK_WITH_PTHREAD) - target_link_libraries(${mbedtls_static_target} pthread) - endif() + add_library(${mbedtls_static_target} STATIC ${src_tls}) + set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls) + target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target}) - install(TARGETS ${mbedtls_static_target} - DESTINATION ${LIB_INSTALL_DIR} - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) -endif() + install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypt_static_target} + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) +endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) - add_library(mbedtls SHARED ${src}) - set_target_properties(mbedtls PROPERTIES VERSION 1.3.12 SOVERSION 9) - - target_link_libraries(mbedtls ${libs}) + add_library(mbedcrypto SHARED ${src_crypto}) + set_target_properties(mbedcrypto PROPERTIES VERSION 2.0.0 SOVERSION 0) + target_link_libraries(mbedcrypto ${libs}) - if(ZLIB_FOUND) - target_link_libraries(mbedtls ${ZLIB_LIBRARIES}) - endif(ZLIB_FOUND) + add_library(mbedx509 SHARED ${src_x509}) + set_target_properties(mbedx509 PROPERTIES VERSION 2.0.0 SOVERSION 0) + target_link_libraries(mbedx509 ${libs} mbedcrypto) - if(LINK_WITH_PTHREAD) - target_link_libraries(mbedtls pthread) - endif() + add_library(mbedtls SHARED ${src_tls}) + set_target_properties(mbedtls PROPERTIES VERSION 2.0.0 SOVERSION 10) + target_link_libraries(mbedtls ${libs} mbedx509) - install(TARGETS mbedtls - DESTINATION ${LIB_INSTALL_DIR} - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + install(TARGETS mbedtls mbedx509 mbedcrypto + DESTINATION ${LIB_INSTALL_DIR} + PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) endif(USE_SHARED_MBEDTLS_LIBRARY) -if(UNIX) - add_custom_target(polarssl - DEPENDS mbedtls # TODO: and mbedtls_static is shared is defined - COMMAND ${CMAKE_SOURCE_DIR}/scripts/polarssl_symlinks.sh ${CMAKE_BINARY_DIR}/library - ) - - if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) - add_dependencies(polarssl mbedtls_static) - endif() - - add_custom_target(polarssl-clean - COMMAND make clean - COMMAND rm -f ${CMAKE_BINARY_DIR}/library/libpolarssl.* - ) - - add_custom_target(polarssl-install - COMMAND make install - COMMAND ${CMAKE_SOURCE_DIR}/scripts/polarssl_symlinks.sh ${DESTDIR}/${CMAKE_INSTALL_PREFIX}/${LIB_INSTALL_DIR} - ) -endif(UNIX) +add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls) +if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) + add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static) +endif() diff --git a/ext/mbedtls/library/Makefile.am b/ext/mbedtls/library/Makefile.am index 59bcebdc4c..103496e119 100644 --- a/ext/mbedtls/library/Makefile.am +++ b/ext/mbedtls/library/Makefile.am @@ -1,13 +1,13 @@ -noinst_LTLIBRARIES = libpolarssl.la +noinst_LTLIBRARIES = libmbedtls.la -libpolarssl_la_CPPFLAGS = \ +libmbedtls_la_CPPFLAGS = \ -I$(srcdir)/../include \ -D_FILE_OFFSET_BITS=64 \ -Wall \ -W \ -Wdeclaration-after-statement -libpolarssl_la_SOURCES = \ +libmbedtls_la_SOURCES = \ aes.c \ aesni.c \ arc4.c \ @@ -44,7 +44,6 @@ libpolarssl_la_SOURCES = \ net.c \ oid.c \ padlock.c \ - pbkdf2.c \ pem.c \ pk.c \ pkcs11.c \ @@ -62,7 +61,9 @@ libpolarssl_la_SOURCES = \ ssl_cache.c \ ssl_ciphersuites.c \ ssl_cli.c \ + ssl_cookie.c \ ssl_srv.c \ + ssl_ticket.c \ ssl_tls.c \ threading.c \ timing.c \ @@ -76,4 +77,3 @@ libpolarssl_la_SOURCES = \ x509write_crt.c \ x509write_csr.c \ xtea.c - diff --git a/ext/mbedtls/library/Makefile.dist b/ext/mbedtls/library/Makefile.dist new file mode 100644 index 0000000000..56d53264d2 --- /dev/null +++ b/ext/mbedtls/library/Makefile.dist @@ -0,0 +1,167 @@ + +# Also see "include/mbedtls/config.h" + +CFLAGS ?= -O2 +WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement +LDFLAGS ?= + +LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64 +LOCAL_LDFLAGS = + +ifdef DEBUG +LOCAL_CFLAGS += -g3 +endif + +# MicroBlaze specific options: +# CFLAGS += -mno-xl-soft-mul -mxl-barrel-shift + +# To compile on Plan9: +# CFLAGS += -D_BSD_EXTENSION + +# if were running on Windows build for Windows +ifdef WINDOWS +WINDOWS_BUILD=1 +endif + +# To compile as a shared library: +ifdef SHARED +# all code is position-indep with mingw, avoid warning about useless flag +ifndef WINDOWS_BUILD +LOCAL_CFLAGS += -fPIC -fpic +endif +endif + +SOEXT_TLS=so.10 +SOEXT_X509=so.0 +SOEXT_CRYPTO=so.0 + +DLEXT=so +# OSX shared library extension: +# DLEXT=dylib + +# Windows shared library extension: +ifdef WINDOWS_BUILD +DLEXT=dll +endif + +OBJS_CRYPTO= aes.o aesni.o arc4.o \ + asn1parse.o asn1write.o base64.o \ + bignum.o blowfish.o camellia.o \ + ccm.o cipher.o cipher_wrap.o \ + ctr_drbg.o des.o dhm.o \ + ecdh.o ecdsa.o ecp.o \ + ecp_curves.o entropy.o entropy_poll.o \ + error.o gcm.o havege.o \ + hmac_drbg.o md.o md2.o \ + md4.o md5.o md_wrap.o \ + memory_buffer_alloc.o oid.o \ + padlock.o pem.o pk.o \ + pk_wrap.o pkcs12.o pkcs5.o \ + pkparse.o pkwrite.o platform.o \ + ripemd160.o rsa.o sha1.o \ + sha256.o sha512.o threading.o \ + timing.o version.o \ + version_features.o xtea.o + +OBJS_X509= certs.o pkcs11.o x509.o \ + x509_create.o x509_crl.o x509_crt.o \ + x509_csr.o x509write_crt.o x509write_csr.o + +OBJS_TLS= debug.o net.o ssl_cache.o \ + ssl_ciphersuites.o ssl_cli.o \ + ssl_cookie.o ssl_srv.o ssl_ticket.o \ + ssl_tls.o + +.SILENT: + +.PHONY: all static shared clean + +ifndef SHARED +all: static +else +all: shared static +endif + +static: libmbedcrypto.a libmbedx509.a libmbedtls.a + +shared: libmbedcrypto.$(DLEXT) libmbedx509.$(DLEXT) libmbedtls.$(DLEXT) + +# tls +libmbedtls.a: $(OBJS_TLS) + echo " AR $@" + $(AR) rc $@ $(OBJS_TLS) + echo " RL $@" + $(AR) s $@ + +libmbedtls.$(SOEXT_TLS): $(OBJS_TLS) + echo " LD $@" + $(CC) -shared -Wl,-soname,$@ $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_TLS) + +libmbedtls.so: libmbedtls.$(SOEXT_TLS) + echo " LN $@ -> $<" + ln -sf $< $@ + +libmbedtls.dylib: $(OBJS_TLS) + echo " LD $@" + $(CC) -dynamiclib $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_TLS) + +libmbedtls.dll: $(OBJS_TLS) + echo " LD $@" + $(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_TLS) -lws2_32 -lwinmm -lgdi32 $(LOCAL_LDFLAGS) $(LDFLAGS) + +# x509 +libmbedx509.a: $(OBJS_X509) + echo " AR $@" + $(AR) rc $@ $(OBJS_X509) + echo " RL $@" + $(AR) s $@ + +libmbedx509.$(SOEXT_X509): $(OBJS_X509) + echo " LD $@" + $(CC) -shared -Wl,-soname,$@ $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_X509) + +libmbedx509.so: libmbedx509.$(SOEXT_X509) + echo " LN $@ -> $<" + ln -sf $< $@ + +libmbedx509.dylib: $(OBJS_X509) + echo " LD $@" + $(CC) -dynamiclib $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_X509) + +libmbedx509.dll: $(OBJS_X509) + echo " LD $@" + $(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_X509) -lws2_32 -lwinmm -lgdi32 $(LOCAL_LDFLAGS) $(LDFLAGS) + +# crypto +libmbedcrypto.a: $(OBJS_CRYPTO) + echo " AR $@" + $(AR) rc $@ $(OBJS_CRYPTO) + echo " RL $@" + $(AR) s $@ + +libmbedcrypto.$(SOEXT_CRYPTO): $(OBJS_CRYPTO) + echo " LD $@" + $(CC) -shared -Wl,-soname,$@ $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_CRYPTO) + +libmbedcrypto.so: libmbedcrypto.$(SOEXT_CRYPTO) + echo " LN $@ -> $<" + ln -sf $< $@ + +libmbedcrypto.dylib: $(OBJS_CRYPTO) + echo " LD $@" + $(CC) -dynamiclib $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS_CRYPTO) + +libmbedcrypto.dll: $(OBJS_CRYPTO) + echo " LD $@" + $(CC) -shared -Wl,-soname,$@ -Wl,--out-implib,$@.a -o $@ $(OBJS_CRYPTO) -lws2_32 -lwinmm -lgdi32 $(LOCAL_LDFLAGS) $(LDFLAGS) + +.c.o: + echo " CC $<" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c $< + +clean: +ifndef WINDOWS + rm -f *.o libmbed* +else + del /Q /F *.o libmbed* +endif diff --git a/ext/mbedtls/library/aes.c b/ext/mbedtls/library/aes.c index 9d96064ffe..5592138723 100644 --- a/ext/mbedtls/library/aes.c +++ b/ext/mbedtls/library/aes.c @@ -26,37 +26,37 @@ * http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_AES_C) +#if defined(MBEDTLS_AES_C) #include -#include "polarssl/aes.h" -#if defined(POLARSSL_PADLOCK_C) -#include "polarssl/padlock.h" +#include "mbedtls/aes.h" +#if defined(MBEDTLS_PADLOCK_C) +#include "mbedtls/padlock.h" #endif -#if defined(POLARSSL_AESNI_C) -#include "polarssl/aesni.h" +#if defined(MBEDTLS_AESNI_C) +#include "mbedtls/aesni.h" #endif -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ -#if !defined(POLARSSL_AES_ALT) +#if !defined(MBEDTLS_AES_ALT) /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } @@ -83,12 +83,12 @@ static void polarssl_zeroize( void *v, size_t n ) { } #endif -#if defined(POLARSSL_PADLOCK_C) && \ - ( defined(POLARSSL_HAVE_X86) || defined(PADLOCK_ALIGN16) ) +#if defined(MBEDTLS_PADLOCK_C) && \ + ( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) ) static int aes_padlock_ace = -1; #endif -#if defined(POLARSSL_AES_ROM_TABLES) +#if defined(MBEDTLS_AES_ROM_TABLES) /* * Forward S-box */ @@ -353,7 +353,7 @@ static const uint32_t RCON[10] = 0x0000001B, 0x00000036 }; -#else /* POLARSSL_AES_ROM_TABLES */ +#else /* MBEDTLS_AES_ROM_TABLES */ /* * Forward S-box & tables @@ -463,31 +463,32 @@ static void aes_gen_tables( void ) } } -#endif /* POLARSSL_AES_ROM_TABLES */ +#endif /* MBEDTLS_AES_ROM_TABLES */ -void aes_init( aes_context *ctx ) +void mbedtls_aes_init( mbedtls_aes_context *ctx ) { - memset( ctx, 0, sizeof( aes_context ) ); + memset( ctx, 0, sizeof( mbedtls_aes_context ) ); } -void aes_free( aes_context *ctx ) +void mbedtls_aes_free( mbedtls_aes_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( aes_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_aes_context ) ); } /* * AES key schedule (encryption) */ -int aes_setkey_enc( aes_context *ctx, const unsigned char *key, - unsigned int keysize ) +#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) +int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits ) { unsigned int i; uint32_t *RK; -#if !defined(POLARSSL_AES_ROM_TABLES) +#if !defined(MBEDTLS_AES_ROM_TABLES) if( aes_init_done == 0 ) { aes_gen_tables(); @@ -496,30 +497,30 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key, } #endif - switch( keysize ) + switch( keybits ) { case 128: ctx->nr = 10; break; case 192: ctx->nr = 12; break; case 256: ctx->nr = 14; break; - default : return( POLARSSL_ERR_AES_INVALID_KEY_LENGTH ); + default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); } -#if defined(POLARSSL_PADLOCK_C) && defined(PADLOCK_ALIGN16) +#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) if( aes_padlock_ace == -1 ) - aes_padlock_ace = padlock_supports( PADLOCK_ACE ); + aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE ); if( aes_padlock_ace ) - ctx->rk = RK = PADLOCK_ALIGN16( ctx->buf ); + ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf ); else #endif ctx->rk = RK = ctx->buf; -#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64) - if( aesni_supports( POLARSSL_AESNI_AES ) ) - return( aesni_setkey_enc( (unsigned char *) ctx->rk, key, keysize ) ); +#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) + if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) + return( mbedtls_aesni_setkey_enc( (unsigned char *) ctx->rk, key, keybits ) ); #endif - for( i = 0; i < ( keysize >> 5 ); i++ ) + for( i = 0; i < ( keybits >> 5 ); i++ ) { GET_UINT32_LE( RK[i], key, i << 2 ); } @@ -589,40 +590,42 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key, return( 0 ); } +#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */ /* * AES key schedule (decryption) */ -int aes_setkey_dec( aes_context *ctx, const unsigned char *key, - unsigned int keysize ) +#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits ) { int i, j, ret; - aes_context cty; + mbedtls_aes_context cty; uint32_t *RK; uint32_t *SK; - aes_init( &cty ); + mbedtls_aes_init( &cty ); -#if defined(POLARSSL_PADLOCK_C) && defined(PADLOCK_ALIGN16) +#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) if( aes_padlock_ace == -1 ) - aes_padlock_ace = padlock_supports( PADLOCK_ACE ); + aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE ); if( aes_padlock_ace ) - ctx->rk = RK = PADLOCK_ALIGN16( ctx->buf ); + ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf ); else #endif ctx->rk = RK = ctx->buf; - /* Also checks keysize */ - if( ( ret = aes_setkey_enc( &cty, key, keysize ) ) != 0 ) + /* Also checks keybits */ + if( ( ret = mbedtls_aes_setkey_enc( &cty, key, keybits ) ) != 0 ) goto exit; ctx->nr = cty.nr; -#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64) - if( aesni_supports( POLARSSL_AESNI_AES ) ) +#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) + if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) { - aesni_inverse_key( (unsigned char *) ctx->rk, + mbedtls_aesni_inverse_key( (unsigned char *) ctx->rk, (const unsigned char *) cty.rk, ctx->nr ); goto exit; } @@ -652,10 +655,11 @@ int aes_setkey_dec( aes_context *ctx, const unsigned char *key, *RK++ = *SK++; exit: - aes_free( &cty ); + mbedtls_aes_free( &cty ); return( ret ); } +#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */ #define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ { \ @@ -704,32 +708,72 @@ exit: } /* - * AES-ECB block encryption/decryption + * AES-ECB block encryption */ -int aes_crypt_ecb( aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ) +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) +void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16] ) { int i; uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3; -#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64) - if( aesni_supports( POLARSSL_AESNI_AES ) ) - return( aesni_crypt_ecb( ctx, mode, input, output ) ); -#endif + RK = ctx->rk; -#if defined(POLARSSL_PADLOCK_C) && defined(POLARSSL_HAVE_X86) - if( aes_padlock_ace ) - { - if( padlock_xcryptecb( ctx, mode, input, output ) == 0 ) - return( 0 ); + GET_UINT32_LE( X0, input, 0 ); X0 ^= *RK++; + GET_UINT32_LE( X1, input, 4 ); X1 ^= *RK++; + GET_UINT32_LE( X2, input, 8 ); X2 ^= *RK++; + GET_UINT32_LE( X3, input, 12 ); X3 ^= *RK++; - // If padlock data misaligned, we just fall back to - // unaccelerated mode - // + for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) + { + AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); + AES_FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); } -#endif + + AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); + + X0 = *RK++ ^ \ + ( (uint32_t) FSb[ ( Y0 ) & 0xFF ] ) ^ + ( (uint32_t) FSb[ ( Y1 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) FSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) FSb[ ( Y3 >> 24 ) & 0xFF ] << 24 ); + + X1 = *RK++ ^ \ + ( (uint32_t) FSb[ ( Y1 ) & 0xFF ] ) ^ + ( (uint32_t) FSb[ ( Y2 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) FSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) FSb[ ( Y0 >> 24 ) & 0xFF ] << 24 ); + + X2 = *RK++ ^ \ + ( (uint32_t) FSb[ ( Y2 ) & 0xFF ] ) ^ + ( (uint32_t) FSb[ ( Y3 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) FSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) FSb[ ( Y1 >> 24 ) & 0xFF ] << 24 ); + + X3 = *RK++ ^ \ + ( (uint32_t) FSb[ ( Y3 ) & 0xFF ] ) ^ + ( (uint32_t) FSb[ ( Y0 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) FSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) FSb[ ( Y2 >> 24 ) & 0xFF ] << 24 ); + + PUT_UINT32_LE( X0, output, 0 ); + PUT_UINT32_LE( X1, output, 4 ); + PUT_UINT32_LE( X2, output, 8 ); + PUT_UINT32_LE( X3, output, 12 ); +} +#endif /* !MBEDTLS_AES_ENCRYPT_ALT */ + +/* + * AES-ECB block decryption + */ +#if !defined(MBEDTLS_AES_DECRYPT_ALT) +void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16] ) +{ + int i; + uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3; RK = ctx->rk; @@ -738,88 +782,83 @@ int aes_crypt_ecb( aes_context *ctx, GET_UINT32_LE( X2, input, 8 ); X2 ^= *RK++; GET_UINT32_LE( X3, input, 12 ); X3 ^= *RK++; - if( mode == AES_DECRYPT ) + for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) { - for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) - { - AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); - AES_RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); - } - AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); - - X0 = *RK++ ^ \ - ( (uint32_t) RSb[ ( Y0 ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( Y3 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( Y1 >> 24 ) & 0xFF ] << 24 ); - - X1 = *RK++ ^ \ - ( (uint32_t) RSb[ ( Y1 ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( Y0 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( Y2 >> 24 ) & 0xFF ] << 24 ); - - X2 = *RK++ ^ \ - ( (uint32_t) RSb[ ( Y2 ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( Y1 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( Y3 >> 24 ) & 0xFF ] << 24 ); - - X3 = *RK++ ^ \ - ( (uint32_t) RSb[ ( Y3 ) & 0xFF ] ) ^ - ( (uint32_t) RSb[ ( Y2 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) RSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) RSb[ ( Y0 >> 24 ) & 0xFF ] << 24 ); + AES_RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); } - else /* AES_ENCRYPT */ - { - for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) - { - AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); - AES_FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); - } - AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); + AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); - X0 = *RK++ ^ \ - ( (uint32_t) FSb[ ( Y0 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( Y1 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( Y3 >> 24 ) & 0xFF ] << 24 ); - - X1 = *RK++ ^ \ - ( (uint32_t) FSb[ ( Y1 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( Y2 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( Y0 >> 24 ) & 0xFF ] << 24 ); - - X2 = *RK++ ^ \ - ( (uint32_t) FSb[ ( Y2 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( Y3 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( Y1 >> 24 ) & 0xFF ] << 24 ); - - X3 = *RK++ ^ \ - ( (uint32_t) FSb[ ( Y3 ) & 0xFF ] ) ^ - ( (uint32_t) FSb[ ( Y0 >> 8 ) & 0xFF ] << 8 ) ^ - ( (uint32_t) FSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^ - ( (uint32_t) FSb[ ( Y2 >> 24 ) & 0xFF ] << 24 ); - } + X0 = *RK++ ^ \ + ( (uint32_t) RSb[ ( Y0 ) & 0xFF ] ) ^ + ( (uint32_t) RSb[ ( Y3 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) RSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) RSb[ ( Y1 >> 24 ) & 0xFF ] << 24 ); + + X1 = *RK++ ^ \ + ( (uint32_t) RSb[ ( Y1 ) & 0xFF ] ) ^ + ( (uint32_t) RSb[ ( Y0 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) RSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) RSb[ ( Y2 >> 24 ) & 0xFF ] << 24 ); + + X2 = *RK++ ^ \ + ( (uint32_t) RSb[ ( Y2 ) & 0xFF ] ) ^ + ( (uint32_t) RSb[ ( Y1 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) RSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) RSb[ ( Y3 >> 24 ) & 0xFF ] << 24 ); + + X3 = *RK++ ^ \ + ( (uint32_t) RSb[ ( Y3 ) & 0xFF ] ) ^ + ( (uint32_t) RSb[ ( Y2 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) RSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) RSb[ ( Y0 >> 24 ) & 0xFF ] << 24 ); PUT_UINT32_LE( X0, output, 0 ); PUT_UINT32_LE( X1, output, 4 ); PUT_UINT32_LE( X2, output, 8 ); PUT_UINT32_LE( X3, output, 12 ); +} +#endif /* !MBEDTLS_AES_DECRYPT_ALT */ + +/* + * AES-ECB block encryption/decryption + */ +int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16] ) +{ +#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) + if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) + return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) ); +#endif + +#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) + if( aes_padlock_ace ) + { + if( mbedtls_padlock_xcryptecb( ctx, mode, input, output ) == 0 ) + return( 0 ); + + // If padlock data misaligned, we just fall back to + // unaccelerated mode + // + } +#endif + + if( mode == MBEDTLS_AES_ENCRYPT ) + mbedtls_aes_encrypt( ctx, input, output ); + else + mbedtls_aes_decrypt( ctx, input, output ); return( 0 ); } -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /* * AES-CBC buffer encryption/decryption */ -int aes_crypt_cbc( aes_context *ctx, +int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, int mode, size_t length, unsigned char iv[16], @@ -830,12 +869,12 @@ int aes_crypt_cbc( aes_context *ctx, unsigned char temp[16]; if( length % 16 ) - return( POLARSSL_ERR_AES_INVALID_INPUT_LENGTH ); + return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); -#if defined(POLARSSL_PADLOCK_C) && defined(POLARSSL_HAVE_X86) +#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) if( aes_padlock_ace ) { - if( padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 ) + if( mbedtls_padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 ) return( 0 ); // If padlock data misaligned, we just fall back to @@ -844,12 +883,12 @@ int aes_crypt_cbc( aes_context *ctx, } #endif - if( mode == AES_DECRYPT ) + if( mode == MBEDTLS_AES_DECRYPT ) { while( length > 0 ) { memcpy( temp, input, 16 ); - aes_crypt_ecb( ctx, mode, input, output ); + mbedtls_aes_crypt_ecb( ctx, mode, input, output ); for( i = 0; i < 16; i++ ) output[i] = (unsigned char)( output[i] ^ iv[i] ); @@ -868,7 +907,7 @@ int aes_crypt_cbc( aes_context *ctx, for( i = 0; i < 16; i++ ) output[i] = (unsigned char)( input[i] ^ iv[i] ); - aes_crypt_ecb( ctx, mode, output, output ); + mbedtls_aes_crypt_ecb( ctx, mode, output, output ); memcpy( iv, output, 16 ); input += 16; @@ -879,13 +918,13 @@ int aes_crypt_cbc( aes_context *ctx, return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) /* * AES-CFB128 buffer encryption/decryption */ -int aes_crypt_cfb128( aes_context *ctx, +int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, int mode, size_t length, size_t *iv_off, @@ -896,12 +935,12 @@ int aes_crypt_cfb128( aes_context *ctx, int c; size_t n = *iv_off; - if( mode == AES_DECRYPT ) + if( mode == MBEDTLS_AES_DECRYPT ) { while( length-- ) { if( n == 0 ) - aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv ); + mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); c = *input++; *output++ = (unsigned char)( c ^ iv[n] ); @@ -915,7 +954,7 @@ int aes_crypt_cfb128( aes_context *ctx, while( length-- ) { if( n == 0 ) - aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv ); + mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); @@ -931,7 +970,7 @@ int aes_crypt_cfb128( aes_context *ctx, /* * AES-CFB8 buffer encryption/decryption */ -int aes_crypt_cfb8( aes_context *ctx, +int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, int mode, size_t length, unsigned char iv[16], @@ -944,14 +983,14 @@ int aes_crypt_cfb8( aes_context *ctx, while( length-- ) { memcpy( ov, iv, 16 ); - aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv ); + mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - if( mode == AES_DECRYPT ) + if( mode == MBEDTLS_AES_DECRYPT ) ov[16] = *input; c = *output++ = (unsigned char)( iv[0] ^ *input++ ); - if( mode == AES_ENCRYPT ) + if( mode == MBEDTLS_AES_ENCRYPT ) ov[16] = c; memcpy( iv, ov + 1, 16 ); @@ -959,13 +998,13 @@ int aes_crypt_cfb8( aes_context *ctx, return( 0 ); } -#endif /*POLARSSL_CIPHER_MODE_CFB */ +#endif /*MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) /* * AES-CTR buffer encryption/decryption */ -int aes_crypt_ctr( aes_context *ctx, +int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, size_t length, size_t *nc_off, unsigned char nonce_counter[16], @@ -979,7 +1018,7 @@ int aes_crypt_ctr( aes_context *ctx, while( length-- ) { if( n == 0 ) { - aes_crypt_ecb( ctx, AES_ENCRYPT, nonce_counter, stream_block ); + mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block ); for( i = 16; i > 0; i-- ) if( ++nonce_counter[i - 1] != 0 ) @@ -995,11 +1034,11 @@ int aes_crypt_ctr( aes_context *ctx, return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ -#endif /* !POLARSSL_AES_ALT */ +#endif /* !MBEDTLS_AES_ALT */ -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * AES test vectors from: * @@ -1025,7 +1064,7 @@ static const unsigned char aes_test_ecb_enc[3][16] = 0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 } }; -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) static const unsigned char aes_test_cbc_dec[3][16] = { { 0xFA, 0xCA, 0x37, 0xE0, 0xB0, 0xC8, 0x53, 0x73, @@ -1045,9 +1084,9 @@ static const unsigned char aes_test_cbc_enc[3][16] = { 0xFE, 0x3C, 0x53, 0x65, 0x3E, 0x2F, 0x45, 0xB5, 0x6F, 0xCD, 0x88, 0xB2, 0xCC, 0x89, 0x8F, 0xF0 } }; -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) /* * AES-CFB128 test vectors from: * @@ -1111,9 +1150,9 @@ static const unsigned char aes_test_cfb128_ct[3][64] = 0x75, 0xA3, 0x85, 0x74, 0x1A, 0xB9, 0xCE, 0xF8, 0x20, 0x31, 0x62, 0x3D, 0x55, 0xB1, 0xE4, 0x71 } }; -#endif /* POLARSSL_CIPHER_MODE_CFB */ +#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) /* * AES-CTR test vectors from: * @@ -1174,32 +1213,32 @@ static const unsigned char aes_test_ctr_ct[3][48] = static const int aes_test_ctr_len[3] = { 16, 32, 36 }; -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ /* * Checkup routine */ -int aes_self_test( int verbose ) +int mbedtls_aes_self_test( int verbose ) { int ret = 0, i, j, u, v; unsigned char key[32]; unsigned char buf[64]; unsigned char iv[16]; -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) unsigned char prv[16]; #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) || defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CTR) || defined(MBEDTLS_CIPHER_MODE_CFB) size_t offset; #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) int len; unsigned char nonce_counter[16]; unsigned char stream_block[16]; #endif - aes_context ctx; + mbedtls_aes_context ctx; memset( key, 0, 32 ); - aes_init( &ctx ); + mbedtls_aes_init( &ctx ); /* * ECB mode @@ -1210,22 +1249,22 @@ int aes_self_test( int verbose ) v = i & 1; if( verbose != 0 ) - polarssl_printf( " AES-ECB-%3d (%s): ", 128 + u * 64, - ( v == AES_DECRYPT ) ? "dec" : "enc" ); + mbedtls_printf( " AES-ECB-%3d (%s): ", 128 + u * 64, + ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); memset( buf, 0, 16 ); - if( v == AES_DECRYPT ) + if( v == MBEDTLS_AES_DECRYPT ) { - aes_setkey_dec( &ctx, key, 128 + u * 64 ); + mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 ); for( j = 0; j < 10000; j++ ) - aes_crypt_ecb( &ctx, v, buf, buf ); + mbedtls_aes_crypt_ecb( &ctx, v, buf, buf ); if( memcmp( buf, aes_test_ecb_dec[u], 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; @@ -1233,15 +1272,15 @@ int aes_self_test( int verbose ) } else { - aes_setkey_enc( &ctx, key, 128 + u * 64 ); + mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 ); for( j = 0; j < 10000; j++ ) - aes_crypt_ecb( &ctx, v, buf, buf ); + mbedtls_aes_crypt_ecb( &ctx, v, buf, buf ); if( memcmp( buf, aes_test_ecb_enc[u], 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; @@ -1249,13 +1288,13 @@ int aes_self_test( int verbose ) } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /* * CBC mode */ @@ -1265,24 +1304,24 @@ int aes_self_test( int verbose ) v = i & 1; if( verbose != 0 ) - polarssl_printf( " AES-CBC-%3d (%s): ", 128 + u * 64, - ( v == AES_DECRYPT ) ? "dec" : "enc" ); + mbedtls_printf( " AES-CBC-%3d (%s): ", 128 + u * 64, + ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); memset( iv , 0, 16 ); memset( prv, 0, 16 ); memset( buf, 0, 16 ); - if( v == AES_DECRYPT ) + if( v == MBEDTLS_AES_DECRYPT ) { - aes_setkey_dec( &ctx, key, 128 + u * 64 ); + mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 ); for( j = 0; j < 10000; j++ ) - aes_crypt_cbc( &ctx, v, 16, iv, buf, buf ); + mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf ); if( memcmp( buf, aes_test_cbc_dec[u], 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; @@ -1290,13 +1329,13 @@ int aes_self_test( int verbose ) } else { - aes_setkey_enc( &ctx, key, 128 + u * 64 ); + mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 ); for( j = 0; j < 10000; j++ ) { unsigned char tmp[16]; - aes_crypt_cbc( &ctx, v, 16, iv, buf, buf ); + mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf ); memcpy( tmp, prv, 16 ); memcpy( prv, buf, 16 ); @@ -1306,7 +1345,7 @@ int aes_self_test( int verbose ) if( memcmp( prv, aes_test_cbc_enc[u], 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; @@ -1314,14 +1353,14 @@ int aes_self_test( int verbose ) } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); -#endif /* POLARSSL_CIPHER_MODE_CBC */ + mbedtls_printf( "\n" ); +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) /* * CFB128 mode */ @@ -1331,24 +1370,24 @@ int aes_self_test( int verbose ) v = i & 1; if( verbose != 0 ) - polarssl_printf( " AES-CFB128-%3d (%s): ", 128 + u * 64, - ( v == AES_DECRYPT ) ? "dec" : "enc" ); + mbedtls_printf( " AES-CFB128-%3d (%s): ", 128 + u * 64, + ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); memcpy( iv, aes_test_cfb128_iv, 16 ); memcpy( key, aes_test_cfb128_key[u], 16 + u * 8 ); offset = 0; - aes_setkey_enc( &ctx, key, 128 + u * 64 ); + mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 ); - if( v == AES_DECRYPT ) + if( v == MBEDTLS_AES_DECRYPT ) { memcpy( buf, aes_test_cfb128_ct[u], 64 ); - aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf ); + mbedtls_aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf ); if( memcmp( buf, aes_test_cfb128_pt, 64 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; @@ -1357,12 +1396,12 @@ int aes_self_test( int verbose ) else { memcpy( buf, aes_test_cfb128_pt, 64 ); - aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf ); + mbedtls_aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf ); if( memcmp( buf, aes_test_cfb128_ct[u], 64 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; @@ -1370,14 +1409,14 @@ int aes_self_test( int verbose ) } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); -#endif /* POLARSSL_CIPHER_MODE_CFB */ + mbedtls_printf( "\n" ); +#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) /* * CTR mode */ @@ -1387,27 +1426,27 @@ int aes_self_test( int verbose ) v = i & 1; if( verbose != 0 ) - polarssl_printf( " AES-CTR-128 (%s): ", - ( v == AES_DECRYPT ) ? "dec" : "enc" ); + mbedtls_printf( " AES-CTR-128 (%s): ", + ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 ); memcpy( key, aes_test_ctr_key[u], 16 ); offset = 0; - aes_setkey_enc( &ctx, key, 128 ); + mbedtls_aes_setkey_enc( &ctx, key, 128 ); - if( v == AES_DECRYPT ) + if( v == MBEDTLS_AES_DECRYPT ) { len = aes_test_ctr_len[u]; memcpy( buf, aes_test_ctr_ct[u], len ); - aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, + mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf ); if( memcmp( buf, aes_test_ctr_pt[u], len ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; @@ -1418,13 +1457,13 @@ int aes_self_test( int verbose ) len = aes_test_ctr_len[u]; memcpy( buf, aes_test_ctr_pt[u], len ); - aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, + mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf ); if( memcmp( buf, aes_test_ctr_ct[u], len ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; @@ -1432,21 +1471,21 @@ int aes_self_test( int verbose ) } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); -#endif /* POLARSSL_CIPHER_MODE_CTR */ + mbedtls_printf( "\n" ); +#endif /* MBEDTLS_CIPHER_MODE_CTR */ ret = 0; exit: - aes_free( &ctx ); + mbedtls_aes_free( &ctx ); return( ret ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_AES_C */ +#endif /* MBEDTLS_AES_C */ diff --git a/ext/mbedtls/library/aesni.c b/ext/mbedtls/library/aesni.c index 5315aba223..2165de77ea 100644 --- a/ext/mbedtls/library/aesni.c +++ b/ext/mbedtls/library/aesni.c @@ -25,24 +25,28 @@ * [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/ */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_AESNI_C) +#if defined(MBEDTLS_AESNI_C) -#include "polarssl/aesni.h" +#include "mbedtls/aesni.h" #include -#if defined(POLARSSL_HAVE_X86_64) +#ifndef asm +#define asm __asm +#endif + +#if defined(MBEDTLS_HAVE_X86_64) /* * AES-NI support detection routine */ -int aesni_supports( unsigned int what ) +int mbedtls_aesni_has_support( unsigned int what ) { static int done = 0; static unsigned int c = 0; @@ -89,7 +93,7 @@ int aesni_supports( unsigned int what ) /* * AES-NI AES-ECB block en(de)cryption */ -int aesni_crypt_ecb( aes_context *ctx, +int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, int mode, const unsigned char input[16], unsigned char output[16] ) @@ -135,7 +139,7 @@ int aesni_crypt_ecb( aes_context *ctx, * GCM multiplication: c = a times b in GF(2^128) * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5. */ -void aesni_gcm_mult( unsigned char c[16], +void mbedtls_aesni_gcm_mult( unsigned char c[16], const unsigned char a[16], const unsigned char b[16] ) { @@ -246,7 +250,7 @@ void aesni_gcm_mult( unsigned char c[16], /* * Compute decryption round keys from encryption round keys */ -void aesni_inverse_key( unsigned char *invkey, +void mbedtls_aesni_inverse_key( unsigned char *invkey, const unsigned char *fwdkey, int nr ) { unsigned char *ik = invkey; @@ -423,7 +427,7 @@ static void aesni_setkey_enc_256( unsigned char *rk, /* * Main "loop" - Generating one more key than necessary, - * see definition of aes_context.buf + * see definition of mbedtls_aes_context.buf */ "2: \n\t" AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t" @@ -441,7 +445,7 @@ static void aesni_setkey_enc_256( unsigned char *rk, /* * Key expansion, wrapper */ -int aesni_setkey_enc( unsigned char *rk, +int mbedtls_aesni_setkey_enc( unsigned char *rk, const unsigned char *key, size_t bits ) { @@ -450,12 +454,12 @@ int aesni_setkey_enc( unsigned char *rk, case 128: aesni_setkey_enc_128( rk, key ); break; case 192: aesni_setkey_enc_192( rk, key ); break; case 256: aesni_setkey_enc_256( rk, key ); break; - default : return( POLARSSL_ERR_AES_INVALID_KEY_LENGTH ); + default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); } return( 0 ); } -#endif /* POLARSSL_HAVE_X86_64 */ +#endif /* MBEDTLS_HAVE_X86_64 */ -#endif /* POLARSSL_AESNI_C */ +#endif /* MBEDTLS_AESNI_C */ diff --git a/ext/mbedtls/library/arc4.c b/ext/mbedtls/library/arc4.c index 309d16a85d..f11b5d66ba 100644 --- a/ext/mbedtls/library/arc4.c +++ b/ext/mbedtls/library/arc4.c @@ -25,51 +25,51 @@ * http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0 */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_ARC4_C) +#if defined(MBEDTLS_ARC4_C) -#include "polarssl/arc4.h" +#include "mbedtls/arc4.h" #include -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ -#if !defined(POLARSSL_ARC4_ALT) +#if !defined(MBEDTLS_ARC4_ALT) /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -void arc4_init( arc4_context *ctx ) +void mbedtls_arc4_init( mbedtls_arc4_context *ctx ) { - memset( ctx, 0, sizeof( arc4_context ) ); + memset( ctx, 0, sizeof( mbedtls_arc4_context ) ); } -void arc4_free( arc4_context *ctx ) +void mbedtls_arc4_free( mbedtls_arc4_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( arc4_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_arc4_context ) ); } /* * ARC4 key schedule */ -void arc4_setup( arc4_context *ctx, const unsigned char *key, +void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, unsigned int keylen ) { int i, j, a; @@ -99,7 +99,7 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key, /* * ARC4 cipher function */ -int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input, +int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, unsigned char *output ) { int x, y, a, b; @@ -128,9 +128,9 @@ int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input, return( 0 ); } -#endif /* !POLARSSL_ARC4_ALT */ +#endif /* !MBEDTLS_ARC4_ALT */ -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * ARC4 tests vectors as posted by Eric Rescorla in sep. 1994: * @@ -160,47 +160,47 @@ static const unsigned char arc4_test_ct[3][8] = /* * Checkup routine */ -int arc4_self_test( int verbose ) +int mbedtls_arc4_self_test( int verbose ) { int i, ret = 0; unsigned char ibuf[8]; unsigned char obuf[8]; - arc4_context ctx; + mbedtls_arc4_context ctx; - arc4_init( &ctx ); + mbedtls_arc4_init( &ctx ); for( i = 0; i < 3; i++ ) { if( verbose != 0 ) - polarssl_printf( " ARC4 test #%d: ", i + 1 ); + mbedtls_printf( " ARC4 test #%d: ", i + 1 ); memcpy( ibuf, arc4_test_pt[i], 8 ); - arc4_setup( &ctx, arc4_test_key[i], 8 ); - arc4_crypt( &ctx, 8, ibuf, obuf ); + mbedtls_arc4_setup( &ctx, arc4_test_key[i], 8 ); + mbedtls_arc4_crypt( &ctx, 8, ibuf, obuf ); if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); exit: - arc4_free( &ctx ); + mbedtls_arc4_free( &ctx ); return( ret ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_ARC4_C */ +#endif /* MBEDTLS_ARC4_C */ diff --git a/ext/mbedtls/library/asn1parse.c b/ext/mbedtls/library/asn1parse.c index e4f46eb0a3..e2c07023e9 100644 --- a/ext/mbedtls/library/asn1parse.c +++ b/ext/mbedtls/library/asn1parse.c @@ -20,44 +20,44 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_ASN1_PARSE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) -#include "polarssl/asn1.h" +#include "mbedtls/asn1.h" #include -#if defined(POLARSSL_BIGNUM_C) -#include "polarssl/bignum.h" +#if defined(MBEDTLS_BIGNUM_C) +#include "mbedtls/bignum.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_calloc calloc +#define mbedtls_free free #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } /* * ASN.1 DER decoding routines */ -int asn1_get_len( unsigned char **p, +int mbedtls_asn1_get_len( unsigned char **p, const unsigned char *end, size_t *len ) { if( ( end - *p ) < 1 ) - return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); if( ( **p & 0x80 ) == 0 ) *len = *(*p)++; @@ -67,7 +67,7 @@ int asn1_get_len( unsigned char **p, { case 1: if( ( end - *p ) < 2 ) - return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); *len = (*p)[1]; (*p) += 2; @@ -75,7 +75,7 @@ int asn1_get_len( unsigned char **p, case 2: if( ( end - *p ) < 3 ) - return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); *len = ( (size_t)(*p)[1] << 8 ) | (*p)[2]; (*p) += 3; @@ -83,7 +83,7 @@ int asn1_get_len( unsigned char **p, case 3: if( ( end - *p ) < 4 ) - return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); *len = ( (size_t)(*p)[1] << 16 ) | ( (size_t)(*p)[2] << 8 ) | (*p)[3]; @@ -92,7 +92,7 @@ int asn1_get_len( unsigned char **p, case 4: if( ( end - *p ) < 5 ) - return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); *len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) | ( (size_t)(*p)[3] << 8 ) | (*p)[4]; @@ -100,43 +100,43 @@ int asn1_get_len( unsigned char **p, break; default: - return( POLARSSL_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); } } if( *len > (size_t) ( end - *p ) ) - return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return( 0 ); } -int asn1_get_tag( unsigned char **p, +int mbedtls_asn1_get_tag( unsigned char **p, const unsigned char *end, size_t *len, int tag ) { if( ( end - *p ) < 1 ) - return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); if( **p != tag ) - return( POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); (*p)++; - return( asn1_get_len( p, end, len ) ); + return( mbedtls_asn1_get_len( p, end, len ) ); } -int asn1_get_bool( unsigned char **p, +int mbedtls_asn1_get_bool( unsigned char **p, const unsigned char *end, int *val ) { int ret; size_t len; - if( ( ret = asn1_get_tag( p, end, &len, ASN1_BOOLEAN ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 ) return( ret ); if( len != 1 ) - return( POLARSSL_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); *val = ( **p != 0 ) ? 1 : 0; (*p)++; @@ -144,18 +144,18 @@ int asn1_get_bool( unsigned char **p, return( 0 ); } -int asn1_get_int( unsigned char **p, +int mbedtls_asn1_get_int( unsigned char **p, const unsigned char *end, int *val ) { int ret; size_t len; - if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) return( ret ); if( len > sizeof( int ) || ( **p & 0x80 ) != 0 ) - return( POLARSSL_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); *val = 0; @@ -168,43 +168,43 @@ int asn1_get_int( unsigned char **p, return( 0 ); } -#if defined(POLARSSL_BIGNUM_C) -int asn1_get_mpi( unsigned char **p, +#if defined(MBEDTLS_BIGNUM_C) +int mbedtls_asn1_get_mpi( unsigned char **p, const unsigned char *end, - mpi *X ) + mbedtls_mpi *X ) { int ret; size_t len; - if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) return( ret ); - ret = mpi_read_binary( X, *p, len ); + ret = mbedtls_mpi_read_binary( X, *p, len ); *p += len; return( ret ); } -#endif /* POLARSSL_BIGNUM_C */ +#endif /* MBEDTLS_BIGNUM_C */ -int asn1_get_bitstring( unsigned char **p, const unsigned char *end, - asn1_bitstring *bs) +int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, + mbedtls_asn1_bitstring *bs) { int ret; /* Certificate type is a single byte bitstring */ - if( ( ret = asn1_get_tag( p, end, &bs->len, ASN1_BIT_STRING ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) return( ret ); /* Check length, subtract one for actual bit string length */ if( bs->len < 1 ) - return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); bs->len -= 1; /* Get number of unused bits, ensure unused bits <= 7 */ bs->unused_bits = **p; if( bs->unused_bits > 7 ) - return( POLARSSL_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); (*p)++; /* Get actual bitstring */ @@ -212,7 +212,7 @@ int asn1_get_bitstring( unsigned char **p, const unsigned char *end, *p += bs->len; if( *p != end ) - return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } @@ -220,16 +220,16 @@ int asn1_get_bitstring( unsigned char **p, const unsigned char *end, /* * Get a bit string without unused bits */ -int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, +int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, size_t *len ) { int ret; - if( ( ret = asn1_get_tag( p, end, len, ASN1_BIT_STRING ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) return( ret ); if( (*len)-- < 2 || *(*p)++ != 0 ) - return( POLARSSL_ERR_ASN1_INVALID_DATA ); + return( MBEDTLS_ERR_ASN1_INVALID_DATA ); return( 0 ); } @@ -239,29 +239,29 @@ int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, /* * Parses and splits an ASN.1 "SEQUENCE OF " */ -int asn1_get_sequence_of( unsigned char **p, +int mbedtls_asn1_get_sequence_of( unsigned char **p, const unsigned char *end, - asn1_sequence *cur, + mbedtls_asn1_sequence *cur, int tag) { int ret; size_t len; - asn1_buf *buf; + mbedtls_asn1_buf *buf; /* Get main sequence tag */ - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) return( ret ); if( *p + len != end ) - return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); while( *p < end ) { buf = &(cur->buf); buf->tag = **p; - if( ( ret = asn1_get_tag( p, end, &buf->len, tag ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &buf->len, tag ) ) != 0 ) return( ret ); buf->p = *p; @@ -270,12 +270,10 @@ int asn1_get_sequence_of( unsigned char **p, /* Allocate and assign next pointer */ if( *p < end ) { - cur->next = polarssl_malloc( sizeof( asn1_sequence ) ); + cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); if( cur->next == NULL ) - return( POLARSSL_ERR_ASN1_MALLOC_FAILED ); - - memset( cur->next, 0, sizeof( asn1_sequence ) ); + return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); cur = cur->next; } @@ -285,29 +283,29 @@ int asn1_get_sequence_of( unsigned char **p, cur->next = NULL; if( *p != end ) - return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } -int asn1_get_alg( unsigned char **p, +int mbedtls_asn1_get_alg( unsigned char **p, const unsigned char *end, - asn1_buf *alg, asn1_buf *params ) + mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ) { int ret; size_t len; - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) return( ret ); if( ( end - *p ) < 1 ) - return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); alg->tag = **p; end = *p + len; - if( ( ret = asn1_get_tag( p, end, &alg->len, ASN1_OID ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &alg->len, MBEDTLS_ASN1_OID ) ) != 0 ) return( ret ); alg->p = *p; @@ -315,67 +313,67 @@ int asn1_get_alg( unsigned char **p, if( *p == end ) { - polarssl_zeroize( params, sizeof(asn1_buf) ); + mbedtls_zeroize( params, sizeof(mbedtls_asn1_buf) ); return( 0 ); } params->tag = **p; (*p)++; - if( ( ret = asn1_get_len( p, end, ¶ms->len ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_len( p, end, ¶ms->len ) ) != 0 ) return( ret ); params->p = *p; *p += params->len; if( *p != end ) - return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } -int asn1_get_alg_null( unsigned char **p, +int mbedtls_asn1_get_alg_null( unsigned char **p, const unsigned char *end, - asn1_buf *alg ) + mbedtls_asn1_buf *alg ) { int ret; - asn1_buf params; + mbedtls_asn1_buf params; - memset( ¶ms, 0, sizeof(asn1_buf) ); + memset( ¶ms, 0, sizeof(mbedtls_asn1_buf) ); - if( ( ret = asn1_get_alg( p, end, alg, ¶ms ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_alg( p, end, alg, ¶ms ) ) != 0 ) return( ret ); - if( ( params.tag != ASN1_NULL && params.tag != 0 ) || params.len != 0 ) - return( POLARSSL_ERR_ASN1_INVALID_DATA ); + if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 ) + return( MBEDTLS_ERR_ASN1_INVALID_DATA ); return( 0 ); } -void asn1_free_named_data( asn1_named_data *cur ) +void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur ) { if( cur == NULL ) return; - polarssl_free( cur->oid.p ); - polarssl_free( cur->val.p ); + mbedtls_free( cur->oid.p ); + mbedtls_free( cur->val.p ); - polarssl_zeroize( cur, sizeof( asn1_named_data ) ); + mbedtls_zeroize( cur, sizeof( mbedtls_asn1_named_data ) ); } -void asn1_free_named_data_list( asn1_named_data **head ) +void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ) { - asn1_named_data *cur; + mbedtls_asn1_named_data *cur; while( ( cur = *head ) != NULL ) { *head = cur->next; - asn1_free_named_data( cur ); - polarssl_free( cur ); + mbedtls_asn1_free_named_data( cur ); + mbedtls_free( cur ); } } -asn1_named_data *asn1_find_named_data( asn1_named_data *list, +mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list, const char *oid, size_t len ) { while( list != NULL ) @@ -392,4 +390,4 @@ asn1_named_data *asn1_find_named_data( asn1_named_data *list, return( list ); } -#endif /* POLARSSL_ASN1_PARSE_C */ +#endif /* MBEDTLS_ASN1_PARSE_C */ diff --git a/ext/mbedtls/library/asn1write.c b/ext/mbedtls/library/asn1write.c index df9442ef85..f5b1849eae 100644 --- a/ext/mbedtls/library/asn1write.c +++ b/ext/mbedtls/library/asn1write.c @@ -20,32 +20,32 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_ASN1_WRITE_C) +#if defined(MBEDTLS_ASN1_WRITE_C) -#include "polarssl/asn1write.h" +#include "mbedtls/asn1write.h" #include -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_calloc calloc +#define mbedtls_free free #endif -int asn1_write_len( unsigned char **p, unsigned char *start, size_t len ) +int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len ) { if( len < 0x80 ) { if( *p - start < 1 ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); *--(*p) = (unsigned char) len; return( 1 ); @@ -54,7 +54,7 @@ int asn1_write_len( unsigned char **p, unsigned char *start, size_t len ) if( len <= 0xFF ) { if( *p - start < 2 ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); *--(*p) = (unsigned char) len; *--(*p) = 0x81; @@ -62,7 +62,7 @@ int asn1_write_len( unsigned char **p, unsigned char *start, size_t len ) } if( *p - start < 3 ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); // We assume we never have lengths larger than 65535 bytes // @@ -73,23 +73,23 @@ int asn1_write_len( unsigned char **p, unsigned char *start, size_t len ) return( 3 ); } -int asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag ) +int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag ) { if( *p - start < 1 ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); *--(*p) = tag; return( 1 ); } -int asn1_write_raw_buffer( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t size ) { size_t len = 0; if( *p - start < (int) size ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); len = size; (*p) -= len; @@ -98,21 +98,21 @@ int asn1_write_raw_buffer( unsigned char **p, unsigned char *start, return( (int) len ); } -#if defined(POLARSSL_BIGNUM_C) -int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X ) +#if defined(MBEDTLS_BIGNUM_C) +int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X ) { int ret; size_t len = 0; // Write the MPI // - len = mpi_size( X ); + len = mbedtls_mpi_size( X ); if( *p - start < (int) len ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); (*p) -= len; - MPI_CHK( mpi_write_binary( X, *p, len ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, *p, len ) ); // DER format assumes 2s complement for numbers, so the leftmost bit // should be 0 for positive numbers and 1 for negative numbers. @@ -120,50 +120,50 @@ int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X ) if( X->s ==1 && **p & 0x80 ) { if( *p - start < 1 ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); *--(*p) = 0x00; len += 1; } - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) ); ret = (int) len; cleanup: return( ret ); } -#endif /* POLARSSL_BIGNUM_C */ +#endif /* MBEDTLS_BIGNUM_C */ -int asn1_write_null( unsigned char **p, unsigned char *start ) +int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ) { int ret; size_t len = 0; // Write NULL // - ASN1_CHK_ADD( len, asn1_write_len( p, start, 0) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_NULL ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, 0) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_NULL ) ); return( (int) len ); } -int asn1_write_oid( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start, const char *oid, size_t oid_len ) { int ret; size_t len = 0; - ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, (const unsigned char *) oid, oid_len ) ); - ASN1_CHK_ADD( len , asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len , asn1_write_tag( p, start, ASN1_OID ) ); + MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) ); return( (int) len ); } -int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, const char *oid, size_t oid_len, size_t par_len ) { @@ -171,37 +171,37 @@ int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, size_t len = 0; if( par_len == 0 ) - ASN1_CHK_ADD( len, asn1_write_null( p, start ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) ); else len += par_len; - ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) ); - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); return( (int) len ); } -int asn1_write_bool( unsigned char **p, unsigned char *start, int boolean ) +int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean ) { int ret; size_t len = 0; if( *p - start < 1 ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); *--(*p) = (boolean) ? 1 : 0; len++; - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BOOLEAN ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BOOLEAN ) ); return( (int) len ); } -int asn1_write_int( unsigned char **p, unsigned char *start, int val ) +int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ) { int ret; size_t len = 0; @@ -211,7 +211,7 @@ int asn1_write_int( unsigned char **p, unsigned char *start, int val ) // should be 0 for positive numbers and 1 for negative numbers. // if( *p - start < 1 ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); len += 1; *--(*p) = val; @@ -219,49 +219,49 @@ int asn1_write_int( unsigned char **p, unsigned char *start, int val ) if( val > 0 && **p & 0x80 ) { if( *p - start < 1 ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); *--(*p) = 0x00; len += 1; } - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) ); return( (int) len ); } -int asn1_write_printable_string( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start, const char *text, size_t text_len ) { int ret; size_t len = 0; - ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, (const unsigned char *) text, text_len ) ); - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_PRINTABLE_STRING ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_PRINTABLE_STRING ) ); return( (int) len ); } -int asn1_write_ia5_string( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, const char *text, size_t text_len ) { int ret; size_t len = 0; - ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, (const unsigned char *) text, text_len ) ); - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_IA5_STRING ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_IA5_STRING ) ); return( (int) len ); } -int asn1_write_bitstring( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t bits ) { int ret; @@ -272,7 +272,7 @@ int asn1_write_bitstring( unsigned char **p, unsigned char *start, // Calculate byte length // if( *p - start < (int) size + 1 ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); len = size + 1; (*p) -= size; @@ -282,58 +282,56 @@ int asn1_write_bitstring( unsigned char **p, unsigned char *start, // *--(*p) = (unsigned char) (size * 8 - bits); - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BIT_STRING ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) ); return( (int) len ); } -int asn1_write_octet_string( unsigned char **p, unsigned char *start, +int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, const unsigned char *buf, size_t size ) { int ret; size_t len = 0; - ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, buf, size ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) ); - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_OCTET_STRING ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) ); return( (int) len ); } -asn1_named_data *asn1_store_named_data( asn1_named_data **head, +mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len ) { - asn1_named_data *cur; + mbedtls_asn1_named_data *cur; - if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL ) + if( ( cur = mbedtls_asn1_find_named_data( *head, oid, oid_len ) ) == NULL ) { // Add new entry if not present yet based on OID // - if( ( cur = polarssl_malloc( sizeof(asn1_named_data) ) ) == NULL ) + if( ( cur = mbedtls_calloc( 1, sizeof(mbedtls_asn1_named_data) ) ) == NULL ) return( NULL ); - memset( cur, 0, sizeof(asn1_named_data) ); - cur->oid.len = oid_len; - cur->oid.p = polarssl_malloc( oid_len ); + cur->oid.p = mbedtls_calloc( 1, oid_len ); if( cur->oid.p == NULL ) { - polarssl_free( cur ); + mbedtls_free( cur ); return( NULL ); } memcpy( cur->oid.p, oid, oid_len ); cur->val.len = val_len; - cur->val.p = polarssl_malloc( val_len ); + cur->val.p = mbedtls_calloc( 1, val_len ); if( cur->val.p == NULL ) { - polarssl_free( cur->oid.p ); - polarssl_free( cur ); + mbedtls_free( cur->oid.p ); + mbedtls_free( cur ); return( NULL ); } @@ -344,15 +342,15 @@ asn1_named_data *asn1_store_named_data( asn1_named_data **head, { // Enlarge existing value buffer if needed // - polarssl_free( cur->val.p ); + mbedtls_free( cur->val.p ); cur->val.p = NULL; cur->val.len = val_len; - cur->val.p = polarssl_malloc( val_len ); + cur->val.p = mbedtls_calloc( 1, val_len ); if( cur->val.p == NULL ) { - polarssl_free( cur->oid.p ); - polarssl_free( cur ); + mbedtls_free( cur->oid.p ); + mbedtls_free( cur ); return( NULL ); } } @@ -362,4 +360,4 @@ asn1_named_data *asn1_store_named_data( asn1_named_data **head, return( cur ); } -#endif /* POLARSSL_ASN1_WRITE_C */ +#endif /* MBEDTLS_ASN1_WRITE_C */ diff --git a/ext/mbedtls/library/base64.c b/ext/mbedtls/library/base64.c index ac922a4744..4fa434d186 100644 --- a/ext/mbedtls/library/base64.c +++ b/ext/mbedtls/library/base64.c @@ -20,32 +20,27 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_BASE64_C) +#if defined(MBEDTLS_BASE64_C) -#include "polarssl/base64.h" +#include "mbedtls/base64.h" -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif +#include -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) #include -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ static const unsigned char base64_enc_map[64] = { @@ -78,7 +73,7 @@ static const unsigned char base64_dec_map[128] = /* * Encode a buffer into base64 format */ -int base64_encode( unsigned char *dst, size_t *dlen, +int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, const unsigned char *src, size_t slen ) { size_t i, n; @@ -87,7 +82,7 @@ int base64_encode( unsigned char *dst, size_t *dlen, if( slen == 0 ) { - *dlen = 0; + *olen = 0; return( 0 ); } @@ -100,10 +95,10 @@ int base64_encode( unsigned char *dst, size_t *dlen, default: break; } - if( *dlen < n + 1 ) + if( dlen < n + 1 ) { - *dlen = n + 1; - return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL ); + *olen = n + 1; + return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); } n = ( slen / 3 ) * 3; @@ -135,7 +130,7 @@ int base64_encode( unsigned char *dst, size_t *dlen, *p++ = '='; } - *dlen = p - dst; + *olen = p - dst; *p = 0; return( 0 ); @@ -144,7 +139,7 @@ int base64_encode( unsigned char *dst, size_t *dlen, /* * Decode a base64-formatted buffer */ -int base64_decode( unsigned char *dst, size_t *dlen, +int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, const unsigned char *src, size_t slen ) { size_t i, n; @@ -175,16 +170,16 @@ int base64_decode( unsigned char *dst, size_t *dlen, /* Space inside a line is an error */ if( x != 0 ) - return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); + return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); if( src[i] == '=' && ++j > 2 ) - return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); + return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); if( src[i] > 127 || base64_dec_map[src[i]] == 127 ) - return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); + return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); if( base64_dec_map[src[i]] < 64 && j != 0 ) - return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); + return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); n++; } @@ -195,10 +190,10 @@ int base64_decode( unsigned char *dst, size_t *dlen, n = ( ( n * 6 ) + 7 ) >> 3; n -= j; - if( dst == NULL || *dlen < n ) + if( dst == NULL || dlen < n ) { - *dlen = n; - return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL ); + *olen = n; + return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); } for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ ) @@ -218,12 +213,12 @@ int base64_decode( unsigned char *dst, size_t *dlen, } } - *dlen = p - dst; + *olen = p - dst; return( 0 ); } -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) static const unsigned char base64_test_dec[64] = { @@ -244,48 +239,46 @@ static const unsigned char base64_test_enc[] = /* * Checkup routine */ -int base64_self_test( int verbose ) +int mbedtls_base64_self_test( int verbose ) { size_t len; const unsigned char *src; unsigned char buffer[128]; if( verbose != 0 ) - polarssl_printf( " Base64 encoding test: " ); + mbedtls_printf( " Base64 encoding test: " ); - len = sizeof( buffer ); src = base64_test_dec; - if( base64_encode( buffer, &len, src, 64 ) != 0 || + if( mbedtls_base64_encode( buffer, sizeof( buffer ), &len, src, 64 ) != 0 || memcmp( base64_test_enc, buffer, 88 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) - polarssl_printf( "passed\n Base64 decoding test: " ); + mbedtls_printf( "passed\n Base64 decoding test: " ); - len = sizeof( buffer ); src = base64_test_enc; - if( base64_decode( buffer, &len, src, 88 ) != 0 || + if( mbedtls_base64_decode( buffer, sizeof( buffer ), &len, src, 88 ) != 0 || memcmp( base64_test_dec, buffer, 64 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) - polarssl_printf( "passed\n\n" ); + mbedtls_printf( "passed\n\n" ); return( 0 ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_BASE64_C */ +#endif /* MBEDTLS_BASE64_C */ diff --git a/ext/mbedtls/library/bignum.c b/ext/mbedtls/library/bignum.c index f479bc9edc..ad0aa2cda4 100644 --- a/ext/mbedtls/library/bignum.c +++ b/ext/mbedtls/library/bignum.c @@ -23,39 +23,39 @@ * This MPI implementation is based on: * * http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf - * http://www.stillhq.com/extracted/gnupg-api/mpi/ + * http://www.stillhq.com/extracted/gnupg-api/mbedtls_mpi/ * http://math.libtomcrypt.com/files/tommath.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_BIGNUM_C) +#if defined(MBEDTLS_BIGNUM_C) -#include "polarssl/bignum.h" -#include "polarssl/bn_mul.h" +#include "mbedtls/bignum.h" +#include "mbedtls/bn_mul.h" #include -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include #include -#define polarssl_printf printf -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_printf printf +#define mbedtls_calloc calloc +#define mbedtls_free free #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -#define ciL (sizeof(t_uint)) /* chars in limb */ +#define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */ #define biL (ciL << 3) /* bits in limb */ #define biH (ciL << 2) /* half limb size */ @@ -68,7 +68,7 @@ static void polarssl_zeroize( void *v, size_t n ) { /* * Initialize one MPI */ -void mpi_init( mpi *X ) +void mbedtls_mpi_init( mbedtls_mpi *X ) { if( X == NULL ) return; @@ -81,15 +81,15 @@ void mpi_init( mpi *X ) /* * Unallocate one MPI */ -void mpi_free( mpi *X ) +void mbedtls_mpi_free( mbedtls_mpi *X ) { if( X == NULL ) return; if( X->p != NULL ) { - polarssl_zeroize( X->p, X->n * ciL ); - polarssl_free( X->p ); + mbedtls_zeroize( X->p, X->n * ciL ); + mbedtls_free( X->p ); } X->s = 1; @@ -100,25 +100,23 @@ void mpi_free( mpi *X ) /* * Enlarge to the specified number of limbs */ -int mpi_grow( mpi *X, size_t nblimbs ) +int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ) { - t_uint *p; + mbedtls_mpi_uint *p; - if( nblimbs > POLARSSL_MPI_MAX_LIMBS ) - return( POLARSSL_ERR_MPI_MALLOC_FAILED ); + if( nblimbs > MBEDTLS_MPI_MAX_LIMBS ) + return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); if( X->n < nblimbs ) { - if( ( p = polarssl_malloc( nblimbs * ciL ) ) == NULL ) - return( POLARSSL_ERR_MPI_MALLOC_FAILED ); - - memset( p, 0, nblimbs * ciL ); + if( ( p = mbedtls_calloc( nblimbs, ciL ) ) == NULL ) + return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); if( X->p != NULL ) { memcpy( p, X->p, X->n * ciL ); - polarssl_zeroize( X->p, X->n * ciL ); - polarssl_free( X->p ); + mbedtls_zeroize( X->p, X->n * ciL ); + mbedtls_free( X->p ); } X->n = nblimbs; @@ -132,14 +130,14 @@ int mpi_grow( mpi *X, size_t nblimbs ) * Resize down as much as possible, * while keeping at least the specified number of limbs */ -int mpi_shrink( mpi *X, size_t nblimbs ) +int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ) { - t_uint *p; + mbedtls_mpi_uint *p; size_t i; /* Actually resize up in this case */ if( X->n <= nblimbs ) - return( mpi_grow( X, nblimbs ) ); + return( mbedtls_mpi_grow( X, nblimbs ) ); for( i = X->n - 1; i > 0; i-- ) if( X->p[i] != 0 ) @@ -149,16 +147,14 @@ int mpi_shrink( mpi *X, size_t nblimbs ) if( i < nblimbs ) i = nblimbs; - if( ( p = polarssl_malloc( i * ciL ) ) == NULL ) - return( POLARSSL_ERR_MPI_MALLOC_FAILED ); - - memset( p, 0, i * ciL ); + if( ( p = mbedtls_calloc( i, ciL ) ) == NULL ) + return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); if( X->p != NULL ) { memcpy( p, X->p, i * ciL ); - polarssl_zeroize( X->p, X->n * ciL ); - polarssl_free( X->p ); + mbedtls_zeroize( X->p, X->n * ciL ); + mbedtls_free( X->p ); } X->n = i; @@ -170,7 +166,7 @@ int mpi_shrink( mpi *X, size_t nblimbs ) /* * Copy the contents of Y into X */ -int mpi_copy( mpi *X, const mpi *Y ) +int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ) { int ret; size_t i; @@ -180,7 +176,7 @@ int mpi_copy( mpi *X, const mpi *Y ) if( Y->p == NULL ) { - mpi_free( X ); + mbedtls_mpi_free( X ); return( 0 ); } @@ -191,7 +187,7 @@ int mpi_copy( mpi *X, const mpi *Y ) X->s = Y->s; - MPI_CHK( mpi_grow( X, i ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i ) ); memset( X->p, 0, X->n * ciL ); memcpy( X->p, Y->p, i * ciL ); @@ -204,13 +200,13 @@ cleanup: /* * Swap the contents of X and Y */ -void mpi_swap( mpi *X, mpi *Y ) +void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ) { - mpi T; + mbedtls_mpi T; - memcpy( &T, X, sizeof( mpi ) ); - memcpy( X, Y, sizeof( mpi ) ); - memcpy( Y, &T, sizeof( mpi ) ); + memcpy( &T, X, sizeof( mbedtls_mpi ) ); + memcpy( X, Y, sizeof( mbedtls_mpi ) ); + memcpy( Y, &T, sizeof( mbedtls_mpi ) ); } /* @@ -218,7 +214,7 @@ void mpi_swap( mpi *X, mpi *Y ) * about whether the assignment was made or not. * (Leaking information about the respective sizes of X and Y is ok however.) */ -int mpi_safe_cond_assign( mpi *X, const mpi *Y, unsigned char assign ) +int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign ) { int ret = 0; size_t i; @@ -226,7 +222,7 @@ int mpi_safe_cond_assign( mpi *X, const mpi *Y, unsigned char assign ) /* make sure assign is 0 or 1 in a time-constant manner */ assign = (assign | (unsigned char)-assign) >> 7; - MPI_CHK( mpi_grow( X, Y->n ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) ); X->s = X->s * ( 1 - assign ) + Y->s * assign; @@ -246,11 +242,11 @@ cleanup: * Here it is not ok to simply swap the pointers, which whould lead to * different memory access patterns when X and Y are used afterwards. */ -int mpi_safe_cond_swap( mpi *X, mpi *Y, unsigned char swap ) +int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap ) { int ret, s; size_t i; - t_uint tmp; + mbedtls_mpi_uint tmp; if( X == Y ) return( 0 ); @@ -258,8 +254,8 @@ int mpi_safe_cond_swap( mpi *X, mpi *Y, unsigned char swap ) /* make sure swap is 0 or 1 in a time-constant manner */ swap = (swap | (unsigned char)-swap) >> 7; - MPI_CHK( mpi_grow( X, Y->n ) ); - MPI_CHK( mpi_grow( Y, X->n ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( Y, X->n ) ); s = X->s; X->s = X->s * ( 1 - swap ) + Y->s * swap; @@ -280,11 +276,11 @@ cleanup: /* * Set value from integer */ -int mpi_lset( mpi *X, t_sint z ) +int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ) { int ret; - MPI_CHK( mpi_grow( X, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, 1 ) ); memset( X->p, 0, X->n * ciL ); X->p[0] = ( z < 0 ) ? -z : z; @@ -298,7 +294,7 @@ cleanup: /* * Get a specific bit */ -int mpi_get_bit( const mpi *X, size_t pos ) +int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos ) { if( X->n * biL <= pos ) return( 0 ); @@ -309,25 +305,25 @@ int mpi_get_bit( const mpi *X, size_t pos ) /* * Set a bit to a specific value of 0 or 1 */ -int mpi_set_bit( mpi *X, size_t pos, unsigned char val ) +int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val ) { int ret = 0; size_t off = pos / biL; size_t idx = pos % biL; if( val != 0 && val != 1 ) - return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); if( X->n * biL <= pos ) { if( val == 0 ) return( 0 ); - MPI_CHK( mpi_grow( X, off + 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, off + 1 ) ); } - X->p[off] &= ~( (t_uint) 0x01 << idx ); - X->p[off] |= (t_uint) val << idx; + X->p[off] &= ~( (mbedtls_mpi_uint) 0x01 << idx ); + X->p[off] |= (mbedtls_mpi_uint) val << idx; cleanup: @@ -335,9 +331,9 @@ cleanup: } /* - * Return the number of least significant bits + * Return the number of less significant zero-bits */ -size_t mpi_lsb( const mpi *X ) +size_t mbedtls_mpi_lsb( const mbedtls_mpi *X ) { size_t i, j, count = 0; @@ -350,9 +346,9 @@ size_t mpi_lsb( const mpi *X ) } /* - * Return the number of most significant bits + * Return the number of bits */ -size_t mpi_msb( const mpi *X ) +size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X ) { size_t i, j; @@ -373,15 +369,15 @@ size_t mpi_msb( const mpi *X ) /* * Return the total size in bytes */ -size_t mpi_size( const mpi *X ) +size_t mbedtls_mpi_size( const mbedtls_mpi *X ) { - return( ( mpi_msb( X ) + 7 ) >> 3 ); + return( ( mbedtls_mpi_bitlen( X ) + 7 ) >> 3 ); } /* * Convert an ASCII character to digit value */ -static int mpi_get_digit( t_uint *d, int radix, char c ) +static int mpi_get_digit( mbedtls_mpi_uint *d, int radix, char c ) { *d = 255; @@ -389,8 +385,8 @@ static int mpi_get_digit( t_uint *d, int radix, char c ) if( c >= 0x41 && c <= 0x46 ) *d = c - 0x37; if( c >= 0x61 && c <= 0x66 ) *d = c - 0x57; - if( *d >= (t_uint) radix ) - return( POLARSSL_ERR_MPI_INVALID_CHARACTER ); + if( *d >= (mbedtls_mpi_uint) radix ) + return( MBEDTLS_ERR_MPI_INVALID_CHARACTER ); return( 0 ); } @@ -398,17 +394,17 @@ static int mpi_get_digit( t_uint *d, int radix, char c ) /* * Import from an ASCII string */ -int mpi_read_string( mpi *X, int radix, const char *s ) +int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ) { int ret; size_t i, j, slen, n; - t_uint d; - mpi T; + mbedtls_mpi_uint d; + mbedtls_mpi T; if( radix < 2 || radix > 16 ) - return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - mpi_init( &T ); + mbedtls_mpi_init( &T ); slen = strlen( s ); @@ -416,8 +412,8 @@ int mpi_read_string( mpi *X, int radix, const char *s ) { n = BITS_TO_LIMBS( slen << 2 ); - MPI_CHK( mpi_grow( X, n ) ); - MPI_CHK( mpi_lset( X, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, n ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); for( i = slen, j = 0; i > 0; i--, j++ ) { @@ -427,13 +423,13 @@ int mpi_read_string( mpi *X, int radix, const char *s ) break; } - MPI_CHK( mpi_get_digit( &d, radix, s[i - 1] ) ); + MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i - 1] ) ); X->p[j / ( 2 * ciL )] |= d << ( ( j % ( 2 * ciL ) ) << 2 ); } } else { - MPI_CHK( mpi_lset( X, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); for( i = 0; i < slen; i++ ) { @@ -443,23 +439,23 @@ int mpi_read_string( mpi *X, int radix, const char *s ) continue; } - MPI_CHK( mpi_get_digit( &d, radix, s[i] ) ); - MPI_CHK( mpi_mul_int( &T, X, radix ) ); + MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i] ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T, X, radix ) ); if( X->s == 1 ) { - MPI_CHK( mpi_add_int( X, &T, d ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, &T, d ) ); } else { - MPI_CHK( mpi_sub_int( X, &T, d ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( X, &T, d ) ); } } } cleanup: - mpi_free( &T ); + mbedtls_mpi_free( &T ); return( ret ); } @@ -467,19 +463,19 @@ cleanup: /* * Helper to write the digits high-order first */ -static int mpi_write_hlp( mpi *X, int radix, char **p ) +static int mpi_write_hlp( mbedtls_mpi *X, int radix, char **p ) { int ret; - t_uint r; + mbedtls_mpi_uint r; if( radix < 2 || radix > 16 ) - return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - MPI_CHK( mpi_mod_int( &r, X, radix ) ); - MPI_CHK( mpi_div_int( X, NULL, X, radix ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, radix ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_div_int( X, NULL, X, radix ) ); - if( mpi_cmp_int( X, 0 ) != 0 ) - MPI_CHK( mpi_write_hlp( X, radix, p ) ); + if( mbedtls_mpi_cmp_int( X, 0 ) != 0 ) + MBEDTLS_MPI_CHK( mpi_write_hlp( X, radix, p ) ); if( r < 10 ) *(*p)++ = (char)( r + 0x30 ); @@ -494,29 +490,30 @@ cleanup: /* * Export into an ASCII string */ -int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen ) +int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, + char *buf, size_t buflen, size_t *olen ) { int ret = 0; size_t n; char *p; - mpi T; + mbedtls_mpi T; if( radix < 2 || radix > 16 ) - return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - n = mpi_msb( X ); + n = mbedtls_mpi_bitlen( X ); if( radix >= 4 ) n >>= 1; if( radix >= 16 ) n >>= 1; n += 3; - if( *slen < n ) + if( buflen < n ) { - *slen = n; - return( POLARSSL_ERR_MPI_BUFFER_TOO_SMALL ); + *olen = n; + return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); } - p = s; - mpi_init( &T ); + p = buf; + mbedtls_mpi_init( &T ); if( X->s == -1 ) *p++ = '-'; @@ -543,46 +540,46 @@ int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen ) } else { - MPI_CHK( mpi_copy( &T, X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T, X ) ); if( T.s == -1 ) T.s = 1; - MPI_CHK( mpi_write_hlp( &T, radix, &p ) ); + MBEDTLS_MPI_CHK( mpi_write_hlp( &T, radix, &p ) ); } *p++ = '\0'; - *slen = p - s; + *olen = p - buf; cleanup: - mpi_free( &T ); + mbedtls_mpi_free( &T ); return( ret ); } -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /* * Read X from an opened file */ -int mpi_read_file( mpi *X, int radix, FILE *fin ) +int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ) { - t_uint d; + mbedtls_mpi_uint d; size_t slen; char *p; /* * Buffer should have space for (short) label and decimal formatted MPI, * newline characters and '\0' */ - char s[ POLARSSL_MPI_RW_BUFFER_SIZE ]; + char s[ MBEDTLS_MPI_RW_BUFFER_SIZE ]; memset( s, 0, sizeof( s ) ); if( fgets( s, sizeof( s ) - 1, fin ) == NULL ) - return( POLARSSL_ERR_MPI_FILE_IO_ERROR ); + return( MBEDTLS_ERR_MPI_FILE_IO_ERROR ); slen = strlen( s ); if( slen == sizeof( s ) - 2 ) - return( POLARSSL_ERR_MPI_BUFFER_TOO_SMALL ); + return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); if( s[slen - 1] == '\n' ) { slen--; s[slen] = '\0'; } if( s[slen - 1] == '\r' ) { slen--; s[slen] = '\0'; } @@ -592,13 +589,13 @@ int mpi_read_file( mpi *X, int radix, FILE *fin ) if( mpi_get_digit( &d, radix, *p ) != 0 ) break; - return( mpi_read_string( X, radix, p + 1 ) ); + return( mbedtls_mpi_read_string( X, radix, p + 1 ) ); } /* * Write X into an opened file (or stdout if fout == NULL) */ -int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ) +int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE *fout ) { int ret; size_t n, slen, plen; @@ -606,13 +603,11 @@ int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ) * Buffer should have space for (short) label and decimal formatted MPI, * newline characters and '\0' */ - char s[ POLARSSL_MPI_RW_BUFFER_SIZE ]; + char s[ MBEDTLS_MPI_RW_BUFFER_SIZE ]; - n = sizeof( s ); - memset( s, 0, n ); - n -= 2; + memset( s, 0, sizeof( s ) ); - MPI_CHK( mpi_write_string( X, radix, s, (size_t *) &n ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_string( X, radix, s, sizeof( s ) - 2, &n ) ); if( p == NULL ) p = ""; @@ -625,21 +620,21 @@ int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ) { if( fwrite( p, 1, plen, fout ) != plen || fwrite( s, 1, slen, fout ) != slen ) - return( POLARSSL_ERR_MPI_FILE_IO_ERROR ); + return( MBEDTLS_ERR_MPI_FILE_IO_ERROR ); } else - polarssl_printf( "%s%s", p, s ); + mbedtls_printf( "%s%s", p, s ); cleanup: return( ret ); } -#endif /* POLARSSL_FS_IO */ +#endif /* MBEDTLS_FS_IO */ /* * Import X from unsigned binary data, big endian */ -int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen ) +int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen ) { int ret; size_t i, j, n; @@ -648,11 +643,11 @@ int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen ) if( buf[n] != 0 ) break; - MPI_CHK( mpi_grow( X, CHARS_TO_LIMBS( buflen - n ) ) ); - MPI_CHK( mpi_lset( X, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, CHARS_TO_LIMBS( buflen - n ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); for( i = buflen, j = 0; i > n; i--, j++ ) - X->p[j / ciL] |= ((t_uint) buf[i - 1]) << ((j % ciL) << 3); + X->p[j / ciL] |= ((mbedtls_mpi_uint) buf[i - 1]) << ((j % ciL) << 3); cleanup: @@ -662,14 +657,14 @@ cleanup: /* * Export X into unsigned binary data, big endian */ -int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen ) +int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, size_t buflen ) { size_t i, j, n; - n = mpi_size( X ); + n = mbedtls_mpi_size( X ); if( buflen < n ) - return( POLARSSL_ERR_MPI_BUFFER_TOO_SMALL ); + return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); memset( buf, 0, buflen ); @@ -682,19 +677,19 @@ int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen ) /* * Left-shift: X <<= count */ -int mpi_shift_l( mpi *X, size_t count ) +int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ) { int ret; size_t i, v0, t1; - t_uint r0 = 0, r1; + mbedtls_mpi_uint r0 = 0, r1; v0 = count / (biL ); t1 = count & (biL - 1); - i = mpi_msb( X ) + count; + i = mbedtls_mpi_bitlen( X ) + count; if( X->n * biL < i ) - MPI_CHK( mpi_grow( X, BITS_TO_LIMBS( i ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, BITS_TO_LIMBS( i ) ) ); ret = 0; @@ -732,16 +727,16 @@ cleanup: /* * Right-shift: X >>= count */ -int mpi_shift_r( mpi *X, size_t count ) +int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ) { size_t i, v0, v1; - t_uint r0 = 0, r1; + mbedtls_mpi_uint r0 = 0, r1; v0 = count / biL; v1 = count & (biL - 1); if( v0 > X->n || ( v0 == X->n && v1 > 0 ) ) - return mpi_lset( X, 0 ); + return mbedtls_mpi_lset( X, 0 ); /* * shift by count / limb_size @@ -775,7 +770,7 @@ int mpi_shift_r( mpi *X, size_t count ) /* * Compare unsigned values */ -int mpi_cmp_abs( const mpi *X, const mpi *Y ) +int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ) { size_t i, j; @@ -805,7 +800,7 @@ int mpi_cmp_abs( const mpi *X, const mpi *Y ) /* * Compare signed values */ -int mpi_cmp_mpi( const mpi *X, const mpi *Y ) +int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ) { size_t i, j; @@ -838,35 +833,35 @@ int mpi_cmp_mpi( const mpi *X, const mpi *Y ) /* * Compare signed values */ -int mpi_cmp_int( const mpi *X, t_sint z ) +int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ) { - mpi Y; - t_uint p[1]; + mbedtls_mpi Y; + mbedtls_mpi_uint p[1]; *p = ( z < 0 ) ? -z : z; Y.s = ( z < 0 ) ? -1 : 1; Y.n = 1; Y.p = p; - return( mpi_cmp_mpi( X, &Y ) ); + return( mbedtls_mpi_cmp_mpi( X, &Y ) ); } /* * Unsigned addition: X = |A| + |B| (HAC 14.7) */ -int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ) +int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { int ret; size_t i, j; - t_uint *o, *p, c; + mbedtls_mpi_uint *o, *p, c; if( X == B ) { - const mpi *T = A; A = X; B = T; + const mbedtls_mpi *T = A; A = X; B = T; } if( X != A ) - MPI_CHK( mpi_copy( X, A ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, A ) ); /* * X should always be positive as a result of unsigned additions. @@ -877,7 +872,7 @@ int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ) if( B->p[j - 1] != 0 ) break; - MPI_CHK( mpi_grow( X, j ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) ); o = B->p; p = X->p; c = 0; @@ -891,7 +886,7 @@ int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ) { if( i >= X->n ) { - MPI_CHK( mpi_grow( X, i + 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + 1 ) ); p = X->p + i; } @@ -904,12 +899,12 @@ cleanup: } /* - * Helper for mpi subtraction + * Helper for mbedtls_mpi subtraction */ -static void mpi_sub_hlp( size_t n, t_uint *s, t_uint *d ) +static void mpi_sub_hlp( size_t n, mbedtls_mpi_uint *s, mbedtls_mpi_uint *d ) { size_t i; - t_uint c, z; + mbedtls_mpi_uint c, z; for( i = c = 0; i < n; i++, s++, d++ ) { @@ -927,25 +922,25 @@ static void mpi_sub_hlp( size_t n, t_uint *s, t_uint *d ) /* * Unsigned subtraction: X = |A| - |B| (HAC 14.9) */ -int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ) +int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - mpi TB; + mbedtls_mpi TB; int ret; size_t n; - if( mpi_cmp_abs( A, B ) < 0 ) - return( POLARSSL_ERR_MPI_NEGATIVE_VALUE ); + if( mbedtls_mpi_cmp_abs( A, B ) < 0 ) + return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE ); - mpi_init( &TB ); + mbedtls_mpi_init( &TB ); if( X == B ) { - MPI_CHK( mpi_copy( &TB, B ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) ); B = &TB; } if( X != A ) - MPI_CHK( mpi_copy( X, A ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, A ) ); /* * X should always be positive as a result of unsigned subtractions. @@ -962,7 +957,7 @@ int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ) cleanup: - mpi_free( &TB ); + mbedtls_mpi_free( &TB ); return( ret ); } @@ -970,26 +965,26 @@ cleanup: /* * Signed addition: X = A + B */ -int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B ) +int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { int ret, s = A->s; if( A->s * B->s < 0 ) { - if( mpi_cmp_abs( A, B ) >= 0 ) + if( mbedtls_mpi_cmp_abs( A, B ) >= 0 ) { - MPI_CHK( mpi_sub_abs( X, A, B ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) ); X->s = s; } else { - MPI_CHK( mpi_sub_abs( X, B, A ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) ); X->s = -s; } } else { - MPI_CHK( mpi_add_abs( X, A, B ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( X, A, B ) ); X->s = s; } @@ -1001,26 +996,26 @@ cleanup: /* * Signed subtraction: X = A - B */ -int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B ) +int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { int ret, s = A->s; if( A->s * B->s > 0 ) { - if( mpi_cmp_abs( A, B ) >= 0 ) + if( mbedtls_mpi_cmp_abs( A, B ) >= 0 ) { - MPI_CHK( mpi_sub_abs( X, A, B ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) ); X->s = s; } else { - MPI_CHK( mpi_sub_abs( X, B, A ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) ); X->s = -s; } } else { - MPI_CHK( mpi_add_abs( X, A, B ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( X, A, B ) ); X->s = s; } @@ -1032,37 +1027,37 @@ cleanup: /* * Signed addition: X = A + b */ -int mpi_add_int( mpi *X, const mpi *A, t_sint b ) +int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ) { - mpi _B; - t_uint p[1]; + mbedtls_mpi _B; + mbedtls_mpi_uint p[1]; p[0] = ( b < 0 ) ? -b : b; _B.s = ( b < 0 ) ? -1 : 1; _B.n = 1; _B.p = p; - return( mpi_add_mpi( X, A, &_B ) ); + return( mbedtls_mpi_add_mpi( X, A, &_B ) ); } /* * Signed subtraction: X = A - b */ -int mpi_sub_int( mpi *X, const mpi *A, t_sint b ) +int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ) { - mpi _B; - t_uint p[1]; + mbedtls_mpi _B; + mbedtls_mpi_uint p[1]; p[0] = ( b < 0 ) ? -b : b; _B.s = ( b < 0 ) ? -1 : 1; _B.n = 1; _B.p = p; - return( mpi_sub_mpi( X, A, &_B ) ); + return( mbedtls_mpi_sub_mpi( X, A, &_B ) ); } /* - * Helper for mpi multiplication + * Helper for mbedtls_mpi multiplication */ static #if defined(__APPLE__) && defined(__arm__) @@ -1072,9 +1067,9 @@ static */ __attribute__ ((noinline)) #endif -void mpi_mul_hlp( size_t i, t_uint *s, t_uint *d, t_uint b ) +void mpi_mul_hlp( size_t i, mbedtls_mpi_uint *s, mbedtls_mpi_uint *d, mbedtls_mpi_uint b ) { - t_uint c = 0, t = 0; + mbedtls_mpi_uint c = 0, t = 0; #if defined(MULADDC_HUIT) for( ; i >= 8; i -= 8 ) @@ -1136,16 +1131,16 @@ void mpi_mul_hlp( size_t i, t_uint *s, t_uint *d, t_uint b ) /* * Baseline multiplication: X = A * B (HAC 14.12) */ -int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ) +int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { int ret; size_t i, j; - mpi TA, TB; + mbedtls_mpi TA, TB; - mpi_init( &TA ); mpi_init( &TB ); + mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB ); - if( X == A ) { MPI_CHK( mpi_copy( &TA, A ) ); A = &TA; } - if( X == B ) { MPI_CHK( mpi_copy( &TB, B ) ); B = &TB; } + if( X == A ) { MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) ); A = &TA; } + if( X == B ) { MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) ); B = &TB; } for( i = A->n; i > 0; i-- ) if( A->p[i - 1] != 0 ) @@ -1155,8 +1150,8 @@ int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ) if( B->p[j - 1] != 0 ) break; - MPI_CHK( mpi_grow( X, i + j ) ); - MPI_CHK( mpi_lset( X, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + j ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); for( i++; j > 0; j-- ) mpi_mul_hlp( i - 1, A->p, X->p + j - 1, B->p[j - 1] ); @@ -1165,7 +1160,7 @@ int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ) cleanup: - mpi_free( &TB ); mpi_free( &TA ); + mbedtls_mpi_free( &TB ); mbedtls_mpi_free( &TA ); return( ret ); } @@ -1173,69 +1168,69 @@ cleanup: /* * Baseline multiplication: X = A * b */ -int mpi_mul_int( mpi *X, const mpi *A, t_sint b ) +int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b ) { - mpi _B; - t_uint p[1]; + mbedtls_mpi _B; + mbedtls_mpi_uint p[1]; _B.s = 1; _B.n = 1; _B.p = p; p[0] = b; - return( mpi_mul_mpi( X, A, &_B ) ); + return( mbedtls_mpi_mul_mpi( X, A, &_B ) ); } /* - * Division by mpi: A = Q * B + R (HAC 14.20) + * Division by mbedtls_mpi: A = Q * B + R (HAC 14.20) */ -int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ) +int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ) { int ret; size_t i, n, t, k; - mpi X, Y, Z, T1, T2; + mbedtls_mpi X, Y, Z, T1, T2; - if( mpi_cmp_int( B, 0 ) == 0 ) - return( POLARSSL_ERR_MPI_DIVISION_BY_ZERO ); + if( mbedtls_mpi_cmp_int( B, 0 ) == 0 ) + return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO ); - mpi_init( &X ); mpi_init( &Y ); mpi_init( &Z ); - mpi_init( &T1 ); mpi_init( &T2 ); + mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); + mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 ); - if( mpi_cmp_abs( A, B ) < 0 ) + if( mbedtls_mpi_cmp_abs( A, B ) < 0 ) { - if( Q != NULL ) MPI_CHK( mpi_lset( Q, 0 ) ); - if( R != NULL ) MPI_CHK( mpi_copy( R, A ) ); + if( Q != NULL ) MBEDTLS_MPI_CHK( mbedtls_mpi_lset( Q, 0 ) ); + if( R != NULL ) MBEDTLS_MPI_CHK( mbedtls_mpi_copy( R, A ) ); return( 0 ); } - MPI_CHK( mpi_copy( &X, A ) ); - MPI_CHK( mpi_copy( &Y, B ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &X, A ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Y, B ) ); X.s = Y.s = 1; - MPI_CHK( mpi_grow( &Z, A->n + 2 ) ); - MPI_CHK( mpi_lset( &Z, 0 ) ); - MPI_CHK( mpi_grow( &T1, 2 ) ); - MPI_CHK( mpi_grow( &T2, 3 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &Z, A->n + 2 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Z, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T1, 2 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T2, 3 ) ); - k = mpi_msb( &Y ) % biL; + k = mbedtls_mpi_bitlen( &Y ) % biL; if( k < biL - 1 ) { k = biL - 1 - k; - MPI_CHK( mpi_shift_l( &X, k ) ); - MPI_CHK( mpi_shift_l( &Y, k ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &X, k ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &Y, k ) ); } else k = 0; n = X.n - 1; t = Y.n - 1; - MPI_CHK( mpi_shift_l( &Y, biL * ( n - t ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &Y, biL * ( n - t ) ) ); - while( mpi_cmp_mpi( &X, &Y ) >= 0 ) + while( mbedtls_mpi_cmp_mpi( &X, &Y ) >= 0 ) { Z.p[n - t]++; - MPI_CHK( mpi_sub_mpi( &X, &X, &Y ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &Y ) ); } - MPI_CHK( mpi_shift_r( &Y, biL * ( n - t ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Y, biL * ( n - t ) ) ); for( i = n; i > t ; i-- ) { @@ -1243,22 +1238,22 @@ int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ) Z.p[i - t - 1] = ~0; else { -#if defined(POLARSSL_HAVE_UDBL) - t_udbl r; +#if defined(MBEDTLS_HAVE_UDBL) + mbedtls_t_udbl r; - r = (t_udbl) X.p[i] << biL; - r |= (t_udbl) X.p[i - 1]; + r = (mbedtls_t_udbl) X.p[i] << biL; + r |= (mbedtls_t_udbl) X.p[i - 1]; r /= Y.p[t]; - if( r > ( (t_udbl) 1 << biL ) - 1 ) - r = ( (t_udbl) 1 << biL ) - 1; + if( r > ( (mbedtls_t_udbl) 1 << biL ) - 1 ) + r = ( (mbedtls_t_udbl) 1 << biL ) - 1; - Z.p[i - t - 1] = (t_uint) r; + Z.p[i - t - 1] = (mbedtls_mpi_uint) r; #else /* * __udiv_qrnnd_c, from gmp/longlong.h */ - t_uint q0, q1, r0, r1; - t_uint d0, d1, d, m; + mbedtls_mpi_uint q0, q1, r0, r1; + mbedtls_mpi_uint d0, d1, d, m; d = Y.p[t]; d0 = ( d << biH ) >> biH; @@ -1293,7 +1288,7 @@ int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ) r0 -= m; Z.p[i - t - 1] = ( q1 << biH ) | q0; -#endif /* POLARSSL_HAVE_UDBL && !64-bit Apple with Clang 5.0 */ +#endif /* MBEDTLS_HAVE_UDBL && !64-bit Apple with Clang 5.0 */ } Z.p[i - t - 1]++; @@ -1301,51 +1296,51 @@ int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ) { Z.p[i - t - 1]--; - MPI_CHK( mpi_lset( &T1, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &T1, 0 ) ); T1.p[0] = ( t < 1 ) ? 0 : Y.p[t - 1]; T1.p[1] = Y.p[t]; - MPI_CHK( mpi_mul_int( &T1, &T1, Z.p[i - t - 1] ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &T1, Z.p[i - t - 1] ) ); - MPI_CHK( mpi_lset( &T2, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &T2, 0 ) ); T2.p[0] = ( i < 2 ) ? 0 : X.p[i - 2]; T2.p[1] = ( i < 1 ) ? 0 : X.p[i - 1]; T2.p[2] = X.p[i]; } - while( mpi_cmp_mpi( &T1, &T2 ) > 0 ); + while( mbedtls_mpi_cmp_mpi( &T1, &T2 ) > 0 ); - MPI_CHK( mpi_mul_int( &T1, &Y, Z.p[i - t - 1] ) ); - MPI_CHK( mpi_shift_l( &T1, biL * ( i - t - 1 ) ) ); - MPI_CHK( mpi_sub_mpi( &X, &X, &T1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &Y, Z.p[i - t - 1] ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T1, biL * ( i - t - 1 ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &T1 ) ); - if( mpi_cmp_int( &X, 0 ) < 0 ) + if( mbedtls_mpi_cmp_int( &X, 0 ) < 0 ) { - MPI_CHK( mpi_copy( &T1, &Y ) ); - MPI_CHK( mpi_shift_l( &T1, biL * ( i - t - 1 ) ) ); - MPI_CHK( mpi_add_mpi( &X, &X, &T1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T1, &Y ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T1, biL * ( i - t - 1 ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &X, &X, &T1 ) ); Z.p[i - t - 1]--; } } if( Q != NULL ) { - MPI_CHK( mpi_copy( Q, &Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( Q, &Z ) ); Q->s = A->s * B->s; } if( R != NULL ) { - MPI_CHK( mpi_shift_r( &X, k ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &X, k ) ); X.s = A->s; - MPI_CHK( mpi_copy( R, &X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( R, &X ) ); - if( mpi_cmp_int( R, 0 ) == 0 ) + if( mbedtls_mpi_cmp_int( R, 0 ) == 0 ) R->s = 1; } cleanup: - mpi_free( &X ); mpi_free( &Y ); mpi_free( &Z ); - mpi_free( &T1 ); mpi_free( &T2 ); + mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); + mbedtls_mpi_free( &T1 ); mbedtls_mpi_free( &T2 ); return( ret ); } @@ -1353,36 +1348,36 @@ cleanup: /* * Division by int: A = Q * b + R */ -int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_sint b ) +int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, mbedtls_mpi_sint b ) { - mpi _B; - t_uint p[1]; + mbedtls_mpi _B; + mbedtls_mpi_uint p[1]; p[0] = ( b < 0 ) ? -b : b; _B.s = ( b < 0 ) ? -1 : 1; _B.n = 1; _B.p = p; - return( mpi_div_mpi( Q, R, A, &_B ) ); + return( mbedtls_mpi_div_mpi( Q, R, A, &_B ) ); } /* * Modulo: R = A mod B */ -int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B ) +int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ) { int ret; - if( mpi_cmp_int( B, 0 ) < 0 ) - return( POLARSSL_ERR_MPI_NEGATIVE_VALUE ); + if( mbedtls_mpi_cmp_int( B, 0 ) < 0 ) + return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE ); - MPI_CHK( mpi_div_mpi( NULL, R, A, B ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( NULL, R, A, B ) ); - while( mpi_cmp_int( R, 0 ) < 0 ) - MPI_CHK( mpi_add_mpi( R, R, B ) ); + while( mbedtls_mpi_cmp_int( R, 0 ) < 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( R, R, B ) ); - while( mpi_cmp_mpi( R, B ) >= 0 ) - MPI_CHK( mpi_sub_mpi( R, R, B ) ); + while( mbedtls_mpi_cmp_mpi( R, B ) >= 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( R, R, B ) ); cleanup: @@ -1392,16 +1387,16 @@ cleanup: /* * Modulo: r = A mod b */ -int mpi_mod_int( t_uint *r, const mpi *A, t_sint b ) +int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b ) { size_t i; - t_uint x, y, z; + mbedtls_mpi_uint x, y, z; if( b == 0 ) - return( POLARSSL_ERR_MPI_DIVISION_BY_ZERO ); + return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO ); if( b < 0 ) - return( POLARSSL_ERR_MPI_NEGATIVE_VALUE ); + return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE ); /* * handle trivial cases @@ -1449,9 +1444,9 @@ int mpi_mod_int( t_uint *r, const mpi *A, t_sint b ) /* * Fast Montgomery initialization (thanks to Tom St Denis) */ -static void mpi_montg_init( t_uint *mm, const mpi *N ) +static void mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N ) { - t_uint x, m0 = N->p[0]; + mbedtls_mpi_uint x, m0 = N->p[0]; unsigned int i; x = m0; @@ -1466,11 +1461,11 @@ static void mpi_montg_init( t_uint *mm, const mpi *N ) /* * Montgomery multiplication: A = A * B * R^-1 mod N (HAC 14.36) */ -static void mpi_montmul( mpi *A, const mpi *B, const mpi *N, t_uint mm, - const mpi *T ) +static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi *N, mbedtls_mpi_uint mm, + const mbedtls_mpi *T ) { size_t i, n, m; - t_uint u0, u1, *d; + mbedtls_mpi_uint u0, u1, *d; memset( T->p, 0, T->n * ciL ); @@ -1494,7 +1489,7 @@ static void mpi_montmul( mpi *A, const mpi *B, const mpi *N, t_uint mm, memcpy( A->p, d, ( n + 1 ) * ciL ); - if( mpi_cmp_abs( A, N ) >= 0 ) + if( mbedtls_mpi_cmp_abs( A, N ) >= 0 ) mpi_sub_hlp( n, N->p, A->p ); else /* prevent timing attacks */ @@ -1504,10 +1499,10 @@ static void mpi_montmul( mpi *A, const mpi *B, const mpi *N, t_uint mm, /* * Montgomery reduction: A = A * R^-1 mod N */ -static void mpi_montred( mpi *A, const mpi *N, t_uint mm, const mpi *T ) +static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, mbedtls_mpi_uint mm, const mbedtls_mpi *T ) { - t_uint z = 1; - mpi U; + mbedtls_mpi_uint z = 1; + mbedtls_mpi U; U.n = U.s = (int) z; U.p = &z; @@ -1518,42 +1513,42 @@ static void mpi_montred( mpi *A, const mpi *N, t_uint mm, const mpi *T ) /* * Sliding-window exponentiation: X = A^E mod N (HAC 14.85) */ -int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) +int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, mbedtls_mpi *_RR ) { int ret; size_t wbits, wsize, one = 1; size_t i, j, nblimbs; size_t bufsize, nbits; - t_uint ei, mm, state; - mpi RR, T, W[ 2 << POLARSSL_MPI_WINDOW_SIZE ], Apos; + mbedtls_mpi_uint ei, mm, state; + mbedtls_mpi RR, T, W[ 2 << MBEDTLS_MPI_WINDOW_SIZE ], Apos; int neg; - if( mpi_cmp_int( N, 0 ) < 0 || ( N->p[0] & 1 ) == 0 ) - return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + if( mbedtls_mpi_cmp_int( N, 0 ) < 0 || ( N->p[0] & 1 ) == 0 ) + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - if( mpi_cmp_int( E, 0 ) < 0 ) - return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + if( mbedtls_mpi_cmp_int( E, 0 ) < 0 ) + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); /* * Init temps and window size */ mpi_montg_init( &mm, N ); - mpi_init( &RR ); mpi_init( &T ); - mpi_init( &Apos ); + mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &T ); + mbedtls_mpi_init( &Apos ); memset( W, 0, sizeof( W ) ); - i = mpi_msb( E ); + i = mbedtls_mpi_bitlen( E ); wsize = ( i > 671 ) ? 6 : ( i > 239 ) ? 5 : ( i > 79 ) ? 4 : ( i > 23 ) ? 3 : 1; - if( wsize > POLARSSL_MPI_WINDOW_SIZE ) - wsize = POLARSSL_MPI_WINDOW_SIZE; + if( wsize > MBEDTLS_MPI_WINDOW_SIZE ) + wsize = MBEDTLS_MPI_WINDOW_SIZE; j = N->n + 1; - MPI_CHK( mpi_grow( X, j ) ); - MPI_CHK( mpi_grow( &W[1], j ) ); - MPI_CHK( mpi_grow( &T, j * 2 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], j ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T, j * 2 ) ); /* * Compensate for negative A (and correct at the end) @@ -1561,7 +1556,7 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) neg = ( A->s == -1 ); if( neg ) { - MPI_CHK( mpi_copy( &Apos, A ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Apos, A ) ); Apos.s = 1; A = &Apos; } @@ -1571,30 +1566,30 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) */ if( _RR == NULL || _RR->p == NULL ) { - MPI_CHK( mpi_lset( &RR, 1 ) ); - MPI_CHK( mpi_shift_l( &RR, N->n * 2 * biL ) ); - MPI_CHK( mpi_mod_mpi( &RR, &RR, N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &RR, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &RR, N->n * 2 * biL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &RR, &RR, N ) ); if( _RR != NULL ) - memcpy( _RR, &RR, sizeof( mpi ) ); + memcpy( _RR, &RR, sizeof( mbedtls_mpi ) ); } else - memcpy( &RR, _RR, sizeof( mpi ) ); + memcpy( &RR, _RR, sizeof( mbedtls_mpi ) ); /* * W[1] = A * R^2 * R^-1 mod N = A * R mod N */ - if( mpi_cmp_mpi( A, N ) >= 0 ) - MPI_CHK( mpi_mod_mpi( &W[1], A, N ) ); + if( mbedtls_mpi_cmp_mpi( A, N ) >= 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &W[1], A, N ) ); else - MPI_CHK( mpi_copy( &W[1], A ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[1], A ) ); mpi_montmul( &W[1], &RR, N, mm, &T ); /* * X = R^2 * R^-1 mod N = R mod N */ - MPI_CHK( mpi_copy( X, &RR ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &RR ) ); mpi_montred( X, N, mm, &T ); if( wsize > 1 ) @@ -1604,8 +1599,8 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) */ j = one << ( wsize - 1 ); - MPI_CHK( mpi_grow( &W[j], N->n + 1 ) ); - MPI_CHK( mpi_copy( &W[j], &W[1] ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[j], N->n + 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[j], &W[1] ) ); for( i = 0; i < wsize - 1; i++ ) mpi_montmul( &W[j], &W[j], N, mm, &T ); @@ -1615,8 +1610,8 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) */ for( i = j + 1; i < ( one << wsize ); i++ ) { - MPI_CHK( mpi_grow( &W[i], N->n + 1 ) ); - MPI_CHK( mpi_copy( &W[i], &W[i - 1] ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[i], N->n + 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[i], &W[i - 1] ) ); mpi_montmul( &W[i], &W[1], N, mm, &T ); } @@ -1637,7 +1632,7 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) nblimbs--; - bufsize = sizeof( t_uint ) << 3; + bufsize = sizeof( mbedtls_mpi_uint ) << 3; } bufsize--; @@ -1707,18 +1702,18 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) if( neg ) { X->s = -1; - MPI_CHK( mpi_add_mpi( X, N, X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( X, N, X ) ); } cleanup: for( i = ( one << ( wsize - 1 ) ); i < ( one << wsize ); i++ ) - mpi_free( &W[i] ); + mbedtls_mpi_free( &W[i] ); - mpi_free( &W[1] ); mpi_free( &T ); mpi_free( &Apos ); + mbedtls_mpi_free( &W[1] ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &Apos ); if( _RR == NULL || _RR->p == NULL ) - mpi_free( &RR ); + mbedtls_mpi_free( &RR ); return( ret ); } @@ -1726,51 +1721,51 @@ cleanup: /* * Greatest common divisor: G = gcd(A, B) (HAC 14.54) */ -int mpi_gcd( mpi *G, const mpi *A, const mpi *B ) +int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B ) { int ret; size_t lz, lzt; - mpi TG, TA, TB; + mbedtls_mpi TG, TA, TB; - mpi_init( &TG ); mpi_init( &TA ); mpi_init( &TB ); + mbedtls_mpi_init( &TG ); mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB ); - MPI_CHK( mpi_copy( &TA, A ) ); - MPI_CHK( mpi_copy( &TB, B ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) ); - lz = mpi_lsb( &TA ); - lzt = mpi_lsb( &TB ); + lz = mbedtls_mpi_lsb( &TA ); + lzt = mbedtls_mpi_lsb( &TB ); if( lzt < lz ) lz = lzt; - MPI_CHK( mpi_shift_r( &TA, lz ) ); - MPI_CHK( mpi_shift_r( &TB, lz ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, lz ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, lz ) ); TA.s = TB.s = 1; - while( mpi_cmp_int( &TA, 0 ) != 0 ) + while( mbedtls_mpi_cmp_int( &TA, 0 ) != 0 ) { - MPI_CHK( mpi_shift_r( &TA, mpi_lsb( &TA ) ) ); - MPI_CHK( mpi_shift_r( &TB, mpi_lsb( &TB ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, mbedtls_mpi_lsb( &TA ) ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, mbedtls_mpi_lsb( &TB ) ) ); - if( mpi_cmp_mpi( &TA, &TB ) >= 0 ) + if( mbedtls_mpi_cmp_mpi( &TA, &TB ) >= 0 ) { - MPI_CHK( mpi_sub_abs( &TA, &TA, &TB ) ); - MPI_CHK( mpi_shift_r( &TA, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TA, &TA, &TB ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, 1 ) ); } else { - MPI_CHK( mpi_sub_abs( &TB, &TB, &TA ) ); - MPI_CHK( mpi_shift_r( &TB, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TB, &TB, &TA ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, 1 ) ); } } - MPI_CHK( mpi_shift_l( &TB, lz ) ); - MPI_CHK( mpi_copy( G, &TB ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &TB, lz ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( G, &TB ) ); cleanup: - mpi_free( &TG ); mpi_free( &TA ); mpi_free( &TB ); + mbedtls_mpi_free( &TG ); mbedtls_mpi_free( &TA ); mbedtls_mpi_free( &TB ); return( ret ); } @@ -1782,18 +1777,18 @@ cleanup: * regardless of the platform endianness (useful when f_rng is actually * deterministic, eg for tests). */ -int mpi_fill_random( mpi *X, size_t size, +int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; - unsigned char buf[POLARSSL_MPI_MAX_SIZE]; + unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; - if( size > POLARSSL_MPI_MAX_SIZE ) - return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + if( size > MBEDTLS_MPI_MAX_SIZE ) + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - MPI_CHK( f_rng( p_rng, buf, size ) ); - MPI_CHK( mpi_read_binary( X, buf, size ) ); + MBEDTLS_MPI_CHK( f_rng( p_rng, buf, size ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( X, buf, size ) ); cleanup: return( ret ); @@ -1802,99 +1797,99 @@ cleanup: /* * Modular inverse: X = A^-1 mod N (HAC 14.61 / 14.64) */ -int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N ) +int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N ) { int ret; - mpi G, TA, TU, U1, U2, TB, TV, V1, V2; + mbedtls_mpi G, TA, TU, U1, U2, TB, TV, V1, V2; - if( mpi_cmp_int( N, 0 ) <= 0 ) - return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + if( mbedtls_mpi_cmp_int( N, 0 ) <= 0 ) + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - mpi_init( &TA ); mpi_init( &TU ); mpi_init( &U1 ); mpi_init( &U2 ); - mpi_init( &G ); mpi_init( &TB ); mpi_init( &TV ); - mpi_init( &V1 ); mpi_init( &V2 ); + mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TU ); mbedtls_mpi_init( &U1 ); mbedtls_mpi_init( &U2 ); + mbedtls_mpi_init( &G ); mbedtls_mpi_init( &TB ); mbedtls_mpi_init( &TV ); + mbedtls_mpi_init( &V1 ); mbedtls_mpi_init( &V2 ); - MPI_CHK( mpi_gcd( &G, A, N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, A, N ) ); - if( mpi_cmp_int( &G, 1 ) != 0 ) + if( mbedtls_mpi_cmp_int( &G, 1 ) != 0 ) { - ret = POLARSSL_ERR_MPI_NOT_ACCEPTABLE; + ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; goto cleanup; } - MPI_CHK( mpi_mod_mpi( &TA, A, N ) ); - MPI_CHK( mpi_copy( &TU, &TA ) ); - MPI_CHK( mpi_copy( &TB, N ) ); - MPI_CHK( mpi_copy( &TV, N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &TA, A, N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TU, &TA ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TV, N ) ); - MPI_CHK( mpi_lset( &U1, 1 ) ); - MPI_CHK( mpi_lset( &U2, 0 ) ); - MPI_CHK( mpi_lset( &V1, 0 ) ); - MPI_CHK( mpi_lset( &V2, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U1, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U2, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V1, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V2, 1 ) ); do { while( ( TU.p[0] & 1 ) == 0 ) { - MPI_CHK( mpi_shift_r( &TU, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TU, 1 ) ); if( ( U1.p[0] & 1 ) != 0 || ( U2.p[0] & 1 ) != 0 ) { - MPI_CHK( mpi_add_mpi( &U1, &U1, &TB ) ); - MPI_CHK( mpi_sub_mpi( &U2, &U2, &TA ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &U1, &U1, &TB ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &TA ) ); } - MPI_CHK( mpi_shift_r( &U1, 1 ) ); - MPI_CHK( mpi_shift_r( &U2, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &U1, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &U2, 1 ) ); } while( ( TV.p[0] & 1 ) == 0 ) { - MPI_CHK( mpi_shift_r( &TV, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TV, 1 ) ); if( ( V1.p[0] & 1 ) != 0 || ( V2.p[0] & 1 ) != 0 ) { - MPI_CHK( mpi_add_mpi( &V1, &V1, &TB ) ); - MPI_CHK( mpi_sub_mpi( &V2, &V2, &TA ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &V1, &V1, &TB ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &TA ) ); } - MPI_CHK( mpi_shift_r( &V1, 1 ) ); - MPI_CHK( mpi_shift_r( &V2, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &V1, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &V2, 1 ) ); } - if( mpi_cmp_mpi( &TU, &TV ) >= 0 ) + if( mbedtls_mpi_cmp_mpi( &TU, &TV ) >= 0 ) { - MPI_CHK( mpi_sub_mpi( &TU, &TU, &TV ) ); - MPI_CHK( mpi_sub_mpi( &U1, &U1, &V1 ) ); - MPI_CHK( mpi_sub_mpi( &U2, &U2, &V2 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TU, &TU, &TV ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U1, &U1, &V1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &V2 ) ); } else { - MPI_CHK( mpi_sub_mpi( &TV, &TV, &TU ) ); - MPI_CHK( mpi_sub_mpi( &V1, &V1, &U1 ) ); - MPI_CHK( mpi_sub_mpi( &V2, &V2, &U2 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TV, &TV, &TU ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, &U1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &U2 ) ); } } - while( mpi_cmp_int( &TU, 0 ) != 0 ); + while( mbedtls_mpi_cmp_int( &TU, 0 ) != 0 ); - while( mpi_cmp_int( &V1, 0 ) < 0 ) - MPI_CHK( mpi_add_mpi( &V1, &V1, N ) ); + while( mbedtls_mpi_cmp_int( &V1, 0 ) < 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &V1, &V1, N ) ); - while( mpi_cmp_mpi( &V1, N ) >= 0 ) - MPI_CHK( mpi_sub_mpi( &V1, &V1, N ) ); + while( mbedtls_mpi_cmp_mpi( &V1, N ) >= 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, N ) ); - MPI_CHK( mpi_copy( X, &V1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &V1 ) ); cleanup: - mpi_free( &TA ); mpi_free( &TU ); mpi_free( &U1 ); mpi_free( &U2 ); - mpi_free( &G ); mpi_free( &TB ); mpi_free( &TV ); - mpi_free( &V1 ); mpi_free( &V2 ); + mbedtls_mpi_free( &TA ); mbedtls_mpi_free( &TU ); mbedtls_mpi_free( &U1 ); mbedtls_mpi_free( &U2 ); + mbedtls_mpi_free( &G ); mbedtls_mpi_free( &TB ); mbedtls_mpi_free( &TV ); + mbedtls_mpi_free( &V1 ); mbedtls_mpi_free( &V2 ); return( ret ); } -#if defined(POLARSSL_GENPRIME) +#if defined(MBEDTLS_GENPRIME) static const int small_prime[] = { @@ -1927,27 +1922,27 @@ static const int small_prime[] = * Return values: * 0: no small factor (possible prime, more tests needed) * 1: certain prime - * POLARSSL_ERR_MPI_NOT_ACCEPTABLE: certain non-prime + * MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: certain non-prime * other negative: error */ -static int mpi_check_small_factors( const mpi *X ) +static int mpi_check_small_factors( const mbedtls_mpi *X ) { int ret = 0; size_t i; - t_uint r; + mbedtls_mpi_uint r; if( ( X->p[0] & 1 ) == 0 ) - return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE ); + return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); for( i = 0; small_prime[i] > 0; i++ ) { - if( mpi_cmp_int( X, small_prime[i] ) <= 0 ) + if( mbedtls_mpi_cmp_int( X, small_prime[i] ) <= 0 ) return( 1 ); - MPI_CHK( mpi_mod_int( &r, X, small_prime[i] ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, small_prime[i] ) ); if( r == 0 ) - return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE ); + return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); } cleanup: @@ -1957,27 +1952,27 @@ cleanup: /* * Miller-Rabin pseudo-primality test (HAC 4.24) */ -static int mpi_miller_rabin( const mpi *X, +static int mpi_miller_rabin( const mbedtls_mpi *X, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret, count; size_t i, j, k, n, s; - mpi W, R, T, A, RR; + mbedtls_mpi W, R, T, A, RR; - mpi_init( &W ); mpi_init( &R ); mpi_init( &T ); mpi_init( &A ); - mpi_init( &RR ); + mbedtls_mpi_init( &W ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &A ); + mbedtls_mpi_init( &RR ); /* * W = |X| - 1 * R = W >> lsb( W ) */ - MPI_CHK( mpi_sub_int( &W, X, 1 ) ); - s = mpi_lsb( &W ); - MPI_CHK( mpi_copy( &R, &W ) ); - MPI_CHK( mpi_shift_r( &R, s ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &W, X, 1 ) ); + s = mbedtls_mpi_lsb( &W ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R, &W ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &R, s ) ); - i = mpi_msb( X ); + i = mbedtls_mpi_bitlen( X ); /* * HAC, table 4.4 */ @@ -1990,43 +1985,51 @@ static int mpi_miller_rabin( const mpi *X, /* * pick a random A, 1 < A < |X| - 1 */ + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &A, X->n * ciL, f_rng, p_rng ) ); + + if( mbedtls_mpi_cmp_mpi( &A, &W ) >= 0 ) + { + j = mbedtls_mpi_bitlen( &A ) - mbedtls_mpi_bitlen( &W ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &A, j + 1 ) ); + } + A.p[0] |= 3; count = 0; do { - MPI_CHK( mpi_fill_random( &A, X->n * ciL, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &A, X->n * ciL, f_rng, p_rng ) ); - j = mpi_msb( &A ); - k = mpi_msb( &W ); + j = mbedtls_mpi_bitlen( &A ); + k = mbedtls_mpi_bitlen( &W ); if (j > k) { - MPI_CHK( mpi_shift_r( &A, j - k ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &A, j - k ) ); } if (count++ > 30) { - return POLARSSL_ERR_MPI_NOT_ACCEPTABLE; + return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; } - } while ( (mpi_cmp_mpi( &A, &W ) >= 0) || - (mpi_cmp_int( &A, 1 ) <= 0) ); + } while ( mbedtls_mpi_cmp_mpi( &A, &W ) >= 0 || + mbedtls_mpi_cmp_int( &A, 1 ) <= 0 ); /* * A = A^R mod |X| */ - MPI_CHK( mpi_exp_mod( &A, &A, &R, X, &RR ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &A, &A, &R, X, &RR ) ); - if( mpi_cmp_mpi( &A, &W ) == 0 || - mpi_cmp_int( &A, 1 ) == 0 ) + if( mbedtls_mpi_cmp_mpi( &A, &W ) == 0 || + mbedtls_mpi_cmp_int( &A, 1 ) == 0 ) continue; j = 1; - while( j < s && mpi_cmp_mpi( &A, &W ) != 0 ) + while( j < s && mbedtls_mpi_cmp_mpi( &A, &W ) != 0 ) { /* * A = A * A mod |X| */ - MPI_CHK( mpi_mul_mpi( &T, &A, &A ) ); - MPI_CHK( mpi_mod_mpi( &A, &T, X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &A, &A ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &A, &T, X ) ); - if( mpi_cmp_int( &A, 1 ) == 0 ) + if( mbedtls_mpi_cmp_int( &A, 1 ) == 0 ) break; j++; @@ -2035,17 +2038,17 @@ static int mpi_miller_rabin( const mpi *X, /* * not prime if A != |X| - 1 or A == 1 */ - if( mpi_cmp_mpi( &A, &W ) != 0 || - mpi_cmp_int( &A, 1 ) == 0 ) + if( mbedtls_mpi_cmp_mpi( &A, &W ) != 0 || + mbedtls_mpi_cmp_int( &A, 1 ) == 0 ) { - ret = POLARSSL_ERR_MPI_NOT_ACCEPTABLE; + ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; break; } } cleanup: - mpi_free( &W ); mpi_free( &R ); mpi_free( &T ); mpi_free( &A ); - mpi_free( &RR ); + mbedtls_mpi_free( &W ); mbedtls_mpi_free( &R ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free( &RR ); return( ret ); } @@ -2053,22 +2056,22 @@ cleanup: /* * Pseudo-primality test: small factors, then Miller-Rabin */ -int mpi_is_prime( mpi *X, +int mbedtls_mpi_is_prime( const mbedtls_mpi *X, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; - mpi XX; + mbedtls_mpi XX; XX.s = 1; XX.n = X->n; XX.p = X->p; - if( mpi_cmp_int( &XX, 0 ) == 0 || - mpi_cmp_int( &XX, 1 ) == 0 ) - return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE ); + if( mbedtls_mpi_cmp_int( &XX, 0 ) == 0 || + mbedtls_mpi_cmp_int( &XX, 1 ) == 0 ) + return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); - if( mpi_cmp_int( &XX, 2 ) == 0 ) + if( mbedtls_mpi_cmp_int( &XX, 2 ) == 0 ) return( 0 ); if( ( ret = mpi_check_small_factors( &XX ) ) != 0 ) @@ -2085,39 +2088,39 @@ int mpi_is_prime( mpi *X, /* * Prime number generation */ -int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, +int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; size_t k, n; - t_uint r; - mpi Y; + mbedtls_mpi_uint r; + mbedtls_mpi Y; - if( nbits < 3 || nbits > POLARSSL_MPI_MAX_BITS ) - return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + if( nbits < 3 || nbits > MBEDTLS_MPI_MAX_BITS ) + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - mpi_init( &Y ); + mbedtls_mpi_init( &Y ); n = BITS_TO_LIMBS( nbits ); - MPI_CHK( mpi_fill_random( X, n * ciL, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( X, n * ciL, f_rng, p_rng ) ); - k = mpi_msb( X ); - if( k > nbits ) MPI_CHK( mpi_shift_r( X, k - nbits + 1 ) ); + k = mbedtls_mpi_bitlen( X ); + if( k > nbits ) MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, k - nbits + 1 ) ); - mpi_set_bit( X, nbits-1, 1 ); + mbedtls_mpi_set_bit( X, nbits-1, 1 ); X->p[0] |= 1; if( dh_flag == 0 ) { - while( ( ret = mpi_is_prime( X, f_rng, p_rng ) ) != 0 ) + while( ( ret = mbedtls_mpi_is_prime( X, f_rng, p_rng ) ) != 0 ) { - if( ret != POLARSSL_ERR_MPI_NOT_ACCEPTABLE ) + if( ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) goto cleanup; - MPI_CHK( mpi_add_int( X, X, 2 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 2 ) ); } } else @@ -2130,15 +2133,15 @@ int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, X->p[0] |= 2; - MPI_CHK( mpi_mod_int( &r, X, 3 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, 3 ) ); if( r == 0 ) - MPI_CHK( mpi_add_int( X, X, 8 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 8 ) ); else if( r == 1 ) - MPI_CHK( mpi_add_int( X, X, 4 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 4 ) ); /* Set Y = (X-1) / 2, which is X / 2 because X is odd */ - MPI_CHK( mpi_copy( &Y, X ) ); - MPI_CHK( mpi_shift_r( &Y, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Y, X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Y, 1 ) ); while( 1 ) { @@ -2154,7 +2157,7 @@ int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, break; } - if( ret != POLARSSL_ERR_MPI_NOT_ACCEPTABLE ) + if( ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) goto cleanup; /* @@ -2162,21 +2165,21 @@ int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, * Y = 1 mod 2 and Y = 2 mod 3 (eq X = 3 mod 4 and X = 2 mod 3) * so up Y by 6 and X by 12. */ - MPI_CHK( mpi_add_int( X, X, 12 ) ); - MPI_CHK( mpi_add_int( &Y, &Y, 6 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 12 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &Y, &Y, 6 ) ); } } cleanup: - mpi_free( &Y ); + mbedtls_mpi_free( &Y ); return( ret ); } -#endif /* POLARSSL_GENPRIME */ +#endif /* MBEDTLS_GENPRIME */ -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) #define GCD_PAIR_COUNT 3 @@ -2190,34 +2193,34 @@ static const int gcd_pairs[GCD_PAIR_COUNT][3] = /* * Checkup routine */ -int mpi_self_test( int verbose ) +int mbedtls_mpi_self_test( int verbose ) { int ret, i; - mpi A, E, N, X, Y, U, V; + mbedtls_mpi A, E, N, X, Y, U, V; - mpi_init( &A ); mpi_init( &E ); mpi_init( &N ); mpi_init( &X ); - mpi_init( &Y ); mpi_init( &U ); mpi_init( &V ); + mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &X ); + mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &U ); mbedtls_mpi_init( &V ); - MPI_CHK( mpi_read_string( &A, 16, + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &A, 16, "EFE021C2645FD1DC586E69184AF4A31E" \ "D5F53E93B5F123FA41680867BA110131" \ "944FE7952E2517337780CB0DB80E61AA" \ "E7C8DDC6C5C6AADEB34EB38A2F40D5E6" ) ); - MPI_CHK( mpi_read_string( &E, 16, + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &E, 16, "B2E7EFD37075B9F03FF989C7C5051C20" \ "34D2A323810251127E7BF8625A4F49A5" \ "F3E27F4DA8BD59C47D6DAABA4C8127BD" \ "5B5C25763222FEFCCFC38B832366C29E" ) ); - MPI_CHK( mpi_read_string( &N, 16, + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &N, 16, "0066A198186C18C10B2F5ED9B522752A" \ "9830B69916E535C8F047518A889A43A5" \ "94B6BED27A168D31D4A52F88925AA8F5" ) ); - MPI_CHK( mpi_mul_mpi( &X, &A, &N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &X, &A, &N ) ); - MPI_CHK( mpi_read_string( &U, 16, + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16, "602AB7ECA597A3D6B56FF9829A5E8B85" \ "9E857EA95A03512E2BAE7391688D264A" \ "A5663B0341DB9CCFD2C4C5F421FEC814" \ @@ -2227,104 +2230,104 @@ int mpi_self_test( int verbose ) "30879B56C61DE584A0F53A2447A51E" ) ); if( verbose != 0 ) - polarssl_printf( " MPI test #1 (mul_mpi): " ); + mbedtls_printf( " MPI test #1 (mul_mpi): " ); - if( mpi_cmp_mpi( &X, &U ) != 0 ) + if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto cleanup; } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); - MPI_CHK( mpi_div_mpi( &X, &Y, &A, &N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &X, &Y, &A, &N ) ); - MPI_CHK( mpi_read_string( &U, 16, + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16, "256567336059E52CAE22925474705F39A94" ) ); - MPI_CHK( mpi_read_string( &V, 16, + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &V, 16, "6613F26162223DF488E9CD48CC132C7A" \ "0AC93C701B001B092E4E5B9F73BCD27B" \ "9EE50D0657C77F374E903CDFA4C642" ) ); if( verbose != 0 ) - polarssl_printf( " MPI test #2 (div_mpi): " ); + mbedtls_printf( " MPI test #2 (div_mpi): " ); - if( mpi_cmp_mpi( &X, &U ) != 0 || - mpi_cmp_mpi( &Y, &V ) != 0 ) + if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 || + mbedtls_mpi_cmp_mpi( &Y, &V ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto cleanup; } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); - MPI_CHK( mpi_exp_mod( &X, &A, &E, &N, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &X, &A, &E, &N, NULL ) ); - MPI_CHK( mpi_read_string( &U, 16, + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16, "36E139AEA55215609D2816998ED020BB" \ "BD96C37890F65171D948E9BC7CBAA4D9" \ "325D24D6A3C12710F10A09FA08AB87" ) ); if( verbose != 0 ) - polarssl_printf( " MPI test #3 (exp_mod): " ); + mbedtls_printf( " MPI test #3 (exp_mod): " ); - if( mpi_cmp_mpi( &X, &U ) != 0 ) + if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto cleanup; } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); - MPI_CHK( mpi_inv_mod( &X, &A, &N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &X, &A, &N ) ); - MPI_CHK( mpi_read_string( &U, 16, + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16, "003A0AAEDD7E784FC07D8F9EC6E3BFD5" \ "C3DBA76456363A10869622EAC2DD84EC" \ "C5B8A74DAC4D09E03B5E0BE779F2DF61" ) ); if( verbose != 0 ) - polarssl_printf( " MPI test #4 (inv_mod): " ); + mbedtls_printf( " MPI test #4 (inv_mod): " ); - if( mpi_cmp_mpi( &X, &U ) != 0 ) + if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto cleanup; } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); if( verbose != 0 ) - polarssl_printf( " MPI test #5 (simple gcd): " ); + mbedtls_printf( " MPI test #5 (simple gcd): " ); for( i = 0; i < GCD_PAIR_COUNT; i++ ) { - MPI_CHK( mpi_lset( &X, gcd_pairs[i][0] ) ); - MPI_CHK( mpi_lset( &Y, gcd_pairs[i][1] ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &X, gcd_pairs[i][0] ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Y, gcd_pairs[i][1] ) ); - MPI_CHK( mpi_gcd( &A, &X, &Y ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &A, &X, &Y ) ); - if( mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 ) + if( mbedtls_mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed at %d\n", i ); + mbedtls_printf( "failed at %d\n", i ); ret = 1; goto cleanup; @@ -2332,22 +2335,22 @@ int mpi_self_test( int verbose ) } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); cleanup: if( ret != 0 && verbose != 0 ) - polarssl_printf( "Unexpected error, return code = %08X\n", ret ); + mbedtls_printf( "Unexpected error, return code = %08X\n", ret ); - mpi_free( &A ); mpi_free( &E ); mpi_free( &N ); mpi_free( &X ); - mpi_free( &Y ); mpi_free( &U ); mpi_free( &V ); + mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N ); mbedtls_mpi_free( &X ); + mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &U ); mbedtls_mpi_free( &V ); if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); return( ret ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_BIGNUM_C */ +#endif /* MBEDTLS_BIGNUM_C */ diff --git a/ext/mbedtls/library/blowfish.c b/ext/mbedtls/library/blowfish.c index 77191e7eaa..767d141a34 100644 --- a/ext/mbedtls/library/blowfish.c +++ b/ext/mbedtls/library/blowfish.c @@ -26,22 +26,22 @@ * */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_BLOWFISH_C) +#if defined(MBEDTLS_BLOWFISH_C) -#include "polarssl/blowfish.h" +#include "mbedtls/blowfish.h" #include -#if !defined(POLARSSL_BLOWFISH_ALT) +#if !defined(MBEDTLS_BLOWFISH_ALT) /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } @@ -68,7 +68,7 @@ static void polarssl_zeroize( void *v, size_t n ) { } #endif -static const uint32_t P[BLOWFISH_ROUNDS + 2] = { +static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = { 0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L, 0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L, 0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL, @@ -79,7 +79,7 @@ static const uint32_t P[BLOWFISH_ROUNDS + 2] = { /* declarations of data at the end of this file */ static const uint32_t S[4][256]; -static uint32_t F( blowfish_context *ctx, uint32_t x ) +static uint32_t F( mbedtls_blowfish_context *ctx, uint32_t x ) { unsigned short a, b, c, d; uint32_t y; @@ -98,7 +98,7 @@ static uint32_t F( blowfish_context *ctx, uint32_t x ) return( y ); } -static void blowfish_enc( blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) +static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) { uint32_t Xl, Xr, temp; short i; @@ -106,7 +106,7 @@ static void blowfish_enc( blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) Xl = *xl; Xr = *xr; - for( i = 0; i < BLOWFISH_ROUNDS; ++i ) + for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i ) { Xl = Xl ^ ctx->P[i]; Xr = F( ctx, Xl ) ^ Xr; @@ -120,14 +120,14 @@ static void blowfish_enc( blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) Xl = Xr; Xr = temp; - Xr = Xr ^ ctx->P[BLOWFISH_ROUNDS]; - Xl = Xl ^ ctx->P[BLOWFISH_ROUNDS + 1]; + Xr = Xr ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS]; + Xl = Xl ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS + 1]; *xl = Xl; *xr = Xr; } -static void blowfish_dec( blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) +static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) { uint32_t Xl, Xr, temp; short i; @@ -135,7 +135,7 @@ static void blowfish_dec( blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) Xl = *xl; Xr = *xr; - for( i = BLOWFISH_ROUNDS + 1; i > 1; --i ) + for( i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i ) { Xl = Xl ^ ctx->P[i]; Xr = F( ctx, Xl ) ^ Xr; @@ -156,35 +156,35 @@ static void blowfish_dec( blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) *xr = Xr; } -void blowfish_init( blowfish_context *ctx ) +void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ) { - memset( ctx, 0, sizeof( blowfish_context ) ); + memset( ctx, 0, sizeof( mbedtls_blowfish_context ) ); } -void blowfish_free( blowfish_context *ctx ) +void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( blowfish_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_blowfish_context ) ); } /* * Blowfish key schedule */ -int blowfish_setkey( blowfish_context *ctx, const unsigned char *key, - unsigned int keysize ) +int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key, + unsigned int keybits ) { unsigned int i, j, k; uint32_t data, datal, datar; - if( keysize < BLOWFISH_MIN_KEY || keysize > BLOWFISH_MAX_KEY || - ( keysize % 8 ) ) + if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS || keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS || + ( keybits % 8 ) ) { - return( POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH ); + return( MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH ); } - keysize >>= 3; + keybits >>= 3; for( i = 0; i < 4; i++ ) { @@ -193,13 +193,13 @@ int blowfish_setkey( blowfish_context *ctx, const unsigned char *key, } j = 0; - for( i = 0; i < BLOWFISH_ROUNDS + 2; ++i ) + for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i ) { data = 0x00000000; for( k = 0; k < 4; ++k ) { data = ( data << 8 ) | key[j++]; - if( j >= keysize ) + if( j >= keybits ) j = 0; } ctx->P[i] = P[i] ^ data; @@ -208,7 +208,7 @@ int blowfish_setkey( blowfish_context *ctx, const unsigned char *key, datal = 0x00000000; datar = 0x00000000; - for( i = 0; i < BLOWFISH_ROUNDS + 2; i += 2 ) + for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2 ) { blowfish_enc( ctx, &datal, &datar ); ctx->P[i] = datal; @@ -230,21 +230,21 @@ int blowfish_setkey( blowfish_context *ctx, const unsigned char *key, /* * Blowfish-ECB block encryption/decryption */ -int blowfish_crypt_ecb( blowfish_context *ctx, +int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, int mode, - const unsigned char input[BLOWFISH_BLOCKSIZE], - unsigned char output[BLOWFISH_BLOCKSIZE] ) + const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE], + unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] ) { uint32_t X0, X1; GET_UINT32_BE( X0, input, 0 ); GET_UINT32_BE( X1, input, 4 ); - if( mode == BLOWFISH_DECRYPT ) + if( mode == MBEDTLS_BLOWFISH_DECRYPT ) { blowfish_dec( ctx, &X0, &X1 ); } - else /* BLOWFISH_ENCRYPT */ + else /* MBEDTLS_BLOWFISH_ENCRYPT */ { blowfish_enc( ctx, &X0, &X1 ); } @@ -255,87 +255,87 @@ int blowfish_crypt_ecb( blowfish_context *ctx, return( 0 ); } -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /* * Blowfish-CBC buffer encryption/decryption */ -int blowfish_crypt_cbc( blowfish_context *ctx, +int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, int mode, size_t length, - unsigned char iv[BLOWFISH_BLOCKSIZE], + unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], const unsigned char *input, unsigned char *output ) { int i; - unsigned char temp[BLOWFISH_BLOCKSIZE]; + unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE]; - if( length % BLOWFISH_BLOCKSIZE ) - return( POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH ); + if( length % MBEDTLS_BLOWFISH_BLOCKSIZE ) + return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH ); - if( mode == BLOWFISH_DECRYPT ) + if( mode == MBEDTLS_BLOWFISH_DECRYPT ) { while( length > 0 ) { - memcpy( temp, input, BLOWFISH_BLOCKSIZE ); - blowfish_crypt_ecb( ctx, mode, input, output ); + memcpy( temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE ); + mbedtls_blowfish_crypt_ecb( ctx, mode, input, output ); - for( i = 0; i < BLOWFISH_BLOCKSIZE;i++ ) + for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE;i++ ) output[i] = (unsigned char)( output[i] ^ iv[i] ); - memcpy( iv, temp, BLOWFISH_BLOCKSIZE ); + memcpy( iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE ); - input += BLOWFISH_BLOCKSIZE; - output += BLOWFISH_BLOCKSIZE; - length -= BLOWFISH_BLOCKSIZE; + input += MBEDTLS_BLOWFISH_BLOCKSIZE; + output += MBEDTLS_BLOWFISH_BLOCKSIZE; + length -= MBEDTLS_BLOWFISH_BLOCKSIZE; } } else { while( length > 0 ) { - for( i = 0; i < BLOWFISH_BLOCKSIZE; i++ ) + for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++ ) output[i] = (unsigned char)( input[i] ^ iv[i] ); - blowfish_crypt_ecb( ctx, mode, output, output ); - memcpy( iv, output, BLOWFISH_BLOCKSIZE ); + mbedtls_blowfish_crypt_ecb( ctx, mode, output, output ); + memcpy( iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE ); - input += BLOWFISH_BLOCKSIZE; - output += BLOWFISH_BLOCKSIZE; - length -= BLOWFISH_BLOCKSIZE; + input += MBEDTLS_BLOWFISH_BLOCKSIZE; + output += MBEDTLS_BLOWFISH_BLOCKSIZE; + length -= MBEDTLS_BLOWFISH_BLOCKSIZE; } } return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) /* * Blowfish CFB buffer encryption/decryption */ -int blowfish_crypt_cfb64( blowfish_context *ctx, +int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, int mode, size_t length, size_t *iv_off, - unsigned char iv[BLOWFISH_BLOCKSIZE], + unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], const unsigned char *input, unsigned char *output ) { int c; size_t n = *iv_off; - if( mode == BLOWFISH_DECRYPT ) + if( mode == MBEDTLS_BLOWFISH_DECRYPT ) { while( length-- ) { if( n == 0 ) - blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, iv, iv ); + mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv ); c = *input++; *output++ = (unsigned char)( c ^ iv[n] ); iv[n] = (unsigned char) c; - n = ( n + 1 ) % BLOWFISH_BLOCKSIZE; + n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE; } } else @@ -343,11 +343,11 @@ int blowfish_crypt_cfb64( blowfish_context *ctx, while( length-- ) { if( n == 0 ) - blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, iv, iv ); + mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv ); iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); - n = ( n + 1 ) % BLOWFISH_BLOCKSIZE; + n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE; } } @@ -355,17 +355,17 @@ int blowfish_crypt_cfb64( blowfish_context *ctx, return( 0 ); } -#endif /*POLARSSL_CIPHER_MODE_CFB */ +#endif /*MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) /* * Blowfish CTR buffer encryption/decryption */ -int blowfish_crypt_ctr( blowfish_context *ctx, +int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx, size_t length, size_t *nc_off, - unsigned char nonce_counter[BLOWFISH_BLOCKSIZE], - unsigned char stream_block[BLOWFISH_BLOCKSIZE], + unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE], + unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE], const unsigned char *input, unsigned char *output ) { @@ -375,24 +375,24 @@ int blowfish_crypt_ctr( blowfish_context *ctx, while( length-- ) { if( n == 0 ) { - blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, nonce_counter, + mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter, stream_block ); - for( i = BLOWFISH_BLOCKSIZE; i > 0; i-- ) + for( i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i-- ) if( ++nonce_counter[i - 1] != 0 ) break; } c = *input++; *output++ = (unsigned char)( c ^ stream_block[n] ); - n = ( n + 1 ) % BLOWFISH_BLOCKSIZE; + n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE; } *nc_off = n; return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ static const uint32_t S[4][256] = { { 0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L, @@ -653,5 +653,5 @@ static const uint32_t S[4][256] = { 0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L } }; -#endif /* !POLARSSL_BLOWFISH_ALT */ -#endif /* POLARSSL_BLOWFISH_C */ +#endif /* !MBEDTLS_BLOWFISH_ALT */ +#endif /* MBEDTLS_BLOWFISH_C */ diff --git a/ext/mbedtls/library/camellia.c b/ext/mbedtls/library/camellia.c index d80f51f319..83e8e78bb5 100644 --- a/ext/mbedtls/library/camellia.c +++ b/ext/mbedtls/library/camellia.c @@ -26,30 +26,31 @@ * http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_CAMELLIA_C) +#if defined(MBEDTLS_CAMELLIA_C) -#include "polarssl/camellia.h" +#include "mbedtls/camellia.h" -#if defined(POLARSSL_SELF_TEST) #include -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" + +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ -#if !defined(POLARSSL_CAMELLIA_ALT) +#if !defined(MBEDTLS_CAMELLIA_ALT) /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } @@ -86,7 +87,7 @@ static const unsigned char SIGMA_CHARS[6][8] = { 0xb0, 0x56, 0x88, 0xc2, 0xb3, 0xe6, 0xc1, 0xfd } }; -#if defined(POLARSSL_CAMELLIA_SMALL_MEMORY) +#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY) static const unsigned char FSb[256] = { @@ -113,7 +114,7 @@ static const unsigned char FSb[256] = #define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff) #define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff] -#else /* POLARSSL_CAMELLIA_SMALL_MEMORY */ +#else /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ static const unsigned char FSb[256] = { @@ -200,7 +201,7 @@ static const unsigned char FSb4[256] = #define SBOX3(n) FSb3[(n)] #define SBOX4(n) FSb4[(n)] -#endif /* POLARSSL_CAMELLIA_SMALL_MEMORY */ +#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ static const unsigned char shifts[2][4][4] = { @@ -323,24 +324,24 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2], z[1] ^= I0; } -void camellia_init( camellia_context *ctx ) +void mbedtls_camellia_init( mbedtls_camellia_context *ctx ) { - memset( ctx, 0, sizeof( camellia_context ) ); + memset( ctx, 0, sizeof( mbedtls_camellia_context ) ); } -void camellia_free( camellia_context *ctx ) +void mbedtls_camellia_free( mbedtls_camellia_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( camellia_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_camellia_context ) ); } /* * Camellia key schedule (encryption) */ -int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, - unsigned int keysize ) +int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned char *key, + unsigned int keybits ) { int idx; size_t i; @@ -355,18 +356,18 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, memset( t, 0, 64 ); memset( RK, 0, sizeof(ctx->rk) ); - switch( keysize ) + switch( keybits ) { case 128: ctx->nr = 3; idx = 0; break; case 192: case 256: ctx->nr = 4; idx = 1; break; - default : return( POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH ); + default : return( MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH ); } - for( i = 0; i < keysize / 8; ++i ) + for( i = 0; i < keybits / 8; ++i ) t[i] = key[i]; - if( keysize == 192 ) { + if( keybits == 192 ) { for( i = 0; i < 8; i++ ) t[24 + i] = ~t[16 + i]; } @@ -402,7 +403,7 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, camellia_feistel( KC + 8, SIGMA[2], KC + 10 ); camellia_feistel( KC + 10, SIGMA[3], KC + 8 ); - if( keysize > 128 ) { + if( keybits > 128 ) { /* Generate KB */ for( i = 0; i < 4; ++i ) KC[12 + i] = KC[4 + i] ^ KC[8 + i]; @@ -419,7 +420,7 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, SHIFT_AND_PLACE( idx, 0 ); /* Manipulating KR */ - if( keysize > 128 ) { + if( keybits > 128 ) { SHIFT_AND_PLACE( idx, 1 ); } @@ -427,7 +428,7 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, SHIFT_AND_PLACE( idx, 2 ); /* Manipulating KB */ - if( keysize > 128 ) { + if( keybits > 128 ) { SHIFT_AND_PLACE( idx, 3 ); } @@ -444,19 +445,19 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, /* * Camellia key schedule (decryption) */ -int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, - unsigned int keysize ) +int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, const unsigned char *key, + unsigned int keybits ) { int idx, ret; size_t i; - camellia_context cty; + mbedtls_camellia_context cty; uint32_t *RK; uint32_t *SK; - camellia_init( &cty ); + mbedtls_camellia_init( &cty ); - /* Also checks keysize */ - if( ( ret = camellia_setkey_enc( &cty, key, keysize ) ) != 0 ) + /* Also checks keybits */ + if( ( ret = mbedtls_camellia_setkey_enc( &cty, key, keybits ) ) != 0 ) goto exit; ctx->nr = cty.nr; @@ -484,7 +485,7 @@ int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, *RK++ = *SK++; exit: - camellia_free( &cty ); + mbedtls_camellia_free( &cty ); return( ret ); } @@ -492,7 +493,7 @@ exit: /* * Camellia-ECB block encryption/decryption */ -int camellia_crypt_ecb( camellia_context *ctx, +int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, int mode, const unsigned char input[16], unsigned char output[16] ) @@ -551,11 +552,11 @@ int camellia_crypt_ecb( camellia_context *ctx, return( 0 ); } -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /* * Camellia-CBC buffer encryption/decryption */ -int camellia_crypt_cbc( camellia_context *ctx, +int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, int mode, size_t length, unsigned char iv[16], @@ -566,14 +567,14 @@ int camellia_crypt_cbc( camellia_context *ctx, unsigned char temp[16]; if( length % 16 ) - return( POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH ); + return( MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH ); - if( mode == CAMELLIA_DECRYPT ) + if( mode == MBEDTLS_CAMELLIA_DECRYPT ) { while( length > 0 ) { memcpy( temp, input, 16 ); - camellia_crypt_ecb( ctx, mode, input, output ); + mbedtls_camellia_crypt_ecb( ctx, mode, input, output ); for( i = 0; i < 16; i++ ) output[i] = (unsigned char)( output[i] ^ iv[i] ); @@ -592,7 +593,7 @@ int camellia_crypt_cbc( camellia_context *ctx, for( i = 0; i < 16; i++ ) output[i] = (unsigned char)( input[i] ^ iv[i] ); - camellia_crypt_ecb( ctx, mode, output, output ); + mbedtls_camellia_crypt_ecb( ctx, mode, output, output ); memcpy( iv, output, 16 ); input += 16; @@ -603,13 +604,13 @@ int camellia_crypt_cbc( camellia_context *ctx, return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) /* * Camellia-CFB128 buffer encryption/decryption */ -int camellia_crypt_cfb128( camellia_context *ctx, +int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, int mode, size_t length, size_t *iv_off, @@ -620,12 +621,12 @@ int camellia_crypt_cfb128( camellia_context *ctx, int c; size_t n = *iv_off; - if( mode == CAMELLIA_DECRYPT ) + if( mode == MBEDTLS_CAMELLIA_DECRYPT ) { while( length-- ) { if( n == 0 ) - camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, iv, iv ); + mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv ); c = *input++; *output++ = (unsigned char)( c ^ iv[n] ); @@ -639,7 +640,7 @@ int camellia_crypt_cfb128( camellia_context *ctx, while( length-- ) { if( n == 0 ) - camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, iv, iv ); + mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv ); iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); @@ -651,13 +652,13 @@ int camellia_crypt_cfb128( camellia_context *ctx, return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CFB */ +#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) /* * Camellia-CTR buffer encryption/decryption */ -int camellia_crypt_ctr( camellia_context *ctx, +int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, size_t length, size_t *nc_off, unsigned char nonce_counter[16], @@ -671,7 +672,7 @@ int camellia_crypt_ctr( camellia_context *ctx, while( length-- ) { if( n == 0 ) { - camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, nonce_counter, + mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter, stream_block ); for( i = 16; i > 0; i-- ) @@ -688,10 +689,10 @@ int camellia_crypt_ctr( camellia_context *ctx, return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CTR */ -#endif /* !POLARSSL_CAMELLIA_ALT */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ +#endif /* !MBEDTLS_CAMELLIA_ALT */ -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * Camellia test vectors from: @@ -761,7 +762,7 @@ static const unsigned char camellia_test_ecb_cipher[3][CAMELLIA_TESTS_ECB][16] = } }; -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) #define CAMELLIA_TESTS_CBC 3 static const unsigned char camellia_test_cbc_key[3][32] = @@ -823,9 +824,9 @@ static const unsigned char camellia_test_cbc_cipher[3][CAMELLIA_TESTS_CBC][16] = 0x33, 0x30, 0xCD, 0xF1, 0xB1, 0x86, 0x0A, 0x83 } } }; -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) /* * Camellia-CTR test vectors from: * @@ -886,28 +887,28 @@ static const unsigned char camellia_test_ctr_ct[3][48] = static const int camellia_test_ctr_len[3] = { 16, 32, 36 }; -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ /* * Checkup routine */ -int camellia_self_test( int verbose ) +int mbedtls_camellia_self_test( int verbose ) { int i, j, u, v; unsigned char key[32]; unsigned char buf[64]; unsigned char src[16]; unsigned char dst[16]; -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) unsigned char iv[16]; #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) size_t offset, len; unsigned char nonce_counter[16]; unsigned char stream_block[16]; #endif - camellia_context ctx; + mbedtls_camellia_context ctx; memset( key, 0, 32 ); @@ -916,41 +917,41 @@ int camellia_self_test( int verbose ) v = j & 1; if( verbose != 0 ) - polarssl_printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64, - (v == CAMELLIA_DECRYPT) ? "dec" : "enc"); + mbedtls_printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64, + (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); for( i = 0; i < CAMELLIA_TESTS_ECB; i++ ) { memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u ); - if( v == CAMELLIA_DECRYPT ) { - camellia_setkey_dec( &ctx, key, 128 + u * 64 ); + if( v == MBEDTLS_CAMELLIA_DECRYPT ) { + mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 ); memcpy( src, camellia_test_ecb_cipher[u][i], 16 ); memcpy( dst, camellia_test_ecb_plain[i], 16 ); - } else { /* CAMELLIA_ENCRYPT */ - camellia_setkey_enc( &ctx, key, 128 + u * 64 ); + } else { /* MBEDTLS_CAMELLIA_ENCRYPT */ + mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 ); memcpy( src, camellia_test_ecb_plain[i], 16 ); memcpy( dst, camellia_test_ecb_cipher[u][i], 16 ); } - camellia_crypt_ecb( &ctx, v, src, buf ); + mbedtls_camellia_crypt_ecb( &ctx, v, src, buf ); if( memcmp( buf, dst, 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /* * CBC mode */ @@ -960,51 +961,51 @@ int camellia_self_test( int verbose ) v = j & 1; if( verbose != 0 ) - polarssl_printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64, - ( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" ); + mbedtls_printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64, + ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" ); memcpy( src, camellia_test_cbc_iv, 16 ); memcpy( dst, camellia_test_cbc_iv, 16 ); memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u ); - if( v == CAMELLIA_DECRYPT ) { - camellia_setkey_dec( &ctx, key, 128 + u * 64 ); + if( v == MBEDTLS_CAMELLIA_DECRYPT ) { + mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 ); } else { - camellia_setkey_enc( &ctx, key, 128 + u * 64 ); + mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 ); } for( i = 0; i < CAMELLIA_TESTS_CBC; i++ ) { - if( v == CAMELLIA_DECRYPT ) { + if( v == MBEDTLS_CAMELLIA_DECRYPT ) { memcpy( iv , src, 16 ); memcpy( src, camellia_test_cbc_cipher[u][i], 16 ); memcpy( dst, camellia_test_cbc_plain[i], 16 ); - } else { /* CAMELLIA_ENCRYPT */ + } else { /* MBEDTLS_CAMELLIA_ENCRYPT */ memcpy( iv , dst, 16 ); memcpy( src, camellia_test_cbc_plain[i], 16 ); memcpy( dst, camellia_test_cbc_cipher[u][i], 16 ); } - camellia_crypt_cbc( &ctx, v, 16, iv, src, buf ); + mbedtls_camellia_crypt_cbc( &ctx, v, 16, iv, src, buf ); if( memcmp( buf, dst, 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) /* * CTR mode */ @@ -1014,27 +1015,27 @@ int camellia_self_test( int verbose ) v = i & 1; if( verbose != 0 ) - polarssl_printf( " CAMELLIA-CTR-128 (%s): ", - ( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" ); + mbedtls_printf( " CAMELLIA-CTR-128 (%s): ", + ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" ); memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 ); memcpy( key, camellia_test_ctr_key[u], 16 ); offset = 0; - camellia_setkey_enc( &ctx, key, 128 ); + mbedtls_camellia_setkey_enc( &ctx, key, 128 ); - if( v == CAMELLIA_DECRYPT ) + if( v == MBEDTLS_CAMELLIA_DECRYPT ) { len = camellia_test_ctr_len[u]; memcpy( buf, camellia_test_ctr_ct[u], len ); - camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, + mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf ); if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } @@ -1044,29 +1045,29 @@ int camellia_self_test( int verbose ) len = camellia_test_ctr_len[u]; memcpy( buf, camellia_test_ctr_pt[u], len ); - camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, + mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf ); if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); -#endif /* POLARSSL_CIPHER_MODE_CTR */ + mbedtls_printf( "\n" ); +#endif /* MBEDTLS_CIPHER_MODE_CTR */ return( 0 ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_CAMELLIA_C */ +#endif /* MBEDTLS_CAMELLIA_C */ diff --git a/ext/mbedtls/library/ccm.c b/ext/mbedtls/library/ccm.c index e397e0a428..97c3c2a22c 100644 --- a/ext/mbedtls/library/ccm.c +++ b/ext/mbedtls/library/ccm.c @@ -29,29 +29,29 @@ * RFC 5116 "An Interface and Algorithms for Authenticated Encryption" */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_CCM_C) +#if defined(MBEDTLS_CCM_C) -#include "polarssl/ccm.h" +#include "mbedtls/ccm.h" #include -#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } @@ -61,30 +61,33 @@ static void polarssl_zeroize( void *v, size_t n ) { /* * Initialize context */ -int ccm_init( ccm_context *ctx, cipher_id_t cipher, - const unsigned char *key, unsigned int keysize ) +void mbedtls_ccm_init( mbedtls_ccm_context *ctx ) { - int ret; - const cipher_info_t *cipher_info; - - memset( ctx, 0, sizeof( ccm_context ) ); + memset( ctx, 0, sizeof( mbedtls_ccm_context ) ); +} - cipher_init( &ctx->cipher_ctx ); +int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits ) +{ + int ret; + const mbedtls_cipher_info_t *cipher_info; - cipher_info = cipher_info_from_values( cipher, keysize, POLARSSL_MODE_ECB ); + cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, MBEDTLS_MODE_ECB ); if( cipher_info == NULL ) - return( POLARSSL_ERR_CCM_BAD_INPUT ); + return( MBEDTLS_ERR_CCM_BAD_INPUT ); if( cipher_info->block_size != 16 ) - return( POLARSSL_ERR_CCM_BAD_INPUT ); + return( MBEDTLS_ERR_CCM_BAD_INPUT ); - cipher_free( &ctx->cipher_ctx ); + mbedtls_cipher_free( &ctx->cipher_ctx ); - if( ( ret = cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 ) + if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 ) return( ret ); - if( ( ret = cipher_setkey( &ctx->cipher_ctx, key, keysize, - POLARSSL_ENCRYPT ) ) != 0 ) + if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits, + MBEDTLS_ENCRYPT ) ) != 0 ) { return( ret ); } @@ -95,10 +98,10 @@ int ccm_init( ccm_context *ctx, cipher_id_t cipher, /* * Free context */ -void ccm_free( ccm_context *ctx ) +void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) { - cipher_free( &ctx->cipher_ctx ); - polarssl_zeroize( ctx, sizeof( ccm_context ) ); + mbedtls_cipher_free( &ctx->cipher_ctx ); + mbedtls_zeroize( ctx, sizeof( mbedtls_ccm_context ) ); } /* @@ -114,7 +117,7 @@ void ccm_free( ccm_context *ctx ) for( i = 0; i < 16; i++ ) \ y[i] ^= b[i]; \ \ - if( ( ret = cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \ + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \ return( ret ); /* @@ -123,7 +126,7 @@ void ccm_free( ccm_context *ctx ) * This avoids allocating one more 16 bytes buffer while allowing src == dst. */ #define CTR_CRYPT( dst, src, len ) \ - if( ( ret = cipher_update( &ctx->cipher_ctx, ctr, 16, b, &olen ) ) != 0 ) \ + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr, 16, b, &olen ) ) != 0 ) \ return( ret ); \ \ for( i = 0; i < len; i++ ) \ @@ -132,7 +135,7 @@ void ccm_free( ccm_context *ctx ) /* * Authenticated encryption or decryption */ -static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length, +static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, @@ -140,7 +143,7 @@ static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length, { int ret; unsigned char i; - unsigned char q = 16 - 1 - iv_len; + unsigned char q; size_t len_left, olen; unsigned char b[16]; unsigned char y[16]; @@ -154,14 +157,16 @@ static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length, * 'length' checked later (when writing it to the first block) */ if( tag_len < 4 || tag_len > 16 || tag_len % 2 != 0 ) - return( POLARSSL_ERR_CCM_BAD_INPUT ); + return( MBEDTLS_ERR_CCM_BAD_INPUT ); /* Also implies q is within bounds */ if( iv_len < 7 || iv_len > 13 ) - return( POLARSSL_ERR_CCM_BAD_INPUT ); + return( MBEDTLS_ERR_CCM_BAD_INPUT ); if( add_len > 0xFF00 ) - return( POLARSSL_ERR_CCM_BAD_INPUT ); + return( MBEDTLS_ERR_CCM_BAD_INPUT ); + + q = 16 - 1 - (unsigned char) iv_len; /* * First block B_0: @@ -186,7 +191,7 @@ static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length, b[15-i] = (unsigned char)( len_left & 0xFF ); if( len_left > 0 ) - return( POLARSSL_ERR_CCM_BAD_INPUT ); + return( MBEDTLS_ERR_CCM_BAD_INPUT ); /* Start CBC-MAC with first block */ @@ -254,7 +259,7 @@ static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length, while( len_left > 0 ) { - unsigned char use_len = len_left > 16 ? 16 : len_left; + size_t use_len = len_left > 16 ? 16 : len_left; if( mode == CCM_ENCRYPT ) { @@ -300,7 +305,7 @@ static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length, /* * Authenticated encryption */ -int ccm_encrypt_and_tag( ccm_context *ctx, size_t length, +int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, @@ -313,7 +318,7 @@ int ccm_encrypt_and_tag( ccm_context *ctx, size_t length, /* * Authenticated decryption */ -int ccm_auth_decrypt( ccm_context *ctx, size_t length, +int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, @@ -337,15 +342,15 @@ int ccm_auth_decrypt( ccm_context *ctx, size_t length, if( diff != 0 ) { - polarssl_zeroize( output, length ); - return( POLARSSL_ERR_CCM_AUTH_FAILED ); + mbedtls_zeroize( output, length ); + return( MBEDTLS_ERR_CCM_AUTH_FAILED ); } return( 0 ); } -#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) +#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) /* * Examples 1 to 3 from SP800-38C Appendix C */ @@ -393,17 +398,19 @@ static const unsigned char res[NB_TESTS][32] = { 0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 } }; -int ccm_self_test( int verbose ) +int mbedtls_ccm_self_test( int verbose ) { - ccm_context ctx; + mbedtls_ccm_context ctx; unsigned char out[32]; size_t i; int ret; - if( ccm_init( &ctx, POLARSSL_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 ) + mbedtls_ccm_init( &ctx ); + + if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 ) { if( verbose != 0 ) - polarssl_printf( " CCM: setup failed" ); + mbedtls_printf( " CCM: setup failed" ); return( 1 ); } @@ -411,9 +418,9 @@ int ccm_self_test( int verbose ) for( i = 0; i < NB_TESTS; i++ ) { if( verbose != 0 ) - polarssl_printf( " CCM-AES #%u: ", (unsigned int) i + 1 ); + mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 ); - ret = ccm_encrypt_and_tag( &ctx, msg_len[i], + ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len[i], iv, iv_len[i], ad, add_len[i], msg, out, out + msg_len[i], tag_len[i] ); @@ -422,12 +429,12 @@ int ccm_self_test( int verbose ) memcmp( out, res[i], msg_len[i] + tag_len[i] ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } - ret = ccm_auth_decrypt( &ctx, msg_len[i], + ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i], iv, iv_len[i], ad, add_len[i], res[i], out, res[i] + msg_len[i], tag_len[i] ); @@ -436,23 +443,23 @@ int ccm_self_test( int verbose ) memcmp( out, msg, msg_len[i] ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } - ccm_free( &ctx ); + mbedtls_ccm_free( &ctx ); if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); return( 0 ); } -#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ +#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ -#endif /* POLARSSL_CCM_C */ +#endif /* MBEDTLS_CCM_C */ diff --git a/ext/mbedtls/library/certs.c b/ext/mbedtls/library/certs.c index 95fc8cc77d..2dd7eba6aa 100644 --- a/ext/mbedtls/library/certs.c +++ b/ext/mbedtls/library/certs.c @@ -20,15 +20,17 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_CERTS_C) +#include "mbedtls/certs.h" -#if defined(POLARSSL_ECDSA_C) +#if defined(MBEDTLS_CERTS_C) + +#if defined(MBEDTLS_ECDSA_C) #define TEST_CA_CRT_EC \ "-----BEGIN CERTIFICATE-----\r\n" \ "MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT\r\n" \ @@ -45,9 +47,9 @@ "t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv\r\n" \ "uCjn8pwUOkABXK8Mss90fzCfCEOtIA==\r\n" \ "-----END CERTIFICATE-----\r\n" -const char test_ca_crt_ec[] = TEST_CA_CRT_EC; +const char mbedtls_test_ca_crt_ec[] = TEST_CA_CRT_EC; -const char test_ca_key_ec[] = +const char mbedtls_test_ca_key_ec[] = "-----BEGIN EC PRIVATE KEY-----\r\n" "Proc-Type: 4,ENCRYPTED\r\n" "DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n" @@ -58,9 +60,9 @@ const char test_ca_key_ec[] = "a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n" "-----END EC PRIVATE KEY-----\r\n"; -const char test_ca_pwd_ec[] = "PolarSSLTest"; +const char mbedtls_test_ca_pwd_ec[] = "PolarSSLTest"; -const char test_srv_crt_ec[] = +const char mbedtls_test_srv_crt_ec[] = "-----BEGIN CERTIFICATE-----\r\n" "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" @@ -76,14 +78,14 @@ const char test_srv_crt_ec[] = "fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n" "-----END CERTIFICATE-----\r\n"; -const char test_srv_key_ec[] = +const char mbedtls_test_srv_key_ec[] = "-----BEGIN EC PRIVATE KEY-----\r\n" "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n" "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n" "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n" "-----END EC PRIVATE KEY-----\r\n"; -const char test_cli_crt_ec[] = +const char mbedtls_test_cli_crt_ec[] = "-----BEGIN CERTIFICATE-----\r\n" "MIICLDCCAbKgAwIBAgIBDTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" @@ -99,17 +101,25 @@ const char test_cli_crt_ec[] = "LwjQje5PDGHfd3h9tP38Qknu5bJqws0md2KOKHyeV0U=\r\n" "-----END CERTIFICATE-----\r\n"; -const char test_cli_key_ec[] = +const char mbedtls_test_cli_key_ec[] = "-----BEGIN EC PRIVATE KEY-----\r\n" "MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n" "AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n" "wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n" "-----END EC PRIVATE KEY-----\r\n"; + +const size_t mbedtls_test_ca_crt_ec_len = sizeof( mbedtls_test_ca_crt_ec ); +const size_t mbedtls_test_ca_key_ec_len = sizeof( mbedtls_test_ca_key_ec ); +const size_t mbedtls_test_ca_pwd_ec_len = sizeof( mbedtls_test_ca_pwd_ec ) - 1; +const size_t mbedtls_test_srv_crt_ec_len = sizeof( mbedtls_test_srv_crt_ec ); +const size_t mbedtls_test_srv_key_ec_len = sizeof( mbedtls_test_srv_key_ec ); +const size_t mbedtls_test_cli_crt_ec_len = sizeof( mbedtls_test_cli_crt_ec ); +const size_t mbedtls_test_cli_key_ec_len = sizeof( mbedtls_test_cli_key_ec ); #else #define TEST_CA_CRT_EC -#endif /* POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDSA_C */ -#if defined(POLARSSL_RSA_C) +#if defined(MBEDTLS_RSA_C) #define TEST_CA_CRT_RSA \ "-----BEGIN CERTIFICATE-----\r\n" \ "MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ @@ -132,9 +142,9 @@ const char test_cli_key_ec[] = "m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n" \ "7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n" \ "-----END CERTIFICATE-----\r\n" -const char test_ca_crt_rsa[] = TEST_CA_CRT_RSA; +const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA; -const char test_ca_key_rsa[] = +const char mbedtls_test_ca_key_rsa[] = "-----BEGIN RSA PRIVATE KEY-----\r\n" "Proc-Type: 4,ENCRYPTED\r\n" "DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n" @@ -166,9 +176,9 @@ const char test_ca_key_rsa[] = "P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n" "-----END RSA PRIVATE KEY-----\r\n"; -const char test_ca_pwd_rsa[] = "PolarSSLTest"; +const char mbedtls_test_ca_pwd_rsa[] = "PolarSSLTest"; -const char test_srv_crt_rsa[] = +const char mbedtls_test_srv_crt_rsa[] = "-----BEGIN CERTIFICATE-----\r\n" "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" "MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" @@ -190,7 +200,7 @@ const char test_srv_crt_rsa[] = "zhuYwjVuX6JHG0c=\r\n" "-----END CERTIFICATE-----\r\n"; -const char test_srv_key_rsa[] = +const char mbedtls_test_srv_key_rsa[] = "-----BEGIN RSA PRIVATE KEY-----\r\n" "MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n" "lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n" @@ -219,8 +229,7 @@ const char test_srv_key_rsa[] = "TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n" "-----END RSA PRIVATE KEY-----\r\n"; - -const char test_cli_crt_rsa[] = +const char mbedtls_test_cli_crt_rsa[] = "-----BEGIN CERTIFICATE-----\r\n" "MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" "MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" @@ -242,7 +251,7 @@ const char test_cli_crt_rsa[] = "D+stpAKiQLAWaAusIWKYEyw9MQ==\r\n" "-----END CERTIFICATE-----\r\n"; -const char test_cli_key_rsa[] = +const char mbedtls_test_cli_key_rsa[] = "-----BEGIN RSA PRIVATE KEY-----\r\n" "MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n" "B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n" @@ -270,38 +279,74 @@ const char test_cli_key_rsa[] = "bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n" "8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n" "-----END RSA PRIVATE KEY-----\r\n"; + +const size_t mbedtls_test_ca_crt_rsa_len = sizeof( mbedtls_test_ca_crt_rsa ); +const size_t mbedtls_test_ca_key_rsa_len = sizeof( mbedtls_test_ca_key_rsa ); +const size_t mbedtls_test_ca_pwd_rsa_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1; +const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa ); +const size_t mbedtls_test_srv_key_rsa_len = sizeof( mbedtls_test_srv_key_rsa ); +const size_t mbedtls_test_cli_crt_rsa_len = sizeof( mbedtls_test_cli_crt_rsa ); +const size_t mbedtls_test_cli_key_rsa_len = sizeof( mbedtls_test_cli_key_rsa ); #else #define TEST_CA_CRT_RSA -#endif /* POLARSSL_RSA_C */ +#endif /* MBEDTLS_RSA_C */ -#if defined(POLARSSL_DHM_C) -const char test_dhm_params[] = -"-----BEGIN DH PARAMETERS-----\r\n" -"MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n" -"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n" -"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n" -"-----END DH PARAMETERS-----\r\n"; +#if defined(MBEDTLS_PEM_PARSE_C) +/* Concatenation of all available CA certificates */ +const char mbedtls_test_cas_pem[] = TEST_CA_CRT_RSA TEST_CA_CRT_EC; +const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem ); #endif -/* Concatenation of all available CA certificates */ -const char test_ca_list[] = TEST_CA_CRT_RSA TEST_CA_CRT_EC; +/* List of all available CA certificates */ +const char * mbedtls_test_cas[] = { +#if defined(MBEDTLS_RSA_C) + mbedtls_test_ca_crt_rsa, +#endif +#if defined(MBEDTLS_ECDSA_C) + mbedtls_test_ca_crt_ec, +#endif + NULL +}; +const size_t mbedtls_test_cas_len[] = { +#if defined(MBEDTLS_RSA_C) + sizeof( mbedtls_test_ca_crt_rsa ), +#endif +#if defined(MBEDTLS_ECDSA_C) + sizeof( mbedtls_test_ca_crt_ec ), +#endif + 0 +}; -#if defined(POLARSSL_RSA_C) -const char *test_ca_crt = test_ca_crt_rsa; -const char *test_ca_key = test_ca_key_rsa; -const char *test_ca_pwd = test_ca_pwd_rsa; -const char *test_srv_crt = test_srv_crt_rsa; -const char *test_srv_key = test_srv_key_rsa; -const char *test_cli_crt = test_cli_crt_rsa; -const char *test_cli_key = test_cli_key_rsa; -#else /* ! POLARSSL_RSA_C, so POLARSSL_ECDSA_C */ -const char *test_ca_crt = test_ca_crt_ec; -const char *test_ca_key = test_ca_key_ec; -const char *test_ca_pwd = test_ca_pwd_ec; -const char *test_srv_crt = test_srv_crt_ec; -const char *test_srv_key = test_srv_key_ec; -const char *test_cli_crt = test_cli_crt_ec; -const char *test_cli_key = test_cli_key_ec; -#endif /* POLARSSL_RSA_C */ +#if defined(MBEDTLS_RSA_C) +const char *mbedtls_test_ca_crt = mbedtls_test_ca_crt_rsa; +const char *mbedtls_test_ca_key = mbedtls_test_ca_key_rsa; +const char *mbedtls_test_ca_pwd = mbedtls_test_ca_pwd_rsa; +const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_rsa; +const char *mbedtls_test_srv_key = mbedtls_test_srv_key_rsa; +const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_rsa; +const char *mbedtls_test_cli_key = mbedtls_test_cli_key_rsa; +const size_t mbedtls_test_ca_crt_len = sizeof( mbedtls_test_ca_crt_rsa ); +const size_t mbedtls_test_ca_key_len = sizeof( mbedtls_test_ca_key_rsa ); +const size_t mbedtls_test_ca_pwd_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1; +const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_rsa ); +const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_rsa ); +const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_rsa ); +const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_rsa ); +#else /* ! MBEDTLS_RSA_C, so MBEDTLS_ECDSA_C */ +const char *mbedtls_test_ca_crt = mbedtls_test_ca_crt_ec; +const char *mbedtls_test_ca_key = mbedtls_test_ca_key_ec; +const char *mbedtls_test_ca_pwd = mbedtls_test_ca_pwd_ec; +const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_ec; +const char *mbedtls_test_srv_key = mbedtls_test_srv_key_ec; +const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_ec; +const char *mbedtls_test_cli_key = mbedtls_test_cli_key_ec; +const size_t mbedtls_test_ca_crt_len = sizeof( mbedtls_test_ca_crt_ec ); +const size_t mbedtls_test_ca_key_len = sizeof( mbedtls_test_ca_key_ec ); +const size_t mbedtls_test_ca_pwd_len = sizeof( mbedtls_test_ca_pwd_ec ) - 1; +const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_ec ); +const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_ec ); +const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_ec ); +const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_ec ); +#endif /* MBEDTLS_RSA_C */ -#endif /* POLARSSL_CERTS_C */ +#endif /* MBEDTLS_CERTS_C */ diff --git a/ext/mbedtls/library/cipher.c b/ext/mbedtls/library/cipher.c index b69d331060..627d459a3b 100644 --- a/ext/mbedtls/library/cipher.c +++ b/ext/mbedtls/library/cipher.c @@ -24,53 +24,48 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_CIPHER_C) +#if defined(MBEDTLS_CIPHER_C) -#include "polarssl/cipher.h" -#include "polarssl/cipher_wrap.h" +#include "mbedtls/cipher.h" +#include "mbedtls/cipher_internal.h" #include #include -#if defined(POLARSSL_GCM_C) -#include "polarssl/gcm.h" +#if defined(MBEDTLS_GCM_C) +#include "mbedtls/gcm.h" #endif -#if defined(POLARSSL_CCM_C) -#include "polarssl/ccm.h" +#if defined(MBEDTLS_CCM_C) +#include "mbedtls/ccm.h" #endif -#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) -#define POLARSSL_CIPHER_MODE_STREAM -#endif - -#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \ - !defined(EFI32) -#define strcasecmp _stricmp +#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) +#define MBEDTLS_CIPHER_MODE_STREAM #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } static int supported_init = 0; -const int *cipher_list( void ) +const int *mbedtls_cipher_list( void ) { - const cipher_definition_t *def; + const mbedtls_cipher_definition_t *def; int *type; if( ! supported_init ) { - def = cipher_definitions; - type = supported_ciphers; + def = mbedtls_cipher_definitions; + type = mbedtls_cipher_supported; while( def->type != 0 ) *type++ = (*def++).type; @@ -80,55 +75,55 @@ const int *cipher_list( void ) supported_init = 1; } - return( supported_ciphers ); + return( mbedtls_cipher_supported ); } -const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type ) +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type ) { - const cipher_definition_t *def; + const mbedtls_cipher_definition_t *def; - for( def = cipher_definitions; def->info != NULL; def++ ) + for( def = mbedtls_cipher_definitions; def->info != NULL; def++ ) if( def->type == cipher_type ) return( def->info ); return( NULL ); } -const cipher_info_t *cipher_info_from_string( const char *cipher_name ) +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name ) { - const cipher_definition_t *def; + const mbedtls_cipher_definition_t *def; if( NULL == cipher_name ) return( NULL ); - for( def = cipher_definitions; def->info != NULL; def++ ) - if( ! strcasecmp( def->info->name, cipher_name ) ) + for( def = mbedtls_cipher_definitions; def->info != NULL; def++ ) + if( ! strcmp( def->info->name, cipher_name ) ) return( def->info ); return( NULL ); } -const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id, - int key_length, - const cipher_mode_t mode ) +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id, + int key_bitlen, + const mbedtls_cipher_mode_t mode ) { - const cipher_definition_t *def; + const mbedtls_cipher_definition_t *def; - for( def = cipher_definitions; def->info != NULL; def++ ) + for( def = mbedtls_cipher_definitions; def->info != NULL; def++ ) if( def->info->base->cipher == cipher_id && - def->info->key_length == (unsigned) key_length && + def->info->key_bitlen == (unsigned) key_bitlen && def->info->mode == mode ) return( def->info ); return( NULL ); } -void cipher_init( cipher_context_t *ctx ) +void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ) { - memset( ctx, 0, sizeof( cipher_context_t ) ); + memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); } -void cipher_free( cipher_context_t *ctx ) +void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ) { if( ctx == NULL ) return; @@ -136,90 +131,81 @@ void cipher_free( cipher_context_t *ctx ) if( ctx->cipher_ctx ) ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx ); - polarssl_zeroize( ctx, sizeof(cipher_context_t) ); + mbedtls_zeroize( ctx, sizeof(mbedtls_cipher_context_t) ); } -int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ) +int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ) { if( NULL == cipher_info || NULL == ctx ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - memset( ctx, 0, sizeof( cipher_context_t ) ); + memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) ) - return( POLARSSL_ERR_CIPHER_ALLOC_FAILED ); + return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); ctx->cipher_info = cipher_info; -#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /* * Ignore possible errors caused by a cipher mode that doesn't use padding */ -#if defined(POLARSSL_CIPHER_PADDING_PKCS7) - (void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_PKCS7 ); +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + (void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_PKCS7 ); #else - (void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_NONE ); + (void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_NONE ); #endif -#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ +#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ return( 0 ); } -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -int cipher_free_ctx( cipher_context_t *ctx ) -{ - cipher_free( ctx ); - - return( 0 ); -} -#endif - -int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, - int key_length, const operation_t operation ) +int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key, + int key_bitlen, const mbedtls_operation_t operation ) { if( NULL == ctx || NULL == ctx->cipher_info ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - if( ( ctx->cipher_info->flags & POLARSSL_CIPHER_VARIABLE_KEY_LEN ) == 0 && - (int) ctx->cipher_info->key_length != key_length ) + if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 && + (int) ctx->cipher_info->key_bitlen != key_bitlen ) { - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } - ctx->key_length = key_length; + ctx->key_bitlen = key_bitlen; ctx->operation = operation; /* * For CFB and CTR mode always use the encryption key schedule */ - if( POLARSSL_ENCRYPT == operation || - POLARSSL_MODE_CFB == ctx->cipher_info->mode || - POLARSSL_MODE_CTR == ctx->cipher_info->mode ) + if( MBEDTLS_ENCRYPT == operation || + MBEDTLS_MODE_CFB == ctx->cipher_info->mode || + MBEDTLS_MODE_CTR == ctx->cipher_info->mode ) { return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key, - ctx->key_length ); + ctx->key_bitlen ); } - if( POLARSSL_DECRYPT == operation ) + if( MBEDTLS_DECRYPT == operation ) return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key, - ctx->key_length ); + ctx->key_bitlen ); - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } -int cipher_set_iv( cipher_context_t *ctx, +int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len ) { size_t actual_iv_size; if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); /* avoid buffer overflow in ctx->iv */ - if( iv_len > POLARSSL_MAX_IV_LENGTH ) - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); + if( iv_len > MBEDTLS_MAX_IV_LENGTH ) + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - if( ( ctx->cipher_info->flags & POLARSSL_CIPHER_VARIABLE_IV_LEN ) != 0 ) + if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN ) != 0 ) actual_iv_size = iv_len; else { @@ -227,7 +213,7 @@ int cipher_set_iv( cipher_context_t *ctx, /* avoid reading past the end of input buffer */ if( actual_iv_size > iv_len ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } memcpy( ctx->iv, iv, actual_iv_size ); @@ -236,49 +222,49 @@ int cipher_set_iv( cipher_context_t *ctx, return( 0 ); } -int cipher_reset( cipher_context_t *ctx ) +int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ) { if( NULL == ctx || NULL == ctx->cipher_info ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); ctx->unprocessed_len = 0; return( 0 ); } -#if defined(POLARSSL_GCM_C) -int cipher_update_ad( cipher_context_t *ctx, +#if defined(MBEDTLS_GCM_C) +int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len ) { if( NULL == ctx || NULL == ctx->cipher_info ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) + if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { - return gcm_starts( (gcm_context *) ctx->cipher_ctx, ctx->operation, + return mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation, ctx->iv, ctx->iv_size, ad, ad_len ); } return( 0 ); } -#endif /* POLARSSL_GCM_C */ +#endif /* MBEDTLS_GCM_C */ -int cipher_update( cipher_context_t *ctx, const unsigned char *input, +int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen ) { int ret; if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen ) { - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } *olen = 0; - if( ctx->cipher_info->mode == POLARSSL_MODE_ECB ) + if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB ) { - if( ilen != cipher_get_block_size( ctx ) ) - return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + if( ilen != mbedtls_cipher_get_block_size( ctx ) ) + return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); *olen = ilen; @@ -291,33 +277,33 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, return( 0 ); } -#if defined(POLARSSL_GCM_C) - if( ctx->cipher_info->mode == POLARSSL_MODE_GCM ) +#if defined(MBEDTLS_GCM_C) + if( ctx->cipher_info->mode == MBEDTLS_MODE_GCM ) { *olen = ilen; - return gcm_update( (gcm_context *) ctx->cipher_ctx, ilen, input, + return mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input, output ); } #endif if( input == output && - ( ctx->unprocessed_len != 0 || ilen % cipher_get_block_size( ctx ) ) ) + ( ctx->unprocessed_len != 0 || ilen % mbedtls_cipher_get_block_size( ctx ) ) ) { - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } -#if defined(POLARSSL_CIPHER_MODE_CBC) - if( ctx->cipher_info->mode == POLARSSL_MODE_CBC ) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + if( ctx->cipher_info->mode == MBEDTLS_MODE_CBC ) { size_t copy_len = 0; /* * If there is not enough data for a full block, cache it. */ - if( ( ctx->operation == POLARSSL_DECRYPT && - ilen + ctx->unprocessed_len <= cipher_get_block_size( ctx ) ) || - ( ctx->operation == POLARSSL_ENCRYPT && - ilen + ctx->unprocessed_len < cipher_get_block_size( ctx ) ) ) + if( ( ctx->operation == MBEDTLS_DECRYPT && + ilen + ctx->unprocessed_len <= mbedtls_cipher_get_block_size( ctx ) ) || + ( ctx->operation == MBEDTLS_ENCRYPT && + ilen + ctx->unprocessed_len < mbedtls_cipher_get_block_size( ctx ) ) ) { memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input, ilen ); @@ -331,20 +317,20 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, */ if( ctx->unprocessed_len != 0 ) { - copy_len = cipher_get_block_size( ctx ) - ctx->unprocessed_len; + copy_len = mbedtls_cipher_get_block_size( ctx ) - ctx->unprocessed_len; memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input, copy_len ); if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, - ctx->operation, cipher_get_block_size( ctx ), ctx->iv, + ctx->operation, mbedtls_cipher_get_block_size( ctx ), ctx->iv, ctx->unprocessed_data, output ) ) ) { return( ret ); } - *olen += cipher_get_block_size( ctx ); - output += cipher_get_block_size( ctx ); + *olen += mbedtls_cipher_get_block_size( ctx ); + output += mbedtls_cipher_get_block_size( ctx ); ctx->unprocessed_len = 0; input += copy_len; @@ -356,9 +342,9 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, */ if( 0 != ilen ) { - copy_len = ilen % cipher_get_block_size( ctx ); - if( copy_len == 0 && ctx->operation == POLARSSL_DECRYPT ) - copy_len = cipher_get_block_size( ctx ); + copy_len = ilen % mbedtls_cipher_get_block_size( ctx ); + if( copy_len == 0 && ctx->operation == MBEDTLS_DECRYPT ) + copy_len = mbedtls_cipher_get_block_size( ctx ); memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ), copy_len ); @@ -383,10 +369,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) - if( ctx->cipher_info->mode == POLARSSL_MODE_CFB ) +#if defined(MBEDTLS_CIPHER_MODE_CFB) + if( ctx->cipher_info->mode == MBEDTLS_MODE_CFB ) { if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx, ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv, @@ -399,10 +385,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CFB */ +#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) - if( ctx->cipher_info->mode == POLARSSL_MODE_CTR ) +#if defined(MBEDTLS_CIPHER_MODE_CTR) + if( ctx->cipher_info->mode == MBEDTLS_MODE_CTR ) { if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx, ilen, &ctx->unprocessed_len, ctx->iv, @@ -415,10 +401,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ -#if defined(POLARSSL_CIPHER_MODE_STREAM) - if( ctx->cipher_info->mode == POLARSSL_MODE_STREAM ) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) + if( ctx->cipher_info->mode == MBEDTLS_MODE_STREAM ) { if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx, ilen, input, output ) ) ) @@ -430,13 +416,13 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input, return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_STREAM */ +#endif /* MBEDTLS_CIPHER_MODE_STREAM */ - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); } -#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) -#if defined(POLARSSL_CIPHER_PADDING_PKCS7) +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) /* * PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len */ @@ -457,7 +443,7 @@ static int get_pkcs_padding( unsigned char *input, size_t input_len, unsigned char padding_len, bad = 0; if( NULL == input || NULL == data_len ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); padding_len = input[input_len - 1]; *data_len = input_len - padding_len; @@ -472,11 +458,11 @@ static int get_pkcs_padding( unsigned char *input, size_t input_len, for( i = 0; i < input_len; i++ ) bad |= ( input[i] ^ padding_len ) * ( i >= pad_idx ); - return( POLARSSL_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); + return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); } -#endif /* POLARSSL_CIPHER_PADDING_PKCS7 */ +#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ -#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS) +#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) /* * One and zeros padding: fill with 80 00 ... 00 */ @@ -498,7 +484,7 @@ static int get_one_and_zeros_padding( unsigned char *input, size_t input_len, unsigned char done = 0, prev_done, bad; if( NULL == input || NULL == data_len ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); bad = 0xFF; *data_len = 0; @@ -510,12 +496,12 @@ static int get_one_and_zeros_padding( unsigned char *input, size_t input_len, bad &= ( input[i-1] ^ 0x80 ) | ( done == prev_done ); } - return( POLARSSL_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); + return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); } -#endif /* POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS */ +#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ -#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN) +#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) /* * Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length */ @@ -537,7 +523,7 @@ static int get_zeros_and_len_padding( unsigned char *input, size_t input_len, unsigned char padding_len, bad = 0; if( NULL == input || NULL == data_len ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); padding_len = input[input_len - 1]; *data_len = input_len - padding_len; @@ -551,11 +537,11 @@ static int get_zeros_and_len_padding( unsigned char *input, size_t input_len, for( i = 0; i < input_len - 1; i++ ) bad |= input[i] * ( i >= pad_idx ); - return( POLARSSL_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); + return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); } -#endif /* POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN */ +#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ -#if defined(POLARSSL_CIPHER_PADDING_ZEROS) +#if defined(MBEDTLS_CIPHER_PADDING_ZEROS) /* * Zero padding: fill with 00 ... 00 */ @@ -575,7 +561,7 @@ static int get_zeros_padding( unsigned char *input, size_t input_len, unsigned char done = 0, prev_done; if( NULL == input || NULL == data_len ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); *data_len = 0; for( i = input_len; i > 0; i-- ) @@ -587,70 +573,70 @@ static int get_zeros_padding( unsigned char *input, size_t input_len, return( 0 ); } -#endif /* POLARSSL_CIPHER_PADDING_ZEROS */ +#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ /* * No padding: don't pad :) * - * There is no add_padding function (check for NULL in cipher_finish) + * There is no add_padding function (check for NULL in mbedtls_cipher_finish) * but a trivial get_padding function */ static int get_no_padding( unsigned char *input, size_t input_len, size_t *data_len ) { if( NULL == input || NULL == data_len ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); *data_len = input_len; return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ +#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ -int cipher_finish( cipher_context_t *ctx, +int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen ) { if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); *olen = 0; - if( POLARSSL_MODE_CFB == ctx->cipher_info->mode || - POLARSSL_MODE_CTR == ctx->cipher_info->mode || - POLARSSL_MODE_GCM == ctx->cipher_info->mode || - POLARSSL_MODE_STREAM == ctx->cipher_info->mode ) + if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode || + MBEDTLS_MODE_CTR == ctx->cipher_info->mode || + MBEDTLS_MODE_GCM == ctx->cipher_info->mode || + MBEDTLS_MODE_STREAM == ctx->cipher_info->mode ) { return( 0 ); } - if( POLARSSL_MODE_ECB == ctx->cipher_info->mode ) + if( MBEDTLS_MODE_ECB == ctx->cipher_info->mode ) { if( ctx->unprocessed_len != 0 ) - return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); return( 0 ); } -#if defined(POLARSSL_CIPHER_MODE_CBC) - if( POLARSSL_MODE_CBC == ctx->cipher_info->mode ) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + if( MBEDTLS_MODE_CBC == ctx->cipher_info->mode ) { int ret = 0; - if( POLARSSL_ENCRYPT == ctx->operation ) + if( MBEDTLS_ENCRYPT == ctx->operation ) { /* check for 'no padding' mode */ if( NULL == ctx->add_padding ) { if( 0 != ctx->unprocessed_len ) - return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); return( 0 ); } - ctx->add_padding( ctx->unprocessed_data, cipher_get_iv_size( ctx ), + ctx->add_padding( ctx->unprocessed_data, mbedtls_cipher_get_iv_size( ctx ), ctx->unprocessed_len ); } - else if( cipher_get_block_size( ctx ) != ctx->unprocessed_len ) + else if( mbedtls_cipher_get_block_size( ctx ) != ctx->unprocessed_len ) { /* * For decrypt operations, expect a full block, @@ -659,118 +645,118 @@ int cipher_finish( cipher_context_t *ctx, if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len ) return( 0 ); - return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); } /* cipher block */ if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, - ctx->operation, cipher_get_block_size( ctx ), ctx->iv, + ctx->operation, mbedtls_cipher_get_block_size( ctx ), ctx->iv, ctx->unprocessed_data, output ) ) ) { return( ret ); } /* Set output size for decryption */ - if( POLARSSL_DECRYPT == ctx->operation ) - return ctx->get_padding( output, cipher_get_block_size( ctx ), + if( MBEDTLS_DECRYPT == ctx->operation ) + return ctx->get_padding( output, mbedtls_cipher_get_block_size( ctx ), olen ); /* Set output size for encryption */ - *olen = cipher_get_block_size( ctx ); + *olen = mbedtls_cipher_get_block_size( ctx ); return( 0 ); } #else ((void) output); -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); } -#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) -int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode ) +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) +int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode ) { if( NULL == ctx || - POLARSSL_MODE_CBC != ctx->cipher_info->mode ) + MBEDTLS_MODE_CBC != ctx->cipher_info->mode ) { - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } switch( mode ) { -#if defined(POLARSSL_CIPHER_PADDING_PKCS7) - case POLARSSL_PADDING_PKCS7: +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + case MBEDTLS_PADDING_PKCS7: ctx->add_padding = add_pkcs_padding; ctx->get_padding = get_pkcs_padding; break; #endif -#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS) - case POLARSSL_PADDING_ONE_AND_ZEROS: +#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) + case MBEDTLS_PADDING_ONE_AND_ZEROS: ctx->add_padding = add_one_and_zeros_padding; ctx->get_padding = get_one_and_zeros_padding; break; #endif -#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN) - case POLARSSL_PADDING_ZEROS_AND_LEN: +#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) + case MBEDTLS_PADDING_ZEROS_AND_LEN: ctx->add_padding = add_zeros_and_len_padding; ctx->get_padding = get_zeros_and_len_padding; break; #endif -#if defined(POLARSSL_CIPHER_PADDING_ZEROS) - case POLARSSL_PADDING_ZEROS: +#if defined(MBEDTLS_CIPHER_PADDING_ZEROS) + case MBEDTLS_PADDING_ZEROS: ctx->add_padding = add_zeros_padding; ctx->get_padding = get_zeros_padding; break; #endif - case POLARSSL_PADDING_NONE: + case MBEDTLS_PADDING_NONE: ctx->add_padding = NULL; ctx->get_padding = get_no_padding; break; default: - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); } return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ +#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ -#if defined(POLARSSL_GCM_C) -int cipher_write_tag( cipher_context_t *ctx, +#if defined(MBEDTLS_GCM_C) +int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len ) { if( NULL == ctx || NULL == ctx->cipher_info || NULL == tag ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - if( POLARSSL_ENCRYPT != ctx->operation ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + if( MBEDTLS_ENCRYPT != ctx->operation ) + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) - return gcm_finish( (gcm_context *) ctx->cipher_ctx, tag, tag_len ); + if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) + return mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, tag, tag_len ); return( 0 ); } -int cipher_check_tag( cipher_context_t *ctx, +int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len ) { int ret; if( NULL == ctx || NULL == ctx->cipher_info || - POLARSSL_DECRYPT != ctx->operation ) + MBEDTLS_DECRYPT != ctx->operation ) { - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } - if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) + if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { unsigned char check_tag[16]; size_t i; int diff; if( tag_len > sizeof( check_tag ) ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - if( 0 != ( ret = gcm_finish( (gcm_context *) ctx->cipher_ctx, + if( 0 != ( ret = mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, check_tag, tag_len ) ) ) { return( ret ); @@ -781,19 +767,19 @@ int cipher_check_tag( cipher_context_t *ctx, diff |= tag[i] ^ check_tag[i]; if( diff != 0 ) - return( POLARSSL_ERR_CIPHER_AUTH_FAILED ); + return( MBEDTLS_ERR_CIPHER_AUTH_FAILED ); return( 0 ); } return( 0 ); } -#endif /* POLARSSL_GCM_C */ +#endif /* MBEDTLS_GCM_C */ /* * Packet-oriented wrapper for non-AEAD modes */ -int cipher_crypt( cipher_context_t *ctx, +int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen ) @@ -801,16 +787,16 @@ int cipher_crypt( cipher_context_t *ctx, int ret; size_t finish_olen; - if( ( ret = cipher_set_iv( ctx, iv, iv_len ) ) != 0 ) + if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 ) return( ret ); - if( ( ret = cipher_reset( ctx ) ) != 0 ) + if( ( ret = mbedtls_cipher_reset( ctx ) ) != 0 ) return( ret ); - if( ( ret = cipher_update( ctx, input, ilen, output, olen ) ) != 0 ) + if( ( ret = mbedtls_cipher_update( ctx, input, ilen, output, olen ) ) != 0 ) return( ret ); - if( ( ret = cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 ) + if( ( ret = mbedtls_cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 ) return( ret ); *olen += finish_olen; @@ -818,99 +804,84 @@ int cipher_crypt( cipher_context_t *ctx, return( 0 ); } -#if defined(POLARSSL_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) /* * Packet-oriented encryption for AEAD modes */ -int cipher_auth_encrypt( cipher_context_t *ctx, +int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, unsigned char *tag, size_t tag_len ) { -#if defined(POLARSSL_GCM_C) - if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) +#if defined(MBEDTLS_GCM_C) + if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { *olen = ilen; - return( gcm_crypt_and_tag( ctx->cipher_ctx, GCM_ENCRYPT, ilen, + return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, ilen, iv, iv_len, ad, ad_len, input, output, tag_len, tag ) ); } -#endif /* POLARSSL_GCM_C */ -#if defined(POLARSSL_CCM_C) - if( POLARSSL_MODE_CCM == ctx->cipher_info->mode ) +#endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_CCM_C) + if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode ) { *olen = ilen; - return( ccm_encrypt_and_tag( ctx->cipher_ctx, ilen, + return( mbedtls_ccm_encrypt_and_tag( ctx->cipher_ctx, ilen, iv, iv_len, ad, ad_len, input, output, tag, tag_len ) ); } -#endif /* POLARSSL_CCM_C */ +#endif /* MBEDTLS_CCM_C */ - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); } /* * Packet-oriented decryption for AEAD modes */ -int cipher_auth_decrypt( cipher_context_t *ctx, +int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, const unsigned char *tag, size_t tag_len ) { -#if defined(POLARSSL_GCM_C) - if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) +#if defined(MBEDTLS_GCM_C) + if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { int ret; *olen = ilen; - ret = gcm_auth_decrypt( ctx->cipher_ctx, ilen, + ret = mbedtls_gcm_auth_decrypt( ctx->cipher_ctx, ilen, iv, iv_len, ad, ad_len, tag, tag_len, input, output ); - if( ret == POLARSSL_ERR_GCM_AUTH_FAILED ) - ret = POLARSSL_ERR_CIPHER_AUTH_FAILED; + if( ret == MBEDTLS_ERR_GCM_AUTH_FAILED ) + ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; return( ret ); } -#endif /* POLARSSL_GCM_C */ -#if defined(POLARSSL_CCM_C) - if( POLARSSL_MODE_CCM == ctx->cipher_info->mode ) +#endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_CCM_C) + if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode ) { int ret; *olen = ilen; - ret = ccm_auth_decrypt( ctx->cipher_ctx, ilen, + ret = mbedtls_ccm_auth_decrypt( ctx->cipher_ctx, ilen, iv, iv_len, ad, ad_len, input, output, tag, tag_len ); - if( ret == POLARSSL_ERR_CCM_AUTH_FAILED ) - ret = POLARSSL_ERR_CIPHER_AUTH_FAILED; + if( ret == MBEDTLS_ERR_CCM_AUTH_FAILED ) + ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; return( ret ); } -#endif /* POLARSSL_CCM_C */ - - return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); -} -#endif /* POLARSSL_CIPHER_MODE_AEAD */ - - -#if defined(POLARSSL_SELF_TEST) +#endif /* MBEDTLS_CCM_C */ -/* - * Checkup routine - */ -int cipher_self_test( int verbose ) -{ - ((void) verbose); - - return( 0 ); + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); } +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ -#endif /* POLARSSL_SELF_TEST */ - -#endif /* POLARSSL_CIPHER_C */ +#endif /* MBEDTLS_CIPHER_C */ diff --git a/ext/mbedtls/library/cipher_wrap.c b/ext/mbedtls/library/cipher_wrap.c index 4c170bc377..c795234bcc 100644 --- a/ext/mbedtls/library/cipher_wrap.c +++ b/ext/mbedtls/library/cipher_wrap.c @@ -24,164 +24,174 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_CIPHER_C) +#if defined(MBEDTLS_CIPHER_C) -#include "polarssl/cipher_wrap.h" +#include "mbedtls/cipher_internal.h" -#if defined(POLARSSL_AES_C) -#include "polarssl/aes.h" +#if defined(MBEDTLS_AES_C) +#include "mbedtls/aes.h" #endif -#if defined(POLARSSL_ARC4_C) -#include "polarssl/arc4.h" +#if defined(MBEDTLS_ARC4_C) +#include "mbedtls/arc4.h" #endif -#if defined(POLARSSL_CAMELLIA_C) -#include "polarssl/camellia.h" +#if defined(MBEDTLS_CAMELLIA_C) +#include "mbedtls/camellia.h" #endif -#if defined(POLARSSL_DES_C) -#include "polarssl/des.h" +#if defined(MBEDTLS_DES_C) +#include "mbedtls/des.h" #endif -#if defined(POLARSSL_BLOWFISH_C) -#include "polarssl/blowfish.h" +#if defined(MBEDTLS_BLOWFISH_C) +#include "mbedtls/blowfish.h" #endif -#if defined(POLARSSL_GCM_C) -#include "polarssl/gcm.h" +#if defined(MBEDTLS_GCM_C) +#include "mbedtls/gcm.h" #endif -#if defined(POLARSSL_CCM_C) -#include "polarssl/ccm.h" +#if defined(MBEDTLS_CCM_C) +#include "mbedtls/ccm.h" #endif -#if defined(POLARSSL_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) #include #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_calloc calloc +#define mbedtls_free free #endif -#if defined(POLARSSL_GCM_C) +#if defined(MBEDTLS_GCM_C) /* shared by all GCM ciphers */ static void *gcm_ctx_alloc( void ) { - return polarssl_malloc( sizeof( gcm_context ) ); + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_gcm_context ) ); + + if( ctx != NULL ) + mbedtls_gcm_init( (mbedtls_gcm_context *) ctx ); + + return( ctx ); } static void gcm_ctx_free( void *ctx ) { - gcm_free( ctx ); - polarssl_free( ctx ); + mbedtls_gcm_free( ctx ); + mbedtls_free( ctx ); } -#endif /* POLARSSL_GCM_C */ +#endif /* MBEDTLS_GCM_C */ -#if defined(POLARSSL_CCM_C) +#if defined(MBEDTLS_CCM_C) /* shared by all CCM ciphers */ static void *ccm_ctx_alloc( void ) { - return polarssl_malloc( sizeof( ccm_context ) ); + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ccm_context ) ); + + if( ctx != NULL ) + mbedtls_ccm_init( (mbedtls_ccm_context *) ctx ); + + return( ctx ); } static void ccm_ctx_free( void *ctx ) { - ccm_free( ctx ); - polarssl_free( ctx ); + mbedtls_ccm_free( ctx ); + mbedtls_free( ctx ); } -#endif /* POLARSSL_CCM_C */ +#endif /* MBEDTLS_CCM_C */ -#if defined(POLARSSL_AES_C) +#if defined(MBEDTLS_AES_C) -static int aes_crypt_ecb_wrap( void *ctx, operation_t operation, +static int aes_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, const unsigned char *input, unsigned char *output ) { - return aes_crypt_ecb( (aes_context *) ctx, operation, input, output ); + return mbedtls_aes_crypt_ecb( (mbedtls_aes_context *) ctx, operation, input, output ); } -#if defined(POLARSSL_CIPHER_MODE_CBC) -static int aes_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, +#if defined(MBEDTLS_CIPHER_MODE_CBC) +static int aes_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { - return aes_crypt_cbc( (aes_context *) ctx, operation, length, iv, input, + return mbedtls_aes_crypt_cbc( (mbedtls_aes_context *) ctx, operation, length, iv, input, output ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) -static int aes_crypt_cfb128_wrap( void *ctx, operation_t operation, +#if defined(MBEDTLS_CIPHER_MODE_CFB) +static int aes_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, size_t length, size_t *iv_off, unsigned char *iv, const unsigned char *input, unsigned char *output ) { - return aes_crypt_cfb128( (aes_context *) ctx, operation, length, iv_off, iv, + return mbedtls_aes_crypt_cfb128( (mbedtls_aes_context *) ctx, operation, length, iv_off, iv, input, output ); } -#endif /* POLARSSL_CIPHER_MODE_CFB */ +#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) static int aes_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter, unsigned char *stream_block, const unsigned char *input, unsigned char *output ) { - return aes_crypt_ctr( (aes_context *) ctx, length, nc_off, nonce_counter, + return mbedtls_aes_crypt_ctr( (mbedtls_aes_context *) ctx, length, nc_off, nonce_counter, stream_block, input, output ); } -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ static int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - return aes_setkey_dec( (aes_context *) ctx, key, key_length ); + return mbedtls_aes_setkey_dec( (mbedtls_aes_context *) ctx, key, key_bitlen ); } static int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - return aes_setkey_enc( (aes_context *) ctx, key, key_length ); + return mbedtls_aes_setkey_enc( (mbedtls_aes_context *) ctx, key, key_bitlen ); } static void * aes_ctx_alloc( void ) { - aes_context *aes = polarssl_malloc( sizeof( aes_context ) ); + mbedtls_aes_context *aes = mbedtls_calloc( 1, sizeof( mbedtls_aes_context ) ); if( aes == NULL ) return( NULL ); - aes_init( aes ); + mbedtls_aes_init( aes ); return( aes ); } static void aes_ctx_free( void *ctx ) { - aes_free( (aes_context *) ctx ); - polarssl_free( ctx ); + mbedtls_aes_free( (mbedtls_aes_context *) ctx ); + mbedtls_free( ctx ); } -static const cipher_base_t aes_info = { - POLARSSL_CIPHER_ID_AES, +static const mbedtls_cipher_base_t aes_info = { + MBEDTLS_CIPHER_ID_AES, aes_crypt_ecb_wrap, -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) aes_crypt_cbc_wrap, #endif -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) aes_crypt_cfb128_wrap, #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) aes_crypt_ctr_wrap, #endif -#if defined(POLARSSL_CIPHER_MODE_STREAM) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif aes_setkey_enc_wrap, @@ -190,9 +200,9 @@ static const cipher_base_t aes_info = { aes_ctx_free }; -static const cipher_info_t aes_128_ecb_info = { - POLARSSL_CIPHER_AES_128_ECB, - POLARSSL_MODE_ECB, +static const mbedtls_cipher_info_t aes_128_ecb_info = { + MBEDTLS_CIPHER_AES_128_ECB, + MBEDTLS_MODE_ECB, 128, "AES-128-ECB", 16, @@ -201,9 +211,9 @@ static const cipher_info_t aes_128_ecb_info = { &aes_info }; -static const cipher_info_t aes_192_ecb_info = { - POLARSSL_CIPHER_AES_192_ECB, - POLARSSL_MODE_ECB, +static const mbedtls_cipher_info_t aes_192_ecb_info = { + MBEDTLS_CIPHER_AES_192_ECB, + MBEDTLS_MODE_ECB, 192, "AES-192-ECB", 16, @@ -212,9 +222,9 @@ static const cipher_info_t aes_192_ecb_info = { &aes_info }; -static const cipher_info_t aes_256_ecb_info = { - POLARSSL_CIPHER_AES_256_ECB, - POLARSSL_MODE_ECB, +static const mbedtls_cipher_info_t aes_256_ecb_info = { + MBEDTLS_CIPHER_AES_256_ECB, + MBEDTLS_MODE_ECB, 256, "AES-256-ECB", 16, @@ -223,10 +233,10 @@ static const cipher_info_t aes_256_ecb_info = { &aes_info }; -#if defined(POLARSSL_CIPHER_MODE_CBC) -static const cipher_info_t aes_128_cbc_info = { - POLARSSL_CIPHER_AES_128_CBC, - POLARSSL_MODE_CBC, +#if defined(MBEDTLS_CIPHER_MODE_CBC) +static const mbedtls_cipher_info_t aes_128_cbc_info = { + MBEDTLS_CIPHER_AES_128_CBC, + MBEDTLS_MODE_CBC, 128, "AES-128-CBC", 16, @@ -235,9 +245,9 @@ static const cipher_info_t aes_128_cbc_info = { &aes_info }; -static const cipher_info_t aes_192_cbc_info = { - POLARSSL_CIPHER_AES_192_CBC, - POLARSSL_MODE_CBC, +static const mbedtls_cipher_info_t aes_192_cbc_info = { + MBEDTLS_CIPHER_AES_192_CBC, + MBEDTLS_MODE_CBC, 192, "AES-192-CBC", 16, @@ -246,9 +256,9 @@ static const cipher_info_t aes_192_cbc_info = { &aes_info }; -static const cipher_info_t aes_256_cbc_info = { - POLARSSL_CIPHER_AES_256_CBC, - POLARSSL_MODE_CBC, +static const mbedtls_cipher_info_t aes_256_cbc_info = { + MBEDTLS_CIPHER_AES_256_CBC, + MBEDTLS_MODE_CBC, 256, "AES-256-CBC", 16, @@ -256,12 +266,12 @@ static const cipher_info_t aes_256_cbc_info = { 16, &aes_info }; -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) -static const cipher_info_t aes_128_cfb128_info = { - POLARSSL_CIPHER_AES_128_CFB128, - POLARSSL_MODE_CFB, +#if defined(MBEDTLS_CIPHER_MODE_CFB) +static const mbedtls_cipher_info_t aes_128_cfb128_info = { + MBEDTLS_CIPHER_AES_128_CFB128, + MBEDTLS_MODE_CFB, 128, "AES-128-CFB128", 16, @@ -270,9 +280,9 @@ static const cipher_info_t aes_128_cfb128_info = { &aes_info }; -static const cipher_info_t aes_192_cfb128_info = { - POLARSSL_CIPHER_AES_192_CFB128, - POLARSSL_MODE_CFB, +static const mbedtls_cipher_info_t aes_192_cfb128_info = { + MBEDTLS_CIPHER_AES_192_CFB128, + MBEDTLS_MODE_CFB, 192, "AES-192-CFB128", 16, @@ -281,9 +291,9 @@ static const cipher_info_t aes_192_cfb128_info = { &aes_info }; -static const cipher_info_t aes_256_cfb128_info = { - POLARSSL_CIPHER_AES_256_CFB128, - POLARSSL_MODE_CFB, +static const mbedtls_cipher_info_t aes_256_cfb128_info = { + MBEDTLS_CIPHER_AES_256_CFB128, + MBEDTLS_MODE_CFB, 256, "AES-256-CFB128", 16, @@ -291,12 +301,12 @@ static const cipher_info_t aes_256_cfb128_info = { 16, &aes_info }; -#endif /* POLARSSL_CIPHER_MODE_CFB */ +#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) -static const cipher_info_t aes_128_ctr_info = { - POLARSSL_CIPHER_AES_128_CTR, - POLARSSL_MODE_CTR, +#if defined(MBEDTLS_CIPHER_MODE_CTR) +static const mbedtls_cipher_info_t aes_128_ctr_info = { + MBEDTLS_CIPHER_AES_128_CTR, + MBEDTLS_MODE_CTR, 128, "AES-128-CTR", 16, @@ -305,9 +315,9 @@ static const cipher_info_t aes_128_ctr_info = { &aes_info }; -static const cipher_info_t aes_192_ctr_info = { - POLARSSL_CIPHER_AES_192_CTR, - POLARSSL_MODE_CTR, +static const mbedtls_cipher_info_t aes_192_ctr_info = { + MBEDTLS_CIPHER_AES_192_CTR, + MBEDTLS_MODE_CTR, 192, "AES-192-CTR", 16, @@ -316,9 +326,9 @@ static const cipher_info_t aes_192_ctr_info = { &aes_info }; -static const cipher_info_t aes_256_ctr_info = { - POLARSSL_CIPHER_AES_256_CTR, - POLARSSL_MODE_CTR, +static const mbedtls_cipher_info_t aes_256_ctr_info = { + MBEDTLS_CIPHER_AES_256_CTR, + MBEDTLS_MODE_CTR, 256, "AES-256-CTR", 16, @@ -326,29 +336,29 @@ static const cipher_info_t aes_256_ctr_info = { 16, &aes_info }; -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ -#if defined(POLARSSL_GCM_C) +#if defined(MBEDTLS_GCM_C) static int gcm_aes_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - return gcm_init( (gcm_context *) ctx, POLARSSL_CIPHER_ID_AES, - key, key_length ); + return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES, + key, key_bitlen ); } -static const cipher_base_t gcm_aes_info = { - POLARSSL_CIPHER_ID_AES, +static const mbedtls_cipher_base_t gcm_aes_info = { + MBEDTLS_CIPHER_ID_AES, NULL, -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_STREAM) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif gcm_aes_setkey_wrap, @@ -357,61 +367,61 @@ static const cipher_base_t gcm_aes_info = { gcm_ctx_free, }; -static const cipher_info_t aes_128_gcm_info = { - POLARSSL_CIPHER_AES_128_GCM, - POLARSSL_MODE_GCM, +static const mbedtls_cipher_info_t aes_128_gcm_info = { + MBEDTLS_CIPHER_AES_128_GCM, + MBEDTLS_MODE_GCM, 128, "AES-128-GCM", 12, - POLARSSL_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, &gcm_aes_info }; -static const cipher_info_t aes_192_gcm_info = { - POLARSSL_CIPHER_AES_192_GCM, - POLARSSL_MODE_GCM, +static const mbedtls_cipher_info_t aes_192_gcm_info = { + MBEDTLS_CIPHER_AES_192_GCM, + MBEDTLS_MODE_GCM, 192, "AES-192-GCM", 12, - POLARSSL_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, &gcm_aes_info }; -static const cipher_info_t aes_256_gcm_info = { - POLARSSL_CIPHER_AES_256_GCM, - POLARSSL_MODE_GCM, +static const mbedtls_cipher_info_t aes_256_gcm_info = { + MBEDTLS_CIPHER_AES_256_GCM, + MBEDTLS_MODE_GCM, 256, "AES-256-GCM", 12, - POLARSSL_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, &gcm_aes_info }; -#endif /* POLARSSL_GCM_C */ +#endif /* MBEDTLS_GCM_C */ -#if defined(POLARSSL_CCM_C) +#if defined(MBEDTLS_CCM_C) static int ccm_aes_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - return ccm_init( (ccm_context *) ctx, POLARSSL_CIPHER_ID_AES, - key, key_length ); + return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES, + key, key_bitlen ); } -static const cipher_base_t ccm_aes_info = { - POLARSSL_CIPHER_ID_AES, +static const mbedtls_cipher_base_t ccm_aes_info = { + MBEDTLS_CIPHER_ID_AES, NULL, -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_STREAM) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif ccm_aes_setkey_wrap, @@ -420,125 +430,125 @@ static const cipher_base_t ccm_aes_info = { ccm_ctx_free, }; -static const cipher_info_t aes_128_ccm_info = { - POLARSSL_CIPHER_AES_128_CCM, - POLARSSL_MODE_CCM, +static const mbedtls_cipher_info_t aes_128_ccm_info = { + MBEDTLS_CIPHER_AES_128_CCM, + MBEDTLS_MODE_CCM, 128, "AES-128-CCM", 12, - POLARSSL_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, &ccm_aes_info }; -static const cipher_info_t aes_192_ccm_info = { - POLARSSL_CIPHER_AES_192_CCM, - POLARSSL_MODE_CCM, +static const mbedtls_cipher_info_t aes_192_ccm_info = { + MBEDTLS_CIPHER_AES_192_CCM, + MBEDTLS_MODE_CCM, 192, "AES-192-CCM", 12, - POLARSSL_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, &ccm_aes_info }; -static const cipher_info_t aes_256_ccm_info = { - POLARSSL_CIPHER_AES_256_CCM, - POLARSSL_MODE_CCM, +static const mbedtls_cipher_info_t aes_256_ccm_info = { + MBEDTLS_CIPHER_AES_256_CCM, + MBEDTLS_MODE_CCM, 256, "AES-256-CCM", 12, - POLARSSL_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, &ccm_aes_info }; -#endif /* POLARSSL_CCM_C */ +#endif /* MBEDTLS_CCM_C */ -#endif /* POLARSSL_AES_C */ +#endif /* MBEDTLS_AES_C */ -#if defined(POLARSSL_CAMELLIA_C) +#if defined(MBEDTLS_CAMELLIA_C) -static int camellia_crypt_ecb_wrap( void *ctx, operation_t operation, +static int camellia_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, const unsigned char *input, unsigned char *output ) { - return camellia_crypt_ecb( (camellia_context *) ctx, operation, input, + return mbedtls_camellia_crypt_ecb( (mbedtls_camellia_context *) ctx, operation, input, output ); } -#if defined(POLARSSL_CIPHER_MODE_CBC) -static int camellia_crypt_cbc_wrap( void *ctx, operation_t operation, +#if defined(MBEDTLS_CIPHER_MODE_CBC) +static int camellia_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { - return camellia_crypt_cbc( (camellia_context *) ctx, operation, length, iv, + return mbedtls_camellia_crypt_cbc( (mbedtls_camellia_context *) ctx, operation, length, iv, input, output ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) -static int camellia_crypt_cfb128_wrap( void *ctx, operation_t operation, +#if defined(MBEDTLS_CIPHER_MODE_CFB) +static int camellia_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, size_t length, size_t *iv_off, unsigned char *iv, const unsigned char *input, unsigned char *output ) { - return camellia_crypt_cfb128( (camellia_context *) ctx, operation, length, + return mbedtls_camellia_crypt_cfb128( (mbedtls_camellia_context *) ctx, operation, length, iv_off, iv, input, output ); } -#endif /* POLARSSL_CIPHER_MODE_CFB */ +#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) static int camellia_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter, unsigned char *stream_block, const unsigned char *input, unsigned char *output ) { - return camellia_crypt_ctr( (camellia_context *) ctx, length, nc_off, + return mbedtls_camellia_crypt_ctr( (mbedtls_camellia_context *) ctx, length, nc_off, nonce_counter, stream_block, input, output ); } -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ static int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - return camellia_setkey_dec( (camellia_context *) ctx, key, key_length ); + return mbedtls_camellia_setkey_dec( (mbedtls_camellia_context *) ctx, key, key_bitlen ); } static int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - return camellia_setkey_enc( (camellia_context *) ctx, key, key_length ); + return mbedtls_camellia_setkey_enc( (mbedtls_camellia_context *) ctx, key, key_bitlen ); } static void * camellia_ctx_alloc( void ) { - camellia_context *ctx; - ctx = polarssl_malloc( sizeof( camellia_context ) ); + mbedtls_camellia_context *ctx; + ctx = mbedtls_calloc( 1, sizeof( mbedtls_camellia_context ) ); if( ctx == NULL ) return( NULL ); - camellia_init( ctx ); + mbedtls_camellia_init( ctx ); return( ctx ); } static void camellia_ctx_free( void *ctx ) { - camellia_free( (camellia_context *) ctx ); - polarssl_free( ctx ); + mbedtls_camellia_free( (mbedtls_camellia_context *) ctx ); + mbedtls_free( ctx ); } -static const cipher_base_t camellia_info = { - POLARSSL_CIPHER_ID_CAMELLIA, +static const mbedtls_cipher_base_t camellia_info = { + MBEDTLS_CIPHER_ID_CAMELLIA, camellia_crypt_ecb_wrap, -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) camellia_crypt_cbc_wrap, #endif -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) camellia_crypt_cfb128_wrap, #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) camellia_crypt_ctr_wrap, #endif -#if defined(POLARSSL_CIPHER_MODE_STREAM) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif camellia_setkey_enc_wrap, @@ -547,9 +557,9 @@ static const cipher_base_t camellia_info = { camellia_ctx_free }; -static const cipher_info_t camellia_128_ecb_info = { - POLARSSL_CIPHER_CAMELLIA_128_ECB, - POLARSSL_MODE_ECB, +static const mbedtls_cipher_info_t camellia_128_ecb_info = { + MBEDTLS_CIPHER_CAMELLIA_128_ECB, + MBEDTLS_MODE_ECB, 128, "CAMELLIA-128-ECB", 16, @@ -558,9 +568,9 @@ static const cipher_info_t camellia_128_ecb_info = { &camellia_info }; -static const cipher_info_t camellia_192_ecb_info = { - POLARSSL_CIPHER_CAMELLIA_192_ECB, - POLARSSL_MODE_ECB, +static const mbedtls_cipher_info_t camellia_192_ecb_info = { + MBEDTLS_CIPHER_CAMELLIA_192_ECB, + MBEDTLS_MODE_ECB, 192, "CAMELLIA-192-ECB", 16, @@ -569,9 +579,9 @@ static const cipher_info_t camellia_192_ecb_info = { &camellia_info }; -static const cipher_info_t camellia_256_ecb_info = { - POLARSSL_CIPHER_CAMELLIA_256_ECB, - POLARSSL_MODE_ECB, +static const mbedtls_cipher_info_t camellia_256_ecb_info = { + MBEDTLS_CIPHER_CAMELLIA_256_ECB, + MBEDTLS_MODE_ECB, 256, "CAMELLIA-256-ECB", 16, @@ -580,10 +590,10 @@ static const cipher_info_t camellia_256_ecb_info = { &camellia_info }; -#if defined(POLARSSL_CIPHER_MODE_CBC) -static const cipher_info_t camellia_128_cbc_info = { - POLARSSL_CIPHER_CAMELLIA_128_CBC, - POLARSSL_MODE_CBC, +#if defined(MBEDTLS_CIPHER_MODE_CBC) +static const mbedtls_cipher_info_t camellia_128_cbc_info = { + MBEDTLS_CIPHER_CAMELLIA_128_CBC, + MBEDTLS_MODE_CBC, 128, "CAMELLIA-128-CBC", 16, @@ -592,9 +602,9 @@ static const cipher_info_t camellia_128_cbc_info = { &camellia_info }; -static const cipher_info_t camellia_192_cbc_info = { - POLARSSL_CIPHER_CAMELLIA_192_CBC, - POLARSSL_MODE_CBC, +static const mbedtls_cipher_info_t camellia_192_cbc_info = { + MBEDTLS_CIPHER_CAMELLIA_192_CBC, + MBEDTLS_MODE_CBC, 192, "CAMELLIA-192-CBC", 16, @@ -603,9 +613,9 @@ static const cipher_info_t camellia_192_cbc_info = { &camellia_info }; -static const cipher_info_t camellia_256_cbc_info = { - POLARSSL_CIPHER_CAMELLIA_256_CBC, - POLARSSL_MODE_CBC, +static const mbedtls_cipher_info_t camellia_256_cbc_info = { + MBEDTLS_CIPHER_CAMELLIA_256_CBC, + MBEDTLS_MODE_CBC, 256, "CAMELLIA-256-CBC", 16, @@ -613,12 +623,12 @@ static const cipher_info_t camellia_256_cbc_info = { 16, &camellia_info }; -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) -static const cipher_info_t camellia_128_cfb128_info = { - POLARSSL_CIPHER_CAMELLIA_128_CFB128, - POLARSSL_MODE_CFB, +#if defined(MBEDTLS_CIPHER_MODE_CFB) +static const mbedtls_cipher_info_t camellia_128_cfb128_info = { + MBEDTLS_CIPHER_CAMELLIA_128_CFB128, + MBEDTLS_MODE_CFB, 128, "CAMELLIA-128-CFB128", 16, @@ -627,9 +637,9 @@ static const cipher_info_t camellia_128_cfb128_info = { &camellia_info }; -static const cipher_info_t camellia_192_cfb128_info = { - POLARSSL_CIPHER_CAMELLIA_192_CFB128, - POLARSSL_MODE_CFB, +static const mbedtls_cipher_info_t camellia_192_cfb128_info = { + MBEDTLS_CIPHER_CAMELLIA_192_CFB128, + MBEDTLS_MODE_CFB, 192, "CAMELLIA-192-CFB128", 16, @@ -638,9 +648,9 @@ static const cipher_info_t camellia_192_cfb128_info = { &camellia_info }; -static const cipher_info_t camellia_256_cfb128_info = { - POLARSSL_CIPHER_CAMELLIA_256_CFB128, - POLARSSL_MODE_CFB, +static const mbedtls_cipher_info_t camellia_256_cfb128_info = { + MBEDTLS_CIPHER_CAMELLIA_256_CFB128, + MBEDTLS_MODE_CFB, 256, "CAMELLIA-256-CFB128", 16, @@ -648,12 +658,12 @@ static const cipher_info_t camellia_256_cfb128_info = { 16, &camellia_info }; -#endif /* POLARSSL_CIPHER_MODE_CFB */ +#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) -static const cipher_info_t camellia_128_ctr_info = { - POLARSSL_CIPHER_CAMELLIA_128_CTR, - POLARSSL_MODE_CTR, +#if defined(MBEDTLS_CIPHER_MODE_CTR) +static const mbedtls_cipher_info_t camellia_128_ctr_info = { + MBEDTLS_CIPHER_CAMELLIA_128_CTR, + MBEDTLS_MODE_CTR, 128, "CAMELLIA-128-CTR", 16, @@ -662,9 +672,9 @@ static const cipher_info_t camellia_128_ctr_info = { &camellia_info }; -static const cipher_info_t camellia_192_ctr_info = { - POLARSSL_CIPHER_CAMELLIA_192_CTR, - POLARSSL_MODE_CTR, +static const mbedtls_cipher_info_t camellia_192_ctr_info = { + MBEDTLS_CIPHER_CAMELLIA_192_CTR, + MBEDTLS_MODE_CTR, 192, "CAMELLIA-192-CTR", 16, @@ -673,9 +683,9 @@ static const cipher_info_t camellia_192_ctr_info = { &camellia_info }; -static const cipher_info_t camellia_256_ctr_info = { - POLARSSL_CIPHER_CAMELLIA_256_CTR, - POLARSSL_MODE_CTR, +static const mbedtls_cipher_info_t camellia_256_ctr_info = { + MBEDTLS_CIPHER_CAMELLIA_256_CTR, + MBEDTLS_MODE_CTR, 256, "CAMELLIA-256-CTR", 16, @@ -683,29 +693,29 @@ static const cipher_info_t camellia_256_ctr_info = { 16, &camellia_info }; -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ -#if defined(POLARSSL_GCM_C) +#if defined(MBEDTLS_GCM_C) static int gcm_camellia_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - return gcm_init( (gcm_context *) ctx, POLARSSL_CIPHER_ID_CAMELLIA, - key, key_length ); + return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, + key, key_bitlen ); } -static const cipher_base_t gcm_camellia_info = { - POLARSSL_CIPHER_ID_CAMELLIA, +static const mbedtls_cipher_base_t gcm_camellia_info = { + MBEDTLS_CIPHER_ID_CAMELLIA, NULL, -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_STREAM) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif gcm_camellia_setkey_wrap, @@ -714,61 +724,61 @@ static const cipher_base_t gcm_camellia_info = { gcm_ctx_free, }; -static const cipher_info_t camellia_128_gcm_info = { - POLARSSL_CIPHER_CAMELLIA_128_GCM, - POLARSSL_MODE_GCM, +static const mbedtls_cipher_info_t camellia_128_gcm_info = { + MBEDTLS_CIPHER_CAMELLIA_128_GCM, + MBEDTLS_MODE_GCM, 128, "CAMELLIA-128-GCM", 12, - POLARSSL_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, &gcm_camellia_info }; -static const cipher_info_t camellia_192_gcm_info = { - POLARSSL_CIPHER_CAMELLIA_192_GCM, - POLARSSL_MODE_GCM, +static const mbedtls_cipher_info_t camellia_192_gcm_info = { + MBEDTLS_CIPHER_CAMELLIA_192_GCM, + MBEDTLS_MODE_GCM, 192, "CAMELLIA-192-GCM", 12, - POLARSSL_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, &gcm_camellia_info }; -static const cipher_info_t camellia_256_gcm_info = { - POLARSSL_CIPHER_CAMELLIA_256_GCM, - POLARSSL_MODE_GCM, +static const mbedtls_cipher_info_t camellia_256_gcm_info = { + MBEDTLS_CIPHER_CAMELLIA_256_GCM, + MBEDTLS_MODE_GCM, 256, "CAMELLIA-256-GCM", 12, - POLARSSL_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, &gcm_camellia_info }; -#endif /* POLARSSL_GCM_C */ +#endif /* MBEDTLS_GCM_C */ -#if defined(POLARSSL_CCM_C) +#if defined(MBEDTLS_CCM_C) static int ccm_camellia_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - return ccm_init( (ccm_context *) ctx, POLARSSL_CIPHER_ID_CAMELLIA, - key, key_length ); + return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, + key, key_bitlen ); } -static const cipher_base_t ccm_camellia_info = { - POLARSSL_CIPHER_ID_CAMELLIA, +static const mbedtls_cipher_base_t ccm_camellia_info = { + MBEDTLS_CIPHER_ID_CAMELLIA, NULL, -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_STREAM) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif ccm_camellia_setkey_wrap, @@ -777,174 +787,174 @@ static const cipher_base_t ccm_camellia_info = { ccm_ctx_free, }; -static const cipher_info_t camellia_128_ccm_info = { - POLARSSL_CIPHER_CAMELLIA_128_CCM, - POLARSSL_MODE_CCM, +static const mbedtls_cipher_info_t camellia_128_ccm_info = { + MBEDTLS_CIPHER_CAMELLIA_128_CCM, + MBEDTLS_MODE_CCM, 128, "CAMELLIA-128-CCM", 12, - POLARSSL_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, &ccm_camellia_info }; -static const cipher_info_t camellia_192_ccm_info = { - POLARSSL_CIPHER_CAMELLIA_192_CCM, - POLARSSL_MODE_CCM, +static const mbedtls_cipher_info_t camellia_192_ccm_info = { + MBEDTLS_CIPHER_CAMELLIA_192_CCM, + MBEDTLS_MODE_CCM, 192, "CAMELLIA-192-CCM", 12, - POLARSSL_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, &ccm_camellia_info }; -static const cipher_info_t camellia_256_ccm_info = { - POLARSSL_CIPHER_CAMELLIA_256_CCM, - POLARSSL_MODE_CCM, +static const mbedtls_cipher_info_t camellia_256_ccm_info = { + MBEDTLS_CIPHER_CAMELLIA_256_CCM, + MBEDTLS_MODE_CCM, 256, "CAMELLIA-256-CCM", 12, - POLARSSL_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, &ccm_camellia_info }; -#endif /* POLARSSL_CCM_C */ +#endif /* MBEDTLS_CCM_C */ -#endif /* POLARSSL_CAMELLIA_C */ +#endif /* MBEDTLS_CAMELLIA_C */ -#if defined(POLARSSL_DES_C) +#if defined(MBEDTLS_DES_C) -static int des_crypt_ecb_wrap( void *ctx, operation_t operation, +static int des_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, const unsigned char *input, unsigned char *output ) { ((void) operation); - return des_crypt_ecb( (des_context *) ctx, input, output ); + return mbedtls_des_crypt_ecb( (mbedtls_des_context *) ctx, input, output ); } -static int des3_crypt_ecb_wrap( void *ctx, operation_t operation, +static int des3_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, const unsigned char *input, unsigned char *output ) { ((void) operation); - return des3_crypt_ecb( (des3_context *) ctx, input, output ); + return mbedtls_des3_crypt_ecb( (mbedtls_des3_context *) ctx, input, output ); } -#if defined(POLARSSL_CIPHER_MODE_CBC) -static int des_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, +#if defined(MBEDTLS_CIPHER_MODE_CBC) +static int des_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { - return des_crypt_cbc( (des_context *) ctx, operation, length, iv, input, + return mbedtls_des_crypt_cbc( (mbedtls_des_context *) ctx, operation, length, iv, input, output ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CBC) -static int des3_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, +#if defined(MBEDTLS_CIPHER_MODE_CBC) +static int des3_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { - return des3_crypt_cbc( (des3_context *) ctx, operation, length, iv, input, + return mbedtls_des3_crypt_cbc( (mbedtls_des3_context *) ctx, operation, length, iv, input, output ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ static int des_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - ((void) key_length); + ((void) key_bitlen); - return des_setkey_dec( (des_context *) ctx, key ); + return mbedtls_des_setkey_dec( (mbedtls_des_context *) ctx, key ); } static int des_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - ((void) key_length); + ((void) key_bitlen); - return des_setkey_enc( (des_context *) ctx, key ); + return mbedtls_des_setkey_enc( (mbedtls_des_context *) ctx, key ); } static int des3_set2key_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - ((void) key_length); + ((void) key_bitlen); - return des3_set2key_dec( (des3_context *) ctx, key ); + return mbedtls_des3_set2key_dec( (mbedtls_des3_context *) ctx, key ); } static int des3_set2key_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - ((void) key_length); + ((void) key_bitlen); - return des3_set2key_enc( (des3_context *) ctx, key ); + return mbedtls_des3_set2key_enc( (mbedtls_des3_context *) ctx, key ); } static int des3_set3key_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - ((void) key_length); + ((void) key_bitlen); - return des3_set3key_dec( (des3_context *) ctx, key ); + return mbedtls_des3_set3key_dec( (mbedtls_des3_context *) ctx, key ); } static int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - ((void) key_length); + ((void) key_bitlen); - return des3_set3key_enc( (des3_context *) ctx, key ); + return mbedtls_des3_set3key_enc( (mbedtls_des3_context *) ctx, key ); } static void * des_ctx_alloc( void ) { - des_context *des = polarssl_malloc( sizeof( des_context ) ); + mbedtls_des_context *des = mbedtls_calloc( 1, sizeof( mbedtls_des_context ) ); if( des == NULL ) return( NULL ); - des_init( des ); + mbedtls_des_init( des ); return( des ); } static void des_ctx_free( void *ctx ) { - des_free( (des_context *) ctx ); - polarssl_free( ctx ); + mbedtls_des_free( (mbedtls_des_context *) ctx ); + mbedtls_free( ctx ); } static void * des3_ctx_alloc( void ) { - des3_context *des3; - des3 = polarssl_malloc( sizeof( des3_context ) ); + mbedtls_des3_context *des3; + des3 = mbedtls_calloc( 1, sizeof( mbedtls_des3_context ) ); if( des3 == NULL ) return( NULL ); - des3_init( des3 ); + mbedtls_des3_init( des3 ); return( des3 ); } static void des3_ctx_free( void *ctx ) { - des3_free( (des3_context *) ctx ); - polarssl_free( ctx ); + mbedtls_des3_free( (mbedtls_des3_context *) ctx ); + mbedtls_free( ctx ); } -static const cipher_base_t des_info = { - POLARSSL_CIPHER_ID_DES, +static const mbedtls_cipher_base_t des_info = { + MBEDTLS_CIPHER_ID_DES, des_crypt_ecb_wrap, -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) des_crypt_cbc_wrap, #endif -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_STREAM) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif des_setkey_enc_wrap, @@ -953,10 +963,10 @@ static const cipher_base_t des_info = { des_ctx_free }; -static const cipher_info_t des_ecb_info = { - POLARSSL_CIPHER_DES_ECB, - POLARSSL_MODE_ECB, - POLARSSL_KEY_LENGTH_DES, +static const mbedtls_cipher_info_t des_ecb_info = { + MBEDTLS_CIPHER_DES_ECB, + MBEDTLS_MODE_ECB, + MBEDTLS_KEY_LENGTH_DES, "DES-ECB", 8, 0, @@ -964,32 +974,32 @@ static const cipher_info_t des_ecb_info = { &des_info }; -#if defined(POLARSSL_CIPHER_MODE_CBC) -static const cipher_info_t des_cbc_info = { - POLARSSL_CIPHER_DES_CBC, - POLARSSL_MODE_CBC, - POLARSSL_KEY_LENGTH_DES, +#if defined(MBEDTLS_CIPHER_MODE_CBC) +static const mbedtls_cipher_info_t des_cbc_info = { + MBEDTLS_CIPHER_DES_CBC, + MBEDTLS_MODE_CBC, + MBEDTLS_KEY_LENGTH_DES, "DES-CBC", 8, 0, 8, &des_info }; -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -static const cipher_base_t des_ede_info = { - POLARSSL_CIPHER_ID_DES, +static const mbedtls_cipher_base_t des_ede_info = { + MBEDTLS_CIPHER_ID_DES, des3_crypt_ecb_wrap, -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) des3_crypt_cbc_wrap, #endif -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_STREAM) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif des3_set2key_enc_wrap, @@ -998,10 +1008,10 @@ static const cipher_base_t des_ede_info = { des3_ctx_free }; -static const cipher_info_t des_ede_ecb_info = { - POLARSSL_CIPHER_DES_EDE_ECB, - POLARSSL_MODE_ECB, - POLARSSL_KEY_LENGTH_DES_EDE, +static const mbedtls_cipher_info_t des_ede_ecb_info = { + MBEDTLS_CIPHER_DES_EDE_ECB, + MBEDTLS_MODE_ECB, + MBEDTLS_KEY_LENGTH_DES_EDE, "DES-EDE-ECB", 8, 0, @@ -1009,32 +1019,32 @@ static const cipher_info_t des_ede_ecb_info = { &des_ede_info }; -#if defined(POLARSSL_CIPHER_MODE_CBC) -static const cipher_info_t des_ede_cbc_info = { - POLARSSL_CIPHER_DES_EDE_CBC, - POLARSSL_MODE_CBC, - POLARSSL_KEY_LENGTH_DES_EDE, +#if defined(MBEDTLS_CIPHER_MODE_CBC) +static const mbedtls_cipher_info_t des_ede_cbc_info = { + MBEDTLS_CIPHER_DES_EDE_CBC, + MBEDTLS_MODE_CBC, + MBEDTLS_KEY_LENGTH_DES_EDE, "DES-EDE-CBC", 8, 0, 8, &des_ede_info }; -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -static const cipher_base_t des_ede3_info = { - POLARSSL_CIPHER_ID_DES, +static const mbedtls_cipher_base_t des_ede3_info = { + MBEDTLS_CIPHER_ID_3DES, des3_crypt_ecb_wrap, -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) des3_crypt_cbc_wrap, #endif -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_STREAM) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif des3_set3key_enc_wrap, @@ -1043,107 +1053,107 @@ static const cipher_base_t des_ede3_info = { des3_ctx_free }; -static const cipher_info_t des_ede3_ecb_info = { - POLARSSL_CIPHER_DES_EDE3_ECB, - POLARSSL_MODE_ECB, - POLARSSL_KEY_LENGTH_DES_EDE3, +static const mbedtls_cipher_info_t des_ede3_ecb_info = { + MBEDTLS_CIPHER_DES_EDE3_ECB, + MBEDTLS_MODE_ECB, + MBEDTLS_KEY_LENGTH_DES_EDE3, "DES-EDE3-ECB", 8, 0, 8, &des_ede3_info }; -#if defined(POLARSSL_CIPHER_MODE_CBC) -static const cipher_info_t des_ede3_cbc_info = { - POLARSSL_CIPHER_DES_EDE3_CBC, - POLARSSL_MODE_CBC, - POLARSSL_KEY_LENGTH_DES_EDE3, +#if defined(MBEDTLS_CIPHER_MODE_CBC) +static const mbedtls_cipher_info_t des_ede3_cbc_info = { + MBEDTLS_CIPHER_DES_EDE3_CBC, + MBEDTLS_MODE_CBC, + MBEDTLS_KEY_LENGTH_DES_EDE3, "DES-EDE3-CBC", 8, 0, 8, &des_ede3_info }; -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_DES_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ -#if defined(POLARSSL_BLOWFISH_C) +#if defined(MBEDTLS_BLOWFISH_C) -static int blowfish_crypt_ecb_wrap( void *ctx, operation_t operation, +static int blowfish_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, const unsigned char *input, unsigned char *output ) { - return blowfish_crypt_ecb( (blowfish_context *) ctx, operation, input, + return mbedtls_blowfish_crypt_ecb( (mbedtls_blowfish_context *) ctx, operation, input, output ); } -#if defined(POLARSSL_CIPHER_MODE_CBC) -static int blowfish_crypt_cbc_wrap( void *ctx, operation_t operation, +#if defined(MBEDTLS_CIPHER_MODE_CBC) +static int blowfish_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, unsigned char *iv, const unsigned char *input, unsigned char *output ) { - return blowfish_crypt_cbc( (blowfish_context *) ctx, operation, length, iv, + return mbedtls_blowfish_crypt_cbc( (mbedtls_blowfish_context *) ctx, operation, length, iv, input, output ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) -static int blowfish_crypt_cfb64_wrap( void *ctx, operation_t operation, +#if defined(MBEDTLS_CIPHER_MODE_CFB) +static int blowfish_crypt_cfb64_wrap( void *ctx, mbedtls_operation_t operation, size_t length, size_t *iv_off, unsigned char *iv, const unsigned char *input, unsigned char *output ) { - return blowfish_crypt_cfb64( (blowfish_context *) ctx, operation, length, + return mbedtls_blowfish_crypt_cfb64( (mbedtls_blowfish_context *) ctx, operation, length, iv_off, iv, input, output ); } -#endif /* POLARSSL_CIPHER_MODE_CFB */ +#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) static int blowfish_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter, unsigned char *stream_block, const unsigned char *input, unsigned char *output ) { - return blowfish_crypt_ctr( (blowfish_context *) ctx, length, nc_off, + return mbedtls_blowfish_crypt_ctr( (mbedtls_blowfish_context *) ctx, length, nc_off, nonce_counter, stream_block, input, output ); } -#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ static int blowfish_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - return blowfish_setkey( (blowfish_context *) ctx, key, key_length ); + return mbedtls_blowfish_setkey( (mbedtls_blowfish_context *) ctx, key, key_bitlen ); } static void * blowfish_ctx_alloc( void ) { - blowfish_context *ctx; - ctx = polarssl_malloc( sizeof( blowfish_context ) ); + mbedtls_blowfish_context *ctx; + ctx = mbedtls_calloc( 1, sizeof( mbedtls_blowfish_context ) ); if( ctx == NULL ) return( NULL ); - blowfish_init( ctx ); + mbedtls_blowfish_init( ctx ); return( ctx ); } static void blowfish_ctx_free( void *ctx ) { - blowfish_free( (blowfish_context *) ctx ); - polarssl_free( ctx ); + mbedtls_blowfish_free( (mbedtls_blowfish_context *) ctx ); + mbedtls_free( ctx ); } -static const cipher_base_t blowfish_info = { - POLARSSL_CIPHER_ID_BLOWFISH, +static const mbedtls_cipher_base_t blowfish_info = { + MBEDTLS_CIPHER_ID_BLOWFISH, blowfish_crypt_ecb_wrap, -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) blowfish_crypt_cbc_wrap, #endif -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) blowfish_crypt_cfb64_wrap, #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) blowfish_crypt_ctr_wrap, #endif -#if defined(POLARSSL_CIPHER_MODE_STREAM) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif blowfish_setkey_wrap, @@ -1152,108 +1162,108 @@ static const cipher_base_t blowfish_info = { blowfish_ctx_free }; -static const cipher_info_t blowfish_ecb_info = { - POLARSSL_CIPHER_BLOWFISH_ECB, - POLARSSL_MODE_ECB, +static const mbedtls_cipher_info_t blowfish_ecb_info = { + MBEDTLS_CIPHER_BLOWFISH_ECB, + MBEDTLS_MODE_ECB, 128, "BLOWFISH-ECB", 8, - POLARSSL_CIPHER_VARIABLE_KEY_LEN, + MBEDTLS_CIPHER_VARIABLE_KEY_LEN, 8, &blowfish_info }; -#if defined(POLARSSL_CIPHER_MODE_CBC) -static const cipher_info_t blowfish_cbc_info = { - POLARSSL_CIPHER_BLOWFISH_CBC, - POLARSSL_MODE_CBC, +#if defined(MBEDTLS_CIPHER_MODE_CBC) +static const mbedtls_cipher_info_t blowfish_cbc_info = { + MBEDTLS_CIPHER_BLOWFISH_CBC, + MBEDTLS_MODE_CBC, 128, "BLOWFISH-CBC", 8, - POLARSSL_CIPHER_VARIABLE_KEY_LEN, + MBEDTLS_CIPHER_VARIABLE_KEY_LEN, 8, &blowfish_info }; -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) -static const cipher_info_t blowfish_cfb64_info = { - POLARSSL_CIPHER_BLOWFISH_CFB64, - POLARSSL_MODE_CFB, +#if defined(MBEDTLS_CIPHER_MODE_CFB) +static const mbedtls_cipher_info_t blowfish_cfb64_info = { + MBEDTLS_CIPHER_BLOWFISH_CFB64, + MBEDTLS_MODE_CFB, 128, "BLOWFISH-CFB64", 8, - POLARSSL_CIPHER_VARIABLE_KEY_LEN, + MBEDTLS_CIPHER_VARIABLE_KEY_LEN, 8, &blowfish_info }; -#endif /* POLARSSL_CIPHER_MODE_CFB */ +#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) -static const cipher_info_t blowfish_ctr_info = { - POLARSSL_CIPHER_BLOWFISH_CTR, - POLARSSL_MODE_CTR, +#if defined(MBEDTLS_CIPHER_MODE_CTR) +static const mbedtls_cipher_info_t blowfish_ctr_info = { + MBEDTLS_CIPHER_BLOWFISH_CTR, + MBEDTLS_MODE_CTR, 128, "BLOWFISH-CTR", 8, - POLARSSL_CIPHER_VARIABLE_KEY_LEN, + MBEDTLS_CIPHER_VARIABLE_KEY_LEN, 8, &blowfish_info }; -#endif /* POLARSSL_CIPHER_MODE_CTR */ -#endif /* POLARSSL_BLOWFISH_C */ +#endif /* MBEDTLS_CIPHER_MODE_CTR */ +#endif /* MBEDTLS_BLOWFISH_C */ -#if defined(POLARSSL_ARC4_C) +#if defined(MBEDTLS_ARC4_C) static int arc4_crypt_stream_wrap( void *ctx, size_t length, const unsigned char *input, unsigned char *output ) { - return( arc4_crypt( (arc4_context *) ctx, length, input, output ) ); + return( mbedtls_arc4_crypt( (mbedtls_arc4_context *) ctx, length, input, output ) ); } static int arc4_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { - /* we get key_length in bits, arc4 expects it in bytes */ - if( key_length % 8 != 0 ) - return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); + /* we get key_bitlen in bits, arc4 expects it in bytes */ + if( key_bitlen % 8 != 0 ) + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - arc4_setup( (arc4_context *) ctx, key, key_length / 8 ); + mbedtls_arc4_setup( (mbedtls_arc4_context *) ctx, key, key_bitlen / 8 ); return( 0 ); } static void * arc4_ctx_alloc( void ) { - arc4_context *ctx; - ctx = polarssl_malloc( sizeof( arc4_context ) ); + mbedtls_arc4_context *ctx; + ctx = mbedtls_calloc( 1, sizeof( mbedtls_arc4_context ) ); if( ctx == NULL ) return( NULL ); - arc4_init( ctx ); + mbedtls_arc4_init( ctx ); return( ctx ); } static void arc4_ctx_free( void *ctx ) { - arc4_free( (arc4_context *) ctx ); - polarssl_free( ctx ); + mbedtls_arc4_free( (mbedtls_arc4_context *) ctx ); + mbedtls_free( ctx ); } -static const cipher_base_t arc4_base_info = { - POLARSSL_CIPHER_ID_ARC4, +static const mbedtls_cipher_base_t arc4_base_info = { + MBEDTLS_CIPHER_ID_ARC4, NULL, -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_STREAM) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) arc4_crypt_stream_wrap, #endif arc4_setkey_wrap, @@ -1262,9 +1272,9 @@ static const cipher_base_t arc4_base_info = { arc4_ctx_free }; -static const cipher_info_t arc4_128_info = { - POLARSSL_CIPHER_ARC4_128, - POLARSSL_MODE_STREAM, +static const mbedtls_cipher_info_t arc4_128_info = { + MBEDTLS_CIPHER_ARC4_128, + MBEDTLS_MODE_STREAM, 128, "ARC4-128", 0, @@ -1272,9 +1282,9 @@ static const cipher_info_t arc4_128_info = { 1, &arc4_base_info }; -#endif /* POLARSSL_ARC4_C */ +#endif /* MBEDTLS_ARC4_C */ -#if defined(POLARSSL_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) static int null_crypt_stream( void *ctx, size_t length, const unsigned char *input, unsigned char *output ) @@ -1285,11 +1295,11 @@ static int null_crypt_stream( void *ctx, size_t length, } static int null_setkey( void *ctx, const unsigned char *key, - unsigned int key_length ) + unsigned int key_bitlen ) { ((void) ctx); ((void) key); - ((void) key_length); + ((void) key_bitlen); return( 0 ); } @@ -1304,19 +1314,19 @@ static void null_ctx_free( void *ctx ) ((void) ctx); } -static const cipher_base_t null_base_info = { - POLARSSL_CIPHER_ID_NULL, +static const mbedtls_cipher_base_t null_base_info = { + MBEDTLS_CIPHER_ID_NULL, NULL, -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CFB) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_CTR) +#if defined(MBEDTLS_CIPHER_MODE_CTR) NULL, #endif -#if defined(POLARSSL_CIPHER_MODE_STREAM) +#if defined(MBEDTLS_CIPHER_MODE_STREAM) null_crypt_stream, #endif null_setkey, @@ -1325,9 +1335,9 @@ static const cipher_base_t null_base_info = { null_ctx_free }; -static const cipher_info_t null_cipher_info = { - POLARSSL_CIPHER_NULL, - POLARSSL_MODE_STREAM, +static const mbedtls_cipher_info_t null_cipher_info = { + MBEDTLS_CIPHER_NULL, + MBEDTLS_MODE_STREAM, 0, "NULL", 0, @@ -1335,108 +1345,108 @@ static const cipher_info_t null_cipher_info = { 1, &null_base_info }; -#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ +#endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */ -const cipher_definition_t cipher_definitions[] = +const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { -#if defined(POLARSSL_AES_C) - { POLARSSL_CIPHER_AES_128_ECB, &aes_128_ecb_info }, - { POLARSSL_CIPHER_AES_192_ECB, &aes_192_ecb_info }, - { POLARSSL_CIPHER_AES_256_ECB, &aes_256_ecb_info }, -#if defined(POLARSSL_CIPHER_MODE_CBC) - { POLARSSL_CIPHER_AES_128_CBC, &aes_128_cbc_info }, - { POLARSSL_CIPHER_AES_192_CBC, &aes_192_cbc_info }, - { POLARSSL_CIPHER_AES_256_CBC, &aes_256_cbc_info }, -#endif -#if defined(POLARSSL_CIPHER_MODE_CFB) - { POLARSSL_CIPHER_AES_128_CFB128, &aes_128_cfb128_info }, - { POLARSSL_CIPHER_AES_192_CFB128, &aes_192_cfb128_info }, - { POLARSSL_CIPHER_AES_256_CFB128, &aes_256_cfb128_info }, -#endif -#if defined(POLARSSL_CIPHER_MODE_CTR) - { POLARSSL_CIPHER_AES_128_CTR, &aes_128_ctr_info }, - { POLARSSL_CIPHER_AES_192_CTR, &aes_192_ctr_info }, - { POLARSSL_CIPHER_AES_256_CTR, &aes_256_ctr_info }, -#endif -#if defined(POLARSSL_GCM_C) - { POLARSSL_CIPHER_AES_128_GCM, &aes_128_gcm_info }, - { POLARSSL_CIPHER_AES_192_GCM, &aes_192_gcm_info }, - { POLARSSL_CIPHER_AES_256_GCM, &aes_256_gcm_info }, -#endif -#if defined(POLARSSL_CCM_C) - { POLARSSL_CIPHER_AES_128_CCM, &aes_128_ccm_info }, - { POLARSSL_CIPHER_AES_192_CCM, &aes_192_ccm_info }, - { POLARSSL_CIPHER_AES_256_CCM, &aes_256_ccm_info }, -#endif -#endif /* POLARSSL_AES_C */ - -#if defined(POLARSSL_ARC4_C) - { POLARSSL_CIPHER_ARC4_128, &arc4_128_info }, -#endif - -#if defined(POLARSSL_BLOWFISH_C) - { POLARSSL_CIPHER_BLOWFISH_ECB, &blowfish_ecb_info }, -#if defined(POLARSSL_CIPHER_MODE_CBC) - { POLARSSL_CIPHER_BLOWFISH_CBC, &blowfish_cbc_info }, -#endif -#if defined(POLARSSL_CIPHER_MODE_CFB) - { POLARSSL_CIPHER_BLOWFISH_CFB64, &blowfish_cfb64_info }, -#endif -#if defined(POLARSSL_CIPHER_MODE_CTR) - { POLARSSL_CIPHER_BLOWFISH_CTR, &blowfish_ctr_info }, -#endif -#endif /* POLARSSL_BLOWFISH_C */ - -#if defined(POLARSSL_CAMELLIA_C) - { POLARSSL_CIPHER_CAMELLIA_128_ECB, &camellia_128_ecb_info }, - { POLARSSL_CIPHER_CAMELLIA_192_ECB, &camellia_192_ecb_info }, - { POLARSSL_CIPHER_CAMELLIA_256_ECB, &camellia_256_ecb_info }, -#if defined(POLARSSL_CIPHER_MODE_CBC) - { POLARSSL_CIPHER_CAMELLIA_128_CBC, &camellia_128_cbc_info }, - { POLARSSL_CIPHER_CAMELLIA_192_CBC, &camellia_192_cbc_info }, - { POLARSSL_CIPHER_CAMELLIA_256_CBC, &camellia_256_cbc_info }, -#endif -#if defined(POLARSSL_CIPHER_MODE_CFB) - { POLARSSL_CIPHER_CAMELLIA_128_CFB128, &camellia_128_cfb128_info }, - { POLARSSL_CIPHER_CAMELLIA_192_CFB128, &camellia_192_cfb128_info }, - { POLARSSL_CIPHER_CAMELLIA_256_CFB128, &camellia_256_cfb128_info }, -#endif -#if defined(POLARSSL_CIPHER_MODE_CTR) - { POLARSSL_CIPHER_CAMELLIA_128_CTR, &camellia_128_ctr_info }, - { POLARSSL_CIPHER_CAMELLIA_192_CTR, &camellia_192_ctr_info }, - { POLARSSL_CIPHER_CAMELLIA_256_CTR, &camellia_256_ctr_info }, -#endif -#if defined(POLARSSL_GCM_C) - { POLARSSL_CIPHER_CAMELLIA_128_GCM, &camellia_128_gcm_info }, - { POLARSSL_CIPHER_CAMELLIA_192_GCM, &camellia_192_gcm_info }, - { POLARSSL_CIPHER_CAMELLIA_256_GCM, &camellia_256_gcm_info }, -#endif -#if defined(POLARSSL_CCM_C) - { POLARSSL_CIPHER_CAMELLIA_128_CCM, &camellia_128_ccm_info }, - { POLARSSL_CIPHER_CAMELLIA_192_CCM, &camellia_192_ccm_info }, - { POLARSSL_CIPHER_CAMELLIA_256_CCM, &camellia_256_ccm_info }, -#endif -#endif /* POLARSSL_CAMELLIA_C */ - -#if defined(POLARSSL_DES_C) - { POLARSSL_CIPHER_DES_ECB, &des_ecb_info }, - { POLARSSL_CIPHER_DES_EDE_ECB, &des_ede_ecb_info }, - { POLARSSL_CIPHER_DES_EDE3_ECB, &des_ede3_ecb_info }, -#if defined(POLARSSL_CIPHER_MODE_CBC) - { POLARSSL_CIPHER_DES_CBC, &des_cbc_info }, - { POLARSSL_CIPHER_DES_EDE_CBC, &des_ede_cbc_info }, - { POLARSSL_CIPHER_DES_EDE3_CBC, &des_ede3_cbc_info }, -#endif -#endif /* POLARSSL_DES_C */ - -#if defined(POLARSSL_CIPHER_NULL_CIPHER) - { POLARSSL_CIPHER_NULL, &null_cipher_info }, -#endif /* POLARSSL_CIPHER_NULL_CIPHER */ - - { POLARSSL_CIPHER_NONE, NULL } +#if defined(MBEDTLS_AES_C) + { MBEDTLS_CIPHER_AES_128_ECB, &aes_128_ecb_info }, + { MBEDTLS_CIPHER_AES_192_ECB, &aes_192_ecb_info }, + { MBEDTLS_CIPHER_AES_256_ECB, &aes_256_ecb_info }, +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_CIPHER_AES_128_CBC, &aes_128_cbc_info }, + { MBEDTLS_CIPHER_AES_192_CBC, &aes_192_cbc_info }, + { MBEDTLS_CIPHER_AES_256_CBC, &aes_256_cbc_info }, +#endif +#if defined(MBEDTLS_CIPHER_MODE_CFB) + { MBEDTLS_CIPHER_AES_128_CFB128, &aes_128_cfb128_info }, + { MBEDTLS_CIPHER_AES_192_CFB128, &aes_192_cfb128_info }, + { MBEDTLS_CIPHER_AES_256_CFB128, &aes_256_cfb128_info }, +#endif +#if defined(MBEDTLS_CIPHER_MODE_CTR) + { MBEDTLS_CIPHER_AES_128_CTR, &aes_128_ctr_info }, + { MBEDTLS_CIPHER_AES_192_CTR, &aes_192_ctr_info }, + { MBEDTLS_CIPHER_AES_256_CTR, &aes_256_ctr_info }, +#endif +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_CIPHER_AES_128_GCM, &aes_128_gcm_info }, + { MBEDTLS_CIPHER_AES_192_GCM, &aes_192_gcm_info }, + { MBEDTLS_CIPHER_AES_256_GCM, &aes_256_gcm_info }, +#endif +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_CIPHER_AES_128_CCM, &aes_128_ccm_info }, + { MBEDTLS_CIPHER_AES_192_CCM, &aes_192_ccm_info }, + { MBEDTLS_CIPHER_AES_256_CCM, &aes_256_ccm_info }, +#endif +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_ARC4_C) + { MBEDTLS_CIPHER_ARC4_128, &arc4_128_info }, +#endif + +#if defined(MBEDTLS_BLOWFISH_C) + { MBEDTLS_CIPHER_BLOWFISH_ECB, &blowfish_ecb_info }, +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_CIPHER_BLOWFISH_CBC, &blowfish_cbc_info }, +#endif +#if defined(MBEDTLS_CIPHER_MODE_CFB) + { MBEDTLS_CIPHER_BLOWFISH_CFB64, &blowfish_cfb64_info }, +#endif +#if defined(MBEDTLS_CIPHER_MODE_CTR) + { MBEDTLS_CIPHER_BLOWFISH_CTR, &blowfish_ctr_info }, +#endif +#endif /* MBEDTLS_BLOWFISH_C */ + +#if defined(MBEDTLS_CAMELLIA_C) + { MBEDTLS_CIPHER_CAMELLIA_128_ECB, &camellia_128_ecb_info }, + { MBEDTLS_CIPHER_CAMELLIA_192_ECB, &camellia_192_ecb_info }, + { MBEDTLS_CIPHER_CAMELLIA_256_ECB, &camellia_256_ecb_info }, +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_CIPHER_CAMELLIA_128_CBC, &camellia_128_cbc_info }, + { MBEDTLS_CIPHER_CAMELLIA_192_CBC, &camellia_192_cbc_info }, + { MBEDTLS_CIPHER_CAMELLIA_256_CBC, &camellia_256_cbc_info }, +#endif +#if defined(MBEDTLS_CIPHER_MODE_CFB) + { MBEDTLS_CIPHER_CAMELLIA_128_CFB128, &camellia_128_cfb128_info }, + { MBEDTLS_CIPHER_CAMELLIA_192_CFB128, &camellia_192_cfb128_info }, + { MBEDTLS_CIPHER_CAMELLIA_256_CFB128, &camellia_256_cfb128_info }, +#endif +#if defined(MBEDTLS_CIPHER_MODE_CTR) + { MBEDTLS_CIPHER_CAMELLIA_128_CTR, &camellia_128_ctr_info }, + { MBEDTLS_CIPHER_CAMELLIA_192_CTR, &camellia_192_ctr_info }, + { MBEDTLS_CIPHER_CAMELLIA_256_CTR, &camellia_256_ctr_info }, +#endif +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_CIPHER_CAMELLIA_128_GCM, &camellia_128_gcm_info }, + { MBEDTLS_CIPHER_CAMELLIA_192_GCM, &camellia_192_gcm_info }, + { MBEDTLS_CIPHER_CAMELLIA_256_GCM, &camellia_256_gcm_info }, +#endif +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_CIPHER_CAMELLIA_128_CCM, &camellia_128_ccm_info }, + { MBEDTLS_CIPHER_CAMELLIA_192_CCM, &camellia_192_ccm_info }, + { MBEDTLS_CIPHER_CAMELLIA_256_CCM, &camellia_256_ccm_info }, +#endif +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) + { MBEDTLS_CIPHER_DES_ECB, &des_ecb_info }, + { MBEDTLS_CIPHER_DES_EDE_ECB, &des_ede_ecb_info }, + { MBEDTLS_CIPHER_DES_EDE3_ECB, &des_ede3_ecb_info }, +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_CIPHER_DES_CBC, &des_cbc_info }, + { MBEDTLS_CIPHER_DES_EDE_CBC, &des_ede_cbc_info }, + { MBEDTLS_CIPHER_DES_EDE3_CBC, &des_ede3_cbc_info }, +#endif +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) + { MBEDTLS_CIPHER_NULL, &null_cipher_info }, +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ + + { MBEDTLS_CIPHER_NONE, NULL } }; -#define NUM_CIPHERS sizeof cipher_definitions / sizeof cipher_definitions[0] -int supported_ciphers[NUM_CIPHERS]; +#define NUM_CIPHERS sizeof mbedtls_cipher_definitions / sizeof mbedtls_cipher_definitions[0] +int mbedtls_cipher_supported[NUM_CIPHERS]; -#endif /* POLARSSL_CIPHER_C */ +#endif /* MBEDTLS_CIPHER_C */ diff --git a/ext/mbedtls/library/ctr_drbg.c b/ext/mbedtls/library/ctr_drbg.c index 24adff08f9..00b50d26bc 100644 --- a/ext/mbedtls/library/ctr_drbg.c +++ b/ext/mbedtls/library/ctr_drbg.c @@ -25,42 +25,54 @@ * http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_CTR_DRBG_C) +#if defined(MBEDTLS_CTR_DRBG_C) -#include "polarssl/ctr_drbg.h" +#include "mbedtls/ctr_drbg.h" #include -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) #include #endif -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } +/* + * CTR_DRBG context initialization + */ +void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_ctr_drbg_context ) ); + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &ctx->mutex ); +#endif +} + /* * Non-public function wrapped by ctr_crbg_init(). Necessary to allow NIST * tests to succeed (which require known length fixed entropy) */ -int ctr_drbg_init_entropy_len( - ctr_drbg_context *ctx, +int mbedtls_ctr_drbg_seed_entropy_len( + mbedtls_ctr_drbg_context *ctx, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, @@ -68,60 +80,62 @@ int ctr_drbg_init_entropy_len( size_t entropy_len ) { int ret; - unsigned char key[CTR_DRBG_KEYSIZE]; + unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; - memset( ctx, 0, sizeof(ctr_drbg_context) ); - memset( key, 0, CTR_DRBG_KEYSIZE ); + memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE ); - aes_init( &ctx->aes_ctx ); + mbedtls_aes_init( &ctx->aes_ctx ); ctx->f_entropy = f_entropy; ctx->p_entropy = p_entropy; ctx->entropy_len = entropy_len; - ctx->reseed_interval = CTR_DRBG_RESEED_INTERVAL; + ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL; /* * Initialize with an empty key */ - aes_setkey_enc( &ctx->aes_ctx, key, CTR_DRBG_KEYBITS ); + mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ); - if( ( ret = ctr_drbg_reseed( ctx, custom, len ) ) != 0 ) + if( ( ret = mbedtls_ctr_drbg_reseed( ctx, custom, len ) ) != 0 ) return( ret ); return( 0 ); } -int ctr_drbg_init( ctr_drbg_context *ctx, +int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len ) { - return( ctr_drbg_init_entropy_len( ctx, f_entropy, p_entropy, custom, len, - CTR_DRBG_ENTROPY_LEN ) ); + return( mbedtls_ctr_drbg_seed_entropy_len( ctx, f_entropy, p_entropy, custom, len, + MBEDTLS_CTR_DRBG_ENTROPY_LEN ) ); } -void ctr_drbg_free( ctr_drbg_context *ctx ) +void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ) { if( ctx == NULL ) return; - aes_free( &ctx->aes_ctx ); - polarssl_zeroize( ctx, sizeof( ctr_drbg_context ) ); +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_free( &ctx->mutex ); +#endif + mbedtls_aes_free( &ctx->aes_ctx ); + mbedtls_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) ); } -void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx, int resistance ) +void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, int resistance ) { ctx->prediction_resistance = resistance; } -void ctr_drbg_set_entropy_len( ctr_drbg_context *ctx, size_t len ) +void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, size_t len ) { ctx->entropy_len = len; } -void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, int interval ) +void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, int interval ) { ctx->reseed_interval = interval; } @@ -129,21 +143,21 @@ void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, int interval ) static int block_cipher_df( unsigned char *output, const unsigned char *data, size_t data_len ) { - unsigned char buf[CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16]; - unsigned char tmp[CTR_DRBG_SEEDLEN]; - unsigned char key[CTR_DRBG_KEYSIZE]; - unsigned char chain[CTR_DRBG_BLOCKSIZE]; + unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16]; + unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN]; + unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; + unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE]; unsigned char *p, *iv; - aes_context aes_ctx; + mbedtls_aes_context aes_ctx; int i, j; size_t buf_len, use_len; - if( data_len > CTR_DRBG_MAX_SEED_INPUT ) - return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if( data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) + return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - memset( buf, 0, CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16 ); - aes_init( &aes_ctx ); + memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 ); + mbedtls_aes_init( &aes_ctx ); /* * Construct IV (16 bytes) and S in buffer @@ -152,44 +166,44 @@ static int block_cipher_df( unsigned char *output, * data || 0x80 * (Total is padded to a multiple of 16-bytes with zeroes) */ - p = buf + CTR_DRBG_BLOCKSIZE; + p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; *p++ = ( data_len >> 24 ) & 0xff; *p++ = ( data_len >> 16 ) & 0xff; *p++ = ( data_len >> 8 ) & 0xff; *p++ = ( data_len ) & 0xff; p += 3; - *p++ = CTR_DRBG_SEEDLEN; + *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; memcpy( p, data, data_len ); p[data_len] = 0x80; - buf_len = CTR_DRBG_BLOCKSIZE + 8 + data_len + 1; + buf_len = MBEDTLS_CTR_DRBG_BLOCKSIZE + 8 + data_len + 1; - for( i = 0; i < CTR_DRBG_KEYSIZE; i++ ) + for( i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++ ) key[i] = i; - aes_setkey_enc( &aes_ctx, key, CTR_DRBG_KEYBITS ); + mbedtls_aes_setkey_enc( &aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ); /* - * Reduce data to POLARSSL_CTR_DRBG_SEEDLEN bytes of data + * Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data */ - for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE ) + for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) { p = buf; - memset( chain, 0, CTR_DRBG_BLOCKSIZE ); + memset( chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE ); use_len = buf_len; while( use_len > 0 ) { - for( i = 0; i < CTR_DRBG_BLOCKSIZE; i++ ) + for( i = 0; i < MBEDTLS_CTR_DRBG_BLOCKSIZE; i++ ) chain[i] ^= p[i]; - p += CTR_DRBG_BLOCKSIZE; - use_len -= ( use_len >= CTR_DRBG_BLOCKSIZE ) ? - CTR_DRBG_BLOCKSIZE : use_len; + p += MBEDTLS_CTR_DRBG_BLOCKSIZE; + use_len -= ( use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? + MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len; - aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, chain, chain ); + mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, chain, chain ); } - memcpy( tmp + j, chain, CTR_DRBG_BLOCKSIZE ); + memcpy( tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE ); /* * Update IV @@ -200,87 +214,87 @@ static int block_cipher_df( unsigned char *output, /* * Do final encryption with reduced data */ - aes_setkey_enc( &aes_ctx, tmp, CTR_DRBG_KEYBITS ); - iv = tmp + CTR_DRBG_KEYSIZE; + mbedtls_aes_setkey_enc( &aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ); + iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE; p = output; - for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE ) + for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) { - aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, iv, iv ); - memcpy( p, iv, CTR_DRBG_BLOCKSIZE ); - p += CTR_DRBG_BLOCKSIZE; + mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); + memcpy( p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE ); + p += MBEDTLS_CTR_DRBG_BLOCKSIZE; } - aes_free( &aes_ctx ); + mbedtls_aes_free( &aes_ctx ); return( 0 ); } -static int ctr_drbg_update_internal( ctr_drbg_context *ctx, - const unsigned char data[CTR_DRBG_SEEDLEN] ) +static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx, + const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] ) { - unsigned char tmp[CTR_DRBG_SEEDLEN]; + unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN]; unsigned char *p = tmp; int i, j; - memset( tmp, 0, CTR_DRBG_SEEDLEN ); + memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN ); - for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE ) + for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) { /* * Increase counter */ - for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- ) + for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- ) if( ++ctx->counter[i - 1] != 0 ) break; /* * Crypt counter block */ - aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, ctx->counter, p ); + mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p ); - p += CTR_DRBG_BLOCKSIZE; + p += MBEDTLS_CTR_DRBG_BLOCKSIZE; } - for( i = 0; i < CTR_DRBG_SEEDLEN; i++ ) + for( i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++ ) tmp[i] ^= data[i]; /* * Update key and counter */ - aes_setkey_enc( &ctx->aes_ctx, tmp, CTR_DRBG_KEYBITS ); - memcpy( ctx->counter, tmp + CTR_DRBG_KEYSIZE, CTR_DRBG_BLOCKSIZE ); + mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ); + memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE ); return( 0 ); } -void ctr_drbg_update( ctr_drbg_context *ctx, +void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len ) { - unsigned char add_input[CTR_DRBG_SEEDLEN]; + unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN]; if( add_len > 0 ) { /* MAX_INPUT would be more logical here, but we have to match * block_cipher_df()'s limits since we can't propagate errors */ - if( add_len > CTR_DRBG_MAX_SEED_INPUT ) - add_len = CTR_DRBG_MAX_SEED_INPUT; + if( add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) + add_len = MBEDTLS_CTR_DRBG_MAX_SEED_INPUT; block_cipher_df( add_input, additional, add_len ); ctr_drbg_update_internal( ctx, add_input ); } } -int ctr_drbg_reseed( ctr_drbg_context *ctx, +int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t len ) { - unsigned char seed[CTR_DRBG_MAX_SEED_INPUT]; + unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT]; size_t seedlen = 0; - if( ctx->entropy_len + len > CTR_DRBG_MAX_SEED_INPUT ) - return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if( ctx->entropy_len + len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) + return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - memset( seed, 0, CTR_DRBG_MAX_SEED_INPUT ); + memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ); /* * Gather entropy_len bytes of entropy to seed state @@ -288,7 +302,7 @@ int ctr_drbg_reseed( ctr_drbg_context *ctx, if( 0 != ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) ) { - return( POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); + return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); } seedlen += ctx->entropy_len; @@ -316,30 +330,30 @@ int ctr_drbg_reseed( ctr_drbg_context *ctx, return( 0 ); } -int ctr_drbg_random_with_add( void *p_rng, +int mbedtls_ctr_drbg_random_with_add( void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len ) { int ret = 0; - ctr_drbg_context *ctx = (ctr_drbg_context *) p_rng; - unsigned char add_input[CTR_DRBG_SEEDLEN]; + mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng; + unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN]; unsigned char *p = output; - unsigned char tmp[CTR_DRBG_BLOCKSIZE]; + unsigned char tmp[MBEDTLS_CTR_DRBG_BLOCKSIZE]; int i; size_t use_len; - if( output_len > CTR_DRBG_MAX_REQUEST ) - return( POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG ); + if( output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST ) + return( MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG ); - if( add_len > CTR_DRBG_MAX_INPUT ) - return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if( add_len > MBEDTLS_CTR_DRBG_MAX_INPUT ) + return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - memset( add_input, 0, CTR_DRBG_SEEDLEN ); + memset( add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN ); if( ctx->reseed_counter > ctx->reseed_interval || ctx->prediction_resistance ) { - if( ( ret = ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 ) + if( ( ret = mbedtls_ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 ) return( ret ); add_len = 0; @@ -356,16 +370,16 @@ int ctr_drbg_random_with_add( void *p_rng, /* * Increase counter */ - for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- ) + for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- ) if( ++ctx->counter[i - 1] != 0 ) break; /* * Crypt counter block */ - aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, ctx->counter, tmp ); + mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp ); - use_len = ( output_len > CTR_DRBG_BLOCKSIZE ) ? CTR_DRBG_BLOCKSIZE : + use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? MBEDTLS_CTR_DRBG_BLOCKSIZE : output_len; /* * Copy random block to destination @@ -382,27 +396,42 @@ int ctr_drbg_random_with_add( void *p_rng, return( 0 ); } -int ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len ) +int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len ) { - return ctr_drbg_random_with_add( p_rng, output, output_len, NULL, 0 ); + int ret; + mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng; + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( ret ); +#endif + + ret = mbedtls_ctr_drbg_random_with_add( ctx, output, output_len, NULL, 0 ); + +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif + + return( ret ); } -#if defined(POLARSSL_FS_IO) -int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path ) +#if defined(MBEDTLS_FS_IO) +int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ) { - int ret = POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR; + int ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; FILE *f; - unsigned char buf[ CTR_DRBG_MAX_INPUT ]; + unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ]; if( ( f = fopen( path, "wb" ) ) == NULL ) - return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR ); + return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR ); - if( ( ret = ctr_drbg_random( ctx, buf, CTR_DRBG_MAX_INPUT ) ) != 0 ) + if( ( ret = mbedtls_ctr_drbg_random( ctx, buf, MBEDTLS_CTR_DRBG_MAX_INPUT ) ) != 0 ) goto exit; - if( fwrite( buf, 1, CTR_DRBG_MAX_INPUT, f ) != CTR_DRBG_MAX_INPUT ) + if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != MBEDTLS_CTR_DRBG_MAX_INPUT ) { - ret = POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR; + ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; goto exit; } @@ -413,40 +442,40 @@ exit: return( ret ); } -int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path ) +int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ) { FILE *f; size_t n; - unsigned char buf[ CTR_DRBG_MAX_INPUT ]; + unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ]; if( ( f = fopen( path, "rb" ) ) == NULL ) - return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR ); + return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR ); fseek( f, 0, SEEK_END ); n = (size_t) ftell( f ); fseek( f, 0, SEEK_SET ); - if( n > CTR_DRBG_MAX_INPUT ) + if( n > MBEDTLS_CTR_DRBG_MAX_INPUT ) { fclose( f ); - return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG ); + return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); } if( fread( buf, 1, n, f ) != n ) { fclose( f ); - return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR ); + return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR ); } fclose( f ); - ctr_drbg_update( ctx, buf, n ); + mbedtls_ctr_drbg_update( ctx, buf, n ); - return( ctr_drbg_write_seed_file( ctx, path ) ); + return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) ); } -#endif /* POLARSSL_FS_IO */ +#endif /* MBEDTLS_FS_IO */ -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) static const unsigned char entropy_source_pr[96] = { 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16, @@ -501,57 +530,65 @@ static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf, #define CHK( c ) if( (c) != 0 ) \ { \ if( verbose != 0 ) \ - polarssl_printf( "failed\n" ); \ + mbedtls_printf( "failed\n" ); \ return( 1 ); \ } /* * Checkup routine */ -int ctr_drbg_self_test( int verbose ) +int mbedtls_ctr_drbg_self_test( int verbose ) { - ctr_drbg_context ctx; + mbedtls_ctr_drbg_context ctx; unsigned char buf[16]; + mbedtls_ctr_drbg_init( &ctx ); + /* * Based on a NIST CTR_DRBG test vector (PR = True) */ if( verbose != 0 ) - polarssl_printf( " CTR_DRBG (PR = TRUE) : " ); + mbedtls_printf( " CTR_DRBG (PR = TRUE) : " ); test_offset = 0; - CHK( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy, + CHK( mbedtls_ctr_drbg_seed_entropy_len( &ctx, ctr_drbg_self_test_entropy, (void *) entropy_source_pr, nonce_pers_pr, 16, 32 ) ); - ctr_drbg_set_prediction_resistance( &ctx, CTR_DRBG_PR_ON ); - CHK( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) ); - CHK( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) ); - CHK( memcmp( buf, result_pr, CTR_DRBG_BLOCKSIZE ) ); + mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON ); + CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) ); + CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) ); + CHK( memcmp( buf, result_pr, MBEDTLS_CTR_DRBG_BLOCKSIZE ) ); + + mbedtls_ctr_drbg_free( &ctx ); if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); /* * Based on a NIST CTR_DRBG test vector (PR = FALSE) */ if( verbose != 0 ) - polarssl_printf( " CTR_DRBG (PR = FALSE): " ); + mbedtls_printf( " CTR_DRBG (PR = FALSE): " ); + + mbedtls_ctr_drbg_init( &ctx ); test_offset = 0; - CHK( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy, + CHK( mbedtls_ctr_drbg_seed_entropy_len( &ctx, ctr_drbg_self_test_entropy, (void *) entropy_source_nopr, nonce_pers_nopr, 16, 32 ) ); - CHK( ctr_drbg_random( &ctx, buf, 16 ) ); - CHK( ctr_drbg_reseed( &ctx, NULL, 0 ) ); - CHK( ctr_drbg_random( &ctx, buf, 16 ) ); + CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) ); + CHK( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) ); + CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) ); CHK( memcmp( buf, result_nopr, 16 ) ); + mbedtls_ctr_drbg_free( &ctx ); + if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); return( 0 ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_CTR_DRBG_C */ +#endif /* MBEDTLS_CTR_DRBG_C */ diff --git a/ext/mbedtls/library/debug.c b/ext/mbedtls/library/debug.c index 9adcf07bef..2a559b54bd 100644 --- a/ext/mbedtls/library/debug.c +++ b/ext/mbedtls/library/debug.c @@ -20,144 +20,113 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_DEBUG_C) +#if defined(MBEDTLS_DEBUG_C) -#include "polarssl/debug.h" +#include "mbedtls/debug.h" #include #include #include -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#if !defined snprintf -#define snprintf _snprintf -#endif - -#if !defined vsnprintf -#define vsnprintf _vsnprintf -#endif -#endif /* _MSC_VER */ - -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else -#define polarssl_snprintf snprintf -#define polarssl_malloc malloc -#define polarssl_free free +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#define mbedtls_snprintf snprintf #endif -#define DEBUG_BUF_SIZE 512 +#define DEBUG_BUF_SIZE 512 -static int debug_log_mode = POLARSSL_DEBUG_DFL_MODE; static int debug_threshold = 0; -void debug_set_log_mode( int log_mode ) -{ - debug_log_mode = log_mode; -} - -void debug_set_threshold( int threshold ) +void mbedtls_debug_set_threshold( int threshold ) { debug_threshold = threshold; } -char *debug_fmt( const char *format, ... ) +void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *format, ... ) { va_list argp; -#if defined(POLARSSL_THREADING_C) - char *str = polarssl_malloc( DEBUG_BUF_SIZE ); + char str[DEBUG_BUF_SIZE]; + int ret; - if( str == NULL ) - return( NULL ); -#else - static char str[DEBUG_BUF_SIZE]; -#endif + if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold ) + return; va_start( argp, format ); - vsnprintf( str, DEBUG_BUF_SIZE - 1, format, argp ); - va_end( argp ); - - str[DEBUG_BUF_SIZE - 1] = '\0'; - return( str ); -} - -void debug_print_msg_free( const ssl_context *ssl, int level, - const char *file, int line, char *text ) -{ - if( text != NULL ) - debug_print_msg( ssl, level, file, line, text ); - -#if defined(POLARSSL_THREADING_C) - polarssl_free( text ); +#if defined(_WIN32) +#if defined(_TRUNCATE) + ret = _vsnprintf_s( str, DEBUG_BUF_SIZE, _TRUNCATE, format, argp ); +#else + ret = _vsnprintf( str, DEBUG_BUF_SIZE, format, argp ); + if( ret < 0 || (size_t) ret == DEBUG_BUF_SIZE ) + { + str[DEBUG_BUF_SIZE-1] = '\0'; + ret = -1; + } #endif -} - -void debug_print_msg( const ssl_context *ssl, int level, - const char *file, int line, const char *text ) -{ - char str[512]; - int maxlen = sizeof( str ) - 1; - - if( ssl->f_dbg == NULL || level > debug_threshold ) - return; +#else + ret = vsnprintf( str, DEBUG_BUF_SIZE, format, argp ); +#endif + va_end( argp ); - if( debug_log_mode == POLARSSL_DEBUG_LOG_RAW ) + if( ret >= 0 && ret < DEBUG_BUF_SIZE - 1 ) { - ssl->f_dbg( ssl->p_dbg, level, text ); - return; + str[ret] = '\n'; + str[ret + 1] = '\0'; } - polarssl_snprintf( str, maxlen, "%s(%04d): %s\n", file, line, text ); - str[maxlen] = '\0'; - ssl->f_dbg( ssl->p_dbg, level, str ); + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); } -void debug_print_ret( const ssl_context *ssl, int level, +void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, const char *file, int line, const char *text, int ret ) { - char str[512]; - int maxlen = sizeof( str ) - 1; - size_t idx = 0; + char str[DEBUG_BUF_SIZE]; - if( ssl->f_dbg == NULL || level > debug_threshold ) + if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold ) return; - if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); + /* + * With non-blocking I/O and examples that just retry immediately, + * the logs would be quickly flooded with WANT_READ, so ignore that. + * Don't ignore WANT_WRITE however, since is is usually rare. + */ + if( ret == MBEDTLS_ERR_SSL_WANT_READ ) + return; - polarssl_snprintf( str + idx, maxlen - idx, "%s() returned %d (-0x%04x)\n", + mbedtls_snprintf( str, sizeof( str ), "%s() returned %d (-0x%04x)\n", text, ret, -ret ); - str[maxlen] = '\0'; - ssl->f_dbg( ssl->p_dbg, level, str ); + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); } -void debug_print_buf( const ssl_context *ssl, int level, +void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, const char *file, int line, const char *text, - unsigned char *buf, size_t len ) + const unsigned char *buf, size_t len ) { - char str[512]; + char str[DEBUG_BUF_SIZE]; char txt[17]; - size_t i, maxlen = sizeof( str ) - 1, idx = 0; + size_t i, idx = 0; - if( ssl->f_dbg == NULL || level > debug_threshold ) + if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold ) return; - if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); - - polarssl_snprintf( str + idx, maxlen - idx, "dumping '%s' (%u bytes)\n", + mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n", text, (unsigned int) len ); - str[maxlen] = '\0'; - ssl->f_dbg( ssl->p_dbg, level, str ); + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); idx = 0; memset( txt, 0, sizeof( txt ) ); @@ -170,22 +139,19 @@ void debug_print_buf( const ssl_context *ssl, int level, { if( i > 0 ) { - polarssl_snprintf( str + idx, maxlen - idx, " %s\n", txt ); - ssl->f_dbg( ssl->p_dbg, level, str ); + mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt ); + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); idx = 0; memset( txt, 0, sizeof( txt ) ); } - if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); - - idx += polarssl_snprintf( str + idx, maxlen - idx, "%04x: ", + idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "%04x: ", (unsigned int) i ); } - idx += polarssl_snprintf( str + idx, maxlen - idx, " %02x", + idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", (unsigned int) buf[i] ); txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ; } @@ -193,62 +159,55 @@ void debug_print_buf( const ssl_context *ssl, int level, if( len > 0 ) { for( /* i = i */; i % 16 != 0; i++ ) - idx += polarssl_snprintf( str + idx, maxlen - idx, " " ); + idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " " ); - polarssl_snprintf( str + idx, maxlen - idx, " %s\n", txt ); - ssl->f_dbg( ssl->p_dbg, level, str ); + mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt ); + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); } } -#if defined(POLARSSL_ECP_C) -void debug_print_ecp( const ssl_context *ssl, int level, +#if defined(MBEDTLS_ECP_C) +void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, const char *file, int line, - const char *text, const ecp_point *X ) + const char *text, const mbedtls_ecp_point *X ) { - char str[512]; - int maxlen = sizeof( str ) - 1; + char str[DEBUG_BUF_SIZE]; - if( ssl->f_dbg == NULL || level > debug_threshold ) + if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold ) return; - polarssl_snprintf( str, maxlen, "%s(X)", text ); - str[maxlen] = '\0'; - debug_print_mpi( ssl, level, file, line, str, &X->X ); + mbedtls_snprintf( str, sizeof( str ), "%s(X)", text ); + mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X ); - polarssl_snprintf( str, maxlen, "%s(Y)", text ); - str[maxlen] = '\0'; - debug_print_mpi( ssl, level, file, line, str, &X->Y ); + mbedtls_snprintf( str, sizeof( str ), "%s(Y)", text ); + mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->Y ); } -#endif /* POLARSSL_ECP_C */ +#endif /* MBEDTLS_ECP_C */ -#if defined(POLARSSL_BIGNUM_C) -void debug_print_mpi( const ssl_context *ssl, int level, +#if defined(MBEDTLS_BIGNUM_C) +void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, const char *file, int line, - const char *text, const mpi *X ) + const char *text, const mbedtls_mpi *X ) { - char str[512]; - int j, k, maxlen = sizeof( str ) - 1, zeros = 1; + char str[DEBUG_BUF_SIZE]; + int j, k, zeros = 1; size_t i, n, idx = 0; - if( ssl->f_dbg == NULL || X == NULL || level > debug_threshold ) + if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || X == NULL || level > debug_threshold ) return; for( n = X->n - 1; n > 0; n-- ) if( X->p[n] != 0 ) break; - for( j = ( sizeof(t_uint) << 3 ) - 1; j >= 0; j-- ) + for( j = ( sizeof(mbedtls_mpi_uint) << 3 ) - 1; j >= 0; j-- ) if( ( ( X->p[n] >> j ) & 1 ) != 0 ) break; - if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); - - polarssl_snprintf( str + idx, maxlen - idx, "value of '%s' (%d bits) is:\n", - text, (int) ( ( n * ( sizeof(t_uint) << 3 ) ) + j + 1 ) ); + mbedtls_snprintf( str + idx, sizeof( str ) - idx, "value of '%s' (%d bits) is:\n", + text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) ); - str[maxlen] = '\0'; - ssl->f_dbg( ssl->p_dbg, level, str ); + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); idx = 0; for( i = n + 1, j = 0; i > 0; i-- ) @@ -256,7 +215,7 @@ void debug_print_mpi( const ssl_context *ssl, int level, if( zeros && X->p[i - 1] == 0 ) continue; - for( k = sizeof( t_uint ) - 1; k >= 0; k-- ) + for( k = sizeof( mbedtls_mpi_uint ) - 1; k >= 0; k-- ) { if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 ) continue; @@ -267,16 +226,13 @@ void debug_print_mpi( const ssl_context *ssl, int level, { if( j > 0 ) { - polarssl_snprintf( str + idx, maxlen - idx, "\n" ); - ssl->f_dbg( ssl->p_dbg, level, str ); + mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); idx = 0; } - - if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); } - idx += polarssl_snprintf( str + idx, maxlen - idx, " %02x", (unsigned int) + idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", (unsigned int) ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ); j++; @@ -285,96 +241,102 @@ void debug_print_mpi( const ssl_context *ssl, int level, } if( zeros == 1 ) - { - if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - { - idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); - - } - idx += polarssl_snprintf( str + idx, maxlen - idx, " 00" ); - } + idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " 00" ); - polarssl_snprintf( str + idx, maxlen - idx, "\n" ); - ssl->f_dbg( ssl->p_dbg, level, str ); + mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); } -#endif /* POLARSSL_BIGNUM_C */ +#endif /* MBEDTLS_BIGNUM_C */ -#if defined(POLARSSL_X509_CRT_PARSE_C) -static void debug_print_pk( const ssl_context *ssl, int level, +#if defined(MBEDTLS_X509_CRT_PARSE_C) +static void debug_print_pk( const mbedtls_ssl_context *ssl, int level, const char *file, int line, - const char *text, const pk_context *pk ) + const char *text, const mbedtls_pk_context *pk ) { size_t i; - pk_debug_item items[POLARSSL_PK_DEBUG_MAX_ITEMS]; + mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS]; char name[16]; memset( items, 0, sizeof( items ) ); - if( pk_debug( pk, items ) != 0 ) + if( mbedtls_pk_debug( pk, items ) != 0 ) { - debug_print_msg( ssl, level, file, line, "invalid PK context" ); + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, + "invalid PK context\n" ); return; } - for( i = 0; i < POLARSSL_PK_DEBUG_MAX_ITEMS; i++ ) + for( i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++ ) { - if( items[i].type == POLARSSL_PK_DEBUG_NONE ) + if( items[i].type == MBEDTLS_PK_DEBUG_NONE ) return; - polarssl_snprintf( name, sizeof( name ), "%s%s", text, items[i].name ); + mbedtls_snprintf( name, sizeof( name ), "%s%s", text, items[i].name ); name[sizeof( name ) - 1] = '\0'; - if( items[i].type == POLARSSL_PK_DEBUG_MPI ) - debug_print_mpi( ssl, level, file, line, name, items[i].value ); + if( items[i].type == MBEDTLS_PK_DEBUG_MPI ) + mbedtls_debug_print_mpi( ssl, level, file, line, name, items[i].value ); else -#if defined(POLARSSL_ECP_C) - if( items[i].type == POLARSSL_PK_DEBUG_ECP ) - debug_print_ecp( ssl, level, file, line, name, items[i].value ); +#if defined(MBEDTLS_ECP_C) + if( items[i].type == MBEDTLS_PK_DEBUG_ECP ) + mbedtls_debug_print_ecp( ssl, level, file, line, name, items[i].value ); else #endif - debug_print_msg( ssl, level, file, line, "should not happen" ); + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, + "should not happen\n" ); } } -void debug_print_crt( const ssl_context *ssl, int level, - const char *file, int line, - const char *text, const x509_crt *crt ) +static void debug_print_line_by_line( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text ) { - char str[1024], prefix[64]; - int i = 0, maxlen = sizeof( prefix ) - 1, idx = 0; + char str[DEBUG_BUF_SIZE]; + const char *start, *cur; - if( ssl->f_dbg == NULL || crt == NULL || level > debug_threshold ) - return; - - if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) + start = text; + for( cur = text; *cur != '\0'; cur++ ) { - polarssl_snprintf( prefix, maxlen, "%s(%04d): ", file, line ); - prefix[maxlen] = '\0'; + if( *cur == '\n' ) + { + size_t len = cur - start + 1; + if( len > DEBUG_BUF_SIZE - 1 ) + len = DEBUG_BUF_SIZE - 1; + + memcpy( str, start, len ); + str[len] = '\0'; + + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); + + start = cur + 1; + } } - else - prefix[0] = '\0'; +} + +void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_x509_crt *crt ) +{ + char str[DEBUG_BUF_SIZE]; + int i = 0; - maxlen = sizeof( str ) - 1; + if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || crt == NULL || level > debug_threshold ) + return; while( crt != NULL ) { char buf[1024]; - x509_crt_info( buf, sizeof( buf ) - 1, prefix, crt ); - - if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) - idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); - polarssl_snprintf( str + idx, maxlen - idx, "%s #%d:\n%s", - text, ++i, buf ); + mbedtls_snprintf( str, sizeof( str ), "%s #%d:\n", text, ++i ); + ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); - str[maxlen] = '\0'; - ssl->f_dbg( ssl->p_dbg, level, str ); + mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); + debug_print_line_by_line( ssl, level, file, line, buf ); debug_print_pk( ssl, level, file, line, "crt->", &crt->pk ); crt = crt->next; } } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#endif /* POLARSSL_DEBUG_C */ +#endif /* MBEDTLS_DEBUG_C */ diff --git a/ext/mbedtls/library/des.c b/ext/mbedtls/library/des.c index 080e11392e..68de7013da 100644 --- a/ext/mbedtls/library/des.c +++ b/ext/mbedtls/library/des.c @@ -26,31 +26,31 @@ * http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_DES_C) +#if defined(MBEDTLS_DES_C) -#include "polarssl/des.h" +#include "mbedtls/des.h" #include -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ -#if !defined(POLARSSL_DES_ALT) +#if !defined(MBEDTLS_DES_ALT) /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } @@ -307,30 +307,30 @@ static const uint32_t RHs[16] = #define SWAP(a,b) { uint32_t t = a; a = b; b = t; t = 0; } -void des_init( des_context *ctx ) +void mbedtls_des_init( mbedtls_des_context *ctx ) { - memset( ctx, 0, sizeof( des_context ) ); + memset( ctx, 0, sizeof( mbedtls_des_context ) ); } -void des_free( des_context *ctx ) +void mbedtls_des_free( mbedtls_des_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( des_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_des_context ) ); } -void des3_init( des3_context *ctx ) +void mbedtls_des3_init( mbedtls_des3_context *ctx ) { - memset( ctx, 0, sizeof( des3_context ) ); + memset( ctx, 0, sizeof( mbedtls_des3_context ) ); } -void des3_free( des3_context *ctx ) +void mbedtls_des3_free( mbedtls_des3_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( des3_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_des3_context ) ); } static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8, @@ -344,22 +344,22 @@ static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8, 227, 229, 230, 233, 234, 236, 239, 241, 242, 244, 247, 248, 251, 253, 254 }; -void des_key_set_parity( unsigned char key[DES_KEY_SIZE] ) +void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] ) { int i; - for( i = 0; i < DES_KEY_SIZE; i++ ) + for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ ) key[i] = odd_parity_table[key[i] / 2]; } /* * Check the given key's parity, returns 1 on failure, 0 on SUCCESS */ -int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] ) +int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) { int i; - for( i = 0; i < DES_KEY_SIZE; i++ ) + for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ ) if( key[i] != odd_parity_table[key[i] / 2] ) return( 1 ); @@ -389,7 +389,7 @@ int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] ) #define WEAK_KEY_COUNT 16 -static const unsigned char weak_key_table[WEAK_KEY_COUNT][DES_KEY_SIZE] = +static const unsigned char weak_key_table[WEAK_KEY_COUNT][MBEDTLS_DES_KEY_SIZE] = { { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, { 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE }, @@ -410,18 +410,19 @@ static const unsigned char weak_key_table[WEAK_KEY_COUNT][DES_KEY_SIZE] = { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 } }; -int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] ) +int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) { int i; for( i = 0; i < WEAK_KEY_COUNT; i++ ) - if( memcmp( weak_key_table[i], key, DES_KEY_SIZE) == 0 ) + if( memcmp( weak_key_table[i], key, MBEDTLS_DES_KEY_SIZE) == 0 ) return( 1 ); return( 0 ); } -static void des_setkey( uint32_t SK[32], const unsigned char key[DES_KEY_SIZE] ) +#if !defined(MBEDTLS_DES_SETKEY_ALT) +void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) { int i; uint32_t X, Y, T; @@ -489,13 +490,14 @@ static void des_setkey( uint32_t SK[32], const unsigned char key[DES_KEY_SIZE] ) | ((Y << 2) & 0x00000004) | ((Y >> 21) & 0x00000002); } } +#endif /* !MBEDTLS_DES_SETKEY_ALT */ /* * DES key schedule (56-bit, encryption) */ -int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ) +int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) { - des_setkey( ctx->sk, key ); + mbedtls_des_setkey( ctx->sk, key ); return( 0 ); } @@ -503,11 +505,11 @@ int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ) /* * DES key schedule (56-bit, decryption) */ -int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ) +int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) { int i; - des_setkey( ctx->sk, key ); + mbedtls_des_setkey( ctx->sk, key ); for( i = 0; i < 16; i += 2 ) { @@ -520,12 +522,12 @@ int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ) static void des3_set2key( uint32_t esk[96], uint32_t dsk[96], - const unsigned char key[DES_KEY_SIZE*2] ) + const unsigned char key[MBEDTLS_DES_KEY_SIZE*2] ) { int i; - des_setkey( esk, key ); - des_setkey( dsk + 32, key + 8 ); + mbedtls_des_setkey( esk, key ); + mbedtls_des_setkey( dsk + 32, key + 8 ); for( i = 0; i < 32; i += 2 ) { @@ -546,13 +548,13 @@ static void des3_set2key( uint32_t esk[96], /* * Triple-DES key schedule (112-bit, encryption) */ -int des3_set2key_enc( des3_context *ctx, - const unsigned char key[DES_KEY_SIZE * 2] ) +int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ) { uint32_t sk[96]; des3_set2key( ctx->sk, sk, key ); - polarssl_zeroize( sk, sizeof( sk ) ); + mbedtls_zeroize( sk, sizeof( sk ) ); return( 0 ); } @@ -560,13 +562,13 @@ int des3_set2key_enc( des3_context *ctx, /* * Triple-DES key schedule (112-bit, decryption) */ -int des3_set2key_dec( des3_context *ctx, - const unsigned char key[DES_KEY_SIZE * 2] ) +int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ) { uint32_t sk[96]; des3_set2key( sk, ctx->sk, key ); - polarssl_zeroize( sk, sizeof( sk ) ); + mbedtls_zeroize( sk, sizeof( sk ) ); return( 0 ); } @@ -577,9 +579,9 @@ static void des3_set3key( uint32_t esk[96], { int i; - des_setkey( esk, key ); - des_setkey( dsk + 32, key + 8 ); - des_setkey( esk + 64, key + 16 ); + mbedtls_des_setkey( esk, key ); + mbedtls_des_setkey( dsk + 32, key + 8 ); + mbedtls_des_setkey( esk + 64, key + 16 ); for( i = 0; i < 32; i += 2 ) { @@ -597,13 +599,13 @@ static void des3_set3key( uint32_t esk[96], /* * Triple-DES key schedule (168-bit, encryption) */ -int des3_set3key_enc( des3_context *ctx, - const unsigned char key[DES_KEY_SIZE * 3] ) +int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ) { uint32_t sk[96]; des3_set3key( ctx->sk, sk, key ); - polarssl_zeroize( sk, sizeof( sk ) ); + mbedtls_zeroize( sk, sizeof( sk ) ); return( 0 ); } @@ -611,13 +613,13 @@ int des3_set3key_enc( des3_context *ctx, /* * Triple-DES key schedule (168-bit, decryption) */ -int des3_set3key_dec( des3_context *ctx, - const unsigned char key[DES_KEY_SIZE * 3] ) +int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ) { uint32_t sk[96]; des3_set3key( sk, ctx->sk, key ); - polarssl_zeroize( sk, sizeof( sk ) ); + mbedtls_zeroize( sk, sizeof( sk ) ); return( 0 ); } @@ -625,7 +627,8 @@ int des3_set3key_dec( des3_context *ctx, /* * DES-ECB block encryption/decryption */ -int des_crypt_ecb( des_context *ctx, +#if !defined(MBEDTLS_DES_CRYPT_ECB_ALT) +int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, const unsigned char input[8], unsigned char output[8] ) { @@ -652,12 +655,13 @@ int des_crypt_ecb( des_context *ctx, return( 0 ); } +#endif /* !MBEDTLS_DES_CRYPT_ECB_ALT */ -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /* * DES-CBC buffer encryption/decryption */ -int des_crypt_cbc( des_context *ctx, +int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, int mode, size_t length, unsigned char iv[8], @@ -668,16 +672,16 @@ int des_crypt_cbc( des_context *ctx, unsigned char temp[8]; if( length % 8 ) - return( POLARSSL_ERR_DES_INVALID_INPUT_LENGTH ); + return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH ); - if( mode == DES_ENCRYPT ) + if( mode == MBEDTLS_DES_ENCRYPT ) { while( length > 0 ) { for( i = 0; i < 8; i++ ) output[i] = (unsigned char)( input[i] ^ iv[i] ); - des_crypt_ecb( ctx, output, output ); + mbedtls_des_crypt_ecb( ctx, output, output ); memcpy( iv, output, 8 ); input += 8; @@ -685,12 +689,12 @@ int des_crypt_cbc( des_context *ctx, length -= 8; } } - else /* DES_DECRYPT */ + else /* MBEDTLS_DES_DECRYPT */ { while( length > 0 ) { memcpy( temp, input, 8 ); - des_crypt_ecb( ctx, input, output ); + mbedtls_des_crypt_ecb( ctx, input, output ); for( i = 0; i < 8; i++ ) output[i] = (unsigned char)( output[i] ^ iv[i] ); @@ -705,12 +709,13 @@ int des_crypt_cbc( des_context *ctx, return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ /* * 3DES-ECB block encryption/decryption */ -int des3_crypt_ecb( des3_context *ctx, +#if !defined(MBEDTLS_DES3_CRYPT_ECB_ALT) +int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, const unsigned char input[8], unsigned char output[8] ) { @@ -749,12 +754,13 @@ int des3_crypt_ecb( des3_context *ctx, return( 0 ); } +#endif /* !MBEDTLS_DES3_CRYPT_ECB_ALT */ -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /* * 3DES-CBC buffer encryption/decryption */ -int des3_crypt_cbc( des3_context *ctx, +int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx, int mode, size_t length, unsigned char iv[8], @@ -765,16 +771,16 @@ int des3_crypt_cbc( des3_context *ctx, unsigned char temp[8]; if( length % 8 ) - return( POLARSSL_ERR_DES_INVALID_INPUT_LENGTH ); + return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH ); - if( mode == DES_ENCRYPT ) + if( mode == MBEDTLS_DES_ENCRYPT ) { while( length > 0 ) { for( i = 0; i < 8; i++ ) output[i] = (unsigned char)( input[i] ^ iv[i] ); - des3_crypt_ecb( ctx, output, output ); + mbedtls_des3_crypt_ecb( ctx, output, output ); memcpy( iv, output, 8 ); input += 8; @@ -782,12 +788,12 @@ int des3_crypt_cbc( des3_context *ctx, length -= 8; } } - else /* DES_DECRYPT */ + else /* MBEDTLS_DES_DECRYPT */ { while( length > 0 ) { memcpy( temp, input, 8 ); - des3_crypt_ecb( ctx, input, output ); + mbedtls_des3_crypt_ecb( ctx, input, output ); for( i = 0; i < 8; i++ ) output[i] = (unsigned char)( output[i] ^ iv[i] ); @@ -802,11 +808,11 @@ int des3_crypt_cbc( des3_context *ctx, return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* !POLARSSL_DES_ALT */ +#endif /* !MBEDTLS_DES_ALT */ -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * DES and 3DES test vectors from: * @@ -838,7 +844,7 @@ static const unsigned char des3_test_ecb_enc[3][8] = { 0xDD, 0x17, 0xE8, 0xB8, 0xB4, 0x37, 0xD2, 0x32 } }; -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) static const unsigned char des3_test_iv[8] = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF, @@ -857,24 +863,24 @@ static const unsigned char des3_test_cbc_enc[3][8] = { 0x35, 0x76, 0x11, 0x56, 0x5F, 0xA1, 0x8E, 0x4D }, { 0xCB, 0x19, 0x1F, 0x85, 0xD1, 0xED, 0x84, 0x39 } }; -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ /* * Checkup routine */ -int des_self_test( int verbose ) +int mbedtls_des_self_test( int verbose ) { int i, j, u, v, ret = 0; - des_context ctx; - des3_context ctx3; + mbedtls_des_context ctx; + mbedtls_des3_context ctx3; unsigned char buf[8]; -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) unsigned char prv[8]; unsigned char iv[8]; #endif - des_init( &ctx ); - des3_init( &ctx3 ); + mbedtls_des_init( &ctx ); + mbedtls_des3_init( &ctx3 ); /* * ECB mode */ @@ -884,36 +890,36 @@ int des_self_test( int verbose ) v = i & 1; if( verbose != 0 ) - polarssl_printf( " DES%c-ECB-%3d (%s): ", + mbedtls_printf( " DES%c-ECB-%3d (%s): ", ( u == 0 ) ? ' ' : '3', 56 + u * 56, - ( v == DES_DECRYPT ) ? "dec" : "enc" ); + ( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" ); memcpy( buf, des3_test_buf, 8 ); switch( i ) { case 0: - des_setkey_dec( &ctx, des3_test_keys ); + mbedtls_des_setkey_dec( &ctx, des3_test_keys ); break; case 1: - des_setkey_enc( &ctx, des3_test_keys ); + mbedtls_des_setkey_enc( &ctx, des3_test_keys ); break; case 2: - des3_set2key_dec( &ctx3, des3_test_keys ); + mbedtls_des3_set2key_dec( &ctx3, des3_test_keys ); break; case 3: - des3_set2key_enc( &ctx3, des3_test_keys ); + mbedtls_des3_set2key_enc( &ctx3, des3_test_keys ); break; case 4: - des3_set3key_dec( &ctx3, des3_test_keys ); + mbedtls_des3_set3key_dec( &ctx3, des3_test_keys ); break; case 5: - des3_set3key_enc( &ctx3, des3_test_keys ); + mbedtls_des3_set3key_enc( &ctx3, des3_test_keys ); break; default: @@ -923,31 +929,31 @@ int des_self_test( int verbose ) for( j = 0; j < 10000; j++ ) { if( u == 0 ) - des_crypt_ecb( &ctx, buf, buf ); + mbedtls_des_crypt_ecb( &ctx, buf, buf ); else - des3_crypt_ecb( &ctx3, buf, buf ); + mbedtls_des3_crypt_ecb( &ctx3, buf, buf ); } - if( ( v == DES_DECRYPT && + if( ( v == MBEDTLS_DES_DECRYPT && memcmp( buf, des3_test_ecb_dec[u], 8 ) != 0 ) || - ( v != DES_DECRYPT && + ( v != MBEDTLS_DES_DECRYPT && memcmp( buf, des3_test_ecb_enc[u], 8 ) != 0 ) ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /* * CBC mode */ @@ -957,9 +963,9 @@ int des_self_test( int verbose ) v = i & 1; if( verbose != 0 ) - polarssl_printf( " DES%c-CBC-%3d (%s): ", + mbedtls_printf( " DES%c-CBC-%3d (%s): ", ( u == 0 ) ? ' ' : '3', 56 + u * 56, - ( v == DES_DECRYPT ) ? "dec" : "enc" ); + ( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" ); memcpy( iv, des3_test_iv, 8 ); memcpy( prv, des3_test_iv, 8 ); @@ -968,41 +974,41 @@ int des_self_test( int verbose ) switch( i ) { case 0: - des_setkey_dec( &ctx, des3_test_keys ); + mbedtls_des_setkey_dec( &ctx, des3_test_keys ); break; case 1: - des_setkey_enc( &ctx, des3_test_keys ); + mbedtls_des_setkey_enc( &ctx, des3_test_keys ); break; case 2: - des3_set2key_dec( &ctx3, des3_test_keys ); + mbedtls_des3_set2key_dec( &ctx3, des3_test_keys ); break; case 3: - des3_set2key_enc( &ctx3, des3_test_keys ); + mbedtls_des3_set2key_enc( &ctx3, des3_test_keys ); break; case 4: - des3_set3key_dec( &ctx3, des3_test_keys ); + mbedtls_des3_set3key_dec( &ctx3, des3_test_keys ); break; case 5: - des3_set3key_enc( &ctx3, des3_test_keys ); + mbedtls_des3_set3key_enc( &ctx3, des3_test_keys ); break; default: return( 1 ); } - if( v == DES_DECRYPT ) + if( v == MBEDTLS_DES_DECRYPT ) { for( j = 0; j < 10000; j++ ) { if( u == 0 ) - des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); + mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); else - des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); + mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); } } else @@ -1012,9 +1018,9 @@ int des_self_test( int verbose ) unsigned char tmp[8]; if( u == 0 ) - des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); + mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); else - des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); + mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); memcpy( tmp, prv, 8 ); memcpy( prv, buf, 8 ); @@ -1024,33 +1030,33 @@ int des_self_test( int verbose ) memcpy( buf, prv, 8 ); } - if( ( v == DES_DECRYPT && + if( ( v == MBEDTLS_DES_DECRYPT && memcmp( buf, des3_test_cbc_dec[u], 8 ) != 0 ) || - ( v != DES_DECRYPT && + ( v != MBEDTLS_DES_DECRYPT && memcmp( buf, des3_test_cbc_enc[u], 8 ) != 0 ) ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); exit: - des_free( &ctx ); - des3_free( &ctx3 ); + mbedtls_des_free( &ctx ); + mbedtls_des3_free( &ctx3 ); return( ret ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_DES_C */ +#endif /* MBEDTLS_DES_C */ diff --git a/ext/mbedtls/library/dhm.c b/ext/mbedtls/library/dhm.c index 0a4f820286..ac6261fbed 100644 --- a/ext/mbedtls/library/dhm.c +++ b/ext/mbedtls/library/dhm.c @@ -25,61 +25,61 @@ * http://www.cacr.math.uwaterloo.ca/hac/ (chapter 12) */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_DHM_C) +#if defined(MBEDTLS_DHM_C) -#include "polarssl/dhm.h" +#include "mbedtls/dhm.h" #include -#if defined(POLARSSL_PEM_PARSE_C) -#include "polarssl/pem.h" +#if defined(MBEDTLS_PEM_PARSE_C) +#include "mbedtls/pem.h" #endif -#if defined(POLARSSL_ASN1_PARSE_C) -#include "polarssl/asn1.h" +#if defined(MBEDTLS_ASN1_PARSE_C) +#include "mbedtls/asn1.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include #include -#define polarssl_printf printf -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_printf printf +#define mbedtls_calloc calloc +#define mbedtls_free free #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } /* - * helper to validate the mpi size and import it + * helper to validate the mbedtls_mpi size and import it */ -static int dhm_read_bignum( mpi *X, +static int dhm_read_bignum( mbedtls_mpi *X, unsigned char **p, const unsigned char *end ) { int ret, n; if( end - *p < 2 ) - return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); n = ( (*p)[0] << 8 ) | (*p)[1]; (*p) += 2; if( (int)( end - *p ) < n ) - return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); - if( ( ret = mpi_read_binary( X, *p, n ) ) != 0 ) - return( POLARSSL_ERR_DHM_READ_PARAMS_FAILED + ret ); + if( ( ret = mbedtls_mpi_read_binary( X, *p, n ) ) != 0 ) + return( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED + ret ); (*p) += n; @@ -95,36 +95,36 @@ static int dhm_read_bignum( mpi *X, * http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643 */ -static int dhm_check_range( const mpi *param, const mpi *P ) +static int dhm_check_range( const mbedtls_mpi *param, const mbedtls_mpi *P ) { - mpi L, U; - int ret = POLARSSL_ERR_DHM_BAD_INPUT_DATA; + mbedtls_mpi L, U; + int ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA; - mpi_init( &L ); mpi_init( &U ); + mbedtls_mpi_init( &L ); mbedtls_mpi_init( &U ); - MPI_CHK( mpi_lset( &L, 2 ) ); - MPI_CHK( mpi_sub_int( &U, P, 2 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &L, 2 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &U, P, 2 ) ); - if( mpi_cmp_mpi( param, &L ) >= 0 && - mpi_cmp_mpi( param, &U ) <= 0 ) + if( mbedtls_mpi_cmp_mpi( param, &L ) >= 0 && + mbedtls_mpi_cmp_mpi( param, &U ) <= 0 ) { ret = 0; } cleanup: - mpi_free( &L ); mpi_free( &U ); + mbedtls_mpi_free( &L ); mbedtls_mpi_free( &U ); return( ret ); } -void dhm_init( dhm_context *ctx ) +void mbedtls_dhm_init( mbedtls_dhm_context *ctx ) { - memset( ctx, 0, sizeof( dhm_context ) ); + memset( ctx, 0, sizeof( mbedtls_dhm_context ) ); } /* * Parse the ServerKeyExchange parameters */ -int dhm_read_params( dhm_context *ctx, +int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, unsigned char **p, const unsigned char *end ) { @@ -138,7 +138,7 @@ int dhm_read_params( dhm_context *ctx, if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) return( ret ); - ctx->len = mpi_size( &ctx->P ); + ctx->len = mbedtls_mpi_size( &ctx->P ); return( 0 ); } @@ -146,7 +146,7 @@ int dhm_read_params( dhm_context *ctx, /* * Setup and write the ServerKeyExchange parameters */ -int dhm_make_params( dhm_context *ctx, int x_size, +int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, unsigned char *output, size_t *olen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) @@ -155,28 +155,28 @@ int dhm_make_params( dhm_context *ctx, int x_size, size_t n1, n2, n3; unsigned char *p; - if( mpi_cmp_int( &ctx->P, 0 ) == 0 ) - return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 ) + return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); /* * Generate X as large as possible ( < P ) */ do { - mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ); + mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ); - while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 ) - MPI_CHK( mpi_shift_r( &ctx->X, 1 ) ); + while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) ); if( count++ > 10 ) - return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED ); + return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED ); } while( dhm_check_range( &ctx->X, &ctx->P ) != 0 ); /* * Calculate GX = G^X mod P */ - MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X, + MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X, &ctx->P , &ctx->RP ) ); if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 ) @@ -186,13 +186,13 @@ int dhm_make_params( dhm_context *ctx, int x_size, * export P, G, GX */ #define DHM_MPI_EXPORT(X,n) \ - MPI_CHK( mpi_write_binary( X, p + 2, n ) ); \ + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, p + 2, n ) ); \ *p++ = (unsigned char)( n >> 8 ); \ *p++ = (unsigned char)( n ); p += n; - n1 = mpi_size( &ctx->P ); - n2 = mpi_size( &ctx->G ); - n3 = mpi_size( &ctx->GX ); + n1 = mbedtls_mpi_size( &ctx->P ); + n2 = mbedtls_mpi_size( &ctx->G ); + n3 = mbedtls_mpi_size( &ctx->GX ); p = output; DHM_MPI_EXPORT( &ctx->P , n1 ); @@ -206,7 +206,7 @@ int dhm_make_params( dhm_context *ctx, int x_size, cleanup: if( ret != 0 ) - return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED + ret ); + return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED + ret ); return( 0 ); } @@ -214,16 +214,16 @@ cleanup: /* * Import the peer's public value G^Y */ -int dhm_read_public( dhm_context *ctx, +int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, const unsigned char *input, size_t ilen ) { int ret; if( ctx == NULL || ilen < 1 || ilen > ctx->len ) - return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); - if( ( ret = mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 ) - return( POLARSSL_ERR_DHM_READ_PUBLIC_FAILED + ret ); + if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 ) + return( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED + ret ); return( 0 ); } @@ -231,7 +231,7 @@ int dhm_read_public( dhm_context *ctx, /* * Create own private value X and export G^X */ -int dhm_make_public( dhm_context *ctx, int x_size, +int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, unsigned char *output, size_t olen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) @@ -239,38 +239,38 @@ int dhm_make_public( dhm_context *ctx, int x_size, int ret, count = 0; if( ctx == NULL || olen < 1 || olen > ctx->len ) - return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); - if( mpi_cmp_int( &ctx->P, 0 ) == 0 ) - return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 ) + return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); /* * generate X and calculate GX = G^X mod P */ do { - mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ); + mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ); - while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 ) - MPI_CHK( mpi_shift_r( &ctx->X, 1 ) ); + while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) ); if( count++ > 10 ) - return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED ); + return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED ); } while( dhm_check_range( &ctx->X, &ctx->P ) != 0 ); - MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X, + MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X, &ctx->P , &ctx->RP ) ); if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 ) return( ret ); - MPI_CHK( mpi_write_binary( &ctx->GX, output, olen ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->GX, output, olen ) ); cleanup: if( ret != 0 ) - return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED + ret ); + return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED + ret ); return( 0 ); } @@ -278,10 +278,10 @@ cleanup: /* * Use the blinding method and optimisation suggested in section 10 of: * KOCHER, Paul C. Timing attacks on implementations of Diffie-Hellman, RSA, - * DSS, and other systems. In : Advances in Cryptology—CRYPTO’96. Springer + * DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer * Berlin Heidelberg, 1996. p. 104-113. */ -static int dhm_update_blinding( dhm_context *ctx, +static int dhm_update_blinding( mbedtls_dhm_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret, count; @@ -290,11 +290,11 @@ static int dhm_update_blinding( dhm_context *ctx, * Don't use any blinding the first time a particular X is used, * but remember it to use blinding next time. */ - if( mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 ) + if( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 ) { - MPI_CHK( mpi_copy( &ctx->pX, &ctx->X ) ); - MPI_CHK( mpi_lset( &ctx->Vi, 1 ) ); - MPI_CHK( mpi_lset( &ctx->Vf, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &ctx->pX, &ctx->X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vi, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vf, 1 ) ); return( 0 ); } @@ -303,13 +303,13 @@ static int dhm_update_blinding( dhm_context *ctx, * Ok, we need blinding. Can we re-use existing values? * If yes, just update them by squaring them. */ - if( mpi_cmp_int( &ctx->Vi, 1 ) != 0 ) + if( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) != 0 ) { - MPI_CHK( mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) ); - MPI_CHK( mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) ); - MPI_CHK( mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) ); - MPI_CHK( mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) ); return( 0 ); } @@ -322,19 +322,19 @@ static int dhm_update_blinding( dhm_context *ctx, count = 0; do { - mpi_fill_random( &ctx->Vi, mpi_size( &ctx->P ), f_rng, p_rng ); + mbedtls_mpi_fill_random( &ctx->Vi, mbedtls_mpi_size( &ctx->P ), f_rng, p_rng ); - while( mpi_cmp_mpi( &ctx->Vi, &ctx->P ) >= 0 ) - MPI_CHK( mpi_shift_r( &ctx->Vi, 1 ) ); + while( mbedtls_mpi_cmp_mpi( &ctx->Vi, &ctx->P ) >= 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->Vi, 1 ) ); if( count++ > 10 ) - return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE ); + return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); } - while( mpi_cmp_int( &ctx->Vi, 1 ) <= 0 ); + while( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) <= 0 ); /* Vf = Vi^-X mod P */ - MPI_CHK( mpi_inv_mod( &ctx->Vf, &ctx->Vi, &ctx->P ) ); - MPI_CHK( mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->Vf, &ctx->Vi, &ctx->P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) ); cleanup: return( ret ); @@ -343,52 +343,52 @@ cleanup: /* * Derive and export the shared secret (G^Y)^X mod P */ -int dhm_calc_secret( dhm_context *ctx, - unsigned char *output, size_t *olen, +int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, + unsigned char *output, size_t output_size, size_t *olen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; - mpi GYb; + mbedtls_mpi GYb; - if( ctx == NULL || *olen < ctx->len ) - return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + if( ctx == NULL || output_size < ctx->len ) + return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) return( ret ); - mpi_init( &GYb ); + mbedtls_mpi_init( &GYb ); /* Blind peer's value */ if( f_rng != NULL ) { - MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) ); - MPI_CHK( mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) ); - MPI_CHK( mpi_mod_mpi( &GYb, &GYb, &ctx->P ) ); + MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) ); } else - MPI_CHK( mpi_copy( &GYb, &ctx->GY ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &GYb, &ctx->GY ) ); /* Do modular exponentiation */ - MPI_CHK( mpi_exp_mod( &ctx->K, &GYb, &ctx->X, + MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->K, &GYb, &ctx->X, &ctx->P, &ctx->RP ) ); /* Unblind secret value */ if( f_rng != NULL ) { - MPI_CHK( mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) ); - MPI_CHK( mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) ); } - *olen = mpi_size( &ctx->K ); + *olen = mbedtls_mpi_size( &ctx->K ); - MPI_CHK( mpi_write_binary( &ctx->K, output, *olen ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->K, output, *olen ) ); cleanup: - mpi_free( &GYb ); + mbedtls_mpi_free( &GYb ); if( ret != 0 ) - return( POLARSSL_ERR_DHM_CALC_SECRET_FAILED + ret ); + return( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED + ret ); return( 0 ); } @@ -396,35 +396,39 @@ cleanup: /* * Free the components of a DHM key */ -void dhm_free( dhm_context *ctx ) +void mbedtls_dhm_free( mbedtls_dhm_context *ctx ) { - mpi_free( &ctx->pX); mpi_free( &ctx->Vf ); mpi_free( &ctx->Vi ); - mpi_free( &ctx->RP ); mpi_free( &ctx->K ); mpi_free( &ctx->GY ); - mpi_free( &ctx->GX ); mpi_free( &ctx->X ); mpi_free( &ctx->G ); - mpi_free( &ctx->P ); + mbedtls_mpi_free( &ctx->pX); mbedtls_mpi_free( &ctx->Vf ); mbedtls_mpi_free( &ctx->Vi ); + mbedtls_mpi_free( &ctx->RP ); mbedtls_mpi_free( &ctx->K ); mbedtls_mpi_free( &ctx->GY ); + mbedtls_mpi_free( &ctx->GX ); mbedtls_mpi_free( &ctx->X ); mbedtls_mpi_free( &ctx->G ); + mbedtls_mpi_free( &ctx->P ); - polarssl_zeroize( ctx, sizeof( dhm_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_dhm_context ) ); } -#if defined(POLARSSL_ASN1_PARSE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) /* * Parse DHM parameters */ -int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin, +int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen ) { int ret; size_t len; unsigned char *p, *end; -#if defined(POLARSSL_PEM_PARSE_C) - pem_context pem; +#if defined(MBEDTLS_PEM_PARSE_C) + mbedtls_pem_context pem; - pem_init( &pem ); + mbedtls_pem_init( &pem ); - ret = pem_read_buffer( &pem, - "-----BEGIN DH PARAMETERS-----", - "-----END DH PARAMETERS-----", - dhmin, NULL, 0, &dhminlen ); + /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ + if( dhminlen == 0 || dhmin[dhminlen - 1] != '\0' ) + ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + else + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN DH PARAMETERS-----", + "-----END DH PARAMETERS-----", + dhmin, NULL, 0, &dhminlen ); if( ret == 0 ) { @@ -433,13 +437,13 @@ int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin, */ dhminlen = pem.buflen; } - else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) goto exit; p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin; #else p = (unsigned char *) dhmin; -#endif /* POLARSSL_PEM_PARSE_C */ +#endif /* MBEDTLS_PEM_PARSE_C */ end = p + dhminlen; /* @@ -449,60 +453,64 @@ int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin, * privateValueLength INTEGER OPTIONAL * } */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - ret = POLARSSL_ERR_DHM_INVALID_FORMAT + ret; + ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret; goto exit; } end = p + len; - if( ( ret = asn1_get_mpi( &p, end, &dhm->P ) ) != 0 || - ( ret = asn1_get_mpi( &p, end, &dhm->G ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->P ) ) != 0 || + ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->G ) ) != 0 ) { - ret = POLARSSL_ERR_DHM_INVALID_FORMAT + ret; + ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret; goto exit; } if( p != end ) { - /* this might be the optional privateValueLength; If so, we - can cleanly discard it; */ - mpi rec; - mpi_init( &rec ); - ret = asn1_get_mpi( &p, end, &rec ); - mpi_free( &rec ); + /* This might be the optional privateValueLength. + * If so, we can cleanly discard it */ + mbedtls_mpi rec; + mbedtls_mpi_init( &rec ); + ret = mbedtls_asn1_get_mpi( &p, end, &rec ); + mbedtls_mpi_free( &rec ); if ( ret != 0 ) { - ret = POLARSSL_ERR_DHM_INVALID_FORMAT + ret; + ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret; goto exit; } if ( p != end ) { - ret = POLARSSL_ERR_DHM_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH; + ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; goto exit; } } ret = 0; - dhm->len = mpi_size( &dhm->P ); + dhm->len = mbedtls_mpi_size( &dhm->P ); exit: -#if defined(POLARSSL_PEM_PARSE_C) - pem_free( &pem ); +#if defined(MBEDTLS_PEM_PARSE_C) + mbedtls_pem_free( &pem ); #endif if( ret != 0 ) - dhm_free( dhm ); + mbedtls_dhm_free( dhm ); return( ret ); } -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /* * Load all data from a file into a given buffer. + * + * The file is expected to contain either PEM or DER encoded data. + * A terminating null byte is always appended. It is included in the announced + * length only if the data looks like it is PEM encoded. */ static int load_file( const char *path, unsigned char **buf, size_t *n ) { @@ -510,43 +518,46 @@ static int load_file( const char *path, unsigned char **buf, size_t *n ) long size; if( ( f = fopen( path, "rb" ) ) == NULL ) - return( POLARSSL_ERR_DHM_FILE_IO_ERROR ); + return( MBEDTLS_ERR_DHM_FILE_IO_ERROR ); fseek( f, 0, SEEK_END ); if( ( size = ftell( f ) ) == -1 ) { fclose( f ); - return( POLARSSL_ERR_DHM_FILE_IO_ERROR ); + return( MBEDTLS_ERR_DHM_FILE_IO_ERROR ); } fseek( f, 0, SEEK_SET ); *n = (size_t) size; if( *n + 1 == 0 || - ( *buf = polarssl_malloc( *n + 1 ) ) == NULL ) + ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL ) { fclose( f ); - return( POLARSSL_ERR_DHM_MALLOC_FAILED ); + return( MBEDTLS_ERR_DHM_ALLOC_FAILED ); } if( fread( *buf, 1, *n, f ) != *n ) { fclose( f ); - polarssl_free( *buf ); - return( POLARSSL_ERR_DHM_FILE_IO_ERROR ); + mbedtls_free( *buf ); + return( MBEDTLS_ERR_DHM_FILE_IO_ERROR ); } fclose( f ); (*buf)[*n] = '\0'; + if( strstr( (const char *) *buf, "-----BEGIN " ) != NULL ) + ++*n; + return( 0 ); } /* * Load and parse DHM parameters */ -int dhm_parse_dhmfile( dhm_context *dhm, const char *path ) +int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ) { int ret; size_t n; @@ -555,59 +566,60 @@ int dhm_parse_dhmfile( dhm_context *dhm, const char *path ) if( ( ret = load_file( path, &buf, &n ) ) != 0 ) return( ret ); - ret = dhm_parse_dhm( dhm, buf, n ); + ret = mbedtls_dhm_parse_dhm( dhm, buf, n ); - polarssl_zeroize( buf, n + 1 ); - polarssl_free( buf ); + mbedtls_zeroize( buf, n ); + mbedtls_free( buf ); return( ret ); } -#endif /* POLARSSL_FS_IO */ -#endif /* POLARSSL_ASN1_PARSE_C */ +#endif /* MBEDTLS_FS_IO */ +#endif /* MBEDTLS_ASN1_PARSE_C */ + +#if defined(MBEDTLS_SELF_TEST) -#if defined(POLARSSL_SELF_TEST) +static const char mbedtls_test_dhm_params[] = +"-----BEGIN DH PARAMETERS-----\r\n" +"MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n" +"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n" +"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n" +"-----END DH PARAMETERS-----\r\n"; -#include "polarssl/certs.h" +static const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_params ); /* * Checkup routine */ -int dhm_self_test( int verbose ) +int mbedtls_dhm_self_test( int verbose ) { -#if defined(POLARSSL_CERTS_C) int ret; - dhm_context dhm; + mbedtls_dhm_context dhm; - dhm_init( &dhm ); + mbedtls_dhm_init( &dhm ); if( verbose != 0 ) - polarssl_printf( " DHM parameter load: " ); + mbedtls_printf( " DHM parameter load: " ); - if( ( ret = dhm_parse_dhm( &dhm, (const unsigned char *) test_dhm_params, - strlen( test_dhm_params ) ) ) != 0 ) + if( ( ret = mbedtls_dhm_parse_dhm( &dhm, + (const unsigned char *) mbedtls_test_dhm_params, + mbedtls_test_dhm_params_len ) ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; } if( verbose != 0 ) - polarssl_printf( "passed\n\n" ); + mbedtls_printf( "passed\n\n" ); exit: - dhm_free( &dhm ); + mbedtls_dhm_free( &dhm ); return( ret ); -#else - if( verbose != 0 ) - polarssl_printf( " DHM parameter load: skipped\n" ); - - return( 0 ); -#endif /* POLARSSL_CERTS_C */ } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_DHM_C */ +#endif /* MBEDTLS_DHM_C */ diff --git a/ext/mbedtls/library/ecdh.c b/ext/mbedtls/library/ecdh.c index 82fff276a2..8d8897726c 100644 --- a/ext/mbedtls/library/ecdh.c +++ b/ext/mbedtls/library/ecdh.c @@ -27,58 +27,58 @@ * RFC 4492 */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_ECDH_C) +#if defined(MBEDTLS_ECDH_C) -#include "polarssl/ecdh.h" +#include "mbedtls/ecdh.h" #include /* - * Generate public key: simple wrapper around ecp_gen_keypair + * Generate public key: simple wrapper around mbedtls_ecp_gen_keypair */ -int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q, +int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - return ecp_gen_keypair( grp, d, Q, f_rng, p_rng ); + return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng ); } /* * Compute shared secret (SEC1 3.3.1) */ -int ecdh_compute_shared( ecp_group *grp, mpi *z, - const ecp_point *Q, const mpi *d, +int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, + const mbedtls_ecp_point *Q, const mbedtls_mpi *d, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; - ecp_point P; + mbedtls_ecp_point P; - ecp_point_init( &P ); + mbedtls_ecp_point_init( &P ); /* * Make sure Q is a valid pubkey before using it */ - MPI_CHK( ecp_check_pubkey( grp, Q ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) ); - MPI_CHK( ecp_mul( grp, &P, d, Q, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &P, d, Q, f_rng, p_rng ) ); - if( ecp_is_zero( &P ) ) + if( mbedtls_ecp_is_zero( &P ) ) { - ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA; + ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } - MPI_CHK( mpi_copy( z, &P.X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( z, &P.X ) ); cleanup: - ecp_point_free( &P ); + mbedtls_ecp_point_free( &P ); return( ret ); } @@ -86,27 +86,27 @@ cleanup: /* * Initialize context */ -void ecdh_init( ecdh_context *ctx ) +void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) { - memset( ctx, 0, sizeof( ecdh_context ) ); + memset( ctx, 0, sizeof( mbedtls_ecdh_context ) ); } /* * Free context */ -void ecdh_free( ecdh_context *ctx ) +void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ) { if( ctx == NULL ) return; - ecp_group_free( &ctx->grp ); - ecp_point_free( &ctx->Q ); - ecp_point_free( &ctx->Qp ); - ecp_point_free( &ctx->Vi ); - ecp_point_free( &ctx->Vf ); - mpi_free( &ctx->d ); - mpi_free( &ctx->z ); - mpi_free( &ctx->_d ); + mbedtls_ecp_group_free( &ctx->grp ); + mbedtls_ecp_point_free( &ctx->Q ); + mbedtls_ecp_point_free( &ctx->Qp ); + mbedtls_ecp_point_free( &ctx->Vi ); + mbedtls_ecp_point_free( &ctx->Vf ); + mbedtls_mpi_free( &ctx->d ); + mbedtls_mpi_free( &ctx->z ); + mbedtls_mpi_free( &ctx->_d ); } /* @@ -116,7 +116,7 @@ void ecdh_free( ecdh_context *ctx ) * ECPoint public; * } ServerECDHParams; */ -int ecdh_make_params( ecdh_context *ctx, size_t *olen, +int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) @@ -125,20 +125,20 @@ int ecdh_make_params( ecdh_context *ctx, size_t *olen, size_t grp_len, pt_len; if( ctx == NULL || ctx->grp.pbits == 0 ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - if( ( ret = ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ) + if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ) != 0 ) return( ret ); - if( ( ret = ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) ) + if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) ) != 0 ) return( ret ); buf += grp_len; blen -= grp_len; - if( ( ret = ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format, + if( ( ret = mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format, &pt_len, buf, blen ) ) != 0 ) return( ret ); @@ -153,15 +153,15 @@ int ecdh_make_params( ecdh_context *ctx, size_t *olen, * ECPoint public; * } ServerECDHParams; */ -int ecdh_read_params( ecdh_context *ctx, +int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, const unsigned char **buf, const unsigned char *end ) { int ret; - if( ( ret = ecp_tls_read_group( &ctx->grp, buf, end - *buf ) ) != 0 ) + if( ( ret = mbedtls_ecp_tls_read_group( &ctx->grp, buf, end - *buf ) ) != 0 ) return( ret ); - if( ( ret = ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, end - *buf ) ) + if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, end - *buf ) ) != 0 ) return( ret ); @@ -171,24 +171,24 @@ int ecdh_read_params( ecdh_context *ctx, /* * Get parameters from a keypair */ -int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key, - ecdh_side side ) +int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, + mbedtls_ecdh_side side ) { int ret; - if( ( ret = ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ) + if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ) return( ret ); /* If it's not our key, just import the public part as Qp */ - if( side == POLARSSL_ECDH_THEIRS ) - return( ecp_copy( &ctx->Qp, &key->Q ) ); + if( side == MBEDTLS_ECDH_THEIRS ) + return( mbedtls_ecp_copy( &ctx->Qp, &key->Q ) ); /* Our key: import public (as Q) and private parts */ - if( side != POLARSSL_ECDH_OURS ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + if( side != MBEDTLS_ECDH_OURS ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - if( ( ret = ecp_copy( &ctx->Q, &key->Q ) ) != 0 || - ( ret = mpi_copy( &ctx->d, &key->d ) ) != 0 ) + if( ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 || + ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 ) return( ret ); return( 0 ); @@ -197,7 +197,7 @@ int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key, /* * Setup and export the client public value */ -int ecdh_make_public( ecdh_context *ctx, size_t *olen, +int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) @@ -205,33 +205,33 @@ int ecdh_make_public( ecdh_context *ctx, size_t *olen, int ret; if( ctx == NULL || ctx->grp.pbits == 0 ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - if( ( ret = ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ) + if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ) != 0 ) return( ret ); - return ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format, + return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format, olen, buf, blen ); } /* * Parse and import the client's public value */ -int ecdh_read_public( ecdh_context *ctx, +int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, const unsigned char *buf, size_t blen ) { int ret; const unsigned char *p = buf; if( ctx == NULL ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - if( ( ret = ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, blen ) ) != 0 ) + if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, blen ) ) != 0 ) return( ret ); if( (size_t)( p - buf ) != blen ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); return( 0 ); } @@ -239,7 +239,7 @@ int ecdh_read_public( ecdh_context *ctx, /* * Derive and export the shared secret */ -int ecdh_calc_secret( ecdh_context *ctx, size_t *olen, +int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) @@ -247,33 +247,19 @@ int ecdh_calc_secret( ecdh_context *ctx, size_t *olen, int ret; if( ctx == NULL ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - if( ( ret = ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d, + if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d, f_rng, p_rng ) ) != 0 ) { return( ret ); } - if( mpi_size( &ctx->z ) > blen ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + if( mbedtls_mpi_size( &ctx->z ) > blen ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); *olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 ); - return mpi_write_binary( &ctx->z, buf, *olen ); + return mbedtls_mpi_write_binary( &ctx->z, buf, *olen ); } - -#if defined(POLARSSL_SELF_TEST) - -/* - * Checkup routine - */ -int ecdh_self_test( int verbose ) -{ - ((void) verbose ); - return( 0 ); -} - -#endif /* POLARSSL_SELF_TEST */ - -#endif /* POLARSSL_ECDH_C */ +#endif /* MBEDTLS_ECDH_C */ diff --git a/ext/mbedtls/library/ecdsa.c b/ext/mbedtls/library/ecdsa.c index 3f72d857c3..df8122e00b 100644 --- a/ext/mbedtls/library/ecdsa.c +++ b/ext/mbedtls/library/ecdsa.c @@ -26,69 +26,41 @@ * SEC1 http://www.secg.org/index.php?action=secg,docs_secg */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_ECDSA_C) +#if defined(MBEDTLS_ECDSA_C) -#include "polarssl/ecdsa.h" -#include "polarssl/asn1write.h" +#include "mbedtls/ecdsa.h" +#include "mbedtls/asn1write.h" #include -#if defined(POLARSSL_ECDSA_DETERMINISTIC) -#include "polarssl/hmac_drbg.h" +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) +#include "mbedtls/hmac_drbg.h" #endif -#if defined(POLARSSL_ECDSA_DETERMINISTIC) -/* - * This a hopefully temporary compatibility function. - * - * Since we can't ensure the caller will pass a valid md_alg before the next - * interface change, try to pick up a decent md by size. - * - * Argument is the minimum size in bytes of the MD output. - */ -static const md_info_t *md_info_by_size( size_t min_size ) -{ - const md_info_t *md_cur, *md_picked = NULL; - const int *md_alg; - - for( md_alg = md_list(); *md_alg != 0; md_alg++ ) - { - if( ( md_cur = md_info_from_type( (md_type_t) *md_alg ) ) == NULL || - (size_t) md_cur->size < min_size || - ( md_picked != NULL && md_cur->size > md_picked->size ) ) - continue; - - md_picked = md_cur; - } - - return( md_picked ); -} -#endif /* POLARSSL_ECDSA_DETERMINISTIC */ - /* * Derive a suitable integer for group grp from a buffer of length len * SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3 */ -static int derive_mpi( const ecp_group *grp, mpi *x, +static int derive_mpi( const mbedtls_ecp_group *grp, mbedtls_mpi *x, const unsigned char *buf, size_t blen ) { int ret; size_t n_size = ( grp->nbits + 7 ) / 8; size_t use_size = blen > n_size ? n_size : blen; - MPI_CHK( mpi_read_binary( x, buf, use_size ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( x, buf, use_size ) ); if( use_size * 8 > grp->nbits ) - MPI_CHK( mpi_shift_r( x, use_size * 8 - grp->nbits ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( x, use_size * 8 - grp->nbits ) ); /* While at it, reduce modulo N */ - if( mpi_cmp_mpi( x, &grp->N ) >= 0 ) - MPI_CHK( mpi_sub_mpi( x, x, &grp->N ) ); + if( mbedtls_mpi_cmp_mpi( x, &grp->N ) >= 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( x, x, &grp->N ) ); cleanup: return( ret ); @@ -98,20 +70,20 @@ cleanup: * Compute ECDSA signature of a hashed message (SEC1 4.1.3) * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message) */ -int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s, - const mpi *d, const unsigned char *buf, size_t blen, +int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret, key_tries, sign_tries, blind_tries; - ecp_point R; - mpi k, e, t; + mbedtls_ecp_point R; + mbedtls_mpi k, e, t; /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ if( grp->N.p == NULL ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - ecp_point_init( &R ); - mpi_init( &k ); mpi_init( &e ); mpi_init( &t ); + mbedtls_ecp_point_init( &R ); + mbedtls_mpi_init( &k ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &t ); sign_tries = 0; do @@ -123,21 +95,21 @@ int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s, key_tries = 0; do { - MPI_CHK( ecp_gen_keypair( grp, &k, &R, f_rng, p_rng ) ); - MPI_CHK( mpi_mod_mpi( r, &R.X, &grp->N ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair( grp, &k, &R, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( r, &R.X, &grp->N ) ); if( key_tries++ > 10 ) { - ret = POLARSSL_ERR_ECP_RANDOM_FAILED; + ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } } - while( mpi_cmp_int( r, 0 ) == 0 ); + while( mbedtls_mpi_cmp_int( r, 0 ) == 0 ); /* * Step 5: derive MPI from hashed message */ - MPI_CHK( derive_mpi( grp, &e, buf, blen ) ); + MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) ); /* * Generate a random value to blind inv_mod in next step, @@ -147,149 +119,141 @@ int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s, do { size_t n_size = ( grp->nbits + 7 ) / 8; - MPI_CHK( mpi_fill_random( &t, n_size, f_rng, p_rng ) ); - MPI_CHK( mpi_shift_r( &t, 8 * n_size - grp->nbits ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &t, n_size, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &t, 8 * n_size - grp->nbits ) ); - /* See ecp_gen_keypair() */ + /* See mbedtls_ecp_gen_keypair() */ if( ++blind_tries > 30 ) - return( POLARSSL_ERR_ECP_RANDOM_FAILED ); + return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); } - while( mpi_cmp_int( &t, 1 ) < 0 || - mpi_cmp_mpi( &t, &grp->N ) >= 0 ); + while( mbedtls_mpi_cmp_int( &t, 1 ) < 0 || + mbedtls_mpi_cmp_mpi( &t, &grp->N ) >= 0 ); /* * Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n */ - MPI_CHK( mpi_mul_mpi( s, r, d ) ); - MPI_CHK( mpi_add_mpi( &e, &e, s ) ); - MPI_CHK( mpi_mul_mpi( &e, &e, &t ) ); - MPI_CHK( mpi_mul_mpi( &k, &k, &t ) ); - MPI_CHK( mpi_inv_mod( s, &k, &grp->N ) ); - MPI_CHK( mpi_mul_mpi( s, s, &e ) ); - MPI_CHK( mpi_mod_mpi( s, s, &grp->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, r, d ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &e, &e, s ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &e, &e, &t ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &k, &k, &t ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, &k, &grp->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) ); if( sign_tries++ > 10 ) { - ret = POLARSSL_ERR_ECP_RANDOM_FAILED; + ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } } - while( mpi_cmp_int( s, 0 ) == 0 ); + while( mbedtls_mpi_cmp_int( s, 0 ) == 0 ); cleanup: - ecp_point_free( &R ); - mpi_free( &k ); mpi_free( &e ); mpi_free( &t ); + mbedtls_ecp_point_free( &R ); + mbedtls_mpi_free( &k ); mbedtls_mpi_free( &e ); mbedtls_mpi_free( &t ); return( ret ); } -#if defined(POLARSSL_ECDSA_DETERMINISTIC) +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) /* * Deterministic signature wrapper */ -int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s, - const mpi *d, const unsigned char *buf, size_t blen, - md_type_t md_alg ) +int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg ) { int ret; - hmac_drbg_context rng_ctx; - unsigned char data[2 * POLARSSL_ECP_MAX_BYTES]; + mbedtls_hmac_drbg_context rng_ctx; + unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES]; size_t grp_len = ( grp->nbits + 7 ) / 8; - const md_info_t *md_info; - mpi h; + const mbedtls_md_info_t *md_info; + mbedtls_mpi h; - /* Temporary fallback */ - if( md_alg == POLARSSL_MD_NONE ) - md_info = md_info_by_size( blen ); - else - md_info = md_info_from_type( md_alg ); + if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - if( md_info == NULL ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); - - mpi_init( &h ); - memset( &rng_ctx, 0, sizeof( hmac_drbg_context ) ); + mbedtls_mpi_init( &h ); + mbedtls_hmac_drbg_init( &rng_ctx ); /* Use private key and message hash (reduced) to initialize HMAC_DRBG */ - MPI_CHK( mpi_write_binary( d, data, grp_len ) ); - MPI_CHK( derive_mpi( grp, &h, buf, blen ) ); - MPI_CHK( mpi_write_binary( &h, data + grp_len, grp_len ) ); - hmac_drbg_init_buf( &rng_ctx, md_info, data, 2 * grp_len ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, data, grp_len ) ); + MBEDTLS_MPI_CHK( derive_mpi( grp, &h, buf, blen ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, data + grp_len, grp_len ) ); + mbedtls_hmac_drbg_seed_buf( &rng_ctx, md_info, data, 2 * grp_len ); - ret = ecdsa_sign( grp, r, s, d, buf, blen, - hmac_drbg_random, &rng_ctx ); + ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, &rng_ctx ); cleanup: - hmac_drbg_free( &rng_ctx ); - mpi_free( &h ); + mbedtls_hmac_drbg_free( &rng_ctx ); + mbedtls_mpi_free( &h ); return( ret ); } -#endif /* POLARSSL_ECDSA_DETERMINISTIC */ +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ /* * Verify ECDSA signature of hashed message (SEC1 4.1.4) * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message) */ -int ecdsa_verify( ecp_group *grp, +int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, const unsigned char *buf, size_t blen, - const ecp_point *Q, const mpi *r, const mpi *s) + const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s) { int ret; - mpi e, s_inv, u1, u2; - ecp_point R, P; + mbedtls_mpi e, s_inv, u1, u2; + mbedtls_ecp_point R; - ecp_point_init( &R ); ecp_point_init( &P ); - mpi_init( &e ); mpi_init( &s_inv ); mpi_init( &u1 ); mpi_init( &u2 ); + mbedtls_ecp_point_init( &R ); + mbedtls_mpi_init( &e ); mbedtls_mpi_init( &s_inv ); mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 ); /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ if( grp->N.p == NULL ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); /* * Step 1: make sure r and s are in range 1..n-1 */ - if( mpi_cmp_int( r, 1 ) < 0 || mpi_cmp_mpi( r, &grp->N ) >= 0 || - mpi_cmp_int( s, 1 ) < 0 || mpi_cmp_mpi( s, &grp->N ) >= 0 ) + if( mbedtls_mpi_cmp_int( r, 1 ) < 0 || mbedtls_mpi_cmp_mpi( r, &grp->N ) >= 0 || + mbedtls_mpi_cmp_int( s, 1 ) < 0 || mbedtls_mpi_cmp_mpi( s, &grp->N ) >= 0 ) { - ret = POLARSSL_ERR_ECP_VERIFY_FAILED; + ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } /* * Additional precaution: make sure Q is valid */ - MPI_CHK( ecp_check_pubkey( grp, Q ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) ); /* * Step 3: derive MPI from hashed message */ - MPI_CHK( derive_mpi( grp, &e, buf, blen ) ); + MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) ); /* * Step 4: u1 = e / s mod n, u2 = r / s mod n */ - MPI_CHK( mpi_inv_mod( &s_inv, s, &grp->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &s_inv, s, &grp->N ) ); - MPI_CHK( mpi_mul_mpi( &u1, &e, &s_inv ) ); - MPI_CHK( mpi_mod_mpi( &u1, &u1, &grp->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u1, &e, &s_inv ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u1, &u1, &grp->N ) ); - MPI_CHK( mpi_mul_mpi( &u2, r, &s_inv ) ); - MPI_CHK( mpi_mod_mpi( &u2, &u2, &grp->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u2, r, &s_inv ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u2, &u2, &grp->N ) ); /* * Step 5: R = u1 G + u2 Q * * Since we're not using any secret data, no need to pass a RNG to - * ecp_mul() for countermesures. + * mbedtls_ecp_mul() for countermesures. */ - MPI_CHK( ecp_mul( grp, &R, &u1, &grp->G, NULL, NULL ) ); - MPI_CHK( ecp_mul( grp, &P, &u2, Q, NULL, NULL ) ); - MPI_CHK( ecp_add( grp, &R, &R, &P ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, &R, &u1, &grp->G, &u2, Q ) ); - if( ecp_is_zero( &R ) ) + if( mbedtls_ecp_is_zero( &R ) ) { - ret = POLARSSL_ERR_ECP_VERIFY_FAILED; + ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } @@ -297,60 +261,41 @@ int ecdsa_verify( ecp_group *grp, * Step 6: convert xR to an integer (no-op) * Step 7: reduce xR mod n (gives v) */ - MPI_CHK( mpi_mod_mpi( &R.X, &R.X, &grp->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &R.X, &R.X, &grp->N ) ); /* * Step 8: check if v (that is, R.X) is equal to r */ - if( mpi_cmp_mpi( &R.X, r ) != 0 ) + if( mbedtls_mpi_cmp_mpi( &R.X, r ) != 0 ) { - ret = POLARSSL_ERR_ECP_VERIFY_FAILED; + ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } cleanup: - ecp_point_free( &R ); ecp_point_free( &P ); - mpi_free( &e ); mpi_free( &s_inv ); mpi_free( &u1 ); mpi_free( &u2 ); + mbedtls_ecp_point_free( &R ); + mbedtls_mpi_free( &e ); mbedtls_mpi_free( &s_inv ); mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 ); return( ret ); } -/* - * RFC 4492 page 20: - * - * Ecdsa-Sig-Value ::= SEQUENCE { - * r INTEGER, - * s INTEGER - * } - * - * Size is at most - * 1 (tag) + 1 (len) + 1 (initial 0) + ECP_MAX_BYTES for each of r and s, - * twice that + 1 (tag) + 2 (len) for the sequence - * (assuming ECP_MAX_BYTES is less than 126 for r and s, - * and less than 124 (total len <= 255) for the sequence) - */ -#if POLARSSL_ECP_MAX_BYTES > 124 -#error "POLARSSL_ECP_MAX_BYTES bigger than expected, please fix MAX_SIG_LEN" -#endif -#define MAX_SIG_LEN ( 3 + 2 * ( 3 + POLARSSL_ECP_MAX_BYTES ) ) - /* * Convert a signature (given by context) to ASN.1 */ -static int ecdsa_signature_to_asn1( ecdsa_context *ctx, +static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, unsigned char *sig, size_t *slen ) { int ret; - unsigned char buf[MAX_SIG_LEN]; + unsigned char buf[MBEDTLS_ECDSA_MAX_LEN]; unsigned char *p = buf + sizeof( buf ); size_t len = 0; - ASN1_CHK_ADD( len, asn1_write_mpi( &p, buf, &ctx->s ) ); - ASN1_CHK_ADD( len, asn1_write_mpi( &p, buf, &ctx->r ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, s ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, r ) ); - ASN1_CHK_ADD( len, asn1_write_len( &p, buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &p, buf, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); memcpy( sig, p, len ); *slen = len; @@ -361,48 +306,56 @@ static int ecdsa_signature_to_asn1( ecdsa_context *ctx, /* * Compute and write signature */ -int ecdsa_write_signature( ecdsa_context *ctx, +int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; + mbedtls_mpi r, s; - if( ( ret = ecdsa_sign( &ctx->grp, &ctx->r, &ctx->s, &ctx->d, - hash, hlen, f_rng, p_rng ) ) != 0 ) - { - return( ret ); - } + mbedtls_mpi_init( &r ); + mbedtls_mpi_init( &s ); - return( ecdsa_signature_to_asn1( ctx, sig, slen ) ); +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + (void) f_rng; + (void) p_rng; + + MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ctx->grp, &r, &s, &ctx->d, + hash, hlen, md_alg ) ); +#else + (void) md_alg; + + MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d, + hash, hlen, f_rng, p_rng ) ); +#endif + + MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) ); + +cleanup: + mbedtls_mpi_free( &r ); + mbedtls_mpi_free( &s ); + + return( ret ); } -#if defined(POLARSSL_ECDSA_DETERMINISTIC) -/* - * Compute and write signature deterministically - */ -int ecdsa_write_signature_det( ecdsa_context *ctx, +#if ! defined(MBEDTLS_DEPRECATED_REMOVED) && \ + defined(MBEDTLS_ECDSA_DETERMINISTIC) +int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, - md_type_t md_alg ) + mbedtls_md_type_t md_alg ) { - int ret; - - if( ( ret = ecdsa_sign_det( &ctx->grp, &ctx->r, &ctx->s, &ctx->d, - hash, hlen, md_alg ) ) != 0 ) - { - return( ret ); - } - - return( ecdsa_signature_to_asn1( ctx, sig, slen ) ); + return( mbedtls_ecdsa_write_signature( ctx, md_alg, hash, hlen, sig, slen, + NULL, NULL ) ); } -#endif /* POLARSSL_ECDSA_DETERMINISTIC */ +#endif /* * Read and check signature */ -int ecdsa_read_signature( ecdsa_context *ctx, +int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen ) { @@ -410,53 +363,68 @@ int ecdsa_read_signature( ecdsa_context *ctx, unsigned char *p = (unsigned char *) sig; const unsigned char *end = sig + slen; size_t len; + mbedtls_mpi r, s; - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + mbedtls_mpi_init( &r ); + mbedtls_mpi_init( &s ); + + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA + ret ); + ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + goto cleanup; } if( p + len != end ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + { + ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + goto cleanup; + } - if( ( ret = asn1_get_mpi( &p, end, &ctx->r ) ) != 0 || - ( ret = asn1_get_mpi( &p, end, &ctx->s ) ) != 0 ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA + ret ); + if( ( ret = mbedtls_asn1_get_mpi( &p, end, &r ) ) != 0 || + ( ret = mbedtls_asn1_get_mpi( &p, end, &s ) ) != 0 ) + { + ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + goto cleanup; + } - if( ( ret = ecdsa_verify( &ctx->grp, hash, hlen, - &ctx->Q, &ctx->r, &ctx->s ) ) != 0 ) - return( ret ); + if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen, + &ctx->Q, &r, &s ) ) != 0 ) + goto cleanup; if( p != end ) - return( POLARSSL_ERR_ECP_SIG_LEN_MISMATCH ); + ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH; - return( 0 ); +cleanup: + mbedtls_mpi_free( &r ); + mbedtls_mpi_free( &s ); + + return( ret ); } /* * Generate key pair */ -int ecdsa_genkey( ecdsa_context *ctx, ecp_group_id gid, +int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - return( ecp_use_known_dp( &ctx->grp, gid ) || - ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ); + return( mbedtls_ecp_group_load( &ctx->grp, gid ) || + mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ); } /* - * Set context from an ecp_keypair + * Set context from an mbedtls_ecp_keypair */ -int ecdsa_from_keypair( ecdsa_context *ctx, const ecp_keypair *key ) +int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key ) { int ret; - if( ( ret = ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 || - ( ret = mpi_copy( &ctx->d, &key->d ) ) != 0 || - ( ret = ecp_copy( &ctx->Q, &key->Q ) ) != 0 ) + if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 || + ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 || + ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 ) { - ecdsa_free( ctx ); + mbedtls_ecdsa_free( ctx ); } return( ret ); @@ -465,38 +433,17 @@ int ecdsa_from_keypair( ecdsa_context *ctx, const ecp_keypair *key ) /* * Initialize context */ -void ecdsa_init( ecdsa_context *ctx ) +void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ) { - ecp_group_init( &ctx->grp ); - mpi_init( &ctx->d ); - ecp_point_init( &ctx->Q ); - mpi_init( &ctx->r ); - mpi_init( &ctx->s ); + mbedtls_ecp_keypair_init( ctx ); } /* * Free context */ -void ecdsa_free( ecdsa_context *ctx ) -{ - ecp_group_free( &ctx->grp ); - mpi_free( &ctx->d ); - ecp_point_free( &ctx->Q ); - mpi_free( &ctx->r ); - mpi_free( &ctx->s ); -} - -#if defined(POLARSSL_SELF_TEST) - -/* - * Checkup routine - */ -int ecdsa_self_test( int verbose ) +void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx ) { - ((void) verbose ); - return( 0 ); + mbedtls_ecp_keypair_free( ctx ); } -#endif /* POLARSSL_SELF_TEST */ - -#endif /* POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDSA_C */ diff --git a/ext/mbedtls/library/ecp.c b/ext/mbedtls/library/ecp.c index adef09ea87..c5464e30c2 100644 --- a/ext/mbedtls/library/ecp.c +++ b/ext/mbedtls/library/ecp.c @@ -28,60 +28,51 @@ * FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf * RFC 4492 for the related TLS structures and constants * - * [M255] http://cr.yp.to/ecdh/curve25519-20060209.pdf + * [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf * - * [2] CORON, Jean-Sébastien. Resistance against differential power analysis + * [2] CORON, Jean-S'ebastien. Resistance against differential power analysis * for elliptic curve cryptosystems. In : Cryptographic Hardware and * Embedded Systems. Springer Berlin Heidelberg, 1999. p. 292-302. * * - * [3] HEDABOU, Mustapha, PINEL, Pierre, et BÉNÉTEAU, Lucien. A comb method to + * [3] HEDABOU, Mustapha, PINEL, Pierre, et B'EN'ETEAU, Lucien. A comb method to * render ECC resistant against Side Channel Attacks. IACR Cryptology * ePrint Archive, 2004, vol. 2004, p. 342. * */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_ECP_C) +#if defined(MBEDTLS_ECP_C) -#include "polarssl/ecp.h" +#include "mbedtls/ecp.h" #include -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include #include -#define polarssl_printf printf -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_printf printf +#define mbedtls_calloc calloc +#define mbedtls_free free #endif -#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \ - !defined(EFI32) -#define strcasecmp _stricmp -#endif - -#if defined(_MSC_VER) && !defined(inline) -#define inline _inline -#else -#if defined(__ARMCC_VERSION) && !defined(inline) +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && !defined(inline) #define inline __inline -#endif /* __ARMCC_VERSION */ -#endif /*_MSC_VER */ +#endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * Counts of point addition and doubling, and field multiplications. * Used to test resistance of point multiplication to simple timing attacks. @@ -89,25 +80,22 @@ static void polarssl_zeroize( void *v, size_t n ) { static unsigned long add_count, dbl_count, mul_count; #endif -#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) || \ - defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) || \ - defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) || \ - defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) || \ - defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) || \ - defined(POLARSSL_ECP_DP_BP256R1_ENABLED) || \ - defined(POLARSSL_ECP_DP_BP384R1_ENABLED) || \ - defined(POLARSSL_ECP_DP_BP512R1_ENABLED) || \ - defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) || \ - defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) || \ - defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) -#define POLARSSL_ECP_SHORT_WEIERSTRASS +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +#define ECP_SHORTWEIERSTRASS #endif -#if defined(POLARSSL_ECP_DP_M221_ENABLED) || \ - defined(POLARSSL_ECP_DP_M255_ENABLED) || \ - defined(POLARSSL_ECP_DP_M383_ENABLED) || \ - defined(POLARSSL_ECP_DP_M511_ENABLED) -#define POLARSSL_ECP_MONTGOMERY +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +#define ECP_MONTGOMERY #endif /* @@ -115,9 +103,9 @@ static unsigned long add_count, dbl_count, mul_count; */ typedef enum { - POLARSSL_ECP_TYPE_NONE = 0, - POLARSSL_ECP_TYPE_SHORT_WEIERSTRASS, /* y^2 = x^3 + a x + b */ - POLARSSL_ECP_TYPE_MONTGOMERY, /* y^2 = x^3 + a x^2 + x */ + ECP_TYPE_NONE = 0, + ECP_TYPE_SHORT_WEIERSTRASS, /* y^2 = x^3 + a x + b */ + ECP_TYPE_MONTGOMERY, /* y^2 = x^3 + a x^2 + x */ } ecp_curve_type; /* @@ -129,54 +117,56 @@ typedef enum * * Curves are listed in order: largest curves first, and for a given size, * fastest curves first. This provides the default order for the SSL module. + * + * Reminder: update profiles in x509_crt.c when adding a new curves! */ -static const ecp_curve_info ecp_supported_curves[] = +static const mbedtls_ecp_curve_info ecp_supported_curves[] = { -#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) - { POLARSSL_ECP_DP_SECP521R1, 25, 521, "secp521r1" }, +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + { MBEDTLS_ECP_DP_SECP521R1, 25, 521, "secp521r1" }, #endif -#if defined(POLARSSL_ECP_DP_BP512R1_ENABLED) - { POLARSSL_ECP_DP_BP512R1, 28, 512, "brainpoolP512r1" }, +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + { MBEDTLS_ECP_DP_BP512R1, 28, 512, "brainpoolP512r1" }, #endif -#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) - { POLARSSL_ECP_DP_SECP384R1, 24, 384, "secp384r1" }, +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + { MBEDTLS_ECP_DP_SECP384R1, 24, 384, "secp384r1" }, #endif -#if defined(POLARSSL_ECP_DP_BP384R1_ENABLED) - { POLARSSL_ECP_DP_BP384R1, 27, 384, "brainpoolP384r1" }, +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + { MBEDTLS_ECP_DP_BP384R1, 27, 384, "brainpoolP384r1" }, #endif -#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) - { POLARSSL_ECP_DP_SECP256R1, 23, 256, "secp256r1" }, +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + { MBEDTLS_ECP_DP_SECP256R1, 23, 256, "secp256r1" }, #endif -#if defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) - { POLARSSL_ECP_DP_SECP256K1, 22, 256, "secp256k1" }, +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + { MBEDTLS_ECP_DP_SECP256K1, 22, 256, "secp256k1" }, #endif -#if defined(POLARSSL_ECP_DP_BP256R1_ENABLED) - { POLARSSL_ECP_DP_BP256R1, 26, 256, "brainpoolP256r1" }, +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) + { MBEDTLS_ECP_DP_BP256R1, 26, 256, "brainpoolP256r1" }, #endif -#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) - { POLARSSL_ECP_DP_SECP224R1, 21, 224, "secp224r1" }, +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + { MBEDTLS_ECP_DP_SECP224R1, 21, 224, "secp224r1" }, #endif -#if defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) - { POLARSSL_ECP_DP_SECP224K1, 20, 224, "secp224k1" }, +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + { MBEDTLS_ECP_DP_SECP224K1, 20, 224, "secp224k1" }, #endif -#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) - { POLARSSL_ECP_DP_SECP192R1, 19, 192, "secp192r1" }, +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + { MBEDTLS_ECP_DP_SECP192R1, 19, 192, "secp192r1" }, #endif -#if defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) - { POLARSSL_ECP_DP_SECP192K1, 18, 192, "secp192k1" }, +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + { MBEDTLS_ECP_DP_SECP192K1, 18, 192, "secp192k1" }, #endif - { POLARSSL_ECP_DP_NONE, 0, 0, NULL }, + { MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, }; #define ECP_NB_CURVES sizeof( ecp_supported_curves ) / \ sizeof( ecp_supported_curves[0] ) -static ecp_group_id ecp_supported_grp_id[ECP_NB_CURVES]; +static mbedtls_ecp_group_id ecp_supported_grp_id[ECP_NB_CURVES]; /* * List of supported curves and associated info */ -const ecp_curve_info *ecp_curve_list( void ) +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void ) { return( ecp_supported_curves ); } @@ -184,22 +174,22 @@ const ecp_curve_info *ecp_curve_list( void ) /* * List of supported curves, group ID only */ -const ecp_group_id *ecp_grp_id_list( void ) +const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void ) { static int init_done = 0; if( ! init_done ) { size_t i = 0; - const ecp_curve_info *curve_info; + const mbedtls_ecp_curve_info *curve_info; - for( curve_info = ecp_curve_list(); - curve_info->grp_id != POLARSSL_ECP_DP_NONE; + for( curve_info = mbedtls_ecp_curve_list(); + curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info++ ) { ecp_supported_grp_id[i++] = curve_info->grp_id; } - ecp_supported_grp_id[i] = POLARSSL_ECP_DP_NONE; + ecp_supported_grp_id[i] = MBEDTLS_ECP_DP_NONE; init_done = 1; } @@ -210,12 +200,12 @@ const ecp_group_id *ecp_grp_id_list( void ) /* * Get the curve info for the internal identifier */ -const ecp_curve_info *ecp_curve_info_from_grp_id( ecp_group_id grp_id ) +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id ) { - const ecp_curve_info *curve_info; + const mbedtls_ecp_curve_info *curve_info; - for( curve_info = ecp_curve_list(); - curve_info->grp_id != POLARSSL_ECP_DP_NONE; + for( curve_info = mbedtls_ecp_curve_list(); + curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info++ ) { if( curve_info->grp_id == grp_id ) @@ -228,12 +218,12 @@ const ecp_curve_info *ecp_curve_info_from_grp_id( ecp_group_id grp_id ) /* * Get the curve info from the TLS identifier */ -const ecp_curve_info *ecp_curve_info_from_tls_id( uint16_t tls_id ) +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id ) { - const ecp_curve_info *curve_info; + const mbedtls_ecp_curve_info *curve_info; - for( curve_info = ecp_curve_list(); - curve_info->grp_id != POLARSSL_ECP_DP_NONE; + for( curve_info = mbedtls_ecp_curve_list(); + curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info++ ) { if( curve_info->tls_id == tls_id ) @@ -246,15 +236,15 @@ const ecp_curve_info *ecp_curve_info_from_tls_id( uint16_t tls_id ) /* * Get the curve info from the name */ -const ecp_curve_info *ecp_curve_info_from_name( const char *name ) +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name ) { - const ecp_curve_info *curve_info; + const mbedtls_ecp_curve_info *curve_info; - for( curve_info = ecp_curve_list(); - curve_info->grp_id != POLARSSL_ECP_DP_NONE; + for( curve_info = mbedtls_ecp_curve_list(); + curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info++ ) { - if( strcasecmp( curve_info->name, name ) == 0 ) + if( strcmp( curve_info->name, name ) == 0 ) return( curve_info ); } @@ -264,71 +254,71 @@ const ecp_curve_info *ecp_curve_info_from_name( const char *name ) /* * Get the type of a curve */ -static inline ecp_curve_type ecp_get_type( const ecp_group *grp ) +static inline ecp_curve_type ecp_get_type( const mbedtls_ecp_group *grp ) { if( grp->G.X.p == NULL ) - return( POLARSSL_ECP_TYPE_NONE ); + return( ECP_TYPE_NONE ); if( grp->G.Y.p == NULL ) - return( POLARSSL_ECP_TYPE_MONTGOMERY ); + return( ECP_TYPE_MONTGOMERY ); else - return( POLARSSL_ECP_TYPE_SHORT_WEIERSTRASS ); + return( ECP_TYPE_SHORT_WEIERSTRASS ); } /* * Initialize (the components of) a point */ -void ecp_point_init( ecp_point *pt ) +void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ) { if( pt == NULL ) return; - mpi_init( &pt->X ); - mpi_init( &pt->Y ); - mpi_init( &pt->Z ); + mbedtls_mpi_init( &pt->X ); + mbedtls_mpi_init( &pt->Y ); + mbedtls_mpi_init( &pt->Z ); } /* * Initialize (the components of) a group */ -void ecp_group_init( ecp_group *grp ) +void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ) { if( grp == NULL ) return; - memset( grp, 0, sizeof( ecp_group ) ); + memset( grp, 0, sizeof( mbedtls_ecp_group ) ); } /* * Initialize (the components of) a key pair */ -void ecp_keypair_init( ecp_keypair *key ) +void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key ) { if( key == NULL ) return; - ecp_group_init( &key->grp ); - mpi_init( &key->d ); - ecp_point_init( &key->Q ); + mbedtls_ecp_group_init( &key->grp ); + mbedtls_mpi_init( &key->d ); + mbedtls_ecp_point_init( &key->Q ); } /* * Unallocate (the components of) a point */ -void ecp_point_free( ecp_point *pt ) +void mbedtls_ecp_point_free( mbedtls_ecp_point *pt ) { if( pt == NULL ) return; - mpi_free( &( pt->X ) ); - mpi_free( &( pt->Y ) ); - mpi_free( &( pt->Z ) ); + mbedtls_mpi_free( &( pt->X ) ); + mbedtls_mpi_free( &( pt->Y ) ); + mbedtls_mpi_free( &( pt->Z ) ); } /* * Unallocate (the components of) a group */ -void ecp_group_free( ecp_group *grp ) +void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ) { size_t i; @@ -337,46 +327,46 @@ void ecp_group_free( ecp_group *grp ) if( grp->h != 1 ) { - mpi_free( &grp->P ); - mpi_free( &grp->A ); - mpi_free( &grp->B ); - ecp_point_free( &grp->G ); - mpi_free( &grp->N ); + mbedtls_mpi_free( &grp->P ); + mbedtls_mpi_free( &grp->A ); + mbedtls_mpi_free( &grp->B ); + mbedtls_ecp_point_free( &grp->G ); + mbedtls_mpi_free( &grp->N ); } if( grp->T != NULL ) { for( i = 0; i < grp->T_size; i++ ) - ecp_point_free( &grp->T[i] ); - polarssl_free( grp->T ); + mbedtls_ecp_point_free( &grp->T[i] ); + mbedtls_free( grp->T ); } - polarssl_zeroize( grp, sizeof( ecp_group ) ); + mbedtls_zeroize( grp, sizeof( mbedtls_ecp_group ) ); } /* * Unallocate (the components of) a key pair */ -void ecp_keypair_free( ecp_keypair *key ) +void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ) { if( key == NULL ) return; - ecp_group_free( &key->grp ); - mpi_free( &key->d ); - ecp_point_free( &key->Q ); + mbedtls_ecp_group_free( &key->grp ); + mbedtls_mpi_free( &key->d ); + mbedtls_ecp_point_free( &key->Q ); } /* * Copy the contents of a point */ -int ecp_copy( ecp_point *P, const ecp_point *Q ) +int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ) { int ret; - MPI_CHK( mpi_copy( &P->X, &Q->X ) ); - MPI_CHK( mpi_copy( &P->Y, &Q->Y ) ); - MPI_CHK( mpi_copy( &P->Z, &Q->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->X, &Q->X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->Y, &Q->Y ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->Z, &Q->Z ) ); cleanup: return( ret ); @@ -385,21 +375,21 @@ cleanup: /* * Copy the contents of a group object */ -int ecp_group_copy( ecp_group *dst, const ecp_group *src ) +int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src ) { - return ecp_use_known_dp( dst, src->id ); + return mbedtls_ecp_group_load( dst, src->id ); } /* * Set point to zero */ -int ecp_set_zero( ecp_point *pt ) +int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ) { int ret; - MPI_CHK( mpi_lset( &pt->X , 1 ) ); - MPI_CHK( mpi_lset( &pt->Y , 1 ) ); - MPI_CHK( mpi_lset( &pt->Z , 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->X , 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Y , 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z , 0 ) ); cleanup: return( ret ); @@ -408,22 +398,22 @@ cleanup: /* * Tell if a point is zero */ -int ecp_is_zero( ecp_point *pt ) +int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ) { - return( mpi_cmp_int( &pt->Z, 0 ) == 0 ); + return( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 ); } /* * Import a non-zero point from ASCII strings */ -int ecp_point_read_string( ecp_point *P, int radix, +int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, const char *x, const char *y ) { int ret; - MPI_CHK( mpi_read_string( &P->X, radix, x ) ); - MPI_CHK( mpi_read_string( &P->Y, radix, y ) ); - MPI_CHK( mpi_lset( &P->Z, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P->X, radix, x ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P->Y, radix, y ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &P->Z, 1 ) ); cleanup: return( ret ); @@ -432,24 +422,24 @@ cleanup: /* * Export a point into unsigned binary data (SEC1 2.3.3) */ -int ecp_point_write_binary( const ecp_group *grp, const ecp_point *P, +int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, int format, size_t *olen, unsigned char *buf, size_t buflen ) { int ret = 0; size_t plen; - if( format != POLARSSL_ECP_PF_UNCOMPRESSED && - format != POLARSSL_ECP_PF_COMPRESSED ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + if( format != MBEDTLS_ECP_PF_UNCOMPRESSED && + format != MBEDTLS_ECP_PF_COMPRESSED ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); /* * Common case: P == 0 */ - if( mpi_cmp_int( &P->Z, 0 ) == 0 ) + if( mbedtls_mpi_cmp_int( &P->Z, 0 ) == 0 ) { if( buflen < 1 ) - return( POLARSSL_ERR_ECP_BUFFER_TOO_SMALL ); + return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); buf[0] = 0x00; *olen = 1; @@ -457,28 +447,28 @@ int ecp_point_write_binary( const ecp_group *grp, const ecp_point *P, return( 0 ); } - plen = mpi_size( &grp->P ); + plen = mbedtls_mpi_size( &grp->P ); - if( format == POLARSSL_ECP_PF_UNCOMPRESSED ) + if( format == MBEDTLS_ECP_PF_UNCOMPRESSED ) { *olen = 2 * plen + 1; if( buflen < *olen ) - return( POLARSSL_ERR_ECP_BUFFER_TOO_SMALL ); + return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); buf[0] = 0x04; - MPI_CHK( mpi_write_binary( &P->X, buf + 1, plen ) ); - MPI_CHK( mpi_write_binary( &P->Y, buf + 1 + plen, plen ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->X, buf + 1, plen ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->Y, buf + 1 + plen, plen ) ); } - else if( format == POLARSSL_ECP_PF_COMPRESSED ) + else if( format == MBEDTLS_ECP_PF_COMPRESSED ) { *olen = plen + 1; if( buflen < *olen ) - return( POLARSSL_ERR_ECP_BUFFER_TOO_SMALL ); + return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); - buf[0] = 0x02 + mpi_get_bit( &P->Y, 0 ); - MPI_CHK( mpi_write_binary( &P->X, buf + 1, plen ) ); + buf[0] = 0x02 + mbedtls_mpi_get_bit( &P->Y, 0 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->X, buf + 1, plen ) ); } cleanup: @@ -488,34 +478,34 @@ cleanup: /* * Import a point from unsigned binary data (SEC1 2.3.4) */ -int ecp_point_read_binary( const ecp_group *grp, ecp_point *pt, +int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, const unsigned char *buf, size_t ilen ) { int ret; size_t plen; if( ilen < 1 ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); if( buf[0] == 0x00 ) { if( ilen == 1 ) - return( ecp_set_zero( pt ) ); + return( mbedtls_ecp_set_zero( pt ) ); else - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); } - plen = mpi_size( &grp->P ); + plen = mbedtls_mpi_size( &grp->P ); if( buf[0] != 0x04 ) - return( POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); if( ilen != 2 * plen + 1 ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - MPI_CHK( mpi_read_binary( &pt->X, buf + 1, plen ) ); - MPI_CHK( mpi_read_binary( &pt->Y, buf + 1 + plen, plen ) ); - MPI_CHK( mpi_lset( &pt->Z, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &pt->X, buf + 1, plen ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &pt->Y, buf + 1 + plen, plen ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) ); cleanup: return( ret ); @@ -527,7 +517,7 @@ cleanup: * opaque point <1..2^8-1>; * } ECPoint; */ -int ecp_tls_read_point( const ecp_group *grp, ecp_point *pt, +int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, const unsigned char **buf, size_t buf_len ) { unsigned char data_len; @@ -537,11 +527,11 @@ int ecp_tls_read_point( const ecp_group *grp, ecp_point *pt, * We must have at least two bytes (1 for length, at least one for data) */ if( buf_len < 2 ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); data_len = *(*buf)++; if( data_len < 1 || data_len > buf_len - 1 ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); /* * Save buffer start for read_binary and update buf @@ -549,7 +539,7 @@ int ecp_tls_read_point( const ecp_group *grp, ecp_point *pt, buf_start = *buf; *buf += data_len; - return ecp_point_read_binary( grp, pt, buf_start, data_len ); + return mbedtls_ecp_point_read_binary( grp, pt, buf_start, data_len ); } /* @@ -558,7 +548,7 @@ int ecp_tls_read_point( const ecp_group *grp, ecp_point *pt, * opaque point <1..2^8-1>; * } ECPoint; */ -int ecp_tls_write_point( const ecp_group *grp, const ecp_point *pt, +int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, int format, size_t *olen, unsigned char *buf, size_t blen ) { @@ -568,9 +558,9 @@ int ecp_tls_write_point( const ecp_group *grp, const ecp_point *pt, * buffer length must be at least one, for our length byte */ if( blen < 1 ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - if( ( ret = ecp_point_write_binary( grp, pt, format, + if( ( ret = mbedtls_ecp_point_write_binary( grp, pt, format, olen, buf + 1, blen - 1) ) != 0 ) return( ret ); @@ -583,49 +573,25 @@ int ecp_tls_write_point( const ecp_group *grp, const ecp_point *pt, return( 0 ); } -/* - * Import an ECP group from ASCII strings, case A == -3 - */ -int ecp_group_read_string( ecp_group *grp, int radix, - const char *p, const char *b, - const char *gx, const char *gy, const char *n) -{ - int ret; - - MPI_CHK( mpi_read_string( &grp->P, radix, p ) ); - MPI_CHK( mpi_read_string( &grp->B, radix, b ) ); - MPI_CHK( ecp_point_read_string( &grp->G, radix, gx, gy ) ); - MPI_CHK( mpi_read_string( &grp->N, radix, n ) ); - - grp->pbits = mpi_msb( &grp->P ); - grp->nbits = mpi_msb( &grp->N ); - -cleanup: - if( ret != 0 ) - ecp_group_free( grp ); - - return( ret ); -} - /* * Set a group from an ECParameters record (RFC 4492) */ -int ecp_tls_read_group( ecp_group *grp, const unsigned char **buf, size_t len ) +int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, const unsigned char **buf, size_t len ) { uint16_t tls_id; - const ecp_curve_info *curve_info; + const mbedtls_ecp_curve_info *curve_info; /* * We expect at least three bytes (see below) */ if( len < 3 ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); /* * First byte is curve_type; only named_curve is handled */ - if( *(*buf)++ != POLARSSL_ECP_TLS_NAMED_CURVE ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + if( *(*buf)++ != MBEDTLS_ECP_TLS_NAMED_CURVE ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); /* * Next two bytes are the namedcurve value @@ -634,34 +600,34 @@ int ecp_tls_read_group( ecp_group *grp, const unsigned char **buf, size_t len ) tls_id <<= 8; tls_id |= *(*buf)++; - if( ( curve_info = ecp_curve_info_from_tls_id( tls_id ) ) == NULL ) - return( POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE ); + if( ( curve_info = mbedtls_ecp_curve_info_from_tls_id( tls_id ) ) == NULL ) + return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); - return ecp_use_known_dp( grp, curve_info->grp_id ); + return mbedtls_ecp_group_load( grp, curve_info->grp_id ); } /* * Write the ECParameters record corresponding to a group (RFC 4492) */ -int ecp_tls_write_group( const ecp_group *grp, size_t *olen, +int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, unsigned char *buf, size_t blen ) { - const ecp_curve_info *curve_info; + const mbedtls_ecp_curve_info *curve_info; - if( ( curve_info = ecp_curve_info_from_grp_id( grp->id ) ) == NULL ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + if( ( curve_info = mbedtls_ecp_curve_info_from_grp_id( grp->id ) ) == NULL ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); /* * We are going to write 3 bytes (see below) */ *olen = 3; if( blen < *olen ) - return( POLARSSL_ERR_ECP_BUFFER_TOO_SMALL ); + return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); /* * First byte is curve_type, always named_curve */ - *buf++ = POLARSSL_ECP_TLS_NAMED_CURVE; + *buf++ = MBEDTLS_ECP_TLS_NAMED_CURVE; /* * Next two bytes are the namedcurve value @@ -673,34 +639,34 @@ int ecp_tls_write_group( const ecp_group *grp, size_t *olen, } /* - * Wrapper around fast quasi-modp functions, with fall-back to mpi_mod_mpi. - * See the documentation of struct ecp_group. + * Wrapper around fast quasi-modp functions, with fall-back to mbedtls_mpi_mod_mpi. + * See the documentation of struct mbedtls_ecp_group. * - * This function is in the critial loop for ecp_mul, so pay attention to perf. + * This function is in the critial loop for mbedtls_ecp_mul, so pay attention to perf. */ -static int ecp_modp( mpi *N, const ecp_group *grp ) +static int ecp_modp( mbedtls_mpi *N, const mbedtls_ecp_group *grp ) { int ret; if( grp->modp == NULL ) - return( mpi_mod_mpi( N, N, &grp->P ) ); + return( mbedtls_mpi_mod_mpi( N, N, &grp->P ) ); /* N->s < 0 is a much faster test, which fails only if N is 0 */ - if( ( N->s < 0 && mpi_cmp_int( N, 0 ) != 0 ) || - mpi_msb( N ) > 2 * grp->pbits ) + if( ( N->s < 0 && mbedtls_mpi_cmp_int( N, 0 ) != 0 ) || + mbedtls_mpi_bitlen( N ) > 2 * grp->pbits ) { - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); } - MPI_CHK( grp->modp( N ) ); + MBEDTLS_MPI_CHK( grp->modp( N ) ); /* N->s < 0 is a much faster test, which fails only if N is 0 */ - while( N->s < 0 && mpi_cmp_int( N, 0 ) != 0 ) - MPI_CHK( mpi_add_mpi( N, N, &grp->P ) ); + while( N->s < 0 && mbedtls_mpi_cmp_int( N, 0 ) != 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &grp->P ) ); - while( mpi_cmp_mpi( N, &grp->P ) >= 0 ) + while( mbedtls_mpi_cmp_mpi( N, &grp->P ) >= 0 ) /* we known P, N and the result are positive */ - MPI_CHK( mpi_sub_abs( N, N, &grp->P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( N, N, &grp->P ) ); cleanup: return( ret ); @@ -710,42 +676,42 @@ cleanup: * Fast mod-p functions expect their argument to be in the 0..p^2 range. * * In order to guarantee that, we need to ensure that operands of - * mpi_mul_mpi are in the 0..p range. So, after each operation we will + * mbedtls_mpi_mul_mpi are in the 0..p range. So, after each operation we will * bring the result back to this range. * * The following macros are shortcuts for doing that. */ /* - * Reduce a mpi mod p in-place, general case, to use after mpi_mul_mpi + * Reduce a mbedtls_mpi mod p in-place, general case, to use after mbedtls_mpi_mul_mpi */ -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) #define INC_MUL_COUNT mul_count++; #else #define INC_MUL_COUNT #endif -#define MOD_MUL( N ) do { MPI_CHK( ecp_modp( &N, grp ) ); INC_MUL_COUNT } \ +#define MOD_MUL( N ) do { MBEDTLS_MPI_CHK( ecp_modp( &N, grp ) ); INC_MUL_COUNT } \ while( 0 ) /* - * Reduce a mpi mod p in-place, to use after mpi_sub_mpi + * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_sub_mpi * N->s < 0 is a very fast test, which fails only if N is 0 */ #define MOD_SUB( N ) \ - while( N.s < 0 && mpi_cmp_int( &N, 0 ) != 0 ) \ - MPI_CHK( mpi_add_mpi( &N, &N, &grp->P ) ) + while( N.s < 0 && mbedtls_mpi_cmp_int( &N, 0 ) != 0 ) \ + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &N, &N, &grp->P ) ) /* - * Reduce a mpi mod p in-place, to use after mpi_add_mpi and mpi_mul_int. + * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_add_mpi and mbedtls_mpi_mul_int. * We known P, N and the result are positive, so sub_abs is correct, and * a bit faster. */ #define MOD_ADD( N ) \ - while( mpi_cmp_mpi( &N, &grp->P ) >= 0 ) \ - MPI_CHK( mpi_sub_abs( &N, &N, &grp->P ) ) + while( mbedtls_mpi_cmp_mpi( &N, &grp->P ) >= 0 ) \ + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &N, &N, &grp->P ) ) -#if defined(POLARSSL_ECP_SHORT_WEIERSTRASS) +#if defined(ECP_SHORTWEIERSTRASS) /* * For curves in short Weierstrass form, we do all the internal operations in * Jacobian coordinates. @@ -758,37 +724,37 @@ cleanup: * Normalize jacobian coordinates so that Z == 0 || Z == 1 (GECC 3.2.1) * Cost: 1N := 1I + 3M + 1S */ -static int ecp_normalize_jac( const ecp_group *grp, ecp_point *pt ) +static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt ) { int ret; - mpi Zi, ZZi; + mbedtls_mpi Zi, ZZi; - if( mpi_cmp_int( &pt->Z, 0 ) == 0 ) + if( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 ) return( 0 ); - mpi_init( &Zi ); mpi_init( &ZZi ); + mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi ); /* * X = X / Z^2 mod p */ - MPI_CHK( mpi_inv_mod( &Zi, &pt->Z, &grp->P ) ); - MPI_CHK( mpi_mul_mpi( &ZZi, &Zi, &Zi ) ); MOD_MUL( ZZi ); - MPI_CHK( mpi_mul_mpi( &pt->X, &pt->X, &ZZi ) ); MOD_MUL( pt->X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &Zi, &pt->Z, &grp->P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ZZi, &Zi, &Zi ) ); MOD_MUL( ZZi ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->X, &pt->X, &ZZi ) ); MOD_MUL( pt->X ); /* * Y = Y / Z^3 mod p */ - MPI_CHK( mpi_mul_mpi( &pt->Y, &pt->Y, &ZZi ) ); MOD_MUL( pt->Y ); - MPI_CHK( mpi_mul_mpi( &pt->Y, &pt->Y, &Zi ) ); MOD_MUL( pt->Y ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->Y, &pt->Y, &ZZi ) ); MOD_MUL( pt->Y ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->Y, &pt->Y, &Zi ) ); MOD_MUL( pt->Y ); /* * Z = 1 */ - MPI_CHK( mpi_lset( &pt->Z, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) ); cleanup: - mpi_free( &Zi ); mpi_free( &ZZi ); + mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi ); return( ret ); } @@ -804,37 +770,35 @@ cleanup: * * Cost: 1N(t) := 1I + (6t - 3)M + 1S */ -static int ecp_normalize_jac_many( const ecp_group *grp, - ecp_point *T[], size_t t_len ) +static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, + mbedtls_ecp_point *T[], size_t t_len ) { int ret; size_t i; - mpi *c, u, Zi, ZZi; + mbedtls_mpi *c, u, Zi, ZZi; if( t_len < 2 ) return( ecp_normalize_jac( grp, *T ) ); - if( ( c = polarssl_malloc( t_len * sizeof( mpi ) ) ) == NULL ) - return( POLARSSL_ERR_ECP_MALLOC_FAILED ); + if( ( c = mbedtls_calloc( t_len, sizeof( mbedtls_mpi ) ) ) == NULL ) + return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); - mpi_init( &u ); mpi_init( &Zi ); mpi_init( &ZZi ); - for( i = 0; i < t_len; i++ ) - mpi_init( &c[i] ); + mbedtls_mpi_init( &u ); mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi ); /* * c[i] = Z_0 * ... * Z_i */ - MPI_CHK( mpi_copy( &c[0], &T[0]->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &c[0], &T[0]->Z ) ); for( i = 1; i < t_len; i++ ) { - MPI_CHK( mpi_mul_mpi( &c[i], &c[i-1], &T[i]->Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &c[i], &c[i-1], &T[i]->Z ) ); MOD_MUL( c[i] ); } /* * u = 1 / (Z_0 * ... * Z_n) mod P */ - MPI_CHK( mpi_inv_mod( &u, &c[t_len-1], &grp->P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &u, &c[t_len-1], &grp->P ) ); for( i = t_len - 1; ; i-- ) { @@ -843,21 +807,21 @@ static int ecp_normalize_jac_many( const ecp_group *grp, * u = 1 / (Z_0 * ... * Z_i) mod P */ if( i == 0 ) { - MPI_CHK( mpi_copy( &Zi, &u ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Zi, &u ) ); } else { - MPI_CHK( mpi_mul_mpi( &Zi, &u, &c[i-1] ) ); MOD_MUL( Zi ); - MPI_CHK( mpi_mul_mpi( &u, &u, &T[i]->Z ) ); MOD_MUL( u ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &Zi, &u, &c[i-1] ) ); MOD_MUL( Zi ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u, &u, &T[i]->Z ) ); MOD_MUL( u ); } /* * proceed as in normalize() */ - MPI_CHK( mpi_mul_mpi( &ZZi, &Zi, &Zi ) ); MOD_MUL( ZZi ); - MPI_CHK( mpi_mul_mpi( &T[i]->X, &T[i]->X, &ZZi ) ); MOD_MUL( T[i]->X ); - MPI_CHK( mpi_mul_mpi( &T[i]->Y, &T[i]->Y, &ZZi ) ); MOD_MUL( T[i]->Y ); - MPI_CHK( mpi_mul_mpi( &T[i]->Y, &T[i]->Y, &Zi ) ); MOD_MUL( T[i]->Y ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ZZi, &Zi, &Zi ) ); MOD_MUL( ZZi ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T[i]->X, &T[i]->X, &ZZi ) ); MOD_MUL( T[i]->X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T[i]->Y, &T[i]->Y, &ZZi ) ); MOD_MUL( T[i]->Y ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T[i]->Y, &T[i]->Y, &Zi ) ); MOD_MUL( T[i]->Y ); /* * Post-precessing: reclaim some memory by shrinking coordinates @@ -865,9 +829,9 @@ static int ecp_normalize_jac_many( const ecp_group *grp, * - shrinking other coordinates, but still keeping the same number of * limbs as P, as otherwise it will too likely be regrown too fast. */ - MPI_CHK( mpi_shrink( &T[i]->X, grp->P.n ) ); - MPI_CHK( mpi_shrink( &T[i]->Y, grp->P.n ) ); - mpi_free( &T[i]->Z ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( &T[i]->X, grp->P.n ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( &T[i]->Y, grp->P.n ) ); + mbedtls_mpi_free( &T[i]->Z ); if( i == 0 ) break; @@ -875,10 +839,10 @@ static int ecp_normalize_jac_many( const ecp_group *grp, cleanup: - mpi_free( &u ); mpi_free( &Zi ); mpi_free( &ZZi ); + mbedtls_mpi_free( &u ); mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi ); for( i = 0; i < t_len; i++ ) - mpi_free( &c[i] ); - polarssl_free( c ); + mbedtls_mpi_free( &c[i] ); + mbedtls_free( c ); return( ret ); } @@ -887,23 +851,23 @@ cleanup: * Conditional point inversion: Q -> -Q = (Q.X, -Q.Y, Q.Z) without leak. * "inv" must be 0 (don't invert) or 1 (invert) or the result will be invalid */ -static int ecp_safe_invert_jac( const ecp_group *grp, - ecp_point *Q, +static int ecp_safe_invert_jac( const mbedtls_ecp_group *grp, + mbedtls_ecp_point *Q, unsigned char inv ) { int ret; unsigned char nonzero; - mpi mQY; + mbedtls_mpi mQY; - mpi_init( &mQY ); + mbedtls_mpi_init( &mQY ); /* Use the fact that -Q.Y mod P = P - Q.Y unless Q.Y == 0 */ - MPI_CHK( mpi_sub_mpi( &mQY, &grp->P, &Q->Y ) ); - nonzero = mpi_cmp_int( &Q->Y, 0 ) != 0; - MPI_CHK( mpi_safe_cond_assign( &Q->Y, &mQY, inv & nonzero ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mQY, &grp->P, &Q->Y ) ); + nonzero = mbedtls_mpi_cmp_int( &Q->Y, 0 ) != 0; + MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &Q->Y, &mQY, inv & nonzero ) ); cleanup: - mpi_free( &mQY ); + mbedtls_mpi_free( &mQY ); return( ret ); } @@ -922,75 +886,75 @@ cleanup: * 4M + 4S (A == -3) * 3M + 6S + 1a otherwise */ -static int ecp_double_jac( const ecp_group *grp, ecp_point *R, - const ecp_point *P ) +static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point *P ) { int ret; - mpi M, S, T, U; + mbedtls_mpi M, S, T, U; -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) dbl_count++; #endif - mpi_init( &M ); mpi_init( &S ); mpi_init( &T ); mpi_init( &U ); + mbedtls_mpi_init( &M ); mbedtls_mpi_init( &S ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &U ); /* Special case for A = -3 */ if( grp->A.p == NULL ) { /* M = 3(X + Z^2)(X - Z^2) */ - MPI_CHK( mpi_mul_mpi( &S, &P->Z, &P->Z ) ); MOD_MUL( S ); - MPI_CHK( mpi_add_mpi( &T, &P->X, &S ) ); MOD_ADD( T ); - MPI_CHK( mpi_sub_mpi( &U, &P->X, &S ) ); MOD_SUB( U ); - MPI_CHK( mpi_mul_mpi( &S, &T, &U ) ); MOD_MUL( S ); - MPI_CHK( mpi_mul_int( &M, &S, 3 ) ); MOD_ADD( M ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &P->Z, &P->Z ) ); MOD_MUL( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &T, &P->X, &S ) ); MOD_ADD( T ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U, &P->X, &S ) ); MOD_SUB( U ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &T, &U ) ); MOD_MUL( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &S, 3 ) ); MOD_ADD( M ); } else { /* M = 3.X^2 */ - MPI_CHK( mpi_mul_mpi( &S, &P->X, &P->X ) ); MOD_MUL( S ); - MPI_CHK( mpi_mul_int( &M, &S, 3 ) ); MOD_ADD( M ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &P->X, &P->X ) ); MOD_MUL( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &S, 3 ) ); MOD_ADD( M ); /* Optimize away for "koblitz" curves with A = 0 */ - if( mpi_cmp_int( &grp->A, 0 ) != 0 ) + if( mbedtls_mpi_cmp_int( &grp->A, 0 ) != 0 ) { /* M += A.Z^4 */ - MPI_CHK( mpi_mul_mpi( &S, &P->Z, &P->Z ) ); MOD_MUL( S ); - MPI_CHK( mpi_mul_mpi( &T, &S, &S ) ); MOD_MUL( T ); - MPI_CHK( mpi_mul_mpi( &S, &T, &grp->A ) ); MOD_MUL( S ); - MPI_CHK( mpi_add_mpi( &M, &M, &S ) ); MOD_ADD( M ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &P->Z, &P->Z ) ); MOD_MUL( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &S, &S ) ); MOD_MUL( T ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &T, &grp->A ) ); MOD_MUL( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &M, &M, &S ) ); MOD_ADD( M ); } } /* S = 4.X.Y^2 */ - MPI_CHK( mpi_mul_mpi( &T, &P->Y, &P->Y ) ); MOD_MUL( T ); - MPI_CHK( mpi_shift_l( &T, 1 ) ); MOD_ADD( T ); - MPI_CHK( mpi_mul_mpi( &S, &P->X, &T ) ); MOD_MUL( S ); - MPI_CHK( mpi_shift_l( &S, 1 ) ); MOD_ADD( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &P->Y, &P->Y ) ); MOD_MUL( T ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T, 1 ) ); MOD_ADD( T ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &P->X, &T ) ); MOD_MUL( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &S, 1 ) ); MOD_ADD( S ); /* U = 8.Y^4 */ - MPI_CHK( mpi_mul_mpi( &U, &T, &T ) ); MOD_MUL( U ); - MPI_CHK( mpi_shift_l( &U, 1 ) ); MOD_ADD( U ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &U, &T, &T ) ); MOD_MUL( U ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &U, 1 ) ); MOD_ADD( U ); /* T = M^2 - 2.S */ - MPI_CHK( mpi_mul_mpi( &T, &M, &M ) ); MOD_MUL( T ); - MPI_CHK( mpi_sub_mpi( &T, &T, &S ) ); MOD_SUB( T ); - MPI_CHK( mpi_sub_mpi( &T, &T, &S ) ); MOD_SUB( T ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &M, &M ) ); MOD_MUL( T ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T, &T, &S ) ); MOD_SUB( T ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T, &T, &S ) ); MOD_SUB( T ); /* S = M(S - T) - U */ - MPI_CHK( mpi_sub_mpi( &S, &S, &T ) ); MOD_SUB( S ); - MPI_CHK( mpi_mul_mpi( &S, &S, &M ) ); MOD_MUL( S ); - MPI_CHK( mpi_sub_mpi( &S, &S, &U ) ); MOD_SUB( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &S, &S, &T ) ); MOD_SUB( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S, &S, &M ) ); MOD_MUL( S ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &S, &S, &U ) ); MOD_SUB( S ); /* U = 2.Y.Z */ - MPI_CHK( mpi_mul_mpi( &U, &P->Y, &P->Z ) ); MOD_MUL( U ); - MPI_CHK( mpi_shift_l( &U, 1 ) ); MOD_ADD( U ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &U, &P->Y, &P->Z ) ); MOD_MUL( U ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &U, 1 ) ); MOD_ADD( U ); - MPI_CHK( mpi_copy( &R->X, &T ) ); - MPI_CHK( mpi_copy( &R->Y, &S ) ); - MPI_CHK( mpi_copy( &R->Z, &U ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->X, &T ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Y, &S ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Z, &U ) ); cleanup: - mpi_free( &M ); mpi_free( &S ); mpi_free( &T ); mpi_free( &U ); + mbedtls_mpi_free( &M ); mbedtls_mpi_free( &S ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &U ); return( ret ); } @@ -1013,123 +977,77 @@ cleanup: * * Cost: 1A := 8M + 3S */ -static int ecp_add_mixed( const ecp_group *grp, ecp_point *R, - const ecp_point *P, const ecp_point *Q ) +static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ) { int ret; - mpi T1, T2, T3, T4, X, Y, Z; + mbedtls_mpi T1, T2, T3, T4, X, Y, Z; -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) add_count++; #endif /* * Trivial cases: P == 0 or Q == 0 (case 1) */ - if( mpi_cmp_int( &P->Z, 0 ) == 0 ) - return( ecp_copy( R, Q ) ); + if( mbedtls_mpi_cmp_int( &P->Z, 0 ) == 0 ) + return( mbedtls_ecp_copy( R, Q ) ); - if( Q->Z.p != NULL && mpi_cmp_int( &Q->Z, 0 ) == 0 ) - return( ecp_copy( R, P ) ); + if( Q->Z.p != NULL && mbedtls_mpi_cmp_int( &Q->Z, 0 ) == 0 ) + return( mbedtls_ecp_copy( R, P ) ); /* * Make sure Q coordinates are normalized */ - if( Q->Z.p != NULL && mpi_cmp_int( &Q->Z, 1 ) != 0 ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + if( Q->Z.p != NULL && mbedtls_mpi_cmp_int( &Q->Z, 1 ) != 0 ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - mpi_init( &T1 ); mpi_init( &T2 ); mpi_init( &T3 ); mpi_init( &T4 ); - mpi_init( &X ); mpi_init( &Y ); mpi_init( &Z ); + mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 ); mbedtls_mpi_init( &T3 ); mbedtls_mpi_init( &T4 ); + mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); - MPI_CHK( mpi_mul_mpi( &T1, &P->Z, &P->Z ) ); MOD_MUL( T1 ); - MPI_CHK( mpi_mul_mpi( &T2, &T1, &P->Z ) ); MOD_MUL( T2 ); - MPI_CHK( mpi_mul_mpi( &T1, &T1, &Q->X ) ); MOD_MUL( T1 ); - MPI_CHK( mpi_mul_mpi( &T2, &T2, &Q->Y ) ); MOD_MUL( T2 ); - MPI_CHK( mpi_sub_mpi( &T1, &T1, &P->X ) ); MOD_SUB( T1 ); - MPI_CHK( mpi_sub_mpi( &T2, &T2, &P->Y ) ); MOD_SUB( T2 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T1, &P->Z, &P->Z ) ); MOD_MUL( T1 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T2, &T1, &P->Z ) ); MOD_MUL( T2 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T1, &T1, &Q->X ) ); MOD_MUL( T1 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T2, &T2, &Q->Y ) ); MOD_MUL( T2 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T1, &T1, &P->X ) ); MOD_SUB( T1 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T2, &T2, &P->Y ) ); MOD_SUB( T2 ); /* Special cases (2) and (3) */ - if( mpi_cmp_int( &T1, 0 ) == 0 ) + if( mbedtls_mpi_cmp_int( &T1, 0 ) == 0 ) { - if( mpi_cmp_int( &T2, 0 ) == 0 ) + if( mbedtls_mpi_cmp_int( &T2, 0 ) == 0 ) { ret = ecp_double_jac( grp, R, P ); goto cleanup; } else { - ret = ecp_set_zero( R ); + ret = mbedtls_ecp_set_zero( R ); goto cleanup; } } - MPI_CHK( mpi_mul_mpi( &Z, &P->Z, &T1 ) ); MOD_MUL( Z ); - MPI_CHK( mpi_mul_mpi( &T3, &T1, &T1 ) ); MOD_MUL( T3 ); - MPI_CHK( mpi_mul_mpi( &T4, &T3, &T1 ) ); MOD_MUL( T4 ); - MPI_CHK( mpi_mul_mpi( &T3, &T3, &P->X ) ); MOD_MUL( T3 ); - MPI_CHK( mpi_mul_int( &T1, &T3, 2 ) ); MOD_ADD( T1 ); - MPI_CHK( mpi_mul_mpi( &X, &T2, &T2 ) ); MOD_MUL( X ); - MPI_CHK( mpi_sub_mpi( &X, &X, &T1 ) ); MOD_SUB( X ); - MPI_CHK( mpi_sub_mpi( &X, &X, &T4 ) ); MOD_SUB( X ); - MPI_CHK( mpi_sub_mpi( &T3, &T3, &X ) ); MOD_SUB( T3 ); - MPI_CHK( mpi_mul_mpi( &T3, &T3, &T2 ) ); MOD_MUL( T3 ); - MPI_CHK( mpi_mul_mpi( &T4, &T4, &P->Y ) ); MOD_MUL( T4 ); - MPI_CHK( mpi_sub_mpi( &Y, &T3, &T4 ) ); MOD_SUB( Y ); - - MPI_CHK( mpi_copy( &R->X, &X ) ); - MPI_CHK( mpi_copy( &R->Y, &Y ) ); - MPI_CHK( mpi_copy( &R->Z, &Z ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &Z, &P->Z, &T1 ) ); MOD_MUL( Z ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T3, &T1, &T1 ) ); MOD_MUL( T3 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T4, &T3, &T1 ) ); MOD_MUL( T4 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T3, &T3, &P->X ) ); MOD_MUL( T3 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &T3, 2 ) ); MOD_ADD( T1 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &X, &T2, &T2 ) ); MOD_MUL( X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &T1 ) ); MOD_SUB( X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &T4 ) ); MOD_SUB( X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T3, &T3, &X ) ); MOD_SUB( T3 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T3, &T3, &T2 ) ); MOD_MUL( T3 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T4, &T4, &P->Y ) ); MOD_MUL( T4 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &Y, &T3, &T4 ) ); MOD_SUB( Y ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->X, &X ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Y, &Y ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Z, &Z ) ); cleanup: - mpi_free( &T1 ); mpi_free( &T2 ); mpi_free( &T3 ); mpi_free( &T4 ); - mpi_free( &X ); mpi_free( &Y ); mpi_free( &Z ); - - return( ret ); -} - -/* - * Addition: R = P + Q, result's coordinates normalized - */ -int ecp_add( const ecp_group *grp, ecp_point *R, - const ecp_point *P, const ecp_point *Q ) -{ - int ret; - - if( ecp_get_type( grp ) != POLARSSL_ECP_TYPE_SHORT_WEIERSTRASS ) - return( POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE ); - - MPI_CHK( ecp_add_mixed( grp, R, P, Q ) ); - MPI_CHK( ecp_normalize_jac( grp, R ) ); - -cleanup: - return( ret ); -} - -/* - * Subtraction: R = P - Q, result's coordinates normalized - */ -int ecp_sub( const ecp_group *grp, ecp_point *R, - const ecp_point *P, const ecp_point *Q ) -{ - int ret; - ecp_point mQ; - - ecp_point_init( &mQ ); - - if( ecp_get_type( grp ) != POLARSSL_ECP_TYPE_SHORT_WEIERSTRASS ) - return( POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE ); - - /* mQ = - Q */ - MPI_CHK( ecp_copy( &mQ, Q ) ); - if( mpi_cmp_int( &mQ.Y, 0 ) != 0 ) - MPI_CHK( mpi_sub_mpi( &mQ.Y, &grp->P, &mQ.Y ) ); - - MPI_CHK( ecp_add_mixed( grp, R, P, &mQ ) ); - MPI_CHK( ecp_normalize_jac( grp, R ) ); - -cleanup: - ecp_point_free( &mQ ); + mbedtls_mpi_free( &T1 ); mbedtls_mpi_free( &T2 ); mbedtls_mpi_free( &T3 ); mbedtls_mpi_free( &T4 ); + mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); return( ret ); } @@ -1141,42 +1059,42 @@ cleanup: * * This countermeasure was first suggested in [2]. */ -static int ecp_randomize_jac( const ecp_group *grp, ecp_point *pt, +static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; - mpi l, ll; + mbedtls_mpi l, ll; size_t p_size = ( grp->pbits + 7 ) / 8; int count = 0; - mpi_init( &l ); mpi_init( &ll ); + mbedtls_mpi_init( &l ); mbedtls_mpi_init( &ll ); /* Generate l such that 1 < l < p */ do { - mpi_fill_random( &l, p_size, f_rng, p_rng ); + mbedtls_mpi_fill_random( &l, p_size, f_rng, p_rng ); - while( mpi_cmp_mpi( &l, &grp->P ) >= 0 ) - MPI_CHK( mpi_shift_r( &l, 1 ) ); + while( mbedtls_mpi_cmp_mpi( &l, &grp->P ) >= 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &l, 1 ) ); if( count++ > 10 ) - return( POLARSSL_ERR_ECP_RANDOM_FAILED ); + return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); } - while( mpi_cmp_int( &l, 1 ) <= 0 ); + while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 ); /* Z = l * Z */ - MPI_CHK( mpi_mul_mpi( &pt->Z, &pt->Z, &l ) ); MOD_MUL( pt->Z ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->Z, &pt->Z, &l ) ); MOD_MUL( pt->Z ); /* X = l^2 * X */ - MPI_CHK( mpi_mul_mpi( &ll, &l, &l ) ); MOD_MUL( ll ); - MPI_CHK( mpi_mul_mpi( &pt->X, &pt->X, &ll ) ); MOD_MUL( pt->X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ll, &l, &l ) ); MOD_MUL( ll ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->X, &pt->X, &ll ) ); MOD_MUL( pt->X ); /* Y = l^3 * Y */ - MPI_CHK( mpi_mul_mpi( &ll, &ll, &l ) ); MOD_MUL( ll ); - MPI_CHK( mpi_mul_mpi( &pt->Y, &pt->Y, &ll ) ); MOD_MUL( pt->Y ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ll, &ll, &l ) ); MOD_MUL( ll ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->Y, &pt->Y, &ll ) ); MOD_MUL( pt->Y ); cleanup: - mpi_free( &l ); mpi_free( &ll ); + mbedtls_mpi_free( &l ); mbedtls_mpi_free( &ll ); return( ret ); } @@ -1184,15 +1102,15 @@ cleanup: /* * Check and define parameters used by the comb method (see below for details) */ -#if POLARSSL_ECP_WINDOW_SIZE < 2 || POLARSSL_ECP_WINDOW_SIZE > 7 -#error "POLARSSL_ECP_WINDOW_SIZE out of bounds" +#if MBEDTLS_ECP_WINDOW_SIZE < 2 || MBEDTLS_ECP_WINDOW_SIZE > 7 +#error "MBEDTLS_ECP_WINDOW_SIZE out of bounds" #endif /* d = ceil( n / w ) */ -#define COMB_MAX_D ( POLARSSL_ECP_MAX_BITS + 1 ) / 2 +#define COMB_MAX_D ( MBEDTLS_ECP_MAX_BITS + 1 ) / 2 /* number of precomputed points */ -#define COMB_MAX_PRE ( 1 << ( POLARSSL_ECP_WINDOW_SIZE - 1 ) ) +#define COMB_MAX_PRE ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) ) /* * Compute the representation of m that will be used with our comb method. @@ -1210,12 +1128,12 @@ cleanup: * Calling conventions: * - x is an array of size d + 1 * - w is the size, ie number of teeth, of the comb, and must be between - * 2 and 7 (in practice, between 2 and POLARSSL_ECP_WINDOW_SIZE) + * 2 and 7 (in practice, between 2 and MBEDTLS_ECP_WINDOW_SIZE) * - m is the MPI, expected to be odd and such that bitlength(m) <= w * d * (the result will be incorrect if these assumptions are not satisfied) */ static void ecp_comb_fixed( unsigned char x[], size_t d, - unsigned char w, const mpi *m ) + unsigned char w, const mbedtls_mpi *m ) { size_t i, j; unsigned char c, cc, adjust; @@ -1225,7 +1143,7 @@ static void ecp_comb_fixed( unsigned char x[], size_t d, /* First get the classical comb values (except for x_d = 0) */ for( i = 0; i < d; i++ ) for( j = 0; j < w; j++ ) - x[i] |= mpi_get_bit( m, i + d * j ) << j; + x[i] |= mbedtls_mpi_get_bit( m, i + d * j ) << j; /* Now make sure x_1 .. x_d are odd */ c = 0; @@ -1254,33 +1172,33 @@ static void ecp_comb_fixed( unsigned char x[], size_t d, * * Cost: d(w-1) D + (2^{w-1} - 1) A + 1 N(w-1) + 1 N(2^{w-1} - 1) */ -static int ecp_precompute_comb( const ecp_group *grp, - ecp_point T[], const ecp_point *P, +static int ecp_precompute_comb( const mbedtls_ecp_group *grp, + mbedtls_ecp_point T[], const mbedtls_ecp_point *P, unsigned char w, size_t d ) { int ret; unsigned char i, k; size_t j; - ecp_point *cur, *TT[COMB_MAX_PRE - 1]; + mbedtls_ecp_point *cur, *TT[COMB_MAX_PRE - 1]; /* * Set T[0] = P and * T[2^{l-1}] = 2^{dl} P for l = 1 .. w-1 (this is not the final value) */ - MPI_CHK( ecp_copy( &T[0], P ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &T[0], P ) ); k = 0; for( i = 1; i < ( 1U << ( w - 1 ) ); i <<= 1 ) { cur = T + i; - MPI_CHK( ecp_copy( cur, T + ( i >> 1 ) ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_copy( cur, T + ( i >> 1 ) ) ); for( j = 0; j < d; j++ ) - MPI_CHK( ecp_double_jac( grp, cur, cur ) ); + MBEDTLS_MPI_CHK( ecp_double_jac( grp, cur, cur ) ); TT[k++] = cur; } - MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) ); + MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) ); /* * Compute the remaining ones using the minimal number of additions @@ -1292,12 +1210,12 @@ static int ecp_precompute_comb( const ecp_group *grp, j = i; while( j-- ) { - MPI_CHK( ecp_add_mixed( grp, &T[i + j], &T[j], &T[i] ) ); + MBEDTLS_MPI_CHK( ecp_add_mixed( grp, &T[i + j], &T[j], &T[i] ) ); TT[k++] = &T[i + j]; } } - MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) ); + MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) ); cleanup: return( ret ); @@ -1306,8 +1224,8 @@ cleanup: /* * Select precomputed point: R = sign(i) * T[ abs(i) / 2 ] */ -static int ecp_select_comb( const ecp_group *grp, ecp_point *R, - const ecp_point T[], unsigned char t_len, +static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point T[], unsigned char t_len, unsigned char i ) { int ret; @@ -1319,12 +1237,12 @@ static int ecp_select_comb( const ecp_group *grp, ecp_point *R, /* Read the whole table to thwart cache-based timing attacks */ for( j = 0; j < t_len; j++ ) { - MPI_CHK( mpi_safe_cond_assign( &R->X, &T[j].X, j == ii ) ); - MPI_CHK( mpi_safe_cond_assign( &R->Y, &T[j].Y, j == ii ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->X, &T[j].X, j == ii ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->Y, &T[j].Y, j == ii ) ); } /* Safely invert result if i is "negative" */ - MPI_CHK( ecp_safe_invert_jac( grp, R, i >> 7 ) ); + MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, R, i >> 7 ) ); cleanup: return( ret ); @@ -1336,34 +1254,34 @@ cleanup: * * Cost: d A + d D + 1 R */ -static int ecp_mul_comb_core( const ecp_group *grp, ecp_point *R, - const ecp_point T[], unsigned char t_len, +static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point T[], unsigned char t_len, const unsigned char x[], size_t d, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; - ecp_point Txi; + mbedtls_ecp_point Txi; size_t i; - ecp_point_init( &Txi ); + mbedtls_ecp_point_init( &Txi ); /* Start with a non-zero point and randomize its coordinates */ i = d; - MPI_CHK( ecp_select_comb( grp, R, T, t_len, x[i] ) ); - MPI_CHK( mpi_lset( &R->Z, 1 ) ); + MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, t_len, x[i] ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) ); if( f_rng != 0 ) - MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) ); while( i-- != 0 ) { - MPI_CHK( ecp_double_jac( grp, R, R ) ); - MPI_CHK( ecp_select_comb( grp, &Txi, T, t_len, x[i] ) ); - MPI_CHK( ecp_add_mixed( grp, R, R, &Txi ) ); + MBEDTLS_MPI_CHK( ecp_double_jac( grp, R, R ) ); + MBEDTLS_MPI_CHK( ecp_select_comb( grp, &Txi, T, t_len, x[i] ) ); + MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, R, &Txi ) ); } cleanup: - ecp_point_free( &Txi ); + mbedtls_ecp_point_free( &Txi ); return( ret ); } @@ -1372,8 +1290,8 @@ cleanup: * Multiplication using the comb method, * for curves in short Weierstrass form */ -static int ecp_mul_comb( ecp_group *grp, ecp_point *R, - const mpi *m, const ecp_point *P, +static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { @@ -1381,15 +1299,15 @@ static int ecp_mul_comb( ecp_group *grp, ecp_point *R, unsigned char w, m_is_odd, p_eq_g, pre_len, i; size_t d; unsigned char k[COMB_MAX_D + 1]; - ecp_point *T; - mpi M, mm; + mbedtls_ecp_point *T; + mbedtls_mpi M, mm; - mpi_init( &M ); - mpi_init( &mm ); + mbedtls_mpi_init( &M ); + mbedtls_mpi_init( &mm ); /* we need N to be odd to trnaform m in an odd number, check now */ - if( mpi_get_bit( &grp->N, 0 ) != 1 ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + if( mbedtls_mpi_get_bit( &grp->N, 0 ) != 1 ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); /* * Minimize the number of multiplications, that is minimize @@ -1403,9 +1321,9 @@ static int ecp_mul_comb( ecp_group *grp, ecp_point *R, * Just adding one avoids upping the cost of the first mul too much, * and the memory cost too. */ -#if POLARSSL_ECP_FIXED_POINT_OPTIM == 1 - p_eq_g = ( mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 && - mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 ); +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 + p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 && + mbedtls_mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 ); if( p_eq_g ) w++; #else @@ -1416,8 +1334,8 @@ static int ecp_mul_comb( ecp_group *grp, ecp_point *R, * Make sure w is within bounds. * (The last test is useful only for very small curves in the test suite.) */ - if( w > POLARSSL_ECP_WINDOW_SIZE ) - w = POLARSSL_ECP_WINDOW_SIZE; + if( w > MBEDTLS_ECP_WINDOW_SIZE ) + w = MBEDTLS_ECP_WINDOW_SIZE; if( w >= grp->nbits ) w = 2; @@ -1433,17 +1351,14 @@ static int ecp_mul_comb( ecp_group *grp, ecp_point *R, if( T == NULL ) { - T = polarssl_malloc( pre_len * sizeof( ecp_point ) ); + T = mbedtls_calloc( pre_len, sizeof( mbedtls_ecp_point ) ); if( T == NULL ) { - ret = POLARSSL_ERR_ECP_MALLOC_FAILED; + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; goto cleanup; } - for( i = 0; i < pre_len; i++ ) - ecp_point_init( &T[i] ); - - MPI_CHK( ecp_precompute_comb( grp, T, P, w, d ) ); + MBEDTLS_MPI_CHK( ecp_precompute_comb( grp, T, P, w, d ) ); if( p_eq_g ) { @@ -1456,44 +1371,44 @@ static int ecp_mul_comb( ecp_group *grp, ecp_point *R, * Make sure M is odd (M = m or M = N - m, since N is odd) * using the fact that m * P = - (N - m) * P */ - m_is_odd = ( mpi_get_bit( m, 0 ) == 1 ); - MPI_CHK( mpi_copy( &M, m ) ); - MPI_CHK( mpi_sub_mpi( &mm, &grp->N, m ) ); - MPI_CHK( mpi_safe_cond_assign( &M, &mm, ! m_is_odd ) ); + m_is_odd = ( mbedtls_mpi_get_bit( m, 0 ) == 1 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &M, m ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mm, &grp->N, m ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &M, &mm, ! m_is_odd ) ); /* * Go for comb multiplication, R = M * P */ ecp_comb_fixed( k, d, w, &M ); - MPI_CHK( ecp_mul_comb_core( grp, R, T, pre_len, k, d, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( ecp_mul_comb_core( grp, R, T, pre_len, k, d, f_rng, p_rng ) ); /* * Now get m * P from M * P and normalize it */ - MPI_CHK( ecp_safe_invert_jac( grp, R, ! m_is_odd ) ); - MPI_CHK( ecp_normalize_jac( grp, R ) ); + MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, R, ! m_is_odd ) ); + MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, R ) ); cleanup: if( T != NULL && ! p_eq_g ) { for( i = 0; i < pre_len; i++ ) - ecp_point_free( &T[i] ); - polarssl_free( T ); + mbedtls_ecp_point_free( &T[i] ); + mbedtls_free( T ); } - mpi_free( &M ); - mpi_free( &mm ); + mbedtls_mpi_free( &M ); + mbedtls_mpi_free( &mm ); if( ret != 0 ) - ecp_point_free( R ); + mbedtls_ecp_point_free( R ); return( ret ); } -#endif /* POLARSSL_ECP_SHORT_WEIERSTRASS */ +#endif /* ECP_SHORTWEIERSTRASS */ -#if defined(POLARSSL_ECP_MONTGOMERY) +#if defined(ECP_MONTGOMERY) /* * For Montgomery curves, we do all the internal arithmetic in projective * coordinates. Import/export of points uses only the x coordinates, which is @@ -1506,13 +1421,13 @@ cleanup: * Normalize Montgomery x/z coordinates: X = X/Z, Z = 1 * Cost: 1M + 1I */ -static int ecp_normalize_mxz( const ecp_group *grp, ecp_point *P ) +static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P ) { int ret; - MPI_CHK( mpi_inv_mod( &P->Z, &P->Z, &grp->P ) ); - MPI_CHK( mpi_mul_mpi( &P->X, &P->X, &P->Z ) ); MOD_MUL( P->X ); - MPI_CHK( mpi_lset( &P->Z, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &P->Z, &P->Z, &grp->P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &P->X, &P->X, &P->Z ) ); MOD_MUL( P->X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &P->Z, 1 ) ); cleanup: return( ret ); @@ -1526,34 +1441,34 @@ cleanup: * This countermeasure was first suggested in [2]. * Cost: 2M */ -static int ecp_randomize_mxz( const ecp_group *grp, ecp_point *P, +static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; - mpi l; + mbedtls_mpi l; size_t p_size = ( grp->pbits + 7 ) / 8; int count = 0; - mpi_init( &l ); + mbedtls_mpi_init( &l ); /* Generate l such that 1 < l < p */ do { - mpi_fill_random( &l, p_size, f_rng, p_rng ); + mbedtls_mpi_fill_random( &l, p_size, f_rng, p_rng ); - while( mpi_cmp_mpi( &l, &grp->P ) >= 0 ) - MPI_CHK( mpi_shift_r( &l, 1 ) ); + while( mbedtls_mpi_cmp_mpi( &l, &grp->P ) >= 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &l, 1 ) ); if( count++ > 10 ) - return( POLARSSL_ERR_ECP_RANDOM_FAILED ); + return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); } - while( mpi_cmp_int( &l, 1 ) <= 0 ); + while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 ); - MPI_CHK( mpi_mul_mpi( &P->X, &P->X, &l ) ); MOD_MUL( P->X ); - MPI_CHK( mpi_mul_mpi( &P->Z, &P->Z, &l ) ); MOD_MUL( P->Z ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &P->X, &P->X, &l ) ); MOD_MUL( P->X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &P->Z, &P->Z, &l ) ); MOD_MUL( P->Z ); cleanup: - mpi_free( &l ); + mbedtls_mpi_free( &l ); return( ret ); } @@ -1573,41 +1488,41 @@ cleanup: * * Cost: 5M + 4S */ -static int ecp_double_add_mxz( const ecp_group *grp, - ecp_point *R, ecp_point *S, - const ecp_point *P, const ecp_point *Q, - const mpi *d ) +static int ecp_double_add_mxz( const mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, mbedtls_ecp_point *S, + const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q, + const mbedtls_mpi *d ) { int ret; - mpi A, AA, B, BB, E, C, D, DA, CB; - - mpi_init( &A ); mpi_init( &AA ); mpi_init( &B ); - mpi_init( &BB ); mpi_init( &E ); mpi_init( &C ); - mpi_init( &D ); mpi_init( &DA ); mpi_init( &CB ); - - MPI_CHK( mpi_add_mpi( &A, &P->X, &P->Z ) ); MOD_ADD( A ); - MPI_CHK( mpi_mul_mpi( &AA, &A, &A ) ); MOD_MUL( AA ); - MPI_CHK( mpi_sub_mpi( &B, &P->X, &P->Z ) ); MOD_SUB( B ); - MPI_CHK( mpi_mul_mpi( &BB, &B, &B ) ); MOD_MUL( BB ); - MPI_CHK( mpi_sub_mpi( &E, &AA, &BB ) ); MOD_SUB( E ); - MPI_CHK( mpi_add_mpi( &C, &Q->X, &Q->Z ) ); MOD_ADD( C ); - MPI_CHK( mpi_sub_mpi( &D, &Q->X, &Q->Z ) ); MOD_SUB( D ); - MPI_CHK( mpi_mul_mpi( &DA, &D, &A ) ); MOD_MUL( DA ); - MPI_CHK( mpi_mul_mpi( &CB, &C, &B ) ); MOD_MUL( CB ); - MPI_CHK( mpi_add_mpi( &S->X, &DA, &CB ) ); MOD_MUL( S->X ); - MPI_CHK( mpi_mul_mpi( &S->X, &S->X, &S->X ) ); MOD_MUL( S->X ); - MPI_CHK( mpi_sub_mpi( &S->Z, &DA, &CB ) ); MOD_SUB( S->Z ); - MPI_CHK( mpi_mul_mpi( &S->Z, &S->Z, &S->Z ) ); MOD_MUL( S->Z ); - MPI_CHK( mpi_mul_mpi( &S->Z, d, &S->Z ) ); MOD_MUL( S->Z ); - MPI_CHK( mpi_mul_mpi( &R->X, &AA, &BB ) ); MOD_MUL( R->X ); - MPI_CHK( mpi_mul_mpi( &R->Z, &grp->A, &E ) ); MOD_MUL( R->Z ); - MPI_CHK( mpi_add_mpi( &R->Z, &BB, &R->Z ) ); MOD_ADD( R->Z ); - MPI_CHK( mpi_mul_mpi( &R->Z, &E, &R->Z ) ); MOD_MUL( R->Z ); + mbedtls_mpi A, AA, B, BB, E, C, D, DA, CB; + + mbedtls_mpi_init( &A ); mbedtls_mpi_init( &AA ); mbedtls_mpi_init( &B ); + mbedtls_mpi_init( &BB ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &C ); + mbedtls_mpi_init( &D ); mbedtls_mpi_init( &DA ); mbedtls_mpi_init( &CB ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &A, &P->X, &P->Z ) ); MOD_ADD( A ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &AA, &A, &A ) ); MOD_MUL( AA ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &B, &P->X, &P->Z ) ); MOD_SUB( B ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &BB, &B, &B ) ); MOD_MUL( BB ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &E, &AA, &BB ) ); MOD_SUB( E ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &C, &Q->X, &Q->Z ) ); MOD_ADD( C ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &D, &Q->X, &Q->Z ) ); MOD_SUB( D ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DA, &D, &A ) ); MOD_MUL( DA ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &CB, &C, &B ) ); MOD_MUL( CB ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &S->X, &DA, &CB ) ); MOD_MUL( S->X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S->X, &S->X, &S->X ) ); MOD_MUL( S->X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &S->Z, &DA, &CB ) ); MOD_SUB( S->Z ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S->Z, &S->Z, &S->Z ) ); MOD_MUL( S->Z ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S->Z, d, &S->Z ) ); MOD_MUL( S->Z ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &R->X, &AA, &BB ) ); MOD_MUL( R->X ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &R->Z, &grp->A, &E ) ); MOD_MUL( R->Z ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &R->Z, &BB, &R->Z ) ); MOD_ADD( R->Z ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &R->Z, &E, &R->Z ) ); MOD_MUL( R->Z ); cleanup: - mpi_free( &A ); mpi_free( &AA ); mpi_free( &B ); - mpi_free( &BB ); mpi_free( &E ); mpi_free( &C ); - mpi_free( &D ); mpi_free( &DA ); mpi_free( &CB ); + mbedtls_mpi_free( &A ); mbedtls_mpi_free( &AA ); mbedtls_mpi_free( &B ); + mbedtls_mpi_free( &BB ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &C ); + mbedtls_mpi_free( &D ); mbedtls_mpi_free( &DA ); mbedtls_mpi_free( &CB ); return( ret ); } @@ -1616,40 +1531,40 @@ cleanup: * Multiplication with Montgomery ladder in x/z coordinates, * for curves in Montgomery form */ -static int ecp_mul_mxz( ecp_group *grp, ecp_point *R, - const mpi *m, const ecp_point *P, +static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; size_t i; unsigned char b; - ecp_point RP; - mpi PX; + mbedtls_ecp_point RP; + mbedtls_mpi PX; - ecp_point_init( &RP ); mpi_init( &PX ); + mbedtls_ecp_point_init( &RP ); mbedtls_mpi_init( &PX ); /* Save PX and read from P before writing to R, in case P == R */ - MPI_CHK( mpi_copy( &PX, &P->X ) ); - MPI_CHK( ecp_copy( &RP, P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &PX, &P->X ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &RP, P ) ); /* Set R to zero in modified x/z coordinates */ - MPI_CHK( mpi_lset( &R->X, 1 ) ); - MPI_CHK( mpi_lset( &R->Z, 0 ) ); - mpi_free( &R->Y ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->X, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 0 ) ); + mbedtls_mpi_free( &R->Y ); /* RP.X might be sligtly larger than P, so reduce it */ MOD_ADD( RP.X ); /* Randomize coordinates of the starting point */ if( f_rng != NULL ) - MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) ); /* Loop invariant: R = result so far, RP = R + P */ - i = mpi_msb( m ); /* one past the (zero-based) most significant bit */ + i = mbedtls_mpi_bitlen( m ); /* one past the (zero-based) most significant bit */ while( i-- > 0 ) { - b = mpi_get_bit( m, i ); + b = mbedtls_mpi_get_bit( m, i ); /* * if (b) R = 2R + P else R = 2R, * which is: @@ -1657,207 +1572,233 @@ static int ecp_mul_mxz( ecp_group *grp, ecp_point *R, * else double_add( R, RP, R, RP ) * but using safe conditional swaps to avoid leaks */ - MPI_CHK( mpi_safe_cond_swap( &R->X, &RP.X, b ) ); - MPI_CHK( mpi_safe_cond_swap( &R->Z, &RP.Z, b ) ); - MPI_CHK( ecp_double_add_mxz( grp, R, &RP, R, &RP, &PX ) ); - MPI_CHK( mpi_safe_cond_swap( &R->X, &RP.X, b ) ); - MPI_CHK( mpi_safe_cond_swap( &R->Z, &RP.Z, b ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->X, &RP.X, b ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->Z, &RP.Z, b ) ); + MBEDTLS_MPI_CHK( ecp_double_add_mxz( grp, R, &RP, R, &RP, &PX ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->X, &RP.X, b ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->Z, &RP.Z, b ) ); } - MPI_CHK( ecp_normalize_mxz( grp, R ) ); + MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) ); cleanup: - ecp_point_free( &RP ); mpi_free( &PX ); + mbedtls_ecp_point_free( &RP ); mbedtls_mpi_free( &PX ); return( ret ); } -#endif /* POLARSSL_ECP_MONTGOMERY */ +#endif /* ECP_MONTGOMERY */ /* * Multiplication R = m * P */ -int ecp_mul( ecp_group *grp, ecp_point *R, - const mpi *m, const ecp_point *P, +int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; /* Common sanity checks */ - if( mpi_cmp_int( &P->Z, 1 ) != 0 ) - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + if( mbedtls_mpi_cmp_int( &P->Z, 1 ) != 0 ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - if( ( ret = ecp_check_privkey( grp, m ) ) != 0 || - ( ret = ecp_check_pubkey( grp, P ) ) != 0 ) + if( ( ret = mbedtls_ecp_check_privkey( grp, m ) ) != 0 || + ( ret = mbedtls_ecp_check_pubkey( grp, P ) ) != 0 ) return( ret ); -#if defined(POLARSSL_ECP_MONTGOMERY) - if( ecp_get_type( grp ) == POLARSSL_ECP_TYPE_MONTGOMERY ) +#if defined(ECP_MONTGOMERY) + if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY ) return( ecp_mul_mxz( grp, R, m, P, f_rng, p_rng ) ); #endif -#if defined(POLARSSL_ECP_SHORT_WEIERSTRASS) - if( ecp_get_type( grp ) == POLARSSL_ECP_TYPE_SHORT_WEIERSTRASS ) +#if defined(ECP_SHORTWEIERSTRASS) + if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS ) return( ecp_mul_comb( grp, R, m, P, f_rng, p_rng ) ); #endif - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); } -#if defined(POLARSSL_ECP_SHORT_WEIERSTRASS) +#if defined(ECP_SHORTWEIERSTRASS) /* * Check that an affine point is valid as a public key, * short weierstrass curves (SEC1 3.2.3.1) */ -static int ecp_check_pubkey_sw( const ecp_group *grp, const ecp_point *pt ) +static int ecp_check_pubkey_sw( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) { int ret; - mpi YY, RHS; + mbedtls_mpi YY, RHS; /* pt coordinates must be normalized for our checks */ - if( mpi_cmp_int( &pt->X, 0 ) < 0 || - mpi_cmp_int( &pt->Y, 0 ) < 0 || - mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 || - mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 ) - return( POLARSSL_ERR_ECP_INVALID_KEY ); + if( mbedtls_mpi_cmp_int( &pt->X, 0 ) < 0 || + mbedtls_mpi_cmp_int( &pt->Y, 0 ) < 0 || + mbedtls_mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 || + mbedtls_mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 ) + return( MBEDTLS_ERR_ECP_INVALID_KEY ); - mpi_init( &YY ); mpi_init( &RHS ); + mbedtls_mpi_init( &YY ); mbedtls_mpi_init( &RHS ); /* * YY = Y^2 * RHS = X (X^2 + A) + B = X^3 + A X + B */ - MPI_CHK( mpi_mul_mpi( &YY, &pt->Y, &pt->Y ) ); MOD_MUL( YY ); - MPI_CHK( mpi_mul_mpi( &RHS, &pt->X, &pt->X ) ); MOD_MUL( RHS ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &YY, &pt->Y, &pt->Y ) ); MOD_MUL( YY ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &RHS, &pt->X, &pt->X ) ); MOD_MUL( RHS ); /* Special case for A = -3 */ if( grp->A.p == NULL ) { - MPI_CHK( mpi_sub_int( &RHS, &RHS, 3 ) ); MOD_SUB( RHS ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &RHS, &RHS, 3 ) ); MOD_SUB( RHS ); } else { - MPI_CHK( mpi_add_mpi( &RHS, &RHS, &grp->A ) ); MOD_ADD( RHS ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &RHS, &RHS, &grp->A ) ); MOD_ADD( RHS ); } - MPI_CHK( mpi_mul_mpi( &RHS, &RHS, &pt->X ) ); MOD_MUL( RHS ); - MPI_CHK( mpi_add_mpi( &RHS, &RHS, &grp->B ) ); MOD_ADD( RHS ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &RHS, &RHS, &pt->X ) ); MOD_MUL( RHS ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &RHS, &RHS, &grp->B ) ); MOD_ADD( RHS ); - if( mpi_cmp_mpi( &YY, &RHS ) != 0 ) - ret = POLARSSL_ERR_ECP_INVALID_KEY; + if( mbedtls_mpi_cmp_mpi( &YY, &RHS ) != 0 ) + ret = MBEDTLS_ERR_ECP_INVALID_KEY; cleanup: - mpi_free( &YY ); mpi_free( &RHS ); + mbedtls_mpi_free( &YY ); mbedtls_mpi_free( &RHS ); + + return( ret ); +} +#endif /* ECP_SHORTWEIERSTRASS */ + +/* + * Linear combination + */ +int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + const mbedtls_mpi *n, const mbedtls_ecp_point *Q ) +{ + int ret; + mbedtls_ecp_point mP; + + if( ecp_get_type( grp ) != ECP_TYPE_SHORT_WEIERSTRASS ) + return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + + mbedtls_ecp_point_init( &mP ); + + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &mP, m, P, NULL, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, n, Q, NULL, NULL ) ); + MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, &mP, R ) ); + MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, R ) ); + +cleanup: + mbedtls_ecp_point_free( &mP ); return( ret ); } -#endif /* POLARSSL_ECP_SHORT_WEIERSTRASS */ -#if defined(POLARSSL_ECP_MONTGOMERY) +#if defined(ECP_MONTGOMERY) /* * Check validity of a public key for Montgomery curves with x-only schemes */ -static int ecp_check_pubkey_mx( const ecp_group *grp, const ecp_point *pt ) +static int ecp_check_pubkey_mx( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) { - /* [M255 p. 5] Just check X is the correct number of bytes */ - if( mpi_size( &pt->X ) > ( grp->nbits + 7 ) / 8 ) - return( POLARSSL_ERR_ECP_INVALID_KEY ); + /* [Curve25519 p. 5] Just check X is the correct number of bytes */ + if( mbedtls_mpi_size( &pt->X ) > ( grp->nbits + 7 ) / 8 ) + return( MBEDTLS_ERR_ECP_INVALID_KEY ); return( 0 ); } -#endif /* POLARSSL_ECP_MONTGOMERY */ +#endif /* ECP_MONTGOMERY */ /* * Check that a point is valid as a public key */ -int ecp_check_pubkey( const ecp_group *grp, const ecp_point *pt ) +int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) { /* Must use affine coordinates */ - if( mpi_cmp_int( &pt->Z, 1 ) != 0 ) - return( POLARSSL_ERR_ECP_INVALID_KEY ); + if( mbedtls_mpi_cmp_int( &pt->Z, 1 ) != 0 ) + return( MBEDTLS_ERR_ECP_INVALID_KEY ); -#if defined(POLARSSL_ECP_MONTGOMERY) - if( ecp_get_type( grp ) == POLARSSL_ECP_TYPE_MONTGOMERY ) +#if defined(ECP_MONTGOMERY) + if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY ) return( ecp_check_pubkey_mx( grp, pt ) ); #endif -#if defined(POLARSSL_ECP_SHORT_WEIERSTRASS) - if( ecp_get_type( grp ) == POLARSSL_ECP_TYPE_SHORT_WEIERSTRASS ) +#if defined(ECP_SHORTWEIERSTRASS) + if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS ) return( ecp_check_pubkey_sw( grp, pt ) ); #endif - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); } /* - * Check that an mpi is valid as a private key + * Check that an mbedtls_mpi is valid as a private key */ -int ecp_check_privkey( const ecp_group *grp, const mpi *d ) +int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *d ) { -#if defined(POLARSSL_ECP_MONTGOMERY) - if( ecp_get_type( grp ) == POLARSSL_ECP_TYPE_MONTGOMERY ) +#if defined(ECP_MONTGOMERY) + if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY ) { - /* see [M255] page 5 */ - if( mpi_get_bit( d, 0 ) != 0 || - mpi_get_bit( d, 1 ) != 0 || - mpi_get_bit( d, 2 ) != 0 || - mpi_msb( d ) - 1 != grp->nbits ) /* mpi_msb is one-based! */ - return( POLARSSL_ERR_ECP_INVALID_KEY ); + /* see [Curve25519] page 5 */ + if( mbedtls_mpi_get_bit( d, 0 ) != 0 || + mbedtls_mpi_get_bit( d, 1 ) != 0 || + mbedtls_mpi_get_bit( d, 2 ) != 0 || + mbedtls_mpi_bitlen( d ) - 1 != grp->nbits ) /* mbedtls_mpi_bitlen is one-based! */ + return( MBEDTLS_ERR_ECP_INVALID_KEY ); else return( 0 ); } -#endif /* POLARSSL_ECP_MONTGOMERY */ -#if defined(POLARSSL_ECP_SHORT_WEIERSTRASS) - if( ecp_get_type( grp ) == POLARSSL_ECP_TYPE_SHORT_WEIERSTRASS ) +#endif /* ECP_MONTGOMERY */ +#if defined(ECP_SHORTWEIERSTRASS) + if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS ) { /* see SEC1 3.2 */ - if( mpi_cmp_int( d, 1 ) < 0 || - mpi_cmp_mpi( d, &grp->N ) >= 0 ) - return( POLARSSL_ERR_ECP_INVALID_KEY ); + if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || + mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ) + return( MBEDTLS_ERR_ECP_INVALID_KEY ); else return( 0 ); } -#endif /* POLARSSL_ECP_SHORT_WEIERSTRASS */ +#endif /* ECP_SHORTWEIERSTRASS */ - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); } /* * Generate a keypair */ -int ecp_gen_keypair( ecp_group *grp, mpi *d, ecp_point *Q, +int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; size_t n_size = ( grp->nbits + 7 ) / 8; -#if defined(POLARSSL_ECP_MONTGOMERY) - if( ecp_get_type( grp ) == POLARSSL_ECP_TYPE_MONTGOMERY ) +#if defined(ECP_MONTGOMERY) + if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY ) { /* [M225] page 5 */ size_t b; - MPI_CHK( mpi_fill_random( d, n_size, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) ); /* Make sure the most significant bit is nbits */ - b = mpi_msb( d ) - 1; /* mpi_msb is one-based */ + b = mbedtls_mpi_bitlen( d ) - 1; /* mbedtls_mpi_bitlen is one-based */ if( b > grp->nbits ) - MPI_CHK( mpi_shift_r( d, b - grp->nbits ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - grp->nbits ) ); else - MPI_CHK( mpi_set_bit( d, grp->nbits, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, grp->nbits, 1 ) ); /* Make sure the last three bits are unset */ - MPI_CHK( mpi_set_bit( d, 0, 0 ) ); - MPI_CHK( mpi_set_bit( d, 1, 0 ) ); - MPI_CHK( mpi_set_bit( d, 2, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) ); } else -#endif /* POLARSSL_ECP_MONTGOMERY */ -#if defined(POLARSSL_ECP_SHORT_WEIERSTRASS) - if( ecp_get_type( grp ) == POLARSSL_ECP_TYPE_SHORT_WEIERSTRASS ) +#endif /* ECP_MONTGOMERY */ +#if defined(ECP_SHORTWEIERSTRASS) + if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS ) { /* SEC1 3.2.1: Generate d such that 1 <= n < N */ int count = 0; - unsigned char rnd[POLARSSL_ECP_MAX_BYTES]; + unsigned char rnd[MBEDTLS_ECP_MAX_BYTES]; /* * Match the procedure given in RFC 6979 (deterministic ECDSA): @@ -1868,9 +1809,9 @@ int ecp_gen_keypair( ecp_group *grp, mpi *d, ecp_point *Q, */ do { - MPI_CHK( f_rng( p_rng, rnd, n_size ) ); - MPI_CHK( mpi_read_binary( d, rnd, n_size ) ); - MPI_CHK( mpi_shift_r( d, 8 * n_size - grp->nbits ) ); + MBEDTLS_MPI_CHK( f_rng( p_rng, rnd, n_size ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( d, rnd, n_size ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_size - grp->nbits ) ); /* * Each try has at worst a probability 1/2 of failing (the msb has @@ -1882,90 +1823,90 @@ int ecp_gen_keypair( ecp_group *grp, mpi *d, ecp_point *Q, * such as secp224k1 are actually very close to the worst case. */ if( ++count > 30 ) - return( POLARSSL_ERR_ECP_RANDOM_FAILED ); + return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); } - while( mpi_cmp_int( d, 1 ) < 0 || - mpi_cmp_mpi( d, &grp->N ) >= 0 ); + while( mbedtls_mpi_cmp_int( d, 1 ) < 0 || + mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ); } else -#endif /* POLARSSL_ECP_SHORT_WEIERSTRASS */ - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); +#endif /* ECP_SHORTWEIERSTRASS */ + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); cleanup: if( ret != 0 ) return( ret ); - return( ecp_mul( grp, Q, d, &grp->G, f_rng, p_rng ) ); + return( mbedtls_ecp_mul( grp, Q, d, &grp->G, f_rng, p_rng ) ); } /* * Generate a keypair, prettier wrapper */ -int ecp_gen_key( ecp_group_id grp_id, ecp_keypair *key, +int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; - if( ( ret = ecp_use_known_dp( &key->grp, grp_id ) ) != 0 ) + if( ( ret = mbedtls_ecp_group_load( &key->grp, grp_id ) ) != 0 ) return( ret ); - return( ecp_gen_keypair( &key->grp, &key->d, &key->Q, f_rng, p_rng ) ); + return( mbedtls_ecp_gen_keypair( &key->grp, &key->d, &key->Q, f_rng, p_rng ) ); } /* * Check a public-private key pair */ -int ecp_check_pub_priv( const ecp_keypair *pub, const ecp_keypair *prv ) +int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv ) { int ret; - ecp_point Q; - ecp_group grp; + mbedtls_ecp_point Q; + mbedtls_ecp_group grp; - if( pub->grp.id == POLARSSL_ECP_DP_NONE || + if( pub->grp.id == MBEDTLS_ECP_DP_NONE || pub->grp.id != prv->grp.id || - mpi_cmp_mpi( &pub->Q.X, &prv->Q.X ) || - mpi_cmp_mpi( &pub->Q.Y, &prv->Q.Y ) || - mpi_cmp_mpi( &pub->Q.Z, &prv->Q.Z ) ) + mbedtls_mpi_cmp_mpi( &pub->Q.X, &prv->Q.X ) || + mbedtls_mpi_cmp_mpi( &pub->Q.Y, &prv->Q.Y ) || + mbedtls_mpi_cmp_mpi( &pub->Q.Z, &prv->Q.Z ) ) { - return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); } - ecp_point_init( &Q ); - ecp_group_init( &grp ); + mbedtls_ecp_point_init( &Q ); + mbedtls_ecp_group_init( &grp ); - /* ecp_mul() needs a non-const group... */ - ecp_group_copy( &grp, &prv->grp ); + /* mbedtls_ecp_mul() needs a non-const group... */ + mbedtls_ecp_group_copy( &grp, &prv->grp ); /* Also checks d is valid */ - MPI_CHK( ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, NULL, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, NULL, NULL ) ); - if( mpi_cmp_mpi( &Q.X, &prv->Q.X ) || - mpi_cmp_mpi( &Q.Y, &prv->Q.Y ) || - mpi_cmp_mpi( &Q.Z, &prv->Q.Z ) ) + if( mbedtls_mpi_cmp_mpi( &Q.X, &prv->Q.X ) || + mbedtls_mpi_cmp_mpi( &Q.Y, &prv->Q.Y ) || + mbedtls_mpi_cmp_mpi( &Q.Z, &prv->Q.Z ) ) { - ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA; + ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } cleanup: - ecp_point_free( &Q ); - ecp_group_free( &grp ); + mbedtls_ecp_point_free( &Q ); + mbedtls_ecp_group_free( &grp ); return( ret ); } -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * Checkup routine */ -int ecp_self_test( int verbose ) +int mbedtls_ecp_self_test( int verbose ) { int ret; size_t i; - ecp_group grp; - ecp_point R, P; - mpi m; + mbedtls_ecp_group grp; + mbedtls_ecp_point R, P; + mbedtls_mpi m; unsigned long add_c_prev, dbl_c_prev, mul_c_prev; /* exponents especially adapted for secp192r1 */ const char *exponents[] = @@ -1978,30 +1919,30 @@ int ecp_self_test( int verbose ) "555555555555555555555555555555555555555555555555", /* 101010... */ }; - ecp_group_init( &grp ); - ecp_point_init( &R ); - ecp_point_init( &P ); - mpi_init( &m ); + mbedtls_ecp_group_init( &grp ); + mbedtls_ecp_point_init( &R ); + mbedtls_ecp_point_init( &P ); + mbedtls_mpi_init( &m ); /* Use secp192r1 if available, or any available curve */ -#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) - MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP192R1 ) ); +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_SECP192R1 ) ); #else - MPI_CHK( ecp_use_known_dp( &grp, ecp_curve_list()->grp_id ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, mbedtls_ecp_curve_list()->grp_id ) ); #endif if( verbose != 0 ) - polarssl_printf( " ECP test #1 (constant op_count, base point G): " ); + mbedtls_printf( " ECP test #1 (constant op_count, base point G): " ); /* Do a dummy multiplication first to trigger precomputation */ - MPI_CHK( mpi_lset( &m, 2 ) ); - MPI_CHK( ecp_mul( &grp, &P, &m, &grp.G, NULL, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &m, 2 ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, NULL, NULL ) ); add_count = 0; dbl_count = 0; mul_count = 0; - MPI_CHK( mpi_read_string( &m, 16, exponents[0] ) ); - MPI_CHK( ecp_mul( &grp, &R, &m, &grp.G, NULL, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &m, 16, exponents[0] ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &grp.G, NULL, NULL ) ); for( i = 1; i < sizeof( exponents ) / sizeof( exponents[0] ); i++ ) { @@ -2012,15 +1953,15 @@ int ecp_self_test( int verbose ) dbl_count = 0; mul_count = 0; - MPI_CHK( mpi_read_string( &m, 16, exponents[i] ) ); - MPI_CHK( ecp_mul( &grp, &R, &m, &grp.G, NULL, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &m, 16, exponents[i] ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &grp.G, NULL, NULL ) ); if( add_count != add_c_prev || dbl_count != dbl_c_prev || mul_count != mul_c_prev ) { if( verbose != 0 ) - polarssl_printf( "failed (%u)\n", (unsigned int) i ); + mbedtls_printf( "failed (%u)\n", (unsigned int) i ); ret = 1; goto cleanup; @@ -2028,17 +1969,17 @@ int ecp_self_test( int verbose ) } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); if( verbose != 0 ) - polarssl_printf( " ECP test #2 (constant op_count, other point): " ); + mbedtls_printf( " ECP test #2 (constant op_count, other point): " ); /* We computed P = 2G last time, use it */ add_count = 0; dbl_count = 0; mul_count = 0; - MPI_CHK( mpi_read_string( &m, 16, exponents[0] ) ); - MPI_CHK( ecp_mul( &grp, &R, &m, &P, NULL, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &m, 16, exponents[0] ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &P, NULL, NULL ) ); for( i = 1; i < sizeof( exponents ) / sizeof( exponents[0] ); i++ ) { @@ -2049,15 +1990,15 @@ int ecp_self_test( int verbose ) dbl_count = 0; mul_count = 0; - MPI_CHK( mpi_read_string( &m, 16, exponents[i] ) ); - MPI_CHK( ecp_mul( &grp, &R, &m, &P, NULL, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &m, 16, exponents[i] ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &P, NULL, NULL ) ); if( add_count != add_c_prev || dbl_count != dbl_c_prev || mul_count != mul_c_prev ) { if( verbose != 0 ) - polarssl_printf( "failed (%u)\n", (unsigned int) i ); + mbedtls_printf( "failed (%u)\n", (unsigned int) i ); ret = 1; goto cleanup; @@ -2065,24 +2006,24 @@ int ecp_self_test( int verbose ) } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); cleanup: if( ret < 0 && verbose != 0 ) - polarssl_printf( "Unexpected error, return code = %08X\n", ret ); + mbedtls_printf( "Unexpected error, return code = %08X\n", ret ); - ecp_group_free( &grp ); - ecp_point_free( &R ); - ecp_point_free( &P ); - mpi_free( &m ); + mbedtls_ecp_group_free( &grp ); + mbedtls_ecp_point_free( &R ); + mbedtls_ecp_point_free( &P ); + mbedtls_mpi_free( &m ); if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); return( ret ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_ECP_C */ +#endif /* MBEDTLS_ECP_C */ diff --git a/ext/mbedtls/library/ecp_curves.c b/ext/mbedtls/library/ecp_curves.c index 3786356c3e..c21e0a0717 100644 --- a/ext/mbedtls/library/ecp_curves.c +++ b/ext/mbedtls/library/ecp_curves.c @@ -20,64 +20,33 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_ECP_C) +#if defined(MBEDTLS_ECP_C) -#include "polarssl/ecp.h" +#include "mbedtls/ecp.h" #include -#if defined(_MSC_VER) && !defined(inline) -#define inline _inline -#else -#if defined(__ARMCC_VERSION) && !defined(inline) +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && !defined(inline) #define inline __inline -#endif /* __ARMCC_VERSION */ -#endif /*_MSC_VER */ +#endif /* * Conversion macros for embedded constants: - * build lists of t_uint's from lists of unsigned char's grouped by 8, 4 or 2 + * build lists of mbedtls_mpi_uint's from lists of unsigned char's grouped by 8, 4 or 2 */ -#if defined(POLARSSL_HAVE_INT8) - -#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ - a, b, c, d, e, f, g, h - -#define BYTES_TO_T_UINT_4( a, b, c, d ) \ - a, b, c, d - -#define BYTES_TO_T_UINT_2( a, b ) \ - a, b - -#elif defined(POLARSSL_HAVE_INT16) - -#define BYTES_TO_T_UINT_2( a, b ) \ - ( (t_uint) a << 0 ) | \ - ( (t_uint) b << 8 ) +#if defined(MBEDTLS_HAVE_INT32) #define BYTES_TO_T_UINT_4( a, b, c, d ) \ - BYTES_TO_T_UINT_2( a, b ), \ - BYTES_TO_T_UINT_2( c, d ) - -#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ - BYTES_TO_T_UINT_2( a, b ), \ - BYTES_TO_T_UINT_2( c, d ), \ - BYTES_TO_T_UINT_2( e, f ), \ - BYTES_TO_T_UINT_2( g, h ) - -#elif defined(POLARSSL_HAVE_INT32) - -#define BYTES_TO_T_UINT_4( a, b, c, d ) \ - ( (t_uint) a << 0 ) | \ - ( (t_uint) b << 8 ) | \ - ( (t_uint) c << 16 ) | \ - ( (t_uint) d << 24 ) + ( (mbedtls_mpi_uint) a << 0 ) | \ + ( (mbedtls_mpi_uint) b << 8 ) | \ + ( (mbedtls_mpi_uint) c << 16 ) | \ + ( (mbedtls_mpi_uint) d << 24 ) #define BYTES_TO_T_UINT_2( a, b ) \ BYTES_TO_T_UINT_4( a, b, 0, 0 ) @@ -89,14 +58,14 @@ #else /* 64-bits */ #define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ - ( (t_uint) a << 0 ) | \ - ( (t_uint) b << 8 ) | \ - ( (t_uint) c << 16 ) | \ - ( (t_uint) d << 24 ) | \ - ( (t_uint) e << 32 ) | \ - ( (t_uint) f << 40 ) | \ - ( (t_uint) g << 48 ) | \ - ( (t_uint) h << 56 ) + ( (mbedtls_mpi_uint) a << 0 ) | \ + ( (mbedtls_mpi_uint) b << 8 ) | \ + ( (mbedtls_mpi_uint) c << 16 ) | \ + ( (mbedtls_mpi_uint) d << 24 ) | \ + ( (mbedtls_mpi_uint) e << 32 ) | \ + ( (mbedtls_mpi_uint) f << 40 ) | \ + ( (mbedtls_mpi_uint) g << 48 ) | \ + ( (mbedtls_mpi_uint) h << 56 ) #define BYTES_TO_T_UINT_4( a, b, c, d ) \ BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 ) @@ -104,7 +73,7 @@ #define BYTES_TO_T_UINT_2( a, b ) \ BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 ) -#endif /* bits in t_uint */ +#endif /* bits in mbedtls_mpi_uint */ /* * Note: the constants are in little-endian order @@ -114,111 +83,111 @@ /* * Domain parameters for secp192r1 */ -#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) -static const t_uint secp192r1_p[] = { +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) +static const mbedtls_mpi_uint secp192r1_p[] = { BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; -static const t_uint secp192r1_b[] = { +static const mbedtls_mpi_uint secp192r1_b[] = { BYTES_TO_T_UINT_8( 0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE ), BYTES_TO_T_UINT_8( 0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F ), BYTES_TO_T_UINT_8( 0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64 ), }; -static const t_uint secp192r1_gx[] = { +static const mbedtls_mpi_uint secp192r1_gx[] = { BYTES_TO_T_UINT_8( 0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4 ), BYTES_TO_T_UINT_8( 0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C ), BYTES_TO_T_UINT_8( 0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18 ), }; -static const t_uint secp192r1_gy[] = { +static const mbedtls_mpi_uint secp192r1_gy[] = { BYTES_TO_T_UINT_8( 0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73 ), BYTES_TO_T_UINT_8( 0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63 ), BYTES_TO_T_UINT_8( 0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07 ), }; -static const t_uint secp192r1_n[] = { +static const mbedtls_mpi_uint secp192r1_n[] = { BYTES_TO_T_UINT_8( 0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14 ), BYTES_TO_T_UINT_8( 0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; -#endif /* POLARSSL_ECP_DP_SECP192R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ /* * Domain parameters for secp224r1 */ -#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) -static const t_uint secp224r1_p[] = { +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) +static const mbedtls_mpi_uint secp224r1_p[] = { BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), }; -static const t_uint secp224r1_b[] = { +static const mbedtls_mpi_uint secp224r1_b[] = { BYTES_TO_T_UINT_8( 0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27 ), BYTES_TO_T_UINT_8( 0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50 ), BYTES_TO_T_UINT_8( 0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C ), BYTES_TO_T_UINT_4( 0x85, 0x0A, 0x05, 0xB4 ), }; -static const t_uint secp224r1_gx[] = { +static const mbedtls_mpi_uint secp224r1_gx[] = { BYTES_TO_T_UINT_8( 0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34 ), BYTES_TO_T_UINT_8( 0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A ), BYTES_TO_T_UINT_8( 0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B ), BYTES_TO_T_UINT_4( 0xBD, 0x0C, 0x0E, 0xB7 ), }; -static const t_uint secp224r1_gy[] = { +static const mbedtls_mpi_uint secp224r1_gy[] = { BYTES_TO_T_UINT_8( 0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44 ), BYTES_TO_T_UINT_8( 0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD ), BYTES_TO_T_UINT_8( 0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5 ), BYTES_TO_T_UINT_4( 0x88, 0x63, 0x37, 0xBD ), }; -static const t_uint secp224r1_n[] = { +static const mbedtls_mpi_uint secp224r1_n[] = { BYTES_TO_T_UINT_8( 0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13 ), BYTES_TO_T_UINT_8( 0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ), }; -#endif /* POLARSSL_ECP_DP_SECP224R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ /* * Domain parameters for secp256r1 */ -#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) -static const t_uint secp256r1_p[] = { +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +static const mbedtls_mpi_uint secp256r1_p[] = { BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), }; -static const t_uint secp256r1_b[] = { +static const mbedtls_mpi_uint secp256r1_b[] = { BYTES_TO_T_UINT_8( 0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B ), BYTES_TO_T_UINT_8( 0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65 ), BYTES_TO_T_UINT_8( 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3 ), BYTES_TO_T_UINT_8( 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A ), }; -static const t_uint secp256r1_gx[] = { +static const mbedtls_mpi_uint secp256r1_gx[] = { BYTES_TO_T_UINT_8( 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4 ), BYTES_TO_T_UINT_8( 0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77 ), BYTES_TO_T_UINT_8( 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8 ), BYTES_TO_T_UINT_8( 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B ), }; -static const t_uint secp256r1_gy[] = { +static const mbedtls_mpi_uint secp256r1_gy[] = { BYTES_TO_T_UINT_8( 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB ), BYTES_TO_T_UINT_8( 0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B ), BYTES_TO_T_UINT_8( 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E ), BYTES_TO_T_UINT_8( 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F ), }; -static const t_uint secp256r1_n[] = { +static const mbedtls_mpi_uint secp256r1_n[] = { BYTES_TO_T_UINT_8( 0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3 ), BYTES_TO_T_UINT_8( 0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), }; -#endif /* POLARSSL_ECP_DP_SECP256R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ /* * Domain parameters for secp384r1 */ -#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) -static const t_uint secp384r1_p[] = { +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +static const mbedtls_mpi_uint secp384r1_p[] = { BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), @@ -226,7 +195,7 @@ static const t_uint secp384r1_p[] = { BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; -static const t_uint secp384r1_b[] = { +static const mbedtls_mpi_uint secp384r1_b[] = { BYTES_TO_T_UINT_8( 0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A ), BYTES_TO_T_UINT_8( 0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6 ), BYTES_TO_T_UINT_8( 0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03 ), @@ -234,7 +203,7 @@ static const t_uint secp384r1_b[] = { BYTES_TO_T_UINT_8( 0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98 ), BYTES_TO_T_UINT_8( 0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3 ), }; -static const t_uint secp384r1_gx[] = { +static const mbedtls_mpi_uint secp384r1_gx[] = { BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A ), BYTES_TO_T_UINT_8( 0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55 ), BYTES_TO_T_UINT_8( 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59 ), @@ -242,7 +211,7 @@ static const t_uint secp384r1_gx[] = { BYTES_TO_T_UINT_8( 0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E ), BYTES_TO_T_UINT_8( 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA ), }; -static const t_uint secp384r1_gy[] = { +static const mbedtls_mpi_uint secp384r1_gy[] = { BYTES_TO_T_UINT_8( 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A ), BYTES_TO_T_UINT_8( 0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A ), BYTES_TO_T_UINT_8( 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9 ), @@ -250,7 +219,7 @@ static const t_uint secp384r1_gy[] = { BYTES_TO_T_UINT_8( 0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D ), BYTES_TO_T_UINT_8( 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 ), }; -static const t_uint secp384r1_n[] = { +static const mbedtls_mpi_uint secp384r1_n[] = { BYTES_TO_T_UINT_8( 0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC ), BYTES_TO_T_UINT_8( 0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58 ), BYTES_TO_T_UINT_8( 0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7 ), @@ -258,13 +227,13 @@ static const t_uint secp384r1_n[] = { BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; -#endif /* POLARSSL_ECP_DP_SECP384R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ /* * Domain parameters for secp521r1 */ -#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) -static const t_uint secp521r1_p[] = { +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +static const mbedtls_mpi_uint secp521r1_p[] = { BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), @@ -275,7 +244,7 @@ static const t_uint secp521r1_p[] = { BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_2( 0xFF, 0x01 ), }; -static const t_uint secp521r1_b[] = { +static const mbedtls_mpi_uint secp521r1_b[] = { BYTES_TO_T_UINT_8( 0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF ), BYTES_TO_T_UINT_8( 0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35 ), BYTES_TO_T_UINT_8( 0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16 ), @@ -286,7 +255,7 @@ static const t_uint secp521r1_b[] = { BYTES_TO_T_UINT_8( 0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95 ), BYTES_TO_T_UINT_2( 0x51, 0x00 ), }; -static const t_uint secp521r1_gx[] = { +static const mbedtls_mpi_uint secp521r1_gx[] = { BYTES_TO_T_UINT_8( 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9 ), BYTES_TO_T_UINT_8( 0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33 ), BYTES_TO_T_UINT_8( 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE ), @@ -297,7 +266,7 @@ static const t_uint secp521r1_gx[] = { BYTES_TO_T_UINT_8( 0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85 ), BYTES_TO_T_UINT_2( 0xC6, 0x00 ), }; -static const t_uint secp521r1_gy[] = { +static const mbedtls_mpi_uint secp521r1_gy[] = { BYTES_TO_T_UINT_8( 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88 ), BYTES_TO_T_UINT_8( 0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35 ), BYTES_TO_T_UINT_8( 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5 ), @@ -308,7 +277,7 @@ static const t_uint secp521r1_gy[] = { BYTES_TO_T_UINT_8( 0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39 ), BYTES_TO_T_UINT_2( 0x18, 0x01 ), }; -static const t_uint secp521r1_n[] = { +static const mbedtls_mpi_uint secp521r1_n[] = { BYTES_TO_T_UINT_8( 0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB ), BYTES_TO_T_UINT_8( 0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B ), BYTES_TO_T_UINT_8( 0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F ), @@ -319,150 +288,150 @@ static const t_uint secp521r1_n[] = { BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_2( 0xFF, 0x01 ), }; -#endif /* POLARSSL_ECP_DP_SECP521R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) -static const t_uint secp192k1_p[] = { +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) +static const mbedtls_mpi_uint secp192k1_p[] = { BYTES_TO_T_UINT_8( 0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; -static const t_uint secp192k1_a[] = { +static const mbedtls_mpi_uint secp192k1_a[] = { BYTES_TO_T_UINT_2( 0x00, 0x00 ), }; -static const t_uint secp192k1_b[] = { +static const mbedtls_mpi_uint secp192k1_b[] = { BYTES_TO_T_UINT_2( 0x03, 0x00 ), }; -static const t_uint secp192k1_gx[] = { +static const mbedtls_mpi_uint secp192k1_gx[] = { BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D ), BYTES_TO_T_UINT_8( 0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26 ), BYTES_TO_T_UINT_8( 0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB ), }; -static const t_uint secp192k1_gy[] = { +static const mbedtls_mpi_uint secp192k1_gy[] = { BYTES_TO_T_UINT_8( 0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40 ), BYTES_TO_T_UINT_8( 0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84 ), BYTES_TO_T_UINT_8( 0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B ), }; -static const t_uint secp192k1_n[] = { +static const mbedtls_mpi_uint secp192k1_n[] = { BYTES_TO_T_UINT_8( 0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F ), BYTES_TO_T_UINT_8( 0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; -#endif /* POLARSSL_ECP_DP_SECP192K1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) -static const t_uint secp224k1_p[] = { +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) +static const mbedtls_mpi_uint secp224k1_p[] = { BYTES_TO_T_UINT_8( 0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ), }; -static const t_uint secp224k1_a[] = { +static const mbedtls_mpi_uint secp224k1_a[] = { BYTES_TO_T_UINT_2( 0x00, 0x00 ), }; -static const t_uint secp224k1_b[] = { +static const mbedtls_mpi_uint secp224k1_b[] = { BYTES_TO_T_UINT_2( 0x05, 0x00 ), }; -static const t_uint secp224k1_gx[] = { +static const mbedtls_mpi_uint secp224k1_gx[] = { BYTES_TO_T_UINT_8( 0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F ), BYTES_TO_T_UINT_8( 0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69 ), BYTES_TO_T_UINT_8( 0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D ), BYTES_TO_T_UINT_4( 0x33, 0x5B, 0x45, 0xA1 ), }; -static const t_uint secp224k1_gy[] = { +static const mbedtls_mpi_uint secp224k1_gy[] = { BYTES_TO_T_UINT_8( 0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2 ), BYTES_TO_T_UINT_8( 0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7 ), BYTES_TO_T_UINT_8( 0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F ), BYTES_TO_T_UINT_4( 0xED, 0x9F, 0x08, 0x7E ), }; -static const t_uint secp224k1_n[] = { +static const mbedtls_mpi_uint secp224k1_n[] = { BYTES_TO_T_UINT_8( 0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA ), BYTES_TO_T_UINT_8( 0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00 ), BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ), }; -#endif /* POLARSSL_ECP_DP_SECP224K1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) -static const t_uint secp256k1_p[] = { +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +static const mbedtls_mpi_uint secp256k1_p[] = { BYTES_TO_T_UINT_8( 0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; -static const t_uint secp256k1_a[] = { +static const mbedtls_mpi_uint secp256k1_a[] = { BYTES_TO_T_UINT_2( 0x00, 0x00 ), }; -static const t_uint secp256k1_b[] = { +static const mbedtls_mpi_uint secp256k1_b[] = { BYTES_TO_T_UINT_2( 0x07, 0x00 ), }; -static const t_uint secp256k1_gx[] = { +static const mbedtls_mpi_uint secp256k1_gx[] = { BYTES_TO_T_UINT_8( 0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59 ), BYTES_TO_T_UINT_8( 0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02 ), BYTES_TO_T_UINT_8( 0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55 ), BYTES_TO_T_UINT_8( 0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79 ), }; -static const t_uint secp256k1_gy[] = { +static const mbedtls_mpi_uint secp256k1_gy[] = { BYTES_TO_T_UINT_8( 0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C ), BYTES_TO_T_UINT_8( 0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD ), BYTES_TO_T_UINT_8( 0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D ), BYTES_TO_T_UINT_8( 0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48 ), }; -static const t_uint secp256k1_n[] = { +static const mbedtls_mpi_uint secp256k1_n[] = { BYTES_TO_T_UINT_8( 0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF ), BYTES_TO_T_UINT_8( 0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA ), BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), }; -#endif /* POLARSSL_ECP_DP_SECP256K1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ /* * Domain parameters for brainpoolP256r1 (RFC 5639 3.4) */ -#if defined(POLARSSL_ECP_DP_BP256R1_ENABLED) -static const t_uint brainpoolP256r1_p[] = { +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) +static const mbedtls_mpi_uint brainpoolP256r1_p[] = { BYTES_TO_T_UINT_8( 0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20 ), BYTES_TO_T_UINT_8( 0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E ), BYTES_TO_T_UINT_8( 0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ), BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ), }; -static const t_uint brainpoolP256r1_a[] = { +static const mbedtls_mpi_uint brainpoolP256r1_a[] = { BYTES_TO_T_UINT_8( 0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9 ), BYTES_TO_T_UINT_8( 0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB ), BYTES_TO_T_UINT_8( 0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE ), BYTES_TO_T_UINT_8( 0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D ), }; -static const t_uint brainpoolP256r1_b[] = { +static const mbedtls_mpi_uint brainpoolP256r1_b[] = { BYTES_TO_T_UINT_8( 0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B ), BYTES_TO_T_UINT_8( 0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95 ), BYTES_TO_T_UINT_8( 0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3 ), BYTES_TO_T_UINT_8( 0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26 ), }; -static const t_uint brainpoolP256r1_gx[] = { +static const mbedtls_mpi_uint brainpoolP256r1_gx[] = { BYTES_TO_T_UINT_8( 0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A ), BYTES_TO_T_UINT_8( 0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9 ), BYTES_TO_T_UINT_8( 0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C ), BYTES_TO_T_UINT_8( 0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B ), }; -static const t_uint brainpoolP256r1_gy[] = { +static const mbedtls_mpi_uint brainpoolP256r1_gy[] = { BYTES_TO_T_UINT_8( 0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C ), BYTES_TO_T_UINT_8( 0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2 ), BYTES_TO_T_UINT_8( 0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97 ), BYTES_TO_T_UINT_8( 0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54 ), }; -static const t_uint brainpoolP256r1_n[] = { +static const mbedtls_mpi_uint brainpoolP256r1_n[] = { BYTES_TO_T_UINT_8( 0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90 ), BYTES_TO_T_UINT_8( 0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C ), BYTES_TO_T_UINT_8( 0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ), BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ), }; -#endif /* POLARSSL_ECP_DP_BP256R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ /* * Domain parameters for brainpoolP384r1 (RFC 5639 3.6) */ -#if defined(POLARSSL_ECP_DP_BP384R1_ENABLED) -static const t_uint brainpoolP384r1_p[] = { +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) +static const mbedtls_mpi_uint brainpoolP384r1_p[] = { BYTES_TO_T_UINT_8( 0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87 ), BYTES_TO_T_UINT_8( 0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC ), BYTES_TO_T_UINT_8( 0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12 ), @@ -470,7 +439,7 @@ static const t_uint brainpoolP384r1_p[] = { BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ), BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ), }; -static const t_uint brainpoolP384r1_a[] = { +static const mbedtls_mpi_uint brainpoolP384r1_a[] = { BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ), BYTES_TO_T_UINT_8( 0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A ), BYTES_TO_T_UINT_8( 0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13 ), @@ -478,7 +447,7 @@ static const t_uint brainpoolP384r1_a[] = { BYTES_TO_T_UINT_8( 0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C ), BYTES_TO_T_UINT_8( 0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B ), }; -static const t_uint brainpoolP384r1_b[] = { +static const mbedtls_mpi_uint brainpoolP384r1_b[] = { BYTES_TO_T_UINT_8( 0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A ), BYTES_TO_T_UINT_8( 0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C ), BYTES_TO_T_UINT_8( 0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E ), @@ -486,7 +455,7 @@ static const t_uint brainpoolP384r1_b[] = { BYTES_TO_T_UINT_8( 0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B ), BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ), }; -static const t_uint brainpoolP384r1_gx[] = { +static const mbedtls_mpi_uint brainpoolP384r1_gx[] = { BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF ), BYTES_TO_T_UINT_8( 0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8 ), BYTES_TO_T_UINT_8( 0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB ), @@ -494,7 +463,7 @@ static const t_uint brainpoolP384r1_gx[] = { BYTES_TO_T_UINT_8( 0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2 ), BYTES_TO_T_UINT_8( 0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D ), }; -static const t_uint brainpoolP384r1_gy[] = { +static const mbedtls_mpi_uint brainpoolP384r1_gy[] = { BYTES_TO_T_UINT_8( 0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42 ), BYTES_TO_T_UINT_8( 0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E ), BYTES_TO_T_UINT_8( 0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1 ), @@ -502,7 +471,7 @@ static const t_uint brainpoolP384r1_gy[] = { BYTES_TO_T_UINT_8( 0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C ), BYTES_TO_T_UINT_8( 0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A ), }; -static const t_uint brainpoolP384r1_n[] = { +static const mbedtls_mpi_uint brainpoolP384r1_n[] = { BYTES_TO_T_UINT_8( 0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B ), BYTES_TO_T_UINT_8( 0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF ), BYTES_TO_T_UINT_8( 0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F ), @@ -510,13 +479,13 @@ static const t_uint brainpoolP384r1_n[] = { BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ), BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ), }; -#endif /* POLARSSL_ECP_DP_BP384R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ /* * Domain parameters for brainpoolP512r1 (RFC 5639 3.7) */ -#if defined(POLARSSL_ECP_DP_BP512R1_ENABLED) -static const t_uint brainpoolP512r1_p[] = { +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) +static const mbedtls_mpi_uint brainpoolP512r1_p[] = { BYTES_TO_T_UINT_8( 0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28 ), BYTES_TO_T_UINT_8( 0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28 ), BYTES_TO_T_UINT_8( 0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE ), @@ -526,7 +495,7 @@ static const t_uint brainpoolP512r1_p[] = { BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ), BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ), }; -static const t_uint brainpoolP512r1_a[] = { +static const mbedtls_mpi_uint brainpoolP512r1_a[] = { BYTES_TO_T_UINT_8( 0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7 ), BYTES_TO_T_UINT_8( 0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F ), BYTES_TO_T_UINT_8( 0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A ), @@ -536,7 +505,7 @@ static const t_uint brainpoolP512r1_a[] = { BYTES_TO_T_UINT_8( 0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2 ), BYTES_TO_T_UINT_8( 0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78 ), }; -static const t_uint brainpoolP512r1_b[] = { +static const mbedtls_mpi_uint brainpoolP512r1_b[] = { BYTES_TO_T_UINT_8( 0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28 ), BYTES_TO_T_UINT_8( 0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98 ), BYTES_TO_T_UINT_8( 0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77 ), @@ -546,7 +515,7 @@ static const t_uint brainpoolP512r1_b[] = { BYTES_TO_T_UINT_8( 0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA ), BYTES_TO_T_UINT_8( 0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D ), }; -static const t_uint brainpoolP512r1_gx[] = { +static const mbedtls_mpi_uint brainpoolP512r1_gx[] = { BYTES_TO_T_UINT_8( 0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B ), BYTES_TO_T_UINT_8( 0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C ), BYTES_TO_T_UINT_8( 0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50 ), @@ -556,7 +525,7 @@ static const t_uint brainpoolP512r1_gx[] = { BYTES_TO_T_UINT_8( 0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A ), BYTES_TO_T_UINT_8( 0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81 ), }; -static const t_uint brainpoolP512r1_gy[] = { +static const mbedtls_mpi_uint brainpoolP512r1_gy[] = { BYTES_TO_T_UINT_8( 0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78 ), BYTES_TO_T_UINT_8( 0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1 ), BYTES_TO_T_UINT_8( 0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B ), @@ -566,7 +535,7 @@ static const t_uint brainpoolP512r1_gy[] = { BYTES_TO_T_UINT_8( 0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0 ), BYTES_TO_T_UINT_8( 0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D ), }; -static const t_uint brainpoolP512r1_n[] = { +static const mbedtls_mpi_uint brainpoolP512r1_n[] = { BYTES_TO_T_UINT_8( 0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5 ), BYTES_TO_T_UINT_8( 0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D ), BYTES_TO_T_UINT_8( 0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41 ), @@ -576,25 +545,25 @@ static const t_uint brainpoolP512r1_n[] = { BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ), BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ), }; -#endif /* POLARSSL_ECP_DP_BP512R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ /* * Create an MPI from embedded constants - * (assumes len is an exact multiple of sizeof t_uint) + * (assumes len is an exact multiple of sizeof mbedtls_mpi_uint) */ -static inline void ecp_mpi_load( mpi *X, const t_uint *p, size_t len ) +static inline void ecp_mpi_load( mbedtls_mpi *X, const mbedtls_mpi_uint *p, size_t len ) { X->s = 1; - X->n = len / sizeof( t_uint ); - X->p = (t_uint *) p; + X->n = len / sizeof( mbedtls_mpi_uint ); + X->p = (mbedtls_mpi_uint *) p; } /* * Set an MPI to static value 1 */ -static inline void ecp_mpi_set1( mpi *X ) +static inline void ecp_mpi_set1( mbedtls_mpi *X ) { - static t_uint one[] = { 1 }; + static mbedtls_mpi_uint one[] = { 1 }; X->s = 1; X->n = 1; X->p = one; @@ -603,13 +572,13 @@ static inline void ecp_mpi_set1( mpi *X ) /* * Make group available from embedded constants */ -static int ecp_group_load( ecp_group *grp, - const t_uint *p, size_t plen, - const t_uint *a, size_t alen, - const t_uint *b, size_t blen, - const t_uint *gx, size_t gxlen, - const t_uint *gy, size_t gylen, - const t_uint *n, size_t nlen) +static int ecp_group_load( mbedtls_ecp_group *grp, + const mbedtls_mpi_uint *p, size_t plen, + const mbedtls_mpi_uint *a, size_t alen, + const mbedtls_mpi_uint *b, size_t blen, + const mbedtls_mpi_uint *gx, size_t gxlen, + const mbedtls_mpi_uint *gy, size_t gylen, + const mbedtls_mpi_uint *n, size_t nlen) { ecp_mpi_load( &grp->P, p, plen ); if( a != NULL ) @@ -621,49 +590,49 @@ static int ecp_group_load( ecp_group *grp, ecp_mpi_load( &grp->G.Y, gy, gylen ); ecp_mpi_set1( &grp->G.Z ); - grp->pbits = mpi_msb( &grp->P ); - grp->nbits = mpi_msb( &grp->N ); + grp->pbits = mbedtls_mpi_bitlen( &grp->P ); + grp->nbits = mbedtls_mpi_bitlen( &grp->N ); grp->h = 1; return( 0 ); } -#if defined(POLARSSL_ECP_NIST_OPTIM) +#if defined(MBEDTLS_ECP_NIST_OPTIM) /* Forward declarations */ -#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) -static int ecp_mod_p192( mpi * ); +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) +static int ecp_mod_p192( mbedtls_mpi * ); #endif -#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) -static int ecp_mod_p224( mpi * ); +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) +static int ecp_mod_p224( mbedtls_mpi * ); #endif -#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) -static int ecp_mod_p256( mpi * ); +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +static int ecp_mod_p256( mbedtls_mpi * ); #endif -#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) -static int ecp_mod_p384( mpi * ); +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +static int ecp_mod_p384( mbedtls_mpi * ); #endif -#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) -static int ecp_mod_p521( mpi * ); +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +static int ecp_mod_p521( mbedtls_mpi * ); #endif #define NIST_MODP( P ) grp->modp = ecp_mod_ ## P; #else #define NIST_MODP( P ) -#endif /* POLARSSL_ECP_NIST_OPTIM */ +#endif /* MBEDTLS_ECP_NIST_OPTIM */ /* Additional forward declarations */ -#if defined(POLARSSL_ECP_DP_M255_ENABLED) -static int ecp_mod_p255( mpi * ); +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +static int ecp_mod_p255( mbedtls_mpi * ); #endif -#if defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) -static int ecp_mod_p192k1( mpi * ); +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) +static int ecp_mod_p192k1( mbedtls_mpi * ); #endif -#if defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) -static int ecp_mod_p224k1( mpi * ); +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) +static int ecp_mod_p224k1( mbedtls_mpi * ); #endif -#if defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) -static int ecp_mod_p256k1( mpi * ); +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +static int ecp_mod_p256k1( mbedtls_mpi * ); #endif #define LOAD_GROUP_A( G ) ecp_group_load( grp, \ @@ -682,127 +651,127 @@ static int ecp_mod_p256k1( mpi * ); G ## _gy, sizeof( G ## _gy ), \ G ## _n, sizeof( G ## _n ) ) -#if defined(POLARSSL_ECP_DP_M255_ENABLED) +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) /* * Specialized function for creating the Curve25519 group */ -static int ecp_use_curve25519( ecp_group *grp ) +static int ecp_use_curve25519( mbedtls_ecp_group *grp ) { int ret; /* Actually ( A + 2 ) / 4 */ - MPI_CHK( mpi_read_string( &grp->A, 16, "01DB42" ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->A, 16, "01DB42" ) ); /* P = 2^255 - 19 */ - MPI_CHK( mpi_lset( &grp->P, 1 ) ); - MPI_CHK( mpi_shift_l( &grp->P, 255 ) ); - MPI_CHK( mpi_sub_int( &grp->P, &grp->P, 19 ) ); - grp->pbits = mpi_msb( &grp->P ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &grp->P, 255 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &grp->P, &grp->P, 19 ) ); + grp->pbits = mbedtls_mpi_bitlen( &grp->P ); /* Y intentionaly not set, since we use x/z coordinates. * This is used as a marker to identify Montgomery curves! */ - MPI_CHK( mpi_lset( &grp->G.X, 9 ) ); - MPI_CHK( mpi_lset( &grp->G.Z, 1 ) ); - mpi_free( &grp->G.Y ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.X, 9 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.Z, 1 ) ); + mbedtls_mpi_free( &grp->G.Y ); /* Actually, the required msb for private keys */ grp->nbits = 254; cleanup: if( ret != 0 ) - ecp_group_free( grp ); + mbedtls_ecp_group_free( grp ); return( ret ); } -#endif /* POLARSSL_ECP_DP_M255_ENABLED */ +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ /* * Set a group using well-known domain parameters */ -int ecp_use_known_dp( ecp_group *grp, ecp_group_id id ) +int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ) { - ecp_group_free( grp ); + mbedtls_ecp_group_free( grp ); grp->id = id; switch( id ) { -#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) - case POLARSSL_ECP_DP_SECP192R1: +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + case MBEDTLS_ECP_DP_SECP192R1: NIST_MODP( p192 ); return( LOAD_GROUP( secp192r1 ) ); -#endif /* POLARSSL_ECP_DP_SECP192R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) - case POLARSSL_ECP_DP_SECP224R1: +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + case MBEDTLS_ECP_DP_SECP224R1: NIST_MODP( p224 ); return( LOAD_GROUP( secp224r1 ) ); -#endif /* POLARSSL_ECP_DP_SECP224R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) - case POLARSSL_ECP_DP_SECP256R1: +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + case MBEDTLS_ECP_DP_SECP256R1: NIST_MODP( p256 ); return( LOAD_GROUP( secp256r1 ) ); -#endif /* POLARSSL_ECP_DP_SECP256R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) - case POLARSSL_ECP_DP_SECP384R1: +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + case MBEDTLS_ECP_DP_SECP384R1: NIST_MODP( p384 ); return( LOAD_GROUP( secp384r1 ) ); -#endif /* POLARSSL_ECP_DP_SECP384R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) - case POLARSSL_ECP_DP_SECP521R1: +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + case MBEDTLS_ECP_DP_SECP521R1: NIST_MODP( p521 ); return( LOAD_GROUP( secp521r1 ) ); -#endif /* POLARSSL_ECP_DP_SECP521R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) - case POLARSSL_ECP_DP_SECP192K1: +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + case MBEDTLS_ECP_DP_SECP192K1: grp->modp = ecp_mod_p192k1; return( LOAD_GROUP_A( secp192k1 ) ); -#endif /* POLARSSL_ECP_DP_SECP192K1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) - case POLARSSL_ECP_DP_SECP224K1: +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + case MBEDTLS_ECP_DP_SECP224K1: grp->modp = ecp_mod_p224k1; return( LOAD_GROUP_A( secp224k1 ) ); -#endif /* POLARSSL_ECP_DP_SECP224K1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) - case POLARSSL_ECP_DP_SECP256K1: +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + case MBEDTLS_ECP_DP_SECP256K1: grp->modp = ecp_mod_p256k1; return( LOAD_GROUP_A( secp256k1 ) ); -#endif /* POLARSSL_ECP_DP_SECP256K1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ -#if defined(POLARSSL_ECP_DP_BP256R1_ENABLED) - case POLARSSL_ECP_DP_BP256R1: +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) + case MBEDTLS_ECP_DP_BP256R1: return( LOAD_GROUP_A( brainpoolP256r1 ) ); -#endif /* POLARSSL_ECP_DP_BP256R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_BP384R1_ENABLED) - case POLARSSL_ECP_DP_BP384R1: +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + case MBEDTLS_ECP_DP_BP384R1: return( LOAD_GROUP_A( brainpoolP384r1 ) ); -#endif /* POLARSSL_ECP_DP_BP384R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_BP512R1_ENABLED) - case POLARSSL_ECP_DP_BP512R1: +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + case MBEDTLS_ECP_DP_BP512R1: return( LOAD_GROUP_A( brainpoolP512r1 ) ); -#endif /* POLARSSL_ECP_DP_BP512R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_M255_ENABLED) - case POLARSSL_ECP_DP_M255: +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + case MBEDTLS_ECP_DP_CURVE25519: grp->modp = ecp_mod_p255; return( ecp_use_curve25519( grp ) ); -#endif /* POLARSSL_ECP_DP_M255_ENABLED */ +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ default: - ecp_group_free( grp ); - return( POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE ); + mbedtls_ecp_group_free( grp ); + return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); } } -#if defined(POLARSSL_ECP_NIST_OPTIM) +#if defined(MBEDTLS_ECP_NIST_OPTIM) /* * Fast reduction modulo the primes used by the NIST curves. * @@ -813,7 +782,7 @@ int ecp_use_known_dp( ecp_group *grp, ecp_group_id id ) * MPI remains loose, since these functions can be deactivated at will. */ -#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) /* * Compared to the way things are presented in FIPS 186-3 D.2, * we proceed in columns, from right (least significant chunk) to left, @@ -822,16 +791,16 @@ int ecp_use_known_dp( ecp_group *grp, ecp_group_id id ) * compared to the more straightforward, line-oriented approach. * * For this prime we need to handle data in chunks of 64 bits. - * Since this is always a multiple of our basic t_uint, we can - * use a t_uint * to designate such a chunk, and small loops to handle it. + * Since this is always a multiple of our basic mbedtls_mpi_uint, we can + * use a mbedtls_mpi_uint * to designate such a chunk, and small loops to handle it. */ /* Add 64-bit chunks (dst += src) and update carry */ -static inline void add64( t_uint *dst, t_uint *src, t_uint *carry ) +static inline void add64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *src, mbedtls_mpi_uint *carry ) { unsigned char i; - t_uint c = 0; - for( i = 0; i < 8 / sizeof( t_uint ); i++, dst++, src++ ) + mbedtls_mpi_uint c = 0; + for( i = 0; i < 8 / sizeof( mbedtls_mpi_uint ); i++, dst++, src++ ) { *dst += c; c = ( *dst < c ); *dst += *src; c += ( *dst < *src ); @@ -840,17 +809,17 @@ static inline void add64( t_uint *dst, t_uint *src, t_uint *carry ) } /* Add carry to a 64-bit chunk and update carry */ -static inline void carry64( t_uint *dst, t_uint *carry ) +static inline void carry64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry ) { unsigned char i; - for( i = 0; i < 8 / sizeof( t_uint ); i++, dst++ ) + for( i = 0; i < 8 / sizeof( mbedtls_mpi_uint ); i++, dst++ ) { *dst += *carry; *carry = ( *dst < *carry ); } } -#define WIDTH 8 / sizeof( t_uint ) +#define WIDTH 8 / sizeof( mbedtls_mpi_uint ) #define A( i ) N->p + i * WIDTH #define ADD( i ) add64( p, A( i ), &c ) #define NEXT p += WIDTH; carry64( p, &c ) @@ -859,14 +828,14 @@ static inline void carry64( t_uint *dst, t_uint *carry ) /* * Fast quasi-reduction modulo p192 (FIPS 186-3 D.2.1) */ -static int ecp_mod_p192( mpi *N ) +static int ecp_mod_p192( mbedtls_mpi *N ) { int ret; - t_uint c = 0; - t_uint *p, *end; + mbedtls_mpi_uint c = 0; + mbedtls_mpi_uint *p, *end; /* Make sure we have enough blocks so that A(5) is legal */ - MPI_CHK( mpi_grow( N, 6 * WIDTH ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, 6 * WIDTH ) ); p = N->p; end = p + N->n; @@ -884,11 +853,11 @@ cleanup: #undef ADD #undef NEXT #undef LAST -#endif /* POLARSSL_ECP_DP_SECP192R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) || \ - defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) || \ - defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) /* * The reader is advised to first understand ecp_mod_p192() since the same * general structure is used here, but with additional complications: @@ -907,26 +876,7 @@ cleanup: */ #define LOAD32 cur = A( i ); -#if defined(POLARSSL_HAVE_INT8) /* 8 bit */ - -#define MAX32 N->n / 4 -#define A( j ) (uint32_t)( N->p[4*j+0] ) | \ - ( N->p[4*j+1] << 8 ) | \ - ( N->p[4*j+2] << 16 ) | \ - ( N->p[4*j+3] << 24 ) -#define STORE32 N->p[4*i+0] = (t_uint)( cur ); \ - N->p[4*i+1] = (t_uint)( cur >> 8 ); \ - N->p[4*i+2] = (t_uint)( cur >> 16 ); \ - N->p[4*i+3] = (t_uint)( cur >> 24 ); - -#elif defined(POLARSSL_HAVE_INT16) /* 16 bit */ - -#define MAX32 N->n / 2 -#define A( j ) (uint32_t)( N->p[2*j] ) | ( N->p[2*j+1] << 16 ) -#define STORE32 N->p[2*i+0] = (t_uint)( cur ); \ - N->p[2*i+1] = (t_uint)( cur >> 16 ); - -#elif defined(POLARSSL_HAVE_INT32) /* 32 bit */ +#if defined(MBEDTLS_HAVE_INT32) /* 32 bit */ #define MAX32 N->n #define A( j ) N->p[j] @@ -939,13 +889,13 @@ cleanup: #define STORE32 \ if( i % 2 ) { \ N->p[i/2] &= 0x00000000FFFFFFFF; \ - N->p[i/2] |= ((t_uint) cur) << 32; \ + N->p[i/2] |= ((mbedtls_mpi_uint) cur) << 32; \ } else { \ N->p[i/2] &= 0xFFFFFFFF00000000; \ - N->p[i/2] |= (t_uint) cur; \ + N->p[i/2] |= (mbedtls_mpi_uint) cur; \ } -#endif /* sizeof( t_uint ) */ +#endif /* sizeof( mbedtls_mpi_uint ) */ /* * Helpers for addition and subtraction of chunks, with signed carry. @@ -974,15 +924,15 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry ) signed char c = 0, cc; \ uint32_t cur; \ size_t i = 0, bits = b; \ - mpi C; \ - t_uint Cp[ b / 8 / sizeof( t_uint) + 1 ]; \ + mbedtls_mpi C; \ + mbedtls_mpi_uint Cp[ b / 8 / sizeof( mbedtls_mpi_uint) + 1 ]; \ \ C.s = 1; \ - C.n = b / 8 / sizeof( t_uint) + 1; \ + C.n = b / 8 / sizeof( mbedtls_mpi_uint) + 1; \ C.p = Cp; \ - memset( Cp, 0, C.n * sizeof( t_uint ) ); \ + memset( Cp, 0, C.n * sizeof( mbedtls_mpi_uint ) ); \ \ - MPI_CHK( mpi_grow( N, b * 2 / 8 / sizeof( t_uint ) ) ); \ + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, b * 2 / 8 / sizeof( mbedtls_mpi_uint ) ) ); \ LOAD32; #define NEXT \ @@ -1003,22 +953,22 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry ) * If the result is negative, we get it in the form * c * 2^(bits + 32) + N, with c negative and N positive shorter than 'bits' */ -static inline int fix_negative( mpi *N, signed char c, mpi *C, size_t bits ) +static inline int fix_negative( mbedtls_mpi *N, signed char c, mbedtls_mpi *C, size_t bits ) { int ret; /* C = - c * 2^(bits + 32) */ -#if !defined(POLARSSL_HAVE_INT64) +#if !defined(MBEDTLS_HAVE_INT64) ((void) bits); #else if( bits == 224 ) - C->p[ C->n - 1 ] = ((t_uint) -c) << 32; + C->p[ C->n - 1 ] = ((mbedtls_mpi_uint) -c) << 32; else #endif - C->p[ C->n - 1 ] = (t_uint) -c; + C->p[ C->n - 1 ] = (mbedtls_mpi_uint) -c; /* N = - ( C - N ) */ - MPI_CHK( mpi_sub_abs( N, C, N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( N, C, N ) ); N->s = -1; cleanup: @@ -1026,11 +976,11 @@ cleanup: return( ret ); } -#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) /* * Fast quasi-reduction modulo p224 (FIPS 186-3 D.2.2) */ -static int ecp_mod_p224( mpi *N ) +static int ecp_mod_p224( mbedtls_mpi *N ) { INIT( 224 ); @@ -1045,13 +995,13 @@ static int ecp_mod_p224( mpi *N ) cleanup: return( ret ); } -#endif /* POLARSSL_ECP_DP_SECP224R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) /* * Fast quasi-reduction modulo p256 (FIPS 186-3 D.2.3) */ -static int ecp_mod_p256( mpi *N ) +static int ecp_mod_p256( mbedtls_mpi *N ) { INIT( 256 ); @@ -1082,13 +1032,13 @@ static int ecp_mod_p256( mpi *N ) cleanup: return( ret ); } -#endif /* POLARSSL_ECP_DP_SECP256R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) /* * Fast quasi-reduction modulo p384 (FIPS 186-3 D.2.4) */ -static int ecp_mod_p384( mpi *N ) +static int ecp_mod_p384( mbedtls_mpi *N ) { INIT( 384 ); @@ -1131,7 +1081,7 @@ static int ecp_mod_p384( mpi *N ) cleanup: return( ret ); } -#endif /* POLARSSL_ECP_DP_SECP384R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #undef A #undef LOAD32 @@ -1141,37 +1091,33 @@ cleanup: #undef NEXT #undef LAST -#endif /* POLARSSL_ECP_DP_SECP224R1_ENABLED || - POLARSSL_ECP_DP_SECP256R1_ENABLED || - POLARSSL_ECP_DP_SECP384R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED || + MBEDTLS_ECP_DP_SECP256R1_ENABLED || + MBEDTLS_ECP_DP_SECP384R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) /* * Here we have an actual Mersenne prime, so things are more straightforward. * However, chunks are aligned on a 'weird' boundary (521 bits). */ -/* Size of p521 in terms of t_uint */ -#define P521_WIDTH ( 521 / 8 / sizeof( t_uint ) + 1 ) +/* Size of p521 in terms of mbedtls_mpi_uint */ +#define P521_WIDTH ( 521 / 8 / sizeof( mbedtls_mpi_uint ) + 1 ) -/* Bits to keep in the most significant t_uint */ -#if defined(POLARSSL_HAVE_INT8) -#define P521_MASK 0x01 -#else +/* Bits to keep in the most significant mbedtls_mpi_uint */ #define P521_MASK 0x01FF -#endif /* * Fast quasi-reduction modulo p521 (FIPS 186-3 D.2.5) * Write N as A1 + 2^521 A0, return A0 + A1 */ -static int ecp_mod_p521( mpi *N ) +static int ecp_mod_p521( mbedtls_mpi *N ) { int ret; size_t i; - mpi M; - t_uint Mp[P521_WIDTH + 1]; - /* Worst case for the size of M is when t_uint is 16 bits: + mbedtls_mpi M; + mbedtls_mpi_uint Mp[P521_WIDTH + 1]; + /* Worst case for the size of M is when mbedtls_mpi_uint is 16 bits: * we need to hold bits 513 to 1056, which is 34 limbs, that is * P521_WIDTH + 1. Otherwise P521_WIDTH is enough. */ @@ -1184,8 +1130,8 @@ static int ecp_mod_p521( mpi *N ) if( M.n > P521_WIDTH + 1 ) M.n = P521_WIDTH + 1; M.p = Mp; - memcpy( Mp, N->p + P521_WIDTH - 1, M.n * sizeof( t_uint ) ); - MPI_CHK( mpi_shift_r( &M, 521 % ( 8 * sizeof( t_uint ) ) ) ); + memcpy( Mp, N->p + P521_WIDTH - 1, M.n * sizeof( mbedtls_mpi_uint ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, 521 % ( 8 * sizeof( mbedtls_mpi_uint ) ) ) ); /* N = A0 */ N->p[P521_WIDTH - 1] &= P521_MASK; @@ -1193,7 +1139,7 @@ static int ecp_mod_p521( mpi *N ) N->p[i] = 0; /* N = A0 + A1 */ - MPI_CHK( mpi_add_abs( N, N, &M ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) ); cleanup: return( ret ); @@ -1201,25 +1147,25 @@ cleanup: #undef P521_WIDTH #undef P521_MASK -#endif /* POLARSSL_ECP_DP_SECP521R1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ -#endif /* POLARSSL_ECP_NIST_OPTIM */ +#endif /* MBEDTLS_ECP_NIST_OPTIM */ -#if defined(POLARSSL_ECP_DP_M255_ENABLED) +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) -/* Size of p255 in terms of t_uint */ -#define P255_WIDTH ( 255 / 8 / sizeof( t_uint ) + 1 ) +/* Size of p255 in terms of mbedtls_mpi_uint */ +#define P255_WIDTH ( 255 / 8 / sizeof( mbedtls_mpi_uint ) + 1 ) /* * Fast quasi-reduction modulo p255 = 2^255 - 19 * Write N as A0 + 2^255 A1, return A0 + 19 * A1 */ -static int ecp_mod_p255( mpi *N ) +static int ecp_mod_p255( mbedtls_mpi *N ) { int ret; size_t i; - mpi M; - t_uint Mp[P255_WIDTH + 2]; + mbedtls_mpi M; + mbedtls_mpi_uint Mp[P255_WIDTH + 2]; if( N->n < P255_WIDTH ) return( 0 ); @@ -1231,27 +1177,27 @@ static int ecp_mod_p255( mpi *N ) M.n = P255_WIDTH + 1; M.p = Mp; memset( Mp, 0, sizeof Mp ); - memcpy( Mp, N->p + P255_WIDTH - 1, M.n * sizeof( t_uint ) ); - MPI_CHK( mpi_shift_r( &M, 255 % ( 8 * sizeof( t_uint ) ) ) ); + memcpy( Mp, N->p + P255_WIDTH - 1, M.n * sizeof( mbedtls_mpi_uint ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, 255 % ( 8 * sizeof( mbedtls_mpi_uint ) ) ) ); M.n++; /* Make room for multiplication by 19 */ /* N = A0 */ - MPI_CHK( mpi_set_bit( N, 255, 0 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( N, 255, 0 ) ); for( i = P255_WIDTH; i < N->n; i++ ) N->p[i] = 0; /* N = A0 + 19 * A1 */ - MPI_CHK( mpi_mul_int( &M, &M, 19 ) ); - MPI_CHK( mpi_add_abs( N, N, &M ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &M, 19 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) ); cleanup: return( ret ); } -#endif /* POLARSSL_ECP_DP_M255_ENABLED */ +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) || \ - defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) || \ - defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) /* * Fast quasi-reduction modulo P = 2^s - R, * with R about 33 bits, used by the Koblitz curves. @@ -1259,15 +1205,15 @@ cleanup: * Write N as A0 + 2^224 A1, return A0 + R * A1. * Actually do two passes, since R is big. */ -#define P_KOBLITZ_MAX ( 256 / 8 / sizeof( t_uint ) ) // Max limbs in P -#define P_KOBLITZ_R ( 8 / sizeof( t_uint ) ) // Limbs in R -static inline int ecp_mod_koblitz( mpi *N, t_uint *Rp, size_t p_limbs, - size_t adjust, size_t shift, t_uint mask ) +#define P_KOBLITZ_MAX ( 256 / 8 / sizeof( mbedtls_mpi_uint ) ) // Max limbs in P +#define P_KOBLITZ_R ( 8 / sizeof( mbedtls_mpi_uint ) ) // Limbs in R +static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs, + size_t adjust, size_t shift, mbedtls_mpi_uint mask ) { int ret; size_t i; - mpi M, R; - t_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R]; + mbedtls_mpi M, R; + mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R]; if( N->n < p_limbs ) return( 0 ); @@ -1286,9 +1232,9 @@ static inline int ecp_mod_koblitz( mpi *N, t_uint *Rp, size_t p_limbs, if( M.n > p_limbs + adjust ) M.n = p_limbs + adjust; memset( Mp, 0, sizeof Mp ); - memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( t_uint ) ); + memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) ); if( shift != 0 ) - MPI_CHK( mpi_shift_r( &M, shift ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) ); M.n += R.n - adjust; /* Make room for multiplication by R */ /* N = A0 */ @@ -1298,8 +1244,8 @@ static inline int ecp_mod_koblitz( mpi *N, t_uint *Rp, size_t p_limbs, N->p[i] = 0; /* N = A0 + R * A1 */ - MPI_CHK( mpi_mul_mpi( &M, &M, &R ) ); - MPI_CHK( mpi_add_abs( N, N, &M ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &M, &M, &R ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) ); /* Second pass */ @@ -1308,9 +1254,9 @@ static inline int ecp_mod_koblitz( mpi *N, t_uint *Rp, size_t p_limbs, if( M.n > p_limbs + adjust ) M.n = p_limbs + adjust; memset( Mp, 0, sizeof Mp ); - memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( t_uint ) ); + memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) ); if( shift != 0 ) - MPI_CHK( mpi_shift_r( &M, shift ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) ); M.n += R.n - adjust; /* Make room for multiplication by R */ /* N = A0 */ @@ -1320,60 +1266,60 @@ static inline int ecp_mod_koblitz( mpi *N, t_uint *Rp, size_t p_limbs, N->p[i] = 0; /* N = A0 + R * A1 */ - MPI_CHK( mpi_mul_mpi( &M, &M, &R ) ); - MPI_CHK( mpi_add_abs( N, N, &M ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &M, &M, &R ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) ); cleanup: return( ret ); } -#endif /* POLARSSL_ECP_DP_SECP192K1_ENABLED) || - POLARSSL_ECP_DP_SECP224K1_ENABLED) || - POLARSSL_ECP_DP_SECP256K1_ENABLED) */ +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED) || + MBEDTLS_ECP_DP_SECP224K1_ENABLED) || + MBEDTLS_ECP_DP_SECP256K1_ENABLED) */ -#if defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) /* * Fast quasi-reduction modulo p192k1 = 2^192 - R, * with R = 2^32 + 2^12 + 2^8 + 2^7 + 2^6 + 2^3 + 1 = 0x0100001119 */ -static int ecp_mod_p192k1( mpi *N ) +static int ecp_mod_p192k1( mbedtls_mpi *N ) { - static t_uint Rp[] = { + static mbedtls_mpi_uint Rp[] = { BYTES_TO_T_UINT_8( 0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) }; - return( ecp_mod_koblitz( N, Rp, 192 / 8 / sizeof( t_uint ), 0, 0, 0 ) ); + return( ecp_mod_koblitz( N, Rp, 192 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) ); } -#endif /* POLARSSL_ECP_DP_SECP192K1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) /* * Fast quasi-reduction modulo p224k1 = 2^224 - R, * with R = 2^32 + 2^12 + 2^11 + 2^9 + 2^7 + 2^4 + 2 + 1 = 0x0100001A93 */ -static int ecp_mod_p224k1( mpi *N ) +static int ecp_mod_p224k1( mbedtls_mpi *N ) { - static t_uint Rp[] = { + static mbedtls_mpi_uint Rp[] = { BYTES_TO_T_UINT_8( 0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) }; -#if defined(POLARSSL_HAVE_INT64) +#if defined(MBEDTLS_HAVE_INT64) return( ecp_mod_koblitz( N, Rp, 4, 1, 32, 0xFFFFFFFF ) ); #else - return( ecp_mod_koblitz( N, Rp, 224 / 8 / sizeof( t_uint ), 0, 0, 0 ) ); + return( ecp_mod_koblitz( N, Rp, 224 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) ); #endif } -#endif /* POLARSSL_ECP_DP_SECP224K1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) /* * Fast quasi-reduction modulo p256k1 = 2^256 - R, * with R = 2^32 + 2^9 + 2^8 + 2^7 + 2^6 + 2^4 + 1 = 0x01000003D1 */ -static int ecp_mod_p256k1( mpi *N ) +static int ecp_mod_p256k1( mbedtls_mpi *N ) { - static t_uint Rp[] = { + static mbedtls_mpi_uint Rp[] = { BYTES_TO_T_UINT_8( 0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) }; - return( ecp_mod_koblitz( N, Rp, 256 / 8 / sizeof( t_uint ), 0, 0, 0 ) ); + return( ecp_mod_koblitz( N, Rp, 256 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) ); } -#endif /* POLARSSL_ECP_DP_SECP256K1_ENABLED */ +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ -#endif /* POLARSSL_ECP_C */ +#endif /* MBEDTLS_ECP_C */ diff --git a/ext/mbedtls/library/entropy.c b/ext/mbedtls/library/entropy.c index 540a27c57a..90e4149167 100644 --- a/ext/mbedtls/library/entropy.c +++ b/ext/mbedtls/library/entropy.c @@ -20,114 +20,124 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_ENTROPY_C) +#if defined(MBEDTLS_ENTROPY_C) -#include "polarssl/entropy.h" -#include "polarssl/entropy_poll.h" +#include "mbedtls/entropy.h" +#include "mbedtls/entropy_poll.h" #include -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) #include #endif -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ -#if defined(POLARSSL_HAVEGE_C) -#include "polarssl/havege.h" +#if defined(MBEDTLS_HAVEGE_C) +#include "mbedtls/havege.h" #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } #define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */ -void entropy_init( entropy_context *ctx ) +void mbedtls_entropy_init( mbedtls_entropy_context *ctx ) { - memset( ctx, 0, sizeof(entropy_context) ); + memset( ctx, 0, sizeof(mbedtls_entropy_context) ); -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_init( &ctx->mutex ); +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &ctx->mutex ); #endif -#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) - sha512_starts( &ctx->accumulator, 0 ); +#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) + mbedtls_sha512_starts( &ctx->accumulator, 0 ); #else - sha256_starts( &ctx->accumulator, 0 ); + mbedtls_sha256_starts( &ctx->accumulator, 0 ); #endif -#if defined(POLARSSL_HAVEGE_C) - havege_init( &ctx->havege_data ); +#if defined(MBEDTLS_HAVEGE_C) + mbedtls_havege_init( &ctx->havege_data ); #endif -#if !defined(POLARSSL_NO_DEFAULT_ENTROPY_SOURCES) -#if !defined(POLARSSL_NO_PLATFORM_ENTROPY) - entropy_add_source( ctx, platform_entropy_poll, NULL, - ENTROPY_MIN_PLATFORM ); +#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) +#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) + mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL, + MBEDTLS_ENTROPY_MIN_PLATFORM, + MBEDTLS_ENTROPY_SOURCE_STRONG ); #endif -#if defined(POLARSSL_TIMING_C) - entropy_add_source( ctx, hardclock_poll, NULL, ENTROPY_MIN_HARDCLOCK ); +#if defined(MBEDTLS_TIMING_C) + mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDCLOCK, + MBEDTLS_ENTROPY_SOURCE_WEAK ); #endif -#if defined(POLARSSL_HAVEGE_C) - entropy_add_source( ctx, havege_poll, &ctx->havege_data, - ENTROPY_MIN_HAVEGE ); +#if defined(MBEDTLS_HAVEGE_C) + mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data, + MBEDTLS_ENTROPY_MIN_HAVEGE, + MBEDTLS_ENTROPY_SOURCE_STRONG ); #endif -#endif /* POLARSSL_NO_DEFAULT_ENTROPY_SOURCES */ +#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) + mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDWARE, + MBEDTLS_ENTROPY_SOURCE_STRONG ); +#endif +#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ } -void entropy_free( entropy_context *ctx ) +void mbedtls_entropy_free( mbedtls_entropy_context *ctx ) { -#if defined(POLARSSL_HAVEGE_C) - havege_free( &ctx->havege_data ); +#if defined(MBEDTLS_HAVEGE_C) + mbedtls_havege_free( &ctx->havege_data ); #endif -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_free( &ctx->mutex ); +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_free( &ctx->mutex ); #endif - polarssl_zeroize( ctx, sizeof( entropy_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_entropy_context ) ); } -int entropy_add_source( entropy_context *ctx, - f_source_ptr f_source, void *p_source, - size_t threshold ) +int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, + mbedtls_entropy_f_source_ptr f_source, void *p_source, + size_t threshold, int strong ) { int index, ret = 0; -#if defined(POLARSSL_THREADING_C) - if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 ) +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) return( ret ); #endif index = ctx->source_count; - if( index >= ENTROPY_MAX_SOURCES ) + if( index >= MBEDTLS_ENTROPY_MAX_SOURCES ) { - ret = POLARSSL_ERR_ENTROPY_MAX_SOURCES; + ret = MBEDTLS_ERR_ENTROPY_MAX_SOURCES; goto exit; } - ctx->source[index].f_source = f_source; - ctx->source[index].p_source = p_source; + ctx->source[index].f_source = f_source; + ctx->source[index].p_source = p_source; ctx->source[index].threshold = threshold; + ctx->source[index].strong = strong; ctx->source_count++; exit: -#if defined(POLARSSL_THREADING_C) - if( polarssl_mutex_unlock( &ctx->mutex ) != 0 ) - return( POLARSSL_ERR_THREADING_MUTEX_ERROR ); +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); #endif return( ret ); @@ -136,54 +146,54 @@ exit: /* * Entropy accumulator update */ -static int entropy_update( entropy_context *ctx, unsigned char source_id, +static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id, const unsigned char *data, size_t len ) { unsigned char header[2]; - unsigned char tmp[ENTROPY_BLOCK_SIZE]; + unsigned char tmp[MBEDTLS_ENTROPY_BLOCK_SIZE]; size_t use_len = len; const unsigned char *p = data; - if( use_len > ENTROPY_BLOCK_SIZE ) + if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE ) { -#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) - sha512( data, len, tmp, 0 ); +#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) + mbedtls_sha512( data, len, tmp, 0 ); #else - sha256( data, len, tmp, 0 ); + mbedtls_sha256( data, len, tmp, 0 ); #endif p = tmp; - use_len = ENTROPY_BLOCK_SIZE; + use_len = MBEDTLS_ENTROPY_BLOCK_SIZE; } header[0] = source_id; header[1] = use_len & 0xFF; -#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) - sha512_update( &ctx->accumulator, header, 2 ); - sha512_update( &ctx->accumulator, p, use_len ); +#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) + mbedtls_sha512_update( &ctx->accumulator, header, 2 ); + mbedtls_sha512_update( &ctx->accumulator, p, use_len ); #else - sha256_update( &ctx->accumulator, header, 2 ); - sha256_update( &ctx->accumulator, p, use_len ); + mbedtls_sha256_update( &ctx->accumulator, header, 2 ); + mbedtls_sha256_update( &ctx->accumulator, p, use_len ); #endif return( 0 ); } -int entropy_update_manual( entropy_context *ctx, +int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, const unsigned char *data, size_t len ) { int ret; -#if defined(POLARSSL_THREADING_C) - if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 ) +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) return( ret ); #endif - ret = entropy_update( ctx, ENTROPY_SOURCE_MANUAL, data, len ); + ret = entropy_update( ctx, MBEDTLS_ENTROPY_SOURCE_MANUAL, data, len ); -#if defined(POLARSSL_THREADING_C) - if( polarssl_mutex_unlock( &ctx->mutex ) != 0 ) - return( POLARSSL_ERR_THREADING_MUTEX_ERROR ); +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); #endif return( ret ); @@ -192,23 +202,26 @@ int entropy_update_manual( entropy_context *ctx, /* * Run through the different sources to add entropy to our accumulator */ -static int entropy_gather_internal( entropy_context *ctx ) +static int entropy_gather_internal( mbedtls_entropy_context *ctx ) { - int ret, i; - unsigned char buf[ENTROPY_MAX_GATHER]; + int ret, i, have_one_strong = 0; + unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER]; size_t olen; if( ctx->source_count == 0 ) - return( POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED ); + return( MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED ); /* * Run through our entropy sources */ for( i = 0; i < ctx->source_count; i++ ) { + if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG ) + have_one_strong = 1; + olen = 0; if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source, - buf, ENTROPY_MAX_GATHER, &olen ) ) != 0 ) + buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen ) ) != 0 ) { return( ret ); } @@ -223,42 +236,45 @@ static int entropy_gather_internal( entropy_context *ctx ) } } + if( have_one_strong == 0 ) + return( MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE ); + return( 0 ); } /* * Thread-safe wrapper for entropy_gather_internal() */ -int entropy_gather( entropy_context *ctx ) +int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ) { int ret; -#if defined(POLARSSL_THREADING_C) - if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 ) +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) return( ret ); #endif ret = entropy_gather_internal( ctx ); -#if defined(POLARSSL_THREADING_C) - if( polarssl_mutex_unlock( &ctx->mutex ) != 0 ) - return( POLARSSL_ERR_THREADING_MUTEX_ERROR ); +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); #endif return( ret ); } -int entropy_func( void *data, unsigned char *output, size_t len ) +int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) { - int ret, count = 0, i, reached; - entropy_context *ctx = (entropy_context *) data; - unsigned char buf[ENTROPY_BLOCK_SIZE]; + int ret, count = 0, i, done; + mbedtls_entropy_context *ctx = (mbedtls_entropy_context *) data; + unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - if( len > ENTROPY_BLOCK_SIZE ) - return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); + if( len > MBEDTLS_ENTROPY_BLOCK_SIZE ) + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); -#if defined(POLARSSL_THREADING_C) - if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 ) +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) return( ret ); #endif @@ -269,52 +285,51 @@ int entropy_func( void *data, unsigned char *output, size_t len ) { if( count++ > ENTROPY_MAX_LOOP ) { - ret = POLARSSL_ERR_ENTROPY_SOURCE_FAILED; + ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; goto exit; } if( ( ret = entropy_gather_internal( ctx ) ) != 0 ) goto exit; - reached = 0; - + done = 1; for( i = 0; i < ctx->source_count; i++ ) - if( ctx->source[i].size >= ctx->source[i].threshold ) - reached++; + if( ctx->source[i].size < ctx->source[i].threshold ) + done = 0; } - while( reached != ctx->source_count ); + while( ! done ); - memset( buf, 0, ENTROPY_BLOCK_SIZE ); + memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); -#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) - sha512_finish( &ctx->accumulator, buf ); +#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) + mbedtls_sha512_finish( &ctx->accumulator, buf ); /* * Reset accumulator and counters and recycle existing entropy */ - memset( &ctx->accumulator, 0, sizeof( sha512_context ) ); - sha512_starts( &ctx->accumulator, 0 ); - sha512_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE ); + memset( &ctx->accumulator, 0, sizeof( mbedtls_sha512_context ) ); + mbedtls_sha512_starts( &ctx->accumulator, 0 ); + mbedtls_sha512_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ); /* * Perform second SHA-512 on entropy */ - sha512( buf, ENTROPY_BLOCK_SIZE, buf, 0 ); -#else /* POLARSSL_ENTROPY_SHA512_ACCUMULATOR */ - sha256_finish( &ctx->accumulator, buf ); + mbedtls_sha512( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 ); +#else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ + mbedtls_sha256_finish( &ctx->accumulator, buf ); /* * Reset accumulator and counters and recycle existing entropy */ - memset( &ctx->accumulator, 0, sizeof( sha256_context ) ); - sha256_starts( &ctx->accumulator, 0 ); - sha256_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE ); + memset( &ctx->accumulator, 0, sizeof( mbedtls_sha256_context ) ); + mbedtls_sha256_starts( &ctx->accumulator, 0 ); + mbedtls_sha256_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ); /* * Perform second SHA-256 on entropy */ - sha256( buf, ENTROPY_BLOCK_SIZE, buf, 0 ); -#endif /* POLARSSL_ENTROPY_SHA512_ACCUMULATOR */ + mbedtls_sha256( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 ); +#endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ for( i = 0; i < ctx->source_count; i++ ) ctx->source[i].size = 0; @@ -324,30 +339,30 @@ int entropy_func( void *data, unsigned char *output, size_t len ) ret = 0; exit: -#if defined(POLARSSL_THREADING_C) - if( polarssl_mutex_unlock( &ctx->mutex ) != 0 ) - return( POLARSSL_ERR_THREADING_MUTEX_ERROR ); +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); #endif return( ret ); } -#if defined(POLARSSL_FS_IO) -int entropy_write_seed_file( entropy_context *ctx, const char *path ) +#if defined(MBEDTLS_FS_IO) +int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path ) { - int ret = POLARSSL_ERR_ENTROPY_FILE_IO_ERROR; + int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; FILE *f; - unsigned char buf[ENTROPY_BLOCK_SIZE]; + unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; if( ( f = fopen( path, "wb" ) ) == NULL ) - return( POLARSSL_ERR_ENTROPY_FILE_IO_ERROR ); + return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR ); - if( ( ret = entropy_func( ctx, buf, ENTROPY_BLOCK_SIZE ) ) != 0 ) + if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) goto exit; - if( fwrite( buf, 1, ENTROPY_BLOCK_SIZE, f ) != ENTROPY_BLOCK_SIZE ) + if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE ) { - ret = POLARSSL_ERR_ENTROPY_FILE_IO_ERROR; + ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; goto exit; } @@ -358,37 +373,37 @@ exit: return( ret ); } -int entropy_update_seed_file( entropy_context *ctx, const char *path ) +int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path ) { FILE *f; size_t n; - unsigned char buf[ ENTROPY_MAX_SEED_SIZE ]; + unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ]; if( ( f = fopen( path, "rb" ) ) == NULL ) - return( POLARSSL_ERR_ENTROPY_FILE_IO_ERROR ); + return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR ); fseek( f, 0, SEEK_END ); n = (size_t) ftell( f ); fseek( f, 0, SEEK_SET ); - if( n > ENTROPY_MAX_SEED_SIZE ) - n = ENTROPY_MAX_SEED_SIZE; + if( n > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) + n = MBEDTLS_ENTROPY_MAX_SEED_SIZE; if( fread( buf, 1, n, f ) != n ) { fclose( f ); - return( POLARSSL_ERR_ENTROPY_FILE_IO_ERROR ); + return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR ); } fclose( f ); - entropy_update_manual( ctx, buf, n ); + mbedtls_entropy_update_manual( ctx, buf, n ); - return( entropy_write_seed_file( ctx, path ) ); + return( mbedtls_entropy_write_seed_file( ctx, path ) ); } -#endif /* POLARSSL_FS_IO */ +#endif /* MBEDTLS_FS_IO */ -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * Dummy source function */ @@ -408,31 +423,33 @@ static int entropy_dummy_source( void *data, unsigned char *output, * test that the functions don't cause errors and write the correct * amount of data to buffers. */ -int entropy_self_test( int verbose ) +int mbedtls_entropy_self_test( int verbose ) { int ret = 0; - entropy_context ctx; - unsigned char buf[ENTROPY_BLOCK_SIZE] = { 0 }; - unsigned char acc[ENTROPY_BLOCK_SIZE] = { 0 }; + mbedtls_entropy_context ctx; + unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; + unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; size_t i, j; if( verbose != 0 ) - polarssl_printf( " ENTROPY test: " ); + mbedtls_printf( " ENTROPY test: " ); - entropy_init( &ctx ); + mbedtls_entropy_init( &ctx ); - ret = entropy_add_source( &ctx, entropy_dummy_source, NULL, 16 ); - if( ret != 0 ) + /* First do a gather to make sure we have default sources */ + if( ( ret = mbedtls_entropy_gather( &ctx ) ) != 0 ) goto cleanup; - if( ( ret = entropy_gather( &ctx ) ) != 0 ) + ret = mbedtls_entropy_add_source( &ctx, entropy_dummy_source, NULL, 16, + MBEDTLS_ENTROPY_SOURCE_WEAK ); + if( ret != 0 ) goto cleanup; - if( ( ret = entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 ) + if( ( ret = mbedtls_entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 ) goto cleanup; /* - * To test that entropy_func writes correct number of bytes: + * To test that mbedtls_entropy_func writes correct number of bytes: * - use the whole buffer and rely on ASan to detect overruns * - collect entropy 8 times and OR the result in an accumulator: * any byte should then be 0 with probably 2^(-64), so requiring @@ -441,7 +458,7 @@ int entropy_self_test( int verbose ) */ for( i = 0; i < 8; i++ ) { - if( ( ret = entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 ) + if( ( ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 ) goto cleanup; for( j = 0; j < sizeof( buf ); j++ ) @@ -458,20 +475,20 @@ int entropy_self_test( int verbose ) } cleanup: - entropy_free( &ctx ); + mbedtls_entropy_free( &ctx ); if( verbose != 0 ) { if( ret != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); else - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); } return( ret != 0 ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_ENTROPY_C */ +#endif /* MBEDTLS_ENTROPY_C */ diff --git a/ext/mbedtls/library/entropy_poll.c b/ext/mbedtls/library/entropy_poll.c index e0f9ae2868..073acad8f9 100644 --- a/ext/mbedtls/library/entropy_poll.c +++ b/ext/mbedtls/library/entropy_poll.c @@ -20,26 +20,26 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_ENTROPY_C) +#if defined(MBEDTLS_ENTROPY_C) -#include "polarssl/entropy.h" -#include "polarssl/entropy_poll.h" +#include "mbedtls/entropy.h" +#include "mbedtls/entropy_poll.h" -#if defined(POLARSSL_TIMING_C) +#if defined(MBEDTLS_TIMING_C) #include -#include "polarssl/timing.h" +#include "mbedtls/timing.h" #endif -#if defined(POLARSSL_HAVEGE_C) -#include "polarssl/havege.h" +#if defined(MBEDTLS_HAVEGE_C) +#include "mbedtls/havege.h" #endif -#if !defined(POLARSSL_NO_PLATFORM_ENTROPY) +#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #if !defined(_WIN32_WINNT) @@ -48,7 +48,7 @@ #include #include -int platform_entropy_poll( void *data, unsigned char *output, size_t len, +int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len, size_t *olen ) { HCRYPTPROV provider; @@ -58,11 +58,11 @@ int platform_entropy_poll( void *data, unsigned char *output, size_t len, if( CryptAcquireContext( &provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE ) { - return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); } if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE ) - return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); CryptReleaseContext( provider, 0 ); *olen = len; @@ -77,13 +77,20 @@ int platform_entropy_poll( void *data, unsigned char *output, size_t len, * available in GNU libc and compatible libc's (eg uClibc). */ #if defined(__linux__) && defined(__GLIBC__) -#include #include #include #if defined(SYS_getrandom) #define HAVE_GETRANDOM + static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) { + /* MemSan cannot understand that the syscall writes to the buffer */ +#if defined(__has_feature) +#if __has_feature(memory_sanitizer) + memset( buf, 0, buflen ); +#endif +#endif + return( syscall( SYS_getrandom, buf, buflen, flags ) ); } @@ -129,7 +136,7 @@ static int has_getrandom = -1; #include -int platform_entropy_poll( void *data, +int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len, size_t *olen ) { FILE *file; @@ -145,7 +152,7 @@ int platform_entropy_poll( void *data, int ret; if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 ) - return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); *olen = ret; return( 0 ); @@ -156,13 +163,13 @@ int platform_entropy_poll( void *data, file = fopen( "/dev/urandom", "rb" ); if( file == NULL ) - return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); ret = fread( output, 1, len, file ); if( ret != len ) { fclose( file ); - return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); } fclose( file ); @@ -171,13 +178,13 @@ int platform_entropy_poll( void *data, return( 0 ); } #endif /* _WIN32 && !EFIX64 && !EFI32 */ -#endif /* !POLARSSL_NO_PLATFORM_ENTROPY */ +#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */ -#if defined(POLARSSL_TIMING_C) -int hardclock_poll( void *data, +#if defined(MBEDTLS_TIMING_C) +int mbedtls_hardclock_poll( void *data, unsigned char *output, size_t len, size_t *olen ) { - unsigned long timer = hardclock(); + unsigned long timer = mbedtls_timing_hardclock(); ((void) data); *olen = 0; @@ -189,22 +196,22 @@ int hardclock_poll( void *data, return( 0 ); } -#endif /* POLARSSL_TIMING_C */ +#endif /* MBEDTLS_TIMING_C */ -#if defined(POLARSSL_HAVEGE_C) -int havege_poll( void *data, +#if defined(MBEDTLS_HAVEGE_C) +int mbedtls_havege_poll( void *data, unsigned char *output, size_t len, size_t *olen ) { - havege_state *hs = (havege_state *) data; + mbedtls_havege_state *hs = (mbedtls_havege_state *) data; *olen = 0; - if( havege_random( hs, output, len ) != 0 ) - return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); + if( mbedtls_havege_random( hs, output, len ) != 0 ) + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); *olen = len; return( 0 ); } -#endif /* POLARSSL_HAVEGE_C */ +#endif /* MBEDTLS_HAVEGE_C */ -#endif /* POLARSSL_ENTROPY_C */ +#endif /* MBEDTLS_ENTROPY_C */ diff --git a/ext/mbedtls/library/error.c b/ext/mbedtls/library/error.c index 98fba5cbdf..e78057b494 100644 --- a/ext/mbedtls/library/error.c +++ b/ext/mbedtls/library/error.c @@ -20,173 +20,137 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_ERROR_C) || defined(POLARSSL_ERROR_STRERROR_DUMMY) -#include "polarssl/error.h" +#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY) +#include "mbedtls/error.h" #include #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else -#define polarssl_snprintf snprintf +#define mbedtls_snprintf snprintf #endif -#if defined(POLARSSL_ERROR_C) +#if defined(MBEDTLS_ERROR_C) #include -#if defined(POLARSSL_AES_C) -#include "polarssl/aes.h" +#if defined(MBEDTLS_AES_C) +#include "mbedtls/aes.h" #endif -#if defined(POLARSSL_BASE64_C) -#include "polarssl/base64.h" +#if defined(MBEDTLS_BASE64_C) +#include "mbedtls/base64.h" #endif -#if defined(POLARSSL_BIGNUM_C) -#include "polarssl/bignum.h" +#if defined(MBEDTLS_BIGNUM_C) +#include "mbedtls/bignum.h" #endif -#if defined(POLARSSL_BLOWFISH_C) -#include "polarssl/blowfish.h" +#if defined(MBEDTLS_BLOWFISH_C) +#include "mbedtls/blowfish.h" #endif -#if defined(POLARSSL_CAMELLIA_C) -#include "polarssl/camellia.h" +#if defined(MBEDTLS_CAMELLIA_C) +#include "mbedtls/camellia.h" #endif -#if defined(POLARSSL_CCM_C) -#include "polarssl/ccm.h" +#if defined(MBEDTLS_CCM_C) +#include "mbedtls/ccm.h" #endif -#if defined(POLARSSL_CIPHER_C) -#include "polarssl/cipher.h" +#if defined(MBEDTLS_CIPHER_C) +#include "mbedtls/cipher.h" #endif -#if defined(POLARSSL_CTR_DRBG_C) -#include "polarssl/ctr_drbg.h" +#if defined(MBEDTLS_CTR_DRBG_C) +#include "mbedtls/ctr_drbg.h" #endif -#if defined(POLARSSL_DES_C) -#include "polarssl/des.h" +#if defined(MBEDTLS_DES_C) +#include "mbedtls/des.h" #endif -#if defined(POLARSSL_DHM_C) -#include "polarssl/dhm.h" +#if defined(MBEDTLS_DHM_C) +#include "mbedtls/dhm.h" #endif -#if defined(POLARSSL_ECP_C) -#include "polarssl/ecp.h" +#if defined(MBEDTLS_ECP_C) +#include "mbedtls/ecp.h" #endif -#if defined(POLARSSL_ENTROPY_C) -#include "polarssl/entropy.h" +#if defined(MBEDTLS_ENTROPY_C) +#include "mbedtls/entropy.h" #endif -#if defined(POLARSSL_GCM_C) -#include "polarssl/gcm.h" +#if defined(MBEDTLS_GCM_C) +#include "mbedtls/gcm.h" #endif -#if defined(POLARSSL_HMAC_DRBG_C) -#include "polarssl/hmac_drbg.h" +#if defined(MBEDTLS_HMAC_DRBG_C) +#include "mbedtls/hmac_drbg.h" #endif -#if defined(POLARSSL_MD_C) -#include "polarssl/md.h" +#if defined(MBEDTLS_MD_C) +#include "mbedtls/md.h" #endif -#if defined(POLARSSL_MD2_C) -#include "polarssl/md2.h" +#if defined(MBEDTLS_NET_C) +#include "mbedtls/net.h" #endif -#if defined(POLARSSL_MD4_C) -#include "polarssl/md4.h" +#if defined(MBEDTLS_OID_C) +#include "mbedtls/oid.h" #endif -#if defined(POLARSSL_MD5_C) -#include "polarssl/md5.h" +#if defined(MBEDTLS_PADLOCK_C) +#include "mbedtls/padlock.h" #endif -#if defined(POLARSSL_NET_C) -#include "polarssl/net.h" +#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C) +#include "mbedtls/pem.h" #endif -#if defined(POLARSSL_OID_C) -#include "polarssl/oid.h" +#if defined(MBEDTLS_PK_C) +#include "mbedtls/pk.h" #endif -#if defined(POLARSSL_PADLOCK_C) -#include "polarssl/padlock.h" +#if defined(MBEDTLS_PKCS12_C) +#include "mbedtls/pkcs12.h" #endif -#if defined(POLARSSL_PBKDF2_C) -#include "polarssl/pbkdf2.h" +#if defined(MBEDTLS_PKCS5_C) +#include "mbedtls/pkcs5.h" #endif -#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C) -#include "polarssl/pem.h" +#if defined(MBEDTLS_RSA_C) +#include "mbedtls/rsa.h" #endif -#if defined(POLARSSL_PK_C) -#include "polarssl/pk.h" +#if defined(MBEDTLS_SSL_TLS_C) +#include "mbedtls/ssl.h" #endif -#if defined(POLARSSL_PKCS12_C) -#include "polarssl/pkcs12.h" +#if defined(MBEDTLS_THREADING_C) +#include "mbedtls/threading.h" #endif -#if defined(POLARSSL_PKCS5_C) -#include "polarssl/pkcs5.h" +#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) +#include "mbedtls/x509.h" #endif -#if defined(POLARSSL_RIPEMD160_C) -#include "polarssl/ripemd160.h" +#if defined(MBEDTLS_XTEA_C) +#include "mbedtls/xtea.h" #endif -#if defined(POLARSSL_RSA_C) -#include "polarssl/rsa.h" -#endif - -#if defined(POLARSSL_SHA1_C) -#include "polarssl/sha1.h" -#endif - -#if defined(POLARSSL_SHA256_C) -#include "polarssl/sha256.h" -#endif - -#if defined(POLARSSL_SHA512_C) -#include "polarssl/sha512.h" -#endif - -#if defined(POLARSSL_SSL_TLS_C) -#include "polarssl/ssl.h" -#endif - -#if defined(POLARSSL_THREADING_C) -#include "polarssl/threading.h" -#endif -#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) -#include "polarssl/x509.h" -#endif - -#if defined(POLARSSL_XTEA_C) -#include "polarssl/xtea.h" -#endif - -#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \ - !defined(EFI32) -#define snprintf _snprintf -#endif - -void polarssl_strerror( int ret, char *buf, size_t buflen ) +void mbedtls_strerror( int ret, char *buf, size_t buflen ) { size_t len; int use_ret; @@ -195,8 +159,6 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) return; memset( buf, 0x00, buflen ); - /* Reduce buflen to make sure MSVC _snprintf() ends with \0 as well */ - buflen -= 1; if( ret < 0 ) ret = -ret; @@ -208,299 +170,311 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) // High level error codes // // BEGIN generated code -#if defined(POLARSSL_CIPHER_C) - if( use_ret == -(POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE) ) - polarssl_snprintf( buf, buflen, "CIPHER - The selected feature is not available" ); - if( use_ret == -(POLARSSL_ERR_CIPHER_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "CIPHER - Bad input parameters to function" ); - if( use_ret == -(POLARSSL_ERR_CIPHER_ALLOC_FAILED) ) - polarssl_snprintf( buf, buflen, "CIPHER - Failed to allocate memory" ); - if( use_ret == -(POLARSSL_ERR_CIPHER_INVALID_PADDING) ) - polarssl_snprintf( buf, buflen, "CIPHER - Input data contains invalid padding and is rejected" ); - if( use_ret == -(POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED) ) - polarssl_snprintf( buf, buflen, "CIPHER - Decryption of block requires a full block" ); - if( use_ret == -(POLARSSL_ERR_CIPHER_AUTH_FAILED) ) - polarssl_snprintf( buf, buflen, "CIPHER - Authentication failed (for AEAD modes)" ); -#endif /* POLARSSL_CIPHER_C */ - -#if defined(POLARSSL_DHM_C) - if( use_ret == -(POLARSSL_ERR_DHM_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "DHM - Bad input parameters to function" ); - if( use_ret == -(POLARSSL_ERR_DHM_READ_PARAMS_FAILED) ) - polarssl_snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" ); - if( use_ret == -(POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED) ) - polarssl_snprintf( buf, buflen, "DHM - Making of the DHM parameters failed" ); - if( use_ret == -(POLARSSL_ERR_DHM_READ_PUBLIC_FAILED) ) - polarssl_snprintf( buf, buflen, "DHM - Reading of the public values failed" ); - if( use_ret == -(POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED) ) - polarssl_snprintf( buf, buflen, "DHM - Making of the public value failed" ); - if( use_ret == -(POLARSSL_ERR_DHM_CALC_SECRET_FAILED) ) - polarssl_snprintf( buf, buflen, "DHM - Calculation of the DHM secret failed" ); - if( use_ret == -(POLARSSL_ERR_DHM_INVALID_FORMAT) ) - polarssl_snprintf( buf, buflen, "DHM - The ASN.1 data is not formatted correctly" ); - if( use_ret == -(POLARSSL_ERR_DHM_MALLOC_FAILED) ) - polarssl_snprintf( buf, buflen, "DHM - Allocation of memory failed" ); - if( use_ret == -(POLARSSL_ERR_DHM_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "DHM - Read/write of file failed" ); -#endif /* POLARSSL_DHM_C */ - -#if defined(POLARSSL_ECP_C) - if( use_ret == -(POLARSSL_ERR_ECP_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "ECP - Bad input parameters to function" ); - if( use_ret == -(POLARSSL_ERR_ECP_BUFFER_TOO_SMALL) ) - polarssl_snprintf( buf, buflen, "ECP - The buffer is too small to write to" ); - if( use_ret == -(POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE) ) - polarssl_snprintf( buf, buflen, "ECP - Requested curve not available" ); - if( use_ret == -(POLARSSL_ERR_ECP_VERIFY_FAILED) ) - polarssl_snprintf( buf, buflen, "ECP - The signature is not valid" ); - if( use_ret == -(POLARSSL_ERR_ECP_MALLOC_FAILED) ) - polarssl_snprintf( buf, buflen, "ECP - Memory allocation failed" ); - if( use_ret == -(POLARSSL_ERR_ECP_RANDOM_FAILED) ) - polarssl_snprintf( buf, buflen, "ECP - Generation of random value, such as (ephemeral) key, failed" ); - if( use_ret == -(POLARSSL_ERR_ECP_INVALID_KEY) ) - polarssl_snprintf( buf, buflen, "ECP - Invalid private or public key" ); - if( use_ret == -(POLARSSL_ERR_ECP_SIG_LEN_MISMATCH) ) - polarssl_snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" ); -#endif /* POLARSSL_ECP_C */ - -#if defined(POLARSSL_MD_C) - if( use_ret == -(POLARSSL_ERR_MD_FEATURE_UNAVAILABLE) ) - polarssl_snprintf( buf, buflen, "MD - The selected feature is not available" ); - if( use_ret == -(POLARSSL_ERR_MD_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "MD - Bad input parameters to function" ); - if( use_ret == -(POLARSSL_ERR_MD_ALLOC_FAILED) ) - polarssl_snprintf( buf, buflen, "MD - Failed to allocate memory" ); - if( use_ret == -(POLARSSL_ERR_MD_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "MD - Opening or reading of file failed" ); -#endif /* POLARSSL_MD_C */ - -#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C) - if( use_ret == -(POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT) ) - polarssl_snprintf( buf, buflen, "PEM - No PEM header or footer found" ); - if( use_ret == -(POLARSSL_ERR_PEM_INVALID_DATA) ) - polarssl_snprintf( buf, buflen, "PEM - PEM string is not as expected" ); - if( use_ret == -(POLARSSL_ERR_PEM_MALLOC_FAILED) ) - polarssl_snprintf( buf, buflen, "PEM - Failed to allocate memory" ); - if( use_ret == -(POLARSSL_ERR_PEM_INVALID_ENC_IV) ) - polarssl_snprintf( buf, buflen, "PEM - RSA IV is not in hex-format" ); - if( use_ret == -(POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG) ) - polarssl_snprintf( buf, buflen, "PEM - Unsupported key encryption algorithm" ); - if( use_ret == -(POLARSSL_ERR_PEM_PASSWORD_REQUIRED) ) - polarssl_snprintf( buf, buflen, "PEM - Private key password can't be empty" ); - if( use_ret == -(POLARSSL_ERR_PEM_PASSWORD_MISMATCH) ) - polarssl_snprintf( buf, buflen, "PEM - Given private key password does not allow for correct decryption" ); - if( use_ret == -(POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE) ) - polarssl_snprintf( buf, buflen, "PEM - Unavailable feature, e.g. hashing/encryption combination" ); - if( use_ret == -(POLARSSL_ERR_PEM_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "PEM - Bad input parameters to function" ); -#endif /* POLARSSL_PEM_PARSE_C || POLARSSL_PEM_WRITE_C */ - -#if defined(POLARSSL_PK_C) - if( use_ret == -(POLARSSL_ERR_PK_MALLOC_FAILED) ) - polarssl_snprintf( buf, buflen, "PK - Memory alloation failed" ); - if( use_ret == -(POLARSSL_ERR_PK_TYPE_MISMATCH) ) - polarssl_snprintf( buf, buflen, "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" ); - if( use_ret == -(POLARSSL_ERR_PK_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "PK - Bad input parameters to function" ); - if( use_ret == -(POLARSSL_ERR_PK_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "PK - Read/write of file failed" ); - if( use_ret == -(POLARSSL_ERR_PK_KEY_INVALID_VERSION) ) - polarssl_snprintf( buf, buflen, "PK - Unsupported key version" ); - if( use_ret == -(POLARSSL_ERR_PK_KEY_INVALID_FORMAT) ) - polarssl_snprintf( buf, buflen, "PK - Invalid key tag or value" ); - if( use_ret == -(POLARSSL_ERR_PK_UNKNOWN_PK_ALG) ) - polarssl_snprintf( buf, buflen, "PK - Key algorithm is unsupported (only RSA and EC are supported)" ); - if( use_ret == -(POLARSSL_ERR_PK_PASSWORD_REQUIRED) ) - polarssl_snprintf( buf, buflen, "PK - Private key password can't be empty" ); - if( use_ret == -(POLARSSL_ERR_PK_PASSWORD_MISMATCH) ) - polarssl_snprintf( buf, buflen, "PK - Given private key password does not allow for correct decryption" ); - if( use_ret == -(POLARSSL_ERR_PK_INVALID_PUBKEY) ) - polarssl_snprintf( buf, buflen, "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" ); - if( use_ret == -(POLARSSL_ERR_PK_INVALID_ALG) ) - polarssl_snprintf( buf, buflen, "PK - The algorithm tag or value is invalid" ); - if( use_ret == -(POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE) ) - polarssl_snprintf( buf, buflen, "PK - Elliptic curve is unsupported (only NIST curves are supported)" ); - if( use_ret == -(POLARSSL_ERR_PK_FEATURE_UNAVAILABLE) ) - polarssl_snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" ); - if( use_ret == -(POLARSSL_ERR_PK_SIG_LEN_MISMATCH) ) - polarssl_snprintf( buf, buflen, "PK - The signature is valid but its length is less than expected" ); -#endif /* POLARSSL_PK_C */ - -#if defined(POLARSSL_PKCS12_C) - if( use_ret == -(POLARSSL_ERR_PKCS12_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "PKCS12 - Bad input parameters to function" ); - if( use_ret == -(POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE) ) - polarssl_snprintf( buf, buflen, "PKCS12 - Feature not available, e.g. unsupported encryption scheme" ); - if( use_ret == -(POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT) ) - polarssl_snprintf( buf, buflen, "PKCS12 - PBE ASN.1 data not as expected" ); - if( use_ret == -(POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH) ) - polarssl_snprintf( buf, buflen, "PKCS12 - Given private key password does not allow for correct decryption" ); -#endif /* POLARSSL_PKCS12_C */ - -#if defined(POLARSSL_PKCS5_C) - if( use_ret == -(POLARSSL_ERR_PKCS5_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "PKCS5 - Bad input parameters to function" ); - if( use_ret == -(POLARSSL_ERR_PKCS5_INVALID_FORMAT) ) - polarssl_snprintf( buf, buflen, "PKCS5 - Unexpected ASN.1 data" ); - if( use_ret == -(POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE) ) - polarssl_snprintf( buf, buflen, "PKCS5 - Requested encryption or digest alg not available" ); - if( use_ret == -(POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH) ) - polarssl_snprintf( buf, buflen, "PKCS5 - Given private key password does not allow for correct decryption" ); -#endif /* POLARSSL_PKCS5_C */ - -#if defined(POLARSSL_RSA_C) - if( use_ret == -(POLARSSL_ERR_RSA_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "RSA - Bad input parameters to function" ); - if( use_ret == -(POLARSSL_ERR_RSA_INVALID_PADDING) ) - polarssl_snprintf( buf, buflen, "RSA - Input data contains invalid padding and is rejected" ); - if( use_ret == -(POLARSSL_ERR_RSA_KEY_GEN_FAILED) ) - polarssl_snprintf( buf, buflen, "RSA - Something failed during generation of a key" ); - if( use_ret == -(POLARSSL_ERR_RSA_KEY_CHECK_FAILED) ) - polarssl_snprintf( buf, buflen, "RSA - Key failed to pass the library's validity check" ); - if( use_ret == -(POLARSSL_ERR_RSA_PUBLIC_FAILED) ) - polarssl_snprintf( buf, buflen, "RSA - The public key operation failed" ); - if( use_ret == -(POLARSSL_ERR_RSA_PRIVATE_FAILED) ) - polarssl_snprintf( buf, buflen, "RSA - The private key operation failed" ); - if( use_ret == -(POLARSSL_ERR_RSA_VERIFY_FAILED) ) - polarssl_snprintf( buf, buflen, "RSA - The PKCS#1 verification failed" ); - if( use_ret == -(POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE) ) - polarssl_snprintf( buf, buflen, "RSA - The output buffer for decryption is not large enough" ); - if( use_ret == -(POLARSSL_ERR_RSA_RNG_FAILED) ) - polarssl_snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" ); -#endif /* POLARSSL_RSA_C */ - -#if defined(POLARSSL_SSL_TLS_C) - if( use_ret == -(POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE) ) - polarssl_snprintf( buf, buflen, "SSL - The requested feature is not available" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "SSL - Bad input parameters to function" ); - if( use_ret == -(POLARSSL_ERR_SSL_INVALID_MAC) ) - polarssl_snprintf( buf, buflen, "SSL - Verification of the message MAC failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_INVALID_RECORD) ) - polarssl_snprintf( buf, buflen, "SSL - An invalid SSL record was received" ); - if( use_ret == -(POLARSSL_ERR_SSL_CONN_EOF) ) - polarssl_snprintf( buf, buflen, "SSL - The connection indicated an EOF" ); - if( use_ret == -(POLARSSL_ERR_SSL_UNKNOWN_CIPHER) ) - polarssl_snprintf( buf, buflen, "SSL - An unknown cipher was received" ); - if( use_ret == -(POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN) ) - polarssl_snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" ); - if( use_ret == -(POLARSSL_ERR_SSL_NO_RNG) ) - polarssl_snprintf( buf, buflen, "SSL - No RNG was provided to the SSL module" ); - if( use_ret == -(POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE) ) - polarssl_snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" ); - if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE) ) - polarssl_snprintf( buf, buflen, "SSL - Our own certificate(s) is/are too large to send in an SSL message" ); - if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED) ) - polarssl_snprintf( buf, buflen, "SSL - The own certificate is not set, but needed by the server" ); - if( use_ret == -(POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED) ) - polarssl_snprintf( buf, buflen, "SSL - The own private key or pre-shared key is not set, but needed" ); - if( use_ret == -(POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED) ) - polarssl_snprintf( buf, buflen, "SSL - No CA Chain is set, but required to operate" ); - if( use_ret == -(POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE) ) - polarssl_snprintf( buf, buflen, "SSL - An unexpected message was received from our peer" ); - if( use_ret == -(POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE) ) +#if defined(MBEDTLS_CIPHER_C) + if( use_ret == -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) ) + mbedtls_snprintf( buf, buflen, "CIPHER - The selected feature is not available" ); + if( use_ret == -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "CIPHER - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_CIPHER_ALLOC_FAILED) ) + mbedtls_snprintf( buf, buflen, "CIPHER - Failed to allocate memory" ); + if( use_ret == -(MBEDTLS_ERR_CIPHER_INVALID_PADDING) ) + mbedtls_snprintf( buf, buflen, "CIPHER - Input data contains invalid padding and is rejected" ); + if( use_ret == -(MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED) ) + mbedtls_snprintf( buf, buflen, "CIPHER - Decryption of block requires a full block" ); + if( use_ret == -(MBEDTLS_ERR_CIPHER_AUTH_FAILED) ) + mbedtls_snprintf( buf, buflen, "CIPHER - Authentication failed (for AEAD modes)" ); +#endif /* MBEDTLS_CIPHER_C */ + +#if defined(MBEDTLS_DHM_C) + if( use_ret == -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "DHM - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED) ) + mbedtls_snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" ); + if( use_ret == -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED) ) + mbedtls_snprintf( buf, buflen, "DHM - Making of the DHM parameters failed" ); + if( use_ret == -(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED) ) + mbedtls_snprintf( buf, buflen, "DHM - Reading of the public values failed" ); + if( use_ret == -(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED) ) + mbedtls_snprintf( buf, buflen, "DHM - Making of the public value failed" ); + if( use_ret == -(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED) ) + mbedtls_snprintf( buf, buflen, "DHM - Calculation of the DHM secret failed" ); + if( use_ret == -(MBEDTLS_ERR_DHM_INVALID_FORMAT) ) + mbedtls_snprintf( buf, buflen, "DHM - The ASN.1 data is not formatted correctly" ); + if( use_ret == -(MBEDTLS_ERR_DHM_ALLOC_FAILED) ) + mbedtls_snprintf( buf, buflen, "DHM - Allocation of memory failed" ); + if( use_ret == -(MBEDTLS_ERR_DHM_FILE_IO_ERROR) ) + mbedtls_snprintf( buf, buflen, "DHM - Read/write of file failed" ); +#endif /* MBEDTLS_DHM_C */ + +#if defined(MBEDTLS_ECP_C) + if( use_ret == -(MBEDTLS_ERR_ECP_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "ECP - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL) ) + mbedtls_snprintf( buf, buflen, "ECP - The buffer is too small to write to" ); + if( use_ret == -(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE) ) + mbedtls_snprintf( buf, buflen, "ECP - Requested curve not available" ); + if( use_ret == -(MBEDTLS_ERR_ECP_VERIFY_FAILED) ) + mbedtls_snprintf( buf, buflen, "ECP - The signature is not valid" ); + if( use_ret == -(MBEDTLS_ERR_ECP_ALLOC_FAILED) ) + mbedtls_snprintf( buf, buflen, "ECP - Memory allocation failed" ); + if( use_ret == -(MBEDTLS_ERR_ECP_RANDOM_FAILED) ) + mbedtls_snprintf( buf, buflen, "ECP - Generation of random value, such as (ephemeral) key, failed" ); + if( use_ret == -(MBEDTLS_ERR_ECP_INVALID_KEY) ) + mbedtls_snprintf( buf, buflen, "ECP - Invalid private or public key" ); + if( use_ret == -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) ) + mbedtls_snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" ); +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_MD_C) + if( use_ret == -(MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE) ) + mbedtls_snprintf( buf, buflen, "MD - The selected feature is not available" ); + if( use_ret == -(MBEDTLS_ERR_MD_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "MD - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_MD_ALLOC_FAILED) ) + mbedtls_snprintf( buf, buflen, "MD - Failed to allocate memory" ); + if( use_ret == -(MBEDTLS_ERR_MD_FILE_IO_ERROR) ) + mbedtls_snprintf( buf, buflen, "MD - Opening or reading of file failed" ); +#endif /* MBEDTLS_MD_C */ + +#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C) + if( use_ret == -(MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) ) + mbedtls_snprintf( buf, buflen, "PEM - No PEM header or footer found" ); + if( use_ret == -(MBEDTLS_ERR_PEM_INVALID_DATA) ) + mbedtls_snprintf( buf, buflen, "PEM - PEM string is not as expected" ); + if( use_ret == -(MBEDTLS_ERR_PEM_ALLOC_FAILED) ) + mbedtls_snprintf( buf, buflen, "PEM - Failed to allocate memory" ); + if( use_ret == -(MBEDTLS_ERR_PEM_INVALID_ENC_IV) ) + mbedtls_snprintf( buf, buflen, "PEM - RSA IV is not in hex-format" ); + if( use_ret == -(MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG) ) + mbedtls_snprintf( buf, buflen, "PEM - Unsupported key encryption algorithm" ); + if( use_ret == -(MBEDTLS_ERR_PEM_PASSWORD_REQUIRED) ) + mbedtls_snprintf( buf, buflen, "PEM - Private key password can't be empty" ); + if( use_ret == -(MBEDTLS_ERR_PEM_PASSWORD_MISMATCH) ) + mbedtls_snprintf( buf, buflen, "PEM - Given private key password does not allow for correct decryption" ); + if( use_ret == -(MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE) ) + mbedtls_snprintf( buf, buflen, "PEM - Unavailable feature, e.g. hashing/encryption combination" ); + if( use_ret == -(MBEDTLS_ERR_PEM_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "PEM - Bad input parameters to function" ); +#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */ + +#if defined(MBEDTLS_PK_C) + if( use_ret == -(MBEDTLS_ERR_PK_ALLOC_FAILED) ) + mbedtls_snprintf( buf, buflen, "PK - Memory allocation failed" ); + if( use_ret == -(MBEDTLS_ERR_PK_TYPE_MISMATCH) ) + mbedtls_snprintf( buf, buflen, "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" ); + if( use_ret == -(MBEDTLS_ERR_PK_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "PK - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_PK_FILE_IO_ERROR) ) + mbedtls_snprintf( buf, buflen, "PK - Read/write of file failed" ); + if( use_ret == -(MBEDTLS_ERR_PK_KEY_INVALID_VERSION) ) + mbedtls_snprintf( buf, buflen, "PK - Unsupported key version" ); + if( use_ret == -(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT) ) + mbedtls_snprintf( buf, buflen, "PK - Invalid key tag or value" ); + if( use_ret == -(MBEDTLS_ERR_PK_UNKNOWN_PK_ALG) ) + mbedtls_snprintf( buf, buflen, "PK - Key algorithm is unsupported (only RSA and EC are supported)" ); + if( use_ret == -(MBEDTLS_ERR_PK_PASSWORD_REQUIRED) ) + mbedtls_snprintf( buf, buflen, "PK - Private key password can't be empty" ); + if( use_ret == -(MBEDTLS_ERR_PK_PASSWORD_MISMATCH) ) + mbedtls_snprintf( buf, buflen, "PK - Given private key password does not allow for correct decryption" ); + if( use_ret == -(MBEDTLS_ERR_PK_INVALID_PUBKEY) ) + mbedtls_snprintf( buf, buflen, "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" ); + if( use_ret == -(MBEDTLS_ERR_PK_INVALID_ALG) ) + mbedtls_snprintf( buf, buflen, "PK - The algorithm tag or value is invalid" ); + if( use_ret == -(MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE) ) + mbedtls_snprintf( buf, buflen, "PK - Elliptic curve is unsupported (only NIST curves are supported)" ); + if( use_ret == -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) ) + mbedtls_snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" ); + if( use_ret == -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH) ) + mbedtls_snprintf( buf, buflen, "PK - The signature is valid but its length is less than expected" ); +#endif /* MBEDTLS_PK_C */ + +#if defined(MBEDTLS_PKCS12_C) + if( use_ret == -(MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "PKCS12 - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE) ) + mbedtls_snprintf( buf, buflen, "PKCS12 - Feature not available, e.g. unsupported encryption scheme" ); + if( use_ret == -(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT) ) + mbedtls_snprintf( buf, buflen, "PKCS12 - PBE ASN.1 data not as expected" ); + if( use_ret == -(MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH) ) + mbedtls_snprintf( buf, buflen, "PKCS12 - Given private key password does not allow for correct decryption" ); +#endif /* MBEDTLS_PKCS12_C */ + +#if defined(MBEDTLS_PKCS5_C) + if( use_ret == -(MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "PKCS5 - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_PKCS5_INVALID_FORMAT) ) + mbedtls_snprintf( buf, buflen, "PKCS5 - Unexpected ASN.1 data" ); + if( use_ret == -(MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE) ) + mbedtls_snprintf( buf, buflen, "PKCS5 - Requested encryption or digest alg not available" ); + if( use_ret == -(MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH) ) + mbedtls_snprintf( buf, buflen, "PKCS5 - Given private key password does not allow for correct decryption" ); +#endif /* MBEDTLS_PKCS5_C */ + +#if defined(MBEDTLS_RSA_C) + if( use_ret == -(MBEDTLS_ERR_RSA_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "RSA - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_RSA_INVALID_PADDING) ) + mbedtls_snprintf( buf, buflen, "RSA - Input data contains invalid padding and is rejected" ); + if( use_ret == -(MBEDTLS_ERR_RSA_KEY_GEN_FAILED) ) + mbedtls_snprintf( buf, buflen, "RSA - Something failed during generation of a key" ); + if( use_ret == -(MBEDTLS_ERR_RSA_KEY_CHECK_FAILED) ) + mbedtls_snprintf( buf, buflen, "RSA - Key failed to pass the library's validity check" ); + if( use_ret == -(MBEDTLS_ERR_RSA_PUBLIC_FAILED) ) + mbedtls_snprintf( buf, buflen, "RSA - The public key operation failed" ); + if( use_ret == -(MBEDTLS_ERR_RSA_PRIVATE_FAILED) ) + mbedtls_snprintf( buf, buflen, "RSA - The private key operation failed" ); + if( use_ret == -(MBEDTLS_ERR_RSA_VERIFY_FAILED) ) + mbedtls_snprintf( buf, buflen, "RSA - The PKCS#1 verification failed" ); + if( use_ret == -(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE) ) + mbedtls_snprintf( buf, buflen, "RSA - The output buffer for decryption is not large enough" ); + if( use_ret == -(MBEDTLS_ERR_RSA_RNG_FAILED) ) + mbedtls_snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" ); +#endif /* MBEDTLS_RSA_C */ + +#if defined(MBEDTLS_SSL_TLS_C) + if( use_ret == -(MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE) ) + mbedtls_snprintf( buf, buflen, "SSL - The requested feature is not available" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "SSL - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_MAC) ) + mbedtls_snprintf( buf, buflen, "SSL - Verification of the message MAC failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_RECORD) ) + mbedtls_snprintf( buf, buflen, "SSL - An invalid SSL record was received" ); + if( use_ret == -(MBEDTLS_ERR_SSL_CONN_EOF) ) + mbedtls_snprintf( buf, buflen, "SSL - The connection indicated an EOF" ); + if( use_ret == -(MBEDTLS_ERR_SSL_UNKNOWN_CIPHER) ) + mbedtls_snprintf( buf, buflen, "SSL - An unknown cipher was received" ); + if( use_ret == -(MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN) ) + mbedtls_snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" ); + if( use_ret == -(MBEDTLS_ERR_SSL_NO_RNG) ) + mbedtls_snprintf( buf, buflen, "SSL - No RNG was provided to the SSL module" ); + if( use_ret == -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE) ) + mbedtls_snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" ); + if( use_ret == -(MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE) ) + mbedtls_snprintf( buf, buflen, "SSL - Our own certificate(s) is/are too large to send in an SSL message" ); + if( use_ret == -(MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED) ) + mbedtls_snprintf( buf, buflen, "SSL - The own certificate is not set, but needed by the server" ); + if( use_ret == -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED) ) + mbedtls_snprintf( buf, buflen, "SSL - The own private key or pre-shared key is not set, but needed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED) ) + mbedtls_snprintf( buf, buflen, "SSL - No CA Chain is set, but required to operate" ); + if( use_ret == -(MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE) ) + mbedtls_snprintf( buf, buflen, "SSL - An unexpected message was received from our peer" ); + if( use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE) ) { - polarssl_snprintf( buf, buflen, "SSL - A fatal alert message was received from our peer" ); + mbedtls_snprintf( buf, buflen, "SSL - A fatal alert message was received from our peer" ); return; } - if( use_ret == -(POLARSSL_ERR_SSL_PEER_VERIFY_FAILED) ) - polarssl_snprintf( buf, buflen, "SSL - Verification of our peer failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY) ) - polarssl_snprintf( buf, buflen, "SSL - The peer notified us that the connection is going to be closed" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the ClientHello handshake message failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the ServerHello handshake message failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the Certificate handshake message failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the CertificateRequest handshake message failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the ServerKeyExchange handshake message failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the ServerHelloDone handshake message failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the CertificateVerify handshake message failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_FINISHED) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_MALLOC_FAILED) ) - polarssl_snprintf( buf, buflen, "SSL - Memory allocation failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_HW_ACCEL_FAILED) ) - polarssl_snprintf( buf, buflen, "SSL - Hardware acceleration function returned with error" ); - if( use_ret == -(POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH) ) - polarssl_snprintf( buf, buflen, "SSL - Hardware acceleration function skipped / left alone data" ); - if( use_ret == -(POLARSSL_ERR_SSL_COMPRESSION_FAILED) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the compression / decompression failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION) ) - polarssl_snprintf( buf, buflen, "SSL - Handshake protocol not within min/max boundaries" ); - if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET) ) - polarssl_snprintf( buf, buflen, "SSL - Processing of the NewSessionTicket handshake message failed" ); - if( use_ret == -(POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED) ) - polarssl_snprintf( buf, buflen, "SSL - Session ticket has expired" ); - if( use_ret == -(POLARSSL_ERR_SSL_PK_TYPE_MISMATCH) ) - polarssl_snprintf( buf, buflen, "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" ); - if( use_ret == -(POLARSSL_ERR_SSL_UNKNOWN_IDENTITY) ) - polarssl_snprintf( buf, buflen, "SSL - Unknown identity received (eg, PSK identity)" ); - if( use_ret == -(POLARSSL_ERR_SSL_INTERNAL_ERROR) ) - polarssl_snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" ); - if( use_ret == -(POLARSSL_ERR_SSL_COUNTER_WRAPPING) ) - polarssl_snprintf( buf, buflen, "SSL - A counter would wrap (eg, too many messages exchanged)" ); - if( use_ret == -(POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO) ) - polarssl_snprintf( buf, buflen, "SSL - Unexpected message at ServerHello in renegotiation" ); - if( use_ret == -(POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE) ) - polarssl_snprintf( buf, buflen, "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)" ); -#endif /* POLARSSL_SSL_TLS_C */ - -#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) - if( use_ret == -(POLARSSL_ERR_X509_FEATURE_UNAVAILABLE) ) - polarssl_snprintf( buf, buflen, "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" ); - if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_OID) ) - polarssl_snprintf( buf, buflen, "X509 - Requested OID is unknown" ); - if( use_ret == -(POLARSSL_ERR_X509_INVALID_FORMAT) ) - polarssl_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" ); - if( use_ret == -(POLARSSL_ERR_X509_INVALID_VERSION) ) - polarssl_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR version element is invalid" ); - if( use_ret == -(POLARSSL_ERR_X509_INVALID_SERIAL) ) - polarssl_snprintf( buf, buflen, "X509 - The serial tag or value is invalid" ); - if( use_ret == -(POLARSSL_ERR_X509_INVALID_ALG) ) - polarssl_snprintf( buf, buflen, "X509 - The algorithm tag or value is invalid" ); - if( use_ret == -(POLARSSL_ERR_X509_INVALID_NAME) ) - polarssl_snprintf( buf, buflen, "X509 - The name tag or value is invalid" ); - if( use_ret == -(POLARSSL_ERR_X509_INVALID_DATE) ) - polarssl_snprintf( buf, buflen, "X509 - The date tag or value is invalid" ); - if( use_ret == -(POLARSSL_ERR_X509_INVALID_SIGNATURE) ) - polarssl_snprintf( buf, buflen, "X509 - The signature tag or value invalid" ); - if( use_ret == -(POLARSSL_ERR_X509_INVALID_EXTENSIONS) ) - polarssl_snprintf( buf, buflen, "X509 - The extension tag or value is invalid" ); - if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_VERSION) ) - polarssl_snprintf( buf, buflen, "X509 - CRT/CRL/CSR has an unsupported version number" ); - if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_SIG_ALG) ) - polarssl_snprintf( buf, buflen, "X509 - Signature algorithm (oid) is unsupported" ); - if( use_ret == -(POLARSSL_ERR_X509_SIG_MISMATCH) ) - polarssl_snprintf( buf, buflen, "X509 - Signature algorithms do not match. (see \\c ::x509_crt sig_oid)" ); - if( use_ret == -(POLARSSL_ERR_X509_CERT_VERIFY_FAILED) ) - polarssl_snprintf( buf, buflen, "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" ); - if( use_ret == -(POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT) ) - polarssl_snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" ); - if( use_ret == -(POLARSSL_ERR_X509_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "X509 - Input invalid" ); - if( use_ret == -(POLARSSL_ERR_X509_MALLOC_FAILED) ) - polarssl_snprintf( buf, buflen, "X509 - Allocation of memory failed" ); - if( use_ret == -(POLARSSL_ERR_X509_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "X509 - Read/write of file failed" ); -#endif /* POLARSSL_X509_USE,X509_CREATE_C */ + if( use_ret == -(MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED) ) + mbedtls_snprintf( buf, buflen, "SSL - Verification of our peer failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) ) + mbedtls_snprintf( buf, buflen, "SSL - The peer notified us that the connection is going to be closed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientHello handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerHello handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the Certificate handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the CertificateRequest handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerKeyExchange handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerHelloDone handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the CertificateVerify handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_FINISHED) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_ALLOC_FAILED) ) + mbedtls_snprintf( buf, buflen, "SSL - Memory allocation failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_HW_ACCEL_FAILED) ) + mbedtls_snprintf( buf, buflen, "SSL - Hardware acceleration function returned with error" ); + if( use_ret == -(MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH) ) + mbedtls_snprintf( buf, buflen, "SSL - Hardware acceleration function skipped / left alone data" ); + if( use_ret == -(MBEDTLS_ERR_SSL_COMPRESSION_FAILED) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the compression / decompression failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION) ) + mbedtls_snprintf( buf, buflen, "SSL - Handshake protocol not within min/max boundaries" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET) ) + mbedtls_snprintf( buf, buflen, "SSL - Processing of the NewSessionTicket handshake message failed" ); + if( use_ret == -(MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED) ) + mbedtls_snprintf( buf, buflen, "SSL - Session ticket has expired" ); + if( use_ret == -(MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH) ) + mbedtls_snprintf( buf, buflen, "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" ); + if( use_ret == -(MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY) ) + mbedtls_snprintf( buf, buflen, "SSL - Unknown identity received (eg, PSK identity)" ); + if( use_ret == -(MBEDTLS_ERR_SSL_INTERNAL_ERROR) ) + mbedtls_snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" ); + if( use_ret == -(MBEDTLS_ERR_SSL_COUNTER_WRAPPING) ) + mbedtls_snprintf( buf, buflen, "SSL - A counter would wrap (eg, too many messages exchanged)" ); + if( use_ret == -(MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO) ) + mbedtls_snprintf( buf, buflen, "SSL - Unexpected message at ServerHello in renegotiation" ); + if( use_ret == -(MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) ) + mbedtls_snprintf( buf, buflen, "SSL - DTLS client must retry for hello verification" ); + if( use_ret == -(MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) ) + mbedtls_snprintf( buf, buflen, "SSL - A buffer is too small to receive or write a message" ); + if( use_ret == -(MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE) ) + mbedtls_snprintf( buf, buflen, "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)" ); + if( use_ret == -(MBEDTLS_ERR_SSL_WANT_READ) ) + mbedtls_snprintf( buf, buflen, "SSL - Connection requires a read call" ); + if( use_ret == -(MBEDTLS_ERR_SSL_WANT_WRITE) ) + mbedtls_snprintf( buf, buflen, "SSL - Connection requires a write call" ); + if( use_ret == -(MBEDTLS_ERR_SSL_TIMEOUT) ) + mbedtls_snprintf( buf, buflen, "SSL - The operation timed out" ); +#endif /* MBEDTLS_SSL_TLS_C */ + +#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) + if( use_ret == -(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) ) + mbedtls_snprintf( buf, buflen, "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" ); + if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_OID) ) + mbedtls_snprintf( buf, buflen, "X509 - Requested OID is unknown" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_FORMAT) ) + mbedtls_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_VERSION) ) + mbedtls_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR version element is invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_SERIAL) ) + mbedtls_snprintf( buf, buflen, "X509 - The serial tag or value is invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_ALG) ) + mbedtls_snprintf( buf, buflen, "X509 - The algorithm tag or value is invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_NAME) ) + mbedtls_snprintf( buf, buflen, "X509 - The name tag or value is invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_DATE) ) + mbedtls_snprintf( buf, buflen, "X509 - The date tag or value is invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_SIGNATURE) ) + mbedtls_snprintf( buf, buflen, "X509 - The signature tag or value invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_INVALID_EXTENSIONS) ) + mbedtls_snprintf( buf, buflen, "X509 - The extension tag or value is invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_VERSION) ) + mbedtls_snprintf( buf, buflen, "X509 - CRT/CRL/CSR has an unsupported version number" ); + if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG) ) + mbedtls_snprintf( buf, buflen, "X509 - Signature algorithm (oid) is unsupported" ); + if( use_ret == -(MBEDTLS_ERR_X509_SIG_MISMATCH) ) + mbedtls_snprintf( buf, buflen, "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)" ); + if( use_ret == -(MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) ) + mbedtls_snprintf( buf, buflen, "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" ); + if( use_ret == -(MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT) ) + mbedtls_snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" ); + if( use_ret == -(MBEDTLS_ERR_X509_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "X509 - Input invalid" ); + if( use_ret == -(MBEDTLS_ERR_X509_ALLOC_FAILED) ) + mbedtls_snprintf( buf, buflen, "X509 - Allocation of memory failed" ); + if( use_ret == -(MBEDTLS_ERR_X509_FILE_IO_ERROR) ) + mbedtls_snprintf( buf, buflen, "X509 - Read/write of file failed" ); + if( use_ret == -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL) ) + mbedtls_snprintf( buf, buflen, "X509 - Destination buffer is too small" ); +#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */ // END generated code if( strlen( buf ) == 0 ) - polarssl_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); + mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); } use_ret = ret & ~0xFF80; @@ -518,7 +492,7 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) if( buflen - len < 5 ) return; - polarssl_snprintf( buf + len, buflen - len, " : " ); + mbedtls_snprintf( buf + len, buflen - len, " : " ); buf += len + 3; buflen -= len + 3; @@ -527,235 +501,190 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) // Low level error codes // // BEGIN generated code -#if defined(POLARSSL_AES_C) - if( use_ret == -(POLARSSL_ERR_AES_INVALID_KEY_LENGTH) ) - polarssl_snprintf( buf, buflen, "AES - Invalid key length" ); - if( use_ret == -(POLARSSL_ERR_AES_INVALID_INPUT_LENGTH) ) - polarssl_snprintf( buf, buflen, "AES - Invalid data input length" ); -#endif /* POLARSSL_AES_C */ - -#if defined(POLARSSL_ASN1_PARSE_C) - if( use_ret == -(POLARSSL_ERR_ASN1_OUT_OF_DATA) ) - polarssl_snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" ); - if( use_ret == -(POLARSSL_ERR_ASN1_UNEXPECTED_TAG) ) - polarssl_snprintf( buf, buflen, "ASN1 - ASN1 tag was of an unexpected value" ); - if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_LENGTH) ) - polarssl_snprintf( buf, buflen, "ASN1 - Error when trying to determine the length or invalid length" ); - if( use_ret == -(POLARSSL_ERR_ASN1_LENGTH_MISMATCH) ) - polarssl_snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" ); - if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_DATA) ) - polarssl_snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" ); - if( use_ret == -(POLARSSL_ERR_ASN1_MALLOC_FAILED) ) - polarssl_snprintf( buf, buflen, "ASN1 - Memory allocation failed" ); - if( use_ret == -(POLARSSL_ERR_ASN1_BUF_TOO_SMALL) ) - polarssl_snprintf( buf, buflen, "ASN1 - Buffer too small when writing ASN.1 data structure" ); -#endif /* POLARSSL_ASN1_PARSE_C */ - -#if defined(POLARSSL_BASE64_C) - if( use_ret == -(POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) ) - polarssl_snprintf( buf, buflen, "BASE64 - Output buffer too small" ); - if( use_ret == -(POLARSSL_ERR_BASE64_INVALID_CHARACTER) ) - polarssl_snprintf( buf, buflen, "BASE64 - Invalid character in input" ); -#endif /* POLARSSL_BASE64_C */ - -#if defined(POLARSSL_BIGNUM_C) - if( use_ret == -(POLARSSL_ERR_MPI_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "BIGNUM - An error occurred while reading from or writing to a file" ); - if( use_ret == -(POLARSSL_ERR_MPI_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "BIGNUM - Bad input parameters to function" ); - if( use_ret == -(POLARSSL_ERR_MPI_INVALID_CHARACTER) ) - polarssl_snprintf( buf, buflen, "BIGNUM - There is an invalid character in the digit string" ); - if( use_ret == -(POLARSSL_ERR_MPI_BUFFER_TOO_SMALL) ) - polarssl_snprintf( buf, buflen, "BIGNUM - The buffer is too small to write to" ); - if( use_ret == -(POLARSSL_ERR_MPI_NEGATIVE_VALUE) ) - polarssl_snprintf( buf, buflen, "BIGNUM - The input arguments are negative or result in illegal output" ); - if( use_ret == -(POLARSSL_ERR_MPI_DIVISION_BY_ZERO) ) - polarssl_snprintf( buf, buflen, "BIGNUM - The input argument for division is zero, which is not allowed" ); - if( use_ret == -(POLARSSL_ERR_MPI_NOT_ACCEPTABLE) ) - polarssl_snprintf( buf, buflen, "BIGNUM - The input arguments are not acceptable" ); - if( use_ret == -(POLARSSL_ERR_MPI_MALLOC_FAILED) ) - polarssl_snprintf( buf, buflen, "BIGNUM - Memory allocation failed" ); -#endif /* POLARSSL_BIGNUM_C */ - -#if defined(POLARSSL_BLOWFISH_C) - if( use_ret == -(POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH) ) - polarssl_snprintf( buf, buflen, "BLOWFISH - Invalid key length" ); - if( use_ret == -(POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH) ) - polarssl_snprintf( buf, buflen, "BLOWFISH - Invalid data input length" ); -#endif /* POLARSSL_BLOWFISH_C */ - -#if defined(POLARSSL_CAMELLIA_C) - if( use_ret == -(POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH) ) - polarssl_snprintf( buf, buflen, "CAMELLIA - Invalid key length" ); - if( use_ret == -(POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH) ) - polarssl_snprintf( buf, buflen, "CAMELLIA - Invalid data input length" ); -#endif /* POLARSSL_CAMELLIA_C */ - -#if defined(POLARSSL_CCM_C) - if( use_ret == -(POLARSSL_ERR_CCM_BAD_INPUT) ) - polarssl_snprintf( buf, buflen, "CCM - Bad input parameters to function" ); - if( use_ret == -(POLARSSL_ERR_CCM_AUTH_FAILED) ) - polarssl_snprintf( buf, buflen, "CCM - Authenticated decryption failed" ); -#endif /* POLARSSL_CCM_C */ - -#if defined(POLARSSL_CTR_DRBG_C) - if( use_ret == -(POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) ) - polarssl_snprintf( buf, buflen, "CTR_DRBG - The entropy source failed" ); - if( use_ret == -(POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG) ) - polarssl_snprintf( buf, buflen, "CTR_DRBG - Too many random requested in single call" ); - if( use_ret == -(POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG) ) - polarssl_snprintf( buf, buflen, "CTR_DRBG - Input too large (Entropy + additional)" ); - if( use_ret == -(POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "CTR_DRBG - Read/write error in file" ); -#endif /* POLARSSL_CTR_DRBG_C */ - -#if defined(POLARSSL_DES_C) - if( use_ret == -(POLARSSL_ERR_DES_INVALID_INPUT_LENGTH) ) - polarssl_snprintf( buf, buflen, "DES - The data input has an invalid length" ); -#endif /* POLARSSL_DES_C */ - -#if defined(POLARSSL_ENTROPY_C) - if( use_ret == -(POLARSSL_ERR_ENTROPY_SOURCE_FAILED) ) - polarssl_snprintf( buf, buflen, "ENTROPY - Critical entropy source failure" ); - if( use_ret == -(POLARSSL_ERR_ENTROPY_MAX_SOURCES) ) - polarssl_snprintf( buf, buflen, "ENTROPY - No more sources can be added" ); - if( use_ret == -(POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED) ) - polarssl_snprintf( buf, buflen, "ENTROPY - No sources have been added to poll" ); - if( use_ret == -(POLARSSL_ERR_ENTROPY_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "ENTROPY - Read/write error in file" ); -#endif /* POLARSSL_ENTROPY_C */ - -#if defined(POLARSSL_GCM_C) - if( use_ret == -(POLARSSL_ERR_GCM_AUTH_FAILED) ) - polarssl_snprintf( buf, buflen, "GCM - Authenticated decryption failed" ); - if( use_ret == -(POLARSSL_ERR_GCM_BAD_INPUT) ) - polarssl_snprintf( buf, buflen, "GCM - Bad input parameters to function" ); -#endif /* POLARSSL_GCM_C */ - -#if defined(POLARSSL_HMAC_DRBG_C) - if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG) ) - polarssl_snprintf( buf, buflen, "HMAC_DRBG - Too many random requested in single call" ); - if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG) ) - polarssl_snprintf( buf, buflen, "HMAC_DRBG - Input too large (Entropy + additional)" ); - if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "HMAC_DRBG - Read/write error in file" ); - if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED) ) - polarssl_snprintf( buf, buflen, "HMAC_DRBG - The entropy source failed" ); -#endif /* POLARSSL_HMAC_DRBG_C */ - -#if defined(POLARSSL_MD2_C) - if( use_ret == -(POLARSSL_ERR_MD2_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "MD2 - Read/write error in file" ); -#endif /* POLARSSL_MD2_C */ - -#if defined(POLARSSL_MD4_C) - if( use_ret == -(POLARSSL_ERR_MD4_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "MD4 - Read/write error in file" ); -#endif /* POLARSSL_MD4_C */ - -#if defined(POLARSSL_MD5_C) - if( use_ret == -(POLARSSL_ERR_MD5_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "MD5 - Read/write error in file" ); -#endif /* POLARSSL_MD5_C */ - -#if defined(POLARSSL_NET_C) - if( use_ret == -(POLARSSL_ERR_NET_UNKNOWN_HOST) ) - polarssl_snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" ); - if( use_ret == -(POLARSSL_ERR_NET_SOCKET_FAILED) ) - polarssl_snprintf( buf, buflen, "NET - Failed to open a socket" ); - if( use_ret == -(POLARSSL_ERR_NET_CONNECT_FAILED) ) - polarssl_snprintf( buf, buflen, "NET - The connection to the given server / port failed" ); - if( use_ret == -(POLARSSL_ERR_NET_BIND_FAILED) ) - polarssl_snprintf( buf, buflen, "NET - Binding of the socket failed" ); - if( use_ret == -(POLARSSL_ERR_NET_LISTEN_FAILED) ) - polarssl_snprintf( buf, buflen, "NET - Could not listen on the socket" ); - if( use_ret == -(POLARSSL_ERR_NET_ACCEPT_FAILED) ) - polarssl_snprintf( buf, buflen, "NET - Could not accept the incoming connection" ); - if( use_ret == -(POLARSSL_ERR_NET_RECV_FAILED) ) - polarssl_snprintf( buf, buflen, "NET - Reading information from the socket failed" ); - if( use_ret == -(POLARSSL_ERR_NET_SEND_FAILED) ) - polarssl_snprintf( buf, buflen, "NET - Sending information through the socket failed" ); - if( use_ret == -(POLARSSL_ERR_NET_CONN_RESET) ) - polarssl_snprintf( buf, buflen, "NET - Connection was reset by peer" ); - if( use_ret == -(POLARSSL_ERR_NET_WANT_READ) ) - polarssl_snprintf( buf, buflen, "NET - Connection requires a read call" ); - if( use_ret == -(POLARSSL_ERR_NET_WANT_WRITE) ) - polarssl_snprintf( buf, buflen, "NET - Connection requires a write call" ); -#endif /* POLARSSL_NET_C */ - -#if defined(POLARSSL_OID_C) - if( use_ret == -(POLARSSL_ERR_OID_NOT_FOUND) ) - polarssl_snprintf( buf, buflen, "OID - OID is not found" ); - if( use_ret == -(POLARSSL_ERR_OID_BUF_TOO_SMALL) ) - polarssl_snprintf( buf, buflen, "OID - output buffer is too small" ); -#endif /* POLARSSL_OID_C */ - -#if defined(POLARSSL_PADLOCK_C) - if( use_ret == -(POLARSSL_ERR_PADLOCK_DATA_MISALIGNED) ) - polarssl_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" ); -#endif /* POLARSSL_PADLOCK_C */ - -#if defined(POLARSSL_PBKDF2_C) - if( use_ret == -(POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "PBKDF2 - Bad input parameters to function" ); -#endif /* POLARSSL_PBKDF2_C */ - -#if defined(POLARSSL_RIPEMD160_C) - if( use_ret == -(POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "RIPEMD160 - Read/write error in file" ); -#endif /* POLARSSL_RIPEMD160_C */ - -#if defined(POLARSSL_SHA1_C) - if( use_ret == -(POLARSSL_ERR_SHA1_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "SHA1 - Read/write error in file" ); -#endif /* POLARSSL_SHA1_C */ - -#if defined(POLARSSL_SHA256_C) - if( use_ret == -(POLARSSL_ERR_SHA256_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "SHA256 - Read/write error in file" ); -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - if( use_ret == -(POLARSSL_ERR_SHA512_FILE_IO_ERROR) ) - polarssl_snprintf( buf, buflen, "SHA512 - Read/write error in file" ); -#endif /* POLARSSL_SHA512_C */ - -#if defined(POLARSSL_THREADING_C) - if( use_ret == -(POLARSSL_ERR_THREADING_FEATURE_UNAVAILABLE) ) - polarssl_snprintf( buf, buflen, "THREADING - The selected feature is not available" ); - if( use_ret == -(POLARSSL_ERR_THREADING_BAD_INPUT_DATA) ) - polarssl_snprintf( buf, buflen, "THREADING - Bad input parameters to function" ); - if( use_ret == -(POLARSSL_ERR_THREADING_MUTEX_ERROR) ) - polarssl_snprintf( buf, buflen, "THREADING - Locking / unlocking / free failed with error code" ); -#endif /* POLARSSL_THREADING_C */ - -#if defined(POLARSSL_XTEA_C) - if( use_ret == -(POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH) ) - polarssl_snprintf( buf, buflen, "XTEA - The data input has an invalid length" ); -#endif /* POLARSSL_XTEA_C */ +#if defined(MBEDTLS_AES_C) + if( use_ret == -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH) ) + mbedtls_snprintf( buf, buflen, "AES - Invalid key length" ); + if( use_ret == -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH) ) + mbedtls_snprintf( buf, buflen, "AES - Invalid data input length" ); +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_ASN1_PARSE_C) + if( use_ret == -(MBEDTLS_ERR_ASN1_OUT_OF_DATA) ) + mbedtls_snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" ); + if( use_ret == -(MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) ) + mbedtls_snprintf( buf, buflen, "ASN1 - ASN1 tag was of an unexpected value" ); + if( use_ret == -(MBEDTLS_ERR_ASN1_INVALID_LENGTH) ) + mbedtls_snprintf( buf, buflen, "ASN1 - Error when trying to determine the length or invalid length" ); + if( use_ret == -(MBEDTLS_ERR_ASN1_LENGTH_MISMATCH) ) + mbedtls_snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" ); + if( use_ret == -(MBEDTLS_ERR_ASN1_INVALID_DATA) ) + mbedtls_snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" ); + if( use_ret == -(MBEDTLS_ERR_ASN1_ALLOC_FAILED) ) + mbedtls_snprintf( buf, buflen, "ASN1 - Memory allocation failed" ); + if( use_ret == -(MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) ) + mbedtls_snprintf( buf, buflen, "ASN1 - Buffer too small when writing ASN.1 data structure" ); +#endif /* MBEDTLS_ASN1_PARSE_C */ + +#if defined(MBEDTLS_BASE64_C) + if( use_ret == -(MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL) ) + mbedtls_snprintf( buf, buflen, "BASE64 - Output buffer too small" ); + if( use_ret == -(MBEDTLS_ERR_BASE64_INVALID_CHARACTER) ) + mbedtls_snprintf( buf, buflen, "BASE64 - Invalid character in input" ); +#endif /* MBEDTLS_BASE64_C */ + +#if defined(MBEDTLS_BIGNUM_C) + if( use_ret == -(MBEDTLS_ERR_MPI_FILE_IO_ERROR) ) + mbedtls_snprintf( buf, buflen, "BIGNUM - An error occurred while reading from or writing to a file" ); + if( use_ret == -(MBEDTLS_ERR_MPI_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "BIGNUM - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_MPI_INVALID_CHARACTER) ) + mbedtls_snprintf( buf, buflen, "BIGNUM - There is an invalid character in the digit string" ); + if( use_ret == -(MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL) ) + mbedtls_snprintf( buf, buflen, "BIGNUM - The buffer is too small to write to" ); + if( use_ret == -(MBEDTLS_ERR_MPI_NEGATIVE_VALUE) ) + mbedtls_snprintf( buf, buflen, "BIGNUM - The input arguments are negative or result in illegal output" ); + if( use_ret == -(MBEDTLS_ERR_MPI_DIVISION_BY_ZERO) ) + mbedtls_snprintf( buf, buflen, "BIGNUM - The input argument for division is zero, which is not allowed" ); + if( use_ret == -(MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) ) + mbedtls_snprintf( buf, buflen, "BIGNUM - The input arguments are not acceptable" ); + if( use_ret == -(MBEDTLS_ERR_MPI_ALLOC_FAILED) ) + mbedtls_snprintf( buf, buflen, "BIGNUM - Memory allocation failed" ); +#endif /* MBEDTLS_BIGNUM_C */ + +#if defined(MBEDTLS_BLOWFISH_C) + if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH) ) + mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid key length" ); + if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH) ) + mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid data input length" ); +#endif /* MBEDTLS_BLOWFISH_C */ + +#if defined(MBEDTLS_CAMELLIA_C) + if( use_ret == -(MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH) ) + mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid key length" ); + if( use_ret == -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH) ) + mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid data input length" ); +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_CCM_C) + if( use_ret == -(MBEDTLS_ERR_CCM_BAD_INPUT) ) + mbedtls_snprintf( buf, buflen, "CCM - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_CCM_AUTH_FAILED) ) + mbedtls_snprintf( buf, buflen, "CCM - Authenticated decryption failed" ); +#endif /* MBEDTLS_CCM_C */ + +#if defined(MBEDTLS_CTR_DRBG_C) + if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) ) + mbedtls_snprintf( buf, buflen, "CTR_DRBG - The entropy source failed" ); + if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG) ) + mbedtls_snprintf( buf, buflen, "CTR_DRBG - Too many random requested in single call" ); + if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG) ) + mbedtls_snprintf( buf, buflen, "CTR_DRBG - Input too large (Entropy + additional)" ); + if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR) ) + mbedtls_snprintf( buf, buflen, "CTR_DRBG - Read/write error in file" ); +#endif /* MBEDTLS_CTR_DRBG_C */ + +#if defined(MBEDTLS_DES_C) + if( use_ret == -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH) ) + mbedtls_snprintf( buf, buflen, "DES - The data input has an invalid length" ); +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ENTROPY_C) + if( use_ret == -(MBEDTLS_ERR_ENTROPY_SOURCE_FAILED) ) + mbedtls_snprintf( buf, buflen, "ENTROPY - Critical entropy source failure" ); + if( use_ret == -(MBEDTLS_ERR_ENTROPY_MAX_SOURCES) ) + mbedtls_snprintf( buf, buflen, "ENTROPY - No more sources can be added" ); + if( use_ret == -(MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED) ) + mbedtls_snprintf( buf, buflen, "ENTROPY - No sources have been added to poll" ); + if( use_ret == -(MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE) ) + mbedtls_snprintf( buf, buflen, "ENTROPY - No strong sources have been added to poll" ); + if( use_ret == -(MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR) ) + mbedtls_snprintf( buf, buflen, "ENTROPY - Read/write error in file" ); +#endif /* MBEDTLS_ENTROPY_C */ + +#if defined(MBEDTLS_GCM_C) + if( use_ret == -(MBEDTLS_ERR_GCM_AUTH_FAILED) ) + mbedtls_snprintf( buf, buflen, "GCM - Authenticated decryption failed" ); + if( use_ret == -(MBEDTLS_ERR_GCM_BAD_INPUT) ) + mbedtls_snprintf( buf, buflen, "GCM - Bad input parameters to function" ); +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_HMAC_DRBG_C) + if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG) ) + mbedtls_snprintf( buf, buflen, "HMAC_DRBG - Too many random requested in single call" ); + if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG) ) + mbedtls_snprintf( buf, buflen, "HMAC_DRBG - Input too large (Entropy + additional)" ); + if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR) ) + mbedtls_snprintf( buf, buflen, "HMAC_DRBG - Read/write error in file" ); + if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED) ) + mbedtls_snprintf( buf, buflen, "HMAC_DRBG - The entropy source failed" ); +#endif /* MBEDTLS_HMAC_DRBG_C */ + +#if defined(MBEDTLS_NET_C) + if( use_ret == -(MBEDTLS_ERR_NET_SOCKET_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Failed to open a socket" ); + if( use_ret == -(MBEDTLS_ERR_NET_CONNECT_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - The connection to the given server / port failed" ); + if( use_ret == -(MBEDTLS_ERR_NET_BIND_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Binding of the socket failed" ); + if( use_ret == -(MBEDTLS_ERR_NET_LISTEN_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Could not listen on the socket" ); + if( use_ret == -(MBEDTLS_ERR_NET_ACCEPT_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Could not accept the incoming connection" ); + if( use_ret == -(MBEDTLS_ERR_NET_RECV_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Reading information from the socket failed" ); + if( use_ret == -(MBEDTLS_ERR_NET_SEND_FAILED) ) + mbedtls_snprintf( buf, buflen, "NET - Sending information through the socket failed" ); + if( use_ret == -(MBEDTLS_ERR_NET_CONN_RESET) ) + mbedtls_snprintf( buf, buflen, "NET - Connection was reset by peer" ); + if( use_ret == -(MBEDTLS_ERR_NET_UNKNOWN_HOST) ) + mbedtls_snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" ); + if( use_ret == -(MBEDTLS_ERR_NET_BUFFER_TOO_SMALL) ) + mbedtls_snprintf( buf, buflen, "NET - Buffer is too small to hold the data" ); + if( use_ret == -(MBEDTLS_ERR_NET_INVALID_CONTEXT) ) + mbedtls_snprintf( buf, buflen, "NET - The context is invalid, eg because it was free()ed" ); +#endif /* MBEDTLS_NET_C */ + +#if defined(MBEDTLS_OID_C) + if( use_ret == -(MBEDTLS_ERR_OID_NOT_FOUND) ) + mbedtls_snprintf( buf, buflen, "OID - OID is not found" ); + if( use_ret == -(MBEDTLS_ERR_OID_BUF_TOO_SMALL) ) + mbedtls_snprintf( buf, buflen, "OID - output buffer is too small" ); +#endif /* MBEDTLS_OID_C */ + +#if defined(MBEDTLS_PADLOCK_C) + if( use_ret == -(MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED) ) + mbedtls_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" ); +#endif /* MBEDTLS_PADLOCK_C */ + +#if defined(MBEDTLS_THREADING_C) + if( use_ret == -(MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE) ) + mbedtls_snprintf( buf, buflen, "THREADING - The selected feature is not available" ); + if( use_ret == -(MBEDTLS_ERR_THREADING_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "THREADING - Bad input parameters to function" ); + if( use_ret == -(MBEDTLS_ERR_THREADING_MUTEX_ERROR) ) + mbedtls_snprintf( buf, buflen, "THREADING - Locking / unlocking / free failed with error code" ); +#endif /* MBEDTLS_THREADING_C */ + +#if defined(MBEDTLS_XTEA_C) + if( use_ret == -(MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH) ) + mbedtls_snprintf( buf, buflen, "XTEA - The data input has an invalid length" ); +#endif /* MBEDTLS_XTEA_C */ // END generated code if( strlen( buf ) != 0 ) return; - polarssl_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); + mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); } -#if defined(POLARSSL_ERROR_STRERROR_BC) -void error_strerror( int ret, char *buf, size_t buflen ) -{ - polarssl_strerror( ret, buf, buflen ); -} -#endif /* POLARSSL_ERROR_STRERROR_BC */ - -#else /* POLARSSL_ERROR_C */ +#else /* MBEDTLS_ERROR_C */ -#if defined(POLARSSL_ERROR_STRERROR_DUMMY) +#if defined(MBEDTLS_ERROR_STRERROR_DUMMY) /* - * Provide an non-function in case POLARSSL_ERROR_C is not defined + * Provide an non-function in case MBEDTLS_ERROR_C is not defined */ -void polarssl_strerror( int ret, char *buf, size_t buflen ) +void mbedtls_strerror( int ret, char *buf, size_t buflen ) { ((void) ret); @@ -763,12 +692,6 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) buf[0] = '\0'; } -#if defined(POLARSSL_ERROR_STRERROR_BC) -void error_strerror( int ret, char *buf, size_t buflen ) -{ - polarssl_strerror( ret, buf, buflen ); -} -#endif /* POLARSSL_ERROR_STRERROR_BC */ -#endif /* POLARSSL_ERROR_STRERROR_DUMMY */ +#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */ -#endif /* POLARSSL_ERROR_C */ +#endif /* MBEDTLS_ERROR_C */ diff --git a/ext/mbedtls/library/gcm.c b/ext/mbedtls/library/gcm.c index b537b02053..c165788067 100644 --- a/ext/mbedtls/library/gcm.c +++ b/ext/mbedtls/library/gcm.c @@ -30,30 +30,30 @@ * [MGV] 4.1, pp. 12-13, to enhance speed without using too much memory. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_GCM_C) +#if defined(MBEDTLS_GCM_C) -#include "polarssl/gcm.h" +#include "mbedtls/gcm.h" #include -#if defined(POLARSSL_AESNI_C) -#include "polarssl/aesni.h" +#if defined(MBEDTLS_AESNI_C) +#include "mbedtls/aesni.h" #endif -#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ /* * 32-bit integer manipulation macros (big endian) @@ -79,10 +79,18 @@ #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } +/* + * Initialize a context + */ +void mbedtls_gcm_init( mbedtls_gcm_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_gcm_context ) ); +} + /* * Precompute small multiples of H, that is set * HH[i] || HL[i] = H times i, @@ -91,7 +99,7 @@ static void polarssl_zeroize( void *v, size_t n ) { * is the high-order bit of HH corresponds to P^0 and the low-order bit of HL * corresponds to P^127. */ -static int gcm_gen_table( gcm_context *ctx ) +static int gcm_gen_table( mbedtls_gcm_context *ctx ) { int ret, i, j; uint64_t hi, lo; @@ -100,7 +108,7 @@ static int gcm_gen_table( gcm_context *ctx ) size_t olen = 0; memset( h, 0, 16 ); - if( ( ret = cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 ) + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 ) return( ret ); /* pack h as two 64-bits ints, big-endian */ @@ -116,9 +124,9 @@ static int gcm_gen_table( gcm_context *ctx ) ctx->HL[8] = vl; ctx->HH[8] = vh; -#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64) +#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) /* With CLMUL support, we need only h, not the rest of the table */ - if( aesni_supports( POLARSSL_AESNI_CLMUL ) ) + if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) return( 0 ); #endif @@ -151,30 +159,28 @@ static int gcm_gen_table( gcm_context *ctx ) return( 0 ); } -int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key, - unsigned int keysize ) +int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits ) { int ret; - const cipher_info_t *cipher_info; - - memset( ctx, 0, sizeof(gcm_context) ); + const mbedtls_cipher_info_t *cipher_info; - cipher_init( &ctx->cipher_ctx ); - - cipher_info = cipher_info_from_values( cipher, keysize, POLARSSL_MODE_ECB ); + cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, MBEDTLS_MODE_ECB ); if( cipher_info == NULL ) - return( POLARSSL_ERR_GCM_BAD_INPUT ); + return( MBEDTLS_ERR_GCM_BAD_INPUT ); if( cipher_info->block_size != 16 ) - return( POLARSSL_ERR_GCM_BAD_INPUT ); + return( MBEDTLS_ERR_GCM_BAD_INPUT ); - cipher_free( &ctx->cipher_ctx ); + mbedtls_cipher_free( &ctx->cipher_ctx ); - if( ( ret = cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 ) + if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 ) return( ret ); - if( ( ret = cipher_setkey( &ctx->cipher_ctx, key, keysize, - POLARSSL_ENCRYPT ) ) != 0 ) + if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits, + MBEDTLS_ENCRYPT ) ) != 0 ) { return( ret ); } @@ -202,15 +208,15 @@ static const uint64_t last4[16] = * Sets output to x times H using the precomputed tables. * x and output are seen as elements of GF(2^128) as in [MGV]. */ -static void gcm_mult( gcm_context *ctx, const unsigned char x[16], +static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], unsigned char output[16] ) { int i = 0; unsigned char lo, hi, rem; uint64_t zh, zl; -#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64) - if( aesni_supports( POLARSSL_AESNI_CLMUL ) ) { +#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) + if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) { unsigned char h[16]; PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 ); @@ -218,10 +224,10 @@ static void gcm_mult( gcm_context *ctx, const unsigned char x[16], PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 ); PUT_UINT32_BE( ctx->HL[8], h, 12 ); - aesni_gcm_mult( output, x, h ); + mbedtls_aesni_gcm_mult( output, x, h ); return; } -#endif /* POLARSSL_AESNI_C && POLARSSL_HAVE_X86_64 */ +#endif /* MBEDTLS_AESNI_C && MBEDTLS_HAVE_X86_64 */ lo = x[15] & 0xf; @@ -258,7 +264,7 @@ static void gcm_mult( gcm_context *ctx, const unsigned char x[16], PUT_UINT32_BE( zl, output, 12 ); } -int gcm_starts( gcm_context *ctx, +int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, int mode, const unsigned char *iv, size_t iv_len, @@ -275,7 +281,7 @@ int gcm_starts( gcm_context *ctx, if( ( (uint64_t) iv_len ) >> 61 != 0 || ( (uint64_t) add_len ) >> 61 != 0 ) { - return( POLARSSL_ERR_GCM_BAD_INPUT ); + return( MBEDTLS_ERR_GCM_BAD_INPUT ); } memset( ctx->y, 0x00, sizeof(ctx->y) ); @@ -315,7 +321,7 @@ int gcm_starts( gcm_context *ctx, gcm_mult( ctx, ctx->y, ctx->y ); } - if( ( ret = cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr, + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr, &olen ) ) != 0 ) { return( ret ); @@ -339,7 +345,7 @@ int gcm_starts( gcm_context *ctx, return( 0 ); } -int gcm_update( gcm_context *ctx, +int mbedtls_gcm_update( mbedtls_gcm_context *ctx, size_t length, const unsigned char *input, unsigned char *output ) @@ -352,14 +358,14 @@ int gcm_update( gcm_context *ctx, size_t use_len, olen = 0; if( output > input && (size_t) ( output - input ) < length ) - return( POLARSSL_ERR_GCM_BAD_INPUT ); + return( MBEDTLS_ERR_GCM_BAD_INPUT ); /* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes * Also check for possible overflow */ if( ctx->len + length < ctx->len || (uint64_t) ctx->len + length > 0x03FFFFE0ull ) { - return( POLARSSL_ERR_GCM_BAD_INPUT ); + return( MBEDTLS_ERR_GCM_BAD_INPUT ); } ctx->len += length; @@ -373,7 +379,7 @@ int gcm_update( gcm_context *ctx, if( ++ctx->y[i - 1] != 0 ) break; - if( ( ret = cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr, + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr, &olen ) ) != 0 ) { return( ret ); @@ -381,10 +387,10 @@ int gcm_update( gcm_context *ctx, for( i = 0; i < use_len; i++ ) { - if( ctx->mode == GCM_DECRYPT ) + if( ctx->mode == MBEDTLS_GCM_DECRYPT ) ctx->buf[i] ^= p[i]; out_p[i] = ectr[i] ^ p[i]; - if( ctx->mode == GCM_ENCRYPT ) + if( ctx->mode == MBEDTLS_GCM_ENCRYPT ) ctx->buf[i] ^= out_p[i]; } @@ -398,7 +404,7 @@ int gcm_update( gcm_context *ctx, return( 0 ); } -int gcm_finish( gcm_context *ctx, +int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, unsigned char *tag, size_t tag_len ) { @@ -408,7 +414,7 @@ int gcm_finish( gcm_context *ctx, uint64_t orig_add_len = ctx->add_len * 8; if( tag_len > 16 || tag_len < 4 ) - return( POLARSSL_ERR_GCM_BAD_INPUT ); + return( MBEDTLS_ERR_GCM_BAD_INPUT ); if( tag_len != 0 ) memcpy( tag, ctx->base_ectr, tag_len ); @@ -434,7 +440,7 @@ int gcm_finish( gcm_context *ctx, return( 0 ); } -int gcm_crypt_and_tag( gcm_context *ctx, +int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, int mode, size_t length, const unsigned char *iv, @@ -448,19 +454,19 @@ int gcm_crypt_and_tag( gcm_context *ctx, { int ret; - if( ( ret = gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 ) + if( ( ret = mbedtls_gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 ) return( ret ); - if( ( ret = gcm_update( ctx, length, input, output ) ) != 0 ) + if( ( ret = mbedtls_gcm_update( ctx, length, input, output ) ) != 0 ) return( ret ); - if( ( ret = gcm_finish( ctx, tag, tag_len ) ) != 0 ) + if( ( ret = mbedtls_gcm_finish( ctx, tag, tag_len ) ) != 0 ) return( ret ); return( 0 ); } -int gcm_auth_decrypt( gcm_context *ctx, +int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, @@ -476,7 +482,7 @@ int gcm_auth_decrypt( gcm_context *ctx, size_t i; int diff; - if( ( ret = gcm_crypt_and_tag( ctx, GCM_DECRYPT, length, + if( ( ret = mbedtls_gcm_crypt_and_tag( ctx, MBEDTLS_GCM_DECRYPT, length, iv, iv_len, add, add_len, input, output, tag_len, check_tag ) ) != 0 ) { @@ -489,20 +495,20 @@ int gcm_auth_decrypt( gcm_context *ctx, if( diff != 0 ) { - polarssl_zeroize( output, length ); - return( POLARSSL_ERR_GCM_AUTH_FAILED ); + mbedtls_zeroize( output, length ); + return( MBEDTLS_ERR_GCM_AUTH_FAILED ); } return( 0 ); } -void gcm_free( gcm_context *ctx ) +void mbedtls_gcm_free( mbedtls_gcm_context *ctx ) { - cipher_free( &ctx->cipher_ctx ); - polarssl_zeroize( ctx, sizeof( gcm_context ) ); + mbedtls_cipher_free( &ctx->cipher_ctx ); + mbedtls_zeroize( ctx, sizeof( mbedtls_gcm_context ) ); } -#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) +#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) /* * AES-GCM test vectors from: * @@ -730,13 +736,15 @@ static const unsigned char tag[MAX_TESTS * 3][16] = 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a }, }; -int gcm_self_test( int verbose ) +int mbedtls_gcm_self_test( int verbose ) { - gcm_context ctx; + mbedtls_gcm_context ctx; unsigned char buf[64]; unsigned char tag_buf[16]; int i, j, ret; - cipher_id_t cipher = POLARSSL_CIPHER_ID_AES; + mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES; + + mbedtls_gcm_init( &ctx ); for( j = 0; j < 3; j++ ) { @@ -745,12 +753,12 @@ int gcm_self_test( int verbose ) for( i = 0; i < MAX_TESTS; i++ ) { if( verbose != 0 ) - polarssl_printf( " AES-GCM-%3d #%d (%s): ", + mbedtls_printf( " AES-GCM-%3d #%d (%s): ", key_len, i, "enc" ); - gcm_init( &ctx, cipher, key[key_index[i]], key_len ); + mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len ); - ret = gcm_crypt_and_tag( &ctx, GCM_ENCRYPT, + ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, pt_len[i], iv[iv_index[i]], iv_len[i], additional[add_index[i]], add_len[i], @@ -761,23 +769,23 @@ int gcm_self_test( int verbose ) memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } - gcm_free( &ctx ); + mbedtls_gcm_free( &ctx ); if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); if( verbose != 0 ) - polarssl_printf( " AES-GCM-%3d #%d (%s): ", + mbedtls_printf( " AES-GCM-%3d #%d (%s): ", key_len, i, "dec" ); - gcm_init( &ctx, cipher, key[key_index[i]], key_len ); + mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len ); - ret = gcm_crypt_and_tag( &ctx, GCM_DECRYPT, + ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT, pt_len[i], iv[iv_index[i]], iv_len[i], additional[add_index[i]], add_len[i], @@ -788,29 +796,29 @@ int gcm_self_test( int verbose ) memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } - gcm_free( &ctx ); + mbedtls_gcm_free( &ctx ); if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); if( verbose != 0 ) - polarssl_printf( " AES-GCM-%3d #%d split (%s): ", + mbedtls_printf( " AES-GCM-%3d #%d split (%s): ", key_len, i, "enc" ); - gcm_init( &ctx, cipher, key[key_index[i]], key_len ); + mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len ); - ret = gcm_starts( &ctx, GCM_ENCRYPT, + ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT, iv[iv_index[i]], iv_len[i], additional[add_index[i]], add_len[i] ); if( ret != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } @@ -818,66 +826,66 @@ int gcm_self_test( int verbose ) if( pt_len[i] > 32 ) { size_t rest_len = pt_len[i] - 32; - ret = gcm_update( &ctx, 32, pt[pt_index[i]], buf ); + ret = mbedtls_gcm_update( &ctx, 32, pt[pt_index[i]], buf ); if( ret != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } - ret = gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32, + ret = mbedtls_gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32, buf + 32 ); if( ret != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } } else { - ret = gcm_update( &ctx, pt_len[i], pt[pt_index[i]], buf ); + ret = mbedtls_gcm_update( &ctx, pt_len[i], pt[pt_index[i]], buf ); if( ret != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } } - ret = gcm_finish( &ctx, tag_buf, 16 ); + ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 ); if( ret != 0 || memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 || memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } - gcm_free( &ctx ); + mbedtls_gcm_free( &ctx ); if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); if( verbose != 0 ) - polarssl_printf( " AES-GCM-%3d #%d split (%s): ", + mbedtls_printf( " AES-GCM-%3d #%d split (%s): ", key_len, i, "dec" ); - gcm_init( &ctx, cipher, key[key_index[i]], key_len ); + mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len ); - ret = gcm_starts( &ctx, GCM_DECRYPT, + ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT, iv[iv_index[i]], iv_len[i], additional[add_index[i]], add_len[i] ); if( ret != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } @@ -885,62 +893,62 @@ int gcm_self_test( int verbose ) if( pt_len[i] > 32 ) { size_t rest_len = pt_len[i] - 32; - ret = gcm_update( &ctx, 32, ct[j * 6 + i], buf ); + ret = mbedtls_gcm_update( &ctx, 32, ct[j * 6 + i], buf ); if( ret != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } - ret = gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32, + ret = mbedtls_gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32, buf + 32 ); if( ret != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } } else { - ret = gcm_update( &ctx, pt_len[i], ct[j * 6 + i], buf ); + ret = mbedtls_gcm_update( &ctx, pt_len[i], ct[j * 6 + i], buf ); if( ret != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } } - ret = gcm_finish( &ctx, tag_buf, 16 ); + ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 ); if( ret != 0 || memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 || memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } - gcm_free( &ctx ); + mbedtls_gcm_free( &ctx ); if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } } if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); return( 0 ); } -#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ +#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ -#endif /* POLARSSL_GCM_C */ +#endif /* MBEDTLS_GCM_C */ diff --git a/ext/mbedtls/library/havege.c b/ext/mbedtls/library/havege.c index fe656991c2..93450745b5 100644 --- a/ext/mbedtls/library/havege.c +++ b/ext/mbedtls/library/havege.c @@ -27,21 +27,21 @@ * Contact: seznec(at)irisa_dot_fr - orocheco(at)irisa_dot_fr */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_HAVEGE_C) +#if defined(MBEDTLS_HAVEGE_C) -#include "polarssl/havege.h" -#include "polarssl/timing.h" +#include "mbedtls/havege.h" +#include "mbedtls/timing.h" #include /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } @@ -82,7 +82,7 @@ static void polarssl_zeroize( void *v, size_t n ) { PTX = (PT1 >> 18) & 7; \ PT1 &= 0x1FFF; \ PT2 &= 0x1FFF; \ - CLK = (int) hardclock(); \ + CLK = (int) mbedtls_timing_hardclock(); \ \ i = 0; \ A = &WALK[PT1 ]; RES[i++] ^= *A; \ @@ -105,7 +105,7 @@ static void polarssl_zeroize( void *v, size_t n ) { \ IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \ *A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \ - *B = IN; CLK = (int) hardclock(); \ + *B = IN; CLK = (int) mbedtls_timing_hardclock(); \ *C = (*C >> (7)) ^ (*C << (25)) ^ CLK; \ *D = (*D >> (8)) ^ (*D << (24)) ^ CLK; \ \ @@ -156,12 +156,12 @@ static void polarssl_zeroize( void *v, size_t n ) { PT1 ^= (PT2 ^ 0x10) & 0x10; \ \ for( n++, i = 0; i < 16; i++ ) \ - hs->pool[n % COLLECT_SIZE] ^= RES[i]; + hs->pool[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i]; /* * Entropy gathering function */ -static void havege_fill( havege_state *hs ) +static void havege_fill( mbedtls_havege_state *hs ) { int i, n = 0; int U1, U2, *A, *B, *C, *D; @@ -177,7 +177,7 @@ static void havege_fill( havege_state *hs ) memset( RES, 0, sizeof( RES ) ); - while( n < COLLECT_SIZE * 4 ) + while( n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4 ) { ONE_ITERATION ONE_ITERATION @@ -189,35 +189,35 @@ static void havege_fill( havege_state *hs ) hs->PT2 = PT2; hs->offset[0] = 0; - hs->offset[1] = COLLECT_SIZE / 2; + hs->offset[1] = MBEDTLS_HAVEGE_COLLECT_SIZE / 2; } /* * HAVEGE initialization */ -void havege_init( havege_state *hs ) +void mbedtls_havege_init( mbedtls_havege_state *hs ) { - memset( hs, 0, sizeof( havege_state ) ); + memset( hs, 0, sizeof( mbedtls_havege_state ) ); havege_fill( hs ); } -void havege_free( havege_state *hs ) +void mbedtls_havege_free( mbedtls_havege_state *hs ) { if( hs == NULL ) return; - polarssl_zeroize( hs, sizeof( havege_state ) ); + mbedtls_zeroize( hs, sizeof( mbedtls_havege_state ) ); } /* * HAVEGE rand function */ -int havege_random( void *p_rng, unsigned char *buf, size_t len ) +int mbedtls_havege_random( void *p_rng, unsigned char *buf, size_t len ) { int val; size_t use_len; - havege_state *hs = (havege_state *) p_rng; + mbedtls_havege_state *hs = (mbedtls_havege_state *) p_rng; unsigned char *p = buf; while( len > 0 ) @@ -226,7 +226,7 @@ int havege_random( void *p_rng, unsigned char *buf, size_t len ) if( use_len > sizeof(int) ) use_len = sizeof(int); - if( hs->offset[1] >= COLLECT_SIZE ) + if( hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE ) havege_fill( hs ); val = hs->pool[hs->offset[0]++]; @@ -241,4 +241,4 @@ int havege_random( void *p_rng, unsigned char *buf, size_t len ) return( 0 ); } -#endif /* POLARSSL_HAVEGE_C */ +#endif /* MBEDTLS_HAVEGE_C */ diff --git a/ext/mbedtls/library/hmac_drbg.c b/ext/mbedtls/library/hmac_drbg.c index c7904d0696..5c4ee6def3 100644 --- a/ext/mbedtls/library/hmac_drbg.c +++ b/ext/mbedtls/library/hmac_drbg.c @@ -26,78 +26,86 @@ * References below are based on rev. 1 (January 2012). */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_HMAC_DRBG_C) +#if defined(MBEDTLS_HMAC_DRBG_C) -#include "polarssl/hmac_drbg.h" +#include "mbedtls/hmac_drbg.h" #include -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) #include #endif -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_SELF_TEST */ -#endif /* POLARSSL_PLATFORM_C */ +#define mbedtls_printf printf +#endif /* MBEDTLS_SELF_TEST */ +#endif /* MBEDTLS_PLATFORM_C */ /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } +/* + * HMAC_DRBG context initialization + */ +void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) ); + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &ctx->mutex ); +#endif +} + /* * HMAC_DRBG update, using optional additional data (10.1.2.2) */ -void hmac_drbg_update( hmac_drbg_context *ctx, +void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len ) { - size_t md_len = ctx->md_ctx.md_info->size; + size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1; unsigned char sep[1]; - unsigned char K[POLARSSL_MD_MAX_SIZE]; + unsigned char K[MBEDTLS_MD_MAX_SIZE]; for( sep[0] = 0; sep[0] < rounds; sep[0]++ ) { /* Step 1 or 4 */ - md_hmac_reset( &ctx->md_ctx ); - md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); - md_hmac_update( &ctx->md_ctx, sep, 1 ); + mbedtls_md_hmac_reset( &ctx->md_ctx ); + mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); + mbedtls_md_hmac_update( &ctx->md_ctx, sep, 1 ); if( rounds == 2 ) - md_hmac_update( &ctx->md_ctx, additional, add_len ); - md_hmac_finish( &ctx->md_ctx, K ); + mbedtls_md_hmac_update( &ctx->md_ctx, additional, add_len ); + mbedtls_md_hmac_finish( &ctx->md_ctx, K ); /* Step 2 or 5 */ - md_hmac_starts( &ctx->md_ctx, K, md_len ); - md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); - md_hmac_finish( &ctx->md_ctx, ctx->V ); + mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len ); + mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); + mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ); } } /* * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA) */ -int hmac_drbg_init_buf( hmac_drbg_context *ctx, - const md_info_t * md_info, +int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, + const mbedtls_md_info_t * md_info, const unsigned char *data, size_t data_len ) { int ret; - memset( ctx, 0, sizeof( hmac_drbg_context ) ); - - md_init( &ctx->md_ctx ); - - if( ( ret = md_init_ctx( &ctx->md_ctx, md_info ) ) != 0 ) + if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) return( ret ); /* @@ -105,10 +113,10 @@ int hmac_drbg_init_buf( hmac_drbg_context *ctx, * Use the V memory location, which is currently all 0, to initialize the * MD context with an all-zero key. Then set V to its initial value. */ - md_hmac_starts( &ctx->md_ctx, ctx->V, md_info->size ); - memset( ctx->V, 0x01, md_info->size ); + mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, mbedtls_md_get_size( md_info ) ); + memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) ); - hmac_drbg_update( ctx, data, data_len ); + mbedtls_hmac_drbg_update( ctx, data, data_len ); return( 0 ); } @@ -116,24 +124,24 @@ int hmac_drbg_init_buf( hmac_drbg_context *ctx, /* * HMAC_DRBG reseeding: 10.1.2.4 (arabic) + 9.2 (Roman) */ -int hmac_drbg_reseed( hmac_drbg_context *ctx, +int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t len ) { - unsigned char seed[POLARSSL_HMAC_DRBG_MAX_SEED_INPUT]; + unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT]; size_t seedlen; /* III. Check input length */ - if( len > POLARSSL_HMAC_DRBG_MAX_INPUT || - ctx->entropy_len + len > POLARSSL_HMAC_DRBG_MAX_SEED_INPUT ) + if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT || + ctx->entropy_len + len > MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ) { - return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG ); + return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG ); } - memset( seed, 0, POLARSSL_HMAC_DRBG_MAX_SEED_INPUT ); + memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ); /* IV. Gather entropy_len bytes of entropy for the seed */ if( ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) != 0 ) - return( POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED ); + return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED ); seedlen = ctx->entropy_len; @@ -145,7 +153,7 @@ int hmac_drbg_reseed( hmac_drbg_context *ctx, } /* 2. Update state */ - hmac_drbg_update( ctx, seed, seedlen ); + mbedtls_hmac_drbg_update( ctx, seed, seedlen ); /* 3. Reset reseed_counter */ ctx->reseed_counter = 1; @@ -157,35 +165,33 @@ int hmac_drbg_reseed( hmac_drbg_context *ctx, /* * HMAC_DRBG initialisation (10.1.2.3 + 9.1) */ -int hmac_drbg_init( hmac_drbg_context *ctx, - const md_info_t * md_info, +int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, + const mbedtls_md_info_t * md_info, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len ) { int ret; - size_t entropy_len; - - memset( ctx, 0, sizeof( hmac_drbg_context ) ); - - md_init( &ctx->md_ctx ); + size_t entropy_len, md_size; - if( ( ret = md_init_ctx( &ctx->md_ctx, md_info ) ) != 0 ) + if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) return( ret ); + md_size = mbedtls_md_get_size( md_info ); + /* * Set initial working state. * Use the V memory location, which is currently all 0, to initialize the * MD context with an all-zero key. Then set V to its initial value. */ - md_hmac_starts( &ctx->md_ctx, ctx->V, md_info->size ); - memset( ctx->V, 0x01, md_info->size ); + mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, md_size ); + memset( ctx->V, 0x01, md_size ); ctx->f_entropy = f_entropy; ctx->p_entropy = p_entropy; - ctx->reseed_interval = POLARSSL_HMAC_DRBG_RESEED_INTERVAL; + ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL; /* * See SP800-57 5.6.1 (p. 65-66) for the security strength provided by @@ -194,9 +200,9 @@ int hmac_drbg_init( hmac_drbg_context *ctx, * * (This also matches the sizes used in the NIST test vectors.) */ - entropy_len = md_info->size <= 20 ? 16 : /* 160-bits hash -> 128 bits */ - md_info->size <= 28 ? 24 : /* 224-bits hash -> 192 bits */ - 32; /* better (256+) -> 256 bits */ + entropy_len = md_size <= 20 ? 16 : /* 160-bits hash -> 128 bits */ + md_size <= 28 ? 24 : /* 224-bits hash -> 192 bits */ + 32; /* better (256+) -> 256 bits */ /* * For initialisation, use more entropy to emulate a nonce @@ -204,7 +210,7 @@ int hmac_drbg_init( hmac_drbg_context *ctx, */ ctx->entropy_len = entropy_len * 3 / 2; - if( ( ret = hmac_drbg_reseed( ctx, custom, len ) ) != 0 ) + if( ( ret = mbedtls_hmac_drbg_reseed( ctx, custom, len ) ) != 0 ) return( ret ); ctx->entropy_len = entropy_len; @@ -215,7 +221,7 @@ int hmac_drbg_init( hmac_drbg_context *ctx, /* * Set prediction resistance */ -void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx, +void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx, int resistance ) { ctx->prediction_resistance = resistance; @@ -224,7 +230,7 @@ void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx, /* * Set entropy length grabbed for reseeds */ -void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx, size_t len ) +void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len ) { ctx->entropy_len = len; } @@ -232,7 +238,7 @@ void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx, size_t len ) /* * Set reseed interval */ -void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx, int interval ) +void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, int interval ) { ctx->reseed_interval = interval; } @@ -241,30 +247,30 @@ void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx, int interval ) * HMAC_DRBG random function with optional additional data: * 10.1.2.5 (arabic) + 9.3 (Roman) */ -int hmac_drbg_random_with_add( void *p_rng, +int mbedtls_hmac_drbg_random_with_add( void *p_rng, unsigned char *output, size_t out_len, const unsigned char *additional, size_t add_len ) { int ret; - hmac_drbg_context *ctx = (hmac_drbg_context *) p_rng; - size_t md_len = md_get_size( ctx->md_ctx.md_info ); + mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; + size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); size_t left = out_len; unsigned char *out = output; /* II. Check request length */ - if( out_len > POLARSSL_HMAC_DRBG_MAX_REQUEST ) - return( POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG ); + if( out_len > MBEDTLS_HMAC_DRBG_MAX_REQUEST ) + return( MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG ); /* III. Check input length */ - if( add_len > POLARSSL_HMAC_DRBG_MAX_INPUT ) - return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG ); + if( add_len > MBEDTLS_HMAC_DRBG_MAX_INPUT ) + return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG ); /* 1. (aka VII and IX) Check reseed counter and PR */ if( ctx->f_entropy != NULL && /* For no-reseeding instances */ - ( ctx->prediction_resistance == POLARSSL_HMAC_DRBG_PR_ON || + ( ctx->prediction_resistance == MBEDTLS_HMAC_DRBG_PR_ON || ctx->reseed_counter > ctx->reseed_interval ) ) { - if( ( ret = hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 ) + if( ( ret = mbedtls_hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 ) return( ret ); add_len = 0; /* VII.4 */ @@ -272,16 +278,16 @@ int hmac_drbg_random_with_add( void *p_rng, /* 2. Use additional data if any */ if( additional != NULL && add_len != 0 ) - hmac_drbg_update( ctx, additional, add_len ); + mbedtls_hmac_drbg_update( ctx, additional, add_len ); /* 3, 4, 5. Generate bytes */ while( left != 0 ) { size_t use_len = left > md_len ? md_len : left; - md_hmac_reset( &ctx->md_ctx ); - md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); - md_hmac_finish( &ctx->md_ctx, ctx->V ); + mbedtls_md_hmac_reset( &ctx->md_ctx ); + mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); + mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ); memcpy( out, ctx->V, use_len ); out += use_len; @@ -289,7 +295,7 @@ int hmac_drbg_random_with_add( void *p_rng, } /* 6. Update */ - hmac_drbg_update( ctx, additional, add_len ); + mbedtls_hmac_drbg_update( ctx, additional, add_len ); /* 7. Update reseed counter */ ctx->reseed_counter++; @@ -301,40 +307,57 @@ int hmac_drbg_random_with_add( void *p_rng, /* * HMAC_DRBG random function */ -int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ) +int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ) { - return( hmac_drbg_random_with_add( p_rng, output, out_len, NULL, 0 ) ); + int ret; + mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( ret ); +#endif + + ret = mbedtls_hmac_drbg_random_with_add( ctx, output, out_len, NULL, 0 ); + +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif + + return( ret ); } /* * Free an HMAC_DRBG context */ -void hmac_drbg_free( hmac_drbg_context *ctx ) +void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ) { if( ctx == NULL ) return; - md_free( &ctx->md_ctx ); - - polarssl_zeroize( ctx, sizeof( hmac_drbg_context ) ); +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_free( &ctx->mutex ); +#endif + mbedtls_md_free( &ctx->md_ctx ); + mbedtls_zeroize( ctx, sizeof( mbedtls_hmac_drbg_context ) ); } -#if defined(POLARSSL_FS_IO) -int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path ) +#if defined(MBEDTLS_FS_IO) +int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ) { int ret; FILE *f; - unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ]; + unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ]; if( ( f = fopen( path, "wb" ) ) == NULL ) - return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR ); + return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR ); - if( ( ret = hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 ) + if( ( ret = mbedtls_hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 ) goto exit; if( fwrite( buf, 1, sizeof( buf ), f ) != sizeof( buf ) ) { - ret = POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR; + ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR; goto exit; } @@ -345,49 +368,49 @@ exit: return( ret ); } -int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path ) +int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ) { FILE *f; size_t n; - unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ]; + unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ]; if( ( f = fopen( path, "rb" ) ) == NULL ) - return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR ); + return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR ); fseek( f, 0, SEEK_END ); n = (size_t) ftell( f ); fseek( f, 0, SEEK_SET ); - if( n > POLARSSL_HMAC_DRBG_MAX_INPUT ) + if( n > MBEDTLS_HMAC_DRBG_MAX_INPUT ) { fclose( f ); - return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG ); + return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG ); } if( fread( buf, 1, n, f ) != n ) { fclose( f ); - return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR ); + return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR ); } fclose( f ); - hmac_drbg_update( ctx, buf, n ); + mbedtls_hmac_drbg_update( ctx, buf, n ); - return( hmac_drbg_write_seed_file( ctx, path ) ); + return( mbedtls_hmac_drbg_write_seed_file( ctx, path ) ); } -#endif /* POLARSSL_FS_IO */ +#endif /* MBEDTLS_FS_IO */ -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) -#if !defined(POLARSSL_SHA1_C) +#if !defined(MBEDTLS_SHA1_C) /* Dummy checkup routine */ -int hmac_drbg_self_test( int verbose ) +int mbedtls_hmac_drbg_self_test( int verbose ) { if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); return( 0 ); } @@ -440,63 +463,71 @@ static int hmac_drbg_self_test_entropy( void *data, #define CHK( c ) if( (c) != 0 ) \ { \ if( verbose != 0 ) \ - polarssl_printf( "failed\n" ); \ + mbedtls_printf( "failed\n" ); \ return( 1 ); \ } /* * Checkup routine for HMAC_DRBG with SHA-1 */ -int hmac_drbg_self_test( int verbose ) +int mbedtls_hmac_drbg_self_test( int verbose ) { - hmac_drbg_context ctx; + mbedtls_hmac_drbg_context ctx; unsigned char buf[OUTPUT_LEN]; - const md_info_t *md_info = md_info_from_type( POLARSSL_MD_SHA1 ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); + + mbedtls_hmac_drbg_init( &ctx ); /* * PR = True */ if( verbose != 0 ) - polarssl_printf( " HMAC_DRBG (PR = True) : " ); + mbedtls_printf( " HMAC_DRBG (PR = True) : " ); test_offset = 0; - CHK( hmac_drbg_init( &ctx, md_info, + CHK( mbedtls_hmac_drbg_seed( &ctx, md_info, hmac_drbg_self_test_entropy, (void *) entropy_pr, NULL, 0 ) ); - hmac_drbg_set_prediction_resistance( &ctx, POLARSSL_HMAC_DRBG_PR_ON ); - CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); - CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); + mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON ); + CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); + CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); CHK( memcmp( buf, result_pr, OUTPUT_LEN ) ); - hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free( &ctx ); + + mbedtls_hmac_drbg_free( &ctx ); if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); /* * PR = False */ if( verbose != 0 ) - polarssl_printf( " HMAC_DRBG (PR = False) : " ); + mbedtls_printf( " HMAC_DRBG (PR = False) : " ); + + mbedtls_hmac_drbg_init( &ctx ); test_offset = 0; - CHK( hmac_drbg_init( &ctx, md_info, + CHK( mbedtls_hmac_drbg_seed( &ctx, md_info, hmac_drbg_self_test_entropy, (void *) entropy_nopr, NULL, 0 ) ); - CHK( hmac_drbg_reseed( &ctx, NULL, 0 ) ); - CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); - CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); + CHK( mbedtls_hmac_drbg_reseed( &ctx, NULL, 0 ) ); + CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); + CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); CHK( memcmp( buf, result_nopr, OUTPUT_LEN ) ); - hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free( &ctx ); + + mbedtls_hmac_drbg_free( &ctx ); if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); return( 0 ); } -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_HMAC_DRBG_C */ +#endif /* MBEDTLS_HMAC_DRBG_C */ diff --git a/ext/mbedtls/library/md.c b/ext/mbedtls/library/md.c index cf4d7e3349..a2c020b1e5 100644 --- a/ext/mbedtls/library/md.c +++ b/ext/mbedtls/library/md.c @@ -1,5 +1,5 @@ /** - * \file md.c + * \file mbedtls_md.c * * \brief Generic message digest wrapper for mbed TLS * @@ -24,318 +24,449 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_MD_C) +#if defined(MBEDTLS_MD_C) -#include "polarssl/md.h" -#include "polarssl/md_wrap.h" +#include "mbedtls/md.h" +#include "mbedtls/md_internal.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else #include +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + #include -#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \ - !defined(EFI32) -#define strcasecmp _stricmp +#if defined(MBEDTLS_FS_IO) +#include #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } +/* + * Reminder: update profiles in x509_crt.c when adding a new hash! + */ static const int supported_digests[] = { -#if defined(POLARSSL_SHA512_C) - POLARSSL_MD_SHA512, - POLARSSL_MD_SHA384, +#if defined(MBEDTLS_SHA512_C) + MBEDTLS_MD_SHA512, + MBEDTLS_MD_SHA384, #endif -#if defined(POLARSSL_SHA256_C) - POLARSSL_MD_SHA256, - POLARSSL_MD_SHA224, +#if defined(MBEDTLS_SHA256_C) + MBEDTLS_MD_SHA256, + MBEDTLS_MD_SHA224, #endif -#if defined(POLARSSL_SHA1_C) - POLARSSL_MD_SHA1, +#if defined(MBEDTLS_SHA1_C) + MBEDTLS_MD_SHA1, #endif -#if defined(POLARSSL_RIPEMD160_C) - POLARSSL_MD_RIPEMD160, +#if defined(MBEDTLS_RIPEMD160_C) + MBEDTLS_MD_RIPEMD160, #endif -#if defined(POLARSSL_MD5_C) - POLARSSL_MD_MD5, +#if defined(MBEDTLS_MD5_C) + MBEDTLS_MD_MD5, #endif -#if defined(POLARSSL_MD4_C) - POLARSSL_MD_MD4, +#if defined(MBEDTLS_MD4_C) + MBEDTLS_MD_MD4, #endif -#if defined(POLARSSL_MD2_C) - POLARSSL_MD_MD2, +#if defined(MBEDTLS_MD2_C) + MBEDTLS_MD_MD2, #endif - POLARSSL_MD_NONE + MBEDTLS_MD_NONE }; -const int *md_list( void ) +const int *mbedtls_md_list( void ) { return( supported_digests ); } -const md_info_t *md_info_from_string( const char *md_name ) +const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) { if( NULL == md_name ) return( NULL ); /* Get the appropriate digest information */ -#if defined(POLARSSL_MD2_C) - if( !strcasecmp( "MD2", md_name ) ) - return md_info_from_type( POLARSSL_MD_MD2 ); +#if defined(MBEDTLS_MD2_C) + if( !strcmp( "MD2", md_name ) ) + return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 ); #endif -#if defined(POLARSSL_MD4_C) - if( !strcasecmp( "MD4", md_name ) ) - return md_info_from_type( POLARSSL_MD_MD4 ); +#if defined(MBEDTLS_MD4_C) + if( !strcmp( "MD4", md_name ) ) + return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 ); #endif -#if defined(POLARSSL_MD5_C) - if( !strcasecmp( "MD5", md_name ) ) - return md_info_from_type( POLARSSL_MD_MD5 ); +#if defined(MBEDTLS_MD5_C) + if( !strcmp( "MD5", md_name ) ) + return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ); #endif -#if defined(POLARSSL_RIPEMD160_C) - if( !strcasecmp( "RIPEMD160", md_name ) ) - return md_info_from_type( POLARSSL_MD_RIPEMD160 ); +#if defined(MBEDTLS_RIPEMD160_C) + if( !strcmp( "RIPEMD160", md_name ) ) + return mbedtls_md_info_from_type( MBEDTLS_MD_RIPEMD160 ); #endif -#if defined(POLARSSL_SHA1_C) - if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) ) - return md_info_from_type( POLARSSL_MD_SHA1 ); +#if defined(MBEDTLS_SHA1_C) + if( !strcmp( "SHA1", md_name ) || !strcmp( "SHA", md_name ) ) + return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); #endif -#if defined(POLARSSL_SHA256_C) - if( !strcasecmp( "SHA224", md_name ) ) - return md_info_from_type( POLARSSL_MD_SHA224 ); - if( !strcasecmp( "SHA256", md_name ) ) - return md_info_from_type( POLARSSL_MD_SHA256 ); +#if defined(MBEDTLS_SHA256_C) + if( !strcmp( "SHA224", md_name ) ) + return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 ); + if( !strcmp( "SHA256", md_name ) ) + return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ); #endif -#if defined(POLARSSL_SHA512_C) - if( !strcasecmp( "SHA384", md_name ) ) - return md_info_from_type( POLARSSL_MD_SHA384 ); - if( !strcasecmp( "SHA512", md_name ) ) - return md_info_from_type( POLARSSL_MD_SHA512 ); +#if defined(MBEDTLS_SHA512_C) + if( !strcmp( "SHA384", md_name ) ) + return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 ); + if( !strcmp( "SHA512", md_name ) ) + return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 ); #endif return( NULL ); } -const md_info_t *md_info_from_type( md_type_t md_type ) +const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) { switch( md_type ) { -#if defined(POLARSSL_MD2_C) - case POLARSSL_MD_MD2: - return( &md2_info ); +#if defined(MBEDTLS_MD2_C) + case MBEDTLS_MD_MD2: + return( &mbedtls_md2_info ); #endif -#if defined(POLARSSL_MD4_C) - case POLARSSL_MD_MD4: - return( &md4_info ); +#if defined(MBEDTLS_MD4_C) + case MBEDTLS_MD_MD4: + return( &mbedtls_md4_info ); #endif -#if defined(POLARSSL_MD5_C) - case POLARSSL_MD_MD5: - return( &md5_info ); +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + return( &mbedtls_md5_info ); #endif -#if defined(POLARSSL_RIPEMD160_C) - case POLARSSL_MD_RIPEMD160: - return( &ripemd160_info ); +#if defined(MBEDTLS_RIPEMD160_C) + case MBEDTLS_MD_RIPEMD160: + return( &mbedtls_ripemd160_info ); #endif -#if defined(POLARSSL_SHA1_C) - case POLARSSL_MD_SHA1: - return( &sha1_info ); +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + return( &mbedtls_sha1_info ); #endif -#if defined(POLARSSL_SHA256_C) - case POLARSSL_MD_SHA224: - return( &sha224_info ); - case POLARSSL_MD_SHA256: - return( &sha256_info ); +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + return( &mbedtls_sha224_info ); + case MBEDTLS_MD_SHA256: + return( &mbedtls_sha256_info ); #endif -#if defined(POLARSSL_SHA512_C) - case POLARSSL_MD_SHA384: - return( &sha384_info ); - case POLARSSL_MD_SHA512: - return( &sha512_info ); +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + return( &mbedtls_sha384_info ); + case MBEDTLS_MD_SHA512: + return( &mbedtls_sha512_info ); #endif default: return( NULL ); } } -void md_init( md_context_t *ctx ) +void mbedtls_md_init( mbedtls_md_context_t *ctx ) { - memset( ctx, 0, sizeof( md_context_t ) ); + memset( ctx, 0, sizeof( mbedtls_md_context_t ) ); } -void md_free( md_context_t *ctx ) +void mbedtls_md_free( mbedtls_md_context_t *ctx ) { - if( ctx == NULL ) + if( ctx == NULL || ctx->md_info == NULL ) return; - if( ctx->md_ctx ) + if( ctx->md_ctx != NULL ) ctx->md_info->ctx_free_func( ctx->md_ctx ); - polarssl_zeroize( ctx, sizeof( md_context_t ) ); + if( ctx->hmac_ctx != NULL ) + { + mbedtls_zeroize( ctx->hmac_ctx, 2 * ctx->md_info->block_size ); + mbedtls_free( ctx->hmac_ctx ); + } + + mbedtls_zeroize( ctx, sizeof( mbedtls_md_context_t ) ); } -int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ) +int mbedtls_md_clone( mbedtls_md_context_t *dst, + const mbedtls_md_context_t *src ) { - if( md_info == NULL || ctx == NULL ) - return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); - - memset( ctx, 0, sizeof( md_context_t ) ); - - if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL ) - return( POLARSSL_ERR_MD_ALLOC_FAILED ); - - ctx->md_info = md_info; + if( dst == NULL || dst->md_info == NULL || + src == NULL || src->md_info == NULL || + dst->md_info != src->md_info ) + { + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + } - md_info->starts_func( ctx->md_ctx ); + dst->md_info->clone_func( dst->md_ctx, src->md_ctx ); return( 0 ); } -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -int md_free_ctx( md_context_t *ctx ) +#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) { - md_free( ctx ); + return mbedtls_md_setup( ctx, md_info, 1 ); +} +#endif + +int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ) +{ + if( md_info == NULL || ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL ) + return( MBEDTLS_ERR_MD_ALLOC_FAILED ); + + if( hmac != 0 ) + { + ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size ); + if( ctx->hmac_ctx == NULL ) + { + md_info->ctx_free_func( ctx->md_ctx ); + return( MBEDTLS_ERR_MD_ALLOC_FAILED ); + } + } + + ctx->md_info = md_info; return( 0 ); } -#endif -int md_starts( md_context_t *ctx ) +int mbedtls_md_starts( mbedtls_md_context_t *ctx ) { if( ctx == NULL || ctx->md_info == NULL ) - return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); ctx->md_info->starts_func( ctx->md_ctx ); return( 0 ); } -int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen ) +int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) { if( ctx == NULL || ctx->md_info == NULL ) - return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); ctx->md_info->update_func( ctx->md_ctx, input, ilen ); return( 0 ); } -int md_finish( md_context_t *ctx, unsigned char *output ) +int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) { if( ctx == NULL || ctx->md_info == NULL ) - return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); ctx->md_info->finish_func( ctx->md_ctx, output ); return( 0 ); } -int md( const md_info_t *md_info, const unsigned char *input, size_t ilen, +int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output ) { if( md_info == NULL ) - return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); md_info->digest_func( input, ilen, output ); return( 0 ); } -int md_file( const md_info_t *md_info, const char *path, unsigned char *output ) +#if defined(MBEDTLS_FS_IO) +int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output ) { -#if defined(POLARSSL_FS_IO) int ret; -#endif + FILE *f; + size_t n; + mbedtls_md_context_t ctx; + unsigned char buf[1024]; if( md_info == NULL ) - return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); -#if defined(POLARSSL_FS_IO) - ret = md_info->file_func( path, output ); - if( ret != 0 ) - return( POLARSSL_ERR_MD_FILE_IO_ERROR + ret ); + if( ( f = fopen( path, "rb" ) ) == NULL ) + return( MBEDTLS_ERR_MD_FILE_IO_ERROR ); - return( ret ); -#else - ((void) path); - ((void) output); + mbedtls_md_init( &ctx ); + + if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 ) + goto cleanup; - return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_FS_IO */ + md_info->starts_func( ctx.md_ctx ); + + while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) + md_info->update_func( ctx.md_ctx, buf, n ); + + if( ferror( f ) != 0 ) + { + ret = MBEDTLS_ERR_MD_FILE_IO_ERROR; + goto cleanup; + } + + md_info->finish_func( ctx.md_ctx, output ); + +cleanup: + fclose( f ); + mbedtls_md_free( &ctx ); + + return( ret ); } +#endif /* MBEDTLS_FS_IO */ -int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen ) +int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen ) { - if( ctx == NULL || ctx->md_info == NULL ) - return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); + unsigned char sum[MBEDTLS_MD_MAX_SIZE]; + unsigned char *ipad, *opad; + size_t i; + + if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - ctx->md_info->hmac_starts_func( ctx->md_ctx, key, keylen ); + if( keylen > (size_t) ctx->md_info->block_size ) + { + ctx->md_info->starts_func( ctx->md_ctx ); + ctx->md_info->update_func( ctx->md_ctx, key, keylen ); + ctx->md_info->finish_func( ctx->md_ctx, sum ); + + keylen = ctx->md_info->size; + key = sum; + } + + ipad = (unsigned char *) ctx->hmac_ctx; + opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; + + memset( ipad, 0x36, ctx->md_info->block_size ); + memset( opad, 0x5C, ctx->md_info->block_size ); + + for( i = 0; i < keylen; i++ ) + { + ipad[i] = (unsigned char)( ipad[i] ^ key[i] ); + opad[i] = (unsigned char)( opad[i] ^ key[i] ); + } + + mbedtls_zeroize( sum, sizeof( sum ) ); + + ctx->md_info->starts_func( ctx->md_ctx ); + ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size ); return( 0 ); } -int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen ) +int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) { - if( ctx == NULL || ctx->md_info == NULL ) - return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); + if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - ctx->md_info->hmac_update_func( ctx->md_ctx, input, ilen ); + ctx->md_info->update_func( ctx->md_ctx, input, ilen ); return( 0 ); } -int md_hmac_finish( md_context_t *ctx, unsigned char *output ) +int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) { - if( ctx == NULL || ctx->md_info == NULL ) - return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); + unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; + unsigned char *opad; - ctx->md_info->hmac_finish_func( ctx->md_ctx, output ); + if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; + + ctx->md_info->finish_func( ctx->md_ctx, tmp ); + ctx->md_info->starts_func( ctx->md_ctx ); + ctx->md_info->update_func( ctx->md_ctx, opad, ctx->md_info->block_size ); + ctx->md_info->update_func( ctx->md_ctx, tmp, ctx->md_info->size ); + ctx->md_info->finish_func( ctx->md_ctx, output ); return( 0 ); } -int md_hmac_reset( md_context_t *ctx ) +int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) { - if( ctx == NULL || ctx->md_info == NULL ) - return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); + unsigned char *ipad; + + if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - ctx->md_info->hmac_reset_func( ctx->md_ctx ); + ipad = (unsigned char *) ctx->hmac_ctx; + + ctx->md_info->starts_func( ctx->md_ctx ); + ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size ); return( 0 ); } -int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen, +int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char *output ) { + mbedtls_md_context_t ctx; + int ret; + if( md_info == NULL ) - return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + + mbedtls_md_init( &ctx ); - md_info->hmac_func( key, keylen, input, ilen, output ); + if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 ) + return( ret ); + + mbedtls_md_hmac_starts( &ctx, key, keylen ); + mbedtls_md_hmac_update( &ctx, input, ilen ); + mbedtls_md_hmac_finish( &ctx, output ); + + mbedtls_md_free( &ctx ); return( 0 ); } -int md_process( md_context_t *ctx, const unsigned char *data ) +int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) { if( ctx == NULL || ctx->md_info == NULL ) - return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); ctx->md_info->process_func( ctx->md_ctx, data ); return( 0 ); } -#endif /* POLARSSL_MD_C */ +unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ) +{ + if( md_info == NULL ) + return( 0 ); + + return md_info->size; +} + +mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ) +{ + if( md_info == NULL ) + return( MBEDTLS_MD_NONE ); + + return md_info->type; +} + +const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ) +{ + if( md_info == NULL ) + return( NULL ); + + return md_info->name; +} + +#endif /* MBEDTLS_MD_C */ diff --git a/ext/mbedtls/library/md2.c b/ext/mbedtls/library/md2.c index 17569c0a80..d1fea12738 100644 --- a/ext/mbedtls/library/md2.c +++ b/ext/mbedtls/library/md2.c @@ -26,37 +26,33 @@ * http://www.ietf.org/rfc/rfc1319.txt */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_MD2_C) +#if defined(MBEDTLS_MD2_C) -#include "polarssl/md2.h" +#include "mbedtls/md2.h" #include -#if defined(POLARSSL_FS_IO) -#include -#endif - -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -#if !defined(POLARSSL_MD2_ALT) +#if !defined(MBEDTLS_MD2_ALT) static const unsigned char PI_SUBST[256] = { @@ -88,23 +84,29 @@ static const unsigned char PI_SUBST[256] = 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14 }; -void md2_init( md2_context *ctx ) +void mbedtls_md2_init( mbedtls_md2_context *ctx ) { - memset( ctx, 0, sizeof( md2_context ) ); + memset( ctx, 0, sizeof( mbedtls_md2_context ) ); } -void md2_free( md2_context *ctx ) +void mbedtls_md2_free( mbedtls_md2_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( md2_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_md2_context ) ); +} + +void mbedtls_md2_clone( mbedtls_md2_context *dst, + const mbedtls_md2_context *src ) +{ + *dst = *src; } /* * MD2 context setup */ -void md2_starts( md2_context *ctx ) +void mbedtls_md2_starts( mbedtls_md2_context *ctx ) { memset( ctx->cksum, 0, 16 ); memset( ctx->state, 0, 46 ); @@ -112,7 +114,8 @@ void md2_starts( md2_context *ctx ) ctx->left = 0; } -void md2_process( md2_context *ctx ) +#if !defined(MBEDTLS_MD2_PROCESS_ALT) +void mbedtls_md2_process( mbedtls_md2_context *ctx ) { int i, j; unsigned char t = 0; @@ -145,11 +148,12 @@ void md2_process( md2_context *ctx ) t = ctx->cksum[i]; } } +#endif /* !MBEDTLS_MD2_PROCESS_ALT */ /* * MD2 process buffer */ -void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen ) +void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, size_t ilen ) { size_t fill; @@ -169,7 +173,7 @@ void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen ) if( ctx->left == 16 ) { ctx->left = 0; - md2_process( ctx ); + mbedtls_md2_process( ctx ); } } } @@ -177,7 +181,7 @@ void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen ) /* * MD2 final digest */ -void md2_finish( md2_context *ctx, unsigned char output[16] ) +void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] ) { size_t i; unsigned char x; @@ -187,146 +191,31 @@ void md2_finish( md2_context *ctx, unsigned char output[16] ) for( i = ctx->left; i < 16; i++ ) ctx->buffer[i] = x; - md2_process( ctx ); + mbedtls_md2_process( ctx ); memcpy( ctx->buffer, ctx->cksum, 16 ); - md2_process( ctx ); + mbedtls_md2_process( ctx ); memcpy( output, ctx->state, 16 ); } -#endif /* !POLARSSL_MD2_ALT */ +#endif /* !MBEDTLS_MD2_ALT */ /* * output = MD2( input buffer ) */ -void md2( const unsigned char *input, size_t ilen, unsigned char output[16] ) -{ - md2_context ctx; - - md2_init( &ctx ); - md2_starts( &ctx ); - md2_update( &ctx, input, ilen ); - md2_finish( &ctx, output ); - md2_free( &ctx ); -} - -#if defined(POLARSSL_FS_IO) -/* - * output = MD2( file contents ) - */ -int md2_file( const char *path, unsigned char output[16] ) -{ - FILE *f; - size_t n; - md2_context ctx; - unsigned char buf[1024]; - - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( POLARSSL_ERR_MD2_FILE_IO_ERROR ); - - md2_init( &ctx ); - md2_starts( &ctx ); - - while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - md2_update( &ctx, buf, n ); - - md2_finish( &ctx, output ); - md2_free( &ctx ); - - if( ferror( f ) != 0 ) - { - fclose( f ); - return( POLARSSL_ERR_MD2_FILE_IO_ERROR ); - } - - fclose( f ); - return( 0 ); -} -#endif /* POLARSSL_FS_IO */ - -/* - * MD2 HMAC context setup - */ -void md2_hmac_starts( md2_context *ctx, const unsigned char *key, - size_t keylen ) -{ - size_t i; - unsigned char sum[16]; - - if( keylen > 16 ) - { - md2( key, keylen, sum ); - keylen = 16; - key = sum; - } - - memset( ctx->ipad, 0x36, 16 ); - memset( ctx->opad, 0x5C, 16 ); - - for( i = 0; i < keylen; i++ ) - { - ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); - ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); - } - - md2_starts( ctx ); - md2_update( ctx, ctx->ipad, 16 ); - - polarssl_zeroize( sum, sizeof( sum ) ); -} - -/* - * MD2 HMAC process buffer - */ -void md2_hmac_update( md2_context *ctx, const unsigned char *input, - size_t ilen ) -{ - md2_update( ctx, input, ilen ); -} - -/* - * MD2 HMAC final digest - */ -void md2_hmac_finish( md2_context *ctx, unsigned char output[16] ) -{ - unsigned char tmpbuf[16]; - - md2_finish( ctx, tmpbuf ); - md2_starts( ctx ); - md2_update( ctx, ctx->opad, 16 ); - md2_update( ctx, tmpbuf, 16 ); - md2_finish( ctx, output ); - - polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) ); -} - -/* - * MD2 HMAC context reset - */ -void md2_hmac_reset( md2_context *ctx ) -{ - md2_starts( ctx ); - md2_update( ctx, ctx->ipad, 16 ); -} - -/* - * output = HMAC-MD2( hmac key, input buffer ) - */ -void md2_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[16] ) +void mbedtls_md2( const unsigned char *input, size_t ilen, unsigned char output[16] ) { - md2_context ctx; + mbedtls_md2_context ctx; - md2_init( &ctx ); - md2_hmac_starts( &ctx, key, keylen ); - md2_hmac_update( &ctx, input, ilen ); - md2_hmac_finish( &ctx, output ); - md2_free( &ctx ); + mbedtls_md2_init( &ctx ); + mbedtls_md2_starts( &ctx ); + mbedtls_md2_update( &ctx, input, ilen ); + mbedtls_md2_finish( &ctx, output ); + mbedtls_md2_free( &ctx ); } -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * RFC 1319 test vectors @@ -364,7 +253,7 @@ static const unsigned char md2_test_sum[7][16] = /* * Checkup routine */ -int md2_self_test( int verbose ) +int mbedtls_md2_self_test( int verbose ) { int i; unsigned char md2sum[16]; @@ -372,29 +261,29 @@ int md2_self_test( int verbose ) for( i = 0; i < 7; i++ ) { if( verbose != 0 ) - polarssl_printf( " MD2 test #%d: ", i + 1 ); + mbedtls_printf( " MD2 test #%d: ", i + 1 ); - md2( (unsigned char *) md2_test_str[i], + mbedtls_md2( (unsigned char *) md2_test_str[i], strlen( md2_test_str[i] ), md2sum ); if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); return( 0 ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_MD2_C */ +#endif /* MBEDTLS_MD2_C */ diff --git a/ext/mbedtls/library/md4.c b/ext/mbedtls/library/md4.c index d33cc520a8..b71d2c9398 100644 --- a/ext/mbedtls/library/md4.c +++ b/ext/mbedtls/library/md4.c @@ -26,37 +26,33 @@ * http://www.ietf.org/rfc/rfc1320.txt */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_MD4_C) +#if defined(MBEDTLS_MD4_C) -#include "polarssl/md4.h" +#include "mbedtls/md4.h" #include -#if defined(POLARSSL_FS_IO) -#include -#endif - -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -#if !defined(POLARSSL_MD4_ALT) +#if !defined(MBEDTLS_MD4_ALT) /* * 32-bit integer manipulation macros (little endian) @@ -81,23 +77,29 @@ static void polarssl_zeroize( void *v, size_t n ) { } #endif -void md4_init( md4_context *ctx ) +void mbedtls_md4_init( mbedtls_md4_context *ctx ) { - memset( ctx, 0, sizeof( md4_context ) ); + memset( ctx, 0, sizeof( mbedtls_md4_context ) ); } -void md4_free( md4_context *ctx ) +void mbedtls_md4_free( mbedtls_md4_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( md4_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_md4_context ) ); +} + +void mbedtls_md4_clone( mbedtls_md4_context *dst, + const mbedtls_md4_context *src ) +{ + *dst = *src; } /* * MD4 context setup */ -void md4_starts( md4_context *ctx ) +void mbedtls_md4_starts( mbedtls_md4_context *ctx ) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -108,7 +110,8 @@ void md4_starts( md4_context *ctx ) ctx->state[3] = 0x10325476; } -void md4_process( md4_context *ctx, const unsigned char data[64] ) +#if !defined(MBEDTLS_MD4_PROCESS_ALT) +void mbedtls_md4_process( mbedtls_md4_context *ctx, const unsigned char data[64] ) { uint32_t X[16], A, B, C, D; @@ -210,11 +213,12 @@ void md4_process( md4_context *ctx, const unsigned char data[64] ) ctx->state[2] += C; ctx->state[3] += D; } +#endif /* !MBEDTLS_MD4_PROCESS_ALT */ /* * MD4 process buffer */ -void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen ) +void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, size_t ilen ) { size_t fill; uint32_t left; @@ -235,7 +239,7 @@ void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen ) { memcpy( (void *) (ctx->buffer + left), (void *) input, fill ); - md4_process( ctx, ctx->buffer ); + mbedtls_md4_process( ctx, ctx->buffer ); input += fill; ilen -= fill; left = 0; @@ -243,7 +247,7 @@ void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen ) while( ilen >= 64 ) { - md4_process( ctx, input ); + mbedtls_md4_process( ctx, input ); input += 64; ilen -= 64; } @@ -266,7 +270,7 @@ static const unsigned char md4_padding[64] = /* * MD4 final digest */ -void md4_finish( md4_context *ctx, unsigned char output[16] ) +void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] ) { uint32_t last, padn; uint32_t high, low; @@ -282,8 +286,8 @@ void md4_finish( md4_context *ctx, unsigned char output[16] ) last = ctx->total[0] & 0x3F; padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - md4_update( ctx, (unsigned char *) md4_padding, padn ); - md4_update( ctx, msglen, 8 ); + mbedtls_md4_update( ctx, (unsigned char *) md4_padding, padn ); + mbedtls_md4_update( ctx, msglen, 8 ); PUT_UINT32_LE( ctx->state[0], output, 0 ); PUT_UINT32_LE( ctx->state[1], output, 4 ); @@ -291,138 +295,23 @@ void md4_finish( md4_context *ctx, unsigned char output[16] ) PUT_UINT32_LE( ctx->state[3], output, 12 ); } -#endif /* !POLARSSL_MD4_ALT */ +#endif /* !MBEDTLS_MD4_ALT */ /* * output = MD4( input buffer ) */ -void md4( const unsigned char *input, size_t ilen, unsigned char output[16] ) -{ - md4_context ctx; - - md4_init( &ctx ); - md4_starts( &ctx ); - md4_update( &ctx, input, ilen ); - md4_finish( &ctx, output ); - md4_free( &ctx ); -} - -#if defined(POLARSSL_FS_IO) -/* - * output = MD4( file contents ) - */ -int md4_file( const char *path, unsigned char output[16] ) -{ - FILE *f; - size_t n; - md4_context ctx; - unsigned char buf[1024]; - - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( POLARSSL_ERR_MD4_FILE_IO_ERROR ); - - md4_init( &ctx ); - md4_starts( &ctx ); - - while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - md4_update( &ctx, buf, n ); - - md4_finish( &ctx, output ); - md4_free( &ctx ); - - if( ferror( f ) != 0 ) - { - fclose( f ); - return( POLARSSL_ERR_MD4_FILE_IO_ERROR ); - } - - fclose( f ); - return( 0 ); -} -#endif /* POLARSSL_FS_IO */ - -/* - * MD4 HMAC context setup - */ -void md4_hmac_starts( md4_context *ctx, const unsigned char *key, - size_t keylen ) -{ - size_t i; - unsigned char sum[16]; - - if( keylen > 64 ) - { - md4( key, keylen, sum ); - keylen = 16; - key = sum; - } - - memset( ctx->ipad, 0x36, 64 ); - memset( ctx->opad, 0x5C, 64 ); - - for( i = 0; i < keylen; i++ ) - { - ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); - ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); - } - - md4_starts( ctx ); - md4_update( ctx, ctx->ipad, 64 ); - - polarssl_zeroize( sum, sizeof( sum ) ); -} - -/* - * MD4 HMAC process buffer - */ -void md4_hmac_update( md4_context *ctx, const unsigned char *input, - size_t ilen ) -{ - md4_update( ctx, input, ilen ); -} - -/* - * MD4 HMAC final digest - */ -void md4_hmac_finish( md4_context *ctx, unsigned char output[16] ) -{ - unsigned char tmpbuf[16]; - - md4_finish( ctx, tmpbuf ); - md4_starts( ctx ); - md4_update( ctx, ctx->opad, 64 ); - md4_update( ctx, tmpbuf, 16 ); - md4_finish( ctx, output ); - - polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) ); -} - -/* - * MD4 HMAC context reset - */ -void md4_hmac_reset( md4_context *ctx ) -{ - md4_starts( ctx ); - md4_update( ctx, ctx->ipad, 64 ); -} - -/* - * output = HMAC-MD4( hmac key, input buffer ) - */ -void md4_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[16] ) +void mbedtls_md4( const unsigned char *input, size_t ilen, unsigned char output[16] ) { - md4_context ctx; + mbedtls_md4_context ctx; - md4_init( &ctx ); - md4_hmac_starts( &ctx, key, keylen ); - md4_hmac_update( &ctx, input, ilen ); - md4_hmac_finish( &ctx, output ); - md4_free( &ctx ); + mbedtls_md4_init( &ctx ); + mbedtls_md4_starts( &ctx ); + mbedtls_md4_update( &ctx, input, ilen ); + mbedtls_md4_finish( &ctx, output ); + mbedtls_md4_free( &ctx ); } -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * RFC 1320 test vectors @@ -460,7 +349,7 @@ static const unsigned char md4_test_sum[7][16] = /* * Checkup routine */ -int md4_self_test( int verbose ) +int mbedtls_md4_self_test( int verbose ) { int i; unsigned char md4sum[16]; @@ -468,29 +357,29 @@ int md4_self_test( int verbose ) for( i = 0; i < 7; i++ ) { if( verbose != 0 ) - polarssl_printf( " MD4 test #%d: ", i + 1 ); + mbedtls_printf( " MD4 test #%d: ", i + 1 ); - md4( (unsigned char *) md4_test_str[i], + mbedtls_md4( (unsigned char *) md4_test_str[i], strlen( md4_test_str[i] ), md4sum ); if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); return( 0 ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_MD4_C */ +#endif /* MBEDTLS_MD4_C */ diff --git a/ext/mbedtls/library/md5.c b/ext/mbedtls/library/md5.c index 49f0674fb1..7c846bed02 100644 --- a/ext/mbedtls/library/md5.c +++ b/ext/mbedtls/library/md5.c @@ -25,37 +25,33 @@ * http://www.ietf.org/rfc/rfc1321.txt */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_MD5_C) +#if defined(MBEDTLS_MD5_C) -#include "polarssl/md5.h" +#include "mbedtls/md5.h" #include -#if defined(POLARSSL_FS_IO) -#include -#endif - -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -#if !defined(POLARSSL_MD5_ALT) +#if !defined(MBEDTLS_MD5_ALT) /* * 32-bit integer manipulation macros (little endian) @@ -80,23 +76,29 @@ static void polarssl_zeroize( void *v, size_t n ) { } #endif -void md5_init( md5_context *ctx ) +void mbedtls_md5_init( mbedtls_md5_context *ctx ) { - memset( ctx, 0, sizeof( md5_context ) ); + memset( ctx, 0, sizeof( mbedtls_md5_context ) ); } -void md5_free( md5_context *ctx ) +void mbedtls_md5_free( mbedtls_md5_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( md5_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_md5_context ) ); +} + +void mbedtls_md5_clone( mbedtls_md5_context *dst, + const mbedtls_md5_context *src ) +{ + *dst = *src; } /* * MD5 context setup */ -void md5_starts( md5_context *ctx ) +void mbedtls_md5_starts( mbedtls_md5_context *ctx ) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -107,7 +109,8 @@ void md5_starts( md5_context *ctx ) ctx->state[3] = 0x10325476; } -void md5_process( md5_context *ctx, const unsigned char data[64] ) +#if !defined(MBEDTLS_MD5_PROCESS_ALT) +void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64] ) { uint32_t X[16], A, B, C, D; @@ -229,11 +232,12 @@ void md5_process( md5_context *ctx, const unsigned char data[64] ) ctx->state[2] += C; ctx->state[3] += D; } +#endif /* !MBEDTLS_MD5_PROCESS_ALT */ /* * MD5 process buffer */ -void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen ) +void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ) { size_t fill; uint32_t left; @@ -253,7 +257,7 @@ void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen ) if( left && ilen >= fill ) { memcpy( (void *) (ctx->buffer + left), input, fill ); - md5_process( ctx, ctx->buffer ); + mbedtls_md5_process( ctx, ctx->buffer ); input += fill; ilen -= fill; left = 0; @@ -261,7 +265,7 @@ void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen ) while( ilen >= 64 ) { - md5_process( ctx, input ); + mbedtls_md5_process( ctx, input ); input += 64; ilen -= 64; } @@ -283,7 +287,7 @@ static const unsigned char md5_padding[64] = /* * MD5 final digest */ -void md5_finish( md5_context *ctx, unsigned char output[16] ) +void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] ) { uint32_t last, padn; uint32_t high, low; @@ -299,8 +303,8 @@ void md5_finish( md5_context *ctx, unsigned char output[16] ) last = ctx->total[0] & 0x3F; padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - md5_update( ctx, md5_padding, padn ); - md5_update( ctx, msglen, 8 ); + mbedtls_md5_update( ctx, md5_padding, padn ); + mbedtls_md5_update( ctx, msglen, 8 ); PUT_UINT32_LE( ctx->state[0], output, 0 ); PUT_UINT32_LE( ctx->state[1], output, 4 ); @@ -308,138 +312,23 @@ void md5_finish( md5_context *ctx, unsigned char output[16] ) PUT_UINT32_LE( ctx->state[3], output, 12 ); } -#endif /* !POLARSSL_MD5_ALT */ +#endif /* !MBEDTLS_MD5_ALT */ /* * output = MD5( input buffer ) */ -void md5( const unsigned char *input, size_t ilen, unsigned char output[16] ) -{ - md5_context ctx; - - md5_init( &ctx ); - md5_starts( &ctx ); - md5_update( &ctx, input, ilen ); - md5_finish( &ctx, output ); - md5_free( &ctx ); -} - -#if defined(POLARSSL_FS_IO) -/* - * output = MD5( file contents ) - */ -int md5_file( const char *path, unsigned char output[16] ) -{ - FILE *f; - size_t n; - md5_context ctx; - unsigned char buf[1024]; - - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( POLARSSL_ERR_MD5_FILE_IO_ERROR ); - - md5_init( &ctx ); - md5_starts( &ctx ); - - while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - md5_update( &ctx, buf, n ); - - md5_finish( &ctx, output ); - md5_free( &ctx ); - - if( ferror( f ) != 0 ) - { - fclose( f ); - return( POLARSSL_ERR_MD5_FILE_IO_ERROR ); - } - - fclose( f ); - return( 0 ); -} -#endif /* POLARSSL_FS_IO */ - -/* - * MD5 HMAC context setup - */ -void md5_hmac_starts( md5_context *ctx, const unsigned char *key, - size_t keylen ) -{ - size_t i; - unsigned char sum[16]; - - if( keylen > 64 ) - { - md5( key, keylen, sum ); - keylen = 16; - key = sum; - } - - memset( ctx->ipad, 0x36, 64 ); - memset( ctx->opad, 0x5C, 64 ); - - for( i = 0; i < keylen; i++ ) - { - ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); - ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); - } - - md5_starts( ctx ); - md5_update( ctx, ctx->ipad, 64 ); - - polarssl_zeroize( sum, sizeof( sum ) ); -} - -/* - * MD5 HMAC process buffer - */ -void md5_hmac_update( md5_context *ctx, const unsigned char *input, - size_t ilen ) -{ - md5_update( ctx, input, ilen ); -} - -/* - * MD5 HMAC final digest - */ -void md5_hmac_finish( md5_context *ctx, unsigned char output[16] ) +void mbedtls_md5( const unsigned char *input, size_t ilen, unsigned char output[16] ) { - unsigned char tmpbuf[16]; + mbedtls_md5_context ctx; - md5_finish( ctx, tmpbuf ); - md5_starts( ctx ); - md5_update( ctx, ctx->opad, 64 ); - md5_update( ctx, tmpbuf, 16 ); - md5_finish( ctx, output ); - - polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) ); + mbedtls_md5_init( &ctx ); + mbedtls_md5_starts( &ctx ); + mbedtls_md5_update( &ctx, input, ilen ); + mbedtls_md5_finish( &ctx, output ); + mbedtls_md5_free( &ctx ); } -/* - * MD5 HMAC context reset - */ -void md5_hmac_reset( md5_context *ctx ) -{ - md5_starts( ctx ); - md5_update( ctx, ctx->ipad, 64 ); -} - -/* - * output = HMAC-MD5( hmac key, input buffer ) - */ -void md5_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[16] ) -{ - md5_context ctx; - - md5_init( &ctx ); - md5_hmac_starts( &ctx, key, keylen ); - md5_hmac_update( &ctx, input, ilen ); - md5_hmac_finish( &ctx, output ); - md5_free( &ctx ); -} - -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * RFC 1321 test vectors */ @@ -478,140 +367,39 @@ static const unsigned char md5_test_sum[7][16] = 0xAC, 0x49, 0xDA, 0x2E, 0x21, 0x07, 0xB6, 0x7A } }; -/* - * RFC 2202 test vectors - */ -static const unsigned char md5_hmac_test_key[7][26] = -{ - { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" }, - { "Jefe" }, - { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" }, - { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10" - "\x11\x12\x13\x14\x15\x16\x17\x18\x19" }, - { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" }, - { "" }, /* 0xAA 80 times */ - { "" } -}; - -static const int md5_hmac_test_keylen[7] = -{ - 16, 4, 16, 25, 16, 80, 80 -}; - -static const unsigned char md5_hmac_test_buf[7][74] = -{ - { "Hi There" }, - { "what do ya want for nothing?" }, - { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" }, - { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" }, - { "Test With Truncation" }, - { "Test Using Larger Than Block-Size Key - Hash Key First" }, - { "Test Using Larger Than Block-Size Key and Larger" - " Than One Block-Size Data" } -}; - -static const int md5_hmac_test_buflen[7] = -{ - 8, 28, 50, 50, 20, 54, 73 -}; - -static const unsigned char md5_hmac_test_sum[7][16] = -{ - { 0x92, 0x94, 0x72, 0x7A, 0x36, 0x38, 0xBB, 0x1C, - 0x13, 0xF4, 0x8E, 0xF8, 0x15, 0x8B, 0xFC, 0x9D }, - { 0x75, 0x0C, 0x78, 0x3E, 0x6A, 0xB0, 0xB5, 0x03, - 0xEA, 0xA8, 0x6E, 0x31, 0x0A, 0x5D, 0xB7, 0x38 }, - { 0x56, 0xBE, 0x34, 0x52, 0x1D, 0x14, 0x4C, 0x88, - 0xDB, 0xB8, 0xC7, 0x33, 0xF0, 0xE8, 0xB3, 0xF6 }, - { 0x69, 0x7E, 0xAF, 0x0A, 0xCA, 0x3A, 0x3A, 0xEA, - 0x3A, 0x75, 0x16, 0x47, 0x46, 0xFF, 0xAA, 0x79 }, - { 0x56, 0x46, 0x1E, 0xF2, 0x34, 0x2E, 0xDC, 0x00, - 0xF9, 0xBA, 0xB9, 0x95 }, - { 0x6B, 0x1A, 0xB7, 0xFE, 0x4B, 0xD7, 0xBF, 0x8F, - 0x0B, 0x62, 0xE6, 0xCE, 0x61, 0xB9, 0xD0, 0xCD }, - { 0x6F, 0x63, 0x0F, 0xAD, 0x67, 0xCD, 0xA0, 0xEE, - 0x1F, 0xB1, 0xF5, 0x62, 0xDB, 0x3A, 0xA5, 0x3E } -}; - /* * Checkup routine */ -int md5_self_test( int verbose ) +int mbedtls_md5_self_test( int verbose ) { - int i, buflen; - unsigned char buf[1024]; + int i; unsigned char md5sum[16]; - md5_context ctx; for( i = 0; i < 7; i++ ) { if( verbose != 0 ) - polarssl_printf( " MD5 test #%d: ", i + 1 ); + mbedtls_printf( " MD5 test #%d: ", i + 1 ); - md5( md5_test_buf[i], md5_test_buflen[i], md5sum ); + mbedtls_md5( md5_test_buf[i], md5_test_buflen[i], md5sum ); if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); - - return( 1 ); - } - - if( verbose != 0 ) - polarssl_printf( "passed\n" ); - } - - if( verbose != 0 ) - polarssl_printf( "\n" ); - - for( i = 0; i < 7; i++ ) - { - if( verbose != 0 ) - polarssl_printf( " HMAC-MD5 test #%d: ", i + 1 ); - - if( i == 5 || i == 6 ) - { - memset( buf, 0xAA, buflen = 80 ); - md5_hmac_starts( &ctx, buf, buflen ); - } - else - md5_hmac_starts( &ctx, md5_hmac_test_key[i], - md5_hmac_test_keylen[i] ); - - md5_hmac_update( &ctx, md5_hmac_test_buf[i], - md5_hmac_test_buflen[i] ); - - md5_hmac_finish( &ctx, md5sum ); - - buflen = ( i == 4 ) ? 12 : 16; - - if( memcmp( md5sum, md5_hmac_test_sum[i], buflen ) != 0 ) - { - if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); return( 0 ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_MD5_C */ +#endif /* MBEDTLS_MD5_C */ diff --git a/ext/mbedtls/library/md_wrap.c b/ext/mbedtls/library/md_wrap.c index f554333e78..b4a6f69e22 100644 --- a/ext/mbedtls/library/md_wrap.c +++ b/ext/mbedtls/library/md_wrap.c @@ -24,928 +24,553 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_MD_C) +#if defined(MBEDTLS_MD_C) -#include "polarssl/md_wrap.h" +#include "mbedtls/md_internal.h" -#if defined(POLARSSL_MD2_C) -#include "polarssl/md2.h" +#if defined(MBEDTLS_MD2_C) +#include "mbedtls/md2.h" #endif -#if defined(POLARSSL_MD4_C) -#include "polarssl/md4.h" +#if defined(MBEDTLS_MD4_C) +#include "mbedtls/md4.h" #endif -#if defined(POLARSSL_MD5_C) -#include "polarssl/md5.h" +#if defined(MBEDTLS_MD5_C) +#include "mbedtls/md5.h" #endif -#if defined(POLARSSL_RIPEMD160_C) -#include "polarssl/ripemd160.h" +#if defined(MBEDTLS_RIPEMD160_C) +#include "mbedtls/ripemd160.h" #endif -#if defined(POLARSSL_SHA1_C) -#include "polarssl/sha1.h" +#if defined(MBEDTLS_SHA1_C) +#include "mbedtls/sha1.h" #endif -#if defined(POLARSSL_SHA256_C) -#include "polarssl/sha256.h" +#if defined(MBEDTLS_SHA256_C) +#include "mbedtls/sha256.h" #endif -#if defined(POLARSSL_SHA512_C) -#include "polarssl/sha512.h" +#if defined(MBEDTLS_SHA512_C) +#include "mbedtls/sha512.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_calloc calloc +#define mbedtls_free free #endif -/* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { - volatile unsigned char *p = v; while( n-- ) *p++ = 0; -} - -#if defined(POLARSSL_MD2_C) +#if defined(MBEDTLS_MD2_C) static void md2_starts_wrap( void *ctx ) { - md2_starts( (md2_context *) ctx ); + mbedtls_md2_starts( (mbedtls_md2_context *) ctx ); } static void md2_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { - md2_update( (md2_context *) ctx, input, ilen ); + mbedtls_md2_update( (mbedtls_md2_context *) ctx, input, ilen ); } static void md2_finish_wrap( void *ctx, unsigned char *output ) { - md2_finish( (md2_context *) ctx, output ); -} - -static int md2_file_wrap( const char *path, unsigned char *output ) -{ -#if defined(POLARSSL_FS_IO) - return md2_file( path, output ); -#else - ((void) path); - ((void) output); - return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); -#endif -} - -static void md2_hmac_starts_wrap( void *ctx, const unsigned char *key, - size_t keylen ) -{ - md2_hmac_starts( (md2_context *) ctx, key, keylen ); + mbedtls_md2_finish( (mbedtls_md2_context *) ctx, output ); } -static void md2_hmac_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) +static void *md2_ctx_alloc( void ) { - md2_hmac_update( (md2_context *) ctx, input, ilen ); -} + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) ); -static void md2_hmac_finish_wrap( void *ctx, unsigned char *output ) -{ - md2_hmac_finish( (md2_context *) ctx, output ); -} + if( ctx != NULL ) + mbedtls_md2_init( (mbedtls_md2_context *) ctx ); -static void md2_hmac_reset_wrap( void *ctx ) -{ - md2_hmac_reset( (md2_context *) ctx ); + return( ctx ); } -static void * md2_ctx_alloc( void ) +static void md2_ctx_free( void *ctx ) { - return polarssl_malloc( sizeof( md2_context ) ); + mbedtls_md2_free( (mbedtls_md2_context *) ctx ); + mbedtls_free( ctx ); } -static void md2_ctx_free( void *ctx ) +static void md2_clone_wrap( void *dst, const void *src ) { - polarssl_zeroize( ctx, sizeof( md2_context ) ); - polarssl_free( ctx ); + mbedtls_md2_clone( (mbedtls_md2_context *) dst, + (const mbedtls_md2_context *) src ); } static void md2_process_wrap( void *ctx, const unsigned char *data ) { ((void) data); - md2_process( (md2_context *) ctx ); + mbedtls_md2_process( (mbedtls_md2_context *) ctx ); } -const md_info_t md2_info = { - POLARSSL_MD_MD2, +const mbedtls_md_info_t mbedtls_md2_info = { + MBEDTLS_MD_MD2, "MD2", 16, + 16, md2_starts_wrap, md2_update_wrap, md2_finish_wrap, - md2, - md2_file_wrap, - md2_hmac_starts_wrap, - md2_hmac_update_wrap, - md2_hmac_finish_wrap, - md2_hmac_reset_wrap, - md2_hmac, + mbedtls_md2, md2_ctx_alloc, md2_ctx_free, + md2_clone_wrap, md2_process_wrap, }; -#endif /* POLARSSL_MD2_C */ +#endif /* MBEDTLS_MD2_C */ -#if defined(POLARSSL_MD4_C) +#if defined(MBEDTLS_MD4_C) static void md4_starts_wrap( void *ctx ) { - md4_starts( (md4_context *) ctx ); + mbedtls_md4_starts( (mbedtls_md4_context *) ctx ); } static void md4_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { - md4_update( (md4_context *) ctx, input, ilen ); + mbedtls_md4_update( (mbedtls_md4_context *) ctx, input, ilen ); } static void md4_finish_wrap( void *ctx, unsigned char *output ) { - md4_finish( (md4_context *) ctx, output ); -} - -static int md4_file_wrap( const char *path, unsigned char *output ) -{ -#if defined(POLARSSL_FS_IO) - return md4_file( path, output ); -#else - ((void) path); - ((void) output); - return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); -#endif + mbedtls_md4_finish( (mbedtls_md4_context *) ctx, output ); } -static void md4_hmac_starts_wrap( void *ctx, const unsigned char *key, - size_t keylen ) +static void *md4_ctx_alloc( void ) { - md4_hmac_starts( (md4_context *) ctx, key, keylen ); -} + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) ); -static void md4_hmac_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - md4_hmac_update( (md4_context *) ctx, input, ilen ); -} + if( ctx != NULL ) + mbedtls_md4_init( (mbedtls_md4_context *) ctx ); -static void md4_hmac_finish_wrap( void *ctx, unsigned char *output ) -{ - md4_hmac_finish( (md4_context *) ctx, output ); -} - -static void md4_hmac_reset_wrap( void *ctx ) -{ - md4_hmac_reset( (md4_context *) ctx ); + return( ctx ); } -static void *md4_ctx_alloc( void ) +static void md4_ctx_free( void *ctx ) { - return polarssl_malloc( sizeof( md4_context ) ); + mbedtls_md4_free( (mbedtls_md4_context *) ctx ); + mbedtls_free( ctx ); } -static void md4_ctx_free( void *ctx ) +static void md4_clone_wrap( void *dst, const void *src ) { - polarssl_zeroize( ctx, sizeof( md4_context ) ); - polarssl_free( ctx ); + mbedtls_md4_clone( (mbedtls_md4_context *) dst, + (const mbedtls_md4_context *) src ); } static void md4_process_wrap( void *ctx, const unsigned char *data ) { - md4_process( (md4_context *) ctx, data ); + mbedtls_md4_process( (mbedtls_md4_context *) ctx, data ); } -const md_info_t md4_info = { - POLARSSL_MD_MD4, +const mbedtls_md_info_t mbedtls_md4_info = { + MBEDTLS_MD_MD4, "MD4", 16, + 64, md4_starts_wrap, md4_update_wrap, md4_finish_wrap, - md4, - md4_file_wrap, - md4_hmac_starts_wrap, - md4_hmac_update_wrap, - md4_hmac_finish_wrap, - md4_hmac_reset_wrap, - md4_hmac, + mbedtls_md4, md4_ctx_alloc, md4_ctx_free, + md4_clone_wrap, md4_process_wrap, }; -#endif /* POLARSSL_MD4_C */ +#endif /* MBEDTLS_MD4_C */ -#if defined(POLARSSL_MD5_C) +#if defined(MBEDTLS_MD5_C) static void md5_starts_wrap( void *ctx ) { - md5_starts( (md5_context *) ctx ); + mbedtls_md5_starts( (mbedtls_md5_context *) ctx ); } static void md5_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { - md5_update( (md5_context *) ctx, input, ilen ); + mbedtls_md5_update( (mbedtls_md5_context *) ctx, input, ilen ); } static void md5_finish_wrap( void *ctx, unsigned char *output ) { - md5_finish( (md5_context *) ctx, output ); + mbedtls_md5_finish( (mbedtls_md5_context *) ctx, output ); } -static int md5_file_wrap( const char *path, unsigned char *output ) +static void *md5_ctx_alloc( void ) { -#if defined(POLARSSL_FS_IO) - return md5_file( path, output ); -#else - ((void) path); - ((void) output); - return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); -#endif -} + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) ); -static void md5_hmac_starts_wrap( void *ctx, const unsigned char *key, - size_t keylen ) -{ - md5_hmac_starts( (md5_context *) ctx, key, keylen ); -} + if( ctx != NULL ) + mbedtls_md5_init( (mbedtls_md5_context *) ctx ); -static void md5_hmac_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - md5_hmac_update( (md5_context *) ctx, input, ilen ); -} - -static void md5_hmac_finish_wrap( void *ctx, unsigned char *output ) -{ - md5_hmac_finish( (md5_context *) ctx, output ); -} - -static void md5_hmac_reset_wrap( void *ctx ) -{ - md5_hmac_reset( (md5_context *) ctx ); + return( ctx ); } -static void * md5_ctx_alloc( void ) +static void md5_ctx_free( void *ctx ) { - return polarssl_malloc( sizeof( md5_context ) ); + mbedtls_md5_free( (mbedtls_md5_context *) ctx ); + mbedtls_free( ctx ); } -static void md5_ctx_free( void *ctx ) +static void md5_clone_wrap( void *dst, const void *src ) { - polarssl_zeroize( ctx, sizeof( md5_context ) ); - polarssl_free( ctx ); + mbedtls_md5_clone( (mbedtls_md5_context *) dst, + (const mbedtls_md5_context *) src ); } static void md5_process_wrap( void *ctx, const unsigned char *data ) { - md5_process( (md5_context *) ctx, data ); + mbedtls_md5_process( (mbedtls_md5_context *) ctx, data ); } -const md_info_t md5_info = { - POLARSSL_MD_MD5, +const mbedtls_md_info_t mbedtls_md5_info = { + MBEDTLS_MD_MD5, "MD5", 16, + 64, md5_starts_wrap, md5_update_wrap, md5_finish_wrap, - md5, - md5_file_wrap, - md5_hmac_starts_wrap, - md5_hmac_update_wrap, - md5_hmac_finish_wrap, - md5_hmac_reset_wrap, - md5_hmac, + mbedtls_md5, md5_ctx_alloc, md5_ctx_free, + md5_clone_wrap, md5_process_wrap, }; -#endif /* POLARSSL_MD5_C */ +#endif /* MBEDTLS_MD5_C */ -#if defined(POLARSSL_RIPEMD160_C) +#if defined(MBEDTLS_RIPEMD160_C) static void ripemd160_starts_wrap( void *ctx ) { - ripemd160_starts( (ripemd160_context *) ctx ); + mbedtls_ripemd160_starts( (mbedtls_ripemd160_context *) ctx ); } static void ripemd160_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { - ripemd160_update( (ripemd160_context *) ctx, input, ilen ); + mbedtls_ripemd160_update( (mbedtls_ripemd160_context *) ctx, input, ilen ); } static void ripemd160_finish_wrap( void *ctx, unsigned char *output ) { - ripemd160_finish( (ripemd160_context *) ctx, output ); -} - -static int ripemd160_file_wrap( const char *path, unsigned char *output ) -{ -#if defined(POLARSSL_FS_IO) - return ripemd160_file( path, output ); -#else - ((void) path); - ((void) output); - return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); -#endif + mbedtls_ripemd160_finish( (mbedtls_ripemd160_context *) ctx, output ); } -static void ripemd160_hmac_starts_wrap( void *ctx, const unsigned char *key, - size_t keylen ) +static void *ripemd160_ctx_alloc( void ) { - ripemd160_hmac_starts( (ripemd160_context *) ctx, key, keylen ); -} + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) ); -static void ripemd160_hmac_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - ripemd160_hmac_update( (ripemd160_context *) ctx, input, ilen ); -} - -static void ripemd160_hmac_finish_wrap( void *ctx, unsigned char *output ) -{ - ripemd160_hmac_finish( (ripemd160_context *) ctx, output ); -} + if( ctx != NULL ) + mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx ); -static void ripemd160_hmac_reset_wrap( void *ctx ) -{ - ripemd160_hmac_reset( (ripemd160_context *) ctx ); + return( ctx ); } -static void * ripemd160_ctx_alloc( void ) +static void ripemd160_ctx_free( void *ctx ) { - ripemd160_context *ctx; - ctx = polarssl_malloc( sizeof( ripemd160_context ) ); - - if( ctx == NULL ) - return( NULL ); - - ripemd160_init( ctx ); - - return( ctx ); + mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx ); + mbedtls_free( ctx ); } -static void ripemd160_ctx_free( void *ctx ) +static void ripemd160_clone_wrap( void *dst, const void *src ) { - ripemd160_free( (ripemd160_context *) ctx ); - polarssl_free( ctx ); + mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst, + (const mbedtls_ripemd160_context *) src ); } static void ripemd160_process_wrap( void *ctx, const unsigned char *data ) { - ripemd160_process( (ripemd160_context *) ctx, data ); + mbedtls_ripemd160_process( (mbedtls_ripemd160_context *) ctx, data ); } -const md_info_t ripemd160_info = { - POLARSSL_MD_RIPEMD160, +const mbedtls_md_info_t mbedtls_ripemd160_info = { + MBEDTLS_MD_RIPEMD160, "RIPEMD160", 20, + 64, ripemd160_starts_wrap, ripemd160_update_wrap, ripemd160_finish_wrap, - ripemd160, - ripemd160_file_wrap, - ripemd160_hmac_starts_wrap, - ripemd160_hmac_update_wrap, - ripemd160_hmac_finish_wrap, - ripemd160_hmac_reset_wrap, - ripemd160_hmac, + mbedtls_ripemd160, ripemd160_ctx_alloc, ripemd160_ctx_free, + ripemd160_clone_wrap, ripemd160_process_wrap, }; -#endif /* POLARSSL_RIPEMD160_C */ +#endif /* MBEDTLS_RIPEMD160_C */ -#if defined(POLARSSL_SHA1_C) +#if defined(MBEDTLS_SHA1_C) static void sha1_starts_wrap( void *ctx ) { - sha1_starts( (sha1_context *) ctx ); + mbedtls_sha1_starts( (mbedtls_sha1_context *) ctx ); } static void sha1_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { - sha1_update( (sha1_context *) ctx, input, ilen ); + mbedtls_sha1_update( (mbedtls_sha1_context *) ctx, input, ilen ); } static void sha1_finish_wrap( void *ctx, unsigned char *output ) { - sha1_finish( (sha1_context *) ctx, output ); -} - -static int sha1_file_wrap( const char *path, unsigned char *output ) -{ -#if defined(POLARSSL_FS_IO) - return sha1_file( path, output ); -#else - ((void) path); - ((void) output); - return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); -#endif + mbedtls_sha1_finish( (mbedtls_sha1_context *) ctx, output ); } -static void sha1_hmac_starts_wrap( void *ctx, const unsigned char *key, - size_t keylen ) +static void *sha1_ctx_alloc( void ) { - sha1_hmac_starts( (sha1_context *) ctx, key, keylen ); -} + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) ); -static void sha1_hmac_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - sha1_hmac_update( (sha1_context *) ctx, input, ilen ); -} + if( ctx != NULL ) + mbedtls_sha1_init( (mbedtls_sha1_context *) ctx ); -static void sha1_hmac_finish_wrap( void *ctx, unsigned char *output ) -{ - sha1_hmac_finish( (sha1_context *) ctx, output ); -} - -static void sha1_hmac_reset_wrap( void *ctx ) -{ - sha1_hmac_reset( (sha1_context *) ctx ); + return( ctx ); } -static void * sha1_ctx_alloc( void ) +static void sha1_clone_wrap( void *dst, const void *src ) { - sha1_context *ctx; - ctx = polarssl_malloc( sizeof( sha1_context ) ); - - if( ctx == NULL ) - return( NULL ); - - sha1_init( ctx ); - - return( ctx ); + mbedtls_sha1_clone( (mbedtls_sha1_context *) dst, + (const mbedtls_sha1_context *) src ); } static void sha1_ctx_free( void *ctx ) { - sha1_free( (sha1_context *) ctx ); - polarssl_free( ctx ); + mbedtls_sha1_free( (mbedtls_sha1_context *) ctx ); + mbedtls_free( ctx ); } static void sha1_process_wrap( void *ctx, const unsigned char *data ) { - sha1_process( (sha1_context *) ctx, data ); + mbedtls_sha1_process( (mbedtls_sha1_context *) ctx, data ); } -const md_info_t sha1_info = { - POLARSSL_MD_SHA1, +const mbedtls_md_info_t mbedtls_sha1_info = { + MBEDTLS_MD_SHA1, "SHA1", 20, + 64, sha1_starts_wrap, sha1_update_wrap, sha1_finish_wrap, - sha1, - sha1_file_wrap, - sha1_hmac_starts_wrap, - sha1_hmac_update_wrap, - sha1_hmac_finish_wrap, - sha1_hmac_reset_wrap, - sha1_hmac, + mbedtls_sha1, sha1_ctx_alloc, sha1_ctx_free, + sha1_clone_wrap, sha1_process_wrap, }; -#endif /* POLARSSL_SHA1_C */ +#endif /* MBEDTLS_SHA1_C */ /* * Wrappers for generic message digests */ -#if defined(POLARSSL_SHA256_C) +#if defined(MBEDTLS_SHA256_C) static void sha224_starts_wrap( void *ctx ) { - sha256_starts( (sha256_context *) ctx, 1 ); + mbedtls_sha256_starts( (mbedtls_sha256_context *) ctx, 1 ); } static void sha224_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { - sha256_update( (sha256_context *) ctx, input, ilen ); + mbedtls_sha256_update( (mbedtls_sha256_context *) ctx, input, ilen ); } static void sha224_finish_wrap( void *ctx, unsigned char *output ) { - sha256_finish( (sha256_context *) ctx, output ); + mbedtls_sha256_finish( (mbedtls_sha256_context *) ctx, output ); } static void sha224_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { - sha256( input, ilen, output, 1 ); + mbedtls_sha256( input, ilen, output, 1 ); } -static int sha224_file_wrap( const char *path, unsigned char *output ) +static void *sha224_ctx_alloc( void ) { -#if defined(POLARSSL_FS_IO) - return sha256_file( path, output, 1 ); -#else - ((void) path); - ((void) output); - return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); -#endif -} + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) ); -static void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, - size_t keylen ) -{ - sha256_hmac_starts( (sha256_context *) ctx, key, keylen, 1 ); -} + if( ctx != NULL ) + mbedtls_sha256_init( (mbedtls_sha256_context *) ctx ); -static void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - sha256_hmac_update( (sha256_context *) ctx, input, ilen ); -} - -static void sha224_hmac_finish_wrap( void *ctx, unsigned char *output ) -{ - sha256_hmac_finish( (sha256_context *) ctx, output ); -} - -static void sha224_hmac_reset_wrap( void *ctx ) -{ - sha256_hmac_reset( (sha256_context *) ctx ); -} - -static void sha224_hmac_wrap( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - sha256_hmac( key, keylen, input, ilen, output, 1 ); + return( ctx ); } -static void * sha224_ctx_alloc( void ) +static void sha224_ctx_free( void *ctx ) { - return polarssl_malloc( sizeof( sha256_context ) ); + mbedtls_sha256_free( (mbedtls_sha256_context *) ctx ); + mbedtls_free( ctx ); } -static void sha224_ctx_free( void *ctx ) +static void sha224_clone_wrap( void *dst, const void *src ) { - polarssl_zeroize( ctx, sizeof( sha256_context ) ); - polarssl_free( ctx ); + mbedtls_sha256_clone( (mbedtls_sha256_context *) dst, + (const mbedtls_sha256_context *) src ); } static void sha224_process_wrap( void *ctx, const unsigned char *data ) { - sha256_process( (sha256_context *) ctx, data ); + mbedtls_sha256_process( (mbedtls_sha256_context *) ctx, data ); } -const md_info_t sha224_info = { - POLARSSL_MD_SHA224, +const mbedtls_md_info_t mbedtls_sha224_info = { + MBEDTLS_MD_SHA224, "SHA224", 28, + 64, sha224_starts_wrap, sha224_update_wrap, sha224_finish_wrap, sha224_wrap, - sha224_file_wrap, - sha224_hmac_starts_wrap, - sha224_hmac_update_wrap, - sha224_hmac_finish_wrap, - sha224_hmac_reset_wrap, - sha224_hmac_wrap, sha224_ctx_alloc, sha224_ctx_free, + sha224_clone_wrap, sha224_process_wrap, }; static void sha256_starts_wrap( void *ctx ) { - sha256_starts( (sha256_context *) ctx, 0 ); -} - -static void sha256_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - sha256_update( (sha256_context *) ctx, input, ilen ); -} - -static void sha256_finish_wrap( void *ctx, unsigned char *output ) -{ - sha256_finish( (sha256_context *) ctx, output ); + mbedtls_sha256_starts( (mbedtls_sha256_context *) ctx, 0 ); } static void sha256_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { - sha256( input, ilen, output, 0 ); -} - -static int sha256_file_wrap( const char *path, unsigned char *output ) -{ -#if defined(POLARSSL_FS_IO) - return sha256_file( path, output, 0 ); -#else - ((void) path); - ((void) output); - return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); -#endif -} - -static void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, - size_t keylen ) -{ - sha256_hmac_starts( (sha256_context *) ctx, key, keylen, 0 ); -} - -static void sha256_hmac_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - sha256_hmac_update( (sha256_context *) ctx, input, ilen ); -} - -static void sha256_hmac_finish_wrap( void *ctx, unsigned char *output ) -{ - sha256_hmac_finish( (sha256_context *) ctx, output ); + mbedtls_sha256( input, ilen, output, 0 ); } -static void sha256_hmac_reset_wrap( void *ctx ) -{ - sha256_hmac_reset( (sha256_context *) ctx ); -} - -static void sha256_hmac_wrap( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - sha256_hmac( key, keylen, input, ilen, output, 0 ); -} - -static void * sha256_ctx_alloc( void ) -{ - sha256_context *ctx; - ctx = polarssl_malloc( sizeof( sha256_context ) ); - - if( ctx == NULL ) - return( NULL ); - - sha256_init( ctx ); - - return( ctx ); -} - -static void sha256_ctx_free( void *ctx ) -{ - sha256_free( (sha256_context *) ctx ); - polarssl_free( ctx ); -} - -static void sha256_process_wrap( void *ctx, const unsigned char *data ) -{ - sha256_process( (sha256_context *) ctx, data ); -} - -const md_info_t sha256_info = { - POLARSSL_MD_SHA256, +const mbedtls_md_info_t mbedtls_sha256_info = { + MBEDTLS_MD_SHA256, "SHA256", 32, + 64, sha256_starts_wrap, - sha256_update_wrap, - sha256_finish_wrap, + sha224_update_wrap, + sha224_finish_wrap, sha256_wrap, - sha256_file_wrap, - sha256_hmac_starts_wrap, - sha256_hmac_update_wrap, - sha256_hmac_finish_wrap, - sha256_hmac_reset_wrap, - sha256_hmac_wrap, - sha256_ctx_alloc, - sha256_ctx_free, - sha256_process_wrap, + sha224_ctx_alloc, + sha224_ctx_free, + sha224_clone_wrap, + sha224_process_wrap, }; -#endif /* POLARSSL_SHA256_C */ +#endif /* MBEDTLS_SHA256_C */ -#if defined(POLARSSL_SHA512_C) +#if defined(MBEDTLS_SHA512_C) static void sha384_starts_wrap( void *ctx ) { - sha512_starts( (sha512_context *) ctx, 1 ); + mbedtls_sha512_starts( (mbedtls_sha512_context *) ctx, 1 ); } static void sha384_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) { - sha512_update( (sha512_context *) ctx, input, ilen ); + mbedtls_sha512_update( (mbedtls_sha512_context *) ctx, input, ilen ); } static void sha384_finish_wrap( void *ctx, unsigned char *output ) { - sha512_finish( (sha512_context *) ctx, output ); + mbedtls_sha512_finish( (mbedtls_sha512_context *) ctx, output ); } static void sha384_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { - sha512( input, ilen, output, 1 ); + mbedtls_sha512( input, ilen, output, 1 ); } -static int sha384_file_wrap( const char *path, unsigned char *output ) +static void *sha384_ctx_alloc( void ) { -#if defined(POLARSSL_FS_IO) - return sha512_file( path, output, 1 ); -#else - ((void) path); - ((void) output); - return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); -#endif -} + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) ); -static void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, - size_t keylen ) -{ - sha512_hmac_starts( (sha512_context *) ctx, key, keylen, 1 ); -} - -static void sha384_hmac_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - sha512_hmac_update( (sha512_context *) ctx, input, ilen ); -} + if( ctx != NULL ) + mbedtls_sha512_init( (mbedtls_sha512_context *) ctx ); -static void sha384_hmac_finish_wrap( void *ctx, unsigned char *output ) -{ - sha512_hmac_finish( (sha512_context *) ctx, output ); -} - -static void sha384_hmac_reset_wrap( void *ctx ) -{ - sha512_hmac_reset( (sha512_context *) ctx ); -} - -static void sha384_hmac_wrap( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - sha512_hmac( key, keylen, input, ilen, output, 1 ); + return( ctx ); } -static void * sha384_ctx_alloc( void ) +static void sha384_ctx_free( void *ctx ) { - return polarssl_malloc( sizeof( sha512_context ) ); + mbedtls_sha512_free( (mbedtls_sha512_context *) ctx ); + mbedtls_free( ctx ); } -static void sha384_ctx_free( void *ctx ) +static void sha384_clone_wrap( void *dst, const void *src ) { - polarssl_zeroize( ctx, sizeof( sha512_context ) ); - polarssl_free( ctx ); + mbedtls_sha512_clone( (mbedtls_sha512_context *) dst, + (const mbedtls_sha512_context *) src ); } static void sha384_process_wrap( void *ctx, const unsigned char *data ) { - sha512_process( (sha512_context *) ctx, data ); + mbedtls_sha512_process( (mbedtls_sha512_context *) ctx, data ); } -const md_info_t sha384_info = { - POLARSSL_MD_SHA384, +const mbedtls_md_info_t mbedtls_sha384_info = { + MBEDTLS_MD_SHA384, "SHA384", 48, + 128, sha384_starts_wrap, sha384_update_wrap, sha384_finish_wrap, sha384_wrap, - sha384_file_wrap, - sha384_hmac_starts_wrap, - sha384_hmac_update_wrap, - sha384_hmac_finish_wrap, - sha384_hmac_reset_wrap, - sha384_hmac_wrap, sha384_ctx_alloc, sha384_ctx_free, + sha384_clone_wrap, sha384_process_wrap, }; static void sha512_starts_wrap( void *ctx ) { - sha512_starts( (sha512_context *) ctx, 0 ); -} - -static void sha512_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - sha512_update( (sha512_context *) ctx, input, ilen ); -} - -static void sha512_finish_wrap( void *ctx, unsigned char *output ) -{ - sha512_finish( (sha512_context *) ctx, output ); + mbedtls_sha512_starts( (mbedtls_sha512_context *) ctx, 0 ); } static void sha512_wrap( const unsigned char *input, size_t ilen, unsigned char *output ) { - sha512( input, ilen, output, 0 ); -} - -static int sha512_file_wrap( const char *path, unsigned char *output ) -{ -#if defined(POLARSSL_FS_IO) - return sha512_file( path, output, 0 ); -#else - ((void) path); - ((void) output); - return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); -#endif -} - -static void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, - size_t keylen ) -{ - sha512_hmac_starts( (sha512_context *) ctx, key, keylen, 0 ); -} - -static void sha512_hmac_update_wrap( void *ctx, const unsigned char *input, - size_t ilen ) -{ - sha512_hmac_update( (sha512_context *) ctx, input, ilen ); + mbedtls_sha512( input, ilen, output, 0 ); } -static void sha512_hmac_finish_wrap( void *ctx, unsigned char *output ) -{ - sha512_hmac_finish( (sha512_context *) ctx, output ); -} - -static void sha512_hmac_reset_wrap( void *ctx ) -{ - sha512_hmac_reset( (sha512_context *) ctx ); -} - -static void sha512_hmac_wrap( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ) -{ - sha512_hmac( key, keylen, input, ilen, output, 0 ); -} - -static void * sha512_ctx_alloc( void ) -{ - sha512_context *ctx; - ctx = polarssl_malloc( sizeof( sha512_context ) ); - - if( ctx == NULL ) - return( NULL ); - - sha512_init( ctx ); - - return( ctx ); -} - -static void sha512_ctx_free( void *ctx ) -{ - sha512_free( (sha512_context *) ctx ); - polarssl_free( ctx ); -} - -static void sha512_process_wrap( void *ctx, const unsigned char *data ) -{ - sha512_process( (sha512_context *) ctx, data ); -} - -const md_info_t sha512_info = { - POLARSSL_MD_SHA512, +const mbedtls_md_info_t mbedtls_sha512_info = { + MBEDTLS_MD_SHA512, "SHA512", 64, + 128, sha512_starts_wrap, - sha512_update_wrap, - sha512_finish_wrap, + sha384_update_wrap, + sha384_finish_wrap, sha512_wrap, - sha512_file_wrap, - sha512_hmac_starts_wrap, - sha512_hmac_update_wrap, - sha512_hmac_finish_wrap, - sha512_hmac_reset_wrap, - sha512_hmac_wrap, - sha512_ctx_alloc, - sha512_ctx_free, - sha512_process_wrap, + sha384_ctx_alloc, + sha384_ctx_free, + sha384_clone_wrap, + sha384_process_wrap, }; -#endif /* POLARSSL_SHA512_C */ +#endif /* MBEDTLS_SHA512_C */ -#endif /* POLARSSL_MD_C */ +#endif /* MBEDTLS_MD_C */ diff --git a/ext/mbedtls/library/memory_buffer_alloc.c b/ext/mbedtls/library/memory_buffer_alloc.c index 5eb8ab138c..b5a8f170b5 100644 --- a/ext/mbedtls/library/memory_buffer_alloc.c +++ b/ext/mbedtls/library/memory_buffer_alloc.c @@ -20,31 +20,31 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) -#include "polarssl/memory_buffer_alloc.h" +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +#include "mbedtls/memory_buffer_alloc.h" -/* No need for the header guard as POLARSSL_MEMORY_BUFFER_ALLOC_C - is dependent upon POLARSSL_PLATFORM_C */ -#include "polarssl/platform.h" +/* No need for the header guard as MBEDTLS_MEMORY_BUFFER_ALLOC_C + is dependent upon MBEDTLS_PLATFORM_C */ +#include "mbedtls/platform.h" #include -#if defined(POLARSSL_MEMORY_BACKTRACE) +#if defined(MBEDTLS_MEMORY_BACKTRACE) #include #endif -#if defined(POLARSSL_THREADING_C) -#include "polarssl/threading.h" +#if defined(MBEDTLS_THREADING_C) +#include "mbedtls/threading.h" #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } @@ -62,7 +62,7 @@ struct _memory_header memory_header *next; memory_header *prev_free; memory_header *next_free; -#if defined(POLARSSL_MEMORY_BACKTRACE) +#if defined(MBEDTLS_MEMORY_BACKTRACE) char **trace; size_t trace_count; #endif @@ -76,41 +76,41 @@ typedef struct memory_header *first; memory_header *first_free; int verify; -#if defined(POLARSSL_MEMORY_DEBUG) - size_t malloc_count; +#if defined(MBEDTLS_MEMORY_DEBUG) + size_t alloc_count; size_t free_count; size_t total_used; size_t maximum_used; size_t header_count; size_t maximum_header_count; #endif -#if defined(POLARSSL_THREADING_C) - threading_mutex_t mutex; +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; #endif } buffer_alloc_ctx; static buffer_alloc_ctx heap; -#if defined(POLARSSL_MEMORY_DEBUG) +#if defined(MBEDTLS_MEMORY_DEBUG) static void debug_header( memory_header *hdr ) { -#if defined(POLARSSL_MEMORY_BACKTRACE) +#if defined(MBEDTLS_MEMORY_BACKTRACE) size_t i; #endif - polarssl_fprintf( stderr, "HDR: PTR(%10zu), PREV(%10zu), NEXT(%10zu), " + mbedtls_fprintf( stderr, "HDR: PTR(%10zu), PREV(%10zu), NEXT(%10zu), " "ALLOC(%zu), SIZE(%10zu)\n", (size_t) hdr, (size_t) hdr->prev, (size_t) hdr->next, hdr->alloc, hdr->size ); - polarssl_fprintf( stderr, " FPREV(%10zu), FNEXT(%10zu)\n", + mbedtls_fprintf( stderr, " FPREV(%10zu), FNEXT(%10zu)\n", (size_t) hdr->prev_free, (size_t) hdr->next_free ); -#if defined(POLARSSL_MEMORY_BACKTRACE) - polarssl_fprintf( stderr, "TRACE: \n" ); +#if defined(MBEDTLS_MEMORY_BACKTRACE) + mbedtls_fprintf( stderr, "TRACE: \n" ); for( i = 0; i < hdr->trace_count; i++ ) - polarssl_fprintf( stderr, "%s\n", hdr->trace[i] ); - polarssl_fprintf( stderr, "\n" ); + mbedtls_fprintf( stderr, "%s\n", hdr->trace[i] ); + mbedtls_fprintf( stderr, "\n" ); #endif } @@ -118,14 +118,14 @@ static void debug_chain() { memory_header *cur = heap.first; - polarssl_fprintf( stderr, "\nBlock list\n" ); + mbedtls_fprintf( stderr, "\nBlock list\n" ); while( cur != NULL ) { debug_header( cur ); cur = cur->next; } - polarssl_fprintf( stderr, "Free list\n" ); + mbedtls_fprintf( stderr, "Free list\n" ); cur = heap.first_free; while( cur != NULL ) @@ -134,46 +134,46 @@ static void debug_chain() cur = cur->next_free; } } -#endif /* POLARSSL_MEMORY_DEBUG */ +#endif /* MBEDTLS_MEMORY_DEBUG */ static int verify_header( memory_header *hdr ) { if( hdr->magic1 != MAGIC1 ) { -#if defined(POLARSSL_MEMORY_DEBUG) - polarssl_fprintf( stderr, "FATAL: MAGIC1 mismatch\n" ); +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_fprintf( stderr, "FATAL: MAGIC1 mismatch\n" ); #endif return( 1 ); } if( hdr->magic2 != MAGIC2 ) { -#if defined(POLARSSL_MEMORY_DEBUG) - polarssl_fprintf( stderr, "FATAL: MAGIC2 mismatch\n" ); +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_fprintf( stderr, "FATAL: MAGIC2 mismatch\n" ); #endif return( 1 ); } if( hdr->alloc > 1 ) { -#if defined(POLARSSL_MEMORY_DEBUG) - polarssl_fprintf( stderr, "FATAL: alloc has illegal value\n" ); +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_fprintf( stderr, "FATAL: alloc has illegal value\n" ); #endif return( 1 ); } if( hdr->prev != NULL && hdr->prev == hdr->next ) { -#if defined(POLARSSL_MEMORY_DEBUG) - polarssl_fprintf( stderr, "FATAL: prev == next\n" ); +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_fprintf( stderr, "FATAL: prev == next\n" ); #endif return( 1 ); } if( hdr->prev_free != NULL && hdr->prev_free == hdr->next_free ) { -#if defined(POLARSSL_MEMORY_DEBUG) - polarssl_fprintf( stderr, "FATAL: prev_free == next_free\n" ); +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_fprintf( stderr, "FATAL: prev_free == next_free\n" ); #endif return( 1 ); } @@ -187,8 +187,8 @@ static int verify_chain() if( verify_header( heap.first ) != 0 ) { -#if defined(POLARSSL_MEMORY_DEBUG) - polarssl_fprintf( stderr, "FATAL: verification of first header " +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_fprintf( stderr, "FATAL: verification of first header " "failed\n" ); #endif return( 1 ); @@ -196,8 +196,8 @@ static int verify_chain() if( heap.first->prev != NULL ) { -#if defined(POLARSSL_MEMORY_DEBUG) - polarssl_fprintf( stderr, "FATAL: verification failed: " +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_fprintf( stderr, "FATAL: verification failed: " "first->prev != NULL\n" ); #endif return( 1 ); @@ -207,8 +207,8 @@ static int verify_chain() { if( verify_header( cur ) != 0 ) { -#if defined(POLARSSL_MEMORY_DEBUG) - polarssl_fprintf( stderr, "FATAL: verification of header " +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_fprintf( stderr, "FATAL: verification of header " "failed\n" ); #endif return( 1 ); @@ -216,8 +216,8 @@ static int verify_chain() if( cur->prev != prv ) { -#if defined(POLARSSL_MEMORY_DEBUG) - polarssl_fprintf( stderr, "FATAL: verification failed: " +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_fprintf( stderr, "FATAL: verification failed: " "cur->prev != prv\n" ); #endif return( 1 ); @@ -230,11 +230,13 @@ static int verify_chain() return( 0 ); } -static void *buffer_alloc_malloc( size_t len ) +static void *buffer_alloc_calloc( size_t n, size_t size ) { memory_header *new, *cur = heap.first_free; unsigned char *p; -#if defined(POLARSSL_MEMORY_BACKTRACE) + void *ret; + size_t original_len, len; +#if defined(MBEDTLS_MEMORY_BACKTRACE) void *trace_buffer[MAX_BT]; size_t trace_cnt; #endif @@ -242,10 +244,15 @@ static void *buffer_alloc_malloc( size_t len ) if( heap.buf == NULL || heap.first == NULL ) return( NULL ); - if( len % POLARSSL_MEMORY_ALIGN_MULTIPLE ) + original_len = len = n * size; + + if( n != 0 && len / n != size ) + return( NULL ); + + if( len % MBEDTLS_MEMORY_ALIGN_MULTIPLE ) { - len -= len % POLARSSL_MEMORY_ALIGN_MULTIPLE; - len += POLARSSL_MEMORY_ALIGN_MULTIPLE; + len -= len % MBEDTLS_MEMORY_ALIGN_MULTIPLE; + len += MBEDTLS_MEMORY_ALIGN_MULTIPLE; } // Find block that fits @@ -263,21 +270,21 @@ static void *buffer_alloc_malloc( size_t len ) if( cur->alloc != 0 ) { -#if defined(POLARSSL_MEMORY_DEBUG) - polarssl_fprintf( stderr, "FATAL: block in free_list but allocated " +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_fprintf( stderr, "FATAL: block in free_list but allocated " "data\n" ); #endif - polarssl_exit( 1 ); + mbedtls_exit( 1 ); } -#if defined(POLARSSL_MEMORY_DEBUG) - heap.malloc_count++; +#if defined(MBEDTLS_MEMORY_DEBUG) + heap.alloc_count++; #endif // Found location, split block if > memory_header + 4 room left // if( cur->size - len < sizeof(memory_header) + - POLARSSL_MEMORY_ALIGN_MULTIPLE ) + MBEDTLS_MEMORY_ALIGN_MULTIPLE ) { cur->alloc = 1; @@ -294,21 +301,24 @@ static void *buffer_alloc_malloc( size_t len ) cur->prev_free = NULL; cur->next_free = NULL; -#if defined(POLARSSL_MEMORY_DEBUG) +#if defined(MBEDTLS_MEMORY_DEBUG) heap.total_used += cur->size; if( heap.total_used > heap.maximum_used ) heap.maximum_used = heap.total_used; #endif -#if defined(POLARSSL_MEMORY_BACKTRACE) +#if defined(MBEDTLS_MEMORY_BACKTRACE) trace_cnt = backtrace( trace_buffer, MAX_BT ); cur->trace = backtrace_symbols( trace_buffer, trace_cnt ); cur->trace_count = trace_cnt; #endif - if( ( heap.verify & MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) - polarssl_exit( 1 ); + if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) + mbedtls_exit( 1 ); - return( ( (unsigned char *) cur ) + sizeof(memory_header) ); + ret = (unsigned char *) cur + sizeof( memory_header ); + memset( ret, 0, original_len ); + + return( ret ); } p = ( (unsigned char *) cur ) + sizeof(memory_header) + len; @@ -318,7 +328,7 @@ static void *buffer_alloc_malloc( size_t len ) new->alloc = 0; new->prev = cur; new->next = cur->next; -#if defined(POLARSSL_MEMORY_BACKTRACE) +#if defined(MBEDTLS_MEMORY_BACKTRACE) new->trace = NULL; new->trace_count = 0; #endif @@ -346,7 +356,7 @@ static void *buffer_alloc_malloc( size_t len ) cur->prev_free = NULL; cur->next_free = NULL; -#if defined(POLARSSL_MEMORY_DEBUG) +#if defined(MBEDTLS_MEMORY_DEBUG) heap.header_count++; if( heap.header_count > heap.maximum_header_count ) heap.maximum_header_count = heap.header_count; @@ -354,16 +364,19 @@ static void *buffer_alloc_malloc( size_t len ) if( heap.total_used > heap.maximum_used ) heap.maximum_used = heap.total_used; #endif -#if defined(POLARSSL_MEMORY_BACKTRACE) +#if defined(MBEDTLS_MEMORY_BACKTRACE) trace_cnt = backtrace( trace_buffer, MAX_BT ); cur->trace = backtrace_symbols( trace_buffer, trace_cnt ); cur->trace_count = trace_cnt; #endif - if( ( heap.verify & MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) - polarssl_exit( 1 ); + if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) + mbedtls_exit( 1 ); + + ret = (unsigned char *) cur + sizeof( memory_header ); + memset( ret, 0, original_len ); - return( ( (unsigned char *) cur ) + sizeof(memory_header) ); + return( ret ); } static void buffer_alloc_free( void *ptr ) @@ -376,31 +389,31 @@ static void buffer_alloc_free( void *ptr ) if( p < heap.buf || p > heap.buf + heap.len ) { -#if defined(POLARSSL_MEMORY_DEBUG) - polarssl_fprintf( stderr, "FATAL: polarssl_free() outside of managed " +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_fprintf( stderr, "FATAL: mbedtls_free() outside of managed " "space\n" ); #endif - polarssl_exit( 1 ); + mbedtls_exit( 1 ); } p -= sizeof(memory_header); hdr = (memory_header *) p; if( verify_header( hdr ) != 0 ) - polarssl_exit( 1 ); + mbedtls_exit( 1 ); if( hdr->alloc != 1 ) { -#if defined(POLARSSL_MEMORY_DEBUG) - polarssl_fprintf( stderr, "FATAL: polarssl_free() on unallocated " +#if defined(MBEDTLS_MEMORY_DEBUG) + mbedtls_fprintf( stderr, "FATAL: mbedtls_free() on unallocated " "data\n" ); #endif - polarssl_exit( 1 ); + mbedtls_exit( 1 ); } hdr->alloc = 0; -#if defined(POLARSSL_MEMORY_DEBUG) +#if defined(MBEDTLS_MEMORY_DEBUG) heap.free_count++; heap.total_used -= hdr->size; #endif @@ -409,7 +422,7 @@ static void buffer_alloc_free( void *ptr ) // if( hdr->prev != NULL && hdr->prev->alloc == 0 ) { -#if defined(POLARSSL_MEMORY_DEBUG) +#if defined(MBEDTLS_MEMORY_DEBUG) heap.header_count--; #endif hdr->prev->size += sizeof(memory_header) + hdr->size; @@ -420,7 +433,7 @@ static void buffer_alloc_free( void *ptr ) if( hdr->next != NULL ) hdr->next->prev = hdr; -#if defined(POLARSSL_MEMORY_BACKTRACE) +#if defined(MBEDTLS_MEMORY_BACKTRACE) free( old->trace ); #endif memset( old, 0, sizeof(memory_header) ); @@ -430,7 +443,7 @@ static void buffer_alloc_free( void *ptr ) // if( hdr->next != NULL && hdr->next->alloc == 0 ) { -#if defined(POLARSSL_MEMORY_DEBUG) +#if defined(MBEDTLS_MEMORY_DEBUG) heap.header_count--; #endif hdr->size += sizeof(memory_header) + hdr->next->size; @@ -462,7 +475,7 @@ static void buffer_alloc_free( void *ptr ) if( hdr->next != NULL ) hdr->next->prev = hdr; -#if defined(POLARSSL_MEMORY_BACKTRACE) +#if defined(MBEDTLS_MEMORY_BACKTRACE) free( old->trace ); #endif memset( old, 0, sizeof(memory_header) ); @@ -479,103 +492,108 @@ static void buffer_alloc_free( void *ptr ) heap.first_free = hdr; } -#if defined(POLARSSL_MEMORY_BACKTRACE) +#if defined(MBEDTLS_MEMORY_BACKTRACE) hdr->trace = NULL; hdr->trace_count = 0; #endif - if( ( heap.verify & MEMORY_VERIFY_FREE ) && verify_chain() != 0 ) - polarssl_exit( 1 ); + if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_FREE ) && verify_chain() != 0 ) + mbedtls_exit( 1 ); } -void memory_buffer_set_verify( int verify ) +void mbedtls_memory_buffer_set_verify( int verify ) { heap.verify = verify; } -int memory_buffer_alloc_verify() +int mbedtls_memory_buffer_alloc_verify() { return verify_chain(); } -#if defined(POLARSSL_MEMORY_DEBUG) -void memory_buffer_alloc_status() +#if defined(MBEDTLS_MEMORY_DEBUG) +void mbedtls_memory_buffer_alloc_status() { - polarssl_fprintf( stderr, + mbedtls_fprintf( stderr, "Current use: %zu blocks / %zu bytes, max: %zu blocks / " - "%zu bytes (total %zu bytes), malloc / free: %zu / %zu\n", + "%zu bytes (total %zu bytes), alloc / free: %zu / %zu\n", heap.header_count, heap.total_used, heap.maximum_header_count, heap.maximum_used, heap.maximum_header_count * sizeof( memory_header ) + heap.maximum_used, - heap.malloc_count, heap.free_count ); + heap.alloc_count, heap.free_count ); if( heap.first->next == NULL ) - polarssl_fprintf( stderr, "All memory de-allocated in stack buffer\n" ); + mbedtls_fprintf( stderr, "All memory de-allocated in stack buffer\n" ); else { - polarssl_fprintf( stderr, "Memory currently allocated:\n" ); + mbedtls_fprintf( stderr, "Memory currently allocated:\n" ); debug_chain(); } } -void memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ) +void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ) { *max_used = heap.maximum_used; *max_blocks = heap.maximum_header_count; } -void memory_buffer_alloc_max_reset( void ) +void mbedtls_memory_buffer_alloc_max_reset( void ) { heap.maximum_used = 0; heap.maximum_header_count = 0; } -void memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ) +void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ) { *cur_used = heap.total_used; *cur_blocks = heap.header_count; } -#endif /* POLARSSL_MEMORY_DEBUG */ +#endif /* MBEDTLS_MEMORY_DEBUG */ -#if defined(POLARSSL_THREADING_C) -static void *buffer_alloc_malloc_mutexed( size_t len ) +#if defined(MBEDTLS_THREADING_C) +static void *buffer_alloc_calloc_mutexed( size_t n, size_t size ) { void *buf; - polarssl_mutex_lock( &heap.mutex ); - buf = buffer_alloc_malloc( len ); - polarssl_mutex_unlock( &heap.mutex ); + if( mbedtls_mutex_lock( &heap.mutex ) != 0 ) + return( NULL ); + buf = buffer_alloc_calloc( n, size ); + if( mbedtls_mutex_unlock( &heap.mutex ) ) + return( NULL ); return( buf ); } static void buffer_alloc_free_mutexed( void *ptr ) { - polarssl_mutex_lock( &heap.mutex ); + /* We have to good option here, but corrupting the heap seems + * worse than loosing memory. */ + if( mbedtls_mutex_lock( &heap.mutex ) ) + return; buffer_alloc_free( ptr ); - polarssl_mutex_unlock( &heap.mutex ); + (void) mbedtls_mutex_unlock( &heap.mutex ); } -#endif /* POLARSSL_THREADING_C */ +#endif /* MBEDTLS_THREADING_C */ -int memory_buffer_alloc_init( unsigned char *buf, size_t len ) +void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len ) { memset( &heap, 0, sizeof(buffer_alloc_ctx) ); memset( buf, 0, len ); -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_init( &heap.mutex ); - platform_set_malloc_free( buffer_alloc_malloc_mutexed, +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &heap.mutex ); + mbedtls_platform_set_calloc_free( buffer_alloc_calloc_mutexed, buffer_alloc_free_mutexed ); #else - platform_set_malloc_free( buffer_alloc_malloc, buffer_alloc_free ); + mbedtls_platform_set_calloc_free( buffer_alloc_calloc, buffer_alloc_free ); #endif - if( (size_t) buf % POLARSSL_MEMORY_ALIGN_MULTIPLE ) + if( (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE ) { /* Adjust len first since buf is used in the computation */ - len -= POLARSSL_MEMORY_ALIGN_MULTIPLE - - (size_t) buf % POLARSSL_MEMORY_ALIGN_MULTIPLE; - buf += POLARSSL_MEMORY_ALIGN_MULTIPLE - - (size_t) buf % POLARSSL_MEMORY_ALIGN_MULTIPLE; + len -= MBEDTLS_MEMORY_ALIGN_MULTIPLE + - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; + buf += MBEDTLS_MEMORY_ALIGN_MULTIPLE + - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; } heap.buf = buf; @@ -586,24 +604,23 @@ int memory_buffer_alloc_init( unsigned char *buf, size_t len ) heap.first->magic1 = MAGIC1; heap.first->magic2 = MAGIC2; heap.first_free = heap.first; - return( 0 ); } -void memory_buffer_alloc_free() +void mbedtls_memory_buffer_alloc_free() { -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_free( &heap.mutex ); +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_free( &heap.mutex ); #endif - polarssl_zeroize( &heap, sizeof(buffer_alloc_ctx) ); + mbedtls_zeroize( &heap, sizeof(buffer_alloc_ctx) ); } -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) static int check_pointer( void *p ) { if( p == NULL ) return( -1 ); - if( (size_t) p % POLARSSL_MEMORY_ALIGN_MULTIPLE != 0 ) + if( (size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0 ) return( -1 ); return( 0 ); @@ -612,7 +629,7 @@ static int check_pointer( void *p ) static int check_all_free( ) { if( -#if defined(POLARSSL_MEMORY_DEBUG) +#if defined(MBEDTLS_MEMORY_DEBUG) heap.total_used != 0 || #endif heap.first != heap.first_free || @@ -628,107 +645,107 @@ static int check_all_free( ) if( ! (condition) ) \ { \ if( verbose != 0 ) \ - polarssl_printf( "failed\n" ); \ + mbedtls_printf( "failed\n" ); \ \ ret = 1; \ goto cleanup; \ } -int memory_buffer_alloc_self_test( int verbose ) +int mbedtls_memory_buffer_alloc_self_test( int verbose ) { unsigned char buf[1024]; unsigned char *p, *q, *r, *end; int ret = 0; if( verbose != 0 ) - polarssl_printf( " MBA test #1 (basic alloc-free cycle): " ); + mbedtls_printf( " MBA test #1 (basic alloc-free cycle): " ); - memory_buffer_alloc_init( buf, sizeof( buf ) ); + mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); - p = polarssl_malloc( 1 ); - q = polarssl_malloc( 128 ); - r = polarssl_malloc( 16 ); + p = mbedtls_calloc( 1, 1 ); + q = mbedtls_calloc( 1, 128 ); + r = mbedtls_calloc( 1, 16 ); TEST_ASSERT( check_pointer( p ) == 0 && check_pointer( q ) == 0 && check_pointer( r ) == 0 ); - polarssl_free( r ); - polarssl_free( q ); - polarssl_free( p ); + mbedtls_free( r ); + mbedtls_free( q ); + mbedtls_free( p ); TEST_ASSERT( check_all_free( ) == 0 ); /* Memorize end to compare with the next test */ end = heap.buf + heap.len; - memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free( ); if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); if( verbose != 0 ) - polarssl_printf( " MBA test #2 (buf not aligned): " ); + mbedtls_printf( " MBA test #2 (buf not aligned): " ); - memory_buffer_alloc_init( buf + 1, sizeof( buf ) - 1 ); + mbedtls_memory_buffer_alloc_init( buf + 1, sizeof( buf ) - 1 ); TEST_ASSERT( heap.buf + heap.len == end ); - p = polarssl_malloc( 1 ); - q = polarssl_malloc( 128 ); - r = polarssl_malloc( 16 ); + p = mbedtls_calloc( 1, 1 ); + q = mbedtls_calloc( 1, 128 ); + r = mbedtls_calloc( 1, 16 ); TEST_ASSERT( check_pointer( p ) == 0 && check_pointer( q ) == 0 && check_pointer( r ) == 0 ); - polarssl_free( r ); - polarssl_free( q ); - polarssl_free( p ); + mbedtls_free( r ); + mbedtls_free( q ); + mbedtls_free( p ); TEST_ASSERT( check_all_free( ) == 0 ); - memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free( ); if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); if( verbose != 0 ) - polarssl_printf( " MBA test #3 (full): " ); + mbedtls_printf( " MBA test #3 (full): " ); - memory_buffer_alloc_init( buf, sizeof( buf ) ); + mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); - p = polarssl_malloc( sizeof( buf ) - sizeof( memory_header ) ); + p = mbedtls_calloc( 1, sizeof( buf ) - sizeof( memory_header ) ); TEST_ASSERT( check_pointer( p ) == 0 ); - TEST_ASSERT( polarssl_malloc( 1 ) == NULL ); + TEST_ASSERT( mbedtls_calloc( 1, 1 ) == NULL ); - polarssl_free( p ); + mbedtls_free( p ); - p = polarssl_malloc( sizeof( buf ) - 2 * sizeof( memory_header ) - 16 ); - q = polarssl_malloc( 16 ); + p = mbedtls_calloc( 1, sizeof( buf ) - 2 * sizeof( memory_header ) - 16 ); + q = mbedtls_calloc( 1, 16 ); TEST_ASSERT( check_pointer( p ) == 0 && check_pointer( q ) == 0 ); - TEST_ASSERT( polarssl_malloc( 1 ) == NULL ); + TEST_ASSERT( mbedtls_calloc( 1, 1 ) == NULL ); - polarssl_free( q ); + mbedtls_free( q ); - TEST_ASSERT( polarssl_malloc( 17 ) == NULL ); + TEST_ASSERT( mbedtls_calloc( 1, 17 ) == NULL ); - polarssl_free( p ); + mbedtls_free( p ); TEST_ASSERT( check_all_free( ) == 0 ); - memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free( ); if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); cleanup: - memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free( ); return( ret ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_MEMORY_BUFFER_ALLOC_C */ +#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ diff --git a/ext/mbedtls/library/net.c b/ext/mbedtls/library/net.c index 1fb68842e3..bcec232e1b 100644 --- a/ext/mbedtls/library/net.c +++ b/ext/mbedtls/library/net.c @@ -1,5 +1,5 @@ /* - * TCP networking functions + * TCP/IP or UDP/IP networking functions * * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved * @@ -20,29 +20,27 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_NET_C) +#if defined(MBEDTLS_NET_C) -#include "polarssl/net.h" +#include "mbedtls/net.h" #include #if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) -#if defined(POLARSSL_HAVE_IPV6) #ifdef _WIN32_WINNT #undef _WIN32_WINNT #endif /* Enables getaddrinfo() & Co */ #define _WIN32_WINNT 0x0501 #include -#endif #include #include @@ -67,78 +65,29 @@ static int wsa_init_done = 0; #include #include #include -#if defined(POLARSSL_HAVE_TIME) #include -#endif #include #include #include #include #include -#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || \ - defined(__DragonFly__) -#include -#elif defined(__APPLE__) || defined(HAVE_MACHINE_ENDIAN_H) || \ - defined(EFIX64) || defined(EFI32) -#include -#elif defined(sun) -#include -#elif defined(_AIX) || defined(HAVE_ARPA_NAMESER_COMPAT_H) -#include +#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ + +/* Some MS functions want int and MSVC warns if we pass size_t, + * but the standard fucntions use socklen_t, so cast only for MSVC */ +#if defined(_MSC_VER) +#define MSVC_INT_CAST (int) #else -#include +#define MSVC_INT_CAST #endif -#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ - #include #include -#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \ - !defined(EFI32) -#define snprintf _snprintf -#endif - -#if defined(POLARSSL_HAVE_TIME) #include -#endif -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif - -/* - * htons() is not always available. - * By default go for LITTLE_ENDIAN variant. Otherwise hope for _BYTE_ORDER and - * __BIG_ENDIAN to help determine endianness. - */ -#if defined(__BYTE_ORDER) && defined(__BIG_ENDIAN) && \ - __BYTE_ORDER == __BIG_ENDIAN -#define POLARSSL_HTONS(n) (n) -#define POLARSSL_HTONL(n) (n) -#else -#define POLARSSL_HTONS(n) ((((unsigned short)(n) & 0xFF ) << 8 ) | \ - (((unsigned short)(n) & 0xFF00 ) >> 8 )) -#define POLARSSL_HTONL(n) ((((unsigned long )(n) & 0xFF ) << 24) | \ - (((unsigned long )(n) & 0xFF00 ) << 8 ) | \ - (((unsigned long )(n) & 0xFF0000 ) >> 8 ) | \ - (((unsigned long )(n) & 0xFF000000) >> 24)) -#endif - -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" -#else -#define polarssl_snprintf snprintf -#endif - -unsigned short net_htons( unsigned short n ); -unsigned long net_htonl( unsigned long n ); -#define net_htons(n) POLARSSL_HTONS(n) -#define net_htonl(n) POLARSSL_HTONL(n) +#include /* * Prepare for using the sockets interface @@ -152,7 +101,7 @@ static int net_prepare( void ) if( wsa_init_done == 0 ) { if( WSAStartup( MAKEWORD(2,0), &wsaData ) != 0 ) - return( POLARSSL_ERR_NET_SOCKET_FAILED ); + return( MBEDTLS_ERR_NET_SOCKET_FAILED ); wsa_init_done = 1; } @@ -165,152 +114,119 @@ static int net_prepare( void ) } /* - * Initiate a TCP connection with host:port + * Initialize a context + */ +void mbedtls_net_init( mbedtls_net_context *ctx ) +{ + ctx->fd = -1; +} + +/* + * Initiate a TCP connection with host:port and the given protocol */ -int net_connect( int *fd, const char *host, int port ) +int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto ) { -#if defined(POLARSSL_HAVE_IPV6) int ret; struct addrinfo hints, *addr_list, *cur; - char port_str[6]; if( ( ret = net_prepare() ) != 0 ) return( ret ); - /* getaddrinfo expects port as a string */ - memset( port_str, 0, sizeof( port_str ) ); - polarssl_snprintf( port_str, sizeof( port_str ), "%d", port ); - - /* Do name resolution with both IPv6 and IPv4, but only TCP */ + /* Do name resolution with both IPv6 and IPv4 */ memset( &hints, 0, sizeof( hints ) ); hints.ai_family = AF_UNSPEC; - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; + hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM; + hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP; - if( getaddrinfo( host, port_str, &hints, &addr_list ) != 0 ) - return( POLARSSL_ERR_NET_UNKNOWN_HOST ); + if( getaddrinfo( host, port, &hints, &addr_list ) != 0 ) + return( MBEDTLS_ERR_NET_UNKNOWN_HOST ); /* Try the sockaddrs until a connection succeeds */ - ret = POLARSSL_ERR_NET_UNKNOWN_HOST; + ret = MBEDTLS_ERR_NET_UNKNOWN_HOST; for( cur = addr_list; cur != NULL; cur = cur->ai_next ) { - *fd = (int) socket( cur->ai_family, cur->ai_socktype, + ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype, cur->ai_protocol ); - if( *fd < 0 ) + if( ctx->fd < 0 ) { - ret = POLARSSL_ERR_NET_SOCKET_FAILED; + ret = MBEDTLS_ERR_NET_SOCKET_FAILED; continue; } - if( connect( *fd, cur->ai_addr, cur->ai_addrlen ) == 0 ) + if( connect( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) == 0 ) { ret = 0; break; } - close( *fd ); - ret = POLARSSL_ERR_NET_CONNECT_FAILED; + close( ctx->fd ); + ret = MBEDTLS_ERR_NET_CONNECT_FAILED; } freeaddrinfo( addr_list ); return( ret ); - -#else - /* Legacy IPv4-only version */ - - int ret; - struct sockaddr_in server_addr; - struct hostent *server_host; - - if( ( ret = net_prepare() ) != 0 ) - return( ret ); - - if( ( server_host = gethostbyname( host ) ) == NULL ) - return( POLARSSL_ERR_NET_UNKNOWN_HOST ); - - if( ( *fd = (int) socket( AF_INET, SOCK_STREAM, IPPROTO_IP ) ) < 0 ) - return( POLARSSL_ERR_NET_SOCKET_FAILED ); - - memcpy( (void *) &server_addr.sin_addr, - (void *) server_host->h_addr, - server_host->h_length ); - - server_addr.sin_family = AF_INET; - server_addr.sin_port = net_htons( port ); - - if( connect( *fd, (struct sockaddr *) &server_addr, - sizeof( server_addr ) ) < 0 ) - { - close( *fd ); - return( POLARSSL_ERR_NET_CONNECT_FAILED ); - } - - return( 0 ); -#endif /* POLARSSL_HAVE_IPV6 */ } /* * Create a listening socket on bind_ip:port */ -int net_bind( int *fd, const char *bind_ip, int port ) +int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ) { -#if defined(POLARSSL_HAVE_IPV6) int n, ret; struct addrinfo hints, *addr_list, *cur; - char port_str[6]; if( ( ret = net_prepare() ) != 0 ) return( ret ); - /* getaddrinfo expects port as a string */ - memset( port_str, 0, sizeof( port_str ) ); - polarssl_snprintf( port_str, sizeof( port_str ), "%d", port ); - - /* Bind to IPv6 and/or IPv4, but only in TCP */ + /* Bind to IPv6 and/or IPv4, but only in the desired protocol */ memset( &hints, 0, sizeof( hints ) ); hints.ai_family = AF_UNSPEC; - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; + hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM; + hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP; if( bind_ip == NULL ) hints.ai_flags = AI_PASSIVE; - if( getaddrinfo( bind_ip, port_str, &hints, &addr_list ) != 0 ) - return( POLARSSL_ERR_NET_UNKNOWN_HOST ); + if( getaddrinfo( bind_ip, port, &hints, &addr_list ) != 0 ) + return( MBEDTLS_ERR_NET_UNKNOWN_HOST ); /* Try the sockaddrs until a binding succeeds */ - ret = POLARSSL_ERR_NET_UNKNOWN_HOST; + ret = MBEDTLS_ERR_NET_UNKNOWN_HOST; for( cur = addr_list; cur != NULL; cur = cur->ai_next ) { - *fd = (int) socket( cur->ai_family, cur->ai_socktype, + ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype, cur->ai_protocol ); - if( *fd < 0 ) + if( ctx->fd < 0 ) { - ret = POLARSSL_ERR_NET_SOCKET_FAILED; + ret = MBEDTLS_ERR_NET_SOCKET_FAILED; continue; } n = 1; - if( setsockopt( *fd, SOL_SOCKET, SO_REUSEADDR, + if( setsockopt( ctx->fd, SOL_SOCKET, SO_REUSEADDR, (const char *) &n, sizeof( n ) ) != 0 ) { - close( *fd ); - ret = POLARSSL_ERR_NET_SOCKET_FAILED; + close( ctx->fd ); + ret = MBEDTLS_ERR_NET_SOCKET_FAILED; continue; } - if( bind( *fd, cur->ai_addr, cur->ai_addrlen ) != 0 ) + if( bind( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) != 0 ) { - close( *fd ); - ret = POLARSSL_ERR_NET_BIND_FAILED; + close( ctx->fd ); + ret = MBEDTLS_ERR_NET_BIND_FAILED; continue; } - if( listen( *fd, POLARSSL_NET_LISTEN_BACKLOG ) != 0 ) + /* Listen only makes sense for TCP */ + if( proto == MBEDTLS_NET_PROTO_TCP ) { - close( *fd ); - ret = POLARSSL_ERR_NET_LISTEN_FAILED; - continue; + if( listen( ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG ) != 0 ) + { + close( ctx->fd ); + ret = MBEDTLS_ERR_NET_LISTEN_FAILED; + continue; + } } /* I we ever get there, it's a success */ @@ -322,58 +238,6 @@ int net_bind( int *fd, const char *bind_ip, int port ) return( ret ); -#else - /* Legacy IPv4-only version */ - - int ret, n, c[4]; - struct sockaddr_in server_addr; - - if( ( ret = net_prepare() ) != 0 ) - return( ret ); - - if( ( *fd = (int) socket( AF_INET, SOCK_STREAM, IPPROTO_IP ) ) < 0 ) - return( POLARSSL_ERR_NET_SOCKET_FAILED ); - - n = 1; - setsockopt( *fd, SOL_SOCKET, SO_REUSEADDR, - (const char *) &n, sizeof( n ) ); - - server_addr.sin_addr.s_addr = net_htonl( INADDR_ANY ); - server_addr.sin_family = AF_INET; - server_addr.sin_port = net_htons( port ); - - if( bind_ip != NULL ) - { - memset( c, 0, sizeof( c ) ); - sscanf( bind_ip, "%d.%d.%d.%d", &c[0], &c[1], &c[2], &c[3] ); - - for( n = 0; n < 4; n++ ) - if( c[n] < 0 || c[n] > 255 ) - break; - - if( n == 4 ) - server_addr.sin_addr.s_addr = net_htonl( - ( (uint32_t) c[0] << 24 ) | - ( (uint32_t) c[1] << 16 ) | - ( (uint32_t) c[2] << 8 ) | - ( (uint32_t) c[3] ) ); - } - - if( bind( *fd, (struct sockaddr *) &server_addr, - sizeof( server_addr ) ) < 0 ) - { - close( *fd ); - return( POLARSSL_ERR_NET_BIND_FAILED ); - } - - if( listen( *fd, POLARSSL_NET_LISTEN_BACKLOG ) != 0 ) - { - close( *fd ); - return( POLARSSL_ERR_NET_LISTEN_FAILED ); - } - - return( 0 ); -#endif /* POLARSSL_HAVE_IPV6 */ } #if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ @@ -382,9 +246,9 @@ int net_bind( int *fd, const char *bind_ip, int port ) * Check if the requested operation would be blocking on a non-blocking socket * and thus 'failed' with a negative return value. */ -static int net_would_block( int fd ) +static int net_would_block( const mbedtls_net_context *ctx ) { - ((void) fd); + ((void) ctx); return( WSAGetLastError() == WSAEWOULDBLOCK ); } #else @@ -394,12 +258,12 @@ static int net_would_block( int fd ) * * Note: on a blocking socket this function always returns 0! */ -static int net_would_block( int fd ) +static int net_would_block( const mbedtls_net_context *ctx ) { /* * Never return 'WOULD BLOCK' on a non-blocking socket */ - if( ( fcntl( fd, F_GETFL ) & O_NONBLOCK ) != O_NONBLOCK ) + if( ( fcntl( ctx->fd, F_GETFL ) & O_NONBLOCK ) != O_NONBLOCK ) return( 0 ); switch( errno ) @@ -419,51 +283,116 @@ static int net_would_block( int fd ) /* * Accept a connection from a remote client */ -int net_accept( int bind_fd, int *client_fd, void *client_ip ) +int mbedtls_net_accept( mbedtls_net_context *bind_ctx, + mbedtls_net_context *client_ctx, + void *client_ip, size_t buf_size, size_t *ip_len ) { -#if defined(POLARSSL_HAVE_IPV6) + int ret; + int type; + struct sockaddr_storage client_addr; -#else - struct sockaddr_in client_addr; -#endif #if defined(__socklen_t_defined) || defined(_SOCKLEN_T) || \ defined(_SOCKLEN_T_DECLARED) socklen_t n = (socklen_t) sizeof( client_addr ); + socklen_t type_len = (socklen_t) sizeof( type ); #else int n = (int) sizeof( client_addr ); + int type_len = (int) sizeof( type ); +#endif + + /* Is this a TCP or UDP socket? */ + if( getsockopt( bind_ctx->fd, SOL_SOCKET, SO_TYPE, + (void *) &type, &type_len ) != 0 || + ( type != SOCK_STREAM && type != SOCK_DGRAM ) ) + { + return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); + } + + if( type == SOCK_STREAM ) + { + /* TCP: actual accept() */ + ret = client_ctx->fd = (int) accept( bind_ctx->fd, + (struct sockaddr *) &client_addr, &n ); + } + else + { + /* UDP: wait for a message, but keep it in the queue */ + char buf[1] = { 0 }; + + ret = recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK, + (struct sockaddr *) &client_addr, &n ); + +#if defined(_WIN32) + if( ret == SOCKET_ERROR && + WSAGetLastError() == WSAEMSGSIZE ) + { + /* We know buf is too small, thanks, just peeking here */ + ret = 0; + } #endif + } + + if( ret < 0 ) + { + if( net_would_block( bind_ctx ) != 0 ) + return( MBEDTLS_ERR_SSL_WANT_READ ); - *client_fd = (int) accept( bind_fd, (struct sockaddr *) - &client_addr, &n ); + return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); + } - if( *client_fd < 0 ) + /* UDP: hijack the listening socket to communicate with the client, + * then bind a new socket to accept new connections */ + if( type != SOCK_STREAM ) { - if( net_would_block( bind_fd ) != 0 ) - return( POLARSSL_ERR_NET_WANT_READ ); + struct sockaddr_storage local_addr; + int one = 1; + + if( connect( bind_ctx->fd, (struct sockaddr *) &client_addr, n ) != 0 ) + return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); + + client_ctx->fd = bind_ctx->fd; + bind_ctx->fd = -1; /* In case we exit early */ + + n = sizeof( struct sockaddr_storage ); + if( getsockname( client_ctx->fd, + (struct sockaddr *) &local_addr, &n ) != 0 || + ( bind_ctx->fd = (int) socket( local_addr.ss_family, + SOCK_DGRAM, IPPROTO_UDP ) ) < 0 || + setsockopt( bind_ctx->fd, SOL_SOCKET, SO_REUSEADDR, + (const char *) &one, sizeof( one ) ) != 0 ) + { + return( MBEDTLS_ERR_NET_SOCKET_FAILED ); + } - return( POLARSSL_ERR_NET_ACCEPT_FAILED ); + if( bind( bind_ctx->fd, (struct sockaddr *) &local_addr, n ) != 0 ) + { + return( MBEDTLS_ERR_NET_BIND_FAILED ); + } } if( client_ip != NULL ) { -#if defined(POLARSSL_HAVE_IPV6) if( client_addr.ss_family == AF_INET ) { struct sockaddr_in *addr4 = (struct sockaddr_in *) &client_addr; - memcpy( client_ip, &addr4->sin_addr.s_addr, - sizeof( addr4->sin_addr.s_addr ) ); + *ip_len = sizeof( addr4->sin_addr.s_addr ); + + if( buf_size < *ip_len ) + return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL ); + + memcpy( client_ip, &addr4->sin_addr.s_addr, *ip_len ); } else { struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &client_addr; - memcpy( client_ip, &addr6->sin6_addr.s6_addr, - sizeof( addr6->sin6_addr.s6_addr ) ); + *ip_len = sizeof( addr6->sin6_addr.s6_addr ); + + if( buf_size < *ip_len ) + return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL ); + + memcpy( client_ip, &addr6->sin6_addr.s6_addr, *ip_len); } -#else - memcpy( client_ip, &client_addr.sin_addr.s_addr, - sizeof( client_addr.sin_addr.s_addr ) ); -#endif /* POLARSSL_HAVE_IPV6 */ } return( 0 ); @@ -472,103 +401,159 @@ int net_accept( int bind_fd, int *client_fd, void *client_ip ) /* * Set the socket blocking or non-blocking */ -int net_set_block( int fd ) +int mbedtls_net_set_block( mbedtls_net_context *ctx ) { #if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ !defined(EFI32) u_long n = 0; - return( ioctlsocket( fd, FIONBIO, &n ) ); + return( ioctlsocket( ctx->fd, FIONBIO, &n ) ); #else - return( fcntl( fd, F_SETFL, fcntl( fd, F_GETFL ) & ~O_NONBLOCK ) ); + return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) & ~O_NONBLOCK ) ); #endif } -int net_set_nonblock( int fd ) +int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ) { #if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ !defined(EFI32) u_long n = 1; - return( ioctlsocket( fd, FIONBIO, &n ) ); + return( ioctlsocket( ctx->fd, FIONBIO, &n ) ); #else - return( fcntl( fd, F_SETFL, fcntl( fd, F_GETFL ) | O_NONBLOCK ) ); + return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) | O_NONBLOCK ) ); #endif } -#if defined(POLARSSL_HAVE_TIME) /* * Portable usleep helper */ -void net_usleep( unsigned long usec ) +void mbedtls_net_usleep( unsigned long usec ) { +#if defined(_WIN32) + Sleep( ( usec + 999 ) / 1000 ); +#else struct timeval tv; tv.tv_sec = usec / 1000000; -#if !defined(_WIN32) && ( defined(__unix__) || defined(__unix) || \ - ( defined(__APPLE__) && defined(__MACH__) ) ) +#if defined(__unix__) || defined(__unix) || \ + ( defined(__APPLE__) && defined(__MACH__) ) tv.tv_usec = (suseconds_t) usec % 1000000; #else tv.tv_usec = usec % 1000000; #endif select( 0, NULL, NULL, NULL, &tv ); +#endif } -#endif /* POLARSSL_HAVE_TIME */ /* * Read at most 'len' characters */ -int net_recv( void *ctx, unsigned char *buf, size_t len ) +int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ) { - int fd = *((int *) ctx); - int ret = (int) read( fd, buf, len ); + int ret; + int fd = ((mbedtls_net_context *) ctx)->fd; + + if( fd < 0 ) + return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); + + ret = (int) read( fd, buf, len ); if( ret < 0 ) { - if( net_would_block( fd ) != 0 ) - return( POLARSSL_ERR_NET_WANT_READ ); + if( net_would_block( ctx ) != 0 ) + return( MBEDTLS_ERR_SSL_WANT_READ ); #if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ !defined(EFI32) if( WSAGetLastError() == WSAECONNRESET ) - return( POLARSSL_ERR_NET_CONN_RESET ); + return( MBEDTLS_ERR_NET_CONN_RESET ); #else if( errno == EPIPE || errno == ECONNRESET ) - return( POLARSSL_ERR_NET_CONN_RESET ); + return( MBEDTLS_ERR_NET_CONN_RESET ); if( errno == EINTR ) - return( POLARSSL_ERR_NET_WANT_READ ); + return( MBEDTLS_ERR_SSL_WANT_READ ); #endif - return( POLARSSL_ERR_NET_RECV_FAILED ); + return( MBEDTLS_ERR_NET_RECV_FAILED ); } return( ret ); } +/* + * Read at most 'len' characters, blocking for at most 'timeout' ms + */ +int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len, + uint32_t timeout ) +{ + int ret; + struct timeval tv; + fd_set read_fds; + int fd = ((mbedtls_net_context *) ctx)->fd; + + if( fd < 0 ) + return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); + + FD_ZERO( &read_fds ); + FD_SET( fd, &read_fds ); + + tv.tv_sec = timeout / 1000; + tv.tv_usec = ( timeout % 1000 ) * 1000; + + ret = select( fd + 1, &read_fds, NULL, NULL, timeout == 0 ? NULL : &tv ); + + /* Zero fds ready means we timed out */ + if( ret == 0 ) + return( MBEDTLS_ERR_SSL_TIMEOUT ); + + if( ret < 0 ) + { +#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ + !defined(EFI32) + if( WSAGetLastError() == WSAEINTR ) + return( MBEDTLS_ERR_SSL_WANT_READ ); +#else + if( errno == EINTR ) + return( MBEDTLS_ERR_SSL_WANT_READ ); +#endif + + return( MBEDTLS_ERR_NET_RECV_FAILED ); + } + + /* This call will not block */ + return( mbedtls_net_recv( ctx, buf, len ) ); +} + /* * Write at most 'len' characters */ -int net_send( void *ctx, const unsigned char *buf, size_t len ) +int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ) { - int fd = *((int *) ctx); - int ret = (int) write( fd, buf, len ); + int ret; + int fd = ((mbedtls_net_context *) ctx)->fd; + + if( fd < 0 ) + return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); + + ret = (int) write( fd, buf, len ); if( ret < 0 ) { - if( net_would_block( fd ) != 0 ) - return( POLARSSL_ERR_NET_WANT_WRITE ); + if( net_would_block( ctx ) != 0 ) + return( MBEDTLS_ERR_SSL_WANT_WRITE ); #if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ !defined(EFI32) if( WSAGetLastError() == WSAECONNRESET ) - return( POLARSSL_ERR_NET_CONN_RESET ); + return( MBEDTLS_ERR_NET_CONN_RESET ); #else if( errno == EPIPE || errno == ECONNRESET ) - return( POLARSSL_ERR_NET_CONN_RESET ); + return( MBEDTLS_ERR_NET_CONN_RESET ); if( errno == EINTR ) - return( POLARSSL_ERR_NET_WANT_WRITE ); + return( MBEDTLS_ERR_SSL_WANT_WRITE ); #endif - return( POLARSSL_ERR_NET_SEND_FAILED ); + return( MBEDTLS_ERR_NET_SEND_FAILED ); } return( ret ); @@ -577,10 +562,15 @@ int net_send( void *ctx, const unsigned char *buf, size_t len ) /* * Gracefully close the connection */ -void net_close( int fd ) +void mbedtls_net_free( mbedtls_net_context *ctx ) { - shutdown( fd, 2 ); - close( fd ); + if( ctx->fd == -1 ) + return; + + shutdown( ctx->fd, 2 ); + close( ctx->fd ); + + ctx->fd = -1; } -#endif /* POLARSSL_NET_C */ +#endif /* MBEDTLS_NET_C */ diff --git a/ext/mbedtls/library/oid.c b/ext/mbedtls/library/oid.c index b616d7ea91..f14282add7 100644 --- a/ext/mbedtls/library/oid.c +++ b/ext/mbedtls/library/oid.c @@ -22,44 +22,44 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_OID_C) +#if defined(MBEDTLS_OID_C) -#include "polarssl/oid.h" -#include "polarssl/rsa.h" +#include "mbedtls/oid.h" +#include "mbedtls/rsa.h" #include #include -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else -#define polarssl_snprintf snprintf +#define mbedtls_snprintf snprintf #endif -#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) -#include "polarssl/x509.h" +#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) +#include "mbedtls/x509.h" #endif /* * Macro to automatically add the size of #define'd OIDs */ -#define ADD_LEN(s) s, OID_SIZE(s) +#define ADD_LEN(s) s, MBEDTLS_OID_SIZE(s) /* * Macro to generate an internal function for oid_XXX_from_asn1() (used by * the other functions) */ #define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \ -static const TYPE_T * oid_ ## NAME ## _from_asn1( const asn1_buf *oid ) \ +static const TYPE_T * oid_ ## NAME ## _from_asn1( const mbedtls_asn1_buf *oid ) \ { \ const TYPE_T *p = LIST; \ - const oid_descriptor_t *cur = (const oid_descriptor_t *) p; \ + const mbedtls_oid_descriptor_t *cur = (const mbedtls_oid_descriptor_t *) p; \ if( p == NULL || oid == NULL ) return( NULL ); \ while( cur->asn1 != NULL ) { \ if( cur->asn1_len == oid->len && \ @@ -67,47 +67,47 @@ static const TYPE_T * oid_ ## NAME ## _from_asn1( const asn1_buf *oid ) \ return( p ); \ } \ p++; \ - cur = (const oid_descriptor_t *) p; \ + cur = (const mbedtls_oid_descriptor_t *) p; \ } \ return( NULL ); \ } /* * Macro to generate a function for retrieving a single attribute from the - * descriptor of an oid_descriptor_t wrapper. + * descriptor of an mbedtls_oid_descriptor_t wrapper. */ #define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \ -int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \ +int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \ { \ const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \ - if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \ + if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \ *ATTR1 = data->descriptor.ATTR1; \ return( 0 ); \ } /* * Macro to generate a function for retrieving a single attribute from an - * oid_descriptor_t wrapper. + * mbedtls_oid_descriptor_t wrapper. */ #define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \ -int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \ +int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \ { \ const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \ - if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \ + if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \ *ATTR1 = data->ATTR1; \ return( 0 ); \ } /* * Macro to generate a function for retrieving two attributes from an - * oid_descriptor_t wrapper. + * mbedtls_oid_descriptor_t wrapper. */ #define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \ ATTR2_TYPE, ATTR2) \ -int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \ +int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \ { \ const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \ - if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \ + if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \ *ATTR1 = data->ATTR1; \ *ATTR2 = data->ATTR2; \ return( 0 ); \ @@ -115,7 +115,7 @@ int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \ /* * Macro to generate a function for retrieving the OID based on a single - * attribute from a oid_descriptor_t wrapper. + * attribute from a mbedtls_oid_descriptor_t wrapper. */ #define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \ int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \ @@ -129,12 +129,12 @@ int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \ } \ cur++; \ } \ - return( POLARSSL_ERR_OID_NOT_FOUND ); \ + return( MBEDTLS_ERR_OID_NOT_FOUND ); \ } /* * Macro to generate a function for retrieving the OID based on two - * attributes from a oid_descriptor_t wrapper. + * attributes from a mbedtls_oid_descriptor_t wrapper. */ #define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1, \ ATTR2_TYPE, ATTR2) \ @@ -150,93 +150,93 @@ int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \ } \ cur++; \ } \ - return( POLARSSL_ERR_OID_NOT_FOUND ); \ + return( MBEDTLS_ERR_OID_NOT_FOUND ); \ } /* * For X520 attribute types */ typedef struct { - oid_descriptor_t descriptor; + mbedtls_oid_descriptor_t descriptor; const char *short_name; } oid_x520_attr_t; static const oid_x520_attr_t oid_x520_attr_type[] = { { - { ADD_LEN( OID_AT_CN ), "id-at-commonName", "Common Name" }, + { ADD_LEN( MBEDTLS_OID_AT_CN ), "id-at-commonName", "Common Name" }, "CN", }, { - { ADD_LEN( OID_AT_COUNTRY ), "id-at-countryName", "Country" }, + { ADD_LEN( MBEDTLS_OID_AT_COUNTRY ), "id-at-countryName", "Country" }, "C", }, { - { ADD_LEN( OID_AT_LOCALITY ), "id-at-locality", "Locality" }, + { ADD_LEN( MBEDTLS_OID_AT_LOCALITY ), "id-at-locality", "Locality" }, "L", }, { - { ADD_LEN( OID_AT_STATE ), "id-at-state", "State" }, + { ADD_LEN( MBEDTLS_OID_AT_STATE ), "id-at-state", "State" }, "ST", }, { - { ADD_LEN( OID_AT_ORGANIZATION ),"id-at-organizationName", "Organization" }, + { ADD_LEN( MBEDTLS_OID_AT_ORGANIZATION ),"id-at-organizationName", "Organization" }, "O", }, { - { ADD_LEN( OID_AT_ORG_UNIT ), "id-at-organizationalUnitName", "Org Unit" }, + { ADD_LEN( MBEDTLS_OID_AT_ORG_UNIT ), "id-at-organizationalUnitName", "Org Unit" }, "OU", }, { - { ADD_LEN( OID_PKCS9_EMAIL ), "emailAddress", "E-mail address" }, + { ADD_LEN( MBEDTLS_OID_PKCS9_EMAIL ), "emailAddress", "E-mail address" }, "emailAddress", }, { - { ADD_LEN( OID_AT_SERIAL_NUMBER ),"id-at-serialNumber", "Serial number" }, + { ADD_LEN( MBEDTLS_OID_AT_SERIAL_NUMBER ),"id-at-serialNumber", "Serial number" }, "serialNumber", }, { - { ADD_LEN( OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress", "Postal address" }, + { ADD_LEN( MBEDTLS_OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress", "Postal address" }, "postalAddress", }, { - { ADD_LEN( OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" }, + { ADD_LEN( MBEDTLS_OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" }, "postalCode", }, { - { ADD_LEN( OID_AT_SUR_NAME ), "id-at-surName", "Surname" }, + { ADD_LEN( MBEDTLS_OID_AT_SUR_NAME ), "id-at-surName", "Surname" }, "SN", }, { - { ADD_LEN( OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" }, + { ADD_LEN( MBEDTLS_OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" }, "GN", }, { - { ADD_LEN( OID_AT_INITIALS ), "id-at-initials", "Initials" }, + { ADD_LEN( MBEDTLS_OID_AT_INITIALS ), "id-at-initials", "Initials" }, "initials", }, { - { ADD_LEN( OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" }, + { ADD_LEN( MBEDTLS_OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" }, "generationQualifier", }, { - { ADD_LEN( OID_AT_TITLE ), "id-at-title", "Title" }, + { ADD_LEN( MBEDTLS_OID_AT_TITLE ), "id-at-title", "Title" }, "title", }, { - { ADD_LEN( OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" }, + { ADD_LEN( MBEDTLS_OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" }, "dnQualifier", }, { - { ADD_LEN( OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" }, + { ADD_LEN( MBEDTLS_OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" }, "pseudonym", }, { - { ADD_LEN( OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" }, + { ADD_LEN( MBEDTLS_OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" }, "DC", }, { - { ADD_LEN( OID_AT_UNIQUE_IDENTIFIER ), "id-at-uniqueIdentifier", "Unique Identifier" }, + { ADD_LEN( MBEDTLS_OID_AT_UNIQUE_IDENTIFIER ), "id-at-uniqueIdentifier", "Unique Identifier" }, "uniqueIdentifier", }, { @@ -245,39 +245,39 @@ static const oid_x520_attr_t oid_x520_attr_type[] = } }; -FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type); -FN_OID_GET_ATTR1(oid_get_attr_short_name, oid_x520_attr_t, x520_attr, const char *, short_name); +FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type) +FN_OID_GET_ATTR1(mbedtls_oid_get_attr_short_name, oid_x520_attr_t, x520_attr, const char *, short_name) -#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) +#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) /* * For X509 extensions */ typedef struct { - oid_descriptor_t descriptor; + mbedtls_oid_descriptor_t descriptor; int ext_type; } oid_x509_ext_t; static const oid_x509_ext_t oid_x509_ext[] = { { - { ADD_LEN( OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" }, - EXT_BASIC_CONSTRAINTS, + { ADD_LEN( MBEDTLS_OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" }, + MBEDTLS_X509_EXT_BASIC_CONSTRAINTS, }, { - { ADD_LEN( OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" }, - EXT_KEY_USAGE, + { ADD_LEN( MBEDTLS_OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" }, + MBEDTLS_X509_EXT_KEY_USAGE, }, { - { ADD_LEN( OID_EXTENDED_KEY_USAGE ), "id-ce-keyUsage", "Extended Key Usage" }, - EXT_EXTENDED_KEY_USAGE, + { ADD_LEN( MBEDTLS_OID_EXTENDED_KEY_USAGE ), "id-ce-keyUsage", "Extended Key Usage" }, + MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE, }, { - { ADD_LEN( OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" }, - EXT_SUBJECT_ALT_NAME, + { ADD_LEN( MBEDTLS_OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" }, + MBEDTLS_X509_EXT_SUBJECT_ALT_NAME, }, { - { ADD_LEN( OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" }, - EXT_NS_CERT_TYPE, + { ADD_LEN( MBEDTLS_OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" }, + MBEDTLS_X509_EXT_NS_CERT_TYPE, }, { { NULL, 0, NULL, NULL }, @@ -285,372 +285,331 @@ static const oid_x509_ext_t oid_x509_ext[] = }, }; -FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext); -FN_OID_GET_ATTR1(oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type); +FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext) +FN_OID_GET_ATTR1(mbedtls_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type) -static const oid_descriptor_t oid_ext_key_usage[] = +static const mbedtls_oid_descriptor_t oid_ext_key_usage[] = { - { ADD_LEN( OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" }, - { ADD_LEN( OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" }, - { ADD_LEN( OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" }, - { ADD_LEN( OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" }, - { ADD_LEN( OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" }, - { ADD_LEN( OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" }, + { ADD_LEN( MBEDTLS_OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" }, + { ADD_LEN( MBEDTLS_OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" }, + { ADD_LEN( MBEDTLS_OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" }, + { ADD_LEN( MBEDTLS_OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" }, + { ADD_LEN( MBEDTLS_OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" }, + { ADD_LEN( MBEDTLS_OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" }, { NULL, 0, NULL, NULL }, }; -FN_OID_TYPED_FROM_ASN1(oid_descriptor_t, ext_key_usage, oid_ext_key_usage); -FN_OID_GET_ATTR1(oid_get_extended_key_usage, oid_descriptor_t, ext_key_usage, const char *, description); -#endif /* POLARSSL_X509_USE_C || POLARSSL_X509_CREATE_C */ +FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, ext_key_usage, oid_ext_key_usage) +FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage, mbedtls_oid_descriptor_t, ext_key_usage, const char *, description) +#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */ -#if defined(POLARSSL_MD_C) +#if defined(MBEDTLS_MD_C) /* * For SignatureAlgorithmIdentifier */ typedef struct { - oid_descriptor_t descriptor; - md_type_t md_alg; - pk_type_t pk_alg; + mbedtls_oid_descriptor_t descriptor; + mbedtls_md_type_t md_alg; + mbedtls_pk_type_t pk_alg; } oid_sig_alg_t; static const oid_sig_alg_t oid_sig_alg[] = { { - { ADD_LEN( OID_PKCS1_MD2 ), "md2WithRSAEncryption", "RSA with MD2" }, - POLARSSL_MD_MD2, POLARSSL_PK_RSA, + { ADD_LEN( MBEDTLS_OID_PKCS1_MD2 ), "md2WithRSAEncryption", "RSA with MD2" }, + MBEDTLS_MD_MD2, MBEDTLS_PK_RSA, }, { - { ADD_LEN( OID_PKCS1_MD4 ), "md4WithRSAEncryption", "RSA with MD4" }, - POLARSSL_MD_MD4, POLARSSL_PK_RSA, + { ADD_LEN( MBEDTLS_OID_PKCS1_MD4 ), "md4WithRSAEncryption", "RSA with MD4" }, + MBEDTLS_MD_MD4, MBEDTLS_PK_RSA, }, { - { ADD_LEN( OID_PKCS1_MD5 ), "md5WithRSAEncryption", "RSA with MD5" }, - POLARSSL_MD_MD5, POLARSSL_PK_RSA, + { ADD_LEN( MBEDTLS_OID_PKCS1_MD5 ), "md5WithRSAEncryption", "RSA with MD5" }, + MBEDTLS_MD_MD5, MBEDTLS_PK_RSA, }, { - { ADD_LEN( OID_PKCS1_SHA1 ), "sha-1WithRSAEncryption", "RSA with SHA1" }, - POLARSSL_MD_SHA1, POLARSSL_PK_RSA, + { ADD_LEN( MBEDTLS_OID_PKCS1_SHA1 ), "sha-1WithRSAEncryption", "RSA with SHA1" }, + MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, { - { ADD_LEN( OID_PKCS1_SHA224 ), "sha224WithRSAEncryption", "RSA with SHA-224" }, - POLARSSL_MD_SHA224, POLARSSL_PK_RSA, + { ADD_LEN( MBEDTLS_OID_PKCS1_SHA224 ), "sha224WithRSAEncryption", "RSA with SHA-224" }, + MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA, }, { - { ADD_LEN( OID_PKCS1_SHA256 ), "sha256WithRSAEncryption", "RSA with SHA-256" }, - POLARSSL_MD_SHA256, POLARSSL_PK_RSA, + { ADD_LEN( MBEDTLS_OID_PKCS1_SHA256 ), "sha256WithRSAEncryption", "RSA with SHA-256" }, + MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA, }, { - { ADD_LEN( OID_PKCS1_SHA384 ), "sha384WithRSAEncryption", "RSA with SHA-384" }, - POLARSSL_MD_SHA384, POLARSSL_PK_RSA, + { ADD_LEN( MBEDTLS_OID_PKCS1_SHA384 ), "sha384WithRSAEncryption", "RSA with SHA-384" }, + MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA, }, { - { ADD_LEN( OID_PKCS1_SHA512 ), "sha512WithRSAEncryption", "RSA with SHA-512" }, - POLARSSL_MD_SHA512, POLARSSL_PK_RSA, + { ADD_LEN( MBEDTLS_OID_PKCS1_SHA512 ), "sha512WithRSAEncryption", "RSA with SHA-512" }, + MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA, }, { - { ADD_LEN( OID_RSA_SHA_OBS ), "sha-1WithRSAEncryption", "RSA with SHA1" }, - POLARSSL_MD_SHA1, POLARSSL_PK_RSA, + { ADD_LEN( MBEDTLS_OID_RSA_SHA_OBS ), "sha-1WithRSAEncryption", "RSA with SHA1" }, + MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, { - { ADD_LEN( OID_ECDSA_SHA1 ), "ecdsa-with-SHA1", "ECDSA with SHA1" }, - POLARSSL_MD_SHA1, POLARSSL_PK_ECDSA, + { ADD_LEN( MBEDTLS_OID_ECDSA_SHA1 ), "ecdsa-with-SHA1", "ECDSA with SHA1" }, + MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA, }, { - { ADD_LEN( OID_ECDSA_SHA224 ), "ecdsa-with-SHA224", "ECDSA with SHA224" }, - POLARSSL_MD_SHA224, POLARSSL_PK_ECDSA, + { ADD_LEN( MBEDTLS_OID_ECDSA_SHA224 ), "ecdsa-with-SHA224", "ECDSA with SHA224" }, + MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA, }, { - { ADD_LEN( OID_ECDSA_SHA256 ), "ecdsa-with-SHA256", "ECDSA with SHA256" }, - POLARSSL_MD_SHA256, POLARSSL_PK_ECDSA, + { ADD_LEN( MBEDTLS_OID_ECDSA_SHA256 ), "ecdsa-with-SHA256", "ECDSA with SHA256" }, + MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA, }, { - { ADD_LEN( OID_ECDSA_SHA384 ), "ecdsa-with-SHA384", "ECDSA with SHA384" }, - POLARSSL_MD_SHA384, POLARSSL_PK_ECDSA, + { ADD_LEN( MBEDTLS_OID_ECDSA_SHA384 ), "ecdsa-with-SHA384", "ECDSA with SHA384" }, + MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA, }, { - { ADD_LEN( OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" }, - POLARSSL_MD_SHA512, POLARSSL_PK_ECDSA, + { ADD_LEN( MBEDTLS_OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" }, + MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA, }, { - { ADD_LEN( OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" }, - POLARSSL_MD_NONE, POLARSSL_PK_RSASSA_PSS, + { ADD_LEN( MBEDTLS_OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" }, + MBEDTLS_MD_NONE, MBEDTLS_PK_RSASSA_PSS, }, { { NULL, 0, NULL, NULL }, - POLARSSL_MD_NONE, POLARSSL_PK_NONE, + MBEDTLS_MD_NONE, MBEDTLS_PK_NONE, }, }; -FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg); -FN_OID_GET_DESCRIPTOR_ATTR1(oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description); -FN_OID_GET_ATTR2(oid_get_sig_alg, oid_sig_alg_t, sig_alg, md_type_t, md_alg, pk_type_t, pk_alg); -FN_OID_GET_OID_BY_ATTR2(oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, pk_type_t, pk_alg, md_type_t, md_alg); -#endif /* POLARSSL_MD_C */ +FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg) +FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description) +FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg) +FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg) +#endif /* MBEDTLS_MD_C */ /* * For PublicKeyInfo (PKCS1, RFC 5480) */ typedef struct { - oid_descriptor_t descriptor; - pk_type_t pk_alg; + mbedtls_oid_descriptor_t descriptor; + mbedtls_pk_type_t pk_alg; } oid_pk_alg_t; static const oid_pk_alg_t oid_pk_alg[] = { { - { ADD_LEN( OID_PKCS1_RSA ), "rsaEncryption", "RSA" }, - POLARSSL_PK_RSA, + { ADD_LEN( MBEDTLS_OID_PKCS1_RSA ), "rsaEncryption", "RSA" }, + MBEDTLS_PK_RSA, }, { - { ADD_LEN( OID_EC_ALG_UNRESTRICTED ), "id-ecPublicKey", "Generic EC key" }, - POLARSSL_PK_ECKEY, + { ADD_LEN( MBEDTLS_OID_EC_ALG_UNRESTRICTED ), "id-ecPublicKey", "Generic EC key" }, + MBEDTLS_PK_ECKEY, }, { - { ADD_LEN( OID_EC_ALG_ECDH ), "id-ecDH", "EC key for ECDH" }, - POLARSSL_PK_ECKEY_DH, + { ADD_LEN( MBEDTLS_OID_EC_ALG_ECDH ), "id-ecDH", "EC key for ECDH" }, + MBEDTLS_PK_ECKEY_DH, }, { { NULL, 0, NULL, NULL }, - POLARSSL_PK_NONE, + MBEDTLS_PK_NONE, }, }; -FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg); -FN_OID_GET_ATTR1(oid_get_pk_alg, oid_pk_alg_t, pk_alg, pk_type_t, pk_alg); -FN_OID_GET_OID_BY_ATTR1(oid_get_oid_by_pk_alg, oid_pk_alg_t, oid_pk_alg, pk_type_t, pk_alg); +FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg) +FN_OID_GET_ATTR1(mbedtls_oid_get_pk_alg, oid_pk_alg_t, pk_alg, mbedtls_pk_type_t, pk_alg) +FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_pk_alg, oid_pk_alg_t, oid_pk_alg, mbedtls_pk_type_t, pk_alg) -#if defined(POLARSSL_ECP_C) +#if defined(MBEDTLS_ECP_C) /* * For namedCurve (RFC 5480) */ typedef struct { - oid_descriptor_t descriptor; - ecp_group_id grp_id; + mbedtls_oid_descriptor_t descriptor; + mbedtls_ecp_group_id grp_id; } oid_ecp_grp_t; static const oid_ecp_grp_t oid_ecp_grp[] = { { - { ADD_LEN( OID_EC_GRP_SECP192R1 ), "secp192r1", "secp192r1" }, - POLARSSL_ECP_DP_SECP192R1, + { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192R1 ), "secp192r1", "secp192r1" }, + MBEDTLS_ECP_DP_SECP192R1, }, { - { ADD_LEN( OID_EC_GRP_SECP224R1 ), "secp224r1", "secp224r1" }, - POLARSSL_ECP_DP_SECP224R1, + { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224R1 ), "secp224r1", "secp224r1" }, + MBEDTLS_ECP_DP_SECP224R1, }, { - { ADD_LEN( OID_EC_GRP_SECP256R1 ), "secp256r1", "secp256r1" }, - POLARSSL_ECP_DP_SECP256R1, + { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256R1 ), "secp256r1", "secp256r1" }, + MBEDTLS_ECP_DP_SECP256R1, }, { - { ADD_LEN( OID_EC_GRP_SECP384R1 ), "secp384r1", "secp384r1" }, - POLARSSL_ECP_DP_SECP384R1, + { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP384R1 ), "secp384r1", "secp384r1" }, + MBEDTLS_ECP_DP_SECP384R1, }, { - { ADD_LEN( OID_EC_GRP_SECP521R1 ), "secp521r1", "secp521r1" }, - POLARSSL_ECP_DP_SECP521R1, + { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP521R1 ), "secp521r1", "secp521r1" }, + MBEDTLS_ECP_DP_SECP521R1, }, { - { ADD_LEN( OID_EC_GRP_SECP192K1 ), "secp192k1", "secp192k1" }, - POLARSSL_ECP_DP_SECP192K1, + { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192K1 ), "secp192k1", "secp192k1" }, + MBEDTLS_ECP_DP_SECP192K1, }, { - { ADD_LEN( OID_EC_GRP_SECP224K1 ), "secp224k1", "secp224k1" }, - POLARSSL_ECP_DP_SECP224K1, + { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224K1 ), "secp224k1", "secp224k1" }, + MBEDTLS_ECP_DP_SECP224K1, }, { - { ADD_LEN( OID_EC_GRP_SECP256K1 ), "secp256k1", "secp256k1" }, - POLARSSL_ECP_DP_SECP256K1, + { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256K1 ), "secp256k1", "secp256k1" }, + MBEDTLS_ECP_DP_SECP256K1, }, { - { ADD_LEN( OID_EC_GRP_BP256R1 ), "brainpoolP256r1","brainpool256r1" }, - POLARSSL_ECP_DP_BP256R1, + { ADD_LEN( MBEDTLS_OID_EC_GRP_BP256R1 ), "brainpoolP256r1","brainpool256r1" }, + MBEDTLS_ECP_DP_BP256R1, }, { - { ADD_LEN( OID_EC_GRP_BP384R1 ), "brainpoolP384r1","brainpool384r1" }, - POLARSSL_ECP_DP_BP384R1, + { ADD_LEN( MBEDTLS_OID_EC_GRP_BP384R1 ), "brainpoolP384r1","brainpool384r1" }, + MBEDTLS_ECP_DP_BP384R1, }, { - { ADD_LEN( OID_EC_GRP_BP512R1 ), "brainpoolP512r1","brainpool512r1" }, - POLARSSL_ECP_DP_BP512R1, + { ADD_LEN( MBEDTLS_OID_EC_GRP_BP512R1 ), "brainpoolP512r1","brainpool512r1" }, + MBEDTLS_ECP_DP_BP512R1, }, { { NULL, 0, NULL, NULL }, - POLARSSL_ECP_DP_NONE, + MBEDTLS_ECP_DP_NONE, }, }; -FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp); -FN_OID_GET_ATTR1(oid_get_ec_grp, oid_ecp_grp_t, grp_id, ecp_group_id, grp_id); -FN_OID_GET_OID_BY_ATTR1(oid_get_oid_by_ec_grp, oid_ecp_grp_t, oid_ecp_grp, ecp_group_id, grp_id); -#endif /* POLARSSL_ECP_C */ +FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp) +FN_OID_GET_ATTR1(mbedtls_oid_get_ec_grp, oid_ecp_grp_t, grp_id, mbedtls_ecp_group_id, grp_id) +FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_ec_grp, oid_ecp_grp_t, oid_ecp_grp, mbedtls_ecp_group_id, grp_id) +#endif /* MBEDTLS_ECP_C */ -#if defined(POLARSSL_CIPHER_C) +#if defined(MBEDTLS_CIPHER_C) /* * For PKCS#5 PBES2 encryption algorithm */ typedef struct { - oid_descriptor_t descriptor; - cipher_type_t cipher_alg; + mbedtls_oid_descriptor_t descriptor; + mbedtls_cipher_type_t cipher_alg; } oid_cipher_alg_t; static const oid_cipher_alg_t oid_cipher_alg[] = { { - { ADD_LEN( OID_DES_CBC ), "desCBC", "DES-CBC" }, - POLARSSL_CIPHER_DES_CBC, + { ADD_LEN( MBEDTLS_OID_DES_CBC ), "desCBC", "DES-CBC" }, + MBEDTLS_CIPHER_DES_CBC, }, { - { ADD_LEN( OID_DES_EDE3_CBC ), "des-ede3-cbc", "DES-EDE3-CBC" }, - POLARSSL_CIPHER_DES_EDE3_CBC, + { ADD_LEN( MBEDTLS_OID_DES_EDE3_CBC ), "des-ede3-cbc", "DES-EDE3-CBC" }, + MBEDTLS_CIPHER_DES_EDE3_CBC, }, { { NULL, 0, NULL, NULL }, - POLARSSL_CIPHER_NONE, + MBEDTLS_CIPHER_NONE, }, }; -FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg); -FN_OID_GET_ATTR1(oid_get_cipher_alg, oid_cipher_alg_t, cipher_alg, cipher_type_t, cipher_alg); -#endif /* POLARSSL_CIPHER_C */ +FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg) +FN_OID_GET_ATTR1(mbedtls_oid_get_cipher_alg, oid_cipher_alg_t, cipher_alg, mbedtls_cipher_type_t, cipher_alg) +#endif /* MBEDTLS_CIPHER_C */ -#if defined(POLARSSL_MD_C) +#if defined(MBEDTLS_MD_C) /* * For digestAlgorithm */ typedef struct { - oid_descriptor_t descriptor; - md_type_t md_alg; + mbedtls_oid_descriptor_t descriptor; + mbedtls_md_type_t md_alg; } oid_md_alg_t; static const oid_md_alg_t oid_md_alg[] = { { - { ADD_LEN( OID_DIGEST_ALG_MD2 ), "id-md2", "MD2" }, - POLARSSL_MD_MD2, + { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD2 ), "id-md2", "MD2" }, + MBEDTLS_MD_MD2, }, { - { ADD_LEN( OID_DIGEST_ALG_MD4 ), "id-md4", "MD4" }, - POLARSSL_MD_MD4, + { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD4 ), "id-md4", "MD4" }, + MBEDTLS_MD_MD4, }, { - { ADD_LEN( OID_DIGEST_ALG_MD5 ), "id-md5", "MD5" }, - POLARSSL_MD_MD5, + { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD5 ), "id-md5", "MD5" }, + MBEDTLS_MD_MD5, }, { - { ADD_LEN( OID_DIGEST_ALG_SHA1 ), "id-sha1", "SHA-1" }, - POLARSSL_MD_SHA1, + { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA1 ), "id-sha1", "SHA-1" }, + MBEDTLS_MD_SHA1, }, { - { ADD_LEN( OID_DIGEST_ALG_SHA224 ), "id-sha224", "SHA-224" }, - POLARSSL_MD_SHA224, + { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA224 ), "id-sha224", "SHA-224" }, + MBEDTLS_MD_SHA224, }, { - { ADD_LEN( OID_DIGEST_ALG_SHA256 ), "id-sha256", "SHA-256" }, - POLARSSL_MD_SHA256, + { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA256 ), "id-sha256", "SHA-256" }, + MBEDTLS_MD_SHA256, }, { - { ADD_LEN( OID_DIGEST_ALG_SHA384 ), "id-sha384", "SHA-384" }, - POLARSSL_MD_SHA384, + { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA384 ), "id-sha384", "SHA-384" }, + MBEDTLS_MD_SHA384, }, { - { ADD_LEN( OID_DIGEST_ALG_SHA512 ), "id-sha512", "SHA-512" }, - POLARSSL_MD_SHA512, + { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA512 ), "id-sha512", "SHA-512" }, + MBEDTLS_MD_SHA512, }, { { NULL, 0, NULL, NULL }, - POLARSSL_MD_NONE, + MBEDTLS_MD_NONE, }, }; -FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg); -FN_OID_GET_ATTR1(oid_get_md_alg, oid_md_alg_t, md_alg, md_type_t, md_alg); -FN_OID_GET_OID_BY_ATTR1(oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, md_type_t, md_alg); -#endif /* POLARSSL_MD_C */ +FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg) +FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg) +FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg) +#endif /* MBEDTLS_MD_C */ -#if defined(POLARSSL_PKCS12_C) +#if defined(MBEDTLS_PKCS12_C) /* * For PKCS#12 PBEs */ typedef struct { - oid_descriptor_t descriptor; - md_type_t md_alg; - cipher_type_t cipher_alg; + mbedtls_oid_descriptor_t descriptor; + mbedtls_md_type_t md_alg; + mbedtls_cipher_type_t cipher_alg; } oid_pkcs12_pbe_alg_t; static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] = { { - { ADD_LEN( OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" }, - POLARSSL_MD_SHA1, POLARSSL_CIPHER_DES_EDE3_CBC, + { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" }, + MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE3_CBC, }, { - { ADD_LEN( OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" }, - POLARSSL_MD_SHA1, POLARSSL_CIPHER_DES_EDE_CBC, + { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" }, + MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE_CBC, }, { { NULL, 0, NULL, NULL }, - POLARSSL_MD_NONE, POLARSSL_CIPHER_NONE, + MBEDTLS_MD_NONE, MBEDTLS_CIPHER_NONE, }, }; -FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg); -FN_OID_GET_ATTR2(oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, md_type_t, md_alg, cipher_type_t, cipher_alg); -#endif /* POLARSSL_PKCS12_C */ +FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg) +FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, mbedtls_md_type_t, md_alg, mbedtls_cipher_type_t, cipher_alg) +#endif /* MBEDTLS_PKCS12_C */ -#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \ - !defined(EFI32) -#include - -#if !defined vsnprintf -#define vsnprintf _vsnprintf -#endif // vsnprintf - -/* - * Windows _snprintf and _vsnprintf are not compatible to linux versions. - * Result value is not size of buffer needed, but -1 if no fit is possible. - * - * This fuction tries to 'fix' this by at least suggesting enlarging the - * size by 20. - */ -static int compat_snprintf( char *str, size_t size, const char *format, ... ) -{ - va_list ap; - int res = -1; - - va_start( ap, format ); - - res = vsnprintf( str, size, format, ap ); - - va_end( ap ); - - // No quick fix possible - if( res < 0 ) - return( (int) size + 20 ); - - return( res ); -} - -#define snprintf compat_snprintf -#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */ - -#define SAFE_SNPRINTF() \ -{ \ - if( ret == -1 ) \ - return( POLARSSL_ERR_OID_BUF_TOO_SMALL ); \ - \ - if( (unsigned int) ret >= n ) { \ - p[n - 1] = '\0'; \ - return( POLARSSL_ERR_OID_BUF_TOO_SMALL ); \ - } \ - \ - n -= (unsigned int) ret; \ - p += (unsigned int) ret; \ -} +#define OID_SAFE_SNPRINTF \ + do { \ + if( ret < 0 || (size_t) ret >= n ) \ + return( MBEDTLS_ERR_OID_BUF_TOO_SMALL ); \ + \ + n -= (size_t) ret; \ + p += (size_t) ret; \ + } while( 0 ) /* Return the x.y.z.... style numeric string for the given OID */ -int oid_get_numeric_string( char *buf, size_t size, - const asn1_buf *oid ) +int mbedtls_oid_get_numeric_string( char *buf, size_t size, + const mbedtls_asn1_buf *oid ) { int ret; size_t i, n; @@ -663,8 +622,8 @@ int oid_get_numeric_string( char *buf, size_t size, /* First byte contains first two dots */ if( oid->len > 0 ) { - ret = polarssl_snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 ); + OID_SAFE_SNPRINTF; } value = 0; @@ -672,7 +631,7 @@ int oid_get_numeric_string( char *buf, size_t size, { /* Prevent overflow in value. */ if( ( ( value << 7 ) >> 7 ) != value ) - return( POLARSSL_ERR_OID_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_OID_BUF_TOO_SMALL ); value <<= 7; value += oid->p[i] & 0x7F; @@ -680,8 +639,8 @@ int oid_get_numeric_string( char *buf, size_t size, if( !( oid->p[i] & 0x80 ) ) { /* Last byte */ - ret = polarssl_snprintf( p, n, ".%d", value ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, ".%d", value ); + OID_SAFE_SNPRINTF; value = 0; } } @@ -689,4 +648,4 @@ int oid_get_numeric_string( char *buf, size_t size, return( (int) ( size - n ) ); } -#endif /* POLARSSL_OID_C */ +#endif /* MBEDTLS_OID_C */ diff --git a/ext/mbedtls/library/padlock.c b/ext/mbedtls/library/padlock.c index d83f76c4ec..32654f9aba 100644 --- a/ext/mbedtls/library/padlock.c +++ b/ext/mbedtls/library/padlock.c @@ -26,24 +26,28 @@ * programming_guide.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PADLOCK_C) +#if defined(MBEDTLS_PADLOCK_C) -#include "polarssl/padlock.h" +#include "mbedtls/padlock.h" #include -#if defined(POLARSSL_HAVE_X86) +#ifndef asm +#define asm __asm +#endif + +#if defined(MBEDTLS_HAVE_X86) /* * PadLock detection routine */ -int padlock_supports( int feature ) +int mbedtls_padlock_has_support( int feature ) { static int flags = -1; int ebx = 0, edx = 0; @@ -74,7 +78,7 @@ int padlock_supports( int feature ) /* * PadLock AES-ECB block en(de)cryption */ -int padlock_xcryptecb( aes_context *ctx, +int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, int mode, const unsigned char input[16], unsigned char output[16] ) @@ -86,7 +90,7 @@ int padlock_xcryptecb( aes_context *ctx, unsigned char buf[256]; rk = ctx->rk; - blk = PADLOCK_ALIGN16( buf ); + blk = MBEDTLS_PADLOCK_ALIGN16( buf ); memcpy( blk, input, 16 ); ctrl = blk + 4; @@ -114,7 +118,7 @@ int padlock_xcryptecb( aes_context *ctx, /* * PadLock AES-CBC buffer en(de)cryption */ -int padlock_xcryptcbc( aes_context *ctx, +int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx, int mode, size_t length, unsigned char iv[16], @@ -130,10 +134,10 @@ int padlock_xcryptcbc( aes_context *ctx, if( ( (long) input & 15 ) != 0 || ( (long) output & 15 ) != 0 ) - return( POLARSSL_ERR_PADLOCK_DATA_MISALIGNED ); + return( MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED ); rk = ctx->rk; - iw = PADLOCK_ALIGN16( buf ); + iw = MBEDTLS_PADLOCK_ALIGN16( buf ); memcpy( iw, iv, 16 ); ctrl = iw + 4; @@ -162,6 +166,6 @@ int padlock_xcryptcbc( aes_context *ctx, return( 0 ); } -#endif /* POLARSSL_HAVE_X86 */ +#endif /* MBEDTLS_HAVE_X86 */ -#endif /* POLARSSL_PADLOCK_C */ +#endif /* MBEDTLS_PADLOCK_C */ diff --git a/ext/mbedtls/library/pbkdf2.c b/ext/mbedtls/library/pbkdf2.c deleted file mode 100644 index 783e4a8bec..0000000000 --- a/ext/mbedtls/library/pbkdf2.c +++ /dev/null @@ -1,64 +0,0 @@ -/** - * \file pbkdf2.c - * - * \brief Compatibility wrappers for pkcs5.c - * - * \author Mathias Olsson - * - * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved - * - * This file is part of mbed TLS (https://tls.mbed.org) - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -/* - * PBKDF2 is part of PKCS#5 - * - * http://tools.ietf.org/html/rfc2898 (Specification) - * http://tools.ietf.org/html/rfc6070 (Test vectors) - */ - -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" -#else -#include POLARSSL_CONFIG_FILE -#endif - -#if defined(POLARSSL_PBKDF2_C) - -#include "polarssl/pbkdf2.h" -#include "polarssl/pkcs5.h" - -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, size_t plen, - const unsigned char *salt, size_t slen, - unsigned int iteration_count, - uint32_t key_length, unsigned char *output ) -{ - return pkcs5_pbkdf2_hmac( ctx, password, plen, salt, slen, iteration_count, - key_length, output ); -} -#endif - -#if defined(POLARSSL_SELF_TEST) -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -int pbkdf2_self_test( int verbose ) -{ - return pkcs5_self_test( verbose ); -} -#endif -#endif /* POLARSSL_SELF_TEST */ - -#endif /* POLARSSL_PBKDF2_C */ diff --git a/ext/mbedtls/library/pem.c b/ext/mbedtls/library/pem.c index 5060484cc0..13fc2df2f1 100644 --- a/ext/mbedtls/library/pem.c +++ b/ext/mbedtls/library/pem.c @@ -20,44 +20,44 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C) +#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C) -#include "polarssl/pem.h" -#include "polarssl/base64.h" -#include "polarssl/des.h" -#include "polarssl/aes.h" -#include "polarssl/md5.h" -#include "polarssl/cipher.h" +#include "mbedtls/pem.h" +#include "mbedtls/base64.h" +#include "mbedtls/des.h" +#include "mbedtls/aes.h" +#include "mbedtls/md5.h" +#include "mbedtls/cipher.h" #include -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_calloc calloc +#define mbedtls_free free #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -#if defined(POLARSSL_PEM_PARSE_C) -void pem_init( pem_context *ctx ) +#if defined(MBEDTLS_PEM_PARSE_C) +void mbedtls_pem_init( mbedtls_pem_context *ctx ) { - memset( ctx, 0, sizeof( pem_context ) ); + memset( ctx, 0, sizeof( mbedtls_pem_context ) ); } -#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \ - ( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) ) +#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ + ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) /* * Read a 16-byte hex string and convert it to binary */ @@ -73,7 +73,7 @@ static int pem_get_iv( const unsigned char *s, unsigned char *iv, if( *s >= '0' && *s <= '9' ) j = *s - '0'; else if( *s >= 'A' && *s <= 'F' ) j = *s - '7'; else if( *s >= 'a' && *s <= 'f' ) j = *s - 'W'; else - return( POLARSSL_ERR_PEM_INVALID_ENC_IV ); + return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); k = ( ( i & 1 ) != 0 ) ? j : j << 4; @@ -87,26 +87,26 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen, unsigned char *iv, const unsigned char *pwd, size_t pwdlen ) { - md5_context md5_ctx; + mbedtls_md5_context md5_ctx; unsigned char md5sum[16]; size_t use_len; - md5_init( &md5_ctx ); + mbedtls_md5_init( &md5_ctx ); /* * key[ 0..15] = MD5(pwd || IV) */ - md5_starts( &md5_ctx ); - md5_update( &md5_ctx, pwd, pwdlen ); - md5_update( &md5_ctx, iv, 8 ); - md5_finish( &md5_ctx, md5sum ); + mbedtls_md5_starts( &md5_ctx ); + mbedtls_md5_update( &md5_ctx, pwd, pwdlen ); + mbedtls_md5_update( &md5_ctx, iv, 8 ); + mbedtls_md5_finish( &md5_ctx, md5sum ); if( keylen <= 16 ) { memcpy( key, md5sum, keylen ); - md5_free( &md5_ctx ); - polarssl_zeroize( md5sum, 16 ); + mbedtls_md5_free( &md5_ctx ); + mbedtls_zeroize( md5sum, 16 ); return; } @@ -115,11 +115,11 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen, /* * key[16..23] = MD5(key[ 0..15] || pwd || IV]) */ - md5_starts( &md5_ctx ); - md5_update( &md5_ctx, md5sum, 16 ); - md5_update( &md5_ctx, pwd, pwdlen ); - md5_update( &md5_ctx, iv, 8 ); - md5_finish( &md5_ctx, md5sum ); + mbedtls_md5_starts( &md5_ctx ); + mbedtls_md5_update( &md5_ctx, md5sum, 16 ); + mbedtls_md5_update( &md5_ctx, pwd, pwdlen ); + mbedtls_md5_update( &md5_ctx, iv, 8 ); + mbedtls_md5_finish( &md5_ctx, md5sum ); use_len = 16; if( keylen < 32 ) @@ -127,11 +127,11 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen, memcpy( key + 16, md5sum, use_len ); - md5_free( &md5_ctx ); - polarssl_zeroize( md5sum, 16 ); + mbedtls_md5_free( &md5_ctx ); + mbedtls_zeroize( md5sum, 16 ); } -#if defined(POLARSSL_DES_C) +#if defined(MBEDTLS_DES_C) /* * Decrypt with DES-CBC, using PBKDF1 for key derivation */ @@ -139,19 +139,19 @@ static void pem_des_decrypt( unsigned char des_iv[8], unsigned char *buf, size_t buflen, const unsigned char *pwd, size_t pwdlen ) { - des_context des_ctx; + mbedtls_des_context des_ctx; unsigned char des_key[8]; - des_init( &des_ctx ); + mbedtls_des_init( &des_ctx ); pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen ); - des_setkey_dec( &des_ctx, des_key ); - des_crypt_cbc( &des_ctx, DES_DECRYPT, buflen, + mbedtls_des_setkey_dec( &des_ctx, des_key ); + mbedtls_des_crypt_cbc( &des_ctx, MBEDTLS_DES_DECRYPT, buflen, des_iv, buf, buf ); - des_free( &des_ctx ); - polarssl_zeroize( des_key, 8 ); + mbedtls_des_free( &des_ctx ); + mbedtls_zeroize( des_key, 8 ); } /* @@ -161,23 +161,23 @@ static void pem_des3_decrypt( unsigned char des3_iv[8], unsigned char *buf, size_t buflen, const unsigned char *pwd, size_t pwdlen ) { - des3_context des3_ctx; + mbedtls_des3_context des3_ctx; unsigned char des3_key[24]; - des3_init( &des3_ctx ); + mbedtls_des3_init( &des3_ctx ); pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen ); - des3_set3key_dec( &des3_ctx, des3_key ); - des3_crypt_cbc( &des3_ctx, DES_DECRYPT, buflen, + mbedtls_des3_set3key_dec( &des3_ctx, des3_key ); + mbedtls_des3_crypt_cbc( &des3_ctx, MBEDTLS_DES_DECRYPT, buflen, des3_iv, buf, buf ); - des3_free( &des3_ctx ); - polarssl_zeroize( des3_key, 24 ); + mbedtls_des3_free( &des3_ctx ); + mbedtls_zeroize( des3_key, 24 ); } -#endif /* POLARSSL_DES_C */ +#endif /* MBEDTLS_DES_C */ -#if defined(POLARSSL_AES_C) +#if defined(MBEDTLS_AES_C) /* * Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation */ @@ -185,26 +185,26 @@ static void pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen, unsigned char *buf, size_t buflen, const unsigned char *pwd, size_t pwdlen ) { - aes_context aes_ctx; + mbedtls_aes_context aes_ctx; unsigned char aes_key[32]; - aes_init( &aes_ctx ); + mbedtls_aes_init( &aes_ctx ); pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen ); - aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 ); - aes_crypt_cbc( &aes_ctx, AES_DECRYPT, buflen, + mbedtls_aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 ); + mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_DECRYPT, buflen, aes_iv, buf, buf ); - aes_free( &aes_ctx ); - polarssl_zeroize( aes_key, keylen ); + mbedtls_aes_free( &aes_ctx ); + mbedtls_zeroize( aes_key, keylen ); } -#endif /* POLARSSL_AES_C */ +#endif /* MBEDTLS_AES_C */ -#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC && - ( POLARSSL_AES_C || POLARSSL_DES_C ) */ +#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && + ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ -int pem_read_buffer( pem_context *ctx, const char *header, const char *footer, +int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer, const unsigned char *data, const unsigned char *pwd, size_t pwdlen, size_t *use_len ) { @@ -212,38 +212,36 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer, size_t len; unsigned char *buf; const unsigned char *s1, *s2, *end; -#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \ - ( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) ) +#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ + ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) unsigned char pem_iv[16]; - cipher_type_t enc_alg = POLARSSL_CIPHER_NONE; + mbedtls_cipher_type_t enc_alg = MBEDTLS_CIPHER_NONE; #else ((void) pwd); ((void) pwdlen); -#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC && - ( POLARSSL_AES_C || POLARSSL_DES_C ) */ +#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && + ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ if( ctx == NULL ) - return( POLARSSL_ERR_PEM_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PEM_BAD_INPUT_DATA ); s1 = (unsigned char *) strstr( (const char *) data, header ); if( s1 == NULL ) - return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); + return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); s2 = (unsigned char *) strstr( (const char *) data, footer ); if( s2 == NULL || s2 <= s1 ) - return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); + return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); s1 += strlen( header ); - if( *s1 == ' ' ) s1++; if( *s1 == '\r' ) s1++; if( *s1 == '\n' ) s1++; - else return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); + else return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); end = s2; end += strlen( footer ); - if( *end == ' ' ) end++; if( *end == '\r' ) end++; if( *end == '\n' ) end++; *use_len = end - data; @@ -252,111 +250,110 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer, if( memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 ) { -#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \ - ( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) ) +#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ + ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) enc++; s1 += 22; if( *s1 == '\r' ) s1++; if( *s1 == '\n' ) s1++; - else return( POLARSSL_ERR_PEM_INVALID_DATA ); + else return( MBEDTLS_ERR_PEM_INVALID_DATA ); -#if defined(POLARSSL_DES_C) +#if defined(MBEDTLS_DES_C) if( memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 ) { - enc_alg = POLARSSL_CIPHER_DES_EDE3_CBC; + enc_alg = MBEDTLS_CIPHER_DES_EDE3_CBC; s1 += 23; if( pem_get_iv( s1, pem_iv, 8 ) != 0 ) - return( POLARSSL_ERR_PEM_INVALID_ENC_IV ); + return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); s1 += 16; } else if( memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 ) { - enc_alg = POLARSSL_CIPHER_DES_CBC; + enc_alg = MBEDTLS_CIPHER_DES_CBC; s1 += 18; if( pem_get_iv( s1, pem_iv, 8) != 0 ) - return( POLARSSL_ERR_PEM_INVALID_ENC_IV ); + return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); s1 += 16; } -#endif /* POLARSSL_DES_C */ +#endif /* MBEDTLS_DES_C */ -#if defined(POLARSSL_AES_C) +#if defined(MBEDTLS_AES_C) if( memcmp( s1, "DEK-Info: AES-", 14 ) == 0 ) { if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 ) - enc_alg = POLARSSL_CIPHER_AES_128_CBC; + enc_alg = MBEDTLS_CIPHER_AES_128_CBC; else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 ) - enc_alg = POLARSSL_CIPHER_AES_192_CBC; + enc_alg = MBEDTLS_CIPHER_AES_192_CBC; else if( memcmp( s1, "DEK-Info: AES-256-CBC,", 22 ) == 0 ) - enc_alg = POLARSSL_CIPHER_AES_256_CBC; + enc_alg = MBEDTLS_CIPHER_AES_256_CBC; else - return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG ); + return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); s1 += 22; if( pem_get_iv( s1, pem_iv, 16 ) != 0 ) - return( POLARSSL_ERR_PEM_INVALID_ENC_IV ); + return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); s1 += 32; } -#endif /* POLARSSL_AES_C */ +#endif /* MBEDTLS_AES_C */ - if( enc_alg == POLARSSL_CIPHER_NONE ) - return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG ); + if( enc_alg == MBEDTLS_CIPHER_NONE ) + return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); if( *s1 == '\r' ) s1++; if( *s1 == '\n' ) s1++; - else return( POLARSSL_ERR_PEM_INVALID_DATA ); + else return( MBEDTLS_ERR_PEM_INVALID_DATA ); #else - return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC && - ( POLARSSL_AES_C || POLARSSL_DES_C ) */ + return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE ); +#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && + ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ } - len = 0; - ret = base64_decode( NULL, &len, s1, s2 - s1 ); + ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 ); - if( ret == POLARSSL_ERR_BASE64_INVALID_CHARACTER ) - return( POLARSSL_ERR_PEM_INVALID_DATA + ret ); + if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER ) + return( MBEDTLS_ERR_PEM_INVALID_DATA + ret ); - if( ( buf = polarssl_malloc( len ) ) == NULL ) - return( POLARSSL_ERR_PEM_MALLOC_FAILED ); + if( ( buf = mbedtls_calloc( 1, len ) ) == NULL ) + return( MBEDTLS_ERR_PEM_ALLOC_FAILED ); - if( ( ret = base64_decode( buf, &len, s1, s2 - s1 ) ) != 0 ) + if( ( ret = mbedtls_base64_decode( buf, len, &len, s1, s2 - s1 ) ) != 0 ) { - polarssl_free( buf ); - return( POLARSSL_ERR_PEM_INVALID_DATA + ret ); + mbedtls_free( buf ); + return( MBEDTLS_ERR_PEM_INVALID_DATA + ret ); } if( enc != 0 ) { -#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \ - ( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) ) +#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ + ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) if( pwd == NULL ) { - polarssl_free( buf ); - return( POLARSSL_ERR_PEM_PASSWORD_REQUIRED ); + mbedtls_free( buf ); + return( MBEDTLS_ERR_PEM_PASSWORD_REQUIRED ); } -#if defined(POLARSSL_DES_C) - if( enc_alg == POLARSSL_CIPHER_DES_EDE3_CBC ) +#if defined(MBEDTLS_DES_C) + if( enc_alg == MBEDTLS_CIPHER_DES_EDE3_CBC ) pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen ); - else if( enc_alg == POLARSSL_CIPHER_DES_CBC ) + else if( enc_alg == MBEDTLS_CIPHER_DES_CBC ) pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen ); -#endif /* POLARSSL_DES_C */ +#endif /* MBEDTLS_DES_C */ -#if defined(POLARSSL_AES_C) - if( enc_alg == POLARSSL_CIPHER_AES_128_CBC ) +#if defined(MBEDTLS_AES_C) + if( enc_alg == MBEDTLS_CIPHER_AES_128_CBC ) pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen ); - else if( enc_alg == POLARSSL_CIPHER_AES_192_CBC ) + else if( enc_alg == MBEDTLS_CIPHER_AES_192_CBC ) pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen ); - else if( enc_alg == POLARSSL_CIPHER_AES_256_CBC ) + else if( enc_alg == MBEDTLS_CIPHER_AES_256_CBC ) pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen ); -#endif /* POLARSSL_AES_C */ +#endif /* MBEDTLS_AES_C */ /* * The result will be ASN.1 starting with a SEQUENCE tag, with 1 to 3 @@ -366,14 +363,14 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer, */ if( len <= 2 || buf[0] != 0x30 || buf[1] > 0x83 ) { - polarssl_free( buf ); - return( POLARSSL_ERR_PEM_PASSWORD_MISMATCH ); + mbedtls_free( buf ); + return( MBEDTLS_ERR_PEM_PASSWORD_MISMATCH ); } #else - polarssl_free( buf ); - return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC && - ( POLARSSL_AES_C || POLARSSL_DES_C ) */ + mbedtls_free( buf ); + return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE ); +#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && + ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ } ctx->buf = buf; @@ -382,40 +379,40 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer, return( 0 ); } -void pem_free( pem_context *ctx ) +void mbedtls_pem_free( mbedtls_pem_context *ctx ) { - polarssl_free( ctx->buf ); - polarssl_free( ctx->info ); + mbedtls_free( ctx->buf ); + mbedtls_free( ctx->info ); - polarssl_zeroize( ctx, sizeof( pem_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_pem_context ) ); } -#endif /* POLARSSL_PEM_PARSE_C */ +#endif /* MBEDTLS_PEM_PARSE_C */ -#if defined(POLARSSL_PEM_WRITE_C) -int pem_write_buffer( const char *header, const char *footer, +#if defined(MBEDTLS_PEM_WRITE_C) +int mbedtls_pem_write_buffer( const char *header, const char *footer, const unsigned char *der_data, size_t der_len, unsigned char *buf, size_t buf_len, size_t *olen ) { int ret; unsigned char *encode_buf, *c, *p = buf; - size_t len = 0, use_len = 0, add_len = 0; + size_t len = 0, use_len, add_len = 0; - base64_encode( NULL, &use_len, der_data, der_len ); + mbedtls_base64_encode( NULL, 0, &use_len, der_data, der_len ); add_len = strlen( header ) + strlen( footer ) + ( use_len / 64 ) + 1; if( use_len + add_len > buf_len ) { *olen = use_len + add_len; - return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL ); + return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); } - if( ( encode_buf = polarssl_malloc( use_len ) ) == NULL ) - return( POLARSSL_ERR_PEM_MALLOC_FAILED ); + if( ( encode_buf = mbedtls_calloc( 1, use_len ) ) == NULL ) + return( MBEDTLS_ERR_PEM_ALLOC_FAILED ); - if( ( ret = base64_encode( encode_buf, &use_len, der_data, + if( ( ret = mbedtls_base64_encode( encode_buf, use_len, &use_len, der_data, der_len ) ) != 0 ) { - polarssl_free( encode_buf ); + mbedtls_free( encode_buf ); return( ret ); } @@ -439,8 +436,8 @@ int pem_write_buffer( const char *header, const char *footer, *p++ = '\0'; *olen = p - buf; - polarssl_free( encode_buf ); + mbedtls_free( encode_buf ); return( 0 ); } -#endif /* POLARSSL_PEM_WRITE_C */ -#endif /* POLARSSL_PEM_PARSE_C || POLARSSL_PEM_WRITE_C */ +#endif /* MBEDTLS_PEM_WRITE_C */ +#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */ diff --git a/ext/mbedtls/library/pk.c b/ext/mbedtls/library/pk.c index 4d78b57455..b5810b5fe6 100644 --- a/ext/mbedtls/library/pk.c +++ b/ext/mbedtls/library/pk.c @@ -20,35 +20,35 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PK_C) -#include "polarssl/pk.h" -#include "polarssl/pk_wrap.h" +#if defined(MBEDTLS_PK_C) +#include "mbedtls/pk.h" +#include "mbedtls/pk_internal.h" -#if defined(POLARSSL_RSA_C) -#include "polarssl/rsa.h" +#if defined(MBEDTLS_RSA_C) +#include "mbedtls/rsa.h" #endif -#if defined(POLARSSL_ECP_C) -#include "polarssl/ecp.h" +#if defined(MBEDTLS_ECP_C) +#include "mbedtls/ecp.h" #endif -#if defined(POLARSSL_ECDSA_C) -#include "polarssl/ecdsa.h" +#if defined(MBEDTLS_ECDSA_C) +#include "mbedtls/ecdsa.h" #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } /* - * Initialise a pk_context + * Initialise a mbedtls_pk_context */ -void pk_init( pk_context *ctx ) +void mbedtls_pk_init( mbedtls_pk_context *ctx ) { if( ctx == NULL ) return; @@ -58,39 +58,39 @@ void pk_init( pk_context *ctx ) } /* - * Free (the components of) a pk_context + * Free (the components of) a mbedtls_pk_context */ -void pk_free( pk_context *ctx ) +void mbedtls_pk_free( mbedtls_pk_context *ctx ) { if( ctx == NULL || ctx->pk_info == NULL ) return; ctx->pk_info->ctx_free_func( ctx->pk_ctx ); - polarssl_zeroize( ctx, sizeof( pk_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_pk_context ) ); } /* * Get pk_info structure from type */ -const pk_info_t * pk_info_from_type( pk_type_t pk_type ) +const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ) { switch( pk_type ) { -#if defined(POLARSSL_RSA_C) - case POLARSSL_PK_RSA: - return( &rsa_info ); +#if defined(MBEDTLS_RSA_C) + case MBEDTLS_PK_RSA: + return( &mbedtls_rsa_info ); #endif -#if defined(POLARSSL_ECP_C) - case POLARSSL_PK_ECKEY: - return( &eckey_info ); - case POLARSSL_PK_ECKEY_DH: - return( &eckeydh_info ); +#if defined(MBEDTLS_ECP_C) + case MBEDTLS_PK_ECKEY: + return( &mbedtls_eckey_info ); + case MBEDTLS_PK_ECKEY_DH: + return( &mbedtls_eckeydh_info ); #endif -#if defined(POLARSSL_ECDSA_C) - case POLARSSL_PK_ECDSA: - return( &ecdsa_info ); +#if defined(MBEDTLS_ECDSA_C) + case MBEDTLS_PK_ECDSA: + return( &mbedtls_ecdsa_info ); #endif - /* POLARSSL_PK_RSA_ALT omitted on purpose */ + /* MBEDTLS_PK_RSA_ALT omitted on purpose */ default: return( NULL ); } @@ -99,39 +99,40 @@ const pk_info_t * pk_info_from_type( pk_type_t pk_type ) /* * Initialise context */ -int pk_init_ctx( pk_context *ctx, const pk_info_t *info ) +int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ) { if( ctx == NULL || info == NULL || ctx->pk_info != NULL ) - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) - return( POLARSSL_ERR_PK_MALLOC_FAILED ); + return( MBEDTLS_ERR_PK_ALLOC_FAILED ); ctx->pk_info = info; return( 0 ); } +#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /* * Initialize an RSA-alt context */ -int pk_init_ctx_rsa_alt( pk_context *ctx, void * key, - pk_rsa_alt_decrypt_func decrypt_func, - pk_rsa_alt_sign_func sign_func, - pk_rsa_alt_key_len_func key_len_func ) +int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, + mbedtls_pk_rsa_alt_decrypt_func decrypt_func, + mbedtls_pk_rsa_alt_sign_func sign_func, + mbedtls_pk_rsa_alt_key_len_func key_len_func ) { - rsa_alt_context *rsa_alt; - const pk_info_t *info = &rsa_alt_info; + mbedtls_rsa_alt_context *rsa_alt; + const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info; if( ctx == NULL || ctx->pk_info != NULL ) - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) - return( POLARSSL_ERR_PK_MALLOC_FAILED ); + return( MBEDTLS_ERR_PK_ALLOC_FAILED ); ctx->pk_info = info; - rsa_alt = (rsa_alt_context *) ctx->pk_ctx; + rsa_alt = (mbedtls_rsa_alt_context *) ctx->pk_ctx; rsa_alt->key = key; rsa_alt->decrypt_func = decrypt_func; @@ -140,11 +141,12 @@ int pk_init_ctx_rsa_alt( pk_context *ctx, void * key, return( 0 ); } +#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ /* * Tell if a PK can do the operations of the given type */ -int pk_can_do( pk_context *ctx, pk_type_t type ) +int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ) { /* null or NONE context can't do anything */ if( ctx == NULL || ctx->pk_info == NULL ) @@ -154,35 +156,35 @@ int pk_can_do( pk_context *ctx, pk_type_t type ) } /* - * Helper for pk_sign and pk_verify + * Helper for mbedtls_pk_sign and mbedtls_pk_verify */ -static inline int pk_hashlen_helper( md_type_t md_alg, size_t *hash_len ) +static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len ) { - const md_info_t *md_info; + const mbedtls_md_info_t *md_info; if( *hash_len != 0 ) return( 0 ); - if( ( md_info = md_info_from_type( md_alg ) ) == NULL ) + if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) return( -1 ); - *hash_len = md_info->size; + *hash_len = mbedtls_md_get_size( md_info ); return( 0 ); } /* * Verify a signature */ -int pk_verify( pk_context *ctx, md_type_t md_alg, +int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { if( ctx == NULL || ctx->pk_info == NULL || pk_hashlen_helper( md_alg, &hash_len ) != 0 ) - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ctx->pk_info->verify_func == NULL ) - return( POLARSSL_ERR_PK_TYPE_MISMATCH ); + return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len, sig, sig_len ) ); @@ -191,33 +193,33 @@ int pk_verify( pk_context *ctx, md_type_t md_alg, /* * Verify a signature with options */ -int pk_verify_ext( pk_type_t type, const void *options, - pk_context *ctx, md_type_t md_alg, +int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, + mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { if( ctx == NULL || ctx->pk_info == NULL ) - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - if( ! pk_can_do( ctx, type ) ) - return( POLARSSL_ERR_PK_TYPE_MISMATCH ); + if( ! mbedtls_pk_can_do( ctx, type ) ) + return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); - if( type == POLARSSL_PK_RSASSA_PSS ) + if( type == MBEDTLS_PK_RSASSA_PSS ) { -#if defined(POLARSSL_RSA_C) && defined(POLARSSL_PKCS1_V21) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) int ret; - const pk_rsassa_pss_options *pss_opts; + const mbedtls_pk_rsassa_pss_options *pss_opts; if( options == NULL ) - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - pss_opts = (const pk_rsassa_pss_options *) options; + pss_opts = (const mbedtls_pk_rsassa_pss_options *) options; - if( sig_len < pk_get_len( ctx ) ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + if( sig_len < mbedtls_pk_get_len( ctx ) ) + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); - ret = rsa_rsassa_pss_verify_ext( pk_rsa( *ctx ), - NULL, NULL, RSA_PUBLIC, + ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ), + NULL, NULL, MBEDTLS_RSA_PUBLIC, md_alg, (unsigned int) hash_len, hash, pss_opts->mgf1_hash_id, pss_opts->expected_salt_len, @@ -225,36 +227,36 @@ int pk_verify_ext( pk_type_t type, const void *options, if( ret != 0 ) return( ret ); - if( sig_len > pk_get_len( ctx ) ) - return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH ); + if( sig_len > mbedtls_pk_get_len( ctx ) ) + return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); return( 0 ); #else - return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); #endif } /* General case: no options */ if( options != NULL ) - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - return( pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) ); + return( mbedtls_pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) ); } /* * Make a signature */ -int pk_sign( pk_context *ctx, md_type_t md_alg, +int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { if( ctx == NULL || ctx->pk_info == NULL || pk_hashlen_helper( md_alg, &hash_len ) != 0 ) - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ctx->pk_info->sign_func == NULL ) - return( POLARSSL_ERR_PK_TYPE_MISMATCH ); + return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) ); @@ -263,16 +265,16 @@ int pk_sign( pk_context *ctx, md_type_t md_alg, /* * Decrypt message */ -int pk_decrypt( pk_context *ctx, +int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { if( ctx == NULL || ctx->pk_info == NULL ) - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ctx->pk_info->decrypt_func == NULL ) - return( POLARSSL_ERR_PK_TYPE_MISMATCH ); + return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen, output, olen, osize, f_rng, p_rng ) ); @@ -281,16 +283,16 @@ int pk_decrypt( pk_context *ctx, /* * Encrypt message */ -int pk_encrypt( pk_context *ctx, +int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { if( ctx == NULL || ctx->pk_info == NULL ) - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ctx->pk_info->encrypt_func == NULL ) - return( POLARSSL_ERR_PK_TYPE_MISMATCH ); + return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen, output, olen, osize, f_rng, p_rng ) ); @@ -299,24 +301,24 @@ int pk_encrypt( pk_context *ctx, /* * Check public-private key pair */ -int pk_check_pair( const pk_context *pub, const pk_context *prv ) +int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ) { if( pub == NULL || pub->pk_info == NULL || prv == NULL || prv->pk_info == NULL || prv->pk_info->check_pair_func == NULL ) { - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); } - if( prv->pk_info->type == POLARSSL_PK_RSA_ALT ) + if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT ) { - if( pub->pk_info->type != POLARSSL_PK_RSA ) - return( POLARSSL_ERR_PK_TYPE_MISMATCH ); + if( pub->pk_info->type != MBEDTLS_PK_RSA ) + return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); } else { if( pub->pk_info != prv->pk_info ) - return( POLARSSL_ERR_PK_TYPE_MISMATCH ); + return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); } return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) ); @@ -325,24 +327,24 @@ int pk_check_pair( const pk_context *pub, const pk_context *prv ) /* * Get key size in bits */ -size_t pk_get_size( const pk_context *ctx ) +size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ) { if( ctx == NULL || ctx->pk_info == NULL ) return( 0 ); - return( ctx->pk_info->get_size( ctx->pk_ctx ) ); + return( ctx->pk_info->get_bitlen( ctx->pk_ctx ) ); } /* * Export debug information */ -int pk_debug( const pk_context *ctx, pk_debug_item *items ) +int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items ) { if( ctx == NULL || ctx->pk_info == NULL ) - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ctx->pk_info->debug_func == NULL ) - return( POLARSSL_ERR_PK_TYPE_MISMATCH ); + return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); ctx->pk_info->debug_func( ctx->pk_ctx, items ); return( 0 ); @@ -351,7 +353,7 @@ int pk_debug( const pk_context *ctx, pk_debug_item *items ) /* * Access the PK type name */ -const char * pk_get_name( const pk_context *ctx ) +const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx ) { if( ctx == NULL || ctx->pk_info == NULL ) return( "invalid PK" ); @@ -362,12 +364,12 @@ const char * pk_get_name( const pk_context *ctx ) /* * Access the PK type */ -pk_type_t pk_get_type( const pk_context *ctx ) +mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ) { if( ctx == NULL || ctx->pk_info == NULL ) - return( POLARSSL_PK_NONE ); + return( MBEDTLS_PK_NONE ); return( ctx->pk_info->type ); } -#endif /* POLARSSL_PK_C */ +#endif /* MBEDTLS_PK_C */ diff --git a/ext/mbedtls/library/pk_wrap.c b/ext/mbedtls/library/pk_wrap.c index 6068605bfd..8e584f4301 100644 --- a/ext/mbedtls/library/pk_wrap.c +++ b/ext/mbedtls/library/pk_wrap.c @@ -20,81 +20,83 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PK_C) -#include "polarssl/pk_wrap.h" +#if defined(MBEDTLS_PK_C) +#include "mbedtls/pk_internal.h" /* Even if RSA not activated, for the sake of RSA-alt */ -#include "polarssl/rsa.h" +#include "mbedtls/rsa.h" #include -#if defined(POLARSSL_ECP_C) -#include "polarssl/ecp.h" +#if defined(MBEDTLS_ECP_C) +#include "mbedtls/ecp.h" #endif -#if defined(POLARSSL_ECDSA_C) -#include "polarssl/ecdsa.h" +#if defined(MBEDTLS_ECDSA_C) +#include "mbedtls/ecdsa.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_calloc calloc +#define mbedtls_free free #endif +#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } +#endif -#if defined(POLARSSL_RSA_C) -static int rsa_can_do( pk_type_t type ) +#if defined(MBEDTLS_RSA_C) +static int rsa_can_do( mbedtls_pk_type_t type ) { - return( type == POLARSSL_PK_RSA || - type == POLARSSL_PK_RSASSA_PSS ); + return( type == MBEDTLS_PK_RSA || + type == MBEDTLS_PK_RSASSA_PSS ); } -static size_t rsa_get_size( const void *ctx ) +static size_t rsa_get_bitlen( const void *ctx ) { - return( 8 * ((const rsa_context *) ctx)->len ); + return( 8 * ((const mbedtls_rsa_context *) ctx)->len ); } -static int rsa_verify_wrap( void *ctx, md_type_t md_alg, +static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { int ret; - if( sig_len < ((rsa_context *) ctx)->len ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + if( sig_len < ((mbedtls_rsa_context *) ctx)->len ) + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); - if( ( ret = rsa_pkcs1_verify( (rsa_context *) ctx, NULL, NULL, - RSA_PUBLIC, md_alg, + if( ( ret = mbedtls_rsa_pkcs1_verify( (mbedtls_rsa_context *) ctx, NULL, NULL, + MBEDTLS_RSA_PUBLIC, md_alg, (unsigned int) hash_len, hash, sig ) ) != 0 ) return( ret ); - if( sig_len > ((rsa_context *) ctx)->len ) - return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH ); + if( sig_len > ((mbedtls_rsa_context *) ctx)->len ) + return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); return( 0 ); } -static int rsa_sign_wrap( void *ctx, md_type_t md_alg, +static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - *sig_len = ((rsa_context *) ctx)->len; + *sig_len = ((mbedtls_rsa_context *) ctx)->len; - return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, RSA_PRIVATE, + return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg, (unsigned int) hash_len, hash, sig ) ); } @@ -103,11 +105,11 @@ static int rsa_decrypt_wrap( void *ctx, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - if( ilen != ((rsa_context *) ctx)->len ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( ilen != ((mbedtls_rsa_context *) ctx)->len ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - return( rsa_pkcs1_decrypt( (rsa_context *) ctx, f_rng, p_rng, - RSA_PRIVATE, olen, input, output, osize ) ); + return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, f_rng, p_rng, + MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); } static int rsa_encrypt_wrap( void *ctx, @@ -115,54 +117,54 @@ static int rsa_encrypt_wrap( void *ctx, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - *olen = ((rsa_context *) ctx)->len; + *olen = ((mbedtls_rsa_context *) ctx)->len; if( *olen > osize ) - return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE ); + return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); - return( rsa_pkcs1_encrypt( (rsa_context *) ctx, - f_rng, p_rng, RSA_PUBLIC, ilen, input, output ) ); + return( mbedtls_rsa_pkcs1_encrypt( (mbedtls_rsa_context *) ctx, + f_rng, p_rng, MBEDTLS_RSA_PUBLIC, ilen, input, output ) ); } static int rsa_check_pair_wrap( const void *pub, const void *prv ) { - return( rsa_check_pub_priv( (const rsa_context *) pub, - (const rsa_context *) prv ) ); + return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub, + (const mbedtls_rsa_context *) prv ) ); } static void *rsa_alloc_wrap( void ) { - void *ctx = polarssl_malloc( sizeof( rsa_context ) ); + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) ); if( ctx != NULL ) - rsa_init( (rsa_context *) ctx, 0, 0 ); + mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 ); return( ctx ); } static void rsa_free_wrap( void *ctx ) { - rsa_free( (rsa_context *) ctx ); - polarssl_free( ctx ); + mbedtls_rsa_free( (mbedtls_rsa_context *) ctx ); + mbedtls_free( ctx ); } -static void rsa_debug( const void *ctx, pk_debug_item *items ) +static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items ) { - items->type = POLARSSL_PK_DEBUG_MPI; + items->type = MBEDTLS_PK_DEBUG_MPI; items->name = "rsa.N"; - items->value = &( ((rsa_context *) ctx)->N ); + items->value = &( ((mbedtls_rsa_context *) ctx)->N ); items++; - items->type = POLARSSL_PK_DEBUG_MPI; + items->type = MBEDTLS_PK_DEBUG_MPI; items->name = "rsa.E"; - items->value = &( ((rsa_context *) ctx)->E ); + items->value = &( ((mbedtls_rsa_context *) ctx)->E ); } -const pk_info_t rsa_info = { - POLARSSL_PK_RSA, +const mbedtls_pk_info_t mbedtls_rsa_info = { + MBEDTLS_PK_RSA, "RSA", - rsa_get_size, + rsa_get_bitlen, rsa_can_do, rsa_verify_wrap, rsa_sign_wrap, @@ -173,108 +175,108 @@ const pk_info_t rsa_info = { rsa_free_wrap, rsa_debug, }; -#endif /* POLARSSL_RSA_C */ +#endif /* MBEDTLS_RSA_C */ -#if defined(POLARSSL_ECP_C) +#if defined(MBEDTLS_ECP_C) /* * Generic EC key */ -static int eckey_can_do( pk_type_t type ) +static int eckey_can_do( mbedtls_pk_type_t type ) { - return( type == POLARSSL_PK_ECKEY || - type == POLARSSL_PK_ECKEY_DH || - type == POLARSSL_PK_ECDSA ); + return( type == MBEDTLS_PK_ECKEY || + type == MBEDTLS_PK_ECKEY_DH || + type == MBEDTLS_PK_ECDSA ); } -static size_t eckey_get_size( const void *ctx ) +static size_t eckey_get_bitlen( const void *ctx ) { - return( ((ecp_keypair *) ctx)->grp.pbits ); + return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits ); } -#if defined(POLARSSL_ECDSA_C) +#if defined(MBEDTLS_ECDSA_C) /* Forward declarations */ -static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg, +static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ); -static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg, +static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); -static int eckey_verify_wrap( void *ctx, md_type_t md_alg, +static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { int ret; - ecdsa_context ecdsa; + mbedtls_ecdsa_context ecdsa; - ecdsa_init( &ecdsa ); + mbedtls_ecdsa_init( &ecdsa ); - if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) + if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len ); - ecdsa_free( &ecdsa ); + mbedtls_ecdsa_free( &ecdsa ); return( ret ); } -static int eckey_sign_wrap( void *ctx, md_type_t md_alg, +static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; - ecdsa_context ecdsa; + mbedtls_ecdsa_context ecdsa; - ecdsa_init( &ecdsa ); + mbedtls_ecdsa_init( &ecdsa ); - if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) + if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ); - ecdsa_free( &ecdsa ); + mbedtls_ecdsa_free( &ecdsa ); return( ret ); } -#endif /* POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDSA_C */ static int eckey_check_pair( const void *pub, const void *prv ) { - return( ecp_check_pub_priv( (const ecp_keypair *) pub, - (const ecp_keypair *) prv ) ); + return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub, + (const mbedtls_ecp_keypair *) prv ) ); } static void *eckey_alloc_wrap( void ) { - void *ctx = polarssl_malloc( sizeof( ecp_keypair ) ); + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); if( ctx != NULL ) - ecp_keypair_init( ctx ); + mbedtls_ecp_keypair_init( ctx ); return( ctx ); } static void eckey_free_wrap( void *ctx ) { - ecp_keypair_free( (ecp_keypair *) ctx ); - polarssl_free( ctx ); + mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx ); + mbedtls_free( ctx ); } -static void eckey_debug( const void *ctx, pk_debug_item *items ) +static void eckey_debug( const void *ctx, mbedtls_pk_debug_item *items ) { - items->type = POLARSSL_PK_DEBUG_ECP; + items->type = MBEDTLS_PK_DEBUG_ECP; items->name = "eckey.Q"; - items->value = &( ((ecp_keypair *) ctx)->Q ); + items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q ); } -const pk_info_t eckey_info = { - POLARSSL_PK_ECKEY, +const mbedtls_pk_info_t mbedtls_eckey_info = { + MBEDTLS_PK_ECKEY, "EC", - eckey_get_size, + eckey_get_bitlen, eckey_can_do, -#if defined(POLARSSL_ECDSA_C) +#if defined(MBEDTLS_ECDSA_C) eckey_verify_wrap, eckey_sign_wrap, #else @@ -292,16 +294,16 @@ const pk_info_t eckey_info = { /* * EC key restricted to ECDH */ -static int eckeydh_can_do( pk_type_t type ) +static int eckeydh_can_do( mbedtls_pk_type_t type ) { - return( type == POLARSSL_PK_ECKEY || - type == POLARSSL_PK_ECKEY_DH ); + return( type == MBEDTLS_PK_ECKEY || + type == MBEDTLS_PK_ECKEY_DH ); } -const pk_info_t eckeydh_info = { - POLARSSL_PK_ECKEY_DH, +const mbedtls_pk_info_t mbedtls_eckeydh_info = { + MBEDTLS_PK_ECKEY_DH, "EC_DH", - eckey_get_size, /* Same underlying key structure */ + eckey_get_bitlen, /* Same underlying key structure */ eckeydh_can_do, NULL, NULL, @@ -312,70 +314,59 @@ const pk_info_t eckeydh_info = { eckey_free_wrap, /* Same underlying key structure */ eckey_debug, /* Same underlying key structure */ }; -#endif /* POLARSSL_ECP_C */ +#endif /* MBEDTLS_ECP_C */ -#if defined(POLARSSL_ECDSA_C) -static int ecdsa_can_do( pk_type_t type ) +#if defined(MBEDTLS_ECDSA_C) +static int ecdsa_can_do( mbedtls_pk_type_t type ) { - return( type == POLARSSL_PK_ECDSA ); + return( type == MBEDTLS_PK_ECDSA ); } -static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg, +static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { int ret; ((void) md_alg); - ret = ecdsa_read_signature( (ecdsa_context *) ctx, + ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx, hash, hash_len, sig, sig_len ); - if( ret == POLARSSL_ERR_ECP_SIG_LEN_MISMATCH ) - return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH ); + if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH ) + return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); return( ret ); } -static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg, +static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - /* Use deterministic ECDSA by default if available */ -#if defined(POLARSSL_ECDSA_DETERMINISTIC) - ((void) f_rng); - ((void) p_rng); - - return( ecdsa_write_signature_det( (ecdsa_context *) ctx, - hash, hash_len, sig, sig_len, md_alg ) ); -#else - ((void) md_alg); - - return( ecdsa_write_signature( (ecdsa_context *) ctx, - hash, hash_len, sig, sig_len, f_rng, p_rng ) ); -#endif /* POLARSSL_ECDSA_DETERMINISTIC */ + return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx, + md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) ); } static void *ecdsa_alloc_wrap( void ) { - void *ctx = polarssl_malloc( sizeof( ecdsa_context ) ); + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) ); if( ctx != NULL ) - ecdsa_init( (ecdsa_context *) ctx ); + mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx ); return( ctx ); } static void ecdsa_free_wrap( void *ctx ) { - ecdsa_free( (ecdsa_context *) ctx ); - polarssl_free( ctx ); + mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx ); + mbedtls_free( ctx ); } -const pk_info_t ecdsa_info = { - POLARSSL_PK_ECDSA, +const mbedtls_pk_info_t mbedtls_ecdsa_info = { + MBEDTLS_PK_ECDSA, "ECDSA", - eckey_get_size, /* Compatible key structures */ + eckey_get_bitlen, /* Compatible key structures */ ecdsa_can_do, ecdsa_verify_wrap, ecdsa_sign_wrap, @@ -386,34 +377,35 @@ const pk_info_t ecdsa_info = { ecdsa_free_wrap, eckey_debug, /* Compatible key structures */ }; -#endif /* POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDSA_C */ +#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /* * Support for alternative RSA-private implementations */ -static int rsa_alt_can_do( pk_type_t type ) +static int rsa_alt_can_do( mbedtls_pk_type_t type ) { - return( type == POLARSSL_PK_RSA ); + return( type == MBEDTLS_PK_RSA ); } -static size_t rsa_alt_get_size( const void *ctx ) +static size_t rsa_alt_get_bitlen( const void *ctx ) { - const rsa_alt_context *rsa_alt = (const rsa_alt_context *) ctx; + const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx; return( 8 * rsa_alt->key_len_func( rsa_alt->key ) ); } -static int rsa_alt_sign_wrap( void *ctx, md_type_t md_alg, +static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx; + mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; *sig_len = rsa_alt->key_len_func( rsa_alt->key ); - return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, RSA_PRIVATE, + return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg, (unsigned int) hash_len, hash, sig ) ); } @@ -422,74 +414,74 @@ static int rsa_alt_decrypt_wrap( void *ctx, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx; + mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; ((void) f_rng); ((void) p_rng); if( ilen != rsa_alt->key_len_func( rsa_alt->key ) ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( rsa_alt->decrypt_func( rsa_alt->key, - RSA_PRIVATE, olen, input, output, osize ) ); + MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); } -#if defined(POLARSSL_RSA_C) +#if defined(MBEDTLS_RSA_C) static int rsa_alt_check_pair( const void *pub, const void *prv ) { - unsigned char sig[POLARSSL_MPI_MAX_SIZE]; + unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; unsigned char hash[32]; size_t sig_len = 0; int ret; - if( rsa_alt_get_size( prv ) != rsa_get_size( pub ) ) - return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) ) + return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); memset( hash, 0x2a, sizeof( hash ) ); - if( ( ret = rsa_alt_sign_wrap( (void *) prv, POLARSSL_MD_NONE, + if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE, hash, sizeof( hash ), sig, &sig_len, NULL, NULL ) ) != 0 ) { return( ret ); } - if( rsa_verify_wrap( (void *) pub, POLARSSL_MD_NONE, + if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE, hash, sizeof( hash ), sig, sig_len ) != 0 ) { - return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); } return( 0 ); } -#endif /* POLARSSL_RSA_C */ +#endif /* MBEDTLS_RSA_C */ static void *rsa_alt_alloc_wrap( void ) { - void *ctx = polarssl_malloc( sizeof( rsa_alt_context ) ); + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) ); if( ctx != NULL ) - memset( ctx, 0, sizeof( rsa_alt_context ) ); + memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) ); return( ctx ); } static void rsa_alt_free_wrap( void *ctx ) { - polarssl_zeroize( ctx, sizeof( rsa_alt_context ) ); - polarssl_free( ctx ); + mbedtls_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) ); + mbedtls_free( ctx ); } -const pk_info_t rsa_alt_info = { - POLARSSL_PK_RSA_ALT, +const mbedtls_pk_info_t mbedtls_rsa_alt_info = { + MBEDTLS_PK_RSA_ALT, "RSA-alt", - rsa_alt_get_size, + rsa_alt_get_bitlen, rsa_alt_can_do, NULL, rsa_alt_sign_wrap, rsa_alt_decrypt_wrap, NULL, -#if defined(POLARSSL_RSA_C) +#if defined(MBEDTLS_RSA_C) rsa_alt_check_pair, #else NULL, @@ -499,4 +491,6 @@ const pk_info_t rsa_alt_info = { NULL, }; -#endif /* POLARSSL_PK_C */ +#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ + +#endif /* MBEDTLS_PK_C */ diff --git a/ext/mbedtls/library/pkcs11.c b/ext/mbedtls/library/pkcs11.c index 14cde315bb..b04d9691ae 100644 --- a/ext/mbedtls/library/pkcs11.c +++ b/ext/mbedtls/library/pkcs11.c @@ -24,23 +24,30 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "polarssl/pkcs11.h" +#include "mbedtls/pkcs11.h" -#if defined(POLARSSL_PKCS11_C) +#if defined(MBEDTLS_PKCS11_C) -#include "polarssl/md.h" -#include "polarssl/oid.h" -#include "polarssl/x509_crt.h" +#include "mbedtls/md.h" +#include "mbedtls/oid.h" +#include "mbedtls/x509_crt.h" -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_calloc calloc +#define mbedtls_free free #endif -int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11_cert ) +#include + +void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_pkcs11_context ) ); +} + +int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert ) { int ret = 1; unsigned char *cert_blob = NULL; @@ -59,7 +66,7 @@ int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11_cert ) goto cleanup; } - cert_blob = polarssl_malloc( cert_blob_size ); + cert_blob = mbedtls_calloc( 1, cert_blob_size ); if( NULL == cert_blob ) { ret = 4; @@ -73,7 +80,7 @@ int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11_cert ) goto cleanup; } - if( 0 != x509_crt_parse( cert, cert_blob, cert_blob_size ) ) + if( 0 != mbedtls_x509_crt_parse( cert, cert_blob, cert_blob_size ) ) { ret = 6; goto cleanup; @@ -83,44 +90,44 @@ int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11_cert ) cleanup: if( NULL != cert_blob ) - polarssl_free( cert_blob ); + mbedtls_free( cert_blob ); return( ret ); } -int pkcs11_priv_key_init( pkcs11_context *priv_key, +int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key, pkcs11h_certificate_t pkcs11_cert ) { int ret = 1; - x509_crt cert; + mbedtls_x509_crt cert; - x509_crt_init( &cert ); + mbedtls_x509_crt_init( &cert ); if( priv_key == NULL ) goto cleanup; - if( 0 != pkcs11_x509_cert_init( &cert, pkcs11_cert ) ) + if( 0 != mbedtls_pkcs11_x509_cert_bind( &cert, pkcs11_cert ) ) goto cleanup; - priv_key->len = pk_get_len( &cert.pk ); + priv_key->len = mbedtls_pk_get_len( &cert.pk ); priv_key->pkcs11h_cert = pkcs11_cert; ret = 0; cleanup: - x509_crt_free( &cert ); + mbedtls_x509_crt_free( &cert ); return( ret ); } -void pkcs11_priv_key_free( pkcs11_context *priv_key ) +void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key ) { if( NULL != priv_key ) pkcs11h_certificate_freeCertificate( priv_key->pkcs11h_cert ); } -int pkcs11_decrypt( pkcs11_context *ctx, +int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, @@ -129,38 +136,38 @@ int pkcs11_decrypt( pkcs11_context *ctx, size_t input_len, output_len; if( NULL == ctx ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - if( RSA_PRIVATE != mode ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( MBEDTLS_RSA_PRIVATE != mode ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); output_len = input_len = ctx->len; if( input_len < 16 || input_len > output_max_len ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); /* Determine size of output buffer */ if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input, input_len, NULL, &output_len ) != CKR_OK ) { - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); } if( output_len > output_max_len ) - return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE ); + return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input, input_len, output, &output_len ) != CKR_OK ) { - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); } *olen = output_len; return( 0 ); } -int pkcs11_sign( pkcs11_context *ctx, +int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) @@ -170,21 +177,21 @@ int pkcs11_sign( pkcs11_context *ctx, const char *oid; if( NULL == ctx ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - if( RSA_PRIVATE != mode ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( MBEDTLS_RSA_PRIVATE != mode ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - if( md_alg != POLARSSL_MD_NONE ) + if( md_alg != MBEDTLS_MD_NONE ) { - const md_info_t *md_info = md_info_from_type( md_alg ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); if( md_info == NULL ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - if( oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - hashlen = md_get_size( md_info ); + hashlen = mbedtls_md_get_size( md_info ); asn_len = 10 + oid_size; } @@ -192,10 +199,10 @@ int pkcs11_sign( pkcs11_context *ctx, if( hashlen > sig_len || asn_len > sig_len || hashlen + asn_len > sig_len ) { - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); } - if( md_alg != POLARSSL_MD_NONE ) + if( md_alg != MBEDTLS_MD_NONE ) { /* * DigestInfo ::= SEQUENCE { @@ -206,17 +213,17 @@ int pkcs11_sign( pkcs11_context *ctx, * * Digest ::= OCTET STRING */ - *p++ = ASN1_SEQUENCE | ASN1_CONSTRUCTED; + *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; *p++ = (unsigned char) ( 0x08 + oid_size + hashlen ); - *p++ = ASN1_SEQUENCE | ASN1_CONSTRUCTED; + *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; *p++ = (unsigned char) ( 0x04 + oid_size ); - *p++ = ASN1_OID; + *p++ = MBEDTLS_ASN1_OID; *p++ = oid_size & 0xFF; memcpy( p, oid, oid_size ); p += oid_size; - *p++ = ASN1_NULL; + *p++ = MBEDTLS_ASN1_NULL; *p++ = 0x00; - *p++ = ASN1_OCTET_STRING; + *p++ = MBEDTLS_ASN1_OCTET_STRING; *p++ = hashlen; } @@ -225,10 +232,10 @@ int pkcs11_sign( pkcs11_context *ctx, if( pkcs11h_certificate_signAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, sig, asn_len + hashlen, sig, &sig_len ) != CKR_OK ) { - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); } return( 0 ); } -#endif /* defined(POLARSSL_PKCS11_C) */ +#endif /* defined(MBEDTLS_PKCS11_C) */ diff --git a/ext/mbedtls/library/pkcs12.c b/ext/mbedtls/library/pkcs12.c index f84fd52cdf..bdf6a9b934 100644 --- a/ext/mbedtls/library/pkcs12.c +++ b/ext/mbedtls/library/pkcs12.c @@ -26,35 +26,35 @@ * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1-1.asn */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PKCS12_C) +#if defined(MBEDTLS_PKCS12_C) -#include "polarssl/pkcs12.h" -#include "polarssl/asn1.h" -#include "polarssl/cipher.h" +#include "mbedtls/pkcs12.h" +#include "mbedtls/asn1.h" +#include "mbedtls/cipher.h" #include -#if defined(POLARSSL_ARC4_C) -#include "polarssl/arc4.h" +#if defined(MBEDTLS_ARC4_C) +#include "mbedtls/arc4.h" #endif -#if defined(POLARSSL_DES_C) -#include "polarssl/des.h" +#if defined(MBEDTLS_DES_C) +#include "mbedtls/des.h" #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -static int pkcs12_parse_pbe_params( asn1_buf *params, - asn1_buf *salt, int *iterations ) +static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params, + mbedtls_asn1_buf *salt, int *iterations ) { int ret; unsigned char **p = ¶ms->p; @@ -67,37 +67,37 @@ static int pkcs12_parse_pbe_params( asn1_buf *params, * } * */ - if( params->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) - return( POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) + return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); - if( ( ret = asn1_get_tag( p, end, &salt->len, ASN1_OCTET_STRING ) ) != 0 ) - return( POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) + return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret ); salt->p = *p; *p += salt->len; - if( ( ret = asn1_get_int( p, end, iterations ) ) != 0 ) - return( POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_int( p, end, iterations ) ) != 0 ) + return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret ); if( *p != end ) - return( POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } -static int pkcs12_pbe_derive_key_iv( asn1_buf *pbe_params, md_type_t md_type, +static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_type_t md_type, const unsigned char *pwd, size_t pwdlen, unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen ) { int ret, iterations; - asn1_buf salt; + mbedtls_asn1_buf salt; size_t i; unsigned char unipwd[258]; - memset( &salt, 0, sizeof(asn1_buf) ); + memset( &salt, 0, sizeof(mbedtls_asn1_buf) ); memset( &unipwd, 0, sizeof(unipwd) ); if( ( ret = pkcs12_parse_pbe_params( pbe_params, &salt, @@ -107,9 +107,9 @@ static int pkcs12_pbe_derive_key_iv( asn1_buf *pbe_params, md_type_t md_type, for( i = 0; i < pwdlen; i++ ) unipwd[i * 2 + 1] = pwd[i]; - if( ( ret = pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2, + if( ( ret = mbedtls_pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2, salt.p, salt.len, md_type, - PKCS12_DERIVE_KEY, iterations ) ) != 0 ) + MBEDTLS_PKCS12_DERIVE_KEY, iterations ) ) != 0 ) { return( ret ); } @@ -117,21 +117,21 @@ static int pkcs12_pbe_derive_key_iv( asn1_buf *pbe_params, md_type_t md_type, if( iv == NULL || ivlen == 0 ) return( 0 ); - if( ( ret = pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2, + if( ( ret = mbedtls_pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2, salt.p, salt.len, md_type, - PKCS12_DERIVE_IV, iterations ) ) != 0 ) + MBEDTLS_PKCS12_DERIVE_IV, iterations ) ) != 0 ) { return( ret ); } return( 0 ); } -int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode, +int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, const unsigned char *pwd, size_t pwdlen, const unsigned char *data, size_t len, unsigned char *output ) { -#if !defined(POLARSSL_ARC4_C) +#if !defined(MBEDTLS_ARC4_C) ((void) pbe_params); ((void) mode); ((void) pwd); @@ -139,36 +139,36 @@ int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode, ((void) data); ((void) len); ((void) output); - return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); #else int ret; unsigned char key[16]; - arc4_context ctx; + mbedtls_arc4_context ctx; ((void) mode); - arc4_init( &ctx ); + mbedtls_arc4_init( &ctx ); - if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, POLARSSL_MD_SHA1, + if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, MBEDTLS_MD_SHA1, pwd, pwdlen, key, 16, NULL, 0 ) ) != 0 ) { return( ret ); } - arc4_setup( &ctx, key, 16 ); - if( ( ret = arc4_crypt( &ctx, len, data, output ) ) != 0 ) + mbedtls_arc4_setup( &ctx, key, 16 ); + if( ( ret = mbedtls_arc4_crypt( &ctx, len, data, output ) ) != 0 ) goto exit; exit: - polarssl_zeroize( key, sizeof( key ) ); - arc4_free( &ctx ); + mbedtls_zeroize( key, sizeof( key ) ); + mbedtls_arc4_free( &ctx ); return( ret ); -#endif /* POLARSSL_ARC4_C */ +#endif /* MBEDTLS_ARC4_C */ } -int pkcs12_pbe( asn1_buf *pbe_params, int mode, - cipher_type_t cipher_type, md_type_t md_type, +int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, const unsigned char *pwd, size_t pwdlen, const unsigned char *data, size_t len, unsigned char *output ) @@ -176,15 +176,15 @@ int pkcs12_pbe( asn1_buf *pbe_params, int mode, int ret, keylen = 0; unsigned char key[32]; unsigned char iv[16]; - const cipher_info_t *cipher_info; - cipher_context_t cipher_ctx; + const mbedtls_cipher_info_t *cipher_info; + mbedtls_cipher_context_t cipher_ctx; size_t olen = 0; - cipher_info = cipher_info_from_type( cipher_type ); + cipher_info = mbedtls_cipher_info_from_type( cipher_type ); if( cipher_info == NULL ) - return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); - keylen = cipher_info->key_length / 8; + keylen = cipher_info->key_bitlen / 8; if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, md_type, pwd, pwdlen, key, keylen, @@ -193,33 +193,33 @@ int pkcs12_pbe( asn1_buf *pbe_params, int mode, return( ret ); } - cipher_init( &cipher_ctx ); + mbedtls_cipher_init( &cipher_ctx ); - if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 ) + if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 ) goto exit; - if( ( ret = cipher_setkey( &cipher_ctx, key, 8 * keylen, (operation_t) mode ) ) != 0 ) + if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 ) goto exit; - if( ( ret = cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 ) + if( ( ret = mbedtls_cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 ) goto exit; - if( ( ret = cipher_reset( &cipher_ctx ) ) != 0 ) + if( ( ret = mbedtls_cipher_reset( &cipher_ctx ) ) != 0 ) goto exit; - if( ( ret = cipher_update( &cipher_ctx, data, len, + if( ( ret = mbedtls_cipher_update( &cipher_ctx, data, len, output, &olen ) ) != 0 ) { goto exit; } - if( ( ret = cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 ) - ret = POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH; + if( ( ret = mbedtls_cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 ) + ret = MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH; exit: - polarssl_zeroize( key, sizeof( key ) ); - polarssl_zeroize( iv, sizeof( iv ) ); - cipher_free( &cipher_ctx ); + mbedtls_zeroize( key, sizeof( key ) ); + mbedtls_zeroize( iv, sizeof( iv ) ); + mbedtls_cipher_free( &cipher_ctx ); return( ret ); } @@ -239,38 +239,38 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, } } -int pkcs12_derivation( unsigned char *data, size_t datalen, +int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, const unsigned char *pwd, size_t pwdlen, const unsigned char *salt, size_t saltlen, - md_type_t md_type, int id, int iterations ) + mbedtls_md_type_t md_type, int id, int iterations ) { int ret; unsigned int j; unsigned char diversifier[128]; unsigned char salt_block[128], pwd_block[128], hash_block[128]; - unsigned char hash_output[POLARSSL_MD_MAX_SIZE]; + unsigned char hash_output[MBEDTLS_MD_MAX_SIZE]; unsigned char *p; unsigned char c; size_t hlen, use_len, v, i; - const md_info_t *md_info; - md_context_t md_ctx; + const mbedtls_md_info_t *md_info; + mbedtls_md_context_t md_ctx; // This version only allows max of 64 bytes of password or salt if( datalen > 128 || pwdlen > 64 || saltlen > 64 ) - return( POLARSSL_ERR_PKCS12_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); - md_info = md_info_from_type( md_type ); + md_info = mbedtls_md_info_from_type( md_type ); if( md_info == NULL ) - return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); - md_init( &md_ctx ); + mbedtls_md_init( &md_ctx ); - if( ( ret = md_init_ctx( &md_ctx, md_info ) ) != 0 ) + if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) return( ret ); - hlen = md_get_size( md_info ); + hlen = mbedtls_md_get_size( md_info ); if( hlen <= 32 ) v = 64; @@ -286,25 +286,25 @@ int pkcs12_derivation( unsigned char *data, size_t datalen, while( datalen > 0 ) { // Calculate hash( diversifier || salt_block || pwd_block ) - if( ( ret = md_starts( &md_ctx ) ) != 0 ) + if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 ) goto exit; - if( ( ret = md_update( &md_ctx, diversifier, v ) ) != 0 ) + if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 ) goto exit; - if( ( ret = md_update( &md_ctx, salt_block, v ) ) != 0 ) + if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v ) ) != 0 ) goto exit; - if( ( ret = md_update( &md_ctx, pwd_block, v ) ) != 0 ) + if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v ) ) != 0 ) goto exit; - if( ( ret = md_finish( &md_ctx, hash_output ) ) != 0 ) + if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 ) goto exit; // Perform remaining ( iterations - 1 ) recursive hash calculations for( i = 1; i < (size_t) iterations; i++ ) { - if( ( ret = md( md_info, hash_output, hlen, hash_output ) ) != 0 ) + if( ( ret = mbedtls_md( md_info, hash_output, hlen, hash_output ) ) != 0 ) goto exit; } @@ -346,14 +346,14 @@ int pkcs12_derivation( unsigned char *data, size_t datalen, ret = 0; exit: - polarssl_zeroize( salt_block, sizeof( salt_block ) ); - polarssl_zeroize( pwd_block, sizeof( pwd_block ) ); - polarssl_zeroize( hash_block, sizeof( hash_block ) ); - polarssl_zeroize( hash_output, sizeof( hash_output ) ); + mbedtls_zeroize( salt_block, sizeof( salt_block ) ); + mbedtls_zeroize( pwd_block, sizeof( pwd_block ) ); + mbedtls_zeroize( hash_block, sizeof( hash_block ) ); + mbedtls_zeroize( hash_output, sizeof( hash_output ) ); - md_free( &md_ctx ); + mbedtls_md_free( &md_ctx ); return( ret ); } -#endif /* POLARSSL_PKCS12_C */ +#endif /* MBEDTLS_PKCS12_C */ diff --git a/ext/mbedtls/library/pkcs5.c b/ext/mbedtls/library/pkcs5.c index c1bab70a38..68cbfa77df 100644 --- a/ext/mbedtls/library/pkcs5.c +++ b/ext/mbedtls/library/pkcs5.c @@ -30,40 +30,40 @@ * http://tools.ietf.org/html/rfc6070 (Test vectors) */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PKCS5_C) +#if defined(MBEDTLS_PKCS5_C) -#include "polarssl/pkcs5.h" -#include "polarssl/asn1.h" -#include "polarssl/cipher.h" -#include "polarssl/oid.h" +#include "mbedtls/pkcs5.h" +#include "mbedtls/asn1.h" +#include "mbedtls/cipher.h" +#include "mbedtls/oid.h" #include -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf +#define mbedtls_printf printf #endif -static int pkcs5_parse_pbkdf2_params( const asn1_buf *params, - asn1_buf *salt, int *iterations, - int *keylen, md_type_t *md_type ) +static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, + mbedtls_asn1_buf *salt, int *iterations, + int *keylen, mbedtls_md_type_t *md_type ) { int ret; - asn1_buf prf_alg_oid; + mbedtls_asn1_buf prf_alg_oid; unsigned char *p = params->p; const unsigned char *end = params->p + params->len; - if( params->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) - return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) + return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); /* * PBKDF2-params ::= SEQUENCE { * salt OCTET STRING, @@ -73,59 +73,59 @@ static int pkcs5_parse_pbkdf2_params( const asn1_buf *params, * } * */ - if( ( ret = asn1_get_tag( &p, end, &salt->len, ASN1_OCTET_STRING ) ) != 0 ) - return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) + return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); salt->p = p; p += salt->len; - if( ( ret = asn1_get_int( &p, end, iterations ) ) != 0 ) - return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_int( &p, end, iterations ) ) != 0 ) + return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); if( p == end ) return( 0 ); - if( ( ret = asn1_get_int( &p, end, keylen ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_int( &p, end, keylen ) ) != 0 ) { - if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) - return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); } if( p == end ) return( 0 ); - if( ( ret = asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 ) - return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 ) + return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); - if( !OID_CMP( OID_HMAC_SHA1, &prf_alg_oid ) ) - return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE ); + if( MBEDTLS_OID_CMP( MBEDTLS_OID_HMAC_SHA1, &prf_alg_oid ) != 0 ) + return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); - *md_type = POLARSSL_MD_SHA1; + *md_type = MBEDTLS_MD_SHA1; if( p != end ) - return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } -int pkcs5_pbes2( asn1_buf *pbe_params, int mode, +int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, const unsigned char *pwd, size_t pwdlen, const unsigned char *data, size_t datalen, unsigned char *output ) { int ret, iterations = 0, keylen = 0; unsigned char *p, *end; - asn1_buf kdf_alg_oid, enc_scheme_oid, kdf_alg_params, enc_scheme_params; - asn1_buf salt; - md_type_t md_type = POLARSSL_MD_SHA1; + mbedtls_asn1_buf kdf_alg_oid, enc_scheme_oid, kdf_alg_params, enc_scheme_params; + mbedtls_asn1_buf salt; + mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1; unsigned char key[32], iv[32]; size_t olen = 0; - const md_info_t *md_info; - const cipher_info_t *cipher_info; - md_context_t md_ctx; - cipher_type_t cipher_alg; - cipher_context_t cipher_ctx; + const mbedtls_md_info_t *md_info; + const mbedtls_cipher_info_t *cipher_info; + mbedtls_md_context_t md_ctx; + mbedtls_cipher_type_t cipher_alg; + mbedtls_cipher_context_t cipher_ctx; p = pbe_params->p; end = p + pbe_params->len; @@ -136,17 +136,17 @@ int pkcs5_pbes2( asn1_buf *pbe_params, int mode, * encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} * } */ - if( pbe_params->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) - return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + if( pbe_params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) + return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); - if( ( ret = asn1_get_alg( &p, end, &kdf_alg_oid, &kdf_alg_params ) ) != 0 ) - return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid, &kdf_alg_params ) ) != 0 ) + return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); // Only PBKDF2 supported at the moment // - if( !OID_CMP( OID_PKCS5_PBKDF2, &kdf_alg_oid ) ) - return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE ); + if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS5_PBKDF2, &kdf_alg_oid ) != 0 ) + return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); if( ( ret = pkcs5_parse_pbkdf2_params( &kdf_alg_params, &salt, &iterations, &keylen, @@ -155,76 +155,76 @@ int pkcs5_pbes2( asn1_buf *pbe_params, int mode, return( ret ); } - md_info = md_info_from_type( md_type ); + md_info = mbedtls_md_info_from_type( md_type ); if( md_info == NULL ) - return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); - if( ( ret = asn1_get_alg( &p, end, &enc_scheme_oid, + if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid, &enc_scheme_params ) ) != 0 ) { - return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); } - if( oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 ) - return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE ); + if( mbedtls_oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 ) + return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); - cipher_info = cipher_info_from_type( cipher_alg ); + cipher_info = mbedtls_cipher_info_from_type( cipher_alg ); if( cipher_info == NULL ) - return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); /* * The value of keylen from pkcs5_parse_pbkdf2_params() is ignored * since it is optional and we don't know if it was set or not */ - keylen = cipher_info->key_length / 8; + keylen = cipher_info->key_bitlen / 8; - if( enc_scheme_params.tag != ASN1_OCTET_STRING || + if( enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING || enc_scheme_params.len != cipher_info->iv_size ) { - return( POLARSSL_ERR_PKCS5_INVALID_FORMAT ); + return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT ); } - md_init( &md_ctx ); - cipher_init( &cipher_ctx ); + mbedtls_md_init( &md_ctx ); + mbedtls_cipher_init( &cipher_ctx ); memcpy( iv, enc_scheme_params.p, enc_scheme_params.len ); - if( ( ret = md_init_ctx( &md_ctx, md_info ) ) != 0 ) + if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) goto exit; - if( ( ret = pkcs5_pbkdf2_hmac( &md_ctx, pwd, pwdlen, salt.p, salt.len, + if( ( ret = mbedtls_pkcs5_pbkdf2_hmac( &md_ctx, pwd, pwdlen, salt.p, salt.len, iterations, keylen, key ) ) != 0 ) { goto exit; } - if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 ) + if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 ) goto exit; - if( ( ret = cipher_setkey( &cipher_ctx, key, 8 * keylen, (operation_t) mode ) ) != 0 ) + if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 ) goto exit; - if( ( ret = cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len, + if( ( ret = mbedtls_cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len, data, datalen, output, &olen ) ) != 0 ) - ret = POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH; + ret = MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH; exit: - md_free( &md_ctx ); - cipher_free( &cipher_ctx ); + mbedtls_md_free( &md_ctx ); + mbedtls_cipher_free( &cipher_ctx ); return( ret ); } -int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, +int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password, size_t plen, const unsigned char *salt, size_t slen, unsigned int iteration_count, uint32_t key_length, unsigned char *output ) { int ret, j; unsigned int i; - unsigned char md1[POLARSSL_MD_MAX_SIZE]; - unsigned char work[POLARSSL_MD_MAX_SIZE]; - unsigned char md_size = md_get_size( ctx->md_info ); + unsigned char md1[MBEDTLS_MD_MAX_SIZE]; + unsigned char work[MBEDTLS_MD_MAX_SIZE]; + unsigned char md_size = mbedtls_md_get_size( ctx->md_info ); size_t use_len; unsigned char *out_p = output; unsigned char counter[4]; @@ -233,22 +233,22 @@ int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, counter[3] = 1; if( iteration_count > 0xFFFFFFFF ) - return( POLARSSL_ERR_PKCS5_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA ); while( key_length ) { // U1 ends up in work // - if( ( ret = md_hmac_starts( ctx, password, plen ) ) != 0 ) + if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 ) return( ret ); - if( ( ret = md_hmac_update( ctx, salt, slen ) ) != 0 ) + if( ( ret = mbedtls_md_hmac_update( ctx, salt, slen ) ) != 0 ) return( ret ); - if( ( ret = md_hmac_update( ctx, counter, 4 ) ) != 0 ) + if( ( ret = mbedtls_md_hmac_update( ctx, counter, 4 ) ) != 0 ) return( ret ); - if( ( ret = md_hmac_finish( ctx, work ) ) != 0 ) + if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 ) return( ret ); memcpy( md1, work, md_size ); @@ -257,13 +257,13 @@ int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, { // U2 ends up in md1 // - if( ( ret = md_hmac_starts( ctx, password, plen ) ) != 0 ) + if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 ) return( ret ); - if( ( ret = md_hmac_update( ctx, md1, md_size ) ) != 0 ) + if( ( ret = mbedtls_md_hmac_update( ctx, md1, md_size ) ) != 0 ) return( ret ); - if( ( ret = md_hmac_finish( ctx, md1 ) ) != 0 ) + if( ( ret = mbedtls_md_hmac_finish( ctx, md1 ) ) != 0 ) return( ret ); // U1 xor U2 @@ -286,13 +286,13 @@ int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, return( 0 ); } -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) -#if !defined(POLARSSL_SHA1_C) -int pkcs5_self_test( int verbose ) +#if !defined(MBEDTLS_SHA1_C) +int mbedtls_pkcs5_self_test( int verbose ) { if( verbose != 0 ) - polarssl_printf( " PBKDF2 (SHA1): skipped\n\n" ); + mbedtls_printf( " PBKDF2 (SHA1): skipped\n\n" ); return( 0 ); } @@ -349,23 +349,23 @@ static const unsigned char result_key[MAX_TESTS][32] = 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3 }, }; -int pkcs5_self_test( int verbose ) +int mbedtls_pkcs5_self_test( int verbose ) { - md_context_t sha1_ctx; - const md_info_t *info_sha1; + mbedtls_md_context_t sha1_ctx; + const mbedtls_md_info_t *info_sha1; int ret, i; unsigned char key[64]; - md_init( &sha1_ctx ); + mbedtls_md_init( &sha1_ctx ); - info_sha1 = md_info_from_type( POLARSSL_MD_SHA1 ); + info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); if( info_sha1 == NULL ) { ret = 1; goto exit; } - if( ( ret = md_init_ctx( &sha1_ctx, info_sha1 ) ) != 0 ) + if( ( ret = mbedtls_md_setup( &sha1_ctx, info_sha1, 1 ) ) != 0 ) { ret = 1; goto exit; @@ -374,33 +374,33 @@ int pkcs5_self_test( int verbose ) for( i = 0; i < MAX_TESTS; i++ ) { if( verbose != 0 ) - polarssl_printf( " PBKDF2 (SHA1) #%d: ", i ); + mbedtls_printf( " PBKDF2 (SHA1) #%d: ", i ); - ret = pkcs5_pbkdf2_hmac( &sha1_ctx, password[i], plen[i], salt[i], + ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password[i], plen[i], salt[i], slen[i], it_cnt[i], key_len[i], key ); if( ret != 0 || memcmp( result_key[i], key, key_len[i] ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); exit: - md_free( &sha1_ctx ); + mbedtls_md_free( &sha1_ctx ); return( ret ); } -#endif /* POLARSSL_SHA1_C */ +#endif /* MBEDTLS_SHA1_C */ -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_PKCS5_C */ +#endif /* MBEDTLS_PKCS5_C */ diff --git a/ext/mbedtls/library/pkparse.c b/ext/mbedtls/library/pkparse.c index 39c51f6485..f24dbad924 100644 --- a/ext/mbedtls/library/pkparse.c +++ b/ext/mbedtls/library/pkparse.c @@ -20,116 +20,123 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PK_PARSE_C) +#if defined(MBEDTLS_PK_PARSE_C) -#include "polarssl/pk.h" -#include "polarssl/asn1.h" -#include "polarssl/oid.h" +#include "mbedtls/pk.h" +#include "mbedtls/asn1.h" +#include "mbedtls/oid.h" #include -#if defined(POLARSSL_RSA_C) -#include "polarssl/rsa.h" +#if defined(MBEDTLS_RSA_C) +#include "mbedtls/rsa.h" #endif -#if defined(POLARSSL_ECP_C) -#include "polarssl/ecp.h" +#if defined(MBEDTLS_ECP_C) +#include "mbedtls/ecp.h" #endif -#if defined(POLARSSL_ECDSA_C) -#include "polarssl/ecdsa.h" +#if defined(MBEDTLS_ECDSA_C) +#include "mbedtls/ecdsa.h" #endif -#if defined(POLARSSL_PEM_PARSE_C) -#include "polarssl/pem.h" +#if defined(MBEDTLS_PEM_PARSE_C) +#include "mbedtls/pem.h" #endif -#if defined(POLARSSL_PKCS5_C) -#include "polarssl/pkcs5.h" +#if defined(MBEDTLS_PKCS5_C) +#include "mbedtls/pkcs5.h" #endif -#if defined(POLARSSL_PKCS12_C) -#include "polarssl/pkcs12.h" +#if defined(MBEDTLS_PKCS12_C) +#include "mbedtls/pkcs12.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_calloc calloc +#define mbedtls_free free #endif -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } /* * Load all data from a file into a given buffer. + * + * The file is expected to contain either PEM or DER encoded data. + * A terminating null byte is always appended. It is included in the announced + * length only if the data looks like it is PEM encoded. */ -int pk_load_file( const char *path, unsigned char **buf, size_t *n ) +int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ) { FILE *f; long size; if( ( f = fopen( path, "rb" ) ) == NULL ) - return( POLARSSL_ERR_PK_FILE_IO_ERROR ); + return( MBEDTLS_ERR_PK_FILE_IO_ERROR ); fseek( f, 0, SEEK_END ); if( ( size = ftell( f ) ) == -1 ) { fclose( f ); - return( POLARSSL_ERR_PK_FILE_IO_ERROR ); + return( MBEDTLS_ERR_PK_FILE_IO_ERROR ); } fseek( f, 0, SEEK_SET ); *n = (size_t) size; if( *n + 1 == 0 || - ( *buf = polarssl_malloc( *n + 1 ) ) == NULL ) + ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL ) { fclose( f ); - return( POLARSSL_ERR_PK_MALLOC_FAILED ); + return( MBEDTLS_ERR_PK_ALLOC_FAILED ); } if( fread( *buf, 1, *n, f ) != *n ) { fclose( f ); - polarssl_free( *buf ); - return( POLARSSL_ERR_PK_FILE_IO_ERROR ); + mbedtls_free( *buf ); + return( MBEDTLS_ERR_PK_FILE_IO_ERROR ); } fclose( f ); (*buf)[*n] = '\0'; + if( strstr( (const char *) *buf, "-----BEGIN " ) != NULL ) + ++*n; + return( 0 ); } /* * Load and parse a private key */ -int pk_parse_keyfile( pk_context *ctx, +int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, const char *path, const char *pwd ) { int ret; size_t n; unsigned char *buf; - if( ( ret = pk_load_file( path, &buf, &n ) ) != 0 ) + if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) return( ret ); if( pwd == NULL ) - ret = pk_parse_key( ctx, buf, n, NULL, 0 ); + ret = mbedtls_pk_parse_key( ctx, buf, n, NULL, 0 ); else - ret = pk_parse_key( ctx, buf, n, + ret = mbedtls_pk_parse_key( ctx, buf, n, (const unsigned char *) pwd, strlen( pwd ) ); - polarssl_zeroize( buf, n + 1 ); - polarssl_free( buf ); + mbedtls_zeroize( buf, n ); + mbedtls_free( buf ); return( ret ); } @@ -137,26 +144,26 @@ int pk_parse_keyfile( pk_context *ctx, /* * Load and parse a public key */ -int pk_parse_public_keyfile( pk_context *ctx, const char *path ) +int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) { int ret; size_t n; unsigned char *buf; - if( ( ret = pk_load_file( path, &buf, &n ) ) != 0 ) + if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) return( ret ); - ret = pk_parse_public_key( ctx, buf, n ); + ret = mbedtls_pk_parse_public_key( ctx, buf, n ); - polarssl_zeroize( buf, n + 1 ); - polarssl_free( buf ); + mbedtls_zeroize( buf, n ); + mbedtls_free( buf ); return( ret ); } -#endif /* POLARSSL_FS_IO */ +#endif /* MBEDTLS_FS_IO */ -#if defined(POLARSSL_ECP_C) -/* Minimally parse an ECParameters buffer to and asn1_buf +#if defined(MBEDTLS_ECP_C) +/* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf * * ECParameters ::= CHOICE { * namedCurve OBJECT IDENTIFIER @@ -165,38 +172,38 @@ int pk_parse_public_keyfile( pk_context *ctx, const char *path ) * } */ static int pk_get_ecparams( unsigned char **p, const unsigned char *end, - asn1_buf *params ) + mbedtls_asn1_buf *params ) { int ret; /* Tag may be either OID or SEQUENCE */ params->tag = **p; - if( params->tag != ASN1_OID -#if defined(POLARSSL_PK_PARSE_EC_EXTENDED) - && params->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) + if( params->tag != MBEDTLS_ASN1_OID +#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) + && params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) #endif ) { - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); } - if( ( ret = asn1_get_tag( p, end, ¶ms->len, params->tag ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, ¶ms->len, params->tag ) ) != 0 ) { - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } params->p = *p; *p += params->len; if( *p != end ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } -#if defined(POLARSSL_PK_PARSE_EC_EXTENDED) +#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) /* * Parse a SpecifiedECDomain (SEC 1 C.2) and (mostly) fill the group with it. * WARNING: the resulting group should only be used with @@ -216,7 +223,7 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end, * * We only support prime-field as field type, and ignore hash and cofactor. */ -static int pk_group_from_specified( const asn1_buf *params, ecp_group *grp ) +static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp ) { int ret; unsigned char *p = params->p; @@ -226,11 +233,11 @@ static int pk_group_from_specified( const asn1_buf *params, ecp_group *grp ) int ver; /* SpecifiedECDomainVersion ::= INTEGER { 1, 2, 3 } */ - if( ( ret = asn1_get_int( &p, end, &ver ) ) != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_int( &p, end, &ver ) ) != 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); if( ver < 1 || ver > 3 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); /* * FieldID { FIELD-ID:IOSet } ::= SEQUENCE { -- Finite field @@ -238,8 +245,8 @@ static int pk_group_from_specified( const asn1_buf *params, ecp_group *grp ) * parameters FIELD-ID.&Type({IOSet}{@fieldType}) * } */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) return( ret ); end_field = p + len; @@ -252,26 +259,26 @@ static int pk_group_from_specified( const asn1_buf *params, ecp_group *grp ) * } * prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 } */ - if( ( ret = asn1_get_tag( &p, end_field, &len, ASN1_OID ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end_field, &len, MBEDTLS_ASN1_OID ) ) != 0 ) return( ret ); - if( len != OID_SIZE( OID_ANSI_X9_62_PRIME_FIELD ) || - memcmp( p, OID_ANSI_X9_62_PRIME_FIELD, len ) != 0 ) + if( len != MBEDTLS_OID_SIZE( MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD ) || + memcmp( p, MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD, len ) != 0 ) { - return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); } p += len; /* Prime-p ::= INTEGER -- Field of size p. */ - if( ( ret = asn1_get_mpi( &p, end_field, &grp->P ) ) != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_mpi( &p, end_field, &grp->P ) ) != 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); - grp->pbits = mpi_msb( &grp->P ); + grp->pbits = mbedtls_mpi_bitlen( &grp->P ); if( p != end_field ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); /* * Curve ::= SEQUENCE { @@ -282,8 +289,8 @@ static int pk_group_from_specified( const asn1_buf *params, ecp_group *grp ) * -- with version equal to ecdpVer2 or ecdpVer3 * } */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) return( ret ); end_curve = p + len; @@ -292,51 +299,51 @@ static int pk_group_from_specified( const asn1_buf *params, ecp_group *grp ) * FieldElement ::= OCTET STRING * containing an integer in the case of a prime field */ - if( ( ret = asn1_get_tag( &p, end_curve, &len, ASN1_OCTET_STRING ) ) != 0 || - ( ret = mpi_read_binary( &grp->A, p, len ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 || + ( ret = mbedtls_mpi_read_binary( &grp->A, p, len ) ) != 0 ) { - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } p += len; - if( ( ret = asn1_get_tag( &p, end_curve, &len, ASN1_OCTET_STRING ) ) != 0 || - ( ret = mpi_read_binary( &grp->B, p, len ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 || + ( ret = mbedtls_mpi_read_binary( &grp->B, p, len ) ) != 0 ) { - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } p += len; /* Ignore seed BIT STRING OPTIONAL */ - if( ( ret = asn1_get_tag( &p, end_curve, &len, ASN1_BIT_STRING ) ) == 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_BIT_STRING ) ) == 0 ) p += len; if( p != end_curve ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); /* * ECPoint ::= OCTET STRING */ - if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); - if( ( ret = ecp_point_read_binary( grp, &grp->G, + if( ( ret = mbedtls_ecp_point_read_binary( grp, &grp->G, ( const unsigned char *) p, len ) ) != 0 ) { /* * If we can't read the point because it's compressed, cheat by * reading only the X coordinate and the parity bit of Y. */ - if( ret != POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE || + if( ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE || ( p[0] != 0x02 && p[0] != 0x03 ) || - len != mpi_size( &grp->P ) + 1 || - mpi_read_binary( &grp->G.X, p + 1, len - 1 ) != 0 || - mpi_lset( &grp->G.Y, p[0] - 2 ) != 0 || - mpi_lset( &grp->G.Z, 1 ) != 0 ) + len != mbedtls_mpi_size( &grp->P ) + 1 || + mbedtls_mpi_read_binary( &grp->G.X, p + 1, len - 1 ) != 0 || + mbedtls_mpi_lset( &grp->G.Y, p[0] - 2 ) != 0 || + mbedtls_mpi_lset( &grp->G.Z, 1 ) != 0 ) { - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); } } @@ -345,10 +352,10 @@ static int pk_group_from_specified( const asn1_buf *params, ecp_group *grp ) /* * order INTEGER */ - if( ( ret = asn1_get_mpi( &p, end, &grp->N ) ) != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_mpi( &p, end, &grp->N ) ) != 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); - grp->nbits = mpi_msb( &grp->N ); + grp->nbits = mbedtls_mpi_bitlen( &grp->N ); /* * Allow optional elements by purposefully not enforcing p == end here. @@ -361,30 +368,30 @@ static int pk_group_from_specified( const asn1_buf *params, ecp_group *grp ) * Find the group id associated with an (almost filled) group as generated by * pk_group_from_specified(), or return an error if unknown. */ -static int pk_group_id_from_group( const ecp_group *grp, ecp_group_id *grp_id ) +static int pk_group_id_from_group( const mbedtls_ecp_group *grp, mbedtls_ecp_group_id *grp_id ) { int ret = 0; - ecp_group ref; - const ecp_group_id *id; + mbedtls_ecp_group ref; + const mbedtls_ecp_group_id *id; - ecp_group_init( &ref ); + mbedtls_ecp_group_init( &ref ); - for( id = ecp_grp_id_list(); *id != POLARSSL_ECP_DP_NONE; id++ ) + for( id = mbedtls_ecp_grp_id_list(); *id != MBEDTLS_ECP_DP_NONE; id++ ) { /* Load the group associated to that id */ - ecp_group_free( &ref ); - MPI_CHK( ecp_use_known_dp( &ref, *id ) ); + mbedtls_ecp_group_free( &ref ); + MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ref, *id ) ); /* Compare to the group we were given, starting with easy tests */ if( grp->pbits == ref.pbits && grp->nbits == ref.nbits && - mpi_cmp_mpi( &grp->P, &ref.P ) == 0 && - mpi_cmp_mpi( &grp->A, &ref.A ) == 0 && - mpi_cmp_mpi( &grp->B, &ref.B ) == 0 && - mpi_cmp_mpi( &grp->N, &ref.N ) == 0 && - mpi_cmp_mpi( &grp->G.X, &ref.G.X ) == 0 && - mpi_cmp_mpi( &grp->G.Z, &ref.G.Z ) == 0 && + mbedtls_mpi_cmp_mpi( &grp->P, &ref.P ) == 0 && + mbedtls_mpi_cmp_mpi( &grp->A, &ref.A ) == 0 && + mbedtls_mpi_cmp_mpi( &grp->B, &ref.B ) == 0 && + mbedtls_mpi_cmp_mpi( &grp->N, &ref.N ) == 0 && + mbedtls_mpi_cmp_mpi( &grp->G.X, &ref.G.X ) == 0 && + mbedtls_mpi_cmp_mpi( &grp->G.Z, &ref.G.Z ) == 0 && /* For Y we may only know the parity bit, so compare only that */ - mpi_get_bit( &grp->G.Y, 0 ) == mpi_get_bit( &ref.G.Y, 0 ) ) + mbedtls_mpi_get_bit( &grp->G.Y, 0 ) == mbedtls_mpi_get_bit( &ref.G.Y, 0 ) ) { break; } @@ -392,12 +399,12 @@ static int pk_group_id_from_group( const ecp_group *grp, ecp_group_id *grp_id ) } cleanup: - ecp_group_free( &ref ); + mbedtls_ecp_group_free( &ref ); *grp_id = *id; - if( ret == 0 && *id == POLARSSL_ECP_DP_NONE ) - ret = POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE; + if( ret == 0 && *id == MBEDTLS_ECP_DP_NONE ) + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; return( ret ); } @@ -405,13 +412,13 @@ cleanup: /* * Parse a SpecifiedECDomain (SEC 1 C.2) and find the associated group ID */ -static int pk_group_id_from_specified( const asn1_buf *params, - ecp_group_id *grp_id ) +static int pk_group_id_from_specified( const mbedtls_asn1_buf *params, + mbedtls_ecp_group_id *grp_id ) { int ret; - ecp_group grp; + mbedtls_ecp_group grp; - ecp_group_init( &grp ); + mbedtls_ecp_group_init( &grp ); if( ( ret = pk_group_from_specified( params, &grp ) ) != 0 ) goto cleanup; @@ -419,11 +426,11 @@ static int pk_group_id_from_specified( const asn1_buf *params, ret = pk_group_id_from_group( &grp, grp_id ); cleanup: - ecp_group_free( &grp ); + mbedtls_ecp_group_free( &grp ); return( ret ); } -#endif /* POLARSSL_PK_PARSE_EC_EXTENDED */ +#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ /* * Use EC parameters to initialise an EC group @@ -433,33 +440,33 @@ cleanup: * specifiedCurve SpecifiedECDomain -- = SEQUENCE { ... } * -- implicitCurve NULL */ -static int pk_use_ecparams( const asn1_buf *params, ecp_group *grp ) +static int pk_use_ecparams( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp ) { int ret; - ecp_group_id grp_id; + mbedtls_ecp_group_id grp_id; - if( params->tag == ASN1_OID ) + if( params->tag == MBEDTLS_ASN1_OID ) { - if( oid_get_ec_grp( params, &grp_id ) != 0 ) - return( POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE ); + if( mbedtls_oid_get_ec_grp( params, &grp_id ) != 0 ) + return( MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE ); } else { -#if defined(POLARSSL_PK_PARSE_EC_EXTENDED) +#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) if( ( ret = pk_group_id_from_specified( params, &grp_id ) ) != 0 ) return( ret ); #else - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); #endif } /* * grp may already be initilialized; if so, make sure IDs match */ - if( grp->id != POLARSSL_ECP_DP_NONE && grp->id != grp_id ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT ); + if( grp->id != MBEDTLS_ECP_DP_NONE && grp->id != grp_id ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); - if( ( ret = ecp_use_known_dp( grp, grp_id ) ) != 0 ) + if( ( ret = mbedtls_ecp_group_load( grp, grp_id ) ) != 0 ) return( ret ); return( 0 ); @@ -470,29 +477,29 @@ static int pk_use_ecparams( const asn1_buf *params, ecp_group *grp ) * * The caller is responsible for clearing the structure upon failure if * desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE - * return code of ecp_point_read_binary() and leave p in a usable state. + * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state. */ static int pk_get_ecpubkey( unsigned char **p, const unsigned char *end, - ecp_keypair *key ) + mbedtls_ecp_keypair *key ) { int ret; - if( ( ret = ecp_point_read_binary( &key->grp, &key->Q, + if( ( ret = mbedtls_ecp_point_read_binary( &key->grp, &key->Q, (const unsigned char *) *p, end - *p ) ) == 0 ) { - ret = ecp_check_pubkey( &key->grp, &key->Q ); + ret = mbedtls_ecp_check_pubkey( &key->grp, &key->Q ); } /* - * We know ecp_point_read_binary consumed all bytes or failed + * We know mbedtls_ecp_point_read_binary consumed all bytes or failed */ *p = (unsigned char *) end; return( ret ); } -#endif /* POLARSSL_ECP_C */ +#endif /* MBEDTLS_ECP_C */ -#if defined(POLARSSL_RSA_C) +#if defined(MBEDTLS_RSA_C) /* * RSAPublicKey ::= SEQUENCE { * modulus INTEGER, -- n @@ -501,35 +508,35 @@ static int pk_get_ecpubkey( unsigned char **p, const unsigned char *end, */ static int pk_get_rsapubkey( unsigned char **p, const unsigned char *end, - rsa_context *rsa ) + mbedtls_rsa_context *rsa ) { int ret; size_t len; - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) - return( POLARSSL_ERR_PK_INVALID_PUBKEY + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret ); if( *p + len != end ) - return( POLARSSL_ERR_PK_INVALID_PUBKEY + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_PK_INVALID_PUBKEY + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - if( ( ret = asn1_get_mpi( p, end, &rsa->N ) ) != 0 || - ( ret = asn1_get_mpi( p, end, &rsa->E ) ) != 0 ) - return( POLARSSL_ERR_PK_INVALID_PUBKEY + ret ); + if( ( ret = mbedtls_asn1_get_mpi( p, end, &rsa->N ) ) != 0 || + ( ret = mbedtls_asn1_get_mpi( p, end, &rsa->E ) ) != 0 ) + return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret ); if( *p != end ) - return( POLARSSL_ERR_PK_INVALID_PUBKEY + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_PK_INVALID_PUBKEY + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - if( ( ret = rsa_check_pubkey( rsa ) ) != 0 ) - return( POLARSSL_ERR_PK_INVALID_PUBKEY ); + if( ( ret = mbedtls_rsa_check_pubkey( rsa ) ) != 0 ) + return( MBEDTLS_ERR_PK_INVALID_PUBKEY ); - rsa->len = mpi_size( &rsa->N ); + rsa->len = mbedtls_mpi_size( &rsa->N ); return( 0 ); } -#endif /* POLARSSL_RSA_C */ +#endif /* MBEDTLS_RSA_C */ /* Get a PK algorithm identifier * @@ -539,27 +546,27 @@ static int pk_get_rsapubkey( unsigned char **p, */ static int pk_get_pk_alg( unsigned char **p, const unsigned char *end, - pk_type_t *pk_alg, asn1_buf *params ) + mbedtls_pk_type_t *pk_alg, mbedtls_asn1_buf *params ) { int ret; - asn1_buf alg_oid; + mbedtls_asn1_buf alg_oid; - memset( params, 0, sizeof(asn1_buf) ); + memset( params, 0, sizeof(mbedtls_asn1_buf) ); - if( ( ret = asn1_get_alg( p, end, &alg_oid, params ) ) != 0 ) - return( POLARSSL_ERR_PK_INVALID_ALG + ret ); + if( ( ret = mbedtls_asn1_get_alg( p, end, &alg_oid, params ) ) != 0 ) + return( MBEDTLS_ERR_PK_INVALID_ALG + ret ); - if( oid_get_pk_alg( &alg_oid, pk_alg ) != 0 ) - return( POLARSSL_ERR_PK_UNKNOWN_PK_ALG ); + if( mbedtls_oid_get_pk_alg( &alg_oid, pk_alg ) != 0 ) + return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); /* * No parameters with RSA (only for EC) */ - if( *pk_alg == POLARSSL_PK_RSA && - ( ( params->tag != ASN1_NULL && params->tag != 0 ) || + if( *pk_alg == MBEDTLS_PK_RSA && + ( ( params->tag != MBEDTLS_ASN1_NULL && params->tag != 0 ) || params->len != 0 ) ) { - return( POLARSSL_ERR_PK_INVALID_ALG ); + return( MBEDTLS_ERR_PK_INVALID_ALG ); } return( 0 ); @@ -570,19 +577,19 @@ static int pk_get_pk_alg( unsigned char **p, * algorithm AlgorithmIdentifier, * subjectPublicKey BIT STRING } */ -int pk_parse_subpubkey( unsigned char **p, const unsigned char *end, - pk_context *pk ) +int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, + mbedtls_pk_context *pk ) { int ret; size_t len; - asn1_buf alg_params; - pk_type_t pk_alg = POLARSSL_PK_NONE; - const pk_info_t *pk_info; + mbedtls_asn1_buf alg_params; + mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; + const mbedtls_pk_info_t *pk_info; - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } end = *p + len; @@ -590,50 +597,50 @@ int pk_parse_subpubkey( unsigned char **p, const unsigned char *end, if( ( ret = pk_get_pk_alg( p, end, &pk_alg, &alg_params ) ) != 0 ) return( ret ); - if( ( ret = asn1_get_bitstring_null( p, end, &len ) ) != 0 ) - return( POLARSSL_ERR_PK_INVALID_PUBKEY + ret ); + if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) + return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret ); if( *p + len != end ) - return( POLARSSL_ERR_PK_INVALID_PUBKEY + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_PK_INVALID_PUBKEY + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); - if( ( pk_info = pk_info_from_type( pk_alg ) ) == NULL ) - return( POLARSSL_ERR_PK_UNKNOWN_PK_ALG ); + if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL ) + return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); - if( ( ret = pk_init_ctx( pk, pk_info ) ) != 0 ) + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ) return( ret ); -#if defined(POLARSSL_RSA_C) - if( pk_alg == POLARSSL_PK_RSA ) +#if defined(MBEDTLS_RSA_C) + if( pk_alg == MBEDTLS_PK_RSA ) { - ret = pk_get_rsapubkey( p, end, pk_rsa( *pk ) ); + ret = pk_get_rsapubkey( p, end, mbedtls_pk_rsa( *pk ) ); } else -#endif /* POLARSSL_RSA_C */ -#if defined(POLARSSL_ECP_C) - if( pk_alg == POLARSSL_PK_ECKEY_DH || pk_alg == POLARSSL_PK_ECKEY ) +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECP_C) + if( pk_alg == MBEDTLS_PK_ECKEY_DH || pk_alg == MBEDTLS_PK_ECKEY ) { - ret = pk_use_ecparams( &alg_params, &pk_ec( *pk )->grp ); + ret = pk_use_ecparams( &alg_params, &mbedtls_pk_ec( *pk )->grp ); if( ret == 0 ) - ret = pk_get_ecpubkey( p, end, pk_ec( *pk ) ); + ret = pk_get_ecpubkey( p, end, mbedtls_pk_ec( *pk ) ); } else -#endif /* POLARSSL_ECP_C */ - ret = POLARSSL_ERR_PK_UNKNOWN_PK_ALG; +#endif /* MBEDTLS_ECP_C */ + ret = MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; if( ret == 0 && *p != end ) - ret = POLARSSL_ERR_PK_INVALID_PUBKEY - POLARSSL_ERR_ASN1_LENGTH_MISMATCH; + ret = MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; if( ret != 0 ) - pk_free( pk ); + mbedtls_pk_free( pk ); return( ret ); } -#if defined(POLARSSL_RSA_C) +#if defined(MBEDTLS_RSA_C) /* * Parse a PKCS#1 encoded private RSA key */ -static int pk_parse_key_pkcs1_der( rsa_context *rsa, +static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen ) { @@ -660,68 +667,68 @@ static int pk_parse_key_pkcs1_der( rsa_context *rsa, * otherPrimeInfos OtherPrimeInfos OPTIONAL * } */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } end = p + len; - if( ( ret = asn1_get_int( &p, end, &rsa->ver ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_int( &p, end, &rsa->ver ) ) != 0 ) { - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } if( rsa->ver != 0 ) { - return( POLARSSL_ERR_PK_KEY_INVALID_VERSION ); + return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION ); } - if( ( ret = asn1_get_mpi( &p, end, &rsa->N ) ) != 0 || - ( ret = asn1_get_mpi( &p, end, &rsa->E ) ) != 0 || - ( ret = asn1_get_mpi( &p, end, &rsa->D ) ) != 0 || - ( ret = asn1_get_mpi( &p, end, &rsa->P ) ) != 0 || - ( ret = asn1_get_mpi( &p, end, &rsa->Q ) ) != 0 || - ( ret = asn1_get_mpi( &p, end, &rsa->DP ) ) != 0 || - ( ret = asn1_get_mpi( &p, end, &rsa->DQ ) ) != 0 || - ( ret = asn1_get_mpi( &p, end, &rsa->QP ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->N ) ) != 0 || + ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->E ) ) != 0 || + ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->D ) ) != 0 || + ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->P ) ) != 0 || + ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->Q ) ) != 0 || + ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->DP ) ) != 0 || + ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->DQ ) ) != 0 || + ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->QP ) ) != 0 ) { - rsa_free( rsa ); - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + mbedtls_rsa_free( rsa ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } - rsa->len = mpi_size( &rsa->N ); + rsa->len = mbedtls_mpi_size( &rsa->N ); if( p != end ) { - rsa_free( rsa ); - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + mbedtls_rsa_free( rsa ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } - if( ( ret = rsa_check_privkey( rsa ) ) != 0 ) + if( ( ret = mbedtls_rsa_check_privkey( rsa ) ) != 0 ) { - rsa_free( rsa ); + mbedtls_rsa_free( rsa ); return( ret ); } return( 0 ); } -#endif /* POLARSSL_RSA_C */ +#endif /* MBEDTLS_RSA_C */ -#if defined(POLARSSL_ECP_C) +#if defined(MBEDTLS_ECP_C) /* * Parse a SEC1 encoded private EC key */ -static int pk_parse_key_sec1_der( ecp_keypair *eck, +static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, const unsigned char *key, size_t keylen ) { int ret; int version, pubkey_done; size_t len; - asn1_buf params; + mbedtls_asn1_buf params; unsigned char *p = (unsigned char *) key; unsigned char *end = p + keylen; unsigned char *end2; @@ -736,27 +743,27 @@ static int pk_parse_key_sec1_der( ecp_keypair *eck, * publicKey [1] BIT STRING OPTIONAL * } */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } end = p + len; - if( ( ret = asn1_get_int( &p, end, &version ) ) != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); if( version != 1 ) - return( POLARSSL_ERR_PK_KEY_INVALID_VERSION ); + return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION ); - if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); - if( ( ret = mpi_read_binary( &eck->d, p, len ) ) != 0 ) + if( ( ret = mbedtls_mpi_read_binary( &eck->d, p, len ) ) != 0 ) { - ecp_keypair_free( eck ); - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + mbedtls_ecp_keypair_free( eck ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } p += len; @@ -767,37 +774,37 @@ static int pk_parse_key_sec1_der( ecp_keypair *eck, /* * Is 'parameters' present? */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 ) { if( ( ret = pk_get_ecparams( &p, p + len, ¶ms) ) != 0 || ( ret = pk_use_ecparams( ¶ms, &eck->grp ) ) != 0 ) { - ecp_keypair_free( eck ); + mbedtls_ecp_keypair_free( eck ); return( ret ); } } - else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) { - ecp_keypair_free( eck ); - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + mbedtls_ecp_keypair_free( eck ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } /* * Is 'publickey' present? If not, or if we can't read it (eg because it * is compressed), create it from the private key. */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 ) { end2 = p + len; - if( ( ret = asn1_get_bitstring_null( &p, end2, &len ) ) != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_bitstring_null( &p, end2, &len ) ) != 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); if( p + len != end2 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); if( ( ret = pk_get_ecpubkey( &p, end2, eck ) ) == 0 ) pubkey_done = 1; @@ -807,50 +814,50 @@ static int pk_parse_key_sec1_der( ecp_keypair *eck, * The only acceptable failure mode of pk_get_ecpubkey() above * is if the point format is not recognized. */ - if( ret != POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT ); + if( ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); } } - else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) { - ecp_keypair_free( eck ); - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + mbedtls_ecp_keypair_free( eck ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } } if( ! pubkey_done && - ( ret = ecp_mul( &eck->grp, &eck->Q, &eck->d, &eck->grp.G, + ( ret = mbedtls_ecp_mul( &eck->grp, &eck->Q, &eck->d, &eck->grp.G, NULL, NULL ) ) != 0 ) { - ecp_keypair_free( eck ); - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + mbedtls_ecp_keypair_free( eck ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } - if( ( ret = ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 ) + if( ( ret = mbedtls_ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 ) { - ecp_keypair_free( eck ); + mbedtls_ecp_keypair_free( eck ); return( ret ); } return( 0 ); } -#endif /* POLARSSL_ECP_C */ +#endif /* MBEDTLS_ECP_C */ /* * Parse an unencrypted PKCS#8 encoded private key */ static int pk_parse_key_pkcs8_unencrypted_der( - pk_context *pk, + mbedtls_pk_context *pk, const unsigned char* key, size_t keylen ) { int ret, version; size_t len; - asn1_buf params; + mbedtls_asn1_buf params; unsigned char *p = (unsigned char *) key; unsigned char *end = p + keylen; - pk_type_t pk_alg = POLARSSL_PK_NONE; - const pk_info_t *pk_info; + mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; + const mbedtls_pk_info_t *pk_info; /* * This function parses the PrivatKeyInfo object (PKCS#8 v1.2 = RFC 5208) @@ -868,58 +875,58 @@ static int pk_parse_key_pkcs8_unencrypted_der( * The PrivateKey OCTET STRING is a SEC1 ECPrivateKey */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } end = p + len; - if( ( ret = asn1_get_int( &p, end, &version ) ) != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); if( version != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_VERSION + ret ); + return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION + ret ); if( ( ret = pk_get_pk_alg( &p, end, &pk_alg, ¶ms ) ) != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); - if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); if( len < 1 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + - POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - if( ( pk_info = pk_info_from_type( pk_alg ) ) == NULL ) - return( POLARSSL_ERR_PK_UNKNOWN_PK_ALG ); + if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL ) + return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); - if( ( ret = pk_init_ctx( pk, pk_info ) ) != 0 ) + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ) return( ret ); -#if defined(POLARSSL_RSA_C) - if( pk_alg == POLARSSL_PK_RSA ) +#if defined(MBEDTLS_RSA_C) + if( pk_alg == MBEDTLS_PK_RSA ) { - if( ( ret = pk_parse_key_pkcs1_der( pk_rsa( *pk ), p, len ) ) != 0 ) + if( ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), p, len ) ) != 0 ) { - pk_free( pk ); + mbedtls_pk_free( pk ); return( ret ); } } else -#endif /* POLARSSL_RSA_C */ -#if defined(POLARSSL_ECP_C) - if( pk_alg == POLARSSL_PK_ECKEY || pk_alg == POLARSSL_PK_ECKEY_DH ) +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECP_C) + if( pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH ) { - if( ( ret = pk_use_ecparams( ¶ms, &pk_ec( *pk )->grp ) ) != 0 || - ( ret = pk_parse_key_sec1_der( pk_ec( *pk ), p, len ) ) != 0 ) + if( ( ret = pk_use_ecparams( ¶ms, &mbedtls_pk_ec( *pk )->grp ) ) != 0 || + ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), p, len ) ) != 0 ) { - pk_free( pk ); + mbedtls_pk_free( pk ); return( ret ); } } else -#endif /* POLARSSL_ECP_C */ - return( POLARSSL_ERR_PK_UNKNOWN_PK_ALG ); +#endif /* MBEDTLS_ECP_C */ + return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); return( 0 ); } @@ -927,9 +934,9 @@ static int pk_parse_key_pkcs8_unencrypted_der( /* * Parse an encrypted PKCS#8 encoded private key */ -#if defined(POLARSSL_PKCS12_C) || defined(POLARSSL_PKCS5_C) +#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) static int pk_parse_key_pkcs8_encrypted_der( - pk_context *pk, + mbedtls_pk_context *pk, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen ) { @@ -937,10 +944,10 @@ static int pk_parse_key_pkcs8_encrypted_der( size_t len; unsigned char buf[2048]; unsigned char *p, *end; - asn1_buf pbe_alg_oid, pbe_params; -#if defined(POLARSSL_PKCS12_C) - cipher_type_t cipher_alg; - md_type_t md_alg; + mbedtls_asn1_buf pbe_alg_oid, pbe_params; +#if defined(MBEDTLS_PKCS12_C) + mbedtls_cipher_type_t cipher_alg; + mbedtls_md_type_t md_alg; #endif memset( buf, 0, sizeof( buf ) ); @@ -949,7 +956,7 @@ static int pk_parse_key_pkcs8_encrypted_der( end = p + keylen; if( pwdlen == 0 ) - return( POLARSSL_ERR_PK_PASSWORD_REQUIRED ); + return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED ); /* * This function parses the EncryptedPrivatKeyInfo object (PKCS#8) @@ -965,45 +972,45 @@ static int pk_parse_key_pkcs8_encrypted_der( * * The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); } end = p + len; - if( ( ret = asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); - if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 ) - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret ); + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); if( len > sizeof( buf ) ) - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); /* * Decrypt EncryptedData with appropriate PDE */ -#if defined(POLARSSL_PKCS12_C) - if( oid_get_pkcs12_pbe_alg( &pbe_alg_oid, &md_alg, &cipher_alg ) == 0 ) +#if defined(MBEDTLS_PKCS12_C) + if( mbedtls_oid_get_pkcs12_pbe_alg( &pbe_alg_oid, &md_alg, &cipher_alg ) == 0 ) { - if( ( ret = pkcs12_pbe( &pbe_params, PKCS12_PBE_DECRYPT, + if( ( ret = mbedtls_pkcs12_pbe( &pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, cipher_alg, md_alg, pwd, pwdlen, p, len, buf ) ) != 0 ) { - if( ret == POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH ) - return( POLARSSL_ERR_PK_PASSWORD_MISMATCH ); + if( ret == MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH ) + return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); return( ret ); } decrypted = 1; } - else if( OID_CMP( OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) ) + else if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) == 0 ) { - if( ( ret = pkcs12_pbe_sha1_rc4_128( &pbe_params, - PKCS12_PBE_DECRYPT, + if( ( ret = mbedtls_pkcs12_pbe_sha1_rc4_128( &pbe_params, + MBEDTLS_PKCS12_PBE_DECRYPT, pwd, pwdlen, p, len, buf ) ) != 0 ) { @@ -1011,23 +1018,23 @@ static int pk_parse_key_pkcs8_encrypted_der( } // Best guess for password mismatch when using RC4. If first tag is - // not ASN1_CONSTRUCTED | ASN1_SEQUENCE + // not MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE // - if( *buf != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) - return( POLARSSL_ERR_PK_PASSWORD_MISMATCH ); + if( *buf != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) + return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); decrypted = 1; } else -#endif /* POLARSSL_PKCS12_C */ -#if defined(POLARSSL_PKCS5_C) - if( OID_CMP( OID_PKCS5_PBES2, &pbe_alg_oid ) ) +#endif /* MBEDTLS_PKCS12_C */ +#if defined(MBEDTLS_PKCS5_C) + if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS5_PBES2, &pbe_alg_oid ) == 0 ) { - if( ( ret = pkcs5_pbes2( &pbe_params, PKCS5_DECRYPT, pwd, pwdlen, + if( ( ret = mbedtls_pkcs5_pbes2( &pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen, p, len, buf ) ) != 0 ) { - if( ret == POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH ) - return( POLARSSL_ERR_PK_PASSWORD_MISMATCH ); + if( ret == MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH ) + return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); return( ret ); } @@ -1035,132 +1042,149 @@ static int pk_parse_key_pkcs8_encrypted_der( decrypted = 1; } else -#endif /* POLARSSL_PKCS5_C */ +#endif /* MBEDTLS_PKCS5_C */ { ((void) pwd); } if( decrypted == 0 ) - return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len ) ); } -#endif /* POLARSSL_PKCS12_C || POLARSSL_PKCS5_C */ +#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ /* * Parse a private key */ -int pk_parse_key( pk_context *pk, +int mbedtls_pk_parse_key( mbedtls_pk_context *pk, const unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen ) { int ret; - const pk_info_t *pk_info; + const mbedtls_pk_info_t *pk_info; -#if defined(POLARSSL_PEM_PARSE_C) +#if defined(MBEDTLS_PEM_PARSE_C) size_t len; - pem_context pem; + mbedtls_pem_context pem; - pem_init( &pem ); + mbedtls_pem_init( &pem ); + +#if defined(MBEDTLS_RSA_C) + /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ + if( keylen == 0 || key[keylen - 1] != '\0' ) + ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + else + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN RSA PRIVATE KEY-----", + "-----END RSA PRIVATE KEY-----", + key, pwd, pwdlen, &len ); -#if defined(POLARSSL_RSA_C) - ret = pem_read_buffer( &pem, - "-----BEGIN RSA PRIVATE KEY-----", - "-----END RSA PRIVATE KEY-----", - key, pwd, pwdlen, &len ); if( ret == 0 ) { - if( ( pk_info = pk_info_from_type( POLARSSL_PK_RSA ) ) == NULL ) - return( POLARSSL_ERR_PK_UNKNOWN_PK_ALG ); + if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL ) + return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); - if( ( ret = pk_init_ctx( pk, pk_info ) ) != 0 || - ( ret = pk_parse_key_pkcs1_der( pk_rsa( *pk ), + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 || + ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), pem.buf, pem.buflen ) ) != 0 ) { - pk_free( pk ); + mbedtls_pk_free( pk ); } - pem_free( &pem ); + mbedtls_pem_free( &pem ); return( ret ); } - else if( ret == POLARSSL_ERR_PEM_PASSWORD_MISMATCH ) - return( POLARSSL_ERR_PK_PASSWORD_MISMATCH ); - else if( ret == POLARSSL_ERR_PEM_PASSWORD_REQUIRED ) - return( POLARSSL_ERR_PK_PASSWORD_REQUIRED ); - else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + else if( ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH ) + return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); + else if( ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED ) + return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED ); + else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) return( ret ); -#endif /* POLARSSL_RSA_C */ +#endif /* MBEDTLS_RSA_C */ -#if defined(POLARSSL_ECP_C) - ret = pem_read_buffer( &pem, - "-----BEGIN EC PRIVATE KEY-----", - "-----END EC PRIVATE KEY-----", - key, pwd, pwdlen, &len ); +#if defined(MBEDTLS_ECP_C) + /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ + if( keylen == 0 || key[keylen - 1] != '\0' ) + ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + else + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN EC PRIVATE KEY-----", + "-----END EC PRIVATE KEY-----", + key, pwd, pwdlen, &len ); if( ret == 0 ) { - if( ( pk_info = pk_info_from_type( POLARSSL_PK_ECKEY ) ) == NULL ) - return( POLARSSL_ERR_PK_UNKNOWN_PK_ALG ); + if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == NULL ) + return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); - if( ( ret = pk_init_ctx( pk, pk_info ) ) != 0 || - ( ret = pk_parse_key_sec1_der( pk_ec( *pk ), + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 || + ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), pem.buf, pem.buflen ) ) != 0 ) { - pk_free( pk ); + mbedtls_pk_free( pk ); } - pem_free( &pem ); + mbedtls_pem_free( &pem ); return( ret ); } - else if( ret == POLARSSL_ERR_PEM_PASSWORD_MISMATCH ) - return( POLARSSL_ERR_PK_PASSWORD_MISMATCH ); - else if( ret == POLARSSL_ERR_PEM_PASSWORD_REQUIRED ) - return( POLARSSL_ERR_PK_PASSWORD_REQUIRED ); - else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + else if( ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH ) + return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); + else if( ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED ) + return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED ); + else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) return( ret ); -#endif /* POLARSSL_ECP_C */ +#endif /* MBEDTLS_ECP_C */ - ret = pem_read_buffer( &pem, - "-----BEGIN PRIVATE KEY-----", - "-----END PRIVATE KEY-----", - key, NULL, 0, &len ); + /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ + if( keylen == 0 || key[keylen - 1] != '\0' ) + ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + else + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN PRIVATE KEY-----", + "-----END PRIVATE KEY-----", + key, NULL, 0, &len ); if( ret == 0 ) { if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, pem.buf, pem.buflen ) ) != 0 ) { - pk_free( pk ); + mbedtls_pk_free( pk ); } - pem_free( &pem ); + mbedtls_pem_free( &pem ); return( ret ); } - else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) return( ret ); -#if defined(POLARSSL_PKCS12_C) || defined(POLARSSL_PKCS5_C) - ret = pem_read_buffer( &pem, - "-----BEGIN ENCRYPTED PRIVATE KEY-----", - "-----END ENCRYPTED PRIVATE KEY-----", - key, NULL, 0, &len ); +#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) + /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ + if( keylen == 0 || key[keylen - 1] != '\0' ) + ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + else + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN ENCRYPTED PRIVATE KEY-----", + "-----END ENCRYPTED PRIVATE KEY-----", + key, NULL, 0, &len ); if( ret == 0 ) { if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, pem.buf, pem.buflen, pwd, pwdlen ) ) != 0 ) { - pk_free( pk ); + mbedtls_pk_free( pk ); } - pem_free( &pem ); + mbedtls_pem_free( &pem ); return( ret ); } - else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) return( ret ); -#endif /* POLARSSL_PKCS12_C || POLARSSL_PKCS5_C */ +#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ #else ((void) pwd); ((void) pwdlen); -#endif /* POLARSSL_PEM_PARSE_C */ +#endif /* MBEDTLS_PEM_PARSE_C */ /* * At this point we only know it's not a PEM formatted key. Could be any @@ -1169,72 +1193,77 @@ int pk_parse_key( pk_context *pk, * We try the different DER format parsers to see if one passes without * error */ -#if defined(POLARSSL_PKCS12_C) || defined(POLARSSL_PKCS5_C) +#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, key, keylen, pwd, pwdlen ) ) == 0 ) { return( 0 ); } - pk_free( pk ); + mbedtls_pk_free( pk ); - if( ret == POLARSSL_ERR_PK_PASSWORD_MISMATCH ) + if( ret == MBEDTLS_ERR_PK_PASSWORD_MISMATCH ) { return( ret ); } -#endif /* POLARSSL_PKCS12_C || POLARSSL_PKCS5_C */ +#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen ) ) == 0 ) return( 0 ); - pk_free( pk ); + mbedtls_pk_free( pk ); -#if defined(POLARSSL_RSA_C) - if( ( pk_info = pk_info_from_type( POLARSSL_PK_RSA ) ) == NULL ) - return( POLARSSL_ERR_PK_UNKNOWN_PK_ALG ); +#if defined(MBEDTLS_RSA_C) + if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL ) + return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); - if( ( ret = pk_init_ctx( pk, pk_info ) ) != 0 || - ( ret = pk_parse_key_pkcs1_der( pk_rsa( *pk ), key, keylen ) ) == 0 ) + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 || + ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), key, keylen ) ) == 0 ) { return( 0 ); } - pk_free( pk ); -#endif /* POLARSSL_RSA_C */ + mbedtls_pk_free( pk ); +#endif /* MBEDTLS_RSA_C */ -#if defined(POLARSSL_ECP_C) - if( ( pk_info = pk_info_from_type( POLARSSL_PK_ECKEY ) ) == NULL ) - return( POLARSSL_ERR_PK_UNKNOWN_PK_ALG ); +#if defined(MBEDTLS_ECP_C) + if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == NULL ) + return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); - if( ( ret = pk_init_ctx( pk, pk_info ) ) != 0 || - ( ret = pk_parse_key_sec1_der( pk_ec( *pk ), key, keylen ) ) == 0 ) + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 || + ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), key, keylen ) ) == 0 ) { return( 0 ); } - pk_free( pk ); -#endif /* POLARSSL_ECP_C */ + mbedtls_pk_free( pk ); +#endif /* MBEDTLS_ECP_C */ - return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT ); + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); } /* * Parse a public key */ -int pk_parse_public_key( pk_context *ctx, +int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, const unsigned char *key, size_t keylen ) { int ret; unsigned char *p; -#if defined(POLARSSL_PEM_PARSE_C) +#if defined(MBEDTLS_PEM_PARSE_C) size_t len; - pem_context pem; + mbedtls_pem_context pem; - pem_init( &pem ); - ret = pem_read_buffer( &pem, - "-----BEGIN PUBLIC KEY-----", - "-----END PUBLIC KEY-----", - key, NULL, 0, &len ); + mbedtls_pem_init( &pem ); + + /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ + if( keylen == 0 || key[keylen - 1] != '\0' ) + ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + else + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN PUBLIC KEY-----", + "-----END PUBLIC KEY-----", + key, NULL, 0, &len ); if( ret == 0 ) { @@ -1244,21 +1273,21 @@ int pk_parse_public_key( pk_context *ctx, key = pem.buf; keylen = pem.buflen; } - else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) { - pem_free( &pem ); + mbedtls_pem_free( &pem ); return( ret ); } -#endif /* POLARSSL_PEM_PARSE_C */ +#endif /* MBEDTLS_PEM_PARSE_C */ p = (unsigned char *) key; - ret = pk_parse_subpubkey( &p, p + keylen, ctx ); + ret = mbedtls_pk_parse_subpubkey( &p, p + keylen, ctx ); -#if defined(POLARSSL_PEM_PARSE_C) - pem_free( &pem ); +#if defined(MBEDTLS_PEM_PARSE_C) + mbedtls_pem_free( &pem ); #endif return( ret ); } -#endif /* POLARSSL_PK_PARSE_C */ +#endif /* MBEDTLS_PK_PARSE_C */ diff --git a/ext/mbedtls/library/pkwrite.c b/ext/mbedtls/library/pkwrite.c index 35dbd0b755..a8cbd6b952 100644 --- a/ext/mbedtls/library/pkwrite.c +++ b/ext/mbedtls/library/pkwrite.c @@ -20,42 +20,42 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PK_WRITE_C) +#if defined(MBEDTLS_PK_WRITE_C) -#include "polarssl/pk.h" -#include "polarssl/asn1write.h" -#include "polarssl/oid.h" +#include "mbedtls/pk.h" +#include "mbedtls/asn1write.h" +#include "mbedtls/oid.h" #include -#if defined(POLARSSL_RSA_C) -#include "polarssl/rsa.h" +#if defined(MBEDTLS_RSA_C) +#include "mbedtls/rsa.h" #endif -#if defined(POLARSSL_ECP_C) -#include "polarssl/ecp.h" +#if defined(MBEDTLS_ECP_C) +#include "mbedtls/ecp.h" #endif -#if defined(POLARSSL_ECDSA_C) -#include "polarssl/ecdsa.h" +#if defined(MBEDTLS_ECDSA_C) +#include "mbedtls/ecdsa.h" #endif -#if defined(POLARSSL_PEM_WRITE_C) -#include "polarssl/pem.h" +#if defined(MBEDTLS_PEM_WRITE_C) +#include "mbedtls/pem.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_calloc calloc +#define mbedtls_free free #endif -#if defined(POLARSSL_RSA_C) +#if defined(MBEDTLS_RSA_C) /* * RSAPublicKey ::= SEQUENCE { * modulus INTEGER, -- n @@ -63,42 +63,42 @@ * } */ static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start, - rsa_context *rsa ) + mbedtls_rsa_context *rsa ) { int ret; size_t len = 0; - ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->E ) ); - ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->N ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( p, start, &rsa->E ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( p, start, &rsa->N ) ); - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); return( (int) len ); } -#endif /* POLARSSL_RSA_C */ +#endif /* MBEDTLS_RSA_C */ -#if defined(POLARSSL_ECP_C) +#if defined(MBEDTLS_ECP_C) /* * EC public key is an EC point */ static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start, - ecp_keypair *ec ) + mbedtls_ecp_keypair *ec ) { int ret; size_t len = 0; - unsigned char buf[POLARSSL_ECP_MAX_PT_LEN]; + unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN]; - if( ( ret = ecp_point_write_binary( &ec->grp, &ec->Q, - POLARSSL_ECP_PF_UNCOMPRESSED, + if( ( ret = mbedtls_ecp_point_write_binary( &ec->grp, &ec->Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof( buf ) ) ) != 0 ) { return( ret ); } if( *p - start < (int) len ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); *p -= len; memcpy( *p, buf, len ); @@ -112,44 +112,44 @@ static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start, * } */ static int pk_write_ec_param( unsigned char **p, unsigned char *start, - ecp_keypair *ec ) + mbedtls_ecp_keypair *ec ) { int ret; size_t len = 0; const char *oid; size_t oid_len; - if( ( ret = oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 ) + if( ( ret = mbedtls_oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 ) return( ret ); - ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) ); return( (int) len ); } -#endif /* POLARSSL_ECP_C */ +#endif /* MBEDTLS_ECP_C */ -int pk_write_pubkey( unsigned char **p, unsigned char *start, - const pk_context *key ) +int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, + const mbedtls_pk_context *key ) { int ret; size_t len = 0; -#if defined(POLARSSL_RSA_C) - if( pk_get_type( key ) == POLARSSL_PK_RSA ) - ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, pk_rsa( *key ) ) ); +#if defined(MBEDTLS_RSA_C) + if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA ) + MBEDTLS_ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, mbedtls_pk_rsa( *key ) ) ); else #endif -#if defined(POLARSSL_ECP_C) - if( pk_get_type( key ) == POLARSSL_PK_ECKEY ) - ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, pk_ec( *key ) ) ); +#if defined(MBEDTLS_ECP_C) + if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY ) + MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, mbedtls_pk_ec( *key ) ) ); else #endif - return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); return( (int) len ); } -int pk_write_pubkey_der( pk_context *key, unsigned char *buf, size_t size ) +int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { int ret; unsigned char *c; @@ -158,10 +158,10 @@ int pk_write_pubkey_der( pk_context *key, unsigned char *buf, size_t size ) c = buf + size; - ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, key ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) ); if( c - buf < 1 ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); /* * SubjectPublicKeyInfo ::= SEQUENCE { @@ -171,63 +171,63 @@ int pk_write_pubkey_der( pk_context *key, unsigned char *buf, size_t size ) *--c = 0; len += 1; - ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) ); - if( ( ret = oid_get_oid_by_pk_alg( pk_get_type( key ), + if( ( ret = mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_get_type( key ), &oid, &oid_len ) ) != 0 ) { return( ret ); } -#if defined(POLARSSL_ECP_C) - if( pk_get_type( key ) == POLARSSL_PK_ECKEY ) +#if defined(MBEDTLS_ECP_C) + if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY ) { - ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, pk_ec( *key ) ) ); + MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, mbedtls_pk_ec( *key ) ) ); } #endif - ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, buf, oid, oid_len, + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, buf, oid, oid_len, par_len ) ); - ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); return( (int) len ); } -int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size ) +int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { int ret; unsigned char *c = buf + size; size_t len = 0; -#if defined(POLARSSL_RSA_C) - if( pk_get_type( key ) == POLARSSL_PK_RSA ) +#if defined(MBEDTLS_RSA_C) + if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA ) { - rsa_context *rsa = pk_rsa( *key ); - - ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->QP ) ); - ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DQ ) ); - ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DP ) ); - ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->Q ) ); - ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->P ) ); - ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->D ) ); - ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->E ) ); - ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->N ) ); - ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 0 ) ); - - ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *key ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->QP ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->DQ ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->DP ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->Q ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->P ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->D ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->E ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->N ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) ); + + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); } else -#endif /* POLARSSL_RSA_C */ -#if defined(POLARSSL_ECP_C) - if( pk_get_type( key ) == POLARSSL_PK_ECKEY ) +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECP_C) + if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY ) { - ecp_keypair *ec = pk_ec( *key ); + mbedtls_ecp_keypair *ec = mbedtls_pk_ec( *key ); size_t pub_len = 0, par_len = 0; /* @@ -242,48 +242,48 @@ int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size ) */ /* publicKey */ - ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) ); + MBEDTLS_ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) ); if( c - buf < 1 ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); *--c = 0; pub_len += 1; - ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) ); - ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) ); + MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) ); + MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) ); - ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) ); - ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ); + MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) ); + MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ); len += pub_len; /* parameters */ - ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) ); + MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) ); - ASN1_CHK_ADD( par_len, asn1_write_len( &c, buf, par_len ) ); - ASN1_CHK_ADD( par_len, asn1_write_tag( &c, buf, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ); + MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_len( &c, buf, par_len ) ); + MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_tag( &c, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ); len += par_len; /* privateKey: write as MPI then fix tag */ - ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &ec->d ) ); - *c = ASN1_OCTET_STRING; + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &ec->d ) ); + *c = MBEDTLS_ASN1_OCTET_STRING; /* version */ - ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 1 ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 1 ) ); - ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); } else -#endif /* POLARSSL_ECP_C */ - return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE ); +#endif /* MBEDTLS_ECP_C */ + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); return( (int) len ); } -#if defined(POLARSSL_PEM_WRITE_C) +#if defined(MBEDTLS_PEM_WRITE_C) #define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----\n" #define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----\n" @@ -297,7 +297,7 @@ int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size ) * Max sizes of key per types. Shown as tag + len (+ content). */ -#if defined(POLARSSL_RSA_C) +#if defined(MBEDTLS_RSA_C) /* * RSA public keys: * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 3 @@ -310,7 +310,7 @@ int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size ) * publicExponent INTEGER -- e 1 + 3 + MPI_MAX + 1 * } */ -#define RSA_PUB_DER_MAX_BYTES 38 + 2 * POLARSSL_MPI_MAX_SIZE +#define RSA_PUB_DER_MAX_BYTES 38 + 2 * MBEDTLS_MPI_MAX_SIZE /* * RSA private keys: @@ -327,19 +327,19 @@ int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size ) * otherPrimeInfos OtherPrimeInfos OPTIONAL 0 (not supported) * } */ -#define MPI_MAX_SIZE_2 POLARSSL_MPI_MAX_SIZE / 2 + \ - POLARSSL_MPI_MAX_SIZE % 2 -#define RSA_PRV_DER_MAX_BYTES 47 + 3 * POLARSSL_MPI_MAX_SIZE \ +#define MPI_MAX_SIZE_2 MBEDTLS_MPI_MAX_SIZE / 2 + \ + MBEDTLS_MPI_MAX_SIZE % 2 +#define RSA_PRV_DER_MAX_BYTES 47 + 3 * MBEDTLS_MPI_MAX_SIZE \ + 5 * MPI_MAX_SIZE_2 -#else /* POLARSSL_RSA_C */ +#else /* MBEDTLS_RSA_C */ #define RSA_PUB_DER_MAX_BYTES 0 #define RSA_PRV_DER_MAX_BYTES 0 -#endif /* POLARSSL_RSA_C */ +#endif /* MBEDTLS_RSA_C */ -#if defined(POLARSSL_ECP_C) +#if defined(MBEDTLS_ECP_C) /* * EC public keys: * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 2 @@ -351,7 +351,7 @@ int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size ) * + 2 * ECP_MAX (coords) [1] * } */ -#define ECP_PUB_DER_MAX_BYTES 30 + 2 * POLARSSL_ECP_MAX_BYTES +#define ECP_PUB_DER_MAX_BYTES 30 + 2 * MBEDTLS_ECP_MAX_BYTES /* * EC private keys: @@ -362,33 +362,33 @@ int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size ) * publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above * } */ -#define ECP_PRV_DER_MAX_BYTES 29 + 3 * POLARSSL_ECP_MAX_BYTES +#define ECP_PRV_DER_MAX_BYTES 29 + 3 * MBEDTLS_ECP_MAX_BYTES -#else /* POLARSSL_ECP_C */ +#else /* MBEDTLS_ECP_C */ #define ECP_PUB_DER_MAX_BYTES 0 #define ECP_PRV_DER_MAX_BYTES 0 -#endif /* POLARSSL_ECP_C */ +#endif /* MBEDTLS_ECP_C */ #define PUB_DER_MAX_BYTES RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \ RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES #define PRV_DER_MAX_BYTES RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \ RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES -int pk_write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size ) +int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { int ret; unsigned char output_buf[PUB_DER_MAX_BYTES]; size_t olen = 0; - if( ( ret = pk_write_pubkey_der( key, output_buf, + if( ( ret = mbedtls_pk_write_pubkey_der( key, output_buf, sizeof(output_buf) ) ) < 0 ) { return( ret ); } - if( ( ret = pem_write_buffer( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, + if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, output_buf + sizeof(output_buf) - ret, ret, buf, size, &olen ) ) != 0 ) { @@ -398,35 +398,35 @@ int pk_write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size ) return( 0 ); } -int pk_write_key_pem( pk_context *key, unsigned char *buf, size_t size ) +int mbedtls_pk_write_key_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { int ret; unsigned char output_buf[PRV_DER_MAX_BYTES]; const char *begin, *end; size_t olen = 0; - if( ( ret = pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 ) + if( ( ret = mbedtls_pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 ) return( ret ); -#if defined(POLARSSL_RSA_C) - if( pk_get_type( key ) == POLARSSL_PK_RSA ) +#if defined(MBEDTLS_RSA_C) + if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA ) { begin = PEM_BEGIN_PRIVATE_KEY_RSA; end = PEM_END_PRIVATE_KEY_RSA; } else #endif -#if defined(POLARSSL_ECP_C) - if( pk_get_type( key ) == POLARSSL_PK_ECKEY ) +#if defined(MBEDTLS_ECP_C) + if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY ) { begin = PEM_BEGIN_PRIVATE_KEY_EC; end = PEM_END_PRIVATE_KEY_EC; } else #endif - return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); - if( ( ret = pem_write_buffer( begin, end, + if( ( ret = mbedtls_pem_write_buffer( begin, end, output_buf + sizeof(output_buf) - ret, ret, buf, size, &olen ) ) != 0 ) { @@ -435,6 +435,6 @@ int pk_write_key_pem( pk_context *key, unsigned char *buf, size_t size ) return( 0 ); } -#endif /* POLARSSL_PEM_WRITE_C */ +#endif /* MBEDTLS_PEM_WRITE_C */ -#endif /* POLARSSL_PK_WRITE_C */ +#endif /* MBEDTLS_PK_WRITE_C */ diff --git a/ext/mbedtls/library/platform.c b/ext/mbedtls/library/platform.c index a36dc62ab9..3161a4c007 100644 --- a/ext/mbedtls/library/platform.c +++ b/ext/mbedtls/library/platform.c @@ -20,50 +20,79 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_PLATFORM_C) +#if defined(MBEDTLS_PLATFORM_C) -#include "polarssl/platform.h" +#include "mbedtls/platform.h" -#if defined(POLARSSL_PLATFORM_MEMORY) -#if !defined(POLARSSL_PLATFORM_STD_MALLOC) -static void *platform_malloc_uninit( size_t len ) +#if defined(MBEDTLS_PLATFORM_MEMORY) +#if !defined(MBEDTLS_PLATFORM_STD_CALLOC) +static void *platform_calloc_uninit( size_t n, size_t size ) { - ((void) len); + ((void) n); + ((void) size); return( NULL ); } -#define POLARSSL_PLATFORM_STD_MALLOC platform_malloc_uninit -#endif /* !POLARSSL_PLATFORM_STD_MALLOC */ +#define MBEDTLS_PLATFORM_STD_CALLOC platform_calloc_uninit +#endif /* !MBEDTLS_PLATFORM_STD_CALLOC */ -#if !defined(POLARSSL_PLATFORM_STD_FREE) +#if !defined(MBEDTLS_PLATFORM_STD_FREE) static void platform_free_uninit( void *ptr ) { ((void) ptr); } -#define POLARSSL_PLATFORM_STD_FREE platform_free_uninit -#endif /* !POLARSSL_PLATFORM_STD_FREE */ +#define MBEDTLS_PLATFORM_STD_FREE platform_free_uninit +#endif /* !MBEDTLS_PLATFORM_STD_FREE */ -void * (*polarssl_malloc)( size_t ) = POLARSSL_PLATFORM_STD_MALLOC; -void (*polarssl_free)( void * ) = POLARSSL_PLATFORM_STD_FREE; +void * (*mbedtls_calloc)( size_t, size_t ) = MBEDTLS_PLATFORM_STD_CALLOC; +void (*mbedtls_free)( void * ) = MBEDTLS_PLATFORM_STD_FREE; -int platform_set_malloc_free( void * (*malloc_func)( size_t ), +int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), void (*free_func)( void * ) ) { - polarssl_malloc = malloc_func; - polarssl_free = free_func; + mbedtls_calloc = calloc_func; + mbedtls_free = free_func; return( 0 ); } -#endif /* POLARSSL_PLATFORM_MEMORY */ +#endif /* MBEDTLS_PLATFORM_MEMORY */ + +#if defined(_WIN32) +#include +int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ) +{ + int ret; + va_list argp; + + /* Avoid calling the invalid parameter handler by checking ourselves */ + if( s == NULL || n == 0 || fmt == NULL ) + return( -1 ); + + va_start( argp, fmt ); +#if defined(_TRUNCATE) + ret = _vsnprintf_s( s, n, _TRUNCATE, fmt, argp ); +#else + ret = _vsnprintf( s, n, fmt, argp ); + if( ret < 0 || (size_t) ret == n ) + { + s[n-1] = '\0'; + ret = -1; + } +#endif + va_end( argp ); + + return( ret ); +} +#endif -#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) -#if !defined(POLARSSL_PLATFORM_STD_SNPRINTF) +#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) +#if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF) /* * Make dummy function to prevent NULL pointer dereferences */ @@ -76,24 +105,24 @@ static int platform_snprintf_uninit( char * s, size_t n, return( 0 ); } -#define POLARSSL_PLATFORM_STD_SNPRINTF platform_snprintf_uninit -#endif /* !POLARSSL_PLATFORM_STD_SNPRINTF */ +#define MBEDTLS_PLATFORM_STD_SNPRINTF platform_snprintf_uninit +#endif /* !MBEDTLS_PLATFORM_STD_SNPRINTF */ -int (*polarssl_snprintf)( char * s, size_t n, +int (*mbedtls_snprintf)( char * s, size_t n, const char * format, - ... ) = POLARSSL_PLATFORM_STD_SNPRINTF; + ... ) = MBEDTLS_PLATFORM_STD_SNPRINTF; -int platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, +int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, const char * format, ... ) ) { - polarssl_snprintf = snprintf_func; + mbedtls_snprintf = snprintf_func; return( 0 ); } -#endif /* POLARSSL_PLATFORM_SNPRINTF_ALT */ +#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ -#if defined(POLARSSL_PLATFORM_PRINTF_ALT) -#if !defined(POLARSSL_PLATFORM_STD_PRINTF) +#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) +#if !defined(MBEDTLS_PLATFORM_STD_PRINTF) /* * Make dummy function to prevent NULL pointer dereferences */ @@ -103,20 +132,20 @@ static int platform_printf_uninit( const char *format, ... ) return( 0 ); } -#define POLARSSL_PLATFORM_STD_PRINTF platform_printf_uninit -#endif /* !POLARSSL_PLATFORM_STD_PRINTF */ +#define MBEDTLS_PLATFORM_STD_PRINTF platform_printf_uninit +#endif /* !MBEDTLS_PLATFORM_STD_PRINTF */ -int (*polarssl_printf)( const char *, ... ) = POLARSSL_PLATFORM_STD_PRINTF; +int (*mbedtls_printf)( const char *, ... ) = MBEDTLS_PLATFORM_STD_PRINTF; -int platform_set_printf( int (*printf_func)( const char *, ... ) ) +int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ) { - polarssl_printf = printf_func; + mbedtls_printf = printf_func; return( 0 ); } -#endif /* POLARSSL_PLATFORM_PRINTF_ALT */ +#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ -#if defined(POLARSSL_PLATFORM_FPRINTF_ALT) -#if !defined(POLARSSL_PLATFORM_STD_FPRINTF) +#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) +#if !defined(MBEDTLS_PLATFORM_STD_FPRINTF) /* * Make dummy function to prevent NULL pointer dereferences */ @@ -127,21 +156,21 @@ static int platform_fprintf_uninit( FILE *stream, const char *format, ... ) return( 0 ); } -#define POLARSSL_PLATFORM_STD_FPRINTF platform_fprintf_uninit -#endif /* !POLARSSL_PLATFORM_STD_FPRINTF */ +#define MBEDTLS_PLATFORM_STD_FPRINTF platform_fprintf_uninit +#endif /* !MBEDTLS_PLATFORM_STD_FPRINTF */ -int (*polarssl_fprintf)( FILE *, const char *, ... ) = - POLARSSL_PLATFORM_STD_FPRINTF; +int (*mbedtls_fprintf)( FILE *, const char *, ... ) = + MBEDTLS_PLATFORM_STD_FPRINTF; -int platform_set_fprintf( int (*fprintf_func)( FILE *, const char *, ... ) ) +int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *, const char *, ... ) ) { - polarssl_fprintf = fprintf_func; + mbedtls_fprintf = fprintf_func; return( 0 ); } -#endif /* POLARSSL_PLATFORM_FPRINTF_ALT */ +#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ -#if defined(POLARSSL_PLATFORM_EXIT_ALT) -#if !defined(POLARSSL_PLATFORM_STD_EXIT) +#if defined(MBEDTLS_PLATFORM_EXIT_ALT) +#if !defined(MBEDTLS_PLATFORM_STD_EXIT) /* * Make dummy function to prevent NULL pointer dereferences */ @@ -150,16 +179,16 @@ static void platform_exit_uninit( int status ) ((void) status); } -#define POLARSSL_PLATFORM_STD_EXIT platform_exit_uninit -#endif /* !POLARSSL_PLATFORM_STD_EXIT */ +#define MBEDTLS_PLATFORM_STD_EXIT platform_exit_uninit +#endif /* !MBEDTLS_PLATFORM_STD_EXIT */ -void (*polarssl_exit)( int status ) = POLARSSL_PLATFORM_STD_EXIT; +void (*mbedtls_exit)( int status ) = MBEDTLS_PLATFORM_STD_EXIT; -int platform_set_exit( void (*exit_func)( int status ) ) +int mbedtls_platform_set_exit( void (*exit_func)( int status ) ) { - polarssl_exit = exit_func; + mbedtls_exit = exit_func; return( 0 ); } -#endif /* POLARSSL_PLATFORM_EXIT_ALT */ +#endif /* MBEDTLS_PLATFORM_EXIT_ALT */ -#endif /* POLARSSL_PLATFORM_C */ +#endif /* MBEDTLS_PLATFORM_C */ diff --git a/ext/mbedtls/library/ripemd160.c b/ext/mbedtls/library/ripemd160.c index 2c196f42b9..ecaeea00ad 100644 --- a/ext/mbedtls/library/ripemd160.c +++ b/ext/mbedtls/library/ripemd160.c @@ -22,34 +22,30 @@ /* * The RIPEMD-160 algorithm was designed by RIPE in 1996 - * http://homes.esat.kuleuven.be/~bosselae/ripemd160.html + * http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html * http://ehash.iaik.tugraz.at/wiki/RIPEMD-160 */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_RIPEMD160_C) +#if defined(MBEDTLS_RIPEMD160_C) -#include "polarssl/ripemd160.h" +#include "mbedtls/ripemd160.h" #include -#if defined(POLARSSL_FS_IO) -#include -#endif - -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ /* * 32-bit integer manipulation macros (little endian) @@ -75,27 +71,33 @@ #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -void ripemd160_init( ripemd160_context *ctx ) +void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx ) { - memset( ctx, 0, sizeof( ripemd160_context ) ); + memset( ctx, 0, sizeof( mbedtls_ripemd160_context ) ); } -void ripemd160_free( ripemd160_context *ctx ) +void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( ripemd160_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_ripemd160_context ) ); +} + +void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, + const mbedtls_ripemd160_context *src ) +{ + *dst = *src; } /* * RIPEMD-160 context setup */ -void ripemd160_starts( ripemd160_context *ctx ) +void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx ) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -107,10 +109,11 @@ void ripemd160_starts( ripemd160_context *ctx ) ctx->state[4] = 0xC3D2E1F0; } +#if !defined(MBEDTLS_RIPEMD160_PROCESS_ALT) /* * Process one block */ -void ripemd160_process( ripemd160_context *ctx, const unsigned char data[64] ) +void mbedtls_ripemd160_process( mbedtls_ripemd160_context *ctx, const unsigned char data[64] ) { uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16]; @@ -286,11 +289,12 @@ void ripemd160_process( ripemd160_context *ctx, const unsigned char data[64] ) ctx->state[4] = ctx->state[0] + B + Cp; ctx->state[0] = C; } +#endif /* !MBEDTLS_RIPEMD160_PROCESS_ALT */ /* * RIPEMD-160 process buffer */ -void ripemd160_update( ripemd160_context *ctx, +void mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx, const unsigned char *input, size_t ilen ) { size_t fill; @@ -311,7 +315,7 @@ void ripemd160_update( ripemd160_context *ctx, if( left && ilen >= fill ) { memcpy( (void *) (ctx->buffer + left), input, fill ); - ripemd160_process( ctx, ctx->buffer ); + mbedtls_ripemd160_process( ctx, ctx->buffer ); input += fill; ilen -= fill; left = 0; @@ -319,7 +323,7 @@ void ripemd160_update( ripemd160_context *ctx, while( ilen >= 64 ) { - ripemd160_process( ctx, input ); + mbedtls_ripemd160_process( ctx, input ); input += 64; ilen -= 64; } @@ -341,7 +345,7 @@ static const unsigned char ripemd160_padding[64] = /* * RIPEMD-160 final digest */ -void ripemd160_finish( ripemd160_context *ctx, unsigned char output[20] ) +void mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, unsigned char output[20] ) { uint32_t last, padn; uint32_t high, low; @@ -357,8 +361,8 @@ void ripemd160_finish( ripemd160_context *ctx, unsigned char output[20] ) last = ctx->total[0] & 0x3F; padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - ripemd160_update( ctx, ripemd160_padding, padn ); - ripemd160_update( ctx, msglen, 8 ); + mbedtls_ripemd160_update( ctx, ripemd160_padding, padn ); + mbedtls_ripemd160_update( ctx, msglen, 8 ); PUT_UINT32_LE( ctx->state[0], output, 0 ); PUT_UINT32_LE( ctx->state[1], output, 4 ); @@ -370,138 +374,22 @@ void ripemd160_finish( ripemd160_context *ctx, unsigned char output[20] ) /* * output = RIPEMD-160( input buffer ) */ -void ripemd160( const unsigned char *input, size_t ilen, +void mbedtls_ripemd160( const unsigned char *input, size_t ilen, unsigned char output[20] ) { - ripemd160_context ctx; - - ripemd160_init( &ctx ); - ripemd160_starts( &ctx ); - ripemd160_update( &ctx, input, ilen ); - ripemd160_finish( &ctx, output ); - ripemd160_free( &ctx ); -} - -#if defined(POLARSSL_FS_IO) -/* - * output = RIPEMD-160( file contents ) - */ -int ripemd160_file( const char *path, unsigned char output[20] ) -{ - FILE *f; - size_t n; - ripemd160_context ctx; - unsigned char buf[1024]; - - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR ); - - ripemd160_init( &ctx ); - ripemd160_starts( &ctx ); - - while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - ripemd160_update( &ctx, buf, n ); - - ripemd160_finish( &ctx, output ); - ripemd160_free( &ctx ); - - if( ferror( f ) != 0 ) - { - fclose( f ); - return( POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR ); - } - - fclose( f ); - return( 0 ); -} -#endif /* POLARSSL_FS_IO */ - -/* - * RIPEMD-160 HMAC context setup - */ -void ripemd160_hmac_starts( ripemd160_context *ctx, - const unsigned char *key, size_t keylen ) -{ - size_t i; - unsigned char sum[20]; - - if( keylen > 64 ) - { - ripemd160( key, keylen, sum ); - keylen = 20; - key = sum; - } + mbedtls_ripemd160_context ctx; - memset( ctx->ipad, 0x36, 64 ); - memset( ctx->opad, 0x5C, 64 ); - - for( i = 0; i < keylen; i++ ) - { - ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); - ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); - } - - ripemd160_starts( ctx ); - ripemd160_update( ctx, ctx->ipad, 64 ); - - polarssl_zeroize( sum, sizeof( sum ) ); + mbedtls_ripemd160_init( &ctx ); + mbedtls_ripemd160_starts( &ctx ); + mbedtls_ripemd160_update( &ctx, input, ilen ); + mbedtls_ripemd160_finish( &ctx, output ); + mbedtls_ripemd160_free( &ctx ); } -/* - * RIPEMD-160 HMAC process buffer - */ -void ripemd160_hmac_update( ripemd160_context *ctx, - const unsigned char *input, size_t ilen ) -{ - ripemd160_update( ctx, input, ilen ); -} - -/* - * RIPEMD-160 HMAC final digest - */ -void ripemd160_hmac_finish( ripemd160_context *ctx, unsigned char output[20] ) -{ - unsigned char tmpbuf[20]; - - ripemd160_finish( ctx, tmpbuf ); - ripemd160_starts( ctx ); - ripemd160_update( ctx, ctx->opad, 64 ); - ripemd160_update( ctx, tmpbuf, 20 ); - ripemd160_finish( ctx, output ); - - polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) ); -} - -/* - * RIPEMD-160 HMAC context reset - */ -void ripemd160_hmac_reset( ripemd160_context *ctx ) -{ - ripemd160_starts( ctx ); - ripemd160_update( ctx, ctx->ipad, 64 ); -} - -/* - * output = HMAC-RIPEMD-160( hmac key, input buffer ) - */ -void ripemd160_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[20] ) -{ - ripemd160_context ctx; - - ripemd160_init( &ctx ); - ripemd160_hmac_starts( &ctx, key, keylen ); - ripemd160_hmac_update( &ctx, input, ilen ); - ripemd160_hmac_finish( &ctx, output ); - ripemd160_free( &ctx ); -} - - -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * Test vectors from the RIPEMD-160 paper and - * http://homes.esat.kuleuven.be/~bosselae/ripemd160.html#HMAC + * http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html#HMAC */ #define TESTS 8 #define KEYS 2 @@ -538,60 +426,12 @@ static const unsigned char ripemd160_test_md[TESTS][20] = 0xd3, 0x32, 0x3c, 0xab, 0x82, 0xbf, 0x63, 0x32, 0x6b, 0xfb }, }; -static const unsigned char ripemd160_test_hmac[KEYS][TESTS][20] = -{ - { - { 0xcf, 0x38, 0x76, 0x77, 0xbf, 0xda, 0x84, 0x83, 0xe6, 0x3b, - 0x57, 0xe0, 0x6c, 0x3b, 0x5e, 0xcd, 0x8b, 0x7f, 0xc0, 0x55 }, - { 0x0d, 0x35, 0x1d, 0x71, 0xb7, 0x8e, 0x36, 0xdb, 0xb7, 0x39, - 0x1c, 0x81, 0x0a, 0x0d, 0x2b, 0x62, 0x40, 0xdd, 0xba, 0xfc }, - { 0xf7, 0xef, 0x28, 0x8c, 0xb1, 0xbb, 0xcc, 0x61, 0x60, 0xd7, - 0x65, 0x07, 0xe0, 0xa3, 0xbb, 0xf7, 0x12, 0xfb, 0x67, 0xd6 }, - { 0xf8, 0x36, 0x62, 0xcc, 0x8d, 0x33, 0x9c, 0x22, 0x7e, 0x60, - 0x0f, 0xcd, 0x63, 0x6c, 0x57, 0xd2, 0x57, 0x1b, 0x1c, 0x34 }, - { 0x84, 0x3d, 0x1c, 0x4e, 0xb8, 0x80, 0xac, 0x8a, 0xc0, 0xc9, - 0xc9, 0x56, 0x96, 0x50, 0x79, 0x57, 0xd0, 0x15, 0x5d, 0xdb }, - { 0x60, 0xf5, 0xef, 0x19, 0x8a, 0x2d, 0xd5, 0x74, 0x55, 0x45, - 0xc1, 0xf0, 0xc4, 0x7a, 0xa3, 0xfb, 0x57, 0x76, 0xf8, 0x81 }, - { 0xe4, 0x9c, 0x13, 0x6a, 0x9e, 0x56, 0x27, 0xe0, 0x68, 0x1b, - 0x80, 0x8a, 0x3b, 0x97, 0xe6, 0xa6, 0xe6, 0x61, 0xae, 0x79 }, - { 0x31, 0xbe, 0x3c, 0xc9, 0x8c, 0xee, 0x37, 0xb7, 0x9b, 0x06, - 0x19, 0xe3, 0xe1, 0xc2, 0xbe, 0x4f, 0x1a, 0xa5, 0x6e, 0x6c }, - }, - { - { 0xfe, 0x69, 0xa6, 0x6c, 0x74, 0x23, 0xee, 0xa9, 0xc8, 0xfa, - 0x2e, 0xff, 0x8d, 0x9d, 0xaf, 0xb4, 0xf1, 0x7a, 0x62, 0xf5 }, - { 0x85, 0x74, 0x3e, 0x89, 0x9b, 0xc8, 0x2d, 0xbf, 0xa3, 0x6f, - 0xaa, 0xa7, 0xa2, 0x5b, 0x7c, 0xfd, 0x37, 0x24, 0x32, 0xcd }, - { 0x6e, 0x4a, 0xfd, 0x50, 0x1f, 0xa6, 0xb4, 0xa1, 0x82, 0x3c, - 0xa3, 0xb1, 0x0b, 0xd9, 0xaa, 0x0b, 0xa9, 0x7b, 0xa1, 0x82 }, - { 0x2e, 0x06, 0x6e, 0x62, 0x4b, 0xad, 0xb7, 0x6a, 0x18, 0x4c, - 0x8f, 0x90, 0xfb, 0xa0, 0x53, 0x33, 0x0e, 0x65, 0x0e, 0x92 }, - { 0x07, 0xe9, 0x42, 0xaa, 0x4e, 0x3c, 0xd7, 0xc0, 0x4d, 0xed, - 0xc1, 0xd4, 0x6e, 0x2e, 0x8c, 0xc4, 0xc7, 0x41, 0xb3, 0xd9 }, - { 0xb6, 0x58, 0x23, 0x18, 0xdd, 0xcf, 0xb6, 0x7a, 0x53, 0xa6, - 0x7d, 0x67, 0x6b, 0x8a, 0xd8, 0x69, 0xad, 0xed, 0x62, 0x9a }, - { 0xf1, 0xbe, 0x3e, 0xe8, 0x77, 0x70, 0x31, 0x40, 0xd3, 0x4f, - 0x97, 0xea, 0x1a, 0xb3, 0xa0, 0x7c, 0x14, 0x13, 0x33, 0xe2 }, - { 0x85, 0xf1, 0x64, 0x70, 0x3e, 0x61, 0xa6, 0x31, 0x31, 0xbe, - 0x7e, 0x45, 0x95, 0x8e, 0x07, 0x94, 0x12, 0x39, 0x04, 0xf9 }, - }, -}; - -static const unsigned char ripemd160_test_key[KEYS][20] = -{ - { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, - 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x01, 0x23, 0x45, 0x67 }, - { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, - 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, 0x00, 0x11, 0x22, 0x33 }, -}; - /* * Checkup routine */ -int ripemd160_self_test( int verbose ) +int mbedtls_ripemd160_self_test( int verbose ) { - int i, j; + int i; unsigned char output[20]; memset( output, 0, sizeof output ); @@ -599,53 +439,27 @@ int ripemd160_self_test( int verbose ) for( i = 0; i < TESTS; i++ ) { if( verbose != 0 ) - polarssl_printf( " RIPEMD-160 test #%d: ", i + 1 ); + mbedtls_printf( " RIPEMD-160 test #%d: ", i + 1 ); - ripemd160( (const unsigned char *) ripemd160_test_input[i], + mbedtls_ripemd160( (const unsigned char *) ripemd160_test_input[i], strlen( ripemd160_test_input[i] ), output ); if( memcmp( output, ripemd160_test_md[i], 20 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) - polarssl_printf( "passed\n" ); - - for( j = 0; j < KEYS; j++ ) - { - if( verbose != 0 ) - polarssl_printf( " HMAC-RIPEMD-160 test #%d, key #%d: ", - i + 1, j + 1 ); - - ripemd160_hmac( ripemd160_test_key[j], 20, - (const unsigned char *) ripemd160_test_input[i], - strlen( ripemd160_test_input[i] ), - output ); - - if( memcmp( output, ripemd160_test_hmac[j][i], 20 ) != 0 ) - { - if( verbose != 0 ) - polarssl_printf( "failed\n" ); - - return( 1 ); - } - - if( verbose != 0 ) - polarssl_printf( "passed\n" ); - } - - if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "passed\n" ); } return( 0 ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_RIPEMD160_C */ +#endif /* MBEDTLS_RIPEMD160_C */ diff --git a/ext/mbedtls/library/rsa.c b/ext/mbedtls/library/rsa.c index 8ffb3411aa..9f0d461863 100644 --- a/ext/mbedtls/library/rsa.c +++ b/ext/mbedtls/library/rsa.c @@ -26,107 +26,107 @@ * http://www.cacr.math.uwaterloo.ca/hac/about/chap8.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_RSA_C) +#if defined(MBEDTLS_RSA_C) -#include "polarssl/rsa.h" -#include "polarssl/oid.h" +#include "mbedtls/rsa.h" +#include "mbedtls/oid.h" #include -#if defined(POLARSSL_PKCS1_V21) -#include "polarssl/md.h" +#if defined(MBEDTLS_PKCS1_V21) +#include "mbedtls/md.h" #endif -#if defined(POLARSSL_PKCS1_V15) && !defined(__OpenBSD__) +#if defined(MBEDTLS_PKCS1_V15) && !defined(__OpenBSD__) #include #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf +#define mbedtls_printf printf #endif /* * Initialize an RSA context */ -void rsa_init( rsa_context *ctx, +void mbedtls_rsa_init( mbedtls_rsa_context *ctx, int padding, int hash_id ) { - memset( ctx, 0, sizeof( rsa_context ) ); + memset( ctx, 0, sizeof( mbedtls_rsa_context ) ); - rsa_set_padding( ctx, padding, hash_id ); + mbedtls_rsa_set_padding( ctx, padding, hash_id ); -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_init( &ctx->mutex ); +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &ctx->mutex ); #endif } /* * Set padding for an existing RSA context */ -void rsa_set_padding( rsa_context *ctx, int padding, int hash_id ) +void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int hash_id ) { ctx->padding = padding; ctx->hash_id = hash_id; } -#if defined(POLARSSL_GENPRIME) +#if defined(MBEDTLS_GENPRIME) /* * Generate an RSA keypair */ -int rsa_gen_key( rsa_context *ctx, +int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent ) { int ret; - mpi P1, Q1, H, G; + mbedtls_mpi P1, Q1, H, G; if( f_rng == NULL || nbits < 128 || exponent < 3 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); + mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 ); mbedtls_mpi_init( &H ); mbedtls_mpi_init( &G ); /* * find primes P and Q with Q < P so that: * GCD( E, (P-1)*(Q-1) ) == 1 */ - MPI_CHK( mpi_lset( &ctx->E, exponent ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->E, exponent ) ); do { - MPI_CHK( mpi_gen_prime( &ctx->P, ( nbits + 1 ) >> 1, 0, + MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, ( nbits + 1 ) >> 1, 0, f_rng, p_rng ) ); - MPI_CHK( mpi_gen_prime( &ctx->Q, ( nbits + 1 ) >> 1, 0, + MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, ( nbits + 1 ) >> 1, 0, f_rng, p_rng ) ); - if( mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 ) - mpi_swap( &ctx->P, &ctx->Q ); + if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 ) + mbedtls_mpi_swap( &ctx->P, &ctx->Q ); - if( mpi_cmp_mpi( &ctx->P, &ctx->Q ) == 0 ) + if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) == 0 ) continue; - MPI_CHK( mpi_mul_mpi( &ctx->N, &ctx->P, &ctx->Q ) ); - if( mpi_msb( &ctx->N ) != nbits ) + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, &ctx->Q ) ); + if( mbedtls_mpi_bitlen( &ctx->N ) != nbits ) continue; - MPI_CHK( mpi_sub_int( &P1, &ctx->P, 1 ) ); - MPI_CHK( mpi_sub_int( &Q1, &ctx->Q, 1 ) ); - MPI_CHK( mpi_mul_mpi( &H, &P1, &Q1 ) ); - MPI_CHK( mpi_gcd( &G, &ctx->E, &H ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &P1, &Q1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, &ctx->E, &H ) ); } - while( mpi_cmp_int( &G, 1 ) != 0 ); + while( mbedtls_mpi_cmp_int( &G, 1 ) != 0 ); /* * D = E^-1 mod ((P-1)*(Q-1)) @@ -134,47 +134,47 @@ int rsa_gen_key( rsa_context *ctx, * DQ = D mod (Q - 1) * QP = Q^-1 mod P */ - MPI_CHK( mpi_inv_mod( &ctx->D , &ctx->E, &H ) ); - MPI_CHK( mpi_mod_mpi( &ctx->DP, &ctx->D, &P1 ) ); - MPI_CHK( mpi_mod_mpi( &ctx->DQ, &ctx->D, &Q1 ) ); - MPI_CHK( mpi_inv_mod( &ctx->QP, &ctx->Q, &ctx->P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->D , &ctx->E, &H ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->DP, &ctx->D, &P1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->DQ, &ctx->D, &Q1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->QP, &ctx->Q, &ctx->P ) ); - ctx->len = ( mpi_msb( &ctx->N ) + 7 ) >> 3; + ctx->len = ( mbedtls_mpi_bitlen( &ctx->N ) + 7 ) >> 3; cleanup: - mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); + mbedtls_mpi_free( &P1 ); mbedtls_mpi_free( &Q1 ); mbedtls_mpi_free( &H ); mbedtls_mpi_free( &G ); if( ret != 0 ) { - rsa_free( ctx ); - return( POLARSSL_ERR_RSA_KEY_GEN_FAILED + ret ); + mbedtls_rsa_free( ctx ); + return( MBEDTLS_ERR_RSA_KEY_GEN_FAILED + ret ); } return( 0 ); } -#endif /* POLARSSL_GENPRIME */ +#endif /* MBEDTLS_GENPRIME */ /* * Check a public RSA key */ -int rsa_check_pubkey( const rsa_context *ctx ) +int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ) { if( !ctx->N.p || !ctx->E.p ) - return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); if( ( ctx->N.p[0] & 1 ) == 0 || ( ctx->E.p[0] & 1 ) == 0 ) - return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); - if( mpi_msb( &ctx->N ) < 128 || - mpi_msb( &ctx->N ) > POLARSSL_MPI_MAX_BITS ) - return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + if( mbedtls_mpi_bitlen( &ctx->N ) < 128 || + mbedtls_mpi_bitlen( &ctx->N ) > MBEDTLS_MPI_MAX_BITS ) + return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); - if( mpi_msb( &ctx->E ) < 2 || - mpi_cmp_mpi( &ctx->E, &ctx->N ) >= 0 ) - return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + if( mbedtls_mpi_bitlen( &ctx->E ) < 2 || + mbedtls_mpi_cmp_mpi( &ctx->E, &ctx->N ) >= 0 ) + return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); return( 0 ); } @@ -182,61 +182,61 @@ int rsa_check_pubkey( const rsa_context *ctx ) /* * Check a private RSA key */ -int rsa_check_privkey( const rsa_context *ctx ) +int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ) { int ret; - mpi PQ, DE, P1, Q1, H, I, G, G2, L1, L2, DP, DQ, QP; + mbedtls_mpi PQ, DE, P1, Q1, H, I, G, G2, L1, L2, DP, DQ, QP; - if( ( ret = rsa_check_pubkey( ctx ) ) != 0 ) + if( ( ret = mbedtls_rsa_check_pubkey( ctx ) ) != 0 ) return( ret ); if( !ctx->P.p || !ctx->Q.p || !ctx->D.p ) - return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); - - mpi_init( &PQ ); mpi_init( &DE ); mpi_init( &P1 ); mpi_init( &Q1 ); - mpi_init( &H ); mpi_init( &I ); mpi_init( &G ); mpi_init( &G2 ); - mpi_init( &L1 ); mpi_init( &L2 ); mpi_init( &DP ); mpi_init( &DQ ); - mpi_init( &QP ); - - MPI_CHK( mpi_mul_mpi( &PQ, &ctx->P, &ctx->Q ) ); - MPI_CHK( mpi_mul_mpi( &DE, &ctx->D, &ctx->E ) ); - MPI_CHK( mpi_sub_int( &P1, &ctx->P, 1 ) ); - MPI_CHK( mpi_sub_int( &Q1, &ctx->Q, 1 ) ); - MPI_CHK( mpi_mul_mpi( &H, &P1, &Q1 ) ); - MPI_CHK( mpi_gcd( &G, &ctx->E, &H ) ); - - MPI_CHK( mpi_gcd( &G2, &P1, &Q1 ) ); - MPI_CHK( mpi_div_mpi( &L1, &L2, &H, &G2 ) ); - MPI_CHK( mpi_mod_mpi( &I, &DE, &L1 ) ); - - MPI_CHK( mpi_mod_mpi( &DP, &ctx->D, &P1 ) ); - MPI_CHK( mpi_mod_mpi( &DQ, &ctx->D, &Q1 ) ); - MPI_CHK( mpi_inv_mod( &QP, &ctx->Q, &ctx->P ) ); + return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + + mbedtls_mpi_init( &PQ ); mbedtls_mpi_init( &DE ); mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 ); + mbedtls_mpi_init( &H ); mbedtls_mpi_init( &I ); mbedtls_mpi_init( &G ); mbedtls_mpi_init( &G2 ); + mbedtls_mpi_init( &L1 ); mbedtls_mpi_init( &L2 ); mbedtls_mpi_init( &DP ); mbedtls_mpi_init( &DQ ); + mbedtls_mpi_init( &QP ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &PQ, &ctx->P, &ctx->Q ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DE, &ctx->D, &ctx->E ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &P1, &Q1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, &ctx->E, &H ) ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G2, &P1, &Q1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &L1, &L2, &H, &G2 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &I, &DE, &L1 ) ); + + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &DP, &ctx->D, &P1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &DQ, &ctx->D, &Q1 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &QP, &ctx->Q, &ctx->P ) ); /* * Check for a valid PKCS1v2 private key */ - if( mpi_cmp_mpi( &PQ, &ctx->N ) != 0 || - mpi_cmp_mpi( &DP, &ctx->DP ) != 0 || - mpi_cmp_mpi( &DQ, &ctx->DQ ) != 0 || - mpi_cmp_mpi( &QP, &ctx->QP ) != 0 || - mpi_cmp_int( &L2, 0 ) != 0 || - mpi_cmp_int( &I, 1 ) != 0 || - mpi_cmp_int( &G, 1 ) != 0 ) + if( mbedtls_mpi_cmp_mpi( &PQ, &ctx->N ) != 0 || + mbedtls_mpi_cmp_mpi( &DP, &ctx->DP ) != 0 || + mbedtls_mpi_cmp_mpi( &DQ, &ctx->DQ ) != 0 || + mbedtls_mpi_cmp_mpi( &QP, &ctx->QP ) != 0 || + mbedtls_mpi_cmp_int( &L2, 0 ) != 0 || + mbedtls_mpi_cmp_int( &I, 1 ) != 0 || + mbedtls_mpi_cmp_int( &G, 1 ) != 0 ) { - ret = POLARSSL_ERR_RSA_KEY_CHECK_FAILED; + ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } cleanup: - mpi_free( &PQ ); mpi_free( &DE ); mpi_free( &P1 ); mpi_free( &Q1 ); - mpi_free( &H ); mpi_free( &I ); mpi_free( &G ); mpi_free( &G2 ); - mpi_free( &L1 ); mpi_free( &L2 ); mpi_free( &DP ); mpi_free( &DQ ); - mpi_free( &QP ); + mbedtls_mpi_free( &PQ ); mbedtls_mpi_free( &DE ); mbedtls_mpi_free( &P1 ); mbedtls_mpi_free( &Q1 ); + mbedtls_mpi_free( &H ); mbedtls_mpi_free( &I ); mbedtls_mpi_free( &G ); mbedtls_mpi_free( &G2 ); + mbedtls_mpi_free( &L1 ); mbedtls_mpi_free( &L2 ); mbedtls_mpi_free( &DP ); mbedtls_mpi_free( &DQ ); + mbedtls_mpi_free( &QP ); - if( ret == POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) + if( ret == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ) return( ret ); if( ret != 0 ) - return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED + ret ); + return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED + ret ); return( 0 ); } @@ -244,18 +244,18 @@ cleanup: /* * Check if contexts holding a public and private key match */ -int rsa_check_pub_priv( const rsa_context *pub, const rsa_context *prv ) +int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, const mbedtls_rsa_context *prv ) { - if( rsa_check_pubkey( pub ) != 0 || - rsa_check_privkey( prv ) != 0 ) + if( mbedtls_rsa_check_pubkey( pub ) != 0 || + mbedtls_rsa_check_privkey( prv ) != 0 ) { - return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); } - if( mpi_cmp_mpi( &pub->N, &prv->N ) != 0 || - mpi_cmp_mpi( &pub->E, &prv->E ) != 0 ) + if( mbedtls_mpi_cmp_mpi( &pub->N, &prv->N ) != 0 || + mbedtls_mpi_cmp_mpi( &pub->E, &prv->E ) != 0 ) { - return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); } return( 0 ); @@ -264,41 +264,43 @@ int rsa_check_pub_priv( const rsa_context *pub, const rsa_context *prv ) /* * Do an RSA public key operation */ -int rsa_public( rsa_context *ctx, +int mbedtls_rsa_public( mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output ) { int ret; size_t olen; - mpi T; + mbedtls_mpi T; - mpi_init( &T ); + mbedtls_mpi_init( &T ); - MPI_CHK( mpi_read_binary( &T, input, ctx->len ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &T, input, ctx->len ) ); - if( mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) + if( mbedtls_mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) { - mpi_free( &T ); - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + mbedtls_mpi_free( &T ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); } -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_lock( &ctx->mutex ); +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( ret ); #endif olen = ctx->len; - MPI_CHK( mpi_exp_mod( &T, &T, &ctx->E, &ctx->N, &ctx->RN ) ); - MPI_CHK( mpi_write_binary( &T, output, olen ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, &ctx->E, &ctx->N, &ctx->RN ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &T, output, olen ) ); cleanup: -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_unlock( &ctx->mutex ); +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_unlock( &ctx->mutex ) ) != 0 ) + return( ret ); #endif - mpi_free( &T ); + mbedtls_mpi_free( &T ); if( ret != 0 ) - return( POLARSSL_ERR_RSA_PUBLIC_FAILED + ret ); + return( MBEDTLS_ERR_RSA_PUBLIC_FAILED + ret ); return( 0 ); } @@ -306,25 +308,26 @@ cleanup: /* * Generate or update blinding values, see section 10 of: * KOCHER, Paul C. Timing attacks on implementations of Diffie-Hellman, RSA, - * DSS, and other systems. In : Advances in Cryptology—CRYPTO’96. Springer + * DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer * Berlin Heidelberg, 1996. p. 104-113. */ -static int rsa_prepare_blinding( rsa_context *ctx, mpi *Vi, mpi *Vf, +static int rsa_prepare_blinding( mbedtls_rsa_context *ctx, mbedtls_mpi *Vi, mbedtls_mpi *Vf, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret, count = 0; -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_lock( &ctx->mutex ); +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( ret ); #endif if( ctx->Vf.p != NULL ) { /* We already have blinding values, just update them by squaring */ - MPI_CHK( mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) ); - MPI_CHK( mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) ); - MPI_CHK( mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) ); - MPI_CHK( mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->N ) ); goto done; } @@ -332,26 +335,27 @@ static int rsa_prepare_blinding( rsa_context *ctx, mpi *Vi, mpi *Vf, /* Unblinding value: Vf = random number, invertible mod N */ do { if( count++ > 10 ) - return( POLARSSL_ERR_RSA_RNG_FAILED ); + return( MBEDTLS_ERR_RSA_RNG_FAILED ); - MPI_CHK( mpi_fill_random( &ctx->Vf, ctx->len - 1, f_rng, p_rng ) ); - MPI_CHK( mpi_gcd( &ctx->Vi, &ctx->Vf, &ctx->N ) ); - } while( mpi_cmp_int( &ctx->Vi, 1 ) != 0 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->Vf, ctx->len - 1, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &ctx->Vi, &ctx->Vf, &ctx->N ) ); + } while( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) != 0 ); /* Blinding value: Vi = Vf^(-e) mod N */ - MPI_CHK( mpi_inv_mod( &ctx->Vi, &ctx->Vf, &ctx->N ) ); - MPI_CHK( mpi_exp_mod( &ctx->Vi, &ctx->Vi, &ctx->E, &ctx->N, &ctx->RN ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->Vi, &ctx->Vf, &ctx->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vi, &ctx->Vi, &ctx->E, &ctx->N, &ctx->RN ) ); done: if( Vi != &ctx->Vi ) { - MPI_CHK( mpi_copy( Vi, &ctx->Vi ) ); - MPI_CHK( mpi_copy( Vf, &ctx->Vf ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( Vi, &ctx->Vi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( Vf, &ctx->Vf ) ); } cleanup: -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_unlock( &ctx->mutex ); +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_unlock( &ctx->mutex ) ) != 0 ) + return( ret ); #endif return( ret ); @@ -360,7 +364,7 @@ cleanup: /* * Do an RSA private key operation */ -int rsa_private( rsa_context *ctx, +int mbedtls_rsa_private( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *input, @@ -368,18 +372,18 @@ int rsa_private( rsa_context *ctx, { int ret; size_t olen; - mpi T, T1, T2; - mpi *Vi, *Vf; + mbedtls_mpi T, T1, T2; + mbedtls_mpi *Vi, *Vf; /* * When using the Chinese Remainder Theorem, we use blinding values. * Without threading, we just read them directly from the context, * otherwise we make a local copy in order to reduce locking contention. */ -#if defined(POLARSSL_THREADING_C) - mpi Vi_copy, Vf_copy; +#if defined(MBEDTLS_THREADING_C) + mbedtls_mpi Vi_copy, Vf_copy; - mpi_init( &Vi_copy ); mpi_init( &Vf_copy ); + mbedtls_mpi_init( &Vi_copy ); mbedtls_mpi_init( &Vf_copy ); Vi = &Vi_copy; Vf = &Vf_copy; #else @@ -387,13 +391,13 @@ int rsa_private( rsa_context *ctx, Vf = &ctx->Vf; #endif - mpi_init( &T ); mpi_init( &T1 ); mpi_init( &T2 ); + mbedtls_mpi_init( &T ); mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 ); - MPI_CHK( mpi_read_binary( &T, input, ctx->len ) ); - if( mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) + MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &T, input, ctx->len ) ); + if( mbedtls_mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) { - mpi_free( &T ); - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + mbedtls_mpi_free( &T ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); } if( f_rng != NULL ) @@ -402,17 +406,18 @@ int rsa_private( rsa_context *ctx, * Blinding * T = T * Vi mod N */ - MPI_CHK( rsa_prepare_blinding( ctx, Vi, Vf, f_rng, p_rng ) ); - MPI_CHK( mpi_mul_mpi( &T, &T, Vi ) ); - MPI_CHK( mpi_mod_mpi( &T, &T, &ctx->N ) ); + MBEDTLS_MPI_CHK( rsa_prepare_blinding( ctx, Vi, Vf, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, Vi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) ); } -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_lock( &ctx->mutex ); +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( ret ); #endif -#if defined(POLARSSL_RSA_NO_CRT) - MPI_CHK( mpi_exp_mod( &T, &T, &ctx->D, &ctx->N, &ctx->RN ) ); +#if defined(MBEDTLS_RSA_NO_CRT) + MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, &ctx->D, &ctx->N, &ctx->RN ) ); #else /* * faster decryption using the CRT @@ -420,22 +425,22 @@ int rsa_private( rsa_context *ctx, * T1 = input ^ dP mod P * T2 = input ^ dQ mod Q */ - MPI_CHK( mpi_exp_mod( &T1, &T, &ctx->DP, &ctx->P, &ctx->RP ) ); - MPI_CHK( mpi_exp_mod( &T2, &T, &ctx->DQ, &ctx->Q, &ctx->RQ ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T1, &T, &ctx->DP, &ctx->P, &ctx->RP ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T2, &T, &ctx->DQ, &ctx->Q, &ctx->RQ ) ); /* * T = (T1 - T2) * (Q^-1 mod P) mod P */ - MPI_CHK( mpi_sub_mpi( &T, &T1, &T2 ) ); - MPI_CHK( mpi_mul_mpi( &T1, &T, &ctx->QP ) ); - MPI_CHK( mpi_mod_mpi( &T, &T1, &ctx->P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T, &T1, &T2 ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T1, &T, &ctx->QP ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T1, &ctx->P ) ); /* * T = T2 + T * Q */ - MPI_CHK( mpi_mul_mpi( &T1, &T, &ctx->Q ) ); - MPI_CHK( mpi_add_mpi( &T, &T2, &T1 ) ); -#endif /* POLARSSL_RSA_NO_CRT */ + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T1, &T, &ctx->Q ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &T, &T2, &T1 ) ); +#endif /* MBEDTLS_RSA_NO_CRT */ if( f_rng != NULL ) { @@ -443,27 +448,28 @@ int rsa_private( rsa_context *ctx, * Unblind * T = T * Vf mod N */ - MPI_CHK( mpi_mul_mpi( &T, &T, Vf ) ); - MPI_CHK( mpi_mod_mpi( &T, &T, &ctx->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, Vf ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) ); } olen = ctx->len; - MPI_CHK( mpi_write_binary( &T, output, olen ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &T, output, olen ) ); cleanup: -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_unlock( &ctx->mutex ); - mpi_free( &Vi_copy ); mpi_free( &Vf_copy ); +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_unlock( &ctx->mutex ) ) != 0 ) + return( ret ); + mbedtls_mpi_free( &Vi_copy ); mbedtls_mpi_free( &Vf_copy ); #endif - mpi_free( &T ); mpi_free( &T1 ); mpi_free( &T2 ); + mbedtls_mpi_free( &T ); mbedtls_mpi_free( &T1 ); mbedtls_mpi_free( &T2 ); if( ret != 0 ) - return( POLARSSL_ERR_RSA_PRIVATE_FAILED + ret ); + return( MBEDTLS_ERR_RSA_PRIVATE_FAILED + ret ); return( 0 ); } -#if defined(POLARSSL_PKCS1_V21) +#if defined(MBEDTLS_PKCS1_V21) /** * Generate and apply the MGF1 operation (from PKCS#1 v2.1) to a buffer. * @@ -474,18 +480,18 @@ cleanup: * \param md_ctx message digest context to use */ static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, - size_t slen, md_context_t *md_ctx ) + size_t slen, mbedtls_md_context_t *md_ctx ) { - unsigned char mask[POLARSSL_MD_MAX_SIZE]; + unsigned char mask[MBEDTLS_MD_MAX_SIZE]; unsigned char counter[4]; unsigned char *p; unsigned int hlen; size_t i, use_len; - memset( mask, 0, POLARSSL_MD_MAX_SIZE ); + memset( mask, 0, MBEDTLS_MD_MAX_SIZE ); memset( counter, 0, 4 ); - hlen = md_ctx->md_info->size; + hlen = mbedtls_md_get_size( md_ctx->md_info ); // Generate and apply dbMask // @@ -497,10 +503,10 @@ static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, if( dlen < hlen ) use_len = dlen; - md_starts( md_ctx ); - md_update( md_ctx, src, slen ); - md_update( md_ctx, counter, 4 ); - md_finish( md_ctx, mask ); + mbedtls_md_starts( md_ctx ); + mbedtls_md_update( md_ctx, src, slen ); + mbedtls_md_update( md_ctx, counter, 4 ); + mbedtls_md_finish( md_ctx, mask ); for( i = 0; i < use_len; ++i ) *p++ ^= mask[i]; @@ -510,13 +516,13 @@ static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, dlen -= use_len; } } -#endif /* POLARSSL_PKCS1_V21 */ +#endif /* MBEDTLS_PKCS1_V21 */ -#if defined(POLARSSL_PKCS1_V21) +#if defined(MBEDTLS_PKCS1_V21) /* * Implementation of the PKCS#1 v2.1 RSAES-OAEP-ENCRYPT function */ -int rsa_rsaes_oaep_encrypt( rsa_context *ctx, +int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, @@ -529,24 +535,24 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx, int ret; unsigned char *p = output; unsigned int hlen; - const md_info_t *md_info; - md_context_t md_ctx; + const mbedtls_md_info_t *md_info; + mbedtls_md_context_t md_ctx; - if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V21 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); if( f_rng == NULL ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - md_info = md_info_from_type( (md_type_t) ctx->hash_id ); + md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); if( md_info == NULL ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); olen = ctx->len; - hlen = md_get_size( md_info ); + hlen = mbedtls_md_get_size( md_info ); if( olen < ilen + 2 * hlen + 2 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); memset( output, 0, olen ); @@ -555,20 +561,20 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx, // Generate a random octet string seed // if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 ) - return( POLARSSL_ERR_RSA_RNG_FAILED + ret ); + return( MBEDTLS_ERR_RSA_RNG_FAILED + ret ); p += hlen; // Construct DB // - md( md_info, label, label_len, p ); + mbedtls_md( md_info, label, label_len, p ); p += hlen; p += olen - 2 * hlen - 2 - ilen; *p++ = 1; memcpy( p, input, ilen ); - md_init( &md_ctx ); - md_init_ctx( &md_ctx, md_info ); + mbedtls_md_init( &md_ctx ); + mbedtls_md_setup( &md_ctx, md_info, 0 ); // maskedDB: Apply dbMask to DB // @@ -580,19 +586,19 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx, mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1, &md_ctx ); - md_free( &md_ctx ); + mbedtls_md_free( &md_ctx ); - return( ( mode == RSA_PUBLIC ) - ? rsa_public( ctx, output, output ) - : rsa_private( ctx, f_rng, p_rng, output, output ) ); + return( ( mode == MBEDTLS_RSA_PUBLIC ) + ? mbedtls_rsa_public( ctx, output, output ) + : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) ); } -#endif /* POLARSSL_PKCS1_V21 */ +#endif /* MBEDTLS_PKCS1_V21 */ -#if defined(POLARSSL_PKCS1_V15) +#if defined(MBEDTLS_PKCS1_V15) /* * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-ENCRYPT function */ -int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, +int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, @@ -603,23 +609,23 @@ int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, int ret; unsigned char *p = output; - if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V15 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); if( f_rng == NULL ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); olen = ctx->len; if( olen < ilen + 11 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); nb_pad = olen - 3 - ilen; *p++ = 0; - if( mode == RSA_PUBLIC ) + if( mode == MBEDTLS_RSA_PUBLIC ) { - *p++ = RSA_CRYPT; + *p++ = MBEDTLS_RSA_CRYPT; while( nb_pad-- > 0 ) { @@ -632,14 +638,14 @@ int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, // Check if RNG failed to generate data // if( rng_dl == 0 || ret != 0 ) - return( POLARSSL_ERR_RSA_RNG_FAILED + ret ); + return( MBEDTLS_ERR_RSA_RNG_FAILED + ret ); p++; } } else { - *p++ = RSA_SIGN; + *p++ = MBEDTLS_RSA_SIGN; while( nb_pad-- > 0 ) *p++ = 0xFF; @@ -648,16 +654,16 @@ int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, *p++ = 0; memcpy( p, input, ilen ); - return( ( mode == RSA_PUBLIC ) - ? rsa_public( ctx, output, output ) - : rsa_private( ctx, f_rng, p_rng, output, output ) ); + return( ( mode == MBEDTLS_RSA_PUBLIC ) + ? mbedtls_rsa_public( ctx, output, output ) + : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) ); } -#endif /* POLARSSL_PKCS1_V15 */ +#endif /* MBEDTLS_PKCS1_V15 */ /* * Add the message padding, then do an RSA operation */ -int rsa_pkcs1_encrypt( rsa_context *ctx, +int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, @@ -666,28 +672,28 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, { switch( ctx->padding ) { -#if defined(POLARSSL_PKCS1_V15) - case RSA_PKCS_V15: - return rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, mode, ilen, +#if defined(MBEDTLS_PKCS1_V15) + case MBEDTLS_RSA_PKCS_V15: + return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, mode, ilen, input, output ); #endif -#if defined(POLARSSL_PKCS1_V21) - case RSA_PKCS_V21: - return rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, mode, NULL, 0, +#if defined(MBEDTLS_PKCS1_V21) + case MBEDTLS_RSA_PKCS_V21: + return mbedtls_rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, mode, NULL, 0, ilen, input, output ); #endif default: - return( POLARSSL_ERR_RSA_INVALID_PADDING ); + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); } } -#if defined(POLARSSL_PKCS1_V21) +#if defined(MBEDTLS_PKCS1_V21) /* * Implementation of the PKCS#1 v2.1 RSAES-OAEP-DECRYPT function */ -int rsa_rsaes_oaep_decrypt( rsa_context *ctx, +int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, @@ -700,33 +706,33 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx, int ret; size_t ilen, i, pad_len; unsigned char *p, bad, pad_done; - unsigned char buf[POLARSSL_MPI_MAX_SIZE]; - unsigned char lhash[POLARSSL_MD_MAX_SIZE]; + unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; + unsigned char lhash[MBEDTLS_MD_MAX_SIZE]; unsigned int hlen; - const md_info_t *md_info; - md_context_t md_ctx; + const mbedtls_md_info_t *md_info; + mbedtls_md_context_t md_ctx; /* * Parameters sanity checks */ - if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V21 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); ilen = ctx->len; if( ilen < 16 || ilen > sizeof( buf ) ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - md_info = md_info_from_type( (md_type_t) ctx->hash_id ); + md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); if( md_info == NULL ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); /* * RSA operation */ - ret = ( mode == RSA_PUBLIC ) - ? rsa_public( ctx, input, buf ) - : rsa_private( ctx, f_rng, p_rng, input, buf ); + ret = ( mode == MBEDTLS_RSA_PUBLIC ) + ? mbedtls_rsa_public( ctx, input, buf ) + : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf ); if( ret != 0 ) return( ret ); @@ -734,13 +740,13 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx, /* * Unmask data and generate lHash */ - hlen = md_get_size( md_info ); + hlen = mbedtls_md_get_size( md_info ); - md_init( &md_ctx ); - md_init_ctx( &md_ctx, md_info ); + mbedtls_md_init( &md_ctx ); + mbedtls_md_setup( &md_ctx, md_info, 0 ); /* Generate lHash */ - md( md_info, label, label_len, lhash ); + mbedtls_md( md_info, label, label_len, lhash ); /* seed: Apply seedMask to maskedSeed */ mgf_mask( buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1, @@ -750,7 +756,7 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx, mgf_mask( buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen, &md_ctx ); - md_free( &md_ctx ); + mbedtls_md_free( &md_ctx ); /* * Check contents, in "constant-time" @@ -786,23 +792,23 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx, * the different error conditions. */ if( bad != 0 ) - return( POLARSSL_ERR_RSA_INVALID_PADDING ); + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); if( ilen - ( p - buf ) > output_max_len ) - return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE ); + return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); *olen = ilen - (p - buf); memcpy( output, p, *olen ); return( 0 ); } -#endif /* POLARSSL_PKCS1_V21 */ +#endif /* MBEDTLS_PKCS1_V21 */ -#if defined(POLARSSL_PKCS1_V15) +#if defined(MBEDTLS_PKCS1_V15) /* * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-DECRYPT function */ -int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, +int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, @@ -813,19 +819,19 @@ int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, int ret; size_t ilen, pad_count = 0, i; unsigned char *p, bad, pad_done = 0; - unsigned char buf[POLARSSL_MPI_MAX_SIZE]; + unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; - if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V15 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); ilen = ctx->len; if( ilen < 16 || ilen > sizeof( buf ) ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - ret = ( mode == RSA_PUBLIC ) - ? rsa_public( ctx, input, buf ) - : rsa_private( ctx, f_rng, p_rng, input, buf ); + ret = ( mode == MBEDTLS_RSA_PUBLIC ) + ? mbedtls_rsa_public( ctx, input, buf ) + : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf ); if( ret != 0 ) return( ret ); @@ -839,9 +845,9 @@ int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, bad |= *p++; /* First byte must be 0 */ /* This test does not depend on secret data */ - if( mode == RSA_PRIVATE ) + if( mode == MBEDTLS_RSA_PRIVATE ) { - bad |= *p++ ^ RSA_CRYPT; + bad |= *p++ ^ MBEDTLS_RSA_CRYPT; /* Get padding len, but always read till end of buffer * (minus one, for the 00 byte) */ @@ -856,7 +862,7 @@ int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, } else { - bad |= *p++ ^ RSA_SIGN; + bad |= *p++ ^ MBEDTLS_RSA_SIGN; /* Get padding len, but always read till end of buffer * (minus one, for the 00 byte) */ @@ -871,22 +877,22 @@ int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, } if( bad ) - return( POLARSSL_ERR_RSA_INVALID_PADDING ); + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); if( ilen - ( p - buf ) > output_max_len ) - return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE ); + return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); *olen = ilen - (p - buf); memcpy( output, p, *olen ); return( 0 ); } -#endif /* POLARSSL_PKCS1_V15 */ +#endif /* MBEDTLS_PKCS1_V15 */ /* * Do an RSA operation, then remove the message padding */ -int rsa_pkcs1_decrypt( rsa_context *ctx, +int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, @@ -896,100 +902,100 @@ int rsa_pkcs1_decrypt( rsa_context *ctx, { switch( ctx->padding ) { -#if defined(POLARSSL_PKCS1_V15) - case RSA_PKCS_V15: - return rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, mode, olen, +#if defined(MBEDTLS_PKCS1_V15) + case MBEDTLS_RSA_PKCS_V15: + return mbedtls_rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, mode, olen, input, output, output_max_len ); #endif -#if defined(POLARSSL_PKCS1_V21) - case RSA_PKCS_V21: - return rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, mode, NULL, 0, +#if defined(MBEDTLS_PKCS1_V21) + case MBEDTLS_RSA_PKCS_V21: + return mbedtls_rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, mode, NULL, 0, olen, input, output, output_max_len ); #endif default: - return( POLARSSL_ERR_RSA_INVALID_PADDING ); + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); } } -#if defined(POLARSSL_PKCS1_V21) +#if defined(MBEDTLS_PKCS1_V21) /* * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function */ -int rsa_rsassa_pss_sign( rsa_context *ctx, +int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) { size_t olen; unsigned char *p = sig; - unsigned char salt[POLARSSL_MD_MAX_SIZE]; + unsigned char salt[MBEDTLS_MD_MAX_SIZE]; unsigned int slen, hlen, offset = 0; int ret; size_t msb; - const md_info_t *md_info; - md_context_t md_ctx; + const mbedtls_md_info_t *md_info; + mbedtls_md_context_t md_ctx; - if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V21 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); if( f_rng == NULL ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); olen = ctx->len; - if( md_alg != POLARSSL_MD_NONE ) + if( md_alg != MBEDTLS_MD_NONE ) { // Gather length of hash to sign // - md_info = md_info_from_type( md_alg ); + md_info = mbedtls_md_info_from_type( md_alg ); if( md_info == NULL ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - hashlen = md_get_size( md_info ); + hashlen = mbedtls_md_get_size( md_info ); } - md_info = md_info_from_type( (md_type_t) ctx->hash_id ); + md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); if( md_info == NULL ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - hlen = md_get_size( md_info ); + hlen = mbedtls_md_get_size( md_info ); slen = hlen; if( olen < hlen + slen + 2 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); memset( sig, 0, olen ); // Generate salt of length slen // if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 ) - return( POLARSSL_ERR_RSA_RNG_FAILED + ret ); + return( MBEDTLS_ERR_RSA_RNG_FAILED + ret ); // Note: EMSA-PSS encoding is over the length of N - 1 bits // - msb = mpi_msb( &ctx->N ) - 1; + msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; p += olen - hlen * 2 - 2; *p++ = 0x01; memcpy( p, salt, slen ); p += slen; - md_init( &md_ctx ); - md_init_ctx( &md_ctx, md_info ); + mbedtls_md_init( &md_ctx ); + mbedtls_md_setup( &md_ctx, md_info, 0 ); // Generate H = Hash( M' ) // - md_starts( &md_ctx ); - md_update( &md_ctx, p, 8 ); - md_update( &md_ctx, hash, hashlen ); - md_update( &md_ctx, salt, slen ); - md_finish( &md_ctx, p ); + mbedtls_md_starts( &md_ctx ); + mbedtls_md_update( &md_ctx, p, 8 ); + mbedtls_md_update( &md_ctx, hash, hashlen ); + mbedtls_md_update( &md_ctx, salt, slen ); + mbedtls_md_finish( &md_ctx, p ); // Compensate for boundary condition when applying mask // @@ -1000,32 +1006,32 @@ int rsa_rsassa_pss_sign( rsa_context *ctx, // mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen, &md_ctx ); - md_free( &md_ctx ); + mbedtls_md_free( &md_ctx ); - msb = mpi_msb( &ctx->N ) - 1; + msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; sig[0] &= 0xFF >> ( olen * 8 - msb ); p += hlen; *p++ = 0xBC; - return( ( mode == RSA_PUBLIC ) - ? rsa_public( ctx, sig, sig ) - : rsa_private( ctx, f_rng, p_rng, sig, sig ) ); + return( ( mode == MBEDTLS_RSA_PUBLIC ) + ? mbedtls_rsa_public( ctx, sig, sig ) + : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig ) ); } -#endif /* POLARSSL_PKCS1_V21 */ +#endif /* MBEDTLS_PKCS1_V21 */ -#if defined(POLARSSL_PKCS1_V15) +#if defined(MBEDTLS_PKCS1_V15) /* * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-V1_5-SIGN function */ /* * Do an RSA operation to sign the message digest */ -int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, +int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) @@ -1034,38 +1040,38 @@ int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, unsigned char *p = sig; const char *oid = NULL; - if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V15 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); olen = ctx->len; nb_pad = olen - 3; - if( md_alg != POLARSSL_MD_NONE ) + if( md_alg != MBEDTLS_MD_NONE ) { - const md_info_t *md_info = md_info_from_type( md_alg ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); if( md_info == NULL ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - if( oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); nb_pad -= 10 + oid_size; - hashlen = md_get_size( md_info ); + hashlen = mbedtls_md_get_size( md_info ); } nb_pad -= hashlen; if( ( nb_pad < 8 ) || ( nb_pad > olen ) ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); *p++ = 0; - *p++ = RSA_SIGN; + *p++ = MBEDTLS_RSA_SIGN; memset( p, 0xFF, nb_pad ); p += nb_pad; *p++ = 0; - if( md_alg == POLARSSL_MD_NONE ) + if( md_alg == MBEDTLS_MD_NONE ) { memcpy( p, hash, hashlen ); } @@ -1080,95 +1086,95 @@ int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, * * Digest ::= OCTET STRING */ - *p++ = ASN1_SEQUENCE | ASN1_CONSTRUCTED; + *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; *p++ = (unsigned char) ( 0x08 + oid_size + hashlen ); - *p++ = ASN1_SEQUENCE | ASN1_CONSTRUCTED; + *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; *p++ = (unsigned char) ( 0x04 + oid_size ); - *p++ = ASN1_OID; + *p++ = MBEDTLS_ASN1_OID; *p++ = oid_size & 0xFF; memcpy( p, oid, oid_size ); p += oid_size; - *p++ = ASN1_NULL; + *p++ = MBEDTLS_ASN1_NULL; *p++ = 0x00; - *p++ = ASN1_OCTET_STRING; + *p++ = MBEDTLS_ASN1_OCTET_STRING; *p++ = hashlen; memcpy( p, hash, hashlen ); } - return( ( mode == RSA_PUBLIC ) - ? rsa_public( ctx, sig, sig ) - : rsa_private( ctx, f_rng, p_rng, sig, sig ) ); + return( ( mode == MBEDTLS_RSA_PUBLIC ) + ? mbedtls_rsa_public( ctx, sig, sig ) + : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig ) ); } -#endif /* POLARSSL_PKCS1_V15 */ +#endif /* MBEDTLS_PKCS1_V15 */ /* * Do an RSA operation to sign the message digest */ -int rsa_pkcs1_sign( rsa_context *ctx, +int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) { switch( ctx->padding ) { -#if defined(POLARSSL_PKCS1_V15) - case RSA_PKCS_V15: - return rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng, mode, md_alg, +#if defined(MBEDTLS_PKCS1_V15) + case MBEDTLS_RSA_PKCS_V15: + return mbedtls_rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng, mode, md_alg, hashlen, hash, sig ); #endif -#if defined(POLARSSL_PKCS1_V21) - case RSA_PKCS_V21: - return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg, +#if defined(MBEDTLS_PKCS1_V21) + case MBEDTLS_RSA_PKCS_V21: + return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg, hashlen, hash, sig ); #endif default: - return( POLARSSL_ERR_RSA_INVALID_PADDING ); + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); } } -#if defined(POLARSSL_PKCS1_V21) +#if defined(MBEDTLS_PKCS1_V21) /* * Implementation of the PKCS#1 v2.1 RSASSA-PSS-VERIFY function */ -int rsa_rsassa_pss_verify_ext( rsa_context *ctx, +int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, - md_type_t mgf1_hash_id, + mbedtls_md_type_t mgf1_hash_id, int expected_salt_len, const unsigned char *sig ) { int ret; size_t siglen; unsigned char *p; - unsigned char buf[POLARSSL_MPI_MAX_SIZE]; - unsigned char result[POLARSSL_MD_MAX_SIZE]; + unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; + unsigned char result[MBEDTLS_MD_MAX_SIZE]; unsigned char zeros[8]; unsigned int hlen; size_t slen, msb; - const md_info_t *md_info; - md_context_t md_ctx; + const mbedtls_md_info_t *md_info; + mbedtls_md_context_t md_ctx; - if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V21 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); siglen = ctx->len; if( siglen < 16 || siglen > sizeof( buf ) ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - ret = ( mode == RSA_PUBLIC ) - ? rsa_public( ctx, sig, buf ) - : rsa_private( ctx, f_rng, p_rng, sig, buf ); + ret = ( mode == MBEDTLS_RSA_PUBLIC ) + ? mbedtls_rsa_public( ctx, sig, buf ) + : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, buf ); if( ret != 0 ) return( ret ); @@ -1176,31 +1182,31 @@ int rsa_rsassa_pss_verify_ext( rsa_context *ctx, p = buf; if( buf[siglen - 1] != 0xBC ) - return( POLARSSL_ERR_RSA_INVALID_PADDING ); + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); - if( md_alg != POLARSSL_MD_NONE ) + if( md_alg != MBEDTLS_MD_NONE ) { // Gather length of hash to sign // - md_info = md_info_from_type( md_alg ); + md_info = mbedtls_md_info_from_type( md_alg ); if( md_info == NULL ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - hashlen = md_get_size( md_info ); + hashlen = mbedtls_md_get_size( md_info ); } - md_info = md_info_from_type( mgf1_hash_id ); + md_info = mbedtls_md_info_from_type( mgf1_hash_id ); if( md_info == NULL ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - hlen = md_get_size( md_info ); + hlen = mbedtls_md_get_size( md_info ); slen = siglen - hlen - 1; /* Currently length of salt + padding */ memset( zeros, 0, 8 ); // Note: EMSA-PSS verification is over the length of N - 1 bits // - msb = mpi_msb( &ctx->N ) - 1; + msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; // Compensate for boundary condition when applying mask // @@ -1210,10 +1216,10 @@ int rsa_rsassa_pss_verify_ext( rsa_context *ctx, siglen -= 1; } if( buf[0] >> ( 8 - siglen * 8 + msb ) ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - md_init( &md_ctx ); - md_init_ctx( &md_ctx, md_info ); + mbedtls_md_init( &md_ctx ); + mbedtls_md_setup( &md_ctx, md_info, 0 ); mgf_mask( p, siglen - hlen - 1, p + siglen - hlen - 1, hlen, &md_ctx ); @@ -1225,69 +1231,69 @@ int rsa_rsassa_pss_verify_ext( rsa_context *ctx, if( p == buf + siglen || *p++ != 0x01 ) { - md_free( &md_ctx ); - return( POLARSSL_ERR_RSA_INVALID_PADDING ); + mbedtls_md_free( &md_ctx ); + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); } /* Actual salt len */ slen -= p - buf; - if( expected_salt_len != RSA_SALT_LEN_ANY && + if( expected_salt_len != MBEDTLS_RSA_SALT_LEN_ANY && slen != (size_t) expected_salt_len ) { - md_free( &md_ctx ); - return( POLARSSL_ERR_RSA_INVALID_PADDING ); + mbedtls_md_free( &md_ctx ); + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); } // Generate H = Hash( M' ) // - md_starts( &md_ctx ); - md_update( &md_ctx, zeros, 8 ); - md_update( &md_ctx, hash, hashlen ); - md_update( &md_ctx, p, slen ); - md_finish( &md_ctx, result ); + mbedtls_md_starts( &md_ctx ); + mbedtls_md_update( &md_ctx, zeros, 8 ); + mbedtls_md_update( &md_ctx, hash, hashlen ); + mbedtls_md_update( &md_ctx, p, slen ); + mbedtls_md_finish( &md_ctx, result ); - md_free( &md_ctx ); + mbedtls_md_free( &md_ctx ); if( memcmp( p + slen, result, hlen ) == 0 ) return( 0 ); else - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); } /* * Simplified PKCS#1 v2.1 RSASSA-PSS-VERIFY function */ -int rsa_rsassa_pss_verify( rsa_context *ctx, +int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig ) { - md_type_t mgf1_hash_id = ( ctx->hash_id != POLARSSL_MD_NONE ) - ? (md_type_t) ctx->hash_id + mbedtls_md_type_t mgf1_hash_id = ( ctx->hash_id != MBEDTLS_MD_NONE ) + ? (mbedtls_md_type_t) ctx->hash_id : md_alg; - return( rsa_rsassa_pss_verify_ext( ctx, f_rng, p_rng, mode, + return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, f_rng, p_rng, mode, md_alg, hashlen, hash, - mgf1_hash_id, RSA_SALT_LEN_ANY, + mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY, sig ) ); } -#endif /* POLARSSL_PKCS1_V21 */ +#endif /* MBEDTLS_PKCS1_V21 */ -#if defined(POLARSSL_PKCS1_V15) +#if defined(MBEDTLS_PKCS1_V15) /* * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-v1_5-VERIFY function */ -int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, +int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig ) @@ -1295,172 +1301,172 @@ int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, int ret; size_t len, siglen, asn1_len; unsigned char *p, *end; - unsigned char buf[POLARSSL_MPI_MAX_SIZE]; - md_type_t msg_md_alg; - const md_info_t *md_info; - asn1_buf oid; + unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; + mbedtls_md_type_t msg_md_alg; + const mbedtls_md_info_t *md_info; + mbedtls_asn1_buf oid; - if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V15 ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); siglen = ctx->len; if( siglen < 16 || siglen > sizeof( buf ) ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - ret = ( mode == RSA_PUBLIC ) - ? rsa_public( ctx, sig, buf ) - : rsa_private( ctx, f_rng, p_rng, sig, buf ); + ret = ( mode == MBEDTLS_RSA_PUBLIC ) + ? mbedtls_rsa_public( ctx, sig, buf ) + : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, buf ); if( ret != 0 ) return( ret ); p = buf; - if( *p++ != 0 || *p++ != RSA_SIGN ) - return( POLARSSL_ERR_RSA_INVALID_PADDING ); + if( *p++ != 0 || *p++ != MBEDTLS_RSA_SIGN ) + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); while( *p != 0 ) { if( p >= buf + siglen - 1 || *p != 0xFF ) - return( POLARSSL_ERR_RSA_INVALID_PADDING ); + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); p++; } p++; len = siglen - ( p - buf ); - if( len == hashlen && md_alg == POLARSSL_MD_NONE ) + if( len == hashlen && md_alg == MBEDTLS_MD_NONE ) { if( memcmp( p, hash, hashlen ) == 0 ) return( 0 ); else - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); } - md_info = md_info_from_type( md_alg ); + md_info = mbedtls_md_info_from_type( md_alg ); if( md_info == NULL ) - return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); - hashlen = md_get_size( md_info ); + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + hashlen = mbedtls_md_get_size( md_info ); end = p + len; // Parse the ASN.1 structure inside the PKCS#1 v1.5 structure // - if( ( ret = asn1_get_tag( &p, end, &asn1_len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + if( ( ret = mbedtls_asn1_get_tag( &p, end, &asn1_len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); if( asn1_len + 2 != len ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); - if( ( ret = asn1_get_tag( &p, end, &asn1_len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + if( ( ret = mbedtls_asn1_get_tag( &p, end, &asn1_len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); if( asn1_len + 6 + hashlen != len ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); - if( ( ret = asn1_get_tag( &p, end, &oid.len, ASN1_OID ) ) != 0 ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + if( ( ret = mbedtls_asn1_get_tag( &p, end, &oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); oid.p = p; p += oid.len; - if( oid_get_md_alg( &oid, &msg_md_alg ) != 0 ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + if( mbedtls_oid_get_md_alg( &oid, &msg_md_alg ) != 0 ) + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); if( md_alg != msg_md_alg ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); /* * assume the algorithm parameters must be NULL */ - if( ( ret = asn1_get_tag( &p, end, &asn1_len, ASN1_NULL ) ) != 0 ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + if( ( ret = mbedtls_asn1_get_tag( &p, end, &asn1_len, MBEDTLS_ASN1_NULL ) ) != 0 ) + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); - if( ( ret = asn1_get_tag( &p, end, &asn1_len, ASN1_OCTET_STRING ) ) != 0 ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + if( ( ret = mbedtls_asn1_get_tag( &p, end, &asn1_len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); if( asn1_len != hashlen ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); if( memcmp( p, hash, hashlen ) != 0 ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); p += hashlen; if( p != end ) - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); return( 0 ); } -#endif /* POLARSSL_PKCS1_V15 */ +#endif /* MBEDTLS_PKCS1_V15 */ /* * Do an RSA operation and check the message digest */ -int rsa_pkcs1_verify( rsa_context *ctx, +int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, - md_type_t md_alg, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig ) { switch( ctx->padding ) { -#if defined(POLARSSL_PKCS1_V15) - case RSA_PKCS_V15: - return rsa_rsassa_pkcs1_v15_verify( ctx, f_rng, p_rng, mode, md_alg, +#if defined(MBEDTLS_PKCS1_V15) + case MBEDTLS_RSA_PKCS_V15: + return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, f_rng, p_rng, mode, md_alg, hashlen, hash, sig ); #endif -#if defined(POLARSSL_PKCS1_V21) - case RSA_PKCS_V21: - return rsa_rsassa_pss_verify( ctx, f_rng, p_rng, mode, md_alg, +#if defined(MBEDTLS_PKCS1_V21) + case MBEDTLS_RSA_PKCS_V21: + return mbedtls_rsa_rsassa_pss_verify( ctx, f_rng, p_rng, mode, md_alg, hashlen, hash, sig ); #endif default: - return( POLARSSL_ERR_RSA_INVALID_PADDING ); + return( MBEDTLS_ERR_RSA_INVALID_PADDING ); } } /* * Copy the components of an RSA key */ -int rsa_copy( rsa_context *dst, const rsa_context *src ) +int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ) { int ret; dst->ver = src->ver; dst->len = src->len; - MPI_CHK( mpi_copy( &dst->N, &src->N ) ); - MPI_CHK( mpi_copy( &dst->E, &src->E ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->N, &src->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->E, &src->E ) ); - MPI_CHK( mpi_copy( &dst->D, &src->D ) ); - MPI_CHK( mpi_copy( &dst->P, &src->P ) ); - MPI_CHK( mpi_copy( &dst->Q, &src->Q ) ); - MPI_CHK( mpi_copy( &dst->DP, &src->DP ) ); - MPI_CHK( mpi_copy( &dst->DQ, &src->DQ ) ); - MPI_CHK( mpi_copy( &dst->QP, &src->QP ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->D, &src->D ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->P, &src->P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Q, &src->Q ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->DP, &src->DP ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->DQ, &src->DQ ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->QP, &src->QP ) ); - MPI_CHK( mpi_copy( &dst->RN, &src->RN ) ); - MPI_CHK( mpi_copy( &dst->RP, &src->RP ) ); - MPI_CHK( mpi_copy( &dst->RQ, &src->RQ ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RN, &src->RN ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RP, &src->RP ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RQ, &src->RQ ) ); - MPI_CHK( mpi_copy( &dst->Vi, &src->Vi ) ); - MPI_CHK( mpi_copy( &dst->Vf, &src->Vf ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Vi, &src->Vi ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Vf, &src->Vf ) ); dst->padding = src->padding; dst->hash_id = src->hash_id; cleanup: if( ret != 0 ) - rsa_free( dst ); + mbedtls_rsa_free( dst ); return( ret ); } @@ -1468,22 +1474,22 @@ cleanup: /* * Free the components of an RSA key */ -void rsa_free( rsa_context *ctx ) +void mbedtls_rsa_free( mbedtls_rsa_context *ctx ) { - mpi_free( &ctx->Vi ); mpi_free( &ctx->Vf ); - mpi_free( &ctx->RQ ); mpi_free( &ctx->RP ); mpi_free( &ctx->RN ); - mpi_free( &ctx->QP ); mpi_free( &ctx->DQ ); mpi_free( &ctx->DP ); - mpi_free( &ctx->Q ); mpi_free( &ctx->P ); mpi_free( &ctx->D ); - mpi_free( &ctx->E ); mpi_free( &ctx->N ); - -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_free( &ctx->mutex ); + mbedtls_mpi_free( &ctx->Vi ); mbedtls_mpi_free( &ctx->Vf ); + mbedtls_mpi_free( &ctx->RQ ); mbedtls_mpi_free( &ctx->RP ); mbedtls_mpi_free( &ctx->RN ); + mbedtls_mpi_free( &ctx->QP ); mbedtls_mpi_free( &ctx->DQ ); mbedtls_mpi_free( &ctx->DP ); + mbedtls_mpi_free( &ctx->Q ); mbedtls_mpi_free( &ctx->P ); mbedtls_mpi_free( &ctx->D ); + mbedtls_mpi_free( &ctx->E ); mbedtls_mpi_free( &ctx->N ); + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_free( &ctx->mutex ); #endif } -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) -#include "polarssl/sha1.h" +#include "mbedtls/sha1.h" /* * Example RSA-1024 keypair, for test purposes @@ -1539,7 +1545,7 @@ void rsa_free( rsa_context *ctx ) #define RSA_PT "\xAA\xBB\xCC\x03\x02\x01\x00\xFF\xFF\xFF\xFF\xFF" \ "\x11\x22\x33\x0A\x0B\x0C\xCC\xDD\xDD\xDD\xDD\xDD" -#if defined(POLARSSL_PKCS1_V15) +#if defined(MBEDTLS_PKCS1_V15) static int myrand( void *rng_state, unsigned char *output, size_t len ) { #if !defined(__OpenBSD__) @@ -1559,71 +1565,71 @@ static int myrand( void *rng_state, unsigned char *output, size_t len ) return( 0 ); } -#endif /* POLARSSL_PKCS1_V15 */ +#endif /* MBEDTLS_PKCS1_V15 */ /* * Checkup routine */ -int rsa_self_test( int verbose ) +int mbedtls_rsa_self_test( int verbose ) { int ret = 0; -#if defined(POLARSSL_PKCS1_V15) +#if defined(MBEDTLS_PKCS1_V15) size_t len; - rsa_context rsa; + mbedtls_rsa_context rsa; unsigned char rsa_plaintext[PT_LEN]; unsigned char rsa_decrypted[PT_LEN]; unsigned char rsa_ciphertext[KEY_LEN]; -#if defined(POLARSSL_SHA1_C) +#if defined(MBEDTLS_SHA1_C) unsigned char sha1sum[20]; #endif - rsa_init( &rsa, RSA_PKCS_V15, 0 ); + mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); rsa.len = KEY_LEN; - MPI_CHK( mpi_read_string( &rsa.N , 16, RSA_N ) ); - MPI_CHK( mpi_read_string( &rsa.E , 16, RSA_E ) ); - MPI_CHK( mpi_read_string( &rsa.D , 16, RSA_D ) ); - MPI_CHK( mpi_read_string( &rsa.P , 16, RSA_P ) ); - MPI_CHK( mpi_read_string( &rsa.Q , 16, RSA_Q ) ); - MPI_CHK( mpi_read_string( &rsa.DP, 16, RSA_DP ) ); - MPI_CHK( mpi_read_string( &rsa.DQ, 16, RSA_DQ ) ); - MPI_CHK( mpi_read_string( &rsa.QP, 16, RSA_QP ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &rsa.N , 16, RSA_N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &rsa.E , 16, RSA_E ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &rsa.D , 16, RSA_D ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &rsa.P , 16, RSA_P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &rsa.Q , 16, RSA_Q ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &rsa.DP, 16, RSA_DP ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &rsa.DQ, 16, RSA_DQ ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &rsa.QP, 16, RSA_QP ) ); if( verbose != 0 ) - polarssl_printf( " RSA key validation: " ); + mbedtls_printf( " RSA key validation: " ); - if( rsa_check_pubkey( &rsa ) != 0 || - rsa_check_privkey( &rsa ) != 0 ) + if( mbedtls_rsa_check_pubkey( &rsa ) != 0 || + mbedtls_rsa_check_privkey( &rsa ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) - polarssl_printf( "passed\n PKCS#1 encryption : " ); + mbedtls_printf( "passed\n PKCS#1 encryption : " ); memcpy( rsa_plaintext, RSA_PT, PT_LEN ); - if( rsa_pkcs1_encrypt( &rsa, myrand, NULL, RSA_PUBLIC, PT_LEN, + if( mbedtls_rsa_pkcs1_encrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PUBLIC, PT_LEN, rsa_plaintext, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) - polarssl_printf( "passed\n PKCS#1 decryption : " ); + mbedtls_printf( "passed\n PKCS#1 decryption : " ); - if( rsa_pkcs1_decrypt( &rsa, myrand, NULL, RSA_PRIVATE, &len, + if( mbedtls_rsa_pkcs1_decrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PRIVATE, &len, rsa_ciphertext, rsa_decrypted, sizeof(rsa_decrypted) ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } @@ -1631,50 +1637,50 @@ int rsa_self_test( int verbose ) if( memcmp( rsa_decrypted, rsa_plaintext, len ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } -#if defined(POLARSSL_SHA1_C) +#if defined(MBEDTLS_SHA1_C) if( verbose != 0 ) - polarssl_printf( "passed\n PKCS#1 data sign : " ); + mbedtls_printf( "passed\n PKCS#1 data sign : " ); - sha1( rsa_plaintext, PT_LEN, sha1sum ); + mbedtls_sha1( rsa_plaintext, PT_LEN, sha1sum ); - if( rsa_pkcs1_sign( &rsa, myrand, NULL, RSA_PRIVATE, POLARSSL_MD_SHA1, 0, + if( mbedtls_rsa_pkcs1_sign( &rsa, myrand, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0, sha1sum, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) - polarssl_printf( "passed\n PKCS#1 sig. verify: " ); + mbedtls_printf( "passed\n PKCS#1 sig. verify: " ); - if( rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC, POLARSSL_MD_SHA1, 0, + if( mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, sha1sum, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) - polarssl_printf( "passed\n\n" ); -#endif /* POLARSSL_SHA1_C */ + mbedtls_printf( "passed\n\n" ); +#endif /* MBEDTLS_SHA1_C */ cleanup: - rsa_free( &rsa ); -#else /* POLARSSL_PKCS1_V15 */ + mbedtls_rsa_free( &rsa ); +#else /* MBEDTLS_PKCS1_V15 */ ((void) verbose); -#endif /* POLARSSL_PKCS1_V15 */ +#endif /* MBEDTLS_PKCS1_V15 */ return( ret ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_RSA_C */ +#endif /* MBEDTLS_RSA_C */ diff --git a/ext/mbedtls/library/sha1.c b/ext/mbedtls/library/sha1.c index fca6109bbc..7ca83508c6 100644 --- a/ext/mbedtls/library/sha1.c +++ b/ext/mbedtls/library/sha1.c @@ -25,37 +25,33 @@ * http://www.itl.nist.gov/fipspubs/fip180-1.htm */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_SHA1_C) +#if defined(MBEDTLS_SHA1_C) -#include "polarssl/sha1.h" +#include "mbedtls/sha1.h" #include -#if defined(POLARSSL_FS_IO) -#include -#endif - -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -#if !defined(POLARSSL_SHA1_ALT) +#if !defined(MBEDTLS_SHA1_ALT) /* * 32-bit integer manipulation macros (big endian) @@ -80,23 +76,29 @@ static void polarssl_zeroize( void *v, size_t n ) { } #endif -void sha1_init( sha1_context *ctx ) +void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) { - memset( ctx, 0, sizeof( sha1_context ) ); + memset( ctx, 0, sizeof( mbedtls_sha1_context ) ); } -void sha1_free( sha1_context *ctx ) +void mbedtls_sha1_free( mbedtls_sha1_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( sha1_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_context ) ); +} + +void mbedtls_sha1_clone( mbedtls_sha1_context *dst, + const mbedtls_sha1_context *src ) +{ + *dst = *src; } /* * SHA-1 context setup */ -void sha1_starts( sha1_context *ctx ) +void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -108,7 +110,8 @@ void sha1_starts( sha1_context *ctx ) ctx->state[4] = 0xC3D2E1F0; } -void sha1_process( sha1_context *ctx, const unsigned char data[64] ) +#if !defined(MBEDTLS_SHA1_PROCESS_ALT) +void mbedtls_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] ) { uint32_t temp, W[16], A, B, C, D, E; @@ -263,11 +266,12 @@ void sha1_process( sha1_context *ctx, const unsigned char data[64] ) ctx->state[3] += D; ctx->state[4] += E; } +#endif /* !MBEDTLS_SHA1_PROCESS_ALT */ /* * SHA-1 process buffer */ -void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen ) +void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen ) { size_t fill; uint32_t left; @@ -287,7 +291,7 @@ void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen ) if( left && ilen >= fill ) { memcpy( (void *) (ctx->buffer + left), input, fill ); - sha1_process( ctx, ctx->buffer ); + mbedtls_sha1_process( ctx, ctx->buffer ); input += fill; ilen -= fill; left = 0; @@ -295,7 +299,7 @@ void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen ) while( ilen >= 64 ) { - sha1_process( ctx, input ); + mbedtls_sha1_process( ctx, input ); input += 64; ilen -= 64; } @@ -315,7 +319,7 @@ static const unsigned char sha1_padding[64] = /* * SHA-1 final digest */ -void sha1_finish( sha1_context *ctx, unsigned char output[20] ) +void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] ) { uint32_t last, padn; uint32_t high, low; @@ -331,8 +335,8 @@ void sha1_finish( sha1_context *ctx, unsigned char output[20] ) last = ctx->total[0] & 0x3F; padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - sha1_update( ctx, sha1_padding, padn ); - sha1_update( ctx, msglen, 8 ); + mbedtls_sha1_update( ctx, sha1_padding, padn ); + mbedtls_sha1_update( ctx, msglen, 8 ); PUT_UINT32_BE( ctx->state[0], output, 0 ); PUT_UINT32_BE( ctx->state[1], output, 4 ); @@ -341,138 +345,23 @@ void sha1_finish( sha1_context *ctx, unsigned char output[20] ) PUT_UINT32_BE( ctx->state[4], output, 16 ); } -#endif /* !POLARSSL_SHA1_ALT */ +#endif /* !MBEDTLS_SHA1_ALT */ /* * output = SHA-1( input buffer ) */ -void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ) +void mbedtls_sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ) { - sha1_context ctx; + mbedtls_sha1_context ctx; - sha1_init( &ctx ); - sha1_starts( &ctx ); - sha1_update( &ctx, input, ilen ); - sha1_finish( &ctx, output ); - sha1_free( &ctx ); + mbedtls_sha1_init( &ctx ); + mbedtls_sha1_starts( &ctx ); + mbedtls_sha1_update( &ctx, input, ilen ); + mbedtls_sha1_finish( &ctx, output ); + mbedtls_sha1_free( &ctx ); } -#if defined(POLARSSL_FS_IO) -/* - * output = SHA-1( file contents ) - */ -int sha1_file( const char *path, unsigned char output[20] ) -{ - FILE *f; - size_t n; - sha1_context ctx; - unsigned char buf[1024]; - - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( POLARSSL_ERR_SHA1_FILE_IO_ERROR ); - - sha1_init( &ctx ); - sha1_starts( &ctx ); - - while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - sha1_update( &ctx, buf, n ); - - sha1_finish( &ctx, output ); - sha1_free( &ctx ); - - if( ferror( f ) != 0 ) - { - fclose( f ); - return( POLARSSL_ERR_SHA1_FILE_IO_ERROR ); - } - - fclose( f ); - return( 0 ); -} -#endif /* POLARSSL_FS_IO */ - -/* - * SHA-1 HMAC context setup - */ -void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, - size_t keylen ) -{ - size_t i; - unsigned char sum[20]; - - if( keylen > 64 ) - { - sha1( key, keylen, sum ); - keylen = 20; - key = sum; - } - - memset( ctx->ipad, 0x36, 64 ); - memset( ctx->opad, 0x5C, 64 ); - - for( i = 0; i < keylen; i++ ) - { - ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); - ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); - } - - sha1_starts( ctx ); - sha1_update( ctx, ctx->ipad, 64 ); - - polarssl_zeroize( sum, sizeof( sum ) ); -} - -/* - * SHA-1 HMAC process buffer - */ -void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, - size_t ilen ) -{ - sha1_update( ctx, input, ilen ); -} - -/* - * SHA-1 HMAC final digest - */ -void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] ) -{ - unsigned char tmpbuf[20]; - - sha1_finish( ctx, tmpbuf ); - sha1_starts( ctx ); - sha1_update( ctx, ctx->opad, 64 ); - sha1_update( ctx, tmpbuf, 20 ); - sha1_finish( ctx, output ); - - polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) ); -} - -/* - * SHA1 HMAC context reset - */ -void sha1_hmac_reset( sha1_context *ctx ) -{ - sha1_starts( ctx ); - sha1_update( ctx, ctx->ipad, 64 ); -} - -/* - * output = HMAC-SHA-1( hmac key, input buffer ) - */ -void sha1_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[20] ) -{ - sha1_context ctx; - - sha1_init( &ctx ); - sha1_hmac_starts( &ctx, key, keylen ); - sha1_hmac_update( &ctx, input, ilen ); - sha1_hmac_finish( &ctx, output ); - sha1_free( &ctx ); -} - -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * FIPS-180-1 test vectors */ @@ -498,83 +387,17 @@ static const unsigned char sha1_test_sum[3][20] = 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F } }; -/* - * RFC 2202 test vectors - */ -static const unsigned char sha1_hmac_test_key[7][26] = -{ - { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" - "\x0B\x0B\x0B\x0B" }, - { "Jefe" }, - { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" - "\xAA\xAA\xAA\xAA" }, - { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10" - "\x11\x12\x13\x14\x15\x16\x17\x18\x19" }, - { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" - "\x0C\x0C\x0C\x0C" }, - { "" }, /* 0xAA 80 times */ - { "" } -}; - -static const int sha1_hmac_test_keylen[7] = -{ - 20, 4, 20, 25, 20, 80, 80 -}; - -static const unsigned char sha1_hmac_test_buf[7][74] = -{ - { "Hi There" }, - { "what do ya want for nothing?" }, - { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" }, - { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" }, - { "Test With Truncation" }, - { "Test Using Larger Than Block-Size Key - Hash Key First" }, - { "Test Using Larger Than Block-Size Key and Larger" - " Than One Block-Size Data" } -}; - -static const int sha1_hmac_test_buflen[7] = -{ - 8, 28, 50, 50, 20, 54, 73 -}; - -static const unsigned char sha1_hmac_test_sum[7][20] = -{ - { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B, - 0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 }, - { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74, - 0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 }, - { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3, - 0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 }, - { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84, - 0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA }, - { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2, - 0x7B, 0xE1 }, - { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70, - 0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 }, - { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B, - 0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 } -}; - /* * Checkup routine */ -int sha1_self_test( int verbose ) +int mbedtls_sha1_self_test( int verbose ) { int i, j, buflen, ret = 0; unsigned char buf[1024]; unsigned char sha1sum[20]; - sha1_context ctx; + mbedtls_sha1_context ctx; - sha1_init( &ctx ); + mbedtls_sha1_init( &ctx ); /* * SHA-1 @@ -582,82 +405,45 @@ int sha1_self_test( int verbose ) for( i = 0; i < 3; i++ ) { if( verbose != 0 ) - polarssl_printf( " SHA-1 test #%d: ", i + 1 ); + mbedtls_printf( " SHA-1 test #%d: ", i + 1 ); - sha1_starts( &ctx ); + mbedtls_sha1_starts( &ctx ); if( i == 2 ) { memset( buf, 'a', buflen = 1000 ); for( j = 0; j < 1000; j++ ) - sha1_update( &ctx, buf, buflen ); + mbedtls_sha1_update( &ctx, buf, buflen ); } else - sha1_update( &ctx, sha1_test_buf[i], + mbedtls_sha1_update( &ctx, sha1_test_buf[i], sha1_test_buflen[i] ); - sha1_finish( &ctx, sha1sum ); + mbedtls_sha1_finish( &ctx, sha1sum ); if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); - - ret = 1; - goto exit; - } - - if( verbose != 0 ) - polarssl_printf( "passed\n" ); - } - - if( verbose != 0 ) - polarssl_printf( "\n" ); - - for( i = 0; i < 7; i++ ) - { - if( verbose != 0 ) - polarssl_printf( " HMAC-SHA-1 test #%d: ", i + 1 ); - - if( i == 5 || i == 6 ) - { - memset( buf, 0xAA, buflen = 80 ); - sha1_hmac_starts( &ctx, buf, buflen ); - } - else - sha1_hmac_starts( &ctx, sha1_hmac_test_key[i], - sha1_hmac_test_keylen[i] ); - - sha1_hmac_update( &ctx, sha1_hmac_test_buf[i], - sha1_hmac_test_buflen[i] ); - - sha1_hmac_finish( &ctx, sha1sum ); - - buflen = ( i == 4 ) ? 12 : 20; - - if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 ) - { - if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); exit: - sha1_free( &ctx ); + mbedtls_sha1_free( &ctx ); return( ret ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_SHA1_C */ +#endif /* MBEDTLS_SHA1_C */ diff --git a/ext/mbedtls/library/sha256.c b/ext/mbedtls/library/sha256.c index 2b4b7e1328..4b393d05f8 100644 --- a/ext/mbedtls/library/sha256.c +++ b/ext/mbedtls/library/sha256.c @@ -25,78 +25,80 @@ * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_SHA256_C) +#if defined(MBEDTLS_SHA256_C) -#include "polarssl/sha256.h" +#include "mbedtls/sha256.h" #include -#if defined(POLARSSL_FS_IO) -#include -#endif - -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -#if !defined(POLARSSL_SHA256_ALT) +#if !defined(MBEDTLS_SHA256_ALT) /* * 32-bit integer manipulation macros (big endian) */ #ifndef GET_UINT32_BE #define GET_UINT32_BE(n,b,i) \ -{ \ +do { \ (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ | ( (uint32_t) (b)[(i) + 1] << 16 ) \ | ( (uint32_t) (b)[(i) + 2] << 8 ) \ | ( (uint32_t) (b)[(i) + 3] ); \ -} +} while( 0 ) #endif #ifndef PUT_UINT32_BE #define PUT_UINT32_BE(n,b,i) \ -{ \ +do { \ (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} +} while( 0 ) #endif -void sha256_init( sha256_context *ctx ) +void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) { - memset( ctx, 0, sizeof( sha256_context ) ); + memset( ctx, 0, sizeof( mbedtls_sha256_context ) ); } -void sha256_free( sha256_context *ctx ) +void mbedtls_sha256_free( mbedtls_sha256_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( sha256_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) ); +} + +void mbedtls_sha256_clone( mbedtls_sha256_context *dst, + const mbedtls_sha256_context *src ) +{ + *dst = *src; } /* * SHA-256 context setup */ -void sha256_starts( sha256_context *ctx, int is224 ) +void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -129,27 +131,26 @@ void sha256_starts( sha256_context *ctx, int is224 ) ctx->is224 = is224; } -void sha256_process( sha256_context *ctx, const unsigned char data[64] ) +#if !defined(MBEDTLS_SHA256_PROCESS_ALT) +static const uint32_t K[] = { - uint32_t temp1, temp2, W[64]; - uint32_t A, B, C, D, E, F, G, H; - - GET_UINT32_BE( W[ 0], data, 0 ); - GET_UINT32_BE( W[ 1], data, 4 ); - GET_UINT32_BE( W[ 2], data, 8 ); - GET_UINT32_BE( W[ 3], data, 12 ); - GET_UINT32_BE( W[ 4], data, 16 ); - GET_UINT32_BE( W[ 5], data, 20 ); - GET_UINT32_BE( W[ 6], data, 24 ); - GET_UINT32_BE( W[ 7], data, 28 ); - GET_UINT32_BE( W[ 8], data, 32 ); - GET_UINT32_BE( W[ 9], data, 36 ); - GET_UINT32_BE( W[10], data, 40 ); - GET_UINT32_BE( W[11], data, 44 ); - GET_UINT32_BE( W[12], data, 48 ); - GET_UINT32_BE( W[13], data, 52 ); - GET_UINT32_BE( W[14], data, 56 ); - GET_UINT32_BE( W[15], data, 60 ); + 0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5, + 0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5, + 0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3, + 0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174, + 0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC, + 0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA, + 0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7, + 0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967, + 0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13, + 0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85, + 0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3, + 0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070, + 0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5, + 0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3, + 0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208, + 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2, +}; #define SHR(x,n) ((x & 0xFFFFFFFF) >> n) #define ROTR(x,n) (SHR(x,n) | (x << (32 - n))) @@ -176,94 +177,66 @@ void sha256_process( sha256_context *ctx, const unsigned char data[64] ) d += temp1; h = temp1 + temp2; \ } - A = ctx->state[0]; - B = ctx->state[1]; - C = ctx->state[2]; - D = ctx->state[3]; - E = ctx->state[4]; - F = ctx->state[5]; - G = ctx->state[6]; - H = ctx->state[7]; - - P( A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98 ); - P( H, A, B, C, D, E, F, G, W[ 1], 0x71374491 ); - P( G, H, A, B, C, D, E, F, W[ 2], 0xB5C0FBCF ); - P( F, G, H, A, B, C, D, E, W[ 3], 0xE9B5DBA5 ); - P( E, F, G, H, A, B, C, D, W[ 4], 0x3956C25B ); - P( D, E, F, G, H, A, B, C, W[ 5], 0x59F111F1 ); - P( C, D, E, F, G, H, A, B, W[ 6], 0x923F82A4 ); - P( B, C, D, E, F, G, H, A, W[ 7], 0xAB1C5ED5 ); - P( A, B, C, D, E, F, G, H, W[ 8], 0xD807AA98 ); - P( H, A, B, C, D, E, F, G, W[ 9], 0x12835B01 ); - P( G, H, A, B, C, D, E, F, W[10], 0x243185BE ); - P( F, G, H, A, B, C, D, E, W[11], 0x550C7DC3 ); - P( E, F, G, H, A, B, C, D, W[12], 0x72BE5D74 ); - P( D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE ); - P( C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7 ); - P( B, C, D, E, F, G, H, A, W[15], 0xC19BF174 ); - P( A, B, C, D, E, F, G, H, R(16), 0xE49B69C1 ); - P( H, A, B, C, D, E, F, G, R(17), 0xEFBE4786 ); - P( G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6 ); - P( F, G, H, A, B, C, D, E, R(19), 0x240CA1CC ); - P( E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F ); - P( D, E, F, G, H, A, B, C, R(21), 0x4A7484AA ); - P( C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC ); - P( B, C, D, E, F, G, H, A, R(23), 0x76F988DA ); - P( A, B, C, D, E, F, G, H, R(24), 0x983E5152 ); - P( H, A, B, C, D, E, F, G, R(25), 0xA831C66D ); - P( G, H, A, B, C, D, E, F, R(26), 0xB00327C8 ); - P( F, G, H, A, B, C, D, E, R(27), 0xBF597FC7 ); - P( E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3 ); - P( D, E, F, G, H, A, B, C, R(29), 0xD5A79147 ); - P( C, D, E, F, G, H, A, B, R(30), 0x06CA6351 ); - P( B, C, D, E, F, G, H, A, R(31), 0x14292967 ); - P( A, B, C, D, E, F, G, H, R(32), 0x27B70A85 ); - P( H, A, B, C, D, E, F, G, R(33), 0x2E1B2138 ); - P( G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC ); - P( F, G, H, A, B, C, D, E, R(35), 0x53380D13 ); - P( E, F, G, H, A, B, C, D, R(36), 0x650A7354 ); - P( D, E, F, G, H, A, B, C, R(37), 0x766A0ABB ); - P( C, D, E, F, G, H, A, B, R(38), 0x81C2C92E ); - P( B, C, D, E, F, G, H, A, R(39), 0x92722C85 ); - P( A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1 ); - P( H, A, B, C, D, E, F, G, R(41), 0xA81A664B ); - P( G, H, A, B, C, D, E, F, R(42), 0xC24B8B70 ); - P( F, G, H, A, B, C, D, E, R(43), 0xC76C51A3 ); - P( E, F, G, H, A, B, C, D, R(44), 0xD192E819 ); - P( D, E, F, G, H, A, B, C, R(45), 0xD6990624 ); - P( C, D, E, F, G, H, A, B, R(46), 0xF40E3585 ); - P( B, C, D, E, F, G, H, A, R(47), 0x106AA070 ); - P( A, B, C, D, E, F, G, H, R(48), 0x19A4C116 ); - P( H, A, B, C, D, E, F, G, R(49), 0x1E376C08 ); - P( G, H, A, B, C, D, E, F, R(50), 0x2748774C ); - P( F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5 ); - P( E, F, G, H, A, B, C, D, R(52), 0x391C0CB3 ); - P( D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A ); - P( C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F ); - P( B, C, D, E, F, G, H, A, R(55), 0x682E6FF3 ); - P( A, B, C, D, E, F, G, H, R(56), 0x748F82EE ); - P( H, A, B, C, D, E, F, G, R(57), 0x78A5636F ); - P( G, H, A, B, C, D, E, F, R(58), 0x84C87814 ); - P( F, G, H, A, B, C, D, E, R(59), 0x8CC70208 ); - P( E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA ); - P( D, E, F, G, H, A, B, C, R(61), 0xA4506CEB ); - P( C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7 ); - P( B, C, D, E, F, G, H, A, R(63), 0xC67178F2 ); - - ctx->state[0] += A; - ctx->state[1] += B; - ctx->state[2] += C; - ctx->state[3] += D; - ctx->state[4] += E; - ctx->state[5] += F; - ctx->state[6] += G; - ctx->state[7] += H; +void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ) +{ + uint32_t temp1, temp2, W[64]; + uint32_t A[8]; + unsigned int i; + + for( i = 0; i < 8; i++ ) + A[i] = ctx->state[i]; + +#if defined(MBEDTLS_SHA256_SMALLER) + for( i = 0; i < 64; i++ ) + { + if( i < 16 ) + GET_UINT32_BE( W[i], data, 4 * i ); + else + R( i ); + + P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] ); + + temp1 = A[7]; A[7] = A[6]; A[6] = A[5]; A[5] = A[4]; A[4] = A[3]; + A[3] = A[2]; A[2] = A[1]; A[1] = A[0]; A[0] = temp1; + } +#else /* MBEDTLS_SHA256_SMALLER */ + for( i = 0; i < 16; i++ ) + GET_UINT32_BE( W[i], data, 4 * i ); + + for( i = 0; i < 16; i += 8 ) + { + P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i+0], K[i+0] ); + P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], W[i+1], K[i+1] ); + P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], W[i+2], K[i+2] ); + P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], W[i+3], K[i+3] ); + P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], W[i+4], K[i+4] ); + P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], W[i+5], K[i+5] ); + P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], W[i+6], K[i+6] ); + P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], W[i+7], K[i+7] ); + } + + for( i = 16; i < 64; i += 8 ) + { + P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], R(i+0), K[i+0] ); + P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], R(i+1), K[i+1] ); + P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], R(i+2), K[i+2] ); + P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], R(i+3), K[i+3] ); + P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], R(i+4), K[i+4] ); + P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], R(i+5), K[i+5] ); + P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], R(i+6), K[i+6] ); + P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], R(i+7), K[i+7] ); + } +#endif /* MBEDTLS_SHA256_SMALLER */ + + for( i = 0; i < 8; i++ ) + ctx->state[i] += A[i]; } +#endif /* !MBEDTLS_SHA256_PROCESS_ALT */ /* * SHA-256 process buffer */ -void sha256_update( sha256_context *ctx, const unsigned char *input, +void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen ) { size_t fill; @@ -284,7 +257,7 @@ void sha256_update( sha256_context *ctx, const unsigned char *input, if( left && ilen >= fill ) { memcpy( (void *) (ctx->buffer + left), input, fill ); - sha256_process( ctx, ctx->buffer ); + mbedtls_sha256_process( ctx, ctx->buffer ); input += fill; ilen -= fill; left = 0; @@ -292,7 +265,7 @@ void sha256_update( sha256_context *ctx, const unsigned char *input, while( ilen >= 64 ) { - sha256_process( ctx, input ); + mbedtls_sha256_process( ctx, input ); input += 64; ilen -= 64; } @@ -312,7 +285,7 @@ static const unsigned char sha256_padding[64] = /* * SHA-256 final digest */ -void sha256_finish( sha256_context *ctx, unsigned char output[32] ) +void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] ) { uint32_t last, padn; uint32_t high, low; @@ -328,8 +301,8 @@ void sha256_finish( sha256_context *ctx, unsigned char output[32] ) last = ctx->total[0] & 0x3F; padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); - sha256_update( ctx, sha256_padding, padn ); - sha256_update( ctx, msglen, 8 ); + mbedtls_sha256_update( ctx, sha256_padding, padn ); + mbedtls_sha256_update( ctx, msglen, 8 ); PUT_UINT32_BE( ctx->state[0], output, 0 ); PUT_UINT32_BE( ctx->state[1], output, 4 ); @@ -343,143 +316,24 @@ void sha256_finish( sha256_context *ctx, unsigned char output[32] ) PUT_UINT32_BE( ctx->state[7], output, 28 ); } -#endif /* !POLARSSL_SHA256_ALT */ +#endif /* !MBEDTLS_SHA256_ALT */ /* * output = SHA-256( input buffer ) */ -void sha256( const unsigned char *input, size_t ilen, +void mbedtls_sha256( const unsigned char *input, size_t ilen, unsigned char output[32], int is224 ) { - sha256_context ctx; - - sha256_init( &ctx ); - sha256_starts( &ctx, is224 ); - sha256_update( &ctx, input, ilen ); - sha256_finish( &ctx, output ); - sha256_free( &ctx ); -} - -#if defined(POLARSSL_FS_IO) -/* - * output = SHA-256( file contents ) - */ -int sha256_file( const char *path, unsigned char output[32], int is224 ) -{ - FILE *f; - size_t n; - sha256_context ctx; - unsigned char buf[1024]; - - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( POLARSSL_ERR_SHA256_FILE_IO_ERROR ); - - sha256_init( &ctx ); - sha256_starts( &ctx, is224 ); - - while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - sha256_update( &ctx, buf, n ); - - sha256_finish( &ctx, output ); - sha256_free( &ctx ); - - if( ferror( f ) != 0 ) - { - fclose( f ); - return( POLARSSL_ERR_SHA256_FILE_IO_ERROR ); - } - - fclose( f ); - return( 0 ); -} -#endif /* POLARSSL_FS_IO */ - -/* - * SHA-256 HMAC context setup - */ -void sha256_hmac_starts( sha256_context *ctx, const unsigned char *key, - size_t keylen, int is224 ) -{ - size_t i; - unsigned char sum[32]; - - if( keylen > 64 ) - { - sha256( key, keylen, sum, is224 ); - keylen = ( is224 ) ? 28 : 32; - key = sum; - } - - memset( ctx->ipad, 0x36, 64 ); - memset( ctx->opad, 0x5C, 64 ); - - for( i = 0; i < keylen; i++ ) - { - ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); - ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); - } - - sha256_starts( ctx, is224 ); - sha256_update( ctx, ctx->ipad, 64 ); - - polarssl_zeroize( sum, sizeof( sum ) ); -} - -/* - * SHA-256 HMAC process buffer - */ -void sha256_hmac_update( sha256_context *ctx, const unsigned char *input, - size_t ilen ) -{ - sha256_update( ctx, input, ilen ); -} - -/* - * SHA-256 HMAC final digest - */ -void sha256_hmac_finish( sha256_context *ctx, unsigned char output[32] ) -{ - int is224, hlen; - unsigned char tmpbuf[32]; - - is224 = ctx->is224; - hlen = ( is224 == 0 ) ? 32 : 28; - - sha256_finish( ctx, tmpbuf ); - sha256_starts( ctx, is224 ); - sha256_update( ctx, ctx->opad, 64 ); - sha256_update( ctx, tmpbuf, hlen ); - sha256_finish( ctx, output ); - - polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) ); -} - -/* - * SHA-256 HMAC context reset - */ -void sha256_hmac_reset( sha256_context *ctx ) -{ - sha256_starts( ctx, ctx->is224 ); - sha256_update( ctx, ctx->ipad, 64 ); -} - -/* - * output = HMAC-SHA-256( hmac key, input buffer ) - */ -void sha256_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[32], int is224 ) -{ - sha256_context ctx; + mbedtls_sha256_context ctx; - sha256_init( &ctx ); - sha256_hmac_starts( &ctx, key, keylen, is224 ); - sha256_hmac_update( &ctx, input, ilen ); - sha256_hmac_finish( &ctx, output ); - sha256_free( &ctx ); + mbedtls_sha256_init( &ctx ); + mbedtls_sha256_starts( &ctx, is224 ); + mbedtls_sha256_update( &ctx, input, ilen ); + mbedtls_sha256_finish( &ctx, output ); + mbedtls_sha256_free( &ctx ); } -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * FIPS-180-2 test vectors */ @@ -530,129 +384,17 @@ static const unsigned char sha256_test_sum[6][32] = 0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 } }; -/* - * RFC 4231 test vectors - */ -static const unsigned char sha256_hmac_test_key[7][26] = -{ - { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" - "\x0B\x0B\x0B\x0B" }, - { "Jefe" }, - { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" - "\xAA\xAA\xAA\xAA" }, - { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10" - "\x11\x12\x13\x14\x15\x16\x17\x18\x19" }, - { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" - "\x0C\x0C\x0C\x0C" }, - { "" }, /* 0xAA 131 times */ - { "" } -}; - -static const int sha256_hmac_test_keylen[7] = -{ - 20, 4, 20, 25, 20, 131, 131 -}; - -static const unsigned char sha256_hmac_test_buf[7][153] = -{ - { "Hi There" }, - { "what do ya want for nothing?" }, - { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" }, - { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" }, - { "Test With Truncation" }, - { "Test Using Larger Than Block-Size Key - Hash Key First" }, - { "This is a test using a larger than block-size key " - "and a larger than block-size data. The key needs to " - "be hashed before being used by the HMAC algorithm." } -}; - -static const int sha256_hmac_test_buflen[7] = -{ - 8, 28, 50, 50, 20, 54, 152 -}; - -static const unsigned char sha256_hmac_test_sum[14][32] = -{ - /* - * HMAC-SHA-224 test vectors - */ - { 0x89, 0x6F, 0xB1, 0x12, 0x8A, 0xBB, 0xDF, 0x19, - 0x68, 0x32, 0x10, 0x7C, 0xD4, 0x9D, 0xF3, 0x3F, - 0x47, 0xB4, 0xB1, 0x16, 0x99, 0x12, 0xBA, 0x4F, - 0x53, 0x68, 0x4B, 0x22 }, - { 0xA3, 0x0E, 0x01, 0x09, 0x8B, 0xC6, 0xDB, 0xBF, - 0x45, 0x69, 0x0F, 0x3A, 0x7E, 0x9E, 0x6D, 0x0F, - 0x8B, 0xBE, 0xA2, 0xA3, 0x9E, 0x61, 0x48, 0x00, - 0x8F, 0xD0, 0x5E, 0x44 }, - { 0x7F, 0xB3, 0xCB, 0x35, 0x88, 0xC6, 0xC1, 0xF6, - 0xFF, 0xA9, 0x69, 0x4D, 0x7D, 0x6A, 0xD2, 0x64, - 0x93, 0x65, 0xB0, 0xC1, 0xF6, 0x5D, 0x69, 0xD1, - 0xEC, 0x83, 0x33, 0xEA }, - { 0x6C, 0x11, 0x50, 0x68, 0x74, 0x01, 0x3C, 0xAC, - 0x6A, 0x2A, 0xBC, 0x1B, 0xB3, 0x82, 0x62, 0x7C, - 0xEC, 0x6A, 0x90, 0xD8, 0x6E, 0xFC, 0x01, 0x2D, - 0xE7, 0xAF, 0xEC, 0x5A }, - { 0x0E, 0x2A, 0xEA, 0x68, 0xA9, 0x0C, 0x8D, 0x37, - 0xC9, 0x88, 0xBC, 0xDB, 0x9F, 0xCA, 0x6F, 0xA8 }, - { 0x95, 0xE9, 0xA0, 0xDB, 0x96, 0x20, 0x95, 0xAD, - 0xAE, 0xBE, 0x9B, 0x2D, 0x6F, 0x0D, 0xBC, 0xE2, - 0xD4, 0x99, 0xF1, 0x12, 0xF2, 0xD2, 0xB7, 0x27, - 0x3F, 0xA6, 0x87, 0x0E }, - { 0x3A, 0x85, 0x41, 0x66, 0xAC, 0x5D, 0x9F, 0x02, - 0x3F, 0x54, 0xD5, 0x17, 0xD0, 0xB3, 0x9D, 0xBD, - 0x94, 0x67, 0x70, 0xDB, 0x9C, 0x2B, 0x95, 0xC9, - 0xF6, 0xF5, 0x65, 0xD1 }, - - /* - * HMAC-SHA-256 test vectors - */ - { 0xB0, 0x34, 0x4C, 0x61, 0xD8, 0xDB, 0x38, 0x53, - 0x5C, 0xA8, 0xAF, 0xCE, 0xAF, 0x0B, 0xF1, 0x2B, - 0x88, 0x1D, 0xC2, 0x00, 0xC9, 0x83, 0x3D, 0xA7, - 0x26, 0xE9, 0x37, 0x6C, 0x2E, 0x32, 0xCF, 0xF7 }, - { 0x5B, 0xDC, 0xC1, 0x46, 0xBF, 0x60, 0x75, 0x4E, - 0x6A, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xC7, - 0x5A, 0x00, 0x3F, 0x08, 0x9D, 0x27, 0x39, 0x83, - 0x9D, 0xEC, 0x58, 0xB9, 0x64, 0xEC, 0x38, 0x43 }, - { 0x77, 0x3E, 0xA9, 0x1E, 0x36, 0x80, 0x0E, 0x46, - 0x85, 0x4D, 0xB8, 0xEB, 0xD0, 0x91, 0x81, 0xA7, - 0x29, 0x59, 0x09, 0x8B, 0x3E, 0xF8, 0xC1, 0x22, - 0xD9, 0x63, 0x55, 0x14, 0xCE, 0xD5, 0x65, 0xFE }, - { 0x82, 0x55, 0x8A, 0x38, 0x9A, 0x44, 0x3C, 0x0E, - 0xA4, 0xCC, 0x81, 0x98, 0x99, 0xF2, 0x08, 0x3A, - 0x85, 0xF0, 0xFA, 0xA3, 0xE5, 0x78, 0xF8, 0x07, - 0x7A, 0x2E, 0x3F, 0xF4, 0x67, 0x29, 0x66, 0x5B }, - { 0xA3, 0xB6, 0x16, 0x74, 0x73, 0x10, 0x0E, 0xE0, - 0x6E, 0x0C, 0x79, 0x6C, 0x29, 0x55, 0x55, 0x2B }, - { 0x60, 0xE4, 0x31, 0x59, 0x1E, 0xE0, 0xB6, 0x7F, - 0x0D, 0x8A, 0x26, 0xAA, 0xCB, 0xF5, 0xB7, 0x7F, - 0x8E, 0x0B, 0xC6, 0x21, 0x37, 0x28, 0xC5, 0x14, - 0x05, 0x46, 0x04, 0x0F, 0x0E, 0xE3, 0x7F, 0x54 }, - { 0x9B, 0x09, 0xFF, 0xA7, 0x1B, 0x94, 0x2F, 0xCB, - 0x27, 0x63, 0x5F, 0xBC, 0xD5, 0xB0, 0xE9, 0x44, - 0xBF, 0xDC, 0x63, 0x64, 0x4F, 0x07, 0x13, 0x93, - 0x8A, 0x7F, 0x51, 0x53, 0x5C, 0x3A, 0x35, 0xE2 } -}; - /* * Checkup routine */ -int sha256_self_test( int verbose ) +int mbedtls_sha256_self_test( int verbose ) { int i, j, k, buflen, ret = 0; unsigned char buf[1024]; unsigned char sha256sum[32]; - sha256_context ctx; + mbedtls_sha256_context ctx; - sha256_init( &ctx ); + mbedtls_sha256_init( &ctx ); for( i = 0; i < 6; i++ ) { @@ -660,85 +402,45 @@ int sha256_self_test( int verbose ) k = i < 3; if( verbose != 0 ) - polarssl_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 ); + mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 ); - sha256_starts( &ctx, k ); + mbedtls_sha256_starts( &ctx, k ); if( j == 2 ) { memset( buf, 'a', buflen = 1000 ); for( j = 0; j < 1000; j++ ) - sha256_update( &ctx, buf, buflen ); + mbedtls_sha256_update( &ctx, buf, buflen ); } else - sha256_update( &ctx, sha256_test_buf[j], + mbedtls_sha256_update( &ctx, sha256_test_buf[j], sha256_test_buflen[j] ); - sha256_finish( &ctx, sha256sum ); + mbedtls_sha256_finish( &ctx, sha256sum ); if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); - - ret = 1; - goto exit; - } - - if( verbose != 0 ) - polarssl_printf( "passed\n" ); - } - - if( verbose != 0 ) - polarssl_printf( "\n" ); - - for( i = 0; i < 14; i++ ) - { - j = i % 7; - k = i < 7; - - if( verbose != 0 ) - polarssl_printf( " HMAC-SHA-%d test #%d: ", 256 - k * 32, j + 1 ); - - if( j == 5 || j == 6 ) - { - memset( buf, 0xAA, buflen = 131 ); - sha256_hmac_starts( &ctx, buf, buflen, k ); - } - else - sha256_hmac_starts( &ctx, sha256_hmac_test_key[j], - sha256_hmac_test_keylen[j], k ); - - sha256_hmac_update( &ctx, sha256_hmac_test_buf[j], - sha256_hmac_test_buflen[j] ); - - sha256_hmac_finish( &ctx, sha256sum ); - - buflen = ( j == 4 ) ? 16 : 32 - k * 4; - - if( memcmp( sha256sum, sha256_hmac_test_sum[i], buflen ) != 0 ) - { - if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); exit: - sha256_free( &ctx ); + mbedtls_sha256_free( &ctx ); return( ret ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_SHA256_C */ +#endif /* MBEDTLS_SHA256_C */ diff --git a/ext/mbedtls/library/sha512.c b/ext/mbedtls/library/sha512.c index 4074d33d95..3daf080897 100644 --- a/ext/mbedtls/library/sha512.c +++ b/ext/mbedtls/library/sha512.c @@ -25,15 +25,15 @@ * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_SHA512_C) +#if defined(MBEDTLS_SHA512_C) -#include "polarssl/sha512.h" +#include "mbedtls/sha512.h" #if defined(_MSC_VER) || defined(__WATCOMC__) #define UL64(x) x##ui64 @@ -43,25 +43,21 @@ #include -#if defined(POLARSSL_FS_IO) -#include -#endif - -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -#if !defined(POLARSSL_SHA512_ALT) +#if !defined(MBEDTLS_SHA512_ALT) /* * 64-bit integer manipulation macros (big endian) @@ -141,23 +137,29 @@ static const uint64_t K[80] = UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817) }; -void sha512_init( sha512_context *ctx ) +void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) { - memset( ctx, 0, sizeof( sha512_context ) ); + memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); } -void sha512_free( sha512_context *ctx ) +void mbedtls_sha512_free( mbedtls_sha512_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( sha512_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_sha512_context ) ); +} + +void mbedtls_sha512_clone( mbedtls_sha512_context *dst, + const mbedtls_sha512_context *src ) +{ + *dst = *src; } /* * SHA-512 context setup */ -void sha512_starts( sha512_context *ctx, int is384 ) +void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -190,7 +192,8 @@ void sha512_starts( sha512_context *ctx, int is384 ) ctx->is384 = is384; } -void sha512_process( sha512_context *ctx, const unsigned char data[128] ) +#if !defined(MBEDTLS_SHA512_PROCESS_ALT) +void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ) { int i; uint64_t temp1, temp2, W[80]; @@ -258,11 +261,12 @@ void sha512_process( sha512_context *ctx, const unsigned char data[128] ) ctx->state[6] += G; ctx->state[7] += H; } +#endif /* !MBEDTLS_SHA512_PROCESS_ALT */ /* * SHA-512 process buffer */ -void sha512_update( sha512_context *ctx, const unsigned char *input, +void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input, size_t ilen ) { size_t fill; @@ -282,7 +286,7 @@ void sha512_update( sha512_context *ctx, const unsigned char *input, if( left && ilen >= fill ) { memcpy( (void *) (ctx->buffer + left), input, fill ); - sha512_process( ctx, ctx->buffer ); + mbedtls_sha512_process( ctx, ctx->buffer ); input += fill; ilen -= fill; left = 0; @@ -290,7 +294,7 @@ void sha512_update( sha512_context *ctx, const unsigned char *input, while( ilen >= 128 ) { - sha512_process( ctx, input ); + mbedtls_sha512_process( ctx, input ); input += 128; ilen -= 128; } @@ -314,7 +318,7 @@ static const unsigned char sha512_padding[128] = /* * SHA-512 final digest */ -void sha512_finish( sha512_context *ctx, unsigned char output[64] ) +void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] ) { size_t last, padn; uint64_t high, low; @@ -330,8 +334,8 @@ void sha512_finish( sha512_context *ctx, unsigned char output[64] ) last = (size_t)( ctx->total[0] & 0x7F ); padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last ); - sha512_update( ctx, sha512_padding, padn ); - sha512_update( ctx, msglen, 16 ); + mbedtls_sha512_update( ctx, sha512_padding, padn ); + mbedtls_sha512_update( ctx, msglen, 16 ); PUT_UINT64_BE( ctx->state[0], output, 0 ); PUT_UINT64_BE( ctx->state[1], output, 8 ); @@ -347,143 +351,24 @@ void sha512_finish( sha512_context *ctx, unsigned char output[64] ) } } -#endif /* !POLARSSL_SHA512_ALT */ +#endif /* !MBEDTLS_SHA512_ALT */ /* * output = SHA-512( input buffer ) */ -void sha512( const unsigned char *input, size_t ilen, +void mbedtls_sha512( const unsigned char *input, size_t ilen, unsigned char output[64], int is384 ) { - sha512_context ctx; - - sha512_init( &ctx ); - sha512_starts( &ctx, is384 ); - sha512_update( &ctx, input, ilen ); - sha512_finish( &ctx, output ); - sha512_free( &ctx ); -} - -#if defined(POLARSSL_FS_IO) -/* - * output = SHA-512( file contents ) - */ -int sha512_file( const char *path, unsigned char output[64], int is384 ) -{ - FILE *f; - size_t n; - sha512_context ctx; - unsigned char buf[1024]; - - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( POLARSSL_ERR_SHA512_FILE_IO_ERROR ); - - sha512_init( &ctx ); - sha512_starts( &ctx, is384 ); - - while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - sha512_update( &ctx, buf, n ); - - sha512_finish( &ctx, output ); - sha512_free( &ctx ); - - if( ferror( f ) != 0 ) - { - fclose( f ); - return( POLARSSL_ERR_SHA512_FILE_IO_ERROR ); - } - - fclose( f ); - return( 0 ); -} -#endif /* POLARSSL_FS_IO */ - -/* - * SHA-512 HMAC context setup - */ -void sha512_hmac_starts( sha512_context *ctx, const unsigned char *key, - size_t keylen, int is384 ) -{ - size_t i; - unsigned char sum[64]; - - if( keylen > 128 ) - { - sha512( key, keylen, sum, is384 ); - keylen = ( is384 ) ? 48 : 64; - key = sum; - } - - memset( ctx->ipad, 0x36, 128 ); - memset( ctx->opad, 0x5C, 128 ); - - for( i = 0; i < keylen; i++ ) - { - ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); - ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); - } - - sha512_starts( ctx, is384 ); - sha512_update( ctx, ctx->ipad, 128 ); - - polarssl_zeroize( sum, sizeof( sum ) ); -} - -/* - * SHA-512 HMAC process buffer - */ -void sha512_hmac_update( sha512_context *ctx, - const unsigned char *input, size_t ilen ) -{ - sha512_update( ctx, input, ilen ); -} - -/* - * SHA-512 HMAC final digest - */ -void sha512_hmac_finish( sha512_context *ctx, unsigned char output[64] ) -{ - int is384, hlen; - unsigned char tmpbuf[64]; - - is384 = ctx->is384; - hlen = ( is384 == 0 ) ? 64 : 48; - - sha512_finish( ctx, tmpbuf ); - sha512_starts( ctx, is384 ); - sha512_update( ctx, ctx->opad, 128 ); - sha512_update( ctx, tmpbuf, hlen ); - sha512_finish( ctx, output ); - - polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) ); -} - -/* - * SHA-512 HMAC context reset - */ -void sha512_hmac_reset( sha512_context *ctx ) -{ - sha512_starts( ctx, ctx->is384 ); - sha512_update( ctx, ctx->ipad, 128 ); -} + mbedtls_sha512_context ctx; -/* - * output = HMAC-SHA-512( hmac key, input buffer ) - */ -void sha512_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[64], int is384 ) -{ - sha512_context ctx; - - sha512_init( &ctx ); - sha512_hmac_starts( &ctx, key, keylen, is384 ); - sha512_hmac_update( &ctx, input, ilen ); - sha512_hmac_finish( &ctx, output ); - sha512_free( &ctx ); + mbedtls_sha512_init( &ctx ); + mbedtls_sha512_starts( &ctx, is384 ); + mbedtls_sha512_update( &ctx, input, ilen ); + mbedtls_sha512_finish( &ctx, output ); + mbedtls_sha512_free( &ctx ); } -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * FIPS-180-2 test vectors @@ -554,165 +439,17 @@ static const unsigned char sha512_test_sum[6][64] = 0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B } }; -/* - * RFC 4231 test vectors - */ -static const unsigned char sha512_hmac_test_key[7][26] = -{ - { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" - "\x0B\x0B\x0B\x0B" }, - { "Jefe" }, - { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" - "\xAA\xAA\xAA\xAA" }, - { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10" - "\x11\x12\x13\x14\x15\x16\x17\x18\x19" }, - { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" - "\x0C\x0C\x0C\x0C" }, - { "" }, /* 0xAA 131 times */ - { "" } -}; - -static const int sha512_hmac_test_keylen[7] = -{ - 20, 4, 20, 25, 20, 131, 131 -}; - -static const unsigned char sha512_hmac_test_buf[7][153] = -{ - { "Hi There" }, - { "what do ya want for nothing?" }, - { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" }, - { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" - "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" }, - { "Test With Truncation" }, - { "Test Using Larger Than Block-Size Key - Hash Key First" }, - { "This is a test using a larger than block-size key " - "and a larger than block-size data. The key needs to " - "be hashed before being used by the HMAC algorithm." } -}; - -static const int sha512_hmac_test_buflen[7] = -{ - 8, 28, 50, 50, 20, 54, 152 -}; - -static const unsigned char sha512_hmac_test_sum[14][64] = -{ - /* - * HMAC-SHA-384 test vectors - */ - { 0xAF, 0xD0, 0x39, 0x44, 0xD8, 0x48, 0x95, 0x62, - 0x6B, 0x08, 0x25, 0xF4, 0xAB, 0x46, 0x90, 0x7F, - 0x15, 0xF9, 0xDA, 0xDB, 0xE4, 0x10, 0x1E, 0xC6, - 0x82, 0xAA, 0x03, 0x4C, 0x7C, 0xEB, 0xC5, 0x9C, - 0xFA, 0xEA, 0x9E, 0xA9, 0x07, 0x6E, 0xDE, 0x7F, - 0x4A, 0xF1, 0x52, 0xE8, 0xB2, 0xFA, 0x9C, 0xB6 }, - { 0xAF, 0x45, 0xD2, 0xE3, 0x76, 0x48, 0x40, 0x31, - 0x61, 0x7F, 0x78, 0xD2, 0xB5, 0x8A, 0x6B, 0x1B, - 0x9C, 0x7E, 0xF4, 0x64, 0xF5, 0xA0, 0x1B, 0x47, - 0xE4, 0x2E, 0xC3, 0x73, 0x63, 0x22, 0x44, 0x5E, - 0x8E, 0x22, 0x40, 0xCA, 0x5E, 0x69, 0xE2, 0xC7, - 0x8B, 0x32, 0x39, 0xEC, 0xFA, 0xB2, 0x16, 0x49 }, - { 0x88, 0x06, 0x26, 0x08, 0xD3, 0xE6, 0xAD, 0x8A, - 0x0A, 0xA2, 0xAC, 0xE0, 0x14, 0xC8, 0xA8, 0x6F, - 0x0A, 0xA6, 0x35, 0xD9, 0x47, 0xAC, 0x9F, 0xEB, - 0xE8, 0x3E, 0xF4, 0xE5, 0x59, 0x66, 0x14, 0x4B, - 0x2A, 0x5A, 0xB3, 0x9D, 0xC1, 0x38, 0x14, 0xB9, - 0x4E, 0x3A, 0xB6, 0xE1, 0x01, 0xA3, 0x4F, 0x27 }, - { 0x3E, 0x8A, 0x69, 0xB7, 0x78, 0x3C, 0x25, 0x85, - 0x19, 0x33, 0xAB, 0x62, 0x90, 0xAF, 0x6C, 0xA7, - 0x7A, 0x99, 0x81, 0x48, 0x08, 0x50, 0x00, 0x9C, - 0xC5, 0x57, 0x7C, 0x6E, 0x1F, 0x57, 0x3B, 0x4E, - 0x68, 0x01, 0xDD, 0x23, 0xC4, 0xA7, 0xD6, 0x79, - 0xCC, 0xF8, 0xA3, 0x86, 0xC6, 0x74, 0xCF, 0xFB }, - { 0x3A, 0xBF, 0x34, 0xC3, 0x50, 0x3B, 0x2A, 0x23, - 0xA4, 0x6E, 0xFC, 0x61, 0x9B, 0xAE, 0xF8, 0x97 }, - { 0x4E, 0xCE, 0x08, 0x44, 0x85, 0x81, 0x3E, 0x90, - 0x88, 0xD2, 0xC6, 0x3A, 0x04, 0x1B, 0xC5, 0xB4, - 0x4F, 0x9E, 0xF1, 0x01, 0x2A, 0x2B, 0x58, 0x8F, - 0x3C, 0xD1, 0x1F, 0x05, 0x03, 0x3A, 0xC4, 0xC6, - 0x0C, 0x2E, 0xF6, 0xAB, 0x40, 0x30, 0xFE, 0x82, - 0x96, 0x24, 0x8D, 0xF1, 0x63, 0xF4, 0x49, 0x52 }, - { 0x66, 0x17, 0x17, 0x8E, 0x94, 0x1F, 0x02, 0x0D, - 0x35, 0x1E, 0x2F, 0x25, 0x4E, 0x8F, 0xD3, 0x2C, - 0x60, 0x24, 0x20, 0xFE, 0xB0, 0xB8, 0xFB, 0x9A, - 0xDC, 0xCE, 0xBB, 0x82, 0x46, 0x1E, 0x99, 0xC5, - 0xA6, 0x78, 0xCC, 0x31, 0xE7, 0x99, 0x17, 0x6D, - 0x38, 0x60, 0xE6, 0x11, 0x0C, 0x46, 0x52, 0x3E }, - - /* - * HMAC-SHA-512 test vectors - */ - { 0x87, 0xAA, 0x7C, 0xDE, 0xA5, 0xEF, 0x61, 0x9D, - 0x4F, 0xF0, 0xB4, 0x24, 0x1A, 0x1D, 0x6C, 0xB0, - 0x23, 0x79, 0xF4, 0xE2, 0xCE, 0x4E, 0xC2, 0x78, - 0x7A, 0xD0, 0xB3, 0x05, 0x45, 0xE1, 0x7C, 0xDE, - 0xDA, 0xA8, 0x33, 0xB7, 0xD6, 0xB8, 0xA7, 0x02, - 0x03, 0x8B, 0x27, 0x4E, 0xAE, 0xA3, 0xF4, 0xE4, - 0xBE, 0x9D, 0x91, 0x4E, 0xEB, 0x61, 0xF1, 0x70, - 0x2E, 0x69, 0x6C, 0x20, 0x3A, 0x12, 0x68, 0x54 }, - { 0x16, 0x4B, 0x7A, 0x7B, 0xFC, 0xF8, 0x19, 0xE2, - 0xE3, 0x95, 0xFB, 0xE7, 0x3B, 0x56, 0xE0, 0xA3, - 0x87, 0xBD, 0x64, 0x22, 0x2E, 0x83, 0x1F, 0xD6, - 0x10, 0x27, 0x0C, 0xD7, 0xEA, 0x25, 0x05, 0x54, - 0x97, 0x58, 0xBF, 0x75, 0xC0, 0x5A, 0x99, 0x4A, - 0x6D, 0x03, 0x4F, 0x65, 0xF8, 0xF0, 0xE6, 0xFD, - 0xCA, 0xEA, 0xB1, 0xA3, 0x4D, 0x4A, 0x6B, 0x4B, - 0x63, 0x6E, 0x07, 0x0A, 0x38, 0xBC, 0xE7, 0x37 }, - { 0xFA, 0x73, 0xB0, 0x08, 0x9D, 0x56, 0xA2, 0x84, - 0xEF, 0xB0, 0xF0, 0x75, 0x6C, 0x89, 0x0B, 0xE9, - 0xB1, 0xB5, 0xDB, 0xDD, 0x8E, 0xE8, 0x1A, 0x36, - 0x55, 0xF8, 0x3E, 0x33, 0xB2, 0x27, 0x9D, 0x39, - 0xBF, 0x3E, 0x84, 0x82, 0x79, 0xA7, 0x22, 0xC8, - 0x06, 0xB4, 0x85, 0xA4, 0x7E, 0x67, 0xC8, 0x07, - 0xB9, 0x46, 0xA3, 0x37, 0xBE, 0xE8, 0x94, 0x26, - 0x74, 0x27, 0x88, 0x59, 0xE1, 0x32, 0x92, 0xFB }, - { 0xB0, 0xBA, 0x46, 0x56, 0x37, 0x45, 0x8C, 0x69, - 0x90, 0xE5, 0xA8, 0xC5, 0xF6, 0x1D, 0x4A, 0xF7, - 0xE5, 0x76, 0xD9, 0x7F, 0xF9, 0x4B, 0x87, 0x2D, - 0xE7, 0x6F, 0x80, 0x50, 0x36, 0x1E, 0xE3, 0xDB, - 0xA9, 0x1C, 0xA5, 0xC1, 0x1A, 0xA2, 0x5E, 0xB4, - 0xD6, 0x79, 0x27, 0x5C, 0xC5, 0x78, 0x80, 0x63, - 0xA5, 0xF1, 0x97, 0x41, 0x12, 0x0C, 0x4F, 0x2D, - 0xE2, 0xAD, 0xEB, 0xEB, 0x10, 0xA2, 0x98, 0xDD }, - { 0x41, 0x5F, 0xAD, 0x62, 0x71, 0x58, 0x0A, 0x53, - 0x1D, 0x41, 0x79, 0xBC, 0x89, 0x1D, 0x87, 0xA6 }, - { 0x80, 0xB2, 0x42, 0x63, 0xC7, 0xC1, 0xA3, 0xEB, - 0xB7, 0x14, 0x93, 0xC1, 0xDD, 0x7B, 0xE8, 0xB4, - 0x9B, 0x46, 0xD1, 0xF4, 0x1B, 0x4A, 0xEE, 0xC1, - 0x12, 0x1B, 0x01, 0x37, 0x83, 0xF8, 0xF3, 0x52, - 0x6B, 0x56, 0xD0, 0x37, 0xE0, 0x5F, 0x25, 0x98, - 0xBD, 0x0F, 0xD2, 0x21, 0x5D, 0x6A, 0x1E, 0x52, - 0x95, 0xE6, 0x4F, 0x73, 0xF6, 0x3F, 0x0A, 0xEC, - 0x8B, 0x91, 0x5A, 0x98, 0x5D, 0x78, 0x65, 0x98 }, - { 0xE3, 0x7B, 0x6A, 0x77, 0x5D, 0xC8, 0x7D, 0xBA, - 0xA4, 0xDF, 0xA9, 0xF9, 0x6E, 0x5E, 0x3F, 0xFD, - 0xDE, 0xBD, 0x71, 0xF8, 0x86, 0x72, 0x89, 0x86, - 0x5D, 0xF5, 0xA3, 0x2D, 0x20, 0xCD, 0xC9, 0x44, - 0xB6, 0x02, 0x2C, 0xAC, 0x3C, 0x49, 0x82, 0xB1, - 0x0D, 0x5E, 0xEB, 0x55, 0xC3, 0xE4, 0xDE, 0x15, - 0x13, 0x46, 0x76, 0xFB, 0x6D, 0xE0, 0x44, 0x60, - 0x65, 0xC9, 0x74, 0x40, 0xFA, 0x8C, 0x6A, 0x58 } -}; - /* * Checkup routine */ -int sha512_self_test( int verbose ) +int mbedtls_sha512_self_test( int verbose ) { int i, j, k, buflen, ret = 0; unsigned char buf[1024]; unsigned char sha512sum[64]; - sha512_context ctx; + mbedtls_sha512_context ctx; - sha512_init( &ctx ); + mbedtls_sha512_init( &ctx ); for( i = 0; i < 6; i++ ) { @@ -720,85 +457,45 @@ int sha512_self_test( int verbose ) k = i < 3; if( verbose != 0 ) - polarssl_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); + mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); - sha512_starts( &ctx, k ); + mbedtls_sha512_starts( &ctx, k ); if( j == 2 ) { memset( buf, 'a', buflen = 1000 ); for( j = 0; j < 1000; j++ ) - sha512_update( &ctx, buf, buflen ); + mbedtls_sha512_update( &ctx, buf, buflen ); } else - sha512_update( &ctx, sha512_test_buf[j], + mbedtls_sha512_update( &ctx, sha512_test_buf[j], sha512_test_buflen[j] ); - sha512_finish( &ctx, sha512sum ); + mbedtls_sha512_finish( &ctx, sha512sum ); if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); - - ret = 1; - goto exit; - } - - if( verbose != 0 ) - polarssl_printf( "passed\n" ); - } - - if( verbose != 0 ) - polarssl_printf( "\n" ); - - for( i = 0; i < 14; i++ ) - { - j = i % 7; - k = i < 7; - - if( verbose != 0 ) - polarssl_printf( " HMAC-SHA-%d test #%d: ", 512 - k * 128, j + 1 ); - - if( j == 5 || j == 6 ) - { - memset( buf, 0xAA, buflen = 131 ); - sha512_hmac_starts( &ctx, buf, buflen, k ); - } - else - sha512_hmac_starts( &ctx, sha512_hmac_test_key[j], - sha512_hmac_test_keylen[j], k ); - - sha512_hmac_update( &ctx, sha512_hmac_test_buf[j], - sha512_hmac_test_buflen[j] ); - - sha512_hmac_finish( &ctx, sha512sum ); - - buflen = ( j == 4 ) ? 16 : 64 - k * 16; - - if( memcmp( sha512sum, sha512_hmac_test_sum[i], buflen ) != 0 ) - { - if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); exit: - sha512_free( &ctx ); + mbedtls_sha512_free( &ctx ); return( ret ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_SHA512_C */ +#endif /* MBEDTLS_SHA512_C */ diff --git a/ext/mbedtls/library/ssl_cache.c b/ext/mbedtls/library/ssl_cache.c index 0c2df29bb1..162b47a449 100644 --- a/ext/mbedtls/library/ssl_cache.c +++ b/ext/mbedtls/library/ssl_cache.c @@ -24,49 +24,49 @@ * to store and retrieve the session information. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_SSL_CACHE_C) +#if defined(MBEDTLS_SSL_CACHE_C) -#include "polarssl/ssl_cache.h" +#include "mbedtls/ssl_cache.h" #include -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_calloc calloc +#define mbedtls_free free #endif -void ssl_cache_init( ssl_cache_context *cache ) +void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ) { - memset( cache, 0, sizeof( ssl_cache_context ) ); + memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) ); - cache->timeout = SSL_CACHE_DEFAULT_TIMEOUT; - cache->max_entries = SSL_CACHE_DEFAULT_MAX_ENTRIES; + cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT; + cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES; -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_init( &cache->mutex ); +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &cache->mutex ); #endif } -int ssl_cache_get( void *data, ssl_session *session ) +int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) { int ret = 1; -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) time_t t = time( NULL ); #endif - ssl_cache_context *cache = (ssl_cache_context *) data; - ssl_cache_entry *cur, *entry; + mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; + mbedtls_ssl_cache_entry *cur, *entry; -#if defined(POLARSSL_THREADING_C) - if( polarssl_mutex_lock( &cache->mutex ) != 0 ) +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_lock( &cache->mutex ) != 0 ) return( 1 ); #endif @@ -78,7 +78,7 @@ int ssl_cache_get( void *data, ssl_session *session ) entry = cur; cur = cur->next; -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) if( cache->timeout != 0 && (int) ( t - entry->timestamp ) > cache->timeout ) continue; @@ -86,68 +86,68 @@ int ssl_cache_get( void *data, ssl_session *session ) if( session->ciphersuite != entry->session.ciphersuite || session->compression != entry->session.compression || - session->length != entry->session.length ) + session->id_len != entry->session.id_len ) continue; if( memcmp( session->id, entry->session.id, - entry->session.length ) != 0 ) + entry->session.id_len ) != 0 ) continue; memcpy( session->master, entry->session.master, 48 ); session->verify_result = entry->session.verify_result; -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) /* * Restore peer certificate (without rest of the original chain) */ if( entry->peer_cert.p != NULL ) { - if( ( session->peer_cert = polarssl_malloc( - sizeof(x509_crt) ) ) == NULL ) + if( ( session->peer_cert = mbedtls_calloc( 1, + sizeof(mbedtls_x509_crt) ) ) == NULL ) { ret = 1; goto exit; } - x509_crt_init( session->peer_cert ); - if( x509_crt_parse( session->peer_cert, entry->peer_cert.p, + mbedtls_x509_crt_init( session->peer_cert ); + if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p, entry->peer_cert.len ) != 0 ) { - polarssl_free( session->peer_cert ); + mbedtls_free( session->peer_cert ); session->peer_cert = NULL; ret = 1; goto exit; } } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ ret = 0; goto exit; } exit: -#if defined(POLARSSL_THREADING_C) - if( polarssl_mutex_unlock( &cache->mutex ) != 0 ) +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) ret = 1; #endif return( ret ); } -int ssl_cache_set( void *data, const ssl_session *session ) +int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) { int ret = 1; -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) time_t t = time( NULL ), oldest = 0; - ssl_cache_entry *old = NULL; + mbedtls_ssl_cache_entry *old = NULL; #endif - ssl_cache_context *cache = (ssl_cache_context *) data; - ssl_cache_entry *cur, *prv; + mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; + mbedtls_ssl_cache_entry *cur, *prv; int count = 0; -#if defined(POLARSSL_THREADING_C) - if( ( ret = polarssl_mutex_lock( &cache->mutex ) ) != 0 ) +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 ) return( ret ); #endif @@ -158,7 +158,7 @@ int ssl_cache_set( void *data, const ssl_session *session ) { count++; -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) if( cache->timeout != 0 && (int) ( t - cur->timestamp ) > cache->timeout ) { @@ -167,10 +167,10 @@ int ssl_cache_set( void *data, const ssl_session *session ) } #endif - if( memcmp( session->id, cur->session.id, cur->session.length ) == 0 ) + if( memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 ) break; /* client reconnected, keep timestamp for session id */ -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) if( oldest == 0 || cur->timestamp < oldest ) { oldest = cur->timestamp; @@ -184,7 +184,7 @@ int ssl_cache_set( void *data, const ssl_session *session ) if( cur == NULL ) { -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) /* * Reuse oldest entry if max_entries reached */ @@ -198,7 +198,7 @@ int ssl_cache_set( void *data, const ssl_session *session ) cur = old; } -#else /* POLARSSL_HAVE_TIME */ +#else /* MBEDTLS_HAVE_TIME */ /* * Reuse first entry in chain if max_entries reached, * but move to last place @@ -216,42 +216,40 @@ int ssl_cache_set( void *data, const ssl_session *session ) cur->next = NULL; prv->next = cur; } -#endif /* POLARSSL_HAVE_TIME */ +#endif /* MBEDTLS_HAVE_TIME */ else { /* * max_entries not reached, create new entry */ - cur = polarssl_malloc( sizeof(ssl_cache_entry) ); + cur = mbedtls_calloc( 1, sizeof(mbedtls_ssl_cache_entry) ); if( cur == NULL ) { ret = 1; goto exit; } - memset( cur, 0, sizeof(ssl_cache_entry) ); - if( prv == NULL ) cache->chain = cur; else prv->next = cur; } -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) cur->timestamp = t; #endif } - memcpy( &cur->session, session, sizeof( ssl_session ) ); + memcpy( &cur->session, session, sizeof( mbedtls_ssl_session ) ); -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) /* * If we're reusing an entry, free its certificate first */ if( cur->peer_cert.p != NULL ) { - polarssl_free( cur->peer_cert.p ); - memset( &cur->peer_cert, 0, sizeof(x509_buf) ); + mbedtls_free( cur->peer_cert.p ); + memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); } /* @@ -259,7 +257,7 @@ int ssl_cache_set( void *data, const ssl_session *session ) */ if( session->peer_cert != NULL ) { - cur->peer_cert.p = polarssl_malloc( session->peer_cert->raw.len ); + cur->peer_cert.p = mbedtls_calloc( 1, session->peer_cert->raw.len ); if( cur->peer_cert.p == NULL ) { ret = 1; @@ -272,38 +270,38 @@ int ssl_cache_set( void *data, const ssl_session *session ) cur->session.peer_cert = NULL; } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ ret = 0; exit: -#if defined(POLARSSL_THREADING_C) - if( polarssl_mutex_unlock( &cache->mutex ) != 0 ) +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) ret = 1; #endif return( ret ); } -#if defined(POLARSSL_HAVE_TIME) -void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout ) +#if defined(MBEDTLS_HAVE_TIME) +void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ) { if( timeout < 0 ) timeout = 0; cache->timeout = timeout; } -#endif /* POLARSSL_HAVE_TIME */ +#endif /* MBEDTLS_HAVE_TIME */ -void ssl_cache_set_max_entries( ssl_cache_context *cache, int max ) +void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ) { if( max < 0 ) max = 0; cache->max_entries = max; } -void ssl_cache_free( ssl_cache_context *cache ) +void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ) { - ssl_cache_entry *cur, *prv; + mbedtls_ssl_cache_entry *cur, *prv; cur = cache->chain; @@ -312,18 +310,18 @@ void ssl_cache_free( ssl_cache_context *cache ) prv = cur; cur = cur->next; - ssl_session_free( &prv->session ); + mbedtls_ssl_session_free( &prv->session ); -#if defined(POLARSSL_X509_CRT_PARSE_C) - polarssl_free( prv->peer_cert.p ); -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_X509_CRT_PARSE_C) + mbedtls_free( prv->peer_cert.p ); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ - polarssl_free( prv ); + mbedtls_free( prv ); } -#if defined(POLARSSL_THREADING_C) - polarssl_mutex_free( &cache->mutex ); +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_free( &cache->mutex ); #endif } -#endif /* POLARSSL_SSL_CACHE_C */ +#endif /* MBEDTLS_SSL_CACHE_C */ diff --git a/ext/mbedtls/library/ssl_ciphersuites.c b/ext/mbedtls/library/ssl_ciphersuites.c index 0fee1e6de0..484da52138 100644 --- a/ext/mbedtls/library/ssl_ciphersuites.c +++ b/ext/mbedtls/library/ssl_ciphersuites.c @@ -22,25 +22,20 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_SSL_TLS_C) +#if defined(MBEDTLS_SSL_TLS_C) -#include "polarssl/ssl_ciphersuites.h" -#include "polarssl/ssl.h" +#include "mbedtls/ssl_ciphersuites.h" +#include "mbedtls/ssl.h" // #include #include -#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \ - !defined(EFI32) -#define strcasecmp _stricmp -#endif - /* * Ordered from most preferred to least preferred in terms of security. * @@ -55,1632 +50,1632 @@ */ static const int ciphersuite_preference[] = { -#if defined(SSL_CIPHERSUITES) - SSL_CIPHERSUITES, +#if defined(MBEDTLS_SSL_CIPHERSUITES) + MBEDTLS_SSL_CIPHERSUITES, #else /* All AES-256 ephemeral suites */ - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, - TLS_ECDHE_ECDSA_WITH_AES_256_CCM, - TLS_DHE_RSA_WITH_AES_256_CCM, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, - TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - TLS_DHE_RSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, - TLS_DHE_RSA_WITH_AES_256_CCM_8, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, + MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, + MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, /* All CAMELLIA-256 ephemeral suites */ - TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, - TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, - TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, - TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, - TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, - TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, - TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, /* All AES-128 ephemeral suites */ - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_ECDSA_WITH_AES_128_CCM, - TLS_DHE_RSA_WITH_AES_128_CCM, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, - TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - TLS_DHE_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, - TLS_DHE_RSA_WITH_AES_128_CCM_8, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, + MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, + MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, /* All CAMELLIA-128 ephemeral suites */ - TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, - TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, - TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, - TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, - TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, - TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, - TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, /* All remaining >= 128-bit ephemeral suites */ - TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, /* The PSK ephemeral suites */ - TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, - TLS_DHE_PSK_WITH_AES_256_CCM, - TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, - TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, - TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, - TLS_DHE_PSK_WITH_AES_256_CBC_SHA, - TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, - TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, - TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, - TLS_DHE_PSK_WITH_AES_256_CCM_8, - - TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, - TLS_DHE_PSK_WITH_AES_128_CCM, - TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, - TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, - TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, - TLS_DHE_PSK_WITH_AES_128_CBC_SHA, - TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, - TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, - TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, - TLS_DHE_PSK_WITH_AES_128_CCM_8, - - TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, - TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, + MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, + + MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, + MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, + + MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, /* All AES-256 suites */ - TLS_RSA_WITH_AES_256_GCM_SHA384, - TLS_RSA_WITH_AES_256_CCM, - TLS_RSA_WITH_AES_256_CBC_SHA256, - TLS_RSA_WITH_AES_256_CBC_SHA, - TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, - TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, - TLS_RSA_WITH_AES_256_CCM_8, + MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_RSA_WITH_AES_256_CCM, + MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, + MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, /* All CAMELLIA-256 suites */ - TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, - TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, - TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, - TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, - TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, - TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, - TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, + MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, + MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, /* All AES-128 suites */ - TLS_RSA_WITH_AES_128_GCM_SHA256, - TLS_RSA_WITH_AES_128_CCM, - TLS_RSA_WITH_AES_128_CBC_SHA256, - TLS_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, - TLS_RSA_WITH_AES_128_CCM_8, + MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_RSA_WITH_AES_128_CCM, + MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, /* All CAMELLIA-128 suites */ - TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, - TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, - TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, - TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, - TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, - TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, - TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, + MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, /* All remaining >= 128-bit suites */ - TLS_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, /* The RSA PSK suites */ - TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, - TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, - TLS_RSA_PSK_WITH_AES_256_CBC_SHA, - TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, - TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, - TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, - TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, - TLS_RSA_PSK_WITH_AES_128_CBC_SHA, - TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, - TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, - TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, /* The PSK suites */ - TLS_PSK_WITH_AES_256_GCM_SHA384, - TLS_PSK_WITH_AES_256_CCM, - TLS_PSK_WITH_AES_256_CBC_SHA384, - TLS_PSK_WITH_AES_256_CBC_SHA, - TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, - TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, - TLS_PSK_WITH_AES_256_CCM_8, - - TLS_PSK_WITH_AES_128_GCM_SHA256, - TLS_PSK_WITH_AES_128_CCM, - TLS_PSK_WITH_AES_128_CBC_SHA256, - TLS_PSK_WITH_AES_128_CBC_SHA, - TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, - TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, - TLS_PSK_WITH_AES_128_CCM_8, - - TLS_PSK_WITH_3DES_EDE_CBC_SHA, + MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, + MBEDTLS_TLS_PSK_WITH_AES_256_CCM, + MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, + MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, + MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, + MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, + MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, + + MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_PSK_WITH_AES_128_CCM, + MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, + MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, + MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, + MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, + MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, + + MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, /* RC4 suites */ - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, - TLS_ECDHE_RSA_WITH_RC4_128_SHA, - TLS_ECDHE_PSK_WITH_RC4_128_SHA, - TLS_DHE_PSK_WITH_RC4_128_SHA, - TLS_RSA_WITH_RC4_128_SHA, - TLS_RSA_WITH_RC4_128_MD5, - TLS_ECDH_RSA_WITH_RC4_128_SHA, - TLS_ECDH_ECDSA_WITH_RC4_128_SHA, - TLS_RSA_PSK_WITH_RC4_128_SHA, - TLS_PSK_WITH_RC4_128_SHA, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, + MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, + MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, + MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, + MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, + MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, + MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, + MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, /* Weak suites */ - TLS_DHE_RSA_WITH_DES_CBC_SHA, - TLS_RSA_WITH_DES_CBC_SHA, + MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, + MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, /* NULL suites */ - TLS_ECDHE_ECDSA_WITH_NULL_SHA, - TLS_ECDHE_RSA_WITH_NULL_SHA, - TLS_ECDHE_PSK_WITH_NULL_SHA384, - TLS_ECDHE_PSK_WITH_NULL_SHA256, - TLS_ECDHE_PSK_WITH_NULL_SHA, - TLS_DHE_PSK_WITH_NULL_SHA384, - TLS_DHE_PSK_WITH_NULL_SHA256, - TLS_DHE_PSK_WITH_NULL_SHA, - - TLS_RSA_WITH_NULL_SHA256, - TLS_RSA_WITH_NULL_SHA, - TLS_RSA_WITH_NULL_MD5, - TLS_ECDH_RSA_WITH_NULL_SHA, - TLS_ECDH_ECDSA_WITH_NULL_SHA, - TLS_RSA_PSK_WITH_NULL_SHA384, - TLS_RSA_PSK_WITH_NULL_SHA256, - TLS_RSA_PSK_WITH_NULL_SHA, - TLS_PSK_WITH_NULL_SHA384, - TLS_PSK_WITH_NULL_SHA256, - TLS_PSK_WITH_NULL_SHA, - -#endif /* SSL_CIPHERSUITES */ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, + MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, + MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, + MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, + MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, + MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, + MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, + MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, + + MBEDTLS_TLS_RSA_WITH_NULL_SHA256, + MBEDTLS_TLS_RSA_WITH_NULL_SHA, + MBEDTLS_TLS_RSA_WITH_NULL_MD5, + MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, + MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, + MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, + MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, + MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, + MBEDTLS_TLS_PSK_WITH_NULL_SHA384, + MBEDTLS_TLS_PSK_WITH_NULL_SHA256, + MBEDTLS_TLS_PSK_WITH_NULL_SHA, + +#endif /* MBEDTLS_SSL_CIPHERSUITES */ 0 }; -static const ssl_ciphersuite_t ciphersuite_definitions[] = +static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = { -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#if defined(POLARSSL_AES_C) -#if defined(POLARSSL_SHA1_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_SHA1_C */ -#if defined(POLARSSL_SHA256_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_GCM_C) - { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", - POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_GCM_C) - { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", - POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_SHA512_C */ -#if defined(POLARSSL_CCM_C) - { TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_SHORT_TAG }, - { TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_SHORT_TAG }, -#endif /* POLARSSL_CCM_C */ -#endif /* POLARSSL_AES_C */ - -#if defined(POLARSSL_CAMELLIA_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) - { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ - -#if defined(POLARSSL_GCM_C) -#if defined(POLARSSL_SHA256_C) - { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) - { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_CAMELLIA_C */ - -#if defined(POLARSSL_DES_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA", - POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_DES_C */ - -#if defined(POLARSSL_ARC4_C) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA", - POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_ARC4_C */ - -#if defined(POLARSSL_CIPHER_NULL_CIPHER) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_NULL_CIPHER */ -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) -#if defined(POLARSSL_AES_C) -#if defined(POLARSSL_SHA1_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_SHA1_C */ -#if defined(POLARSSL_SHA256_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_GCM_C) - { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", - POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_GCM_C) - { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", - POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_AES_C */ - -#if defined(POLARSSL_CAMELLIA_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) - { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ - -#if defined(POLARSSL_GCM_C) -#if defined(POLARSSL_SHA256_C) - { TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) - { TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_CAMELLIA_C */ - -#if defined(POLARSSL_DES_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA", - POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_DES_C */ - -#if defined(POLARSSL_ARC4_C) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA", - POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_ARC4_C */ - -#if defined(POLARSSL_CIPHER_NULL_CIPHER) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_NULL_CIPHER */ -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) -#if defined(POLARSSL_AES_C) -#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C) - { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", - POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */ - -#if defined(POLARSSL_SHA256_C) -#if defined(POLARSSL_GCM_C) - { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", - POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_GCM_C */ - -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - - { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA1_C) - { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - - { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CCM_C) - { TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_SHORT_TAG }, - { TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_SHORT_TAG }, -#endif /* POLARSSL_CCM_C */ -#endif /* POLARSSL_AES_C */ - -#if defined(POLARSSL_CAMELLIA_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - - { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256", - POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA1_C) - { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", - POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - - { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA", - POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_GCM_C) -#if defined(POLARSSL_SHA256_C) - { TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_CAMELLIA_C */ - -#if defined(POLARSSL_DES_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA1_C) - { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA", - POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_DES_C */ -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) -#if defined(POLARSSL_AES_C) -#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C) - { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", - POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */ - -#if defined(POLARSSL_SHA256_C) -#if defined(POLARSSL_GCM_C) - { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", - POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_GCM_C */ - -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - - { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA1_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - - { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_SHA1_C */ -#if defined(POLARSSL_CCM_C) - { TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_SHORT_TAG }, - { TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_SHORT_TAG }, -#endif /* POLARSSL_CCM_C */ -#endif /* POLARSSL_AES_C */ - -#if defined(POLARSSL_CAMELLIA_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - - { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256", - POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA1_C) - { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", - POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - - { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA", - POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ - -#if defined(POLARSSL_GCM_C) -#if defined(POLARSSL_SHA256_C) - { TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA1_C) - { TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_CAMELLIA_C */ - -#if defined(POLARSSL_DES_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA1_C) - { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA", - POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_DES_C */ - -#if defined(POLARSSL_ARC4_C) -#if defined(POLARSSL_MD5_C) - { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5", - POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA512_C */ +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, +#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ + +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ + +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, + { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, +#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, + { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, +#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_MD5_C) + { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, #endif -#if defined(POLARSSL_SHA1_C) - { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA", - POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, #endif -#endif /* POLARSSL_ARC4_C */ -#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) -#if defined(POLARSSL_AES_C) -#if defined(POLARSSL_SHA1_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_SHA1_C */ -#if defined(POLARSSL_SHA256_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_GCM_C) - { TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", - POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_GCM_C) - { TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", - POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_AES_C */ - -#if defined(POLARSSL_CAMELLIA_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) - { TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ - -#if defined(POLARSSL_GCM_C) -#if defined(POLARSSL_SHA256_C) - { TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) - { TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_CAMELLIA_C */ - -#if defined(POLARSSL_DES_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA", - POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_DES_C */ - -#if defined(POLARSSL_ARC4_C) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA", - POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_ARC4_C */ - -#if defined(POLARSSL_CIPHER_NULL_CIPHER) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_NULL_CIPHER */ -#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#if defined(POLARSSL_AES_C) -#if defined(POLARSSL_SHA1_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_SHA1_C */ -#if defined(POLARSSL_SHA256_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_GCM_C) - { TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", - POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) - { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_GCM_C) - { TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", - POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_AES_C */ - -#if defined(POLARSSL_CAMELLIA_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) - { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ - -#if defined(POLARSSL_GCM_C) -#if defined(POLARSSL_SHA256_C) - { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) - { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_CAMELLIA_C */ - -#if defined(POLARSSL_DES_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA", - POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_DES_C */ - -#if defined(POLARSSL_ARC4_C) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA", - POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_ARC4_C */ - -#if defined(POLARSSL_CIPHER_NULL_CIPHER) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_NULL_CIPHER */ -#endif /* POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) -#if defined(POLARSSL_AES_C) -#if defined(POLARSSL_GCM_C) -#if defined(POLARSSL_SHA256_C) - { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", - POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384", - POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_GCM_C */ - -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ - -#if defined(POLARSSL_SHA1_C) - { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - - { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CCM_C) - { TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_SHORT_TAG }, - { TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_SHORT_TAG }, -#endif /* POLARSSL_CCM_C */ -#endif /* POLARSSL_AES_C */ - -#if defined(POLARSSL_CAMELLIA_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ - -#if defined(POLARSSL_GCM_C) -#if defined(POLARSSL_SHA256_C) - { TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_CAMELLIA_C */ - -#if defined(POLARSSL_DES_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA1_C) - { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA", - POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_DES_C */ - -#if defined(POLARSSL_ARC4_C) -#if defined(POLARSSL_SHA1_C) - { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA", - POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_ARC4_C */ -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) -#if defined(POLARSSL_AES_C) -#if defined(POLARSSL_GCM_C) -#if defined(POLARSSL_SHA256_C) - { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", - POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384", - POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_GCM_C */ - -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ - -#if defined(POLARSSL_SHA1_C) - { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - - { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CCM_C) - { TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8", - POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_SHORT_TAG }, - { TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - { TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8", - POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_SHORT_TAG }, -#endif /* POLARSSL_CCM_C */ -#endif /* POLARSSL_AES_C */ - -#if defined(POLARSSL_CAMELLIA_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ - -#if defined(POLARSSL_GCM_C) -#if defined(POLARSSL_SHA256_C) - { TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_CAMELLIA_C */ - -#if defined(POLARSSL_DES_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA1_C) - { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA", - POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_DES_C */ - -#if defined(POLARSSL_ARC4_C) -#if defined(POLARSSL_SHA1_C) - { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA", - POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_ARC4_C */ -#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#if defined(POLARSSL_AES_C) - -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ - -#if defined(POLARSSL_SHA1_C) - { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - - { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_AES_C */ - -#if defined(POLARSSL_CAMELLIA_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_CAMELLIA_C */ - -#if defined(POLARSSL_DES_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", - POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_DES_C */ - -#if defined(POLARSSL_ARC4_C) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA", - POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_ARC4_C */ -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) -#if defined(POLARSSL_AES_C) -#if defined(POLARSSL_GCM_C) -#if defined(POLARSSL_SHA256_C) - { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", - POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384", - POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_GCM_C */ - -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ - -#if defined(POLARSSL_SHA1_C) - { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", - POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, - - { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA", - POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_AES_C */ - -#if defined(POLARSSL_CAMELLIA_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA256_C) - { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ - -#if defined(POLARSSL_GCM_C) -#if defined(POLARSSL_SHA256_C) - { TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", - POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA256_C */ - -#if defined(POLARSSL_SHA512_C) - { TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384", - POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_GCM_C */ -#endif /* POLARSSL_CAMELLIA_C */ - -#if defined(POLARSSL_DES_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_SHA1_C) - { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA", - POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_DES_C */ - -#if defined(POLARSSL_ARC4_C) -#if defined(POLARSSL_SHA1_C) - { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA", - POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - 0 }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_ARC4_C */ -#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ - -#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) -#if defined(POLARSSL_CIPHER_NULL_CIPHER) -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) -#if defined(POLARSSL_MD5_C) - { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", - POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_ARC4_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ + +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_GCM_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ + +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, + { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, +#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_CCM_C) + { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8", + MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, + { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8", + MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_SHORT_TAG }, +#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(MBEDTLS_AES_C) + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", + MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384", + MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, + + { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA", + MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_CAMELLIA_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", + MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384", + MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA", + MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + 0 }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_ARC4_C) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA", + MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_NODTLS }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_ARC4_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ + +#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) +#if defined(MBEDTLS_MD5_C) + { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, #endif -#if defined(POLARSSL_SHA1_C) - { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, #endif -#if defined(POLARSSL_SHA256_C) - { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, #endif -#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) -#if defined(POLARSSL_SHA1_C) - { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, -#endif /* POLARSSL_SHA1_C */ - -#if defined(POLARSSL_SHA256_C) - { TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, #endif -#if defined(POLARSSL_SHA512_C) - { TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, #endif -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) -#if defined(POLARSSL_SHA1_C) - { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, -#endif /* POLARSSL_SHA1_C */ - -#if defined(POLARSSL_SHA256_C) - { TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, #endif -#if defined(POLARSSL_SHA512_C) - { TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, #endif -#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#if defined(POLARSSL_SHA1_C) - { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, -#endif /* POLARSSL_SHA1_C */ - -#if defined(POLARSSL_SHA256_C) - { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, #endif -#if defined(POLARSSL_SHA512_C) - { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, #endif -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) -#if defined(POLARSSL_SHA1_C) - { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, -#endif /* POLARSSL_SHA1_C */ - -#if defined(POLARSSL_SHA256_C) - { TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_SHA256_C) + { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, #endif -#if defined(POLARSSL_SHA512_C) - { TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384", - POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, +#if defined(MBEDTLS_SHA512_C) + { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384", + MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, #endif -#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#endif /* POLARSSL_CIPHER_NULL_CIPHER */ - -#if defined(POLARSSL_DES_C) -#if defined(POLARSSL_CIPHER_MODE_CBC) -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) -#if defined(POLARSSL_SHA1_C) - { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA", - POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) -#if defined(POLARSSL_SHA1_C) - { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA", - POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, - SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, - POLARSSL_CIPHERSUITE_WEAK }, -#endif /* POLARSSL_SHA1_C */ -#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* POLARSSL_DES_C */ -#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */ +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ + +#if defined(MBEDTLS_DES_C) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA", + MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) +#if defined(MBEDTLS_SHA1_C) + { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA", + MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, + MBEDTLS_CIPHERSUITE_WEAK }, +#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_DES_C */ +#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ { 0, "", - POLARSSL_CIPHER_NONE, POLARSSL_MD_NONE, POLARSSL_KEY_EXCHANGE_NONE, + MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE, 0, 0, 0, 0, 0 } }; -#if defined(SSL_CIPHERSUITES) -const int *ssl_list_ciphersuites( void ) +#if defined(MBEDTLS_SSL_CIPHERSUITES) +const int *mbedtls_ssl_list_ciphersuites( void ) { return( ciphersuite_preference ); } @@ -1690,7 +1685,7 @@ const int *ssl_list_ciphersuites( void ) static int supported_ciphersuites[MAX_CIPHERSUITES]; static int supported_init = 0; -const int *ssl_list_ciphersuites( void ) +const int *mbedtls_ssl_list_ciphersuites( void ) { /* * On initial call filter out all ciphersuites not supported by current @@ -1705,12 +1700,12 @@ const int *ssl_list_ciphersuites( void ) *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; p++ ) { -#if defined(POLARSSL_REMOVE_ARC4_CIPHERSUITES) - const ssl_ciphersuite_t *cs_info; - if( ( cs_info = ssl_ciphersuite_from_id( *p ) ) != NULL && - cs_info->cipher != POLARSSL_CIPHER_ARC4_128 ) +#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) + const mbedtls_ssl_ciphersuite_t *cs_info; + if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL && + cs_info->cipher != MBEDTLS_CIPHER_ARC4_128 ) #else - if( ssl_ciphersuite_from_id( *p ) != NULL ) + if( mbedtls_ssl_ciphersuite_from_id( *p ) != NULL ) #endif *(q++) = *p; } @@ -1720,20 +1715,20 @@ const int *ssl_list_ciphersuites( void ) } return( supported_ciphersuites ); -}; -#endif /* SSL_CIPHERSUITES */ +} +#endif /* MBEDTLS_SSL_CIPHERSUITES */ -const ssl_ciphersuite_t *ssl_ciphersuite_from_string( +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name ) { - const ssl_ciphersuite_t *cur = ciphersuite_definitions; + const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; if( NULL == ciphersuite_name ) return( NULL ); while( cur->id != 0 ) { - if( 0 == strcasecmp( cur->name, ciphersuite_name ) ) + if( 0 == strcmp( cur->name, ciphersuite_name ) ) return( cur ); cur++; @@ -1742,9 +1737,9 @@ const ssl_ciphersuite_t *ssl_ciphersuite_from_string( return( NULL ); } -const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite ) +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite ) { - const ssl_ciphersuite_t *cur = ciphersuite_definitions; + const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; while( cur->id != 0 ) { @@ -1757,11 +1752,11 @@ const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite ) return( NULL ); } -const char *ssl_get_ciphersuite_name( const int ciphersuite_id ) +const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ) { - const ssl_ciphersuite_t *cur; + const mbedtls_ssl_ciphersuite_t *cur; - cur = ssl_ciphersuite_from_id( ciphersuite_id ); + cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); if( cur == NULL ) return( "unknown" ); @@ -1769,11 +1764,11 @@ const char *ssl_get_ciphersuite_name( const int ciphersuite_id ) return( cur->name ); } -int ssl_get_ciphersuite_id( const char *ciphersuite_name ) +int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) { - const ssl_ciphersuite_t *cur; + const mbedtls_ssl_ciphersuite_t *cur; - cur = ssl_ciphersuite_from_string( ciphersuite_name ); + cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name ); if( cur == NULL ) return( 0 ); @@ -1781,63 +1776,63 @@ int ssl_get_ciphersuite_id( const char *ciphersuite_name ) return( cur->id ); } -#if defined(POLARSSL_PK_C) -pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info ) +#if defined(MBEDTLS_PK_C) +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ) { switch( info->key_exchange ) { - case POLARSSL_KEY_EXCHANGE_RSA: - case POLARSSL_KEY_EXCHANGE_DHE_RSA: - case POLARSSL_KEY_EXCHANGE_ECDHE_RSA: - case POLARSSL_KEY_EXCHANGE_RSA_PSK: - return( POLARSSL_PK_RSA ); + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + return( MBEDTLS_PK_RSA ); - case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA: - return( POLARSSL_PK_ECDSA ); + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( MBEDTLS_PK_ECDSA ); - case POLARSSL_KEY_EXCHANGE_ECDH_RSA: - case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA: - return( POLARSSL_PK_ECKEY ); + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + return( MBEDTLS_PK_ECKEY ); default: - return( POLARSSL_PK_NONE ); + return( MBEDTLS_PK_NONE ); } } -#endif /* POLARSSL_PK_C */ +#endif /* MBEDTLS_PK_C */ -#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) -int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info ) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ) { switch( info->key_exchange ) { - case POLARSSL_KEY_EXCHANGE_ECDHE_RSA: - case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA: - case POLARSSL_KEY_EXCHANGE_ECDHE_PSK: - case POLARSSL_KEY_EXCHANGE_ECDH_RSA: - case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: return( 1 ); default: return( 0 ); } } -#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) -int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ) { switch( info->key_exchange ) { - case POLARSSL_KEY_EXCHANGE_PSK: - case POLARSSL_KEY_EXCHANGE_RSA_PSK: - case POLARSSL_KEY_EXCHANGE_DHE_PSK: - case POLARSSL_KEY_EXCHANGE_ECDHE_PSK: + case MBEDTLS_KEY_EXCHANGE_PSK: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: return( 1 ); default: return( 0 ); } } -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#endif /* POLARSSL_SSL_TLS_C */ +#endif /* MBEDTLS_SSL_TLS_C */ diff --git a/ext/mbedtls/library/ssl_cli.c b/ext/mbedtls/library/ssl_cli.c index 0c62c3448b..1d683d3072 100644 --- a/ext/mbedtls/library/ssl_cli.c +++ b/ext/mbedtls/library/ssl_cli.c @@ -20,60 +20,59 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_SSL_CLI_C) +#if defined(MBEDTLS_SSL_CLI_C) -#include "polarssl/debug.h" -#include "polarssl/ssl.h" +#include "mbedtls/debug.h" +#include "mbedtls/ssl.h" +#include "mbedtls/ssl_internal.h" #include -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_calloc calloc +#define mbedtls_free free #endif -#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) -#include -typedef UINT32 uint32_t; -#else -#include -#endif +#include -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) #include #endif -#if defined(POLARSSL_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } #endif -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) -static void ssl_write_hostname_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; + size_t hostname_len; *olen = 0; if( ssl->hostname == NULL ) return; - SSL_DEBUG_MSG( 3, ( "client hello, adding server name extension: %s", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding server name extension: %s", ssl->hostname ) ); + hostname_len = strlen( ssl->hostname ); + /* * struct { * NameType name_type; @@ -92,27 +91,27 @@ static void ssl_write_hostname_ext( ssl_context *ssl, * ServerName server_name_list<1..2^16-1> * } ServerNameList; */ - *p++ = (unsigned char)( ( TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_SERVERNAME ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF ); - *p++ = (unsigned char)( ( (ssl->hostname_len + 5) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( (ssl->hostname_len + 5) ) & 0xFF ); + *p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( (hostname_len + 5) ) & 0xFF ); - *p++ = (unsigned char)( ( (ssl->hostname_len + 3) >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( (ssl->hostname_len + 3) ) & 0xFF ); + *p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( (hostname_len + 3) ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->hostname_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( ssl->hostname_len ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); + *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( hostname_len ) & 0xFF ); - memcpy( p, ssl->hostname, ssl->hostname_len ); + memcpy( p, ssl->hostname, hostname_len ); - *olen = ssl->hostname_len + 9; + *olen = hostname_len + 9; } -#endif /* POLARSSL_SSL_SERVER_NAME_INDICATION */ +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined(POLARSSL_SSL_RENEGOTIATION) -static void ssl_write_renegotiation_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_RENEGOTIATION) +static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { @@ -120,16 +119,16 @@ static void ssl_write_renegotiation_ext( ssl_context *ssl, *olen = 0; - if( ssl->renegotiation != SSL_RENEGOTIATION ) + if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) return; - SSL_DEBUG_MSG( 3, ( "client hello, adding renegotiation extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding renegotiation extension" ) ); /* * Secure renegotiation */ - *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); *p++ = 0x00; *p++ = ( ssl->verify_data_len + 1 ) & 0xFF; @@ -139,77 +138,45 @@ static void ssl_write_renegotiation_ext( ssl_context *ssl, *olen = 5 + ssl->verify_data_len; } -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ /* * Only if we handle at least one key exchange that needs signatures. */ -#if defined(POLARSSL_SSL_PROTO_TLS1_2) && \ - defined(POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED) -static void ssl_write_signature_algorithms_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +static void ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; size_t sig_alg_len = 0; -#if defined(POLARSSL_RSA_C) || defined(POLARSSL_ECDSA_C) + const int *md; +#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C) unsigned char *sig_alg_list = buf + 6; #endif *olen = 0; - if( ssl->max_minor_ver != SSL_MINOR_VERSION_3 ) + if( ssl->conf->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) return; - SSL_DEBUG_MSG( 3, ( "client hello, adding signature_algorithms extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding signature_algorithms extension" ) ); /* * Prepare signature_algorithms extension (TLS 1.2) */ -#if defined(POLARSSL_RSA_C) -#if defined(POLARSSL_SHA512_C) - sig_alg_list[sig_alg_len++] = SSL_HASH_SHA512; - sig_alg_list[sig_alg_len++] = SSL_SIG_RSA; - sig_alg_list[sig_alg_len++] = SSL_HASH_SHA384; - sig_alg_list[sig_alg_len++] = SSL_SIG_RSA; -#endif -#if defined(POLARSSL_SHA256_C) - sig_alg_list[sig_alg_len++] = SSL_HASH_SHA256; - sig_alg_list[sig_alg_len++] = SSL_SIG_RSA; - sig_alg_list[sig_alg_len++] = SSL_HASH_SHA224; - sig_alg_list[sig_alg_len++] = SSL_SIG_RSA; -#endif -#if defined(POLARSSL_SHA1_C) - sig_alg_list[sig_alg_len++] = SSL_HASH_SHA1; - sig_alg_list[sig_alg_len++] = SSL_SIG_RSA; -#endif -#if defined(POLARSSL_MD5_C) - sig_alg_list[sig_alg_len++] = SSL_HASH_MD5; - sig_alg_list[sig_alg_len++] = SSL_SIG_RSA; -#endif -#endif /* POLARSSL_RSA_C */ -#if defined(POLARSSL_ECDSA_C) -#if defined(POLARSSL_SHA512_C) - sig_alg_list[sig_alg_len++] = SSL_HASH_SHA512; - sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA; - sig_alg_list[sig_alg_len++] = SSL_HASH_SHA384; - sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA; -#endif -#if defined(POLARSSL_SHA256_C) - sig_alg_list[sig_alg_len++] = SSL_HASH_SHA256; - sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA; - sig_alg_list[sig_alg_len++] = SSL_HASH_SHA224; - sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA; -#endif -#if defined(POLARSSL_SHA1_C) - sig_alg_list[sig_alg_len++] = SSL_HASH_SHA1; - sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA; + for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ ) + { +#if defined(MBEDTLS_ECDSA_C) + sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md ); + sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA; #endif -#if defined(POLARSSL_MD5_C) - sig_alg_list[sig_alg_len++] = SSL_HASH_MD5; - sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA; +#if defined(MBEDTLS_RSA_C) + sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md ); + sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA; #endif -#endif /* POLARSSL_ECDSA_C */ + } /* * enum { @@ -228,8 +195,8 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - *p++ = (unsigned char)( ( TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_SIG_ALG ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF ); *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF ); @@ -239,34 +206,34 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl, *olen = 6 + sig_alg_len; } -#endif /* POLARSSL_SSL_PROTO_TLS1_2 && - POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && + MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ -#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) -static void ssl_write_supported_elliptic_curves_ext( ssl_context *ssl, +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +static void ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; unsigned char *elliptic_curve_list = p + 6; size_t elliptic_curve_len = 0; - const ecp_curve_info *info; -#if defined(POLARSSL_SSL_SET_CURVES) - const ecp_group_id *grp_id; + const mbedtls_ecp_curve_info *info; +#if defined(MBEDTLS_ECP_C) + const mbedtls_ecp_group_id *grp_id; #else ((void) ssl); #endif *olen = 0; - SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) ); -#if defined(POLARSSL_SSL_SET_CURVES) - for( grp_id = ssl->curve_list; *grp_id != POLARSSL_ECP_DP_NONE; grp_id++ ) +#if defined(MBEDTLS_ECP_C) + for( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ ) { - info = ecp_curve_info_from_grp_id( *grp_id ); + info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); #else - for( info = ecp_curve_list(); info->grp_id != POLARSSL_ECP_DP_NONE; info++ ) + for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ ) { #endif @@ -277,8 +244,8 @@ static void ssl_write_supported_elliptic_curves_ext( ssl_context *ssl, if( elliptic_curve_len == 0 ) return; - *p++ = (unsigned char)( ( TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ) & 0xFF ); *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF ); *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF ); @@ -289,7 +256,7 @@ static void ssl_write_supported_elliptic_curves_ext( ssl_context *ssl, *olen = 6 + elliptic_curve_len; } -static void ssl_write_supported_point_formats_ext( ssl_context *ssl, +static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { @@ -298,140 +265,140 @@ static void ssl_write_supported_point_formats_ext( ssl_context *ssl, *olen = 0; - SSL_DEBUG_MSG( 3, ( "client hello, adding supported_point_formats extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_point_formats extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF ); *p++ = 0x00; *p++ = 2; *p++ = 1; - *p++ = POLARSSL_ECP_PF_UNCOMPRESSED; + *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED; *olen = 6; } -#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) -static void ssl_write_max_fragment_length_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; - if( ssl->mfl_code == SSL_MAX_FRAG_LEN_NONE ) { + if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) { *olen = 0; return; } - SSL_DEBUG_MSG( 3, ( "client hello, adding max_fragment_length extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding max_fragment_length extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); *p++ = 0x00; *p++ = 1; - *p++ = ssl->mfl_code; + *p++ = ssl->conf->mfl_code; *olen = 5; } -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) -static void ssl_write_truncated_hmac_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; - if( ssl->trunc_hmac == SSL_TRUNC_HMAC_DISABLED ) + if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) { *olen = 0; return; } - SSL_DEBUG_MSG( 3, ( "client hello, adding truncated_hmac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding truncated_hmac extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_TRUNCATED_HMAC ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF ); *p++ = 0x00; *p++ = 0x00; *olen = 4; } -#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) -static void ssl_write_encrypt_then_mac_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; - if( ssl->encrypt_then_mac == SSL_ETM_DISABLED || - ssl->max_minor_ver == SSL_MINOR_VERSION_0 ) + if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || + ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { *olen = 0; return; } - SSL_DEBUG_MSG( 3, ( "client hello, adding encrypt_then_mac " + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding encrypt_then_mac " "extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); *p++ = 0x00; *p++ = 0x00; *olen = 4; } -#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */ +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) -static void ssl_write_extended_ms_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; - if( ssl->extended_ms == SSL_EXTENDED_MS_DISABLED || - ssl->max_minor_ver == SSL_MINOR_VERSION_0 ) + if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { *olen = 0; return; } - SSL_DEBUG_MSG( 3, ( "client hello, adding extended_master_secret " + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding extended_master_secret " "extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF ); *p++ = 0x00; *p++ = 0x00; *olen = 4; } -#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */ +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) -static void ssl_write_session_ticket_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; size_t tlen = ssl->session_negotiate->ticket_len; - if( ssl->session_tickets == SSL_SESSION_TICKETS_DISABLED ) + if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED ) { *olen = 0; return; } - SSL_DEBUG_MSG( 3, ( "client hello, adding session ticket extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding session ticket extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_SESSION_TICKET ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); *p++ = (unsigned char)( ( tlen >> 8 ) & 0xFF ); *p++ = (unsigned char)( ( tlen ) & 0xFF ); @@ -444,31 +411,31 @@ static void ssl_write_session_ticket_ext( ssl_context *ssl, return; } - SSL_DEBUG_MSG( 3, ( "sending session ticket of length %d", tlen ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "sending session ticket of length %d", tlen ) ); memcpy( p, ssl->session_negotiate->ticket, tlen ); *olen += tlen; } -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(POLARSSL_SSL_ALPN) -static void ssl_write_alpn_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_ALPN) +static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; const char **cur; - if( ssl->alpn_list == NULL ) + if( ssl->conf->alpn_list == NULL ) { *olen = 0; return; } - SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_ALPN >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_ALPN ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); /* * opaque ProtocolName<1..2^8-1>; @@ -481,7 +448,7 @@ static void ssl_write_alpn_ext( ssl_context *ssl, /* Skip writing extension and list length for now */ p += 4; - for( cur = ssl->alpn_list; *cur != NULL; cur++ ) + for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) { *p = (unsigned char)( strlen( *cur ) & 0xFF ); memcpy( p + 1, *cur, *p ); @@ -498,40 +465,82 @@ static void ssl_write_alpn_ext( ssl_context *ssl, buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF ); buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF ); } -#endif /* POLARSSL_SSL_ALPN */ +#endif /* MBEDTLS_SSL_ALPN */ -static int ssl_write_client_hello( ssl_context *ssl ) +/* + * Generate random bytes for ClientHello + */ +static int ssl_generate_random( mbedtls_ssl_context *ssl ) +{ + int ret; + unsigned char *p = ssl->handshake->randbytes; +#if defined(MBEDTLS_HAVE_TIME) + time_t t; +#endif + + /* + * When responding to a verify request, MUST reuse random (RFC 6347 4.2.1) + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->verify_cookie != NULL ) + { + return( 0 ); + } +#endif + +#if defined(MBEDTLS_HAVE_TIME) + t = time( NULL ); + *p++ = (unsigned char)( t >> 24 ); + *p++ = (unsigned char)( t >> 16 ); + *p++ = (unsigned char)( t >> 8 ); + *p++ = (unsigned char)( t ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) ); +#else + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 ) + return( ret ); + + p += 4; +#endif /* MBEDTLS_HAVE_TIME */ + + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 ) + return( ret ); + + return( 0 ); +} + +static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) { int ret; size_t i, n, olen, ext_len = 0; unsigned char *buf; unsigned char *p, *q; -#if defined(POLARSSL_HAVE_TIME) - time_t t; -#endif + unsigned char offer_compress; const int *ciphersuites; - const ssl_ciphersuite_t *ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); - if( ssl->f_rng == NULL ) + if( ssl->conf->f_rng == NULL ) { - SSL_DEBUG_MSG( 1, ( "no RNG provided") ); - return( POLARSSL_ERR_SSL_NO_RNG ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") ); + return( MBEDTLS_ERR_SSL_NO_RNG ); } -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) #endif { - ssl->major_ver = ssl->min_major_ver; - ssl->minor_ver = ssl->min_minor_ver; + ssl->major_ver = ssl->conf->min_major_ver; + ssl->minor_ver = ssl->conf->min_minor_ver; } - if( ssl->max_major_ver == 0 && ssl->max_minor_ver == 0 ) + if( ssl->conf->max_major_ver == 0 ) { - ssl->max_major_ver = SSL_MAX_MAJOR_VERSION; - ssl->max_minor_ver = SSL_MAX_MINOR_VERSION; + MBEDTLS_SSL_DEBUG_MSG( 1, ( "configured max major version is invalid, " + "consider using mbedtls_ssl_config_defaults()" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } /* @@ -544,110 +553,135 @@ static int ssl_write_client_hello( ssl_context *ssl ) buf = ssl->out_msg; p = buf + 4; - *p++ = (unsigned char) ssl->max_major_ver; - *p++ = (unsigned char) ssl->max_minor_ver; + mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, + ssl->conf->transport, p ); + p += 2; - SSL_DEBUG_MSG( 3, ( "client hello, max version: [%d:%d]", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, max version: [%d:%d]", buf[4], buf[5] ) ); -#if defined(POLARSSL_HAVE_TIME) - t = time( NULL ); - *p++ = (unsigned char)( t >> 24 ); - *p++ = (unsigned char)( t >> 16 ); - *p++ = (unsigned char)( t >> 8 ); - *p++ = (unsigned char)( t ); - - SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) ); -#else - if( ( ret = ssl->f_rng( ssl->p_rng, p, 4 ) ) != 0 ) - return( ret ); - - p += 4; -#endif /* POLARSSL_HAVE_TIME */ - - if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 ) + if( ( ret = ssl_generate_random( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); return( ret ); + } - p += 28; - - memcpy( ssl->handshake->randbytes, buf + 6, 32 ); - - SSL_DEBUG_BUF( 3, "client hello, random bytes", buf + 6, 32 ); + memcpy( p, ssl->handshake->randbytes, 32 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", p, 32 ); + p += 32; /* * 38 . 38 session id length * 39 . 39+n session id - * 40+n . 41+n ciphersuitelist length - * 42+n . .. ciphersuitelist - * .. . .. compression methods length + * 39+n . 39+n DTLS only: cookie length (1 byte) + * 40+n . .. DTSL only: cookie + * .. . .. ciphersuitelist length (2 bytes) + * .. . .. ciphersuitelist + * .. . .. compression methods length (1 byte) * .. . .. compression methods - * .. . .. extensions length + * .. . .. extensions length (2 bytes) * .. . .. extensions */ - n = ssl->session_negotiate->length; + n = ssl->session_negotiate->id_len; if( n < 16 || n > 32 || -#if defined(POLARSSL_SSL_RENEGOTIATION) - ssl->renegotiation != SSL_INITIAL_HANDSHAKE || +#if defined(MBEDTLS_SSL_RENEGOTIATION) + ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE || #endif ssl->handshake->resume == 0 ) { n = 0; } -#if defined(POLARSSL_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) /* * RFC 5077 section 3.4: "When presenting a ticket, the client MAY * generate and include a Session ID in the TLS ClientHello." */ -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) #endif { if( ssl->session_negotiate->ticket != NULL && ssl->session_negotiate->ticket_len != 0 ) { - ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id, 32 ); + ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, 32 ); if( ret != 0 ) return( ret ); - ssl->session_negotiate->length = n = 32; + ssl->session_negotiate->id_len = n = 32; } } -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ *p++ = (unsigned char) n; for( i = 0; i < n; i++ ) *p++ = ssl->session_negotiate->id[i]; - SSL_DEBUG_MSG( 3, ( "client hello, session id len.: %d", n ) ); - SSL_DEBUG_BUF( 3, "client hello, session id", buf + 39, n ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, session id len.: %d", n ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 39, n ); + + /* + * DTLS cookie + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + if( ssl->handshake->verify_cookie == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "no verify cookie to send" ) ); + *p++ = 0; + } + else + { + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", + ssl->handshake->verify_cookie, + ssl->handshake->verify_cookie_len ); + + *p++ = ssl->handshake->verify_cookie_len; + memcpy( p, ssl->handshake->verify_cookie, + ssl->handshake->verify_cookie_len ); + p += ssl->handshake->verify_cookie_len; + } + } +#endif + + /* + * Ciphersuite list + */ + ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; - ciphersuites = ssl->ciphersuite_list[ssl->minor_ver]; + /* Skip writing ciphersuite length for now */ n = 0; q = p; - - // Skip writing ciphersuite length for now p += 2; for( i = 0; ciphersuites[i] != 0; i++ ) { - ciphersuite_info = ssl_ciphersuite_from_id( ciphersuites[i] ); + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); if( ciphersuite_info == NULL ) continue; - if( ciphersuite_info->min_minor_ver > ssl->max_minor_ver || - ciphersuite_info->max_minor_ver < ssl->min_minor_ver ) + if( ciphersuite_info->min_minor_ver > ssl->conf->max_minor_ver || + ciphersuite_info->max_minor_ver < ssl->conf->min_minor_ver ) + continue; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ( ciphersuite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) ) continue; +#endif - if( ssl->arc4_disabled == SSL_ARC4_DISABLED && - ciphersuite_info->cipher == POLARSSL_CIPHER_ARC4_128 ) +#if defined(MBEDTLS_ARC4_C) + if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && + ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) continue; +#endif - SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %2d", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %2d", ciphersuites[i] ) ); n++; @@ -658,22 +692,22 @@ static int ssl_write_client_hello( ssl_context *ssl ) /* * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV */ -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) #endif { - *p++ = (unsigned char)( SSL_EMPTY_RENEGOTIATION_INFO >> 8 ); - *p++ = (unsigned char)( SSL_EMPTY_RENEGOTIATION_INFO ); + *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 ); + *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); n++; } /* Some versions of OpenSSL don't handle it correctly if not at end */ -#if defined(POLARSSL_SSL_FALLBACK_SCSV) - if( ssl->fallback == SSL_IS_FALLBACK ) +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) + if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK ) { - SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) ); - *p++ = (unsigned char)( SSL_FALLBACK_SCSV >> 8 ); - *p++ = (unsigned char)( SSL_FALLBACK_SCSV ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) ); + *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ); + *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ); n++; } #endif @@ -681,44 +715,64 @@ static int ssl_write_client_hello( ssl_context *ssl ) *q++ = (unsigned char)( n >> 7 ); *q++ = (unsigned char)( n << 1 ); - SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites", n ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites", n ) ); +#if defined(MBEDTLS_ZLIB_SUPPORT) + offer_compress = 1; +#else + offer_compress = 0; +#endif -#if defined(POLARSSL_ZLIB_SUPPORT) - SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 2 ) ); - SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d %d", - SSL_COMPRESS_DEFLATE, SSL_COMPRESS_NULL ) ); + /* + * We don't support compression with DTLS right now: is many records come + * in the same datagram, uncompressing one could overwrite the next one. + * We don't want to add complexity for handling that case unless there is + * an actual need for it. + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + offer_compress = 0; +#endif - *p++ = 2; - *p++ = SSL_COMPRESS_DEFLATE; - *p++ = SSL_COMPRESS_NULL; -#else - SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 1 ) ); - SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d", SSL_COMPRESS_NULL ) ); + if( offer_compress ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 2 ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d %d", + MBEDTLS_SSL_COMPRESS_DEFLATE, MBEDTLS_SSL_COMPRESS_NULL ) ); - *p++ = 1; - *p++ = SSL_COMPRESS_NULL; -#endif /* POLARSSL_ZLIB_SUPPORT */ + *p++ = 2; + *p++ = MBEDTLS_SSL_COMPRESS_DEFLATE; + *p++ = MBEDTLS_SSL_COMPRESS_NULL; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 1 ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d", + MBEDTLS_SSL_COMPRESS_NULL ) ); + + *p++ = 1; + *p++ = MBEDTLS_SSL_COMPRESS_NULL; + } // First write extensions, then the total length // -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) ssl_write_hostname_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_SSL_RENEGOTIATION) +#if defined(MBEDTLS_SSL_RENEGOTIATION) ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_SSL_PROTO_TLS1_2) && \ - defined(POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) ssl_write_signature_algorithms_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ssl_write_supported_elliptic_curves_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; @@ -726,32 +780,32 @@ static int ssl_write_client_hello( ssl_context *ssl ) ext_len += olen; #endif -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif @@ -759,7 +813,7 @@ static int ssl_write_client_hello( ssl_context *ssl ) /* olen unused if all extensions are disabled */ ((void) olen); - SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d", ext_len ) ); if( ext_len > 0 ) @@ -770,68 +824,73 @@ static int ssl_write_client_hello( ssl_context *ssl ) } ssl->out_msglen = p - buf; - ssl->out_msgtype = SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = SSL_HS_CLIENT_HELLO; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_CLIENT_HELLO; ssl->state++; - if( ( ret = ssl_write_record( ssl ) ) != 0 ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_send_flight_completed( ssl ); +#endif + + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); return( 0 ); } -static int ssl_parse_renegotiation_info( ssl_context *ssl, +static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { int ret; -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) { /* Check verify-data in constant-time. The length OTOH is no secret */ if( len != 1 + ssl->verify_data_len * 2 || buf[0] != ssl->verify_data_len * 2 || - safer_memcmp( buf + 1, + mbedtls_ssl_safer_memcmp( buf + 1, ssl->own_verify_data, ssl->verify_data_len ) != 0 || - safer_memcmp( buf + 1 + ssl->verify_data_len, + mbedtls_ssl_safer_memcmp( buf + 1 + ssl->verify_data_len, ssl->peer_verify_data, ssl->verify_data_len ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); - if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } } else -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ { if( len != 1 || buf[0] != 0x00 ) { - SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); - if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } - ssl->secure_renegotiation = SSL_SECURE_RENEGOTIATION; + ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; } return( 0 ); } -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) -static int ssl_parse_max_fragment_length_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { @@ -839,85 +898,85 @@ static int ssl_parse_max_fragment_length_ext( ssl_context *ssl, * server should use the extension only if we did, * and if so the server's value should match ours (and len is always 1) */ - if( ssl->mfl_code == SSL_MAX_FRAG_LEN_NONE || + if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE || len != 1 || - buf[0] != ssl->mfl_code ) + buf[0] != ssl->conf->mfl_code ) { - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } return( 0 ); } -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) -static int ssl_parse_truncated_hmac_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { - if( ssl->trunc_hmac == SSL_TRUNC_HMAC_DISABLED || + if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED || len != 0 ) { - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } ((void) buf); - ssl->session_negotiate->trunc_hmac = SSL_TRUNC_HMAC_ENABLED; + ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; return( 0 ); } -#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) -static int ssl_parse_encrypt_then_mac_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { - if( ssl->encrypt_then_mac == SSL_ETM_DISABLED || - ssl->minor_ver == SSL_MINOR_VERSION_0 || + if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || len != 0 ) { - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } ((void) buf); - ssl->session_negotiate->encrypt_then_mac = SSL_ETM_ENABLED; + ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; return( 0 ); } -#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */ +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) -static int ssl_parse_extended_ms_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { - if( ssl->extended_ms == SSL_EXTENDED_MS_DISABLED || - ssl->minor_ver == SSL_MINOR_VERSION_0 || + if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || len != 0 ) { - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } ((void) buf); - ssl->handshake->extended_ms = SSL_EXTENDED_MS_ENABLED; + ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; return( 0 ); } -#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */ +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) -static int ssl_parse_session_ticket_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { - if( ssl->session_tickets == SSL_SESSION_TICKETS_DISABLED || + if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED || len != 0 ) { - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } ((void) buf); @@ -926,10 +985,10 @@ static int ssl_parse_session_ticket_ext( ssl_context *ssl, return( 0 ); } -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) -static int ssl_parse_supported_point_formats_ext( ssl_context *ssl, +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { @@ -939,18 +998,18 @@ static int ssl_parse_supported_point_formats_ext( ssl_context *ssl, list_size = buf[0]; if( list_size + 1 != len ) { - SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } p = buf + 1; while( list_size > 0 ) { - if( p[0] == POLARSSL_ECP_PF_UNCOMPRESSED || - p[0] == POLARSSL_ECP_PF_COMPRESSED ) + if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || + p[0] == MBEDTLS_ECP_PF_COMPRESSED ) { ssl->handshake->ecdh_ctx.point_format = p[0]; - SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); + MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); return( 0 ); } @@ -958,21 +1017,21 @@ static int ssl_parse_supported_point_formats_ext( ssl_context *ssl, p++; } - SSL_DEBUG_MSG( 1, ( "no point format in common" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no point format in common" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } -#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(POLARSSL_SSL_ALPN) -static int ssl_parse_alpn_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_ALPN) +static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { size_t list_len, name_len; const char **p; /* If we didn't send it, the server shouldn't send it */ - if( ssl->alpn_list == NULL ) - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + if( ssl->conf->alpn_list == NULL ) + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); /* * opaque ProtocolName<1..2^8-1>; @@ -986,18 +1045,18 @@ static int ssl_parse_alpn_ext( ssl_context *ssl, /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */ if( len < 4 ) - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); list_len = ( buf[0] << 8 ) | buf[1]; if( list_len != len - 2 ) - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); name_len = buf[2]; if( name_len != list_len - 1 ) - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); /* Check that the server chosen protocol was in our list and save it */ - for( p = ssl->alpn_list; *p != NULL; p++ ) + for( p = ssl->conf->alpn_list; *p != NULL; p++ ) { if( name_len == strlen( *p ) && memcmp( buf + 3, *p, name_len ) == 0 ) @@ -1007,245 +1066,355 @@ static int ssl_parse_alpn_ext( ssl_context *ssl, } } - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } -#endif /* POLARSSL_SSL_ALPN */ +#endif /* MBEDTLS_SSL_ALPN */ -static int ssl_parse_server_hello( ssl_context *ssl ) +/* + * Parse HelloVerifyRequest. Only called after verifying the HS type. + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) +static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) { - int ret, i, comp; + const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + int major_ver, minor_ver; + unsigned char cookie_len; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse hello verify request" ) ); + + /* + * struct { + * ProtocolVersion server_version; + * opaque cookie<0..2^8-1>; + * } HelloVerifyRequest; + */ + MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 ); + mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, p ); + p += 2; + + /* + * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1) + * even is lower than our min version. + */ + if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || + minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 || + major_ver > ssl->conf->max_major_ver || + minor_ver > ssl->conf->max_minor_ver ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server version" ) ); + + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + + return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + } + + cookie_len = *p++; + MBEDTLS_SSL_DEBUG_BUF( 3, "cookie", p, cookie_len ); + + mbedtls_free( ssl->handshake->verify_cookie ); + + ssl->handshake->verify_cookie = mbedtls_calloc( 1, cookie_len ); + if( ssl->handshake->verify_cookie == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed (%d bytes)", cookie_len ) ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } + + memcpy( ssl->handshake->verify_cookie, p, cookie_len ); + ssl->handshake->verify_cookie_len = cookie_len; + + /* Start over at ClientHello */ + ssl->state = MBEDTLS_SSL_CLIENT_HELLO; + mbedtls_ssl_reset_checksum( ssl ); + + mbedtls_ssl_recv_flight_completed( ssl ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse hello verify request" ) ); + + return( 0 ); +} +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) +{ + int ret, i; size_t n; size_t ext_len; unsigned char *buf, *ext; -#if defined(POLARSSL_SSL_RENEGOTIATION) + unsigned char comp; +#if defined(MBEDTLS_ZLIB_SUPPORT) + int accept_comp; +#endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) int renegotiation_info_seen = 0; #endif int handshake_failure = 0; - const ssl_ciphersuite_t *suite_info; -#if defined(POLARSSL_DEBUG_C) + const mbedtls_ssl_ciphersuite_t *suite_info; +#if defined(MBEDTLS_DEBUG_C) uint32_t t; #endif - SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) ); - /* - * 0 . 0 handshake type - * 1 . 3 handshake length - * 4 . 5 protocol version - * 6 . 9 UNIX time() - * 10 . 37 random bytes - */ buf = ssl->in_msg; - if( ( ret = ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); } - if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) { -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation == SSL_RENEGOTIATION ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) { ssl->renego_records_seen++; - if( ssl->renego_max_records >= 0 && - ssl->renego_records_seen > ssl->renego_max_records ) + if( ssl->conf->renego_max_records >= 0 && + ssl->renego_records_seen > ssl->conf->renego_max_records ) { - SSL_DEBUG_MSG( 1, ( "renegotiation requested, " + MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation requested, " "but not honored by server" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } - SSL_DEBUG_MSG( 1, ( "non-handshake message during renego" ) ); - return( POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-handshake message during renego" ) ); + return( MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ); } -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ - SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } - SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]", - buf[4], buf[5] ) ); - - if( ssl->in_hslen < 42 || - buf[0] != SSL_HS_SERVER_HELLO || - buf[4] != SSL_MAJOR_VERSION_3 ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { - SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + if( buf[0] == MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "received hello verify request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); + return( ssl_parse_hello_verify_request( ssl ) ); + } + else + { + /* We made it through the verification process */ + mbedtls_free( ssl->handshake->verify_cookie ); + ssl->handshake->verify_cookie = NULL; + ssl->handshake->verify_cookie_len = 0; + } } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( buf[5] > ssl->max_minor_ver ) + if( ssl->in_hslen < 38 + mbedtls_ssl_hs_hdr_len( ssl ) || + buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO ) { - SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } - ssl->minor_ver = buf[5]; + /* + * 0 . 1 server_version + * 2 . 33 random (maybe including 4 bytes of Unix time) + * 34 . 34 session_id length = n + * 35 . 34+n session_id + * 35+n . 36+n cipher_suite + * 37+n . 37+n compression_method + * + * 38+n . 39+n extensions length (optional) + * 40+n . .. extensions + */ + buf += mbedtls_ssl_hs_hdr_len( ssl ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 ); + mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, + ssl->conf->transport, buf + 0 ); - if( ssl->minor_ver < ssl->min_minor_ver ) + if( ssl->major_ver < ssl->conf->min_major_ver || + ssl->minor_ver < ssl->conf->min_minor_ver || + ssl->major_ver > ssl->conf->max_major_ver || + ssl->minor_ver > ssl->conf->max_minor_ver ) { - SSL_DEBUG_MSG( 1, ( "server only supports ssl smaller than minimum" - " [%d:%d] < [%d:%d]", ssl->major_ver, - ssl->minor_ver, buf[4], buf[5] ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "server version out of bounds - " + " min: [%d:%d], server: [%d:%d], max: [%d:%d]", + ssl->conf->min_major_ver, ssl->conf->min_minor_ver, + ssl->major_ver, ssl->minor_ver, + ssl->conf->max_major_ver, ssl->conf->max_minor_ver ) ); - ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL, - SSL_ALERT_MSG_PROTOCOL_VERSION ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); } -#if defined(POLARSSL_DEBUG_C) - t = ( (uint32_t) buf[6] << 24 ) - | ( (uint32_t) buf[7] << 16 ) - | ( (uint32_t) buf[8] << 8 ) - | ( (uint32_t) buf[9] ); - SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) ); +#if defined(MBEDTLS_DEBUG_C) + t = ( (uint32_t) buf[2] << 24 ) + | ( (uint32_t) buf[3] << 16 ) + | ( (uint32_t) buf[4] << 8 ) + | ( (uint32_t) buf[5] ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) ); #endif - memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 ); + memcpy( ssl->handshake->randbytes + 32, buf + 2, 32 ); - n = buf[38]; + n = buf[34]; - SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 2, 32 ); if( n > 32 ) { - SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } - /* - * 38 . 38 session id length - * 39 . 38+n session id - * 39+n . 40+n chosen ciphersuite - * 41+n . 41+n chosen compression alg. - * 42+n . 43+n extensions length - * 44+n . 44+n+m extensions - */ - if( ssl->in_hslen > 43 + n ) + if( ssl->in_hslen > 39 + n ) { - ext_len = ( ( buf[42 + n] << 8 ) - | ( buf[43 + n] ) ); + ext_len = ( ( buf[38 + n] << 8 ) + | ( buf[39 + n] ) ); if( ( ext_len > 0 && ext_len < 4 ) || - ssl->in_hslen != 44 + n + ext_len ) + ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 40 + n + ext_len ) { - SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } } - else if( ssl->in_hslen == 42 + n ) + else if( ssl->in_hslen == 38 + n ) { ext_len = 0; } else { - SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } - i = ( buf[39 + n] << 8 ) | buf[40 + n]; - comp = buf[41 + n]; + /* ciphersuite (used later) */ + i = ( buf[35 + n] << 8 ) | buf[36 + n]; + + /* + * Read and check compression + */ + comp = buf[37 + n]; + +#if defined(MBEDTLS_ZLIB_SUPPORT) + /* See comments in ssl_write_client_hello() */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + accept_comp = 0; + else +#endif + accept_comp = 1; + + if( comp != MBEDTLS_SSL_COMPRESS_NULL && + ( comp != MBEDTLS_SSL_COMPRESS_DEFLATE || accept_comp == 0 ) ) +#else /* MBEDTLS_ZLIB_SUPPORT */ + if( comp != MBEDTLS_SSL_COMPRESS_NULL ) +#endif/* MBEDTLS_ZLIB_SUPPORT */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "server hello, bad compression: %d", comp ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } /* * Initialize update checksum functions */ - ssl->transform_negotiate->ciphersuite_info = ssl_ciphersuite_from_id( i ); + ssl->transform_negotiate->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i ); if( ssl->transform_negotiate->ciphersuite_info == NULL ) { - SSL_DEBUG_MSG( 1, ( "ciphersuite info for %04x not found", i ) ); - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %04x not found", i ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); + mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); - SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) ); - SSL_DEBUG_BUF( 3, "server hello, session id", buf + 39, n ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 35, n ); /* * Check if the session can be resumed */ if( ssl->handshake->resume == 0 || n == 0 || -#if defined(POLARSSL_SSL_RENEGOTIATION) - ssl->renegotiation != SSL_INITIAL_HANDSHAKE || +#if defined(MBEDTLS_SSL_RENEGOTIATION) + ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE || #endif ssl->session_negotiate->ciphersuite != i || ssl->session_negotiate->compression != comp || - ssl->session_negotiate->length != n || - memcmp( ssl->session_negotiate->id, buf + 39, n ) != 0 ) + ssl->session_negotiate->id_len != n || + memcmp( ssl->session_negotiate->id, buf + 35, n ) != 0 ) { ssl->state++; ssl->handshake->resume = 0; -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) ssl->session_negotiate->start = time( NULL ); #endif ssl->session_negotiate->ciphersuite = i; ssl->session_negotiate->compression = comp; - ssl->session_negotiate->length = n; - memcpy( ssl->session_negotiate->id, buf + 39, n ); + ssl->session_negotiate->id_len = n; + memcpy( ssl->session_negotiate->id, buf + 35, n ); } else { - ssl->state = SSL_SERVER_CHANGE_CIPHER_SPEC; + ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; - if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); return( ret ); } } - SSL_DEBUG_MSG( 3, ( "%s session has been resumed", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", ssl->handshake->resume ? "a" : "no" ) ); - SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %d", i ) ); - SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", buf[41 + n] ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %d", i ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", buf[37 + n] ) ); - suite_info = ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ); - if( suite_info == NULL || - ( ssl->arc4_disabled && - suite_info->cipher == POLARSSL_CIPHER_ARC4_128 ) ) + suite_info = mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ); + if( suite_info == NULL +#if defined(MBEDTLS_ARC4_C) + || ( ssl->conf->arc4_disabled && + suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) +#endif + ) { - SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } - i = 0; while( 1 ) { - if( ssl->ciphersuite_list[ssl->minor_ver][i] == 0 ) + if( ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0 ) { - SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } - if( ssl->ciphersuite_list[ssl->minor_ver][i++] == + if( ssl->conf->ciphersuite_list[ssl->minor_ver][i++] == ssl->session_negotiate->ciphersuite ) { break; } } - if( comp != SSL_COMPRESS_NULL -#if defined(POLARSSL_ZLIB_SUPPORT) - && comp != SSL_COMPRESS_DEFLATE + if( comp != MBEDTLS_SSL_COMPRESS_NULL +#if defined(MBEDTLS_ZLIB_SUPPORT) + && comp != MBEDTLS_SSL_COMPRESS_DEFLATE #endif ) { - SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } ssl->session_negotiate->compression = comp; - ext = buf + 44 + n; + ext = buf + 40 + n; - SSL_DEBUG_MSG( 2, ( "server hello, total extension length: %d", ext_len ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "server hello, total extension length: %d", ext_len ) ); while( ext_len ) { @@ -1256,15 +1425,15 @@ static int ssl_parse_server_hello( ssl_context *ssl ) if( ext_size + 4 > ext_len ) { - SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } switch( ext_id ) { - case TLS_EXT_RENEGOTIATION_INFO: - SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); -#if defined(POLARSSL_SSL_RENEGOTIATION) + case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) renegotiation_info_seen = 1; #endif @@ -1274,9 +1443,9 @@ static int ssl_parse_server_hello( ssl_context *ssl ) break; -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) - case TLS_EXT_MAX_FRAGMENT_LENGTH: - SSL_DEBUG_MSG( 3, ( "found max_fragment_length extension" ) ); +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max_fragment_length extension" ) ); if( ( ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size ) ) != 0 ) @@ -1285,11 +1454,11 @@ static int ssl_parse_server_hello( ssl_context *ssl ) } break; -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) - case TLS_EXT_TRUNCATED_HMAC: - SSL_DEBUG_MSG( 3, ( "found truncated_hmac extension" ) ); +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated_hmac extension" ) ); if( ( ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size ) ) != 0 ) @@ -1298,11 +1467,11 @@ static int ssl_parse_server_hello( ssl_context *ssl ) } break; -#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) - case TLS_EXT_ENCRYPT_THEN_MAC: - SSL_DEBUG_MSG( 3, ( "found encrypt_then_mac extension" ) ); +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt_then_mac extension" ) ); if( ( ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size ) ) != 0 ) @@ -1311,11 +1480,11 @@ static int ssl_parse_server_hello( ssl_context *ssl ) } break; -#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */ +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) - case TLS_EXT_EXTENDED_MASTER_SECRET: - SSL_DEBUG_MSG( 3, ( "found extended_master_secret extension" ) ); +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended_master_secret extension" ) ); if( ( ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size ) ) != 0 ) @@ -1324,11 +1493,11 @@ static int ssl_parse_server_hello( ssl_context *ssl ) } break; -#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */ +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) - case TLS_EXT_SESSION_TICKET: - SSL_DEBUG_MSG( 3, ( "found session_ticket extension" ) ); +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + case MBEDTLS_TLS_EXT_SESSION_TICKET: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session_ticket extension" ) ); if( ( ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size ) ) != 0 ) @@ -1337,11 +1506,11 @@ static int ssl_parse_server_hello( ssl_context *ssl ) } break; -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) - case TLS_EXT_SUPPORTED_POINT_FORMATS: - SSL_DEBUG_MSG( 3, ( "found supported_point_formats extension" ) ); +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) + case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported_point_formats extension" ) ); if( ( ret = ssl_parse_supported_point_formats_ext( ssl, ext + 4, ext_size ) ) != 0 ) @@ -1350,20 +1519,20 @@ static int ssl_parse_server_hello( ssl_context *ssl ) } break; -#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(POLARSSL_SSL_ALPN) - case TLS_EXT_ALPN: - SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); +#if defined(MBEDTLS_SSL_ALPN) + case MBEDTLS_TLS_EXT_ALPN: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ) ) != 0 ) return( ret ); break; -#endif /* POLARSSL_SSL_ALPN */ +#endif /* MBEDTLS_SSL_ALPN */ default: - SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)", ext_id ) ); } @@ -1372,63 +1541,63 @@ static int ssl_parse_server_hello( ssl_context *ssl ) if( ext_len > 0 && ext_len < 4 ) { - SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } } /* * Renegotiation security checks */ - if( ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && - ssl->allow_legacy_renegotiation == SSL_LEGACY_BREAK_HANDSHAKE ) + if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) { - SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); handshake_failure = 1; } -#if defined(POLARSSL_SSL_RENEGOTIATION) - else if( ssl->renegotiation == SSL_RENEGOTIATION && - ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION && +#if defined(MBEDTLS_SSL_RENEGOTIATION) + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && renegotiation_info_seen == 0 ) { - SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); handshake_failure = 1; } - else if( ssl->renegotiation == SSL_RENEGOTIATION && - ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && - ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION ) + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) { - SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); handshake_failure = 1; } - else if( ssl->renegotiation == SSL_RENEGOTIATION && - ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && renegotiation_info_seen == 1 ) { - SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) ); handshake_failure = 1; } -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ if( handshake_failure == 1 ) { - if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } - SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); return( 0 ); } -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) -static int ssl_parse_server_dh_params( ssl_context *ssl, unsigned char **p, +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) +static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char **p, unsigned char *end ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; /* * Ephemeral DH parameters: @@ -1439,72 +1608,73 @@ static int ssl_parse_server_dh_params( ssl_context *ssl, unsigned char **p, * opaque dh_Ys<1..2^16-1>; * } ServerDHParams; */ - if( ( ret = dhm_read_params( &ssl->handshake->dhm_ctx, p, end ) ) != 0 ) + if( ( ret = mbedtls_dhm_read_params( &ssl->handshake->dhm_ctx, p, end ) ) != 0 ) { - SSL_DEBUG_RET( 2, ( "dhm_read_params" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 2, ( "mbedtls_dhm_read_params" ), ret ); return( ret ); } - if( ssl->handshake->dhm_ctx.len < SSL_MIN_DHM_BYTES || - ssl->handshake->dhm_ctx.len > 512 ) + if( ssl->handshake->dhm_ctx.len * 8 < ssl->conf->dhm_min_bitlen ) { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message (DHM length)" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %d < %d", + ssl->handshake->dhm_ctx.len * 8, + ssl->conf->dhm_min_bitlen ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } - SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); - SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); - SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); return( ret ); } -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -static int ssl_check_server_ecdh_params( const ssl_context *ssl ) +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) { - const ecp_curve_info *curve_info; + const mbedtls_ecp_curve_info *curve_info; - curve_info = ecp_curve_info_from_grp_id( ssl->handshake->ecdh_ctx.grp.id ); + curve_info = mbedtls_ecp_curve_info_from_grp_id( ssl->handshake->ecdh_ctx.grp.id ); if( curve_info == NULL ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); -#if defined(POLARSSL_SSL_SET_CURVES) - if( ! ssl_curve_is_acceptable( ssl, ssl->handshake->ecdh_ctx.grp.id ) ) +#if defined(MBEDTLS_ECP_C) + if( mbedtls_ssl_check_curve( ssl, ssl->handshake->ecdh_ctx.grp.id ) != 0 ) #else if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || ssl->handshake->ecdh_ctx.grp.nbits > 521 ) #endif return( -1 ); - SSL_DEBUG_ECP( 3, "ECDH: Qp", &ssl->handshake->ecdh_ctx.Qp ); + MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp", &ssl->handshake->ecdh_ctx.Qp ); return( 0 ); } -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -static int ssl_parse_server_ecdh_params( ssl_context *ssl, +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, unsigned char **p, unsigned char *end ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; /* * Ephemeral ECDH parameters: @@ -1514,31 +1684,31 @@ static int ssl_parse_server_ecdh_params( ssl_context *ssl, * ECPoint public; * } ServerECDHParams; */ - if( ( ret = ecdh_read_params( &ssl->handshake->ecdh_ctx, + if( ( ret = mbedtls_ecdh_read_params( &ssl->handshake->ecdh_ctx, (const unsigned char **) p, end ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ecdh_read_params" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_read_params" ), ret ); return( ret ); } if( ssl_check_server_ecdh_params( ssl ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message (ECDHE curve)" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (ECDHE curve)" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } return( ret ); } -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) -static int ssl_parse_server_psk_hint( ssl_context *ssl, +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, unsigned char **p, unsigned char *end ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t len; ((void) ssl); @@ -1552,8 +1722,8 @@ static int ssl_parse_server_psk_hint( ssl_context *ssl, if( (*p) + len > end ) { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message (psk_identity_hint length)" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (psk_identity_hint length)" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } // TODO: Retrieve PSK identity hint and callback to app @@ -1563,19 +1733,19 @@ static int ssl_parse_server_psk_hint( ssl_context *ssl, return( ret ); } -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) /* * Generate a pre-master secret and encrypt it with the server's RSA key */ -static int ssl_write_encrypted_pms( ssl_context *ssl, +static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, size_t offset, size_t *olen, size_t pms_offset ) { int ret; - size_t len_bytes = ssl->minor_ver == SSL_MINOR_VERSION_0 ? 0 : 2; + size_t len_bytes = ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2; unsigned char *p = ssl->handshake->premaster + pms_offset; /* @@ -1585,12 +1755,12 @@ static int ssl_write_encrypted_pms( ssl_context *ssl, * opaque random[46]; * } PreMasterSecret; */ - p[0] = (unsigned char) ssl->max_major_ver; - p[1] = (unsigned char) ssl->max_minor_ver; + mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver, + ssl->conf->transport, p ); - if( ( ret = ssl->f_rng( ssl->p_rng, p + 2, 46 ) ) != 0 ) + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p + 2, 46 ) ) != 0 ) { - SSL_DEBUG_RET( 1, "f_rng", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "f_rng", ret ); return( ret ); } @@ -1599,25 +1769,25 @@ static int ssl_write_encrypted_pms( ssl_context *ssl, /* * Now write it out, encrypted */ - if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk, - POLARSSL_PK_RSA ) ) + if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk, + MBEDTLS_PK_RSA ) ) { - SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) ); - return( POLARSSL_ERR_SSL_PK_TYPE_MISMATCH ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) ); + return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); } - if( ( ret = pk_encrypt( &ssl->session_negotiate->peer_cert->pk, + if( ( ret = mbedtls_pk_encrypt( &ssl->session_negotiate->peer_cert->pk, p, ssl->handshake->pmslen, ssl->out_msg + offset + len_bytes, olen, - SSL_MAX_CONTENT_LEN - offset - len_bytes, - ssl->f_rng, ssl->p_rng ) ) != 0 ) + MBEDTLS_SSL_MAX_CONTENT_LEN - offset - len_bytes, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { - SSL_DEBUG_RET( 1, "rsa_pkcs1_encrypt", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_rsa_pkcs1_encrypt", ret ); return( ret ); } -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) if( len_bytes == 2 ) { ssl->out_msg[offset+0] = (unsigned char)( *olen >> 8 ); @@ -1628,119 +1798,115 @@ static int ssl_write_encrypted_pms( ssl_context *ssl, return( 0 ); } -#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ - -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -static int ssl_parse_signature_algorithm( ssl_context *ssl, +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED) +static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, unsigned char **p, unsigned char *end, - md_type_t *md_alg, - pk_type_t *pk_alg ) + mbedtls_md_type_t *md_alg, + mbedtls_pk_type_t *pk_alg ) { ((void) ssl); - *md_alg = POLARSSL_MD_NONE; - *pk_alg = POLARSSL_PK_NONE; + *md_alg = MBEDTLS_MD_NONE; + *pk_alg = MBEDTLS_PK_NONE; /* Only in TLS 1.2 */ - if( ssl->minor_ver != SSL_MINOR_VERSION_3 ) + if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) { return( 0 ); } if( (*p) + 2 > end ) - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); /* * Get hash algorithm */ - if( ( *md_alg = ssl_md_alg_from_hash( (*p)[0] ) ) == POLARSSL_MD_NONE ) + if( ( *md_alg = mbedtls_ssl_md_alg_from_hash( (*p)[0] ) ) == MBEDTLS_MD_NONE ) { - SSL_DEBUG_MSG( 2, ( "Server used unsupported " + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used unsupported " "HashAlgorithm %d", *(p)[0] ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } /* * Get signature algorithm */ - if( ( *pk_alg = ssl_pk_alg_from_sig( (*p)[1] ) ) == POLARSSL_PK_NONE ) + if( ( *pk_alg = mbedtls_ssl_pk_alg_from_sig( (*p)[1] ) ) == MBEDTLS_PK_NONE ) { - SSL_DEBUG_MSG( 2, ( "server used unsupported " + MBEDTLS_SSL_DEBUG_MSG( 2, ( "server used unsupported " "SignatureAlgorithm %d", (*p)[1] ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } - SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d", (*p)[1] ) ); - SSL_DEBUG_MSG( 2, ( "Server used HashAlgorithm %d", (*p)[0] ) ); + /* + * Check if the hash is acceptable + */ + if( mbedtls_ssl_check_sig_hash( ssl, *md_alg ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "server used HashAlgorithm " + "that was not offered" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d", (*p)[1] ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used HashAlgorithm %d", (*p)[0] ) ); *p += 2; return( 0 ); } -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ - +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -static int ssl_get_ecdh_params_from_cert( ssl_context *ssl ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) { int ret; - const ecp_keypair *peer_key; + const mbedtls_ecp_keypair *peer_key; - if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk, - POLARSSL_PK_ECKEY ) ) + if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk, + MBEDTLS_PK_ECKEY ) ) { - SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); - return( POLARSSL_ERR_SSL_PK_TYPE_MISMATCH ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); + return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); } - peer_key = pk_ec( ssl->session_negotiate->peer_cert->pk ); + peer_key = mbedtls_pk_ec( ssl->session_negotiate->peer_cert->pk ); - if( ( ret = ecdh_get_params( &ssl->handshake->ecdh_ctx, peer_key, - POLARSSL_ECDH_THEIRS ) ) != 0 ) + if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, peer_key, + MBEDTLS_ECDH_THEIRS ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ecdh_get_params" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret ); return( ret ); } if( ssl_check_server_ecdh_params( ssl ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad server certificate (ECDH curve)" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server certificate (ECDH curve)" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); } return( ret ); } -#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || - POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ -static int ssl_parse_server_key_exchange( ssl_context *ssl ) +static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) { int ret; - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; unsigned char *p, *end; -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - size_t sig_len, params_len; - unsigned char hash[64]; - md_type_t md_alg = POLARSSL_MD_NONE; - size_t hashlen; - pk_type_t pk_alg = POLARSSL_PK_NONE; -#endif - SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) ); -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ) +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) { - SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); ssl->state++; return( 0 ); } @@ -1748,162 +1914,167 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) ((void) end); #endif -#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_ECDSA ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) { if( ( ret = ssl_get_ecdh_params_from_cert( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_get_ecdh_params_from_cert", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_ecdh_params_from_cert", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); ssl->state++; return( 0 ); } ((void) p); ((void) end); -#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - if( ( ret = ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); } - if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } /* * ServerKeyExchange may be skipped with PSK and RSA-PSK when the server * doesn't use a psk_identity_hint */ - if( ssl->in_msg[0] != SSL_HS_SERVER_KEY_EXCHANGE ) + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE ) { - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) { ssl->record_read = 1; goto exit; } - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } - p = ssl->in_msg + 4; + p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); end = ssl->in_msg + ssl->in_hslen; - SSL_DEBUG_BUF( 3, "server key exchange", p, ssl->in_hslen - 4 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server key exchange", p, end - p ); -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } } /* FALLTROUGH */ -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) ; /* nothing more to do */ else -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED || + MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) { if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } } else -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA ) +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) { if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } } else -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA ) +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) { - params_len = p - ( ssl->in_msg + 4 ); + size_t sig_len, hashlen; + unsigned char hash[64]; + mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; + mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; + unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + size_t params_len = p - params; /* * Handle the digitally-signed structure */ -#if defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { if( ssl_parse_signature_algorithm( ssl, &p, end, &md_alg, &pk_alg ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } - if( pk_alg != ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ) ) + if( pk_alg != mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ) ) { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } } else -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_1) - if( ssl->minor_ver < SSL_MINOR_VERSION_3 ) +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) { - pk_alg = ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); + pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); /* Default hash for ECDSA is SHA-1 */ - if( pk_alg == POLARSSL_PK_ECDSA && md_alg == POLARSSL_MD_NONE ) - md_alg = POLARSSL_MD_SHA1; + if( pk_alg == MBEDTLS_PK_ECDSA && md_alg == MBEDTLS_MD_NONE ) + md_alg = MBEDTLS_MD_SHA1; } else #endif { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } /* @@ -1914,24 +2085,24 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) if( end != p + sig_len ) { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } - SSL_DEBUG_BUF( 3, "signature", p, sig_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "signature", p, sig_len ); /* * Compute the hash that has been signed */ -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_1) - if( md_alg == POLARSSL_MD_NONE ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( md_alg == MBEDTLS_MD_NONE ) { - md5_context md5; - sha1_context sha1; + mbedtls_md5_context mbedtls_md5; + mbedtls_sha1_context mbedtls_sha1; - md5_init( &md5 ); - sha1_init( &sha1 ); + mbedtls_md5_init( &mbedtls_md5 ); + mbedtls_sha1_init( &mbedtls_sha1 ); hashlen = 36; @@ -1948,29 +2119,29 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) * SHA(ClientHello.random + ServerHello.random * + ServerParams); */ - md5_starts( &md5 ); - md5_update( &md5, ssl->handshake->randbytes, 64 ); - md5_update( &md5, ssl->in_msg + 4, params_len ); - md5_finish( &md5, hash ); - - sha1_starts( &sha1 ); - sha1_update( &sha1, ssl->handshake->randbytes, 64 ); - sha1_update( &sha1, ssl->in_msg + 4, params_len ); - sha1_finish( &sha1, hash + 16 ); - - md5_free( &md5 ); - sha1_free( &sha1 ); + mbedtls_md5_starts( &mbedtls_md5 ); + mbedtls_md5_update( &mbedtls_md5, ssl->handshake->randbytes, 64 ); + mbedtls_md5_update( &mbedtls_md5, params, params_len ); + mbedtls_md5_finish( &mbedtls_md5, hash ); + + mbedtls_sha1_starts( &mbedtls_sha1 ); + mbedtls_sha1_update( &mbedtls_sha1, ssl->handshake->randbytes, 64 ); + mbedtls_sha1_update( &mbedtls_sha1, params, params_len ); + mbedtls_sha1_finish( &mbedtls_sha1, hash + 16 ); + + mbedtls_md5_free( &mbedtls_md5 ); + mbedtls_sha1_free( &mbedtls_sha1 ); } else -#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \ - POLARSSL_SSL_PROTO_TLS1_1 */ -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_2) - if( md_alg != POLARSSL_MD_NONE ) +#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ + MBEDTLS_SSL_PROTO_TLS1_1 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( md_alg != MBEDTLS_MD_NONE ) { - md_context_t ctx; + mbedtls_md_context_t ctx; - md_init( &ctx ); + mbedtls_md_init( &ctx ); /* Info from md_alg will be used instead */ hashlen = 0; @@ -1982,126 +2153,114 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) * ServerDHParams params; * }; */ - if( ( ret = md_init_ctx( &ctx, - md_info_from_type( md_alg ) ) ) != 0 ) + if( ( ret = mbedtls_md_setup( &ctx, + mbedtls_md_info_from_type( md_alg ), 0 ) ) != 0 ) { - SSL_DEBUG_RET( 1, "md_init_ctx", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret ); return( ret ); } - md_starts( &ctx ); - md_update( &ctx, ssl->handshake->randbytes, 64 ); - md_update( &ctx, ssl->in_msg + 4, params_len ); - md_finish( &ctx, hash ); - md_free( &ctx ); + mbedtls_md_starts( &ctx ); + mbedtls_md_update( &ctx, ssl->handshake->randbytes, 64 ); + mbedtls_md_update( &ctx, params, params_len ); + mbedtls_md_finish( &ctx, hash ); + mbedtls_md_free( &ctx ); } else -#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 || \ - POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ + MBEDTLS_SSL_PROTO_TLS1_2 */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen : - (unsigned int) ( md_info_from_type( md_alg ) )->size ); + MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen : + (unsigned int) ( mbedtls_md_get_size( mbedtls_md_info_from_type( md_alg ) ) ) ); /* * Verify signature */ - if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk, pk_alg ) ) + if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk, pk_alg ) ) { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_PK_TYPE_MISMATCH ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); } - if( ( ret = pk_verify( &ssl->session_negotiate->peer_cert->pk, + if( ( ret = mbedtls_pk_verify( &ssl->session_negotiate->peer_cert->pk, md_alg, hash, hashlen, p, sig_len ) ) != 0 ) { - SSL_DEBUG_RET( 1, "pk_verify", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); return( ret ); } } -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ exit: ssl->state++; - SSL_DEBUG_MSG( 2, ( "<= parse server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server key exchange" ) ); return( 0 ); } -#if !defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -static int ssl_parse_certificate_request( ssl_context *ssl ) +#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) { - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { - SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); ssl->state++; return( 0 ); } - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } #else -static int ssl_parse_certificate_request( ssl_context *ssl ) +static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) { int ret; unsigned char *buf, *p; size_t n = 0, m = 0; size_t cert_type_len = 0, dn_len = 0; - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { - SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); ssl->state++; return( 0 ); } - /* - * 0 . 0 handshake type - * 1 . 3 handshake length - * 4 . 4 cert type count - * 5 .. m-1 cert types - * m .. m+1 sig alg length (TLS 1.2 only) - * m+1 .. n-1 SignatureAndHashAlgorithms (TLS 1.2 only) - * n .. n+1 length of all DNs - * n+2 .. n+3 length of DN 1 - * n+4 .. ... Distinguished Name #1 - * ... .. ... length of DN 2, etc. - */ if( ssl->record_read == 0 ) { - if( ( ret = ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); } - if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) { - SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } ssl->record_read = 1; @@ -2110,10 +2269,10 @@ static int ssl_parse_certificate_request( ssl_context *ssl ) ssl->client_auth = 0; ssl->state++; - if( ssl->in_msg[0] == SSL_HS_CERTIFICATE_REQUEST ) + if( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST ) ssl->client_auth++; - SSL_DEBUG_MSG( 3, ( "got %s certificate request", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "got %s certificate request", ssl->client_auth ? "a" : "no" ) ); if( ssl->client_auth == 0 ) @@ -2124,36 +2283,44 @@ static int ssl_parse_certificate_request( ssl_context *ssl ) // TODO: handshake_failure alert for an anonymous server to request // client authentication + /* + * struct { + * ClientCertificateType certificate_types<1..2^8-1>; + * SignatureAndHashAlgorithm + * supported_signature_algorithms<2^16-1>; -- TLS 1.2 only + * DistinguishedName certificate_authorities<0..2^16-1>; + * } CertificateRequest; + */ buf = ssl->in_msg; // Retrieve cert types // - cert_type_len = buf[4]; + cert_type_len = buf[mbedtls_ssl_hs_hdr_len( ssl )]; n = cert_type_len; - if( ssl->in_hslen < 6 + n ) + if( ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n ) { - SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); } - p = buf + 5; + p = buf + mbedtls_ssl_hs_hdr_len( ssl ) + 1; while( cert_type_len > 0 ) { -#if defined(POLARSSL_RSA_C) - if( *p == SSL_CERT_TYPE_RSA_SIGN && - pk_can_do( ssl_own_key( ssl ), POLARSSL_PK_RSA ) ) +#if defined(MBEDTLS_RSA_C) + if( *p == MBEDTLS_SSL_CERT_TYPE_RSA_SIGN && + mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_RSA ) ) { - ssl->handshake->cert_type = SSL_CERT_TYPE_RSA_SIGN; + ssl->handshake->cert_type = MBEDTLS_SSL_CERT_TYPE_RSA_SIGN; break; } else #endif -#if defined(POLARSSL_ECDSA_C) - if( *p == SSL_CERT_TYPE_ECDSA_SIGN && - pk_can_do( ssl_own_key( ssl ), POLARSSL_PK_ECDSA ) ) +#if defined(MBEDTLS_ECDSA_C) + if( *p == MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN && + mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECDSA ) ) { - ssl->handshake->cert_type = SSL_CERT_TYPE_ECDSA_SIGN; + ssl->handshake->cert_type = MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN; break; } else @@ -2166,94 +2333,98 @@ static int ssl_parse_certificate_request( ssl_context *ssl ) p++; } -#if defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { /* Ignored, see comments about hash in write_certificate_verify */ // TODO: should check the signature part against our pk_key though - size_t sig_alg_len = ( ( buf[5 + n] << 8 ) - | ( buf[6 + n] ) ); + size_t sig_alg_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 ) + | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) ); - p = buf + 7 + n; m += 2; n += sig_alg_len; - if( ssl->in_hslen < 6 + n ) + if( ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n ) { - SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); } } -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ /* Ignore certificate_authorities, we only have one cert anyway */ // TODO: should not send cert if no CA matches - dn_len = ( ( buf[5 + m + n] << 8 ) - | ( buf[6 + m + n] ) ); + dn_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + m + n] << 8 ) + | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + m + n] ) ); n += dn_len; - if( ssl->in_hslen != 7 + m + n ) + if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 3 + m + n ) { - SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); } exit: - SSL_DEBUG_MSG( 2, ( "<= parse certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate request" ) ); return( 0 ); } -#endif /* !POLARSSL_KEY_EXCHANGE_RSA_ENABLED && - !POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED && - !POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED && - !POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ +#endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED && + !MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED && + !MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED && + !MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -static int ssl_parse_server_hello_done( ssl_context *ssl ) +static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl ) { int ret; - SSL_DEBUG_MSG( 2, ( "=> parse server hello done" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello done" ) ); if( ssl->record_read == 0 ) { - if( ( ret = ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); } - if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) { - SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } } ssl->record_read = 0; - if( ssl->in_hslen != 4 || - ssl->in_msg[0] != SSL_HS_SERVER_HELLO_DONE ) + if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) || + ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO_DONE ) { - SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE ); } ssl->state++; - SSL_DEBUG_MSG( 2, ( "<= parse server hello done" ) ); +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_recv_flight_completed( ssl ); +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello done" ) ); return( 0 ); } -static int ssl_write_client_key_exchange( ssl_context *ssl ) +static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) { int ret; size_t i, n; - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) ); -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ) +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) { /* * DHM key exchange -- send G^X mod P @@ -2264,114 +2435,116 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) ssl->out_msg[5] = (unsigned char)( n ); i = 6; - ret = dhm_make_public( &ssl->handshake->dhm_ctx, - (int) mpi_size( &ssl->handshake->dhm_ctx.P ), + ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, + (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), &ssl->out_msg[i], n, - ssl->f_rng, ssl->p_rng ); + ssl->conf->f_rng, ssl->conf->p_rng ); if( ret != 0 ) { - SSL_DEBUG_RET( 1, "dhm_make_public", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); return( ret ); } - SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); - SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); - - ssl->handshake->pmslen = POLARSSL_PREMASTER_SIZE; + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); - if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx, + if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, ssl->handshake->premaster, + MBEDTLS_PREMASTER_SIZE, &ssl->handshake->pmslen, - ssl->f_rng, ssl->p_rng ) ) != 0 ) + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { - SSL_DEBUG_RET( 1, "dhm_calc_secret", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); return( ret ); } - SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); } else -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_ECDSA ) +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) { /* * ECDH key exchange -- send client public value */ i = 4; - ret = ecdh_make_public( &ssl->handshake->ecdh_ctx, + ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, &n, &ssl->out_msg[i], 1000, - ssl->f_rng, ssl->p_rng ); + ssl->conf->f_rng, ssl->conf->p_rng ); if( ret != 0 ) { - SSL_DEBUG_RET( 1, "ecdh_make_public", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); return( ret ); } - SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q ); + MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q ); - if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, + if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &ssl->handshake->pmslen, ssl->handshake->premaster, - POLARSSL_MPI_MAX_SIZE, - ssl->f_rng, ssl->p_rng ) ) != 0 ) + MBEDTLS_MPI_MAX_SIZE, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ecdh_calc_secret", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); return( ret ); } - SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z ); + MBEDTLS_SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z ); } else -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { /* * opaque psk_identity<0..2^16-1>; */ - if( ssl->psk == NULL || ssl->psk_identity == NULL ) - return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); + if( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key for PSK" ) ); + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + } i = 4; - n = ssl->psk_identity_len; + n = ssl->conf->psk_identity_len; ssl->out_msg[i++] = (unsigned char)( n >> 8 ); ssl->out_msg[i++] = (unsigned char)( n ); - memcpy( ssl->out_msg + i, ssl->psk_identity, ssl->psk_identity_len ); - i += ssl->psk_identity_len; + memcpy( ssl->out_msg + i, ssl->conf->psk_identity, ssl->conf->psk_identity_len ); + i += ssl->conf->psk_identity_len; -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ) +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) { n = 0; } else #endif -#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) { if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 2 ) ) != 0 ) return( ret ); } else #endif -#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) { /* * ClientDiffieHellmanPublic public (DHM send G^X mod P) @@ -2380,153 +2553,153 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) ssl->out_msg[i++] = (unsigned char)( n >> 8 ); ssl->out_msg[i++] = (unsigned char)( n ); - ret = dhm_make_public( &ssl->handshake->dhm_ctx, - (int) mpi_size( &ssl->handshake->dhm_ctx.P ), + ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, + (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), &ssl->out_msg[i], n, - ssl->f_rng, ssl->p_rng ); + ssl->conf->f_rng, ssl->conf->p_rng ); if( ret != 0 ) { - SSL_DEBUG_RET( 1, "dhm_make_public", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); return( ret ); } } else -#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { /* * ClientECDiffieHellmanPublic public; */ - ret = ecdh_make_public( &ssl->handshake->ecdh_ctx, &n, - &ssl->out_msg[i], SSL_MAX_CONTENT_LEN - i, - ssl->f_rng, ssl->p_rng ); + ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, &n, + &ssl->out_msg[i], MBEDTLS_SSL_MAX_CONTENT_LEN - i, + ssl->conf->f_rng, ssl->conf->p_rng ); if( ret != 0 ) { - SSL_DEBUG_RET( 1, "ecdh_make_public", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); return( ret ); } - SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q ); + MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q ); } else -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - if( ( ret = ssl_psk_derive_premaster( ssl, + if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, ciphersuite_info->key_exchange ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); return( ret ); } } else -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ) +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) { i = 4; if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 0 ) ) != 0 ) return( ret ); } else -#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ { ((void) ciphersuite_info); - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } ssl->out_msglen = i + n; - ssl->out_msgtype = SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = SSL_HS_CLIENT_KEY_EXCHANGE; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE; ssl->state++; - if( ( ret = ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= write client key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client key exchange" ) ); return( 0 ); } -#if !defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -static int ssl_write_certificate_verify( ssl_context *ssl ) +#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) { - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; int ret; - SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); - if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); return( ret ); } - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) { - SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); ssl->state++; return( 0 ); } - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } #else -static int ssl_write_certificate_verify( ssl_context *ssl ) +static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; size_t n = 0, offset = 0; unsigned char hash[48]; unsigned char *hash_start = hash; - md_type_t md_alg = POLARSSL_MD_NONE; + mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; unsigned int hashlen; - SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); - if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); return( ret ); } - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) { - SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); ssl->state++; return( 0 ); } - if( ssl->client_auth == 0 || ssl_own_cert( ssl ) == NULL ) + if( ssl->client_auth == 0 || mbedtls_ssl_own_cert( ssl ) == NULL ) { - SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); ssl->state++; return( 0 ); } - if( ssl_own_key( ssl ) == NULL ) + if( mbedtls_ssl_own_key( ssl ) == NULL ) { - SSL_DEBUG_MSG( 1, ( "got no private key" ) ); - return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key for certificate" ) ); + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); } /* @@ -2534,9 +2707,9 @@ static int ssl_write_certificate_verify( ssl_context *ssl ) */ ssl->handshake->calc_verify( ssl, hash ); -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_1) - if( ssl->minor_ver != SSL_MINOR_VERSION_3 ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) { /* * digitally-signed struct { @@ -2551,23 +2724,23 @@ static int ssl_write_certificate_verify( ssl_context *ssl ) * SHA(handshake_messages); */ hashlen = 36; - md_alg = POLARSSL_MD_NONE; + md_alg = MBEDTLS_MD_NONE; /* * For ECDSA, default hash is SHA-1 only */ - if( pk_can_do( ssl_own_key( ssl ), POLARSSL_PK_ECDSA ) ) + if( mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECDSA ) ) { hash_start += 16; hashlen -= 16; - md_alg = POLARSSL_MD_SHA1; + md_alg = MBEDTLS_MD_SHA1; } } else -#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \ - POLARSSL_SSL_PROTO_TLS1_1 */ -#if defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) +#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ + MBEDTLS_SSL_PROTO_TLS1_1 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { /* * digitally-signed struct { @@ -2585,34 +2758,34 @@ static int ssl_write_certificate_verify( ssl_context *ssl ) * in order to satisfy 'weird' needs from the server side. */ if( ssl->transform_negotiate->ciphersuite_info->mac == - POLARSSL_MD_SHA384 ) + MBEDTLS_MD_SHA384 ) { - md_alg = POLARSSL_MD_SHA384; - ssl->out_msg[4] = SSL_HASH_SHA384; + md_alg = MBEDTLS_MD_SHA384; + ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA384; } else { - md_alg = POLARSSL_MD_SHA256; - ssl->out_msg[4] = SSL_HASH_SHA256; + md_alg = MBEDTLS_MD_SHA256; + ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA256; } - ssl->out_msg[5] = ssl_sig_from_pk( ssl_own_key( ssl ) ); + ssl->out_msg[5] = mbedtls_ssl_sig_from_pk( mbedtls_ssl_own_key( ssl ) ); /* Info from md_alg will be used instead */ hashlen = 0; offset = 2; } else -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - if( ( ret = pk_sign( ssl_own_key( ssl ), md_alg, hash_start, hashlen, + if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), md_alg, hash_start, hashlen, ssl->out_msg + 6 + offset, &n, - ssl->f_rng, ssl->p_rng ) ) != 0 ) + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { - SSL_DEBUG_RET( 1, "pk_sign", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); return( ret ); } @@ -2620,45 +2793,46 @@ static int ssl_write_certificate_verify( ssl_context *ssl ) ssl->out_msg[5 + offset] = (unsigned char)( n ); ssl->out_msglen = 6 + n + offset; - ssl->out_msgtype = SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = SSL_HS_CERTIFICATE_VERIFY; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_VERIFY; ssl->state++; - if( ( ret = ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= write certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate verify" ) ); return( ret ); } -#endif /* !POLARSSL_KEY_EXCHANGE_RSA_ENABLED && - !POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED && - !POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ +#endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED && + !MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED && + !MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) -static int ssl_parse_new_session_ticket( ssl_context *ssl ) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) { int ret; uint32_t lifetime; size_t ticket_len; unsigned char *ticket; + const unsigned char *msg; - SSL_DEBUG_MSG( 2, ( "=> parse new session ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse new session ticket" ) ); - if( ( ret = ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); } - if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) { - SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } /* @@ -2667,34 +2841,35 @@ static int ssl_parse_new_session_ticket( ssl_context *ssl ) * opaque ticket<0..2^16-1>; * } NewSessionTicket; * - * 0 . 0 handshake message type - * 1 . 3 handshake message length - * 4 . 7 ticket_lifetime_hint - * 8 . 9 ticket_len (n) - * 10 . 9+n ticket content + * 0 . 3 ticket_lifetime_hint + * 4 . 5 ticket_len (n) + * 6 . 5+n ticket content */ - if( ssl->in_msg[0] != SSL_HS_NEW_SESSION_TICKET || - ssl->in_hslen < 10 ) + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET || + ssl->in_hslen < 6 + mbedtls_ssl_hs_hdr_len( ssl ) ) { - SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); } - lifetime = ( ssl->in_msg[4] << 24 ) | ( ssl->in_msg[5] << 16 ) | - ( ssl->in_msg[6] << 8 ) | ( ssl->in_msg[7] ); + msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + + lifetime = ( msg[0] << 24 ) | ( msg[1] << 16 ) | + ( msg[2] << 8 ) | ( msg[3] ); - ticket_len = ( ssl->in_msg[8] << 8 ) | ( ssl->in_msg[9] ); + ticket_len = ( msg[4] << 8 ) | ( msg[5] ); - if( ticket_len + 10 != ssl->in_hslen ) + if( ticket_len + 6 + mbedtls_ssl_hs_hdr_len( ssl ) != ssl->in_hslen ) { - SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); } - SSL_DEBUG_MSG( 3, ( "ticket length: %d", ticket_len ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %d", ticket_len ) ); /* We're not waiting for a NewSessionTicket message any more */ ssl->handshake->new_session_ticket = 0; + ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; /* * Zero-length ticket means the server changed his mind and doesn't want @@ -2703,19 +2878,19 @@ static int ssl_parse_new_session_ticket( ssl_context *ssl ) if( ticket_len == 0 ) return( 0 ); - polarssl_zeroize( ssl->session_negotiate->ticket, + mbedtls_zeroize( ssl->session_negotiate->ticket, ssl->session_negotiate->ticket_len ); - polarssl_free( ssl->session_negotiate->ticket ); + mbedtls_free( ssl->session_negotiate->ticket ); ssl->session_negotiate->ticket = NULL; ssl->session_negotiate->ticket_len = 0; - if( ( ticket = polarssl_malloc( ticket_len ) ) == NULL ) + if( ( ticket = mbedtls_calloc( 1, ticket_len ) ) == NULL ) { - SSL_DEBUG_MSG( 1, ( "ticket malloc failed" ) ); - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ticket alloc failed" ) ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); } - memcpy( ticket, ssl->in_msg + 10, ticket_len ); + memcpy( ticket, msg + 6, ticket_len ); ssl->session_negotiate->ticket = ticket; ssl->session_negotiate->ticket_len = ticket_len; @@ -2726,40 +2901,59 @@ static int ssl_parse_new_session_ticket( ssl_context *ssl ) * "If the client receives a session ticket from the server, then it * discards any Session ID that was sent in the ServerHello." */ - SSL_DEBUG_MSG( 3, ( "ticket in use, discarding session id" ) ); - ssl->session_negotiate->length = 0; + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket in use, discarding session id" ) ); + ssl->session_negotiate->id_len = 0; - SSL_DEBUG_MSG( 2, ( "<= parse new session ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse new session ticket" ) ); return( 0 ); } -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ /* * SSL handshake -- client side -- single step */ -int ssl_handshake_client_step( ssl_context *ssl ) +int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) { int ret = 0; - if( ssl->state == SSL_HANDSHAKE_OVER ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); - if( ( ret = ssl_flush_output( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) return( ret ); +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + { + if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) + return( ret ); + } +#endif + + /* Change state now, so that it is right in mbedtls_ssl_read_record(), used + * by DTLS for dropping out-of-sequence ChangeCipherSpec records */ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + if( ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC && + ssl->handshake->new_session_ticket != 0 ) + { + ssl->state = MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET; + } +#endif + switch( ssl->state ) { - case SSL_HELLO_REQUEST: - ssl->state = SSL_CLIENT_HELLO; + case MBEDTLS_SSL_HELLO_REQUEST: + ssl->state = MBEDTLS_SSL_CLIENT_HELLO; break; /* * ==> ClientHello */ - case SSL_CLIENT_HELLO: + case MBEDTLS_SSL_CLIENT_HELLO: ret = ssl_write_client_hello( ssl ); break; @@ -2770,23 +2964,23 @@ int ssl_handshake_client_step( ssl_context *ssl ) * ( CertificateRequest ) * ServerHelloDone */ - case SSL_SERVER_HELLO: + case MBEDTLS_SSL_SERVER_HELLO: ret = ssl_parse_server_hello( ssl ); break; - case SSL_SERVER_CERTIFICATE: - ret = ssl_parse_certificate( ssl ); + case MBEDTLS_SSL_SERVER_CERTIFICATE: + ret = mbedtls_ssl_parse_certificate( ssl ); break; - case SSL_SERVER_KEY_EXCHANGE: + case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: ret = ssl_parse_server_key_exchange( ssl ); break; - case SSL_CERTIFICATE_REQUEST: + case MBEDTLS_SSL_CERTIFICATE_REQUEST: ret = ssl_parse_certificate_request( ssl ); break; - case SSL_SERVER_HELLO_DONE: + case MBEDTLS_SSL_SERVER_HELLO_DONE: ret = ssl_parse_server_hello_done( ssl ); break; @@ -2797,24 +2991,24 @@ int ssl_handshake_client_step( ssl_context *ssl ) * ChangeCipherSpec * Finished */ - case SSL_CLIENT_CERTIFICATE: - ret = ssl_write_certificate( ssl ); + case MBEDTLS_SSL_CLIENT_CERTIFICATE: + ret = mbedtls_ssl_write_certificate( ssl ); break; - case SSL_CLIENT_KEY_EXCHANGE: + case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: ret = ssl_write_client_key_exchange( ssl ); break; - case SSL_CERTIFICATE_VERIFY: + case MBEDTLS_SSL_CERTIFICATE_VERIFY: ret = ssl_write_certificate_verify( ssl ); break; - case SSL_CLIENT_CHANGE_CIPHER_SPEC: - ret = ssl_write_change_cipher_spec( ssl ); + case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: + ret = mbedtls_ssl_write_change_cipher_spec( ssl ); break; - case SSL_CLIENT_FINISHED: - ret = ssl_write_finished( ssl ); + case MBEDTLS_SSL_CLIENT_FINISHED: + ret = mbedtls_ssl_write_finished( ssl ); break; /* @@ -2822,33 +3016,34 @@ int ssl_handshake_client_step( ssl_context *ssl ) * ChangeCipherSpec * Finished */ - case SSL_SERVER_CHANGE_CIPHER_SPEC: -#if defined(POLARSSL_SSL_SESSION_TICKETS) - if( ssl->handshake->new_session_ticket != 0 ) - ret = ssl_parse_new_session_ticket( ssl ); - else +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET: + ret = ssl_parse_new_session_ticket( ssl ); + break; #endif - ret = ssl_parse_change_cipher_spec( ssl ); + + case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: + ret = mbedtls_ssl_parse_change_cipher_spec( ssl ); break; - case SSL_SERVER_FINISHED: - ret = ssl_parse_finished( ssl ); + case MBEDTLS_SSL_SERVER_FINISHED: + ret = mbedtls_ssl_parse_finished( ssl ); break; - case SSL_FLUSH_BUFFERS: - SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); - ssl->state = SSL_HANDSHAKE_WRAPUP; + case MBEDTLS_SSL_FLUSH_BUFFERS: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); + ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; break; - case SSL_HANDSHAKE_WRAPUP: - ssl_handshake_wrapup( ssl ); + case MBEDTLS_SSL_HANDSHAKE_WRAPUP: + mbedtls_ssl_handshake_wrapup( ssl ); break; default: - SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } return( ret ); } -#endif /* POLARSSL_SSL_CLI_C */ +#endif /* MBEDTLS_SSL_CLI_C */ diff --git a/ext/mbedtls/library/ssl_cookie.c b/ext/mbedtls/library/ssl_cookie.c new file mode 100644 index 0000000000..cc88905c4e --- /dev/null +++ b/ext/mbedtls/library/ssl_cookie.c @@ -0,0 +1,261 @@ +/* + * DTLS cookie callbacks implementation + * + * Copyright (C) 2014-2015, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * These session callbacks use a simple chained list + * to store and retrieve the session information. + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_SSL_COOKIE_C) + +#include "mbedtls/ssl_cookie.h" +#include "mbedtls/ssl_internal.h" + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +#include + +/* Implementation that should never be optimized out by the compiler */ +static void mbedtls_zeroize( void *v, size_t n ) { + volatile unsigned char *p = v; while( n-- ) *p++ = 0; +} + +/* + * If DTLS is in use, then at least one of SHA-1, SHA-256, SHA-512 is + * available. Try SHA-256 first, 512 wastes resources since we need to stay + * with max 32 bytes of cookie for DTLS 1.0 + */ +#if defined(MBEDTLS_SHA256_C) +#define COOKIE_MD MBEDTLS_MD_SHA224 +#define COOKIE_MD_OUTLEN 32 +#define COOKIE_HMAC_LEN 28 +#elif defined(MBEDTLS_SHA512_C) +#define COOKIE_MD MBEDTLS_MD_SHA384 +#define COOKIE_MD_OUTLEN 48 +#define COOKIE_HMAC_LEN 28 +#elif defined(MBEDTLS_SHA1_C) +#define COOKIE_MD MBEDTLS_MD_SHA1 +#define COOKIE_MD_OUTLEN 20 +#define COOKIE_HMAC_LEN 20 +#else +#error "DTLS hello verify needs SHA-1 or SHA-2" +#endif + +/* + * Cookies are formed of a 4-bytes timestamp (or serial number) and + * an HMAC of timestemp and client ID. + */ +#define COOKIE_LEN ( 4 + COOKIE_HMAC_LEN ) + +void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ) +{ + mbedtls_md_init( &ctx->hmac_ctx ); +#if !defined(MBEDTLS_HAVE_TIME) + ctx->serial = 0; +#endif + ctx->timeout = MBEDTLS_SSL_COOKIE_TIMEOUT; + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &ctx->mutex ); +#endif +} + +void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ) +{ + ctx->timeout = delay; +} + +void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ) +{ + mbedtls_md_free( &ctx->hmac_ctx ); + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &ctx->mutex ); +#endif + + mbedtls_zeroize( ctx, sizeof( mbedtls_ssl_cookie_ctx ) ); +} + +int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + unsigned char key[COOKIE_MD_OUTLEN]; + + if( ( ret = f_rng( p_rng, key, sizeof( key ) ) ) != 0 ) + return( ret ); + + ret = mbedtls_md_setup( &ctx->hmac_ctx, mbedtls_md_info_from_type( COOKIE_MD ), 1 ); + if( ret != 0 ) + return( ret ); + + ret = mbedtls_md_hmac_starts( &ctx->hmac_ctx, key, sizeof( key ) ); + if( ret != 0 ) + return( ret ); + + mbedtls_zeroize( key, sizeof( key ) ); + + return( 0 ); +} + +/* + * Generate the HMAC part of a cookie + */ +static int ssl_cookie_hmac( mbedtls_md_context_t *hmac_ctx, + const unsigned char time[4], + unsigned char **p, unsigned char *end, + const unsigned char *cli_id, size_t cli_id_len ) +{ + unsigned char hmac_out[COOKIE_MD_OUTLEN]; + + if( (size_t)( end - *p ) < COOKIE_HMAC_LEN ) + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + + if( mbedtls_md_hmac_reset( hmac_ctx ) != 0 || + mbedtls_md_hmac_update( hmac_ctx, time, 4 ) != 0 || + mbedtls_md_hmac_update( hmac_ctx, cli_id, cli_id_len ) != 0 || + mbedtls_md_hmac_finish( hmac_ctx, hmac_out ) != 0 ) + { + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + memcpy( *p, hmac_out, COOKIE_HMAC_LEN ); + *p += COOKIE_HMAC_LEN; + + return( 0 ); +} + +/* + * Generate cookie for DTLS ClientHello verification + */ +int mbedtls_ssl_cookie_write( void *p_ctx, + unsigned char **p, unsigned char *end, + const unsigned char *cli_id, size_t cli_id_len ) +{ + int ret; + mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx; + unsigned long t; + + if( ctx == NULL || cli_id == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + if( (size_t)( end - *p ) < COOKIE_LEN ) + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + +#if defined(MBEDTLS_HAVE_TIME) + t = (unsigned long) time( NULL ); +#else + t = ctx->serial++; +#endif + + (*p)[0] = (unsigned char)( t >> 24 ); + (*p)[1] = (unsigned char)( t >> 16 ); + (*p)[2] = (unsigned char)( t >> 8 ); + (*p)[3] = (unsigned char)( t ); + *p += 4; + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret ); +#endif + + ret = ssl_cookie_hmac( &ctx->hmac_ctx, *p - 4, + p, end, cli_id, cli_id_len ); + +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + + MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif + + return( ret ); +} + +/* + * Check a cookie + */ +int mbedtls_ssl_cookie_check( void *p_ctx, + const unsigned char *cookie, size_t cookie_len, + const unsigned char *cli_id, size_t cli_id_len ) +{ + unsigned char ref_hmac[COOKIE_HMAC_LEN]; + int ret = 0; + unsigned char *p = ref_hmac; + mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx; + unsigned long cur_time, cookie_time; + + if( ctx == NULL || cli_id == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + if( cookie_len != COOKIE_LEN ) + return( -1 ); + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret ); +#endif + + if( ssl_cookie_hmac( &ctx->hmac_ctx, cookie, + &p, p + sizeof( ref_hmac ), + cli_id, cli_id_len ) != 0 ) + ret = -1; + +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + + MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif + + if( ret != 0 ) + return( ret ); + + if( mbedtls_ssl_safer_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 ) + return( -1 ); + +#if defined(MBEDTLS_HAVE_TIME) + cur_time = (unsigned long) time( NULL ); +#else + cur_time = ctx->serial; +#endif + + cookie_time = ( (unsigned long) cookie[0] << 24 ) | + ( (unsigned long) cookie[1] << 16 ) | + ( (unsigned long) cookie[2] << 8 ) | + ( (unsigned long) cookie[3] ); + + if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout ) + return( -1 ); + + return( 0 ); +} +#endif /* MBEDTLS_SSL_COOKIE_C */ diff --git a/ext/mbedtls/library/ssl_srv.c b/ext/mbedtls/library/ssl_srv.c index fc217549da..701d27d62b 100644 --- a/ext/mbedtls/library/ssl_srv.c +++ b/ext/mbedtls/library/ssl_srv.c @@ -20,356 +20,75 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_SSL_SRV_C) +#if defined(MBEDTLS_SSL_SRV_C) -#include "polarssl/debug.h" -#include "polarssl/ssl.h" +#include "mbedtls/debug.h" +#include "mbedtls/ssl.h" +#include "mbedtls/ssl_internal.h" #include -#if defined(POLARSSL_ECP_C) -#include "polarssl/ecp.h" +#if defined(MBEDTLS_ECP_C) +#include "mbedtls/ecp.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free +#define mbedtls_calloc calloc +#define mbedtls_free free #endif -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) #include #endif -#if defined(POLARSSL_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } +#endif -/* - * Serialize a session in the following format: - * 0 . n-1 session structure, n = sizeof(ssl_session) - * n . n+2 peer_cert length = m (0 if no certificate) - * n+3 . n+2+m peer cert ASN.1 - * - * Assumes ticket is NULL (always true on server side). - */ -static int ssl_save_session( const ssl_session *session, - unsigned char *buf, size_t buf_len, - size_t *olen ) -{ - unsigned char *p = buf; - size_t left = buf_len; -#if defined(POLARSSL_X509_CRT_PARSE_C) - size_t cert_len; -#endif /* POLARSSL_X509_CRT_PARSE_C */ - - if( left < sizeof( ssl_session ) ) - return( -1 ); - - memcpy( p, session, sizeof( ssl_session ) ); - p += sizeof( ssl_session ); - left -= sizeof( ssl_session ); - -#if defined(POLARSSL_X509_CRT_PARSE_C) - if( session->peer_cert == NULL ) - cert_len = 0; - else - cert_len = session->peer_cert->raw.len; - - if( left < 3 + cert_len ) - return( -1 ); - - *p++ = (unsigned char)( cert_len >> 16 & 0xFF ); - *p++ = (unsigned char)( cert_len >> 8 & 0xFF ); - *p++ = (unsigned char)( cert_len & 0xFF ); - - if( session->peer_cert != NULL ) - memcpy( p, session->peer_cert->raw.p, cert_len ); - - p += cert_len; -#endif /* POLARSSL_X509_CRT_PARSE_C */ - - *olen = p - buf; - - return( 0 ); -} - -/* - * Unserialise session, see ssl_save_session() - */ -static int ssl_load_session( ssl_session *session, - const unsigned char *buf, size_t len ) -{ - const unsigned char *p = buf; - const unsigned char * const end = buf + len; -#if defined(POLARSSL_X509_CRT_PARSE_C) - size_t cert_len; -#endif /* POLARSSL_X509_CRT_PARSE_C */ - - if( p + sizeof( ssl_session ) > end ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - - memcpy( session, p, sizeof( ssl_session ) ); - p += sizeof( ssl_session ); - -#if defined(POLARSSL_X509_CRT_PARSE_C) - if( p + 3 > end ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - - cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2]; - p += 3; - - if( cert_len == 0 ) - { - session->peer_cert = NULL; - } - else - { - int ret; - - if( p + cert_len > end ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - - session->peer_cert = polarssl_malloc( sizeof( x509_crt ) ); - - if( session->peer_cert == NULL ) - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); - - x509_crt_init( session->peer_cert ); - - if( ( ret = x509_crt_parse_der( session->peer_cert, - p, cert_len ) ) != 0 ) - { - x509_crt_free( session->peer_cert ); - polarssl_free( session->peer_cert ); - session->peer_cert = NULL; - return( ret ); - } - - p += cert_len; - } -#endif /* POLARSSL_X509_CRT_PARSE_C */ - - if( p != end ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - - return( 0 ); -} - -/* - * Create session ticket, secured as recommended in RFC 5077 section 4: - * - * struct { - * opaque key_name[16]; - * opaque iv[16]; - * opaque encrypted_state<0..2^16-1>; - * opaque mac[32]; - * } ticket; - * - * (the internal state structure differs, however). - */ -static int ssl_write_ticket( ssl_context *ssl, size_t *tlen ) +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) +int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, + const unsigned char *info, + size_t ilen ) { - int ret; - unsigned char * const start = ssl->out_msg + 10; - unsigned char *p = start; - unsigned char *state; - unsigned char iv[16]; - size_t clear_len, enc_len, pad_len, i; - - *tlen = 0; - - if( ssl->ticket_keys == NULL ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - - /* Write key name */ - memcpy( p, ssl->ticket_keys->key_name, 16 ); - p += 16; - - /* Generate and write IV (with a copy for aes_crypt) */ - if( ( ret = ssl->f_rng( ssl->p_rng, p, 16 ) ) != 0 ) - return( ret ); - memcpy( iv, p, 16 ); - p += 16; - - /* - * Dump session state - * - * After the session state itself, we still need room for 16 bytes of - * padding and 32 bytes of MAC, so there's only so much room left - */ - state = p + 2; - if( ssl_save_session( ssl->session_negotiate, state, - SSL_MAX_CONTENT_LEN - ( state - ssl->out_ctr ) - 48, - &clear_len ) != 0 ) - { - return( POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE ); - } - SSL_DEBUG_BUF( 3, "session ticket cleartext", state, clear_len ); - - /* Apply PKCS padding */ - pad_len = 16 - clear_len % 16; - enc_len = clear_len + pad_len; - for( i = clear_len; i < enc_len; i++ ) - state[i] = (unsigned char) pad_len; - - /* Encrypt */ - if( ( ret = aes_crypt_cbc( &ssl->ticket_keys->enc, AES_ENCRYPT, - enc_len, iv, state, state ) ) != 0 ) - { - return( ret ); - } - - /* Write length */ - *p++ = (unsigned char)( ( enc_len >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( enc_len ) & 0xFF ); - p = state + enc_len; + if( ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - /* Compute and write MAC( key_name + iv + enc_state_len + enc_state ) */ - sha256_hmac( ssl->ticket_keys->mac_key, 16, start, p - start, p, 0 ); - p += 32; + mbedtls_free( ssl->cli_id ); - *tlen = p - start; + if( ( ssl->cli_id = mbedtls_calloc( 1, ilen ) ) == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - SSL_DEBUG_BUF( 3, "session ticket structure", start, *tlen ); + memcpy( ssl->cli_id, info, ilen ); + ssl->cli_id_len = ilen; return( 0 ); } -/* - * Load session ticket (see ssl_write_ticket for structure) - */ -static int ssl_parse_ticket( ssl_context *ssl, - unsigned char *buf, - size_t len ) +void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, + mbedtls_ssl_cookie_write_t *f_cookie_write, + mbedtls_ssl_cookie_check_t *f_cookie_check, + void *p_cookie ) { - int ret; - ssl_session session; - unsigned char *key_name = buf; - unsigned char *iv = buf + 16; - unsigned char *enc_len_p = iv + 16; - unsigned char *ticket = enc_len_p + 2; - unsigned char *mac; - unsigned char computed_mac[32]; - size_t enc_len, clear_len, i; - unsigned char pad_len, diff; - - SSL_DEBUG_BUF( 3, "session ticket structure", buf, len ); - - if( len < 34 || ssl->ticket_keys == NULL ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - - enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1]; - mac = ticket + enc_len; - - if( len != enc_len + 66 ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - - /* Check name, in constant time though it's not a big secret */ - diff = 0; - for( i = 0; i < 16; i++ ) - diff |= key_name[i] ^ ssl->ticket_keys->key_name[i]; - /* don't return yet, check the MAC anyway */ - - /* Check mac, with constant-time buffer comparison */ - sha256_hmac( ssl->ticket_keys->mac_key, 16, buf, len - 32, - computed_mac, 0 ); - - for( i = 0; i < 32; i++ ) - diff |= mac[i] ^ computed_mac[i]; - - /* Now return if ticket is not authentic, since we want to avoid - * decrypting arbitrary attacker-chosen data */ - if( diff != 0 ) - return( POLARSSL_ERR_SSL_INVALID_MAC ); - - /* Decrypt */ - if( ( ret = aes_crypt_cbc( &ssl->ticket_keys->dec, AES_DECRYPT, - enc_len, iv, ticket, ticket ) ) != 0 ) - { - return( ret ); - } - - /* Check PKCS padding */ - pad_len = ticket[enc_len - 1]; - - ret = 0; - for( i = 2; i < pad_len; i++ ) - if( ticket[enc_len - i] != pad_len ) - ret = POLARSSL_ERR_SSL_BAD_INPUT_DATA; - if( ret != 0 ) - return( ret ); - - clear_len = enc_len - pad_len; - - SSL_DEBUG_BUF( 3, "session ticket cleartext", ticket, clear_len ); - - /* Actually load session */ - if( ( ret = ssl_load_session( &session, ticket, clear_len ) ) != 0 ) - { - SSL_DEBUG_MSG( 1, ( "failed to parse ticket content" ) ); - ssl_session_free( &session ); - return( ret ); - } - -#if defined(POLARSSL_HAVE_TIME) - /* Check if still valid */ - if( (int) ( time( NULL) - session.start ) > ssl->ticket_lifetime ) - { - SSL_DEBUG_MSG( 1, ( "session ticket expired" ) ); - ssl_session_free( &session ); - return( POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED ); - } -#endif - - /* - * Keep the session ID sent by the client, since we MUST send it back to - * inform him we're accepting the ticket (RFC 5077 section 3.4) - */ - session.length = ssl->session_negotiate->length; - memcpy( &session.id, ssl->session_negotiate->id, session.length ); - - ssl_session_free( ssl->session_negotiate ); - memcpy( ssl->session_negotiate, &session, sizeof( ssl_session ) ); - - /* Zeroize instead of free as we copied the content */ - polarssl_zeroize( &session, sizeof( ssl_session ) ); - - return( 0 ); + conf->f_cookie_write = f_cookie_write; + conf->f_cookie_check = f_cookie_check; + conf->p_cookie = p_cookie; } -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) -/* - * Wrapper around f_sni, allowing use of ssl_set_own_cert() but - * making it act on ssl->hanshake->sni_key_cert instead. - */ -static int ssl_sni_wrapper( ssl_context *ssl, - const unsigned char* name, size_t len ) -{ - int ret; - ssl_key_cert *key_cert_ori = ssl->key_cert; - - ssl->key_cert = NULL; - ret = ssl->f_sni( ssl->p_sni, ssl, name, len ); - ssl->handshake->sni_key_cert = ssl->key_cert; - - ssl->key_cert = key_cert_ori; - - return( ret ); -} - -static int ssl_parse_servername_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { @@ -377,13 +96,13 @@ static int ssl_parse_servername_ext( ssl_context *ssl, size_t servername_list_size, hostname_len; const unsigned char *p; - SSL_DEBUG_MSG( 3, ( "parse ServerName extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "parse ServerName extension" ) ); servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); if( servername_list_size + 2 != len ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } p = buf + 2; @@ -392,19 +111,20 @@ static int ssl_parse_servername_ext( ssl_context *ssl, hostname_len = ( ( p[1] << 8 ) | p[2] ); if( hostname_len + 3 > servername_list_size ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } - if( p[0] == TLS_EXT_SERVERNAME_HOSTNAME ) + if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) { - ret = ssl_sni_wrapper( ssl, p + 3, hostname_len ); + ret = ssl->conf->f_sni( ssl->conf->p_sni, + ssl, p + 3, hostname_len ); if( ret != 0 ) { - SSL_DEBUG_RET( 1, "ssl_sni_wrapper", ret ); - ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL, - SSL_ALERT_MSG_UNRECOGNIZED_NAME ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_sni_wrapper", ret ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } return( 0 ); } @@ -415,59 +135,59 @@ static int ssl_parse_servername_ext( ssl_context *ssl, if( servername_list_size != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } return( 0 ); } -#endif /* POLARSSL_SSL_SERVER_NAME_INDICATION */ +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -static int ssl_parse_renegotiation_info( ssl_context *ssl, +static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { int ret; -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) { /* Check verify-data in constant-time. The length OTOH is no secret */ if( len != 1 + ssl->verify_data_len || buf[0] != ssl->verify_data_len || - safer_memcmp( buf + 1, ssl->peer_verify_data, + mbedtls_ssl_safer_memcmp( buf + 1, ssl->peer_verify_data, ssl->verify_data_len ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); - if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } } else -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ { if( len != 1 || buf[0] != 0x0 ) { - SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); - if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } - ssl->secure_renegotiation = SSL_SECURE_RENEGOTIATION; + ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; } return( 0 ); } -#if defined(POLARSSL_SSL_PROTO_TLS1_2) && \ - defined(POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED) -static int ssl_parse_signature_algorithms_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) +static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { @@ -481,8 +201,8 @@ static int ssl_parse_signature_algorithms_ext( ssl_context *ssl, if( sig_alg_list_size + 2 != len || sig_alg_list_size % 2 != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } /* @@ -491,9 +211,9 @@ static int ssl_parse_signature_algorithms_ext( ssl_context *ssl, * * So, just look at the HashAlgorithm part. */ - for( md_cur = md_list(); *md_cur != POLARSSL_MD_NONE; md_cur++ ) { + for( md_cur = ssl->conf->sig_hashes; *md_cur != MBEDTLS_MD_NONE; md_cur++ ) { for( p = buf + 2; p < end; p += 2 ) { - if( *md_cur == (int) ssl_md_alg_from_hash( p[0] ) ) { + if( *md_cur == (int) mbedtls_ssl_md_alg_from_hash( p[0] ) ) { ssl->handshake->sig_alg = p[0]; goto have_sig_alg; } @@ -501,59 +221,57 @@ static int ssl_parse_signature_algorithms_ext( ssl_context *ssl, } /* Some key echanges do not need signatures at all */ - SSL_DEBUG_MSG( 3, ( "no signature_algorithm in common" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "no signature_algorithm in common" ) ); return( 0 ); have_sig_alg: - SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: %d", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: %d", ssl->handshake->sig_alg ) ); return( 0 ); } -#endif /* POLARSSL_SSL_PROTO_TLS1_2 && - POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && + MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ -#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) -static int ssl_parse_supported_elliptic_curves( ssl_context *ssl, +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { size_t list_size, our_size; const unsigned char *p; - const ecp_curve_info *curve_info, **curves; + const mbedtls_ecp_curve_info *curve_info, **curves; list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); if( list_size + 2 != len || list_size % 2 != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } /* Should never happen unless client duplicates the extension */ if( ssl->handshake->curves != NULL ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } /* Don't allow our peer to make us allocate too much memory, * and leave room for a final 0 */ our_size = list_size / 2 + 1; - if( our_size > POLARSSL_ECP_DP_MAX ) - our_size = POLARSSL_ECP_DP_MAX; + if( our_size > MBEDTLS_ECP_DP_MAX ) + our_size = MBEDTLS_ECP_DP_MAX; - if( ( curves = polarssl_malloc( our_size * sizeof( *curves ) ) ) == NULL ) - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + if( ( curves = mbedtls_calloc( our_size, sizeof( *curves ) ) ) == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - /* explicit void pointer cast for buggy MS compiler */ - memset( (void *) curves, 0, our_size * sizeof( *curves ) ); ssl->handshake->curves = curves; p = buf + 2; while( list_size > 0 && our_size > 1 ) { - curve_info = ecp_curve_info_from_tls_id( ( p[0] << 8 ) | p[1] ); + curve_info = mbedtls_ecp_curve_info_from_tls_id( ( p[0] << 8 ) | p[1] ); if( curve_info != NULL ) { @@ -568,7 +286,7 @@ static int ssl_parse_supported_elliptic_curves( ssl_context *ssl, return( 0 ); } -static int ssl_parse_supported_point_formats( ssl_context *ssl, +static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { @@ -578,18 +296,18 @@ static int ssl_parse_supported_point_formats( ssl_context *ssl, list_size = buf[0]; if( list_size + 1 != len ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } p = buf + 2; while( list_size > 0 ) { - if( p[0] == POLARSSL_ECP_PF_UNCOMPRESSED || - p[0] == POLARSSL_ECP_PF_COMPRESSED ) + if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || + p[0] == MBEDTLS_ECP_PF_COMPRESSED ) { ssl->handshake->ecdh_ctx.point_format = p[0]; - SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); + MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); return( 0 ); } @@ -599,127 +317,155 @@ static int ssl_parse_supported_point_formats( ssl_context *ssl, return( 0 ); } -#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) -static int ssl_parse_max_fragment_length_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { - if( len != 1 || buf[0] >= SSL_MAX_FRAG_LEN_INVALID ) + if( len != 1 || buf[0] >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } ssl->session_negotiate->mfl_code = buf[0]; return( 0 ); } -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) -static int ssl_parse_truncated_hmac_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { if( len != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } ((void) buf); - if( ssl->trunc_hmac == SSL_TRUNC_HMAC_ENABLED ) - ssl->session_negotiate->trunc_hmac = SSL_TRUNC_HMAC_ENABLED; + if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) + ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; return( 0 ); } -#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) -static int ssl_parse_encrypt_then_mac_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { if( len != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } ((void) buf); - if( ssl->encrypt_then_mac == SSL_ETM_ENABLED && - ssl->minor_ver != SSL_MINOR_VERSION_0 ) + if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED && + ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) { - ssl->session_negotiate->encrypt_then_mac = SSL_ETM_ENABLED; + ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; } return( 0 ); } -#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */ +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) -static int ssl_parse_extended_ms_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { if( len != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } ((void) buf); - if( ssl->extended_ms == SSL_EXTENDED_MS_ENABLED && - ssl->minor_ver != SSL_MINOR_VERSION_0 ) + if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED && + ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) { - ssl->handshake->extended_ms = SSL_EXTENDED_MS_ENABLED; + ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; } return( 0 ); } -#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */ +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) -static int ssl_parse_session_ticket_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) { int ret; + mbedtls_ssl_session session; - if( ssl->session_tickets == SSL_SESSION_TICKETS_DISABLED ) + mbedtls_ssl_session_init( &session ); + + if( ssl->conf->f_ticket_parse == NULL || + ssl->conf->f_ticket_write == NULL ) + { return( 0 ); + } /* Remember the client asked us to send a new ticket */ ssl->handshake->new_session_ticket = 1; - SSL_DEBUG_MSG( 3, ( "ticket length: %d", len ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %d", len ) ); if( len == 0 ) return( 0 ); -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) { - SSL_DEBUG_MSG( 3, ( "ticket rejected: renegotiating" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket rejected: renegotiating" ) ); return( 0 ); } -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ /* * Failures are ok: just ignore the ticket and proceed. */ - if( ( ret = ssl_parse_ticket( ssl, buf, len ) ) != 0 ) + if( ( ret = ssl->conf->f_ticket_parse( ssl->conf->p_ticket, &session, + buf, len ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_parse_ticket", ret ); + mbedtls_ssl_session_free( &session ); + + if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is not authentic" ) ); + else if( ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED ) + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is expired" ) ); + else + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_parse", ret ); + return( 0 ); } - SSL_DEBUG_MSG( 3, ( "session successfully restored from ticket" ) ); + /* + * Keep the session ID sent by the client, since we MUST send it back to + * inform them we're accepting the ticket (RFC 5077 section 3.4) + */ + session.id_len = ssl->session_negotiate->id_len; + memcpy( &session.id, ssl->session_negotiate->id, session.id_len ); + + mbedtls_ssl_session_free( ssl->session_negotiate ); + memcpy( ssl->session_negotiate, &session, sizeof( mbedtls_ssl_session ) ); + + /* Zeroize instead of free as we copied the content */ + mbedtls_zeroize( &session, sizeof( mbedtls_ssl_session ) ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from ticket" ) ); ssl->handshake->resume = 1; @@ -728,10 +474,10 @@ static int ssl_parse_session_ticket_ext( ssl_context *ssl, return( 0 ); } -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(POLARSSL_SSL_ALPN) -static int ssl_parse_alpn_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_ALPN) +static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { size_t list_len, cur_len, ours_len; @@ -739,7 +485,7 @@ static int ssl_parse_alpn_ext( ssl_context *ssl, const char **ours; /* If ALPN not configured, just ignore the extension */ - if( ssl->alpn_list == NULL ) + if( ssl->conf->alpn_list == NULL ) return( 0 ); /* @@ -752,31 +498,31 @@ static int ssl_parse_alpn_ext( ssl_context *ssl, /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */ if( len < 4 ) - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); list_len = ( buf[0] << 8 ) | buf[1]; if( list_len != len - 2 ) - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); /* * Use our order of preference */ start = buf + 2; end = buf + len; - for( ours = ssl->alpn_list; *ours != NULL; ours++ ) + for( ours = ssl->conf->alpn_list; *ours != NULL; ours++ ) { ours_len = strlen( *ours ); for( theirs = start; theirs != end; theirs += cur_len ) { /* If the list is well formed, we should get equality first */ if( theirs > end ) - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); cur_len = *theirs++; /* Empty strings MUST NOT be included */ if( cur_len == 0 ) - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); if( cur_len == ours_len && memcmp( theirs, *ours, cur_len ) == 0 ) @@ -788,26 +534,26 @@ static int ssl_parse_alpn_ext( ssl_context *ssl, } /* If we get there, no match was found */ - ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL, - SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } -#endif /* POLARSSL_SSL_ALPN */ +#endif /* MBEDTLS_SSL_ALPN */ /* * Auxiliary functions for ServerHello parsing and related actions */ -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) /* * Return 0 if the given key uses one of the acceptable curves, -1 otherwise */ -#if defined(POLARSSL_ECDSA_C) -static int ssl_check_key_curve( pk_context *pk, - const ecp_curve_info **curves ) +#if defined(MBEDTLS_ECDSA_C) +static int ssl_check_key_curve( mbedtls_pk_context *pk, + const mbedtls_ecp_curve_info **curves ) { - const ecp_curve_info **crv = curves; - ecp_group_id grp_id = pk_ec( *pk )->grp.id; + const mbedtls_ecp_curve_info **crv = curves; + mbedtls_ecp_group_id grp_id = mbedtls_pk_ec( *pk )->grp.id; while( *crv != NULL ) { @@ -818,39 +564,45 @@ static int ssl_check_key_curve( pk_context *pk, return( -1 ); } -#endif /* POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDSA_C */ /* * Try picking a certificate for this ciphersuite, * return 0 on success and -1 on failure. */ -static int ssl_pick_cert( ssl_context *ssl, - const ssl_ciphersuite_t * ciphersuite_info ) +static int ssl_pick_cert( mbedtls_ssl_context *ssl, + const mbedtls_ssl_ciphersuite_t * ciphersuite_info ) { - ssl_key_cert *cur, *list, *fallback = NULL; - pk_type_t pk_alg = ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); - int flags; + mbedtls_ssl_key_cert *cur, *list, *fallback = NULL; + mbedtls_pk_type_t pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); + uint32_t flags; -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) if( ssl->handshake->sni_key_cert != NULL ) list = ssl->handshake->sni_key_cert; else #endif - list = ssl->handshake->key_cert; + list = ssl->conf->key_cert; - if( pk_alg == POLARSSL_PK_NONE ) + if( pk_alg == MBEDTLS_PK_NONE ) return( 0 ); - SSL_DEBUG_MSG( 3, ( "ciphersuite requires certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite requires certificate" ) ); + + if( list == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server has no certificate" ) ); + return( -1 ); + } for( cur = list; cur != NULL; cur = cur->next ) { - SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate", + MBEDTLS_SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate", cur->cert ); - if( ! pk_can_do( cur->key, pk_alg ) ) + if( ! mbedtls_pk_can_do( cur->key, pk_alg ) ) { - SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) ); continue; } @@ -862,19 +614,19 @@ static int ssl_pick_cert( ssl_context *ssl, * different uses based on keyUsage, eg if they want to avoid signing * and decrypting with the same RSA key. */ - if( ssl_check_cert_usage( cur->cert, ciphersuite_info, - SSL_IS_SERVER, &flags ) != 0 ) + if( mbedtls_ssl_check_cert_usage( cur->cert, ciphersuite_info, + MBEDTLS_SSL_IS_SERVER, &flags ) != 0 ) { - SSL_DEBUG_MSG( 3, ( "certificate mismatch: " + MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: " "(extended) key usage extension" ) ); continue; } -#if defined(POLARSSL_ECDSA_C) - if( pk_alg == POLARSSL_PK_ECDSA && +#if defined(MBEDTLS_ECDSA_C) + if( pk_alg == MBEDTLS_PK_ECDSA && ssl_check_key_curve( cur->key, ssl->handshake->curves ) != 0 ) { - SSL_DEBUG_MSG( 3, ( "certificate mismatch: elliptic curve" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: elliptic curve" ) ); continue; } #endif @@ -884,13 +636,13 @@ static int ssl_pick_cert( ssl_context *ssl, * present them a SHA-higher cert rather than failing if it's the only * one we got that satisfies the other conditions. */ - if( ssl->minor_ver < SSL_MINOR_VERSION_3 && - cur->cert->sig_md != POLARSSL_MD_SHA1 ) + if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 && + cur->cert->sig_md != MBEDTLS_MD_SHA1 ) { if( fallback == NULL ) fallback = cur; { - SSL_DEBUG_MSG( 3, ( "certificate not preferred: " + MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate not preferred: " "sha-2 with pre-TLS 1.2 client" ) ); continue; } @@ -903,77 +655,84 @@ static int ssl_pick_cert( ssl_context *ssl, if( cur == NULL ) cur = fallback; - - /* Do not update ssl->handshake->key_cert unless the is a match */ + /* Do not update ssl->handshake->key_cert unless there is a match */ if( cur != NULL ) { ssl->handshake->key_cert = cur; - SSL_DEBUG_CRT( 3, "selected certificate chain, certificate", + MBEDTLS_SSL_DEBUG_CRT( 3, "selected certificate chain, certificate", ssl->handshake->key_cert->cert ); return( 0 ); } return( -1 ); } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ /* * Check if a given ciphersuite is suitable for use with our config/keys/etc * Sets ciphersuite_info only if the suite matches. */ -static int ssl_ciphersuite_match( ssl_context *ssl, int suite_id, - const ssl_ciphersuite_t **ciphersuite_info ) +static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, + const mbedtls_ssl_ciphersuite_t **ciphersuite_info ) { - const ssl_ciphersuite_t *suite_info; + const mbedtls_ssl_ciphersuite_t *suite_info; - suite_info = ssl_ciphersuite_from_id( suite_id ); + suite_info = mbedtls_ssl_ciphersuite_from_id( suite_id ); if( suite_info == NULL ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - SSL_DEBUG_MSG( 3, ( "trying ciphersuite: %s", suite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "trying ciphersuite: %s", suite_info->name ) ); if( suite_info->min_minor_ver > ssl->minor_ver || suite_info->max_minor_ver < ssl->minor_ver ) { - SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: version" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: version" ) ); return( 0 ); } - if( ssl->arc4_disabled == SSL_ARC4_DISABLED && - suite_info->cipher == POLARSSL_CIPHER_ARC4_128 ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) ) + return( 0 ); +#endif + +#if defined(MBEDTLS_ARC4_C) + if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && + suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) { - SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: rc4" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: rc4" ) ); return( 0 ); } +#endif -#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) - if( ssl_ciphersuite_uses_ec( suite_info ) && +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) + if( mbedtls_ssl_ciphersuite_uses_ec( suite_info ) && ( ssl->handshake->curves == NULL || ssl->handshake->curves[0] == NULL ) ) { - SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " "no common elliptic curve" ) ); return( 0 ); } #endif -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* If the ciphersuite requires a pre-shared key and we don't * have one, skip it now rather than failing later */ - if( ssl_ciphersuite_uses_psk( suite_info ) && - ssl->f_psk == NULL && - ( ssl->psk == NULL || ssl->psk_identity == NULL || - ssl->psk_identity_len == 0 || ssl->psk_len == 0 ) ) + if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && + ssl->conf->f_psk == NULL && + ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL || + ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) ) { - SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no pre-shared key" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no pre-shared key" ) ); return( 0 ); } #endif -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) /* * Final check: if ciphersuite requires us to have a * certificate/key of a particular type: @@ -983,7 +742,7 @@ static int ssl_ciphersuite_match( ssl_context *ssl, int suite_id, */ if( ssl_pick_cert( ssl, suite_info ) != 0 ) { - SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " "no suitable certificate" ) ); return( 0 ); } @@ -993,8 +752,8 @@ static int ssl_ciphersuite_match( ssl_context *ssl, int suite_id, return( 0 ); } -#if defined(POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) -static int ssl_parse_client_hello_v2( ssl_context *ssl ) +#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) +static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) { int ret, got_common_suite; unsigned int i, j; @@ -1002,31 +761,31 @@ static int ssl_parse_client_hello_v2( ssl_context *ssl ) unsigned int ciph_len, sess_len, chal_len; unsigned char *buf, *p; const int *ciphersuites; - const ssl_ciphersuite_t *ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) ); -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) { - SSL_DEBUG_MSG( 1, ( "client hello v2 illegal for renegotiation" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "client hello v2 illegal for renegotiation" ) ); - if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ buf = ssl->in_hdr; - SSL_DEBUG_BUF( 4, "record header", buf, 5 ); + MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, 5 ); - SSL_DEBUG_MSG( 3, ( "client hello v2, message type: %d", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message type: %d", buf[2] ) ); - SSL_DEBUG_MSG( 3, ( "client hello v2, message len.: %d", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message len.: %d", ( ( buf[0] & 0x7F ) << 8 ) | buf[1] ) ); - SSL_DEBUG_MSG( 3, ( "client hello v2, max. version: [%d:%d]", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, max. version: [%d:%d]", buf[3], buf[4] ) ); /* @@ -1039,43 +798,43 @@ static int ssl_parse_client_hello_v2( ssl_context *ssl ) * 2 . 2 message type * 3 . 4 protocol version */ - if( buf[2] != SSL_HS_CLIENT_HELLO || - buf[3] != SSL_MAJOR_VERSION_3 ) + if( buf[2] != MBEDTLS_SSL_HS_CLIENT_HELLO || + buf[3] != MBEDTLS_SSL_MAJOR_VERSION_3 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } n = ( ( buf[0] << 8 ) | buf[1] ) & 0x7FFF; if( n < 17 || n > 512 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } - ssl->major_ver = SSL_MAJOR_VERSION_3; - ssl->minor_ver = ( buf[4] <= ssl->max_minor_ver ) - ? buf[4] : ssl->max_minor_ver; + ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; + ssl->minor_ver = ( buf[4] <= ssl->conf->max_minor_ver ) + ? buf[4] : ssl->conf->max_minor_ver; - if( ssl->minor_ver < ssl->min_minor_ver ) + if( ssl->minor_ver < ssl->conf->min_minor_ver ) { - SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" + MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" " [%d:%d] < [%d:%d]", ssl->major_ver, ssl->minor_ver, - ssl->min_major_ver, ssl->min_minor_ver ) ); + ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); - ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL, - SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); } ssl->handshake->max_major_ver = buf[3]; ssl->handshake->max_minor_ver = buf[4]; - if( ( ret = ssl_fetch_input( ssl, 2 + n ) ) != 0 ) + if( ( ret = mbedtls_ssl_fetch_input( ssl, 2 + n ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_fetch_input", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); return( ret ); } @@ -1092,13 +851,13 @@ static int ssl_parse_client_hello_v2( ssl_context *ssl ) * .. . .. session id * .. . .. challenge */ - SSL_DEBUG_BUF( 4, "record contents", buf, n ); + MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, n ); ciph_len = ( buf[0] << 8 ) | buf[1]; sess_len = ( buf[2] << 8 ) | buf[3]; chal_len = ( buf[4] << 8 ) | buf[5]; - SSL_DEBUG_MSG( 3, ( "ciph_len: %d, sess_len: %d, chal_len: %d", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciph_len: %d, sess_len: %d, chal_len: %d", ciph_len, sess_len, chal_len ) ); /* @@ -1106,40 +865,40 @@ static int ssl_parse_client_hello_v2( ssl_context *ssl ) */ if( ciph_len < 3 || ( ciph_len % 3 ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } if( sess_len > 32 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } if( chal_len < 8 || chal_len > 32 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } if( n != 6 + ciph_len + sess_len + chal_len ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } - SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", buf + 6, ciph_len ); - SSL_DEBUG_BUF( 3, "client hello, session id", + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 6 + ciph_len, sess_len ); - SSL_DEBUG_BUF( 3, "client hello, challenge", + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, challenge", buf + 6 + ciph_len + sess_len, chal_len ); p = buf + 6 + ciph_len; - ssl->session_negotiate->length = sess_len; + ssl->session_negotiate->id_len = sess_len; memset( ssl->session_negotiate->id, 0, sizeof( ssl->session_negotiate->id ) ); - memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->length ); + memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->id_len ); p += sess_len; memset( ssl->handshake->randbytes, 0, 64 ); @@ -1150,54 +909,54 @@ static int ssl_parse_client_hello_v2( ssl_context *ssl ) */ for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 ) { - if( p[0] == 0 && p[1] == 0 && p[2] == SSL_EMPTY_RENEGOTIATION_INFO ) + if( p[0] == 0 && p[1] == 0 && p[2] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ) { - SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation == SSL_RENEGOTIATION ) + MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) { - SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV " + MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV " "during renegotiation" ) ); - if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } -#endif /* POLARSSL_SSL_RENEGOTIATION */ - ssl->secure_renegotiation = SSL_SECURE_RENEGOTIATION; +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; break; } } -#if defined(POLARSSL_SSL_FALLBACK_SCSV) +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 ) { if( p[0] == 0 && - p[1] == (unsigned char)( ( SSL_FALLBACK_SCSV >> 8 ) & 0xff ) && - p[2] == (unsigned char)( ( SSL_FALLBACK_SCSV ) & 0xff ) ) + p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) && + p[2] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) & 0xff ) ) { - SSL_DEBUG_MSG( 3, ( "received FALLBACK_SCSV" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "received FALLBACK_SCSV" ) ); - if( ssl->minor_ver < ssl->max_minor_ver ) + if( ssl->minor_ver < ssl->conf->max_minor_ver ) { - SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) ); - ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL, - SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } break; } } -#endif /* POLARSSL_SSL_FALLBACK_SCSV */ +#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ got_common_suite = 0; - ciphersuites = ssl->ciphersuite_list[ssl->minor_ver]; + ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; ciphersuite_info = NULL; -#if defined(POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE) +#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) { for( i = 0; ciphersuites[i] != 0; i++ ) @@ -1225,90 +984,96 @@ static int ssl_parse_client_hello_v2( ssl_context *ssl ) if( got_common_suite ) { - SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, " + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, " "but none of them usable" ) ); - return( POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE ); + return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); } else { - SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); - return( POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); + return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); } have_ciphersuite_v2: - SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); ssl->session_negotiate->ciphersuite = ciphersuites[i]; ssl->transform_negotiate->ciphersuite_info = ciphersuite_info; - ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); + mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); /* * SSLv2 Client Hello relevant renegotiation security checks */ - if( ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && - ssl->allow_legacy_renegotiation == SSL_LEGACY_BREAK_HANDSHAKE ) + if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) { - SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); - if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } ssl->in_left = 0; ssl->state++; - SSL_DEBUG_MSG( 2, ( "<= parse client hello v2" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello v2" ) ); return( 0 ); } -#endif /* POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ +#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ -static int ssl_parse_client_hello( ssl_context *ssl ) +static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) { int ret, got_common_suite; - unsigned int i, j; - size_t n; - unsigned int ciph_len, sess_len; - unsigned int comp_len; - unsigned int ext_len = 0; + size_t i, j; + size_t ciph_offset, comp_offset, ext_offset; + size_t msg_len, ciph_len, sess_len, comp_len, ext_len; +#if defined(MBEDTLS_SSL_PROTO_DTLS) + size_t cookie_offset, cookie_len; +#endif unsigned char *buf, *p, *ext; -#if defined(POLARSSL_SSL_RENEGOTIATION) +#if defined(MBEDTLS_SSL_RENEGOTIATION) int renegotiation_info_seen = 0; #endif int handshake_failure = 0; const int *ciphersuites; - const ssl_ciphersuite_t *ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + int major, minor; - SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) ); -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +read_record_header: +#endif + /* + * If renegotiating, then the input was read with mbedtls_ssl_read_record(), + * otherwise read it ourselves manually in order to support SSLv2 + * ClientHello, which doesn't use the same record layer format. + */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) #endif { - if( ( ret = ssl_fetch_input( ssl, 5 ) ) != 0 ) + if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_fetch_input", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); return( ret ); } } buf = ssl->in_hdr; -#if defined(POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) - if( ( buf[0] & 0x80 ) != 0 ) - return ssl_parse_client_hello_v2( ssl ); +#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM ) +#endif + if( ( buf[0] & 0x80 ) != 0 ) + return ssl_parse_client_hello_v2( ssl ); #endif - SSL_DEBUG_BUF( 4, "record header", buf, 5 ); - - SSL_DEBUG_MSG( 3, ( "client hello v3, message type: %d", - buf[0] ) ); - SSL_DEBUG_MSG( 3, ( "client hello v3, message len.: %d", - ( buf[3] << 8 ) | buf[4] ) ); - SSL_DEBUG_MSG( 3, ( "client hello v3, protocol ver: [%d:%d]", - buf[1], buf[2] ) ); + MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, mbedtls_ssl_hdr_len( ssl ) ); /* * SSLv3/TLS Client Hello @@ -1316,251 +1081,416 @@ static int ssl_parse_client_hello( ssl_context *ssl ) * Record layer: * 0 . 0 message type * 1 . 2 protocol version + * 3 . 11 DTLS: epoch + record sequence number * 3 . 4 message length */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message type: %d", + buf[0] ) ); + + if( buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message len.: %d", + ( ssl->in_len[0] << 8 ) | ssl->in_len[1] ) ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, protocol version: [%d:%d]", + buf[1], buf[2] ) ); + + mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf + 1 ); /* According to RFC 5246 Appendix E.1, the version here is typically * "{03,00}, the lowest version number supported by the client, [or] the * value of ClientHello.client_version", so the only meaningful check here * is the major version shouldn't be less than 3 */ - if( buf[0] != SSL_MSG_HANDSHAKE || - buf[1] < SSL_MAJOR_VERSION_3 ) + if( major < MBEDTLS_SSL_MAJOR_VERSION_3 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } - n = ( buf[3] << 8 ) | buf[4]; - - if( n < 45 || n > SSL_MAX_CONTENT_LEN ) + /* For DTLS if this is the initial handshake, remember the client sequence + * number to use it in our next message (RFC 6347 4.2.1) */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM +#if defined(MBEDTLS_SSL_RENEGOTIATION) + && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE +#endif + ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + /* Epoch should be 0 for initial handshakes */ + if( ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + memcpy( ssl->out_ctr + 2, ssl->in_ctr + 2, 6 ); + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record, discarding" ) ); + ssl->next_record_offset = 0; + ssl->in_left = 0; + goto read_record_header; + } + + /* No MAC to check yet, so we can update right now */ + mbedtls_ssl_dtls_replay_update( ssl ); +#endif } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1]; -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) + { + /* Set by mbedtls_ssl_read_record() */ + msg_len = ssl->in_hslen; + } + else #endif { - if( ( ret = ssl_fetch_input( ssl, 5 + n ) ) != 0 ) + if( msg_len > MBEDTLS_SSL_MAX_CONTENT_LEN ) { - SSL_DEBUG_RET( 1, "ssl_fetch_input", ret ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + if( ( ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_hdr_len( ssl ) + msg_len ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); return( ret ); } + + /* Done reading this record, get ready for the next one */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + ssl->next_record_offset = msg_len + mbedtls_ssl_hdr_len( ssl ); + else +#endif + ssl->in_left = 0; } buf = ssl->in_msg; -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) - n = ssl->in_msglen; - else -#endif - n = ssl->in_left - 5; - ssl->handshake->update_checksum( ssl, buf, n ); + MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, msg_len ); + + ssl->handshake->update_checksum( ssl, buf, msg_len ); /* - * SSL layer: + * Handshake layer: * 0 . 0 handshake type * 1 . 3 handshake length - * 4 . 5 protocol version - * 6 . 9 UNIX time() - * 10 . 37 random bytes - * 38 . 38 session id length - * 39 . 38+x session id - * 39+x . 40+x ciphersuitelist length - * 41+x . 40+y ciphersuitelist - * 41+y . 41+y compression alg length - * 42+y . 41+z compression algs - * .. . .. extensions + * 4 . 5 DTLS only: message seqence number + * 6 . 8 DTLS only: fragment offset + * 9 . 11 DTLS only: fragment length */ - SSL_DEBUG_BUF( 4, "record contents", buf, n ); + if( msg_len < mbedtls_ssl_hs_hdr_len( ssl ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } - SSL_DEBUG_MSG( 3, ( "client hello v3, handshake type: %d", - buf[0] ) ); - SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake type: %d", buf[0] ) ); + + if( buf[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d", ( buf[1] << 16 ) | ( buf[2] << 8 ) | buf[3] ) ); - SSL_DEBUG_MSG( 3, ( "client hello v3, max. version: [%d:%d]", - buf[4], buf[5] ) ); + + /* We don't support fragmentation of ClientHello (yet?) */ + if( buf[1] != 0 || + msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + /* + * Copy the client's handshake message_seq on initial handshakes, + * check sequence number on renego. + */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) + { + /* This couldn't be done in ssl_prepare_handshake_record() */ + unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | + ssl->in_msg[5]; + + if( cli_msg_seq != ssl->handshake->in_msg_seq ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message_seq: " + "%d (expected %d)", cli_msg_seq, + ssl->handshake->in_msg_seq ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->handshake->in_msg_seq++; + } + else +#endif + { + unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | + ssl->in_msg[5]; + ssl->handshake->out_msg_seq = cli_msg_seq; + ssl->handshake->in_msg_seq = cli_msg_seq + 1; + } + + /* + * For now we don't support fragmentation, so make sure + * fragment_offset == 0 and fragment_length == length + */ + if( ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 || + memcmp( ssl->in_msg + 1, ssl->in_msg + 9, 3 ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ClientHello fragmentation not supported" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + buf += mbedtls_ssl_hs_hdr_len( ssl ); + msg_len -= mbedtls_ssl_hs_hdr_len( ssl ); /* - * Check the handshake type and protocol version + * ClientHello layer: + * 0 . 1 protocol version + * 2 . 33 random bytes (starting with 4 bytes of Unix time) + * 34 . 35 session id length (1 byte) + * 35 . 34+x session id + * 35+x . 35+x DTLS only: cookie length (1 byte) + * 36+x . .. DTLS only: cookie + * .. . .. ciphersuite list length (2 bytes) + * .. . .. ciphersuite list + * .. . .. compression alg. list length (1 byte) + * .. . .. compression alg. list + * .. . .. extensions length (2 bytes, optional) + * .. . .. extensions (optional) */ - if( buf[0] != SSL_HS_CLIENT_HELLO ) + + /* + * Minimal length (with everything empty and extensions ommitted) is + * 2 + 32 + 1 + 2 + 1 = 38 bytes. Check that first, so that we can + * read at least up to session id length without worrying. + */ + if( msg_len < 38 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } - ssl->major_ver = buf[4]; - ssl->minor_ver = buf[5]; + /* + * Check and save the protocol version + */ + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, version", buf, 2 ); + + mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, + ssl->conf->transport, buf ); ssl->handshake->max_major_ver = ssl->major_ver; ssl->handshake->max_minor_ver = ssl->minor_ver; - if( ssl->major_ver < ssl->min_major_ver || - ssl->minor_ver < ssl->min_minor_ver ) + if( ssl->major_ver < ssl->conf->min_major_ver || + ssl->minor_ver < ssl->conf->min_minor_ver ) { - SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" + MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" " [%d:%d] < [%d:%d]", ssl->major_ver, ssl->minor_ver, - ssl->min_major_ver, ssl->min_minor_ver ) ); + ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); - ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL, - SSL_ALERT_MSG_PROTOCOL_VERSION ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); } - if( ssl->major_ver > ssl->max_major_ver ) + if( ssl->major_ver > ssl->conf->max_major_ver ) { - ssl->major_ver = ssl->max_major_ver; - ssl->minor_ver = ssl->max_minor_ver; + ssl->major_ver = ssl->conf->max_major_ver; + ssl->minor_ver = ssl->conf->max_minor_ver; } - else if( ssl->minor_ver > ssl->max_minor_ver ) - ssl->minor_ver = ssl->max_minor_ver; - - memcpy( ssl->handshake->randbytes, buf + 6, 32 ); + else if( ssl->minor_ver > ssl->conf->max_minor_ver ) + ssl->minor_ver = ssl->conf->max_minor_ver; /* - * Check the handshake message length + * Save client random (inc. Unix time) */ - if( buf[1] != 0 || n != (unsigned int) 4 + ( ( buf[2] << 8 ) | buf[3] ) ) - { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf + 2, 32 ); + + memcpy( ssl->handshake->randbytes, buf + 2, 32 ); /* - * Check the session length + * Check the session ID length and save session ID */ - sess_len = buf[38]; + sess_len = buf[34]; - if( sess_len > 32 || sess_len > n - 42 ) + if( sess_len > sizeof( ssl->session_negotiate->id ) || + sess_len + 34 + 2 > msg_len ) /* 2 for cipherlist length field */ { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } - ssl->session_negotiate->length = sess_len; + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 35, sess_len ); + + ssl->session_negotiate->id_len = sess_len; memset( ssl->session_negotiate->id, 0, sizeof( ssl->session_negotiate->id ) ); - memcpy( ssl->session_negotiate->id, buf + 39, - ssl->session_negotiate->length ); + memcpy( ssl->session_negotiate->id, buf + 35, + ssl->session_negotiate->id_len ); /* - * Check the ciphersuitelist length + * Check the cookie length and content */ - ciph_len = ( buf[39 + sess_len] << 8 ) - | ( buf[40 + sess_len] ); - - if( ciph_len < 2 || ( ciph_len % 2 ) != 0 || ciph_len > n - 42 - sess_len ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } + cookie_offset = 35 + sess_len; + cookie_len = buf[cookie_offset]; + + if( cookie_offset + 1 + cookie_len + 2 > msg_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", + buf + cookie_offset + 1, cookie_len ); + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + if( ssl->conf->f_cookie_check != NULL +#if defined(MBEDTLS_SSL_RENEGOTIATION) + && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE +#endif + ) + { + if( ssl->conf->f_cookie_check( ssl->conf->p_cookie, + buf + cookie_offset + 1, cookie_len, + ssl->cli_id, ssl->cli_id_len ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification failed" ) ); + ssl->handshake->verify_cookie_len = 1; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification passed" ) ); + ssl->handshake->verify_cookie_len = 0; + } + } + else +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ + { + /* We know we didn't send a cookie, so it should be empty */ + if( cookie_len != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification skipped" ) ); + } /* - * Check the compression algorithms length + * Check the ciphersuitelist length (will be parsed later) */ - comp_len = buf[41 + sess_len + ciph_len]; + ciph_offset = cookie_offset + 1 + cookie_len; + } + else +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + ciph_offset = 35 + sess_len; + + ciph_len = ( buf[ciph_offset + 0] << 8 ) + | ( buf[ciph_offset + 1] ); - if( comp_len < 1 || comp_len > 16 || - comp_len > n - 42 - sess_len - ciph_len ) + if( ciph_len < 2 || + ciph_len + 2 + ciph_offset + 1 > msg_len || /* 1 for comp. alg. len */ + ( ciph_len % 2 ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", + buf + ciph_offset + 2, ciph_len ); + /* - * Check the extension length + * Check the compression algorithms length and pick one */ - if( n > 42 + sess_len + ciph_len + comp_len ) - { - ext_len = ( buf[42 + sess_len + ciph_len + comp_len] << 8 ) - | ( buf[43 + sess_len + ciph_len + comp_len] ); + comp_offset = ciph_offset + 2 + ciph_len; - if( ( ext_len > 0 && ext_len < 4 ) || - n != 44 + sess_len + ciph_len + comp_len + ext_len ) - { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - SSL_DEBUG_BUF( 3, "Ext", buf + 44 + sess_len + ciph_len + comp_len, ext_len); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } + comp_len = buf[comp_offset]; + + if( comp_len < 1 || + comp_len > 16 || + comp_len + comp_offset + 1 > msg_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } - ssl->session_negotiate->compression = SSL_COMPRESS_NULL; -#if defined(POLARSSL_ZLIB_SUPPORT) + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, compression", + buf + comp_offset + 1, comp_len ); + + ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; +#if defined(MBEDTLS_ZLIB_SUPPORT) for( i = 0; i < comp_len; ++i ) { - if( buf[42 + sess_len + ciph_len + i] == SSL_COMPRESS_DEFLATE ) + if( buf[comp_offset + 1 + i] == MBEDTLS_SSL_COMPRESS_DEFLATE ) { - ssl->session_negotiate->compression = SSL_COMPRESS_DEFLATE; + ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_DEFLATE; break; } } #endif - SSL_DEBUG_BUF( 3, "client hello, random bytes", - buf + 6, 32 ); - SSL_DEBUG_BUF( 3, "client hello, session id", - buf + 38, sess_len ); - SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", - buf + 41 + sess_len, ciph_len ); - SSL_DEBUG_BUF( 3, "client hello, compression", - buf + 42 + sess_len + ciph_len, comp_len ); + /* See comments in ssl_write_client_hello() */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; +#endif /* - * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV + * Check the extension length */ - for( i = 0, p = buf + 41 + sess_len; i < ciph_len; i += 2, p += 2 ) + ext_offset = comp_offset + 1 + comp_len; + if( msg_len > ext_offset ) { - if( p[0] == 0 && p[1] == SSL_EMPTY_RENEGOTIATION_INFO ) + if( msg_len < ext_offset + 2 ) { - SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation == SSL_RENEGOTIATION ) - { - SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV during renegotiation" ) ); - - if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) - return( ret ); - - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - renegotiation_info_seen = 1; -#endif /* POLARSSL_SSL_RENEGOTIATION */ - ssl->secure_renegotiation = SSL_SECURE_RENEGOTIATION; - break; + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } - } - -#if defined(POLARSSL_SSL_FALLBACK_SCSV) - for( i = 0, p = buf + 41 + sess_len; i < ciph_len; i += 2, p += 2 ) - { - if( p[0] == (unsigned char)( ( SSL_FALLBACK_SCSV >> 8 ) & 0xff ) && - p[1] == (unsigned char)( ( SSL_FALLBACK_SCSV ) & 0xff ) ) - { - SSL_DEBUG_MSG( 0, ( "received FALLBACK_SCSV" ) ); - if( ssl->minor_ver < ssl->max_minor_ver ) - { - SSL_DEBUG_MSG( 0, ( "inapropriate fallback" ) ); - - ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL, - SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); - - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } + ext_len = ( buf[ext_offset + 0] << 8 ) + | ( buf[ext_offset + 1] ); - break; + if( ( ext_len > 0 && ext_len < 4 ) || + msg_len != ext_offset + 2 + ext_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", + buf + ext_offset + 2, ext_len ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } } -#endif /* POLARSSL_SSL_FALLBACK_SCSV */ + else + ext_len = 0; - ext = buf + 44 + sess_len + ciph_len + comp_len; + ext = buf + ext_offset + 2; - while( ext_len ) + while( ext_len != 0 ) { unsigned int ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); @@ -1569,26 +1499,26 @@ static int ssl_parse_client_hello( ssl_context *ssl ) if( ext_size + 4 > ext_len ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } switch( ext_id ) { -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) - case TLS_EXT_SERVERNAME: - SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) ); - if( ssl->f_sni == NULL ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + case MBEDTLS_TLS_EXT_SERVERNAME: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) ); + if( ssl->conf->f_sni == NULL ) break; ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size ); if( ret != 0 ) return( ret ); break; -#endif /* POLARSSL_SSL_SERVER_NAME_INDICATION */ +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ - case TLS_EXT_RENEGOTIATION_INFO: - SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); -#if defined(POLARSSL_SSL_RENEGOTIATION) + case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) renegotiation_info_seen = 1; #endif @@ -1597,12 +1527,12 @@ static int ssl_parse_client_hello( ssl_context *ssl ) return( ret ); break; -#if defined(POLARSSL_SSL_PROTO_TLS1_2) && \ - defined(POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED) - case TLS_EXT_SIG_ALG: - SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation == SSL_RENEGOTIATION ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) + case MBEDTLS_TLS_EXT_SIG_ALG: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) break; #endif @@ -1610,90 +1540,90 @@ static int ssl_parse_client_hello( ssl_context *ssl ) if( ret != 0 ) return( ret ); break; -#endif /* POLARSSL_SSL_PROTO_TLS1_2 && - POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && + MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */ -#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) - case TLS_EXT_SUPPORTED_ELLIPTIC_CURVES: - SSL_DEBUG_MSG( 3, ( "found supported elliptic curves extension" ) ); +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) + case MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported elliptic curves extension" ) ); ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size ); if( ret != 0 ) return( ret ); break; - case TLS_EXT_SUPPORTED_POINT_FORMATS: - SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) ); - ssl->handshake->cli_exts |= TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT; + case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) ); + ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT; ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size ); if( ret != 0 ) return( ret ); break; -#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) - case TLS_EXT_MAX_FRAGMENT_LENGTH: - SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) ); +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) ); ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size ); if( ret != 0 ) return( ret ); break; -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) - case TLS_EXT_TRUNCATED_HMAC: - SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) ); +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) ); ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size ); if( ret != 0 ) return( ret ); break; -#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) - case TLS_EXT_ENCRYPT_THEN_MAC: - SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) ); +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) ); ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size ); if( ret != 0 ) return( ret ); break; -#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */ +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) - case TLS_EXT_EXTENDED_MASTER_SECRET: - SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) ); +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) ); ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size ); if( ret != 0 ) return( ret ); break; -#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */ +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) - case TLS_EXT_SESSION_TICKET: - SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) ); +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + case MBEDTLS_TLS_EXT_SESSION_TICKET: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) ); ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size ); if( ret != 0 ) return( ret ); break; -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(POLARSSL_SSL_ALPN) - case TLS_EXT_ALPN: - SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); +#if defined(MBEDTLS_SSL_ALPN) + case MBEDTLS_TLS_EXT_ALPN: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ); if( ret != 0 ) return( ret ); break; -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ default: - SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)", ext_id ) ); } @@ -1702,50 +1632,97 @@ static int ssl_parse_client_hello( ssl_context *ssl ) if( ext_len > 0 && ext_len < 4 ) { - SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + } + +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) + for( i = 0, p = buf + 41 + sess_len; i < ciph_len; i += 2, p += 2 ) + { + if( p[0] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) && + p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) & 0xff ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 0, ( "received FALLBACK_SCSV" ) ); + + if( ssl->minor_ver < ssl->conf->max_minor_ver ) + { + MBEDTLS_SSL_DEBUG_MSG( 0, ( "inapropriate fallback" ) ); + + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); + + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + break; + } + } +#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ + + /* + * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV + */ + for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 ) + { + if( p[0] == 0 && p[1] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV during renegotiation" ) ); + + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + return( ret ); + + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } +#endif + ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; + break; } } /* * Renegotiation security checks */ - if( ssl->secure_renegotiation != SSL_SECURE_RENEGOTIATION && - ssl->allow_legacy_renegotiation == SSL_LEGACY_BREAK_HANDSHAKE ) + if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) { - SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); handshake_failure = 1; } -#if defined(POLARSSL_SSL_RENEGOTIATION) - else if( ssl->renegotiation == SSL_RENEGOTIATION && - ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION && +#if defined(MBEDTLS_SSL_RENEGOTIATION) + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && renegotiation_info_seen == 0 ) { - SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); handshake_failure = 1; } - else if( ssl->renegotiation == SSL_RENEGOTIATION && - ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && - ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION ) + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) { - SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); handshake_failure = 1; } - else if( ssl->renegotiation == SSL_RENEGOTIATION && - ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && renegotiation_info_seen == 1 ) { - SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) ); handshake_failure = 1; } -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ if( handshake_failure == 1 ) { - if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } /* @@ -1754,16 +1731,16 @@ static int ssl_parse_client_hello( ssl_context *ssl ) * and certificate from the SNI callback triggered by the SNI extension.) */ got_common_suite = 0; - ciphersuites = ssl->ciphersuite_list[ssl->minor_ver]; + ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; ciphersuite_info = NULL; -#if defined(POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - for( j = 0, p = buf + 41 + sess_len; j < ciph_len; j += 2, p += 2 ) +#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) + for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) { for( i = 0; ciphersuites[i] != 0; i++ ) #else for( i = 0; ciphersuites[i] != 0; i++ ) { - for( j = 0, p = buf + 41 + sess_len; j < ciph_len; j += 2, p += 2 ) + for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) #endif { if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || @@ -1783,69 +1760,73 @@ static int ssl_parse_client_hello( ssl_context *ssl ) if( got_common_suite ) { - SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, " + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, " "but none of them usable" ) ); - ssl_send_fatal_handshake_failure( ssl ); - return( POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE ); + mbedtls_ssl_send_fatal_handshake_failure( ssl ); + return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); } else { - SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); - ssl_send_fatal_handshake_failure( ssl ); - return( POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); + mbedtls_ssl_send_fatal_handshake_failure( ssl ); + return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); } have_ciphersuite: - SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); ssl->session_negotiate->ciphersuite = ciphersuites[i]; ssl->transform_negotiate->ciphersuite_info = ciphersuite_info; - ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); + mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); - ssl->in_left = 0; ssl->state++; - SSL_DEBUG_MSG( 2, ( "<= parse client hello" ) ); +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_recv_flight_completed( ssl ); +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello" ) ); return( 0 ); } -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) -static void ssl_write_truncated_hmac_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; - if( ssl->session_negotiate->trunc_hmac == SSL_TRUNC_HMAC_DISABLED ) + if( ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) { *olen = 0; return; } - SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_TRUNCATED_HMAC ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF ); *p++ = 0x00; *p++ = 0x00; *olen = 4; } -#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) -static void ssl_write_encrypt_then_mac_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; - const ssl_ciphersuite_t *suite = NULL; - const cipher_info_t *cipher = NULL; + const mbedtls_ssl_ciphersuite_t *suite = NULL; + const mbedtls_cipher_info_t *cipher = NULL; - if( ssl->session_negotiate->encrypt_then_mac == SSL_EXTENDED_MS_DISABLED || - ssl->minor_ver == SSL_MINOR_VERSION_0 ) + if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { *olen = 0; return; @@ -1857,56 +1838,56 @@ static void ssl_write_encrypt_then_mac_ext( ssl_context *ssl, * with Associated Data (AEAD) ciphersuite, it MUST NOT send an * encrypt-then-MAC response extension back to the client." */ - if( ( suite = ssl_ciphersuite_from_id( + if( ( suite = mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ) ) == NULL || - ( cipher = cipher_info_from_type( suite->cipher ) ) == NULL || - cipher->mode != POLARSSL_MODE_CBC ) + ( cipher = mbedtls_cipher_info_from_type( suite->cipher ) ) == NULL || + cipher->mode != MBEDTLS_MODE_CBC ) { *olen = 0; return; } - SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF ); *p++ = 0x00; *p++ = 0x00; *olen = 4; } -#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */ +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) -static void ssl_write_extended_ms_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; - if( ssl->handshake->extended_ms == SSL_EXTENDED_MS_DISABLED || - ssl->minor_ver == SSL_MINOR_VERSION_0 ) + if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { *olen = 0; return; } - SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " "extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF ); *p++ = 0x00; *p++ = 0x00; *olen = 4; } -#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */ +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) -static void ssl_write_session_ticket_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { @@ -1918,37 +1899,37 @@ static void ssl_write_session_ticket_ext( ssl_context *ssl, return; } - SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_SESSION_TICKET ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF ); *p++ = 0x00; *p++ = 0x00; *olen = 4; } -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -static void ssl_write_renegotiation_ext( ssl_context *ssl, +static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; - if( ssl->secure_renegotiation != SSL_SECURE_RENEGOTIATION ) + if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION ) { *olen = 0; return; } - SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) { *p++ = 0x00; *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF; @@ -1958,37 +1939,35 @@ static void ssl_write_renegotiation_ext( ssl_context *ssl, p += ssl->verify_data_len; memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); p += ssl->verify_data_len; - - *olen = 5 + ssl->verify_data_len * 2; } else -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ { *p++ = 0x00; *p++ = 0x01; *p++ = 0x00; - - *olen = 5; } + + *olen = p - buf; } -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) -static void ssl_write_max_fragment_length_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { unsigned char *p = buf; - if( ssl->session_negotiate->mfl_code == SSL_MAX_FRAG_LEN_NONE ) + if( ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) { *olen = 0; return; } - SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF ); *p++ = 0x00; *p++ = 1; @@ -1997,10 +1976,10 @@ static void ssl_write_max_fragment_length_ext( ssl_context *ssl, *olen = 5; } -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) -static void ssl_write_supported_point_formats_ext( ssl_context *ssl, +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { @@ -2008,29 +1987,29 @@ static void ssl_write_supported_point_formats_ext( ssl_context *ssl, ((void) ssl); if( ( ssl->handshake->cli_exts & - TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT ) == 0 ) + MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT ) == 0 ) { *olen = 0; return; } - SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); - *p++ = (unsigned char)( ( TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF ); *p++ = 0x00; *p++ = 2; *p++ = 1; - *p++ = POLARSSL_ECP_PF_UNCOMPRESSED; + *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED; *olen = 6; } -#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(POLARSSL_SSL_ALPN ) -static void ssl_write_alpn_ext( ssl_context *ssl, +#if defined(MBEDTLS_SSL_ALPN ) +static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) { if( ssl->alpn_chosen == NULL ) @@ -2039,7 +2018,7 @@ static void ssl_write_alpn_ext( ssl_context *ssl, return; } - SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) ); /* * 0 . 1 ext identifier @@ -2048,8 +2027,8 @@ static void ssl_write_alpn_ext( ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - buf[0] = (unsigned char)( ( TLS_EXT_ALPN >> 8 ) & 0xFF ); - buf[1] = (unsigned char)( ( TLS_EXT_ALPN ) & 0xFF ); + buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF ); + buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF ); *olen = 7 + strlen( ssl->alpn_chosen ); @@ -2063,23 +2042,97 @@ static void ssl_write_alpn_ext( ssl_context *ssl, memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); } -#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -static int ssl_write_server_hello( ssl_context *ssl ) +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) +static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) { -#if defined(POLARSSL_HAVE_TIME) + int ret; + unsigned char *p = ssl->out_msg + 4; + unsigned char *cookie_len_byte; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello verify request" ) ); + + /* + * struct { + * ProtocolVersion server_version; + * opaque cookie<0..2^8-1>; + * } HelloVerifyRequest; + */ + + /* The RFC is not clear on this point, but sending the actual negotiated + * version looks like the most interoperable thing to do. */ + mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, p ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 ); + p += 2; + + /* If we get here, f_cookie_check is not null */ + if( ssl->conf->f_cookie_write == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "inconsistent cookie callbacks" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + /* Skip length byte until we know the length */ + cookie_len_byte = p++; + + if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie, + &p, ssl->out_buf + MBEDTLS_SSL_BUFFER_LEN, + ssl->cli_id, ssl->cli_id_len ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "f_cookie_write", ret ); + return( ret ); + } + + *cookie_len_byte = (unsigned char)( p - ( cookie_len_byte + 1 ) ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte ); + + ssl->out_msglen = p - ssl->out_msg; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST; + + ssl->state = MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT; + + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + return( ret ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello verify request" ) ); + + return( 0 ); +} +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ + +static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_HAVE_TIME) time_t t; #endif int ret; size_t olen, ext_len = 0, n; unsigned char *buf, *p; - SSL_DEBUG_MSG( 2, ( "=> write server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello" ) ); - if( ssl->f_rng == NULL ) +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->verify_cookie_len != 0 ) { - SSL_DEBUG_MSG( 1, ( "no RNG provided") ); - return( POLARSSL_ERR_SSL_NO_RNG ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "client hello was not authenticated" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); + + return( ssl_write_hello_verify_request( ssl ) ); + } +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ + + if( ssl->conf->f_rng == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") ); + return( MBEDTLS_ERR_SSL_NO_RNG ); } /* @@ -2092,35 +2145,36 @@ static int ssl_write_server_hello( ssl_context *ssl ) buf = ssl->out_msg; p = buf + 4; - *p++ = (unsigned char) ssl->major_ver; - *p++ = (unsigned char) ssl->minor_ver; + mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, p ); + p += 2; - SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]", - buf[4], buf[5] ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]", + buf[4], buf[5] ) ); -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) t = time( NULL ); *p++ = (unsigned char)( t >> 24 ); *p++ = (unsigned char)( t >> 16 ); *p++ = (unsigned char)( t >> 8 ); *p++ = (unsigned char)( t ); - SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) ); #else - if( ( ret = ssl->f_rng( ssl->p_rng, p, 4 ) ) != 0 ) + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 ) return( ret ); p += 4; -#endif /* POLARSSL_HAVE_TIME */ +#endif /* MBEDTLS_HAVE_TIME */ - if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 ) + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 ) return( ret ); p += 28; memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 ); - SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 ); /* * Resume is 0 by default, see ssl_handshake_init(). @@ -2128,14 +2182,14 @@ static int ssl_write_server_hello( ssl_context *ssl ) * If not, try looking up session ID in our cache. */ if( ssl->handshake->resume == 0 && -#if defined(POLARSSL_SSL_RENEGOTIATION) - ssl->renegotiation == SSL_INITIAL_HANDSHAKE && +#if defined(MBEDTLS_SSL_RENEGOTIATION) + ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE && #endif - ssl->session_negotiate->length != 0 && - ssl->f_get_cache != NULL && - ssl->f_get_cache( ssl->p_get_cache, ssl->session_negotiate ) == 0 ) + ssl->session_negotiate->id_len != 0 && + ssl->conf->f_get_cache != NULL && + ssl->conf->f_get_cache( ssl->conf->p_cache, ssl->session_negotiate ) == 0 ) { - SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) ); ssl->handshake->resume = 1; } @@ -2147,21 +2201,21 @@ static int ssl_write_server_hello( ssl_context *ssl ) */ ssl->state++; -#if defined(POLARSSL_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) ssl->session_negotiate->start = time( NULL ); #endif -#if defined(POLARSSL_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) if( ssl->handshake->new_session_ticket != 0 ) { - ssl->session_negotiate->length = n = 0; + ssl->session_negotiate->id_len = n = 0; memset( ssl->session_negotiate->id, 0, 32 ); } else -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ { - ssl->session_negotiate->length = n = 32; - if( ( ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id, + ssl->session_negotiate->id_len = n = 32; + if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, n ) ) != 0 ) return( ret ); } @@ -2171,12 +2225,12 @@ static int ssl_write_server_hello( ssl_context *ssl ) /* * Resuming a session */ - n = ssl->session_negotiate->length; - ssl->state = SSL_SERVER_CHANGE_CIPHER_SPEC; + n = ssl->session_negotiate->id_len; + ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; - if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); return( ret ); } } @@ -2189,22 +2243,22 @@ static int ssl_write_server_hello( ssl_context *ssl ) * 42+n . 43+n extensions length * 44+n . 43+n+m extensions */ - *p++ = (unsigned char) ssl->session_negotiate->length; - memcpy( p, ssl->session_negotiate->id, ssl->session_negotiate->length ); - p += ssl->session_negotiate->length; + *p++ = (unsigned char) ssl->session_negotiate->id_len; + memcpy( p, ssl->session_negotiate->id, ssl->session_negotiate->id_len ); + p += ssl->session_negotiate->id_len; - SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) ); - SSL_DEBUG_BUF( 3, "server hello, session id", buf + 39, n ); - SSL_DEBUG_MSG( 3, ( "%s session has been resumed", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 39, n ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", ssl->handshake->resume ? "a" : "no" ) ); *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); *p++ = (unsigned char)( ssl->session_negotiate->compression ); - SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", - ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) ); - SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", + mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X", ssl->session_negotiate->compression ) ); /* @@ -2213,42 +2267,42 @@ static int ssl_write_server_hello( ssl_context *ssl ) ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; #endif - SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) ); if( ext_len > 0 ) { @@ -2258,60 +2312,68 @@ static int ssl_write_server_hello( ssl_context *ssl ) } ssl->out_msglen = p - buf; - ssl->out_msgtype = SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = SSL_HS_SERVER_HELLO; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; - ret = ssl_write_record( ssl ); + ret = mbedtls_ssl_write_record( ssl ); - SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); return( ret ); } -#if !defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -static int ssl_write_certificate_request( ssl_context *ssl ) +#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) { - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { - SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); ssl->state++; return( 0 ); } - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } #else -static int ssl_write_certificate_request( ssl_context *ssl ) +static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; size_t dn_size, total_dn_size; /* excluding length bytes */ size_t ct_len, sa_len; /* including length bytes */ unsigned char *buf, *p; - const x509_crt *crt; + const mbedtls_x509_crt *crt; + int authmode; - SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); ssl->state++; - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || - ssl->authmode == SSL_VERIFY_NONE ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) + authmode = ssl->handshake->sni_authmode; + else +#endif + authmode = ssl->conf->authmode; + + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || + authmode == MBEDTLS_SSL_VERIFY_NONE ) { - SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); return( 0 ); } @@ -2338,18 +2400,18 @@ static int ssl_write_certificate_request( ssl_context *ssl ) */ ct_len = 0; -#if defined(POLARSSL_RSA_C) - p[1 + ct_len++] = SSL_CERT_TYPE_RSA_SIGN; +#if defined(MBEDTLS_RSA_C) + p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_RSA_SIGN; #endif -#if defined(POLARSSL_ECDSA_C) - p[1 + ct_len++] = SSL_CERT_TYPE_ECDSA_SIGN; +#if defined(MBEDTLS_ECDSA_C) + p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN; #endif p[0] = (unsigned char) ct_len++; p += ct_len; sa_len = 0; -#if defined(POLARSSL_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* * Add signature_algorithms for verify (TLS 1.2) * @@ -2363,30 +2425,30 @@ static int ssl_write_certificate_request( ssl_context *ssl ) * enum { (255) } HashAlgorithm; * enum { (255) } SignatureAlgorithm; */ - if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { /* * Only use current running hash algorithm that is already required * for requested ciphersuite. */ - ssl->handshake->verify_sig_alg = SSL_HASH_SHA256; + ssl->handshake->verify_sig_alg = MBEDTLS_SSL_HASH_SHA256; if( ssl->transform_negotiate->ciphersuite_info->mac == - POLARSSL_MD_SHA384 ) + MBEDTLS_MD_SHA384 ) { - ssl->handshake->verify_sig_alg = SSL_HASH_SHA384; + ssl->handshake->verify_sig_alg = MBEDTLS_SSL_HASH_SHA384; } /* * Supported signature algorithms */ -#if defined(POLARSSL_RSA_C) +#if defined(MBEDTLS_RSA_C) p[2 + sa_len++] = ssl->handshake->verify_sig_alg; - p[2 + sa_len++] = SSL_SIG_RSA; + p[2 + sa_len++] = MBEDTLS_SSL_SIG_RSA; #endif -#if defined(POLARSSL_ECDSA_C) +#if defined(MBEDTLS_ECDSA_C) p[2 + sa_len++] = ssl->handshake->verify_sig_alg; - p[2 + sa_len++] = SSL_SIG_ECDSA; + p[2 + sa_len++] = MBEDTLS_SSL_SIG_ECDSA; #endif p[0] = (unsigned char)( sa_len >> 8 ); @@ -2394,14 +2456,19 @@ static int ssl_write_certificate_request( ssl_context *ssl ) sa_len += 2; p += sa_len; } -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ /* * DistinguishedName certificate_authorities<0..2^16-1>; * opaque DistinguishedName<1..2^16-1>; */ p += 2; - crt = ssl->ca_chain; +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + if( ssl->handshake->sni_ca_chain != NULL ) + crt = ssl->handshake->sni_ca_chain; + else +#endif + crt = ssl->conf->ca_chain; total_dn_size = 0; while( crt != NULL && crt->version != 0 ) @@ -2415,66 +2482,66 @@ static int ssl_write_certificate_request( ssl_context *ssl ) memcpy( p, crt->subject_raw.p, dn_size ); p += dn_size; - SSL_DEBUG_BUF( 3, "requested DN", p, dn_size ); + MBEDTLS_SSL_DEBUG_BUF( 3, "requested DN", p, dn_size ); total_dn_size += 2 + dn_size; crt = crt->next; } ssl->out_msglen = p - buf; - ssl->out_msgtype = SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = SSL_HS_CERTIFICATE_REQUEST; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 ); ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size ); - ret = ssl_write_record( ssl ); + ret = mbedtls_ssl_write_record( ssl ); - SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) ); return( ret ); } -#endif /* !POLARSSL_KEY_EXCHANGE_RSA_ENABLED && - !POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED && - !POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED && - !POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - -#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -static int ssl_get_ecdh_params_from_cert( ssl_context *ssl ) +#endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED && + !MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED && + !MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED && + !MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) { int ret; - if( ! pk_can_do( ssl_own_key( ssl ), POLARSSL_PK_ECKEY ) ) + if( ! mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECKEY ) ) { - SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); - return( POLARSSL_ERR_SSL_PK_TYPE_MISMATCH ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); + return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); } - if( ( ret = ecdh_get_params( &ssl->handshake->ecdh_ctx, - pk_ec( *ssl_own_key( ssl ) ), - POLARSSL_ECDH_OURS ) ) != 0 ) + if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, + mbedtls_pk_ec( *mbedtls_ssl_own_key( ssl ) ), + MBEDTLS_ECDH_OURS ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ecdh_get_params" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret ); return( ret ); } return( 0 ); } -#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || - POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ -static int ssl_write_server_key_exchange( ssl_context *ssl ) +static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) { int ret; size_t n = 0; - const ssl_ciphersuite_t *ciphersuite_info = + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) unsigned char *p = ssl->out_msg + 4; unsigned char *dig_signed = p; size_t dig_signed_len = 0, len; @@ -2482,38 +2549,38 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) ((void) dig_signed_len); #endif - SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) ); -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) { - SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); ssl->state++; return( 0 ); } #endif -#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_ECDSA ) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) { ssl_get_ecdh_params_from_cert( ssl ); - SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); ssl->state++; return( 0 ); } #endif -#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { /* TODO: Support identity hints */ *(p++) = 0x00; @@ -2521,14 +2588,20 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) n += 2; } -#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) { + if( ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no DH parameters set" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + /* * Ephemeral DH parameters: * @@ -2538,18 +2611,18 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) * opaque dh_Ys<1..2^16-1>; * } ServerDHParams; */ - if( ( ret = mpi_copy( &ssl->handshake->dhm_ctx.P, &ssl->dhm_P ) ) != 0 || - ( ret = mpi_copy( &ssl->handshake->dhm_ctx.G, &ssl->dhm_G ) ) != 0 ) + if( ( ret = mbedtls_mpi_copy( &ssl->handshake->dhm_ctx.P, &ssl->conf->dhm_P ) ) != 0 || + ( ret = mbedtls_mpi_copy( &ssl->handshake->dhm_ctx.G, &ssl->conf->dhm_G ) ) != 0 ) { - SSL_DEBUG_RET( 1, "mpi_copy", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_mpi_copy", ret ); return( ret ); } - if( ( ret = dhm_make_params( &ssl->handshake->dhm_ctx, - (int) mpi_size( &ssl->handshake->dhm_ctx.P ), - p, &len, ssl->f_rng, ssl->p_rng ) ) != 0 ) + if( ( ret = mbedtls_dhm_make_params( &ssl->handshake->dhm_ctx, + (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), + p, &len, ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { - SSL_DEBUG_RET( 1, "dhm_make_params", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_params", ret ); return( ret ); } @@ -2559,18 +2632,18 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) p += len; n += len; - SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); - SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); - SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); - SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); } -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { /* * Ephemeral ECDH parameters: @@ -2580,41 +2653,36 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) * ECPoint public; * } ServerECDHParams; */ - const ecp_curve_info **curve = NULL; -#if defined(POLARSSL_SSL_SET_CURVES) - const ecp_group_id *gid; + const mbedtls_ecp_curve_info **curve = NULL; + const mbedtls_ecp_group_id *gid; /* Match our preference list against the offered curves */ - for( gid = ssl->curve_list; *gid != POLARSSL_ECP_DP_NONE; gid++ ) + for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) for( curve = ssl->handshake->curves; *curve != NULL; curve++ ) if( (*curve)->grp_id == *gid ) goto curve_matching_done; curve_matching_done: -#else - curve = ssl->handshake->curves; -#endif - if( curve == NULL || *curve == NULL ) { - SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); - return( POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); + return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); } - SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) ); - if( ( ret = ecp_use_known_dp( &ssl->handshake->ecdh_ctx.grp, + if( ( ret = mbedtls_ecp_group_load( &ssl->handshake->ecdh_ctx.grp, (*curve)->grp_id ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ecp_use_known_dp", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret ); return( ret ); } - if( ( ret = ecdh_make_params( &ssl->handshake->ecdh_ctx, &len, - p, SSL_MAX_CONTENT_LEN - n, - ssl->f_rng, ssl->p_rng ) ) != 0 ) + if( ( ret = mbedtls_ecdh_make_params( &ssl->handshake->ecdh_ctx, &len, + p, MBEDTLS_SSL_MAX_CONTENT_LEN - n, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ecdh_make_params", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret ); return( ret ); } @@ -2624,63 +2692,63 @@ curve_matching_done: p += len; n += len; - SSL_DEBUG_ECP( 3, "ECDH: Q ", &ssl->handshake->ecdh_ctx.Q ); + MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Q ", &ssl->handshake->ecdh_ctx.Q ); } -#endif /* POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA ) +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) { size_t signature_len = 0; unsigned int hashlen = 0; unsigned char hash[64]; - md_type_t md_alg = POLARSSL_MD_NONE; + mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; /* * Choose hash algorithm. NONE means MD5 + SHA1 here. */ -#if defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { - md_alg = ssl_md_alg_from_hash( ssl->handshake->sig_alg ); + md_alg = mbedtls_ssl_md_alg_from_hash( ssl->handshake->sig_alg ); - if( md_alg == POLARSSL_MD_NONE ) + if( md_alg == MBEDTLS_MD_NONE ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } } else -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_1) +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) if( ciphersuite_info->key_exchange == - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA ) + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) { - md_alg = POLARSSL_MD_SHA1; + md_alg = MBEDTLS_MD_SHA1; } else #endif { - md_alg = POLARSSL_MD_NONE; + md_alg = MBEDTLS_MD_NONE; } /* * Compute the hash to be signed */ -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_1) - if( md_alg == POLARSSL_MD_NONE ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( md_alg == MBEDTLS_MD_NONE ) { - md5_context md5; - sha1_context sha1; + mbedtls_md5_context mbedtls_md5; + mbedtls_sha1_context mbedtls_sha1; - md5_init( &md5 ); - sha1_init( &sha1 ); + mbedtls_md5_init( &mbedtls_md5 ); + mbedtls_sha1_init( &mbedtls_sha1 ); /* * digitally-signed struct { @@ -2695,32 +2763,32 @@ curve_matching_done: * SHA(ClientHello.random + ServerHello.random * + ServerParams); */ - md5_starts( &md5 ); - md5_update( &md5, ssl->handshake->randbytes, 64 ); - md5_update( &md5, dig_signed, dig_signed_len ); - md5_finish( &md5, hash ); + mbedtls_md5_starts( &mbedtls_md5 ); + mbedtls_md5_update( &mbedtls_md5, ssl->handshake->randbytes, 64 ); + mbedtls_md5_update( &mbedtls_md5, dig_signed, dig_signed_len ); + mbedtls_md5_finish( &mbedtls_md5, hash ); - sha1_starts( &sha1 ); - sha1_update( &sha1, ssl->handshake->randbytes, 64 ); - sha1_update( &sha1, dig_signed, dig_signed_len ); - sha1_finish( &sha1, hash + 16 ); + mbedtls_sha1_starts( &mbedtls_sha1 ); + mbedtls_sha1_update( &mbedtls_sha1, ssl->handshake->randbytes, 64 ); + mbedtls_sha1_update( &mbedtls_sha1, dig_signed, dig_signed_len ); + mbedtls_sha1_finish( &mbedtls_sha1, hash + 16 ); hashlen = 36; - md5_free( &md5 ); - sha1_free( &sha1 ); + mbedtls_md5_free( &mbedtls_md5 ); + mbedtls_sha1_free( &mbedtls_sha1 ); } else -#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \ - POLARSSL_SSL_PROTO_TLS1_1 */ -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_2) - if( md_alg != POLARSSL_MD_NONE ) +#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ + MBEDTLS_SSL_PROTO_TLS1_1 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( md_alg != MBEDTLS_MD_NONE ) { - md_context_t ctx; - const md_info_t *md_info = md_info_from_type( md_alg ); + mbedtls_md_context_t ctx; + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - md_init( &ctx ); + mbedtls_md_init( &ctx ); /* Info from md_alg will be used instead */ hashlen = 0; @@ -2732,53 +2800,53 @@ curve_matching_done: * ServerDHParams params; * }; */ - if( ( ret = md_init_ctx( &ctx, md_info ) ) != 0 ) + if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 ) { - SSL_DEBUG_RET( 1, "md_init_ctx", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret ); return( ret ); } - md_starts( &ctx ); - md_update( &ctx, ssl->handshake->randbytes, 64 ); - md_update( &ctx, dig_signed, dig_signed_len ); - md_finish( &ctx, hash ); - md_free( &ctx ); + mbedtls_md_starts( &ctx ); + mbedtls_md_update( &ctx, ssl->handshake->randbytes, 64 ); + mbedtls_md_update( &ctx, dig_signed, dig_signed_len ); + mbedtls_md_finish( &ctx, hash ); + mbedtls_md_free( &ctx ); } else -#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 || \ - POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ + MBEDTLS_SSL_PROTO_TLS1_2 */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen : - (unsigned int) ( md_info_from_type( md_alg ) )->size ); + MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen : + (unsigned int) ( mbedtls_md_get_size( mbedtls_md_info_from_type( md_alg ) ) ) ); /* * Make the signature */ - if( ssl_own_key( ssl ) == NULL ) + if( mbedtls_ssl_own_key( ssl ) == NULL ) { - SSL_DEBUG_MSG( 1, ( "got no private key" ) ); - return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key" ) ); + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); } -#if defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { *(p++) = ssl->handshake->sig_alg; - *(p++) = ssl_sig_from_pk( ssl_own_key( ssl ) ); + *(p++) = mbedtls_ssl_sig_from_pk( mbedtls_ssl_own_key( ssl ) ); n += 2; } -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - if( ( ret = pk_sign( ssl_own_key( ssl ), md_alg, hash, hashlen, + if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), md_alg, hash, hashlen, p + 2 , &signature_len, - ssl->f_rng, ssl->p_rng ) ) != 0 ) + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { - SSL_DEBUG_RET( 1, "pk_sign", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); return( ret ); } @@ -2786,61 +2854,65 @@ curve_matching_done: *(p++) = (unsigned char)( signature_len ); n += 2; - SSL_DEBUG_BUF( 3, "my signature", p, signature_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "my signature", p, signature_len ); - p += signature_len; n += signature_len; } -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || - POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || + MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ ssl->out_msglen = 4 + n; - ssl->out_msgtype = SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = SSL_HS_SERVER_KEY_EXCHANGE; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE; ssl->state++; - if( ( ret = ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= write server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server key exchange" ) ); return( 0 ); } -static int ssl_write_server_hello_done( ssl_context *ssl ) +static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) { int ret; - SSL_DEBUG_MSG( 2, ( "=> write server hello done" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello done" ) ); ssl->out_msglen = 4; - ssl->out_msgtype = SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = SSL_HS_SERVER_HELLO_DONE; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO_DONE; ssl->state++; - if( ( ret = ssl_write_record( ssl ) ) != 0 ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_send_flight_completed( ssl ); +#endif + + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= write server hello done" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello done" ) ); return( 0 ); } -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) -static int ssl_parse_client_dh_public( ssl_context *ssl, unsigned char **p, +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) +static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char **p, const unsigned char *end ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t n; /* @@ -2848,8 +2920,8 @@ static int ssl_parse_client_dh_public( ssl_context *ssl, unsigned char **p, */ if( *p + 2 > end ) { - SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } n = ( (*p)[0] << 8 ) | (*p)[1]; @@ -2857,68 +2929,73 @@ static int ssl_parse_client_dh_public( ssl_context *ssl, unsigned char **p, if( *p + n > end ) { - SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } - if( ( ret = dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 ) + if( ( ret = mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 ) { - SSL_DEBUG_RET( 1, "dhm_read_public", ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_read_public", ret ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); } *p += n; - SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); return( ret ); } -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) -static int ssl_parse_encrypted_pms( ssl_context *ssl, +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) +static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, const unsigned char *p, const unsigned char *end, size_t pms_offset ) { int ret; - size_t len = pk_get_len( ssl_own_key( ssl ) ); + size_t len = mbedtls_pk_get_len( mbedtls_ssl_own_key( ssl ) ); unsigned char *pms = ssl->handshake->premaster + pms_offset; + unsigned char ver[2]; unsigned char fake_pms[48], peer_pms[48]; unsigned char mask; size_t i, peer_pmslen; unsigned int diff; - if( ! pk_can_do( ssl_own_key( ssl ), POLARSSL_PK_RSA ) ) + if( ! mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_RSA ) ) { - SSL_DEBUG_MSG( 1, ( "got no RSA private key" ) ); - return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no RSA private key" ) ); + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); } /* * Decrypt the premaster using own private RSA key */ -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver != SSL_MINOR_VERSION_0 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) { if( *p++ != ( ( len >> 8 ) & 0xFF ) || *p++ != ( ( len ) & 0xFF ) ) { - SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } } #endif if( p + len != end ) { - SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } + mbedtls_ssl_write_version( ssl->handshake->max_major_ver, + ssl->handshake->max_minor_ver, + ssl->conf->transport, ver ); + /* * Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding * must not cause the connection to end immediately; instead, send a @@ -2926,56 +3003,66 @@ static int ssl_parse_encrypted_pms( ssl_context *ssl, * Also, avoid data-dependant branches here to protect against * timing-based variants. */ - ret = ssl->f_rng( ssl->p_rng, fake_pms, sizeof( fake_pms ) ); + ret = ssl->conf->f_rng( ssl->conf->p_rng, fake_pms, sizeof( fake_pms ) ); if( ret != 0 ) return( ret ); - ret = pk_decrypt( ssl_own_key( ssl ), p, len, + ret = mbedtls_pk_decrypt( mbedtls_ssl_own_key( ssl ), p, len, peer_pms, &peer_pmslen, sizeof( peer_pms ), - ssl->f_rng, ssl->p_rng ); + ssl->conf->f_rng, ssl->conf->p_rng ); diff = (unsigned int) ret; diff |= peer_pmslen ^ 48; - diff |= peer_pms[0] ^ ssl->handshake->max_major_ver; - diff |= peer_pms[1] ^ ssl->handshake->max_minor_ver; + diff |= peer_pms[0] ^ ver[0]; + diff |= peer_pms[1] ^ ver[1]; -#if defined(POLARSSL_SSL_DEBUG_ALL) +#if defined(MBEDTLS_SSL_DEBUG_ALL) if( diff != 0 ) - SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); #endif if( sizeof( ssl->handshake->premaster ) < pms_offset || sizeof( ssl->handshake->premaster ) - pms_offset < 48 ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } ssl->handshake->pmslen = 48; - /* mask = diff ? 0xff : 0x00 */ - mask = - ( diff | - diff ) >> ( sizeof( unsigned int ) * 8 - 1 ); + /* mask = diff ? 0xff : 0x00 using bit operations to avoid branches */ + /* MSVC has a warning about unary minus on unsigned, but this is + * well-defined and precisely what we want to do here */ +#if defined(_MSC_VER) +#pragma warning( push ) +#pragma warning( disable : 4146 ) +#endif + mask = - ( ( diff | - diff ) >> ( sizeof( unsigned int ) * 8 - 1 ) ); +#if defined(_MSC_VER) +#pragma warning( pop ) +#endif + for( i = 0; i < ssl->handshake->pmslen; i++ ) pms[i] = ( mask & fake_pms[i] ) | ( (~mask) & peer_pms[i] ); return( 0 ); } -#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) -static int ssl_parse_client_psk_identity( ssl_context *ssl, unsigned char **p, +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned char **p, const unsigned char *end ) { int ret = 0; size_t n; - if( ssl->f_psk == NULL && - ( ssl->psk == NULL || ssl->psk_identity == NULL || - ssl->psk_identity_len == 0 || ssl->psk_len == 0 ) ) + if( ssl->conf->f_psk == NULL && + ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL || + ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) ) { - SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) ); - return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) ); + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); } /* @@ -2983,8 +3070,8 @@ static int ssl_parse_client_psk_identity( ssl_context *ssl, unsigned char **p, */ if( *p + 2 > end ) { - SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } n = ( (*p)[0] << 8 ) | (*p)[1]; @@ -2992,477 +3079,465 @@ static int ssl_parse_client_psk_identity( ssl_context *ssl, unsigned char **p, if( n < 1 || n > 65535 || *p + n > end ) { - SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } - if( ssl->f_psk != NULL ) + if( ssl->conf->f_psk != NULL ) { - if( ssl->f_psk( ssl->p_psk, ssl, *p, n ) != 0 ) - ret = POLARSSL_ERR_SSL_UNKNOWN_IDENTITY; + if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 ) + ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; } else { /* Identity is not a big secret since clients send it in the clear, * but treat it carefully anyway, just in case */ - if( n != ssl->psk_identity_len || - safer_memcmp( ssl->psk_identity, *p, n ) != 0 ) + if( n != ssl->conf->psk_identity_len || + mbedtls_ssl_safer_memcmp( ssl->conf->psk_identity, *p, n ) != 0 ) { - ret = POLARSSL_ERR_SSL_UNKNOWN_IDENTITY; + ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; } } - if( ret == POLARSSL_ERR_SSL_UNKNOWN_IDENTITY ) + if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ) { - SSL_DEBUG_BUF( 3, "Unknown PSK identity", *p, n ); - if( ( ret = ssl_send_alert_message( ssl, - SSL_ALERT_LEVEL_FATAL, - SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ) ) != 0 ) + MBEDTLS_SSL_DEBUG_BUF( 3, "Unknown PSK identity", *p, n ); + if( ( ret = mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ) ) != 0 ) { return( ret ); } - return( POLARSSL_ERR_SSL_UNKNOWN_IDENTITY ); + return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ); } *p += n; return( 0 ); } -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -static int ssl_parse_client_key_exchange( ssl_context *ssl ) +static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) { int ret; - const ssl_ciphersuite_t *ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + unsigned char *p, *end; ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) ); - if( ( ret = ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); } - if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + end = ssl->in_msg + ssl->in_hslen; + + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) { - SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } - if( ssl->in_msg[0] != SSL_HS_CLIENT_KEY_EXCHANGE ) + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE ) { - SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ) +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) { - unsigned char *p = ssl->in_msg + 4; - unsigned char *end = ssl->in_msg + ssl->in_hslen; - if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret ); return( ret ); } if( p != end ) { - SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } - ssl->handshake->pmslen = POLARSSL_PREMASTER_SIZE; - - if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx, + if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, ssl->handshake->premaster, + MBEDTLS_PREMASTER_SIZE, &ssl->handshake->pmslen, - ssl->f_rng, ssl->p_rng ) ) != 0 ) + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { - SSL_DEBUG_RET( 1, "dhm_calc_secret", ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); } - SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); } else -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDH_ECDSA ) +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) { - if( ( ret = ecdh_read_public( &ssl->handshake->ecdh_ctx, - ssl->in_msg + 4, ssl->in_hslen - 4 ) ) != 0 ) + if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, + p, end - p) ) != 0 ) { - SSL_DEBUG_RET( 1, "ecdh_read_public", ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); } - SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); + MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); - if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, + if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &ssl->handshake->pmslen, ssl->handshake->premaster, - POLARSSL_MPI_MAX_SIZE, - ssl->f_rng, ssl->p_rng ) ) != 0 ) + MBEDTLS_MPI_MAX_SIZE, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ecdh_calc_secret", ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); } - SSL_DEBUG_MPI( 3, "ECDH: z ", &ssl->handshake->ecdh_ctx.z ); + MBEDTLS_SSL_DEBUG_MPI( 3, "ECDH: z ", &ssl->handshake->ecdh_ctx.z ); } else -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ) +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) { - unsigned char *p = ssl->in_msg + 4; - unsigned char *end = ssl->in_msg + ssl->in_hslen; - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); return( ret ); } if( p != end ) { - SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } - if( ( ret = ssl_psk_derive_premaster( ssl, + if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, ciphersuite_info->key_exchange ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); return( ret ); } } else -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) { - unsigned char *p = ssl->in_msg + 4; - unsigned char *end = ssl->in_msg + ssl->in_hslen; - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); return( ret ); } if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret ); return( ret ); } - if( ( ret = ssl_psk_derive_premaster( ssl, + if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, ciphersuite_info->key_exchange ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); return( ret ); } } else -#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) { - unsigned char *p = ssl->in_msg + 4; - unsigned char *end = ssl->in_msg + ssl->in_hslen; - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); return( ret ); } if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret ); return( ret ); } if( p != end ) { - SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } - if( ( ret = ssl_psk_derive_premaster( ssl, + if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, ciphersuite_info->key_exchange ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); return( ret ); } } else -#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { - unsigned char *p = ssl->in_msg + 4; - unsigned char *end = ssl->in_msg + ssl->in_hslen; - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); return( ret ); } - if( ( ret = ecdh_read_public( &ssl->handshake->ecdh_ctx, + if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, p, end - p ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ecdh_read_public", ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); } - SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); + MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); - if( ( ret = ssl_psk_derive_premaster( ssl, + if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, ciphersuite_info->key_exchange ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); return( ret ); } } else -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ) +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) { - if( ( ret = ssl_parse_encrypted_pms( ssl, - ssl->in_msg + 4, - ssl->in_msg + ssl->in_hslen, - 0 ) ) != 0 ) + if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 0 ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ssl_parse_parse_encrypted_pms_secret" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_parse_encrypted_pms_secret" ), ret ); return( ret ); } } else -#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); return( ret ); } ssl->state++; - SSL_DEBUG_MSG( 2, ( "<= parse client key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client key exchange" ) ); return( 0 ); } -#if !defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -static int ssl_parse_certificate_verify( ssl_context *ssl ) +#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) { - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) { - SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); ssl->state++; return( 0 ); } - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } #else -static int ssl_parse_certificate_verify( ssl_context *ssl ) +static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; - size_t sa_len, sig_len; + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + size_t i, sig_len; unsigned char hash[48]; unsigned char *hash_start = hash; size_t hashlen; -#if defined(POLARSSL_SSL_PROTO_TLS1_2) - pk_type_t pk_alg; +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + mbedtls_pk_type_t pk_alg; #endif - md_type_t md_alg; - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - - SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); + mbedtls_md_type_t md_alg; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) - { - SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); - ssl->state++; - return( 0 ); - } + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); - if( ssl->session_negotiate->peer_cert == NULL ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ssl->session_negotiate->peer_cert == NULL ) { - SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); ssl->state++; return( 0 ); } + /* Needs to be done before read_record() to exclude current message */ ssl->handshake->calc_verify( ssl, hash ); - if( ( ret = ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); } ssl->state++; - if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || + ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY ) { - SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); } - if( ssl->in_msg[0] != SSL_HS_CERTIFICATE_VERIFY ) - { - SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); - } + i = mbedtls_ssl_hs_hdr_len( ssl ); /* - * 0 . 0 handshake type - * 1 . 3 handshake length - * 4 . 5 sig alg (TLS 1.2 only) - * 4+n . 5+n signature length (n = sa_len) - * 6+n . 6+n+m signature (m = sig_len) + * struct { + * SignatureAndHashAlgorithm algorithm; -- TLS 1.2 only + * opaque signature<0..2^16-1>; + * } DigitallySigned; */ - -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_1) - if( ssl->minor_ver != SSL_MINOR_VERSION_3 ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) { - sa_len = 0; - - md_alg = POLARSSL_MD_NONE; + md_alg = MBEDTLS_MD_NONE; hashlen = 36; /* For ECDSA, use SHA-1, not MD-5 + SHA-1 */ - if( pk_can_do( &ssl->session_negotiate->peer_cert->pk, - POLARSSL_PK_ECDSA ) ) + if( mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk, + MBEDTLS_PK_ECDSA ) ) { hash_start += 16; hashlen -= 16; - md_alg = POLARSSL_MD_SHA1; + md_alg = MBEDTLS_MD_SHA1; } } else -#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || - POLARSSL_SSL_PROTO_TLS1_1 */ -#if defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) +#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || + MBEDTLS_SSL_PROTO_TLS1_1 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { - sa_len = 2; + if( i + 2 > ssl->in_hslen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } /* * Hash */ - if( ssl->in_msg[4] != ssl->handshake->verify_sig_alg ) + if( ssl->in_msg[i] != ssl->handshake->verify_sig_alg ) { - SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" + MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" " for verify message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); } - md_alg = ssl_md_alg_from_hash( ssl->handshake->verify_sig_alg ); + md_alg = mbedtls_ssl_md_alg_from_hash( ssl->handshake->verify_sig_alg ); /* Info from md_alg will be used instead */ hashlen = 0; + i++; + /* * Signature */ - if( ( pk_alg = ssl_pk_alg_from_sig( ssl->in_msg[5] ) ) - == POLARSSL_PK_NONE ) + if( ( pk_alg = mbedtls_ssl_pk_alg_from_sig( ssl->in_msg[i] ) ) + == MBEDTLS_PK_NONE ) { - SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" + MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" " for verify message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); } /* * Check the certificate's key type matches the signature alg */ - if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk, pk_alg ) ) + if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk, pk_alg ) ) { - SSL_DEBUG_MSG( 1, ( "sig_alg doesn't match cert key" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "sig_alg doesn't match cert key" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); } + + i++; } else -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - sig_len = ( ssl->in_msg[4 + sa_len] << 8 ) | ssl->in_msg[5 + sa_len]; + if( i + 2 > ssl->in_hslen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } + + sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1]; + i += 2; - if( sa_len + sig_len + 6 != ssl->in_hslen ) + if( i + sig_len != ssl->in_hslen ) { - SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); } - if( ( ret = pk_verify( &ssl->session_negotiate->peer_cert->pk, + if( ( ret = mbedtls_pk_verify( &ssl->session_negotiate->peer_cert->pk, md_alg, hash_start, hashlen, - ssl->in_msg + 6 + sa_len, sig_len ) ) != 0 ) + ssl->in_msg + i, sig_len ) ) != 0 ) { - SSL_DEBUG_RET( 1, "pk_verify", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) ); return( ret ); } -#endif /* !POLARSSL_KEY_EXCHANGE_RSA_ENABLED && - !POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED && - !POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ +#endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED && + !MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED && + !MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) -static int ssl_write_new_session_ticket( ssl_context *ssl ) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) { int ret; size_t tlen; - uint32_t lifetime = (uint32_t) ssl->ticket_lifetime; + uint32_t lifetime; - SSL_DEBUG_MSG( 2, ( "=> write new session ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write new session ticket" ) ); - ssl->out_msgtype = SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = SSL_HS_NEW_SESSION_TICKET; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_NEW_SESSION_TICKET; /* * struct { @@ -3475,17 +3550,21 @@ static int ssl_write_new_session_ticket( ssl_context *ssl ) * 10 . 9+n ticket content */ + if( ( ret = ssl->conf->f_ticket_write( ssl->conf->p_ticket, + ssl->session_negotiate, + ssl->out_msg + 10, + ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN, + &tlen, &lifetime ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_write", ret ); + tlen = 0; + } + ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF; ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF; ssl->out_msg[6] = ( lifetime >> 8 ) & 0xFF; ssl->out_msg[7] = ( lifetime ) & 0xFF; - if( ( ret = ssl_write_ticket( ssl, &tlen ) ) != 0 ) - { - SSL_DEBUG_RET( 1, "ssl_write_ticket", ret ); - tlen = 0; - } - ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF ); ssl->out_msg[9] = (unsigned char)( ( tlen ) & 0xFF ); @@ -3497,46 +3576,60 @@ static int ssl_write_new_session_ticket( ssl_context *ssl ) */ ssl->handshake->new_session_ticket = 0; - if( ( ret = ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= write new session ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write new session ticket" ) ); return( 0 ); } -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ /* * SSL handshake -- server side -- single step */ -int ssl_handshake_server_step( ssl_context *ssl ) +int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) { int ret = 0; - if( ssl->state == SSL_HANDSHAKE_OVER ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); - if( ( ret = ssl_flush_output( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) return( ret ); +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + { + if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) + return( ret ); + } +#endif + switch( ssl->state ) { - case SSL_HELLO_REQUEST: - ssl->state = SSL_CLIENT_HELLO; + case MBEDTLS_SSL_HELLO_REQUEST: + ssl->state = MBEDTLS_SSL_CLIENT_HELLO; break; /* * <== ClientHello */ - case SSL_CLIENT_HELLO: + case MBEDTLS_SSL_CLIENT_HELLO: ret = ssl_parse_client_hello( ssl ); break; +#if defined(MBEDTLS_SSL_PROTO_DTLS) + case MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT: + return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); +#endif + /* * ==> ServerHello * Certificate @@ -3544,23 +3637,23 @@ int ssl_handshake_server_step( ssl_context *ssl ) * ( CertificateRequest ) * ServerHelloDone */ - case SSL_SERVER_HELLO: + case MBEDTLS_SSL_SERVER_HELLO: ret = ssl_write_server_hello( ssl ); break; - case SSL_SERVER_CERTIFICATE: - ret = ssl_write_certificate( ssl ); + case MBEDTLS_SSL_SERVER_CERTIFICATE: + ret = mbedtls_ssl_write_certificate( ssl ); break; - case SSL_SERVER_KEY_EXCHANGE: + case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: ret = ssl_write_server_key_exchange( ssl ); break; - case SSL_CERTIFICATE_REQUEST: + case MBEDTLS_SSL_CERTIFICATE_REQUEST: ret = ssl_write_certificate_request( ssl ); break; - case SSL_SERVER_HELLO_DONE: + case MBEDTLS_SSL_SERVER_HELLO_DONE: ret = ssl_write_server_hello_done( ssl ); break; @@ -3571,24 +3664,24 @@ int ssl_handshake_server_step( ssl_context *ssl ) * ChangeCipherSpec * Finished */ - case SSL_CLIENT_CERTIFICATE: - ret = ssl_parse_certificate( ssl ); + case MBEDTLS_SSL_CLIENT_CERTIFICATE: + ret = mbedtls_ssl_parse_certificate( ssl ); break; - case SSL_CLIENT_KEY_EXCHANGE: + case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: ret = ssl_parse_client_key_exchange( ssl ); break; - case SSL_CERTIFICATE_VERIFY: + case MBEDTLS_SSL_CERTIFICATE_VERIFY: ret = ssl_parse_certificate_verify( ssl ); break; - case SSL_CLIENT_CHANGE_CIPHER_SPEC: - ret = ssl_parse_change_cipher_spec( ssl ); + case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: + ret = mbedtls_ssl_parse_change_cipher_spec( ssl ); break; - case SSL_CLIENT_FINISHED: - ret = ssl_parse_finished( ssl ); + case MBEDTLS_SSL_CLIENT_FINISHED: + ret = mbedtls_ssl_parse_finished( ssl ); break; /* @@ -3596,33 +3689,33 @@ int ssl_handshake_server_step( ssl_context *ssl ) * ChangeCipherSpec * Finished */ - case SSL_SERVER_CHANGE_CIPHER_SPEC: -#if defined(POLARSSL_SSL_SESSION_TICKETS) + case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: +#if defined(MBEDTLS_SSL_SESSION_TICKETS) if( ssl->handshake->new_session_ticket != 0 ) ret = ssl_write_new_session_ticket( ssl ); else #endif - ret = ssl_write_change_cipher_spec( ssl ); + ret = mbedtls_ssl_write_change_cipher_spec( ssl ); break; - case SSL_SERVER_FINISHED: - ret = ssl_write_finished( ssl ); + case MBEDTLS_SSL_SERVER_FINISHED: + ret = mbedtls_ssl_write_finished( ssl ); break; - case SSL_FLUSH_BUFFERS: - SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); - ssl->state = SSL_HANDSHAKE_WRAPUP; + case MBEDTLS_SSL_FLUSH_BUFFERS: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); + ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; break; - case SSL_HANDSHAKE_WRAPUP: - ssl_handshake_wrapup( ssl ); + case MBEDTLS_SSL_HANDSHAKE_WRAPUP: + mbedtls_ssl_handshake_wrapup( ssl ); break; default: - SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } return( ret ); } -#endif /* POLARSSL_SSL_SRV_C */ +#endif /* MBEDTLS_SSL_SRV_C */ diff --git a/ext/mbedtls/library/ssl_ticket.c b/ext/mbedtls/library/ssl_ticket.c new file mode 100644 index 0000000000..94795f4680 --- /dev/null +++ b/ext/mbedtls/library/ssl_ticket.c @@ -0,0 +1,490 @@ +/* + * TLS server tickets callbacks implementation + * + * Copyright (C) 2015, ARM Limited, All Rights Reserved + * + * This file is part of mbed TLS (https://tls.mbed.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_SSL_TICKET_C) + +#include "mbedtls/ssl_ticket.h" + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +#include + +/* Implementation that should never be optimized out by the compiler */ +static void mbedtls_zeroize( void *v, size_t n ) { + volatile unsigned char *p = v; while( n-- ) *p++ = 0; +} + +/* + * Initialze context + */ +void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_ssl_ticket_context ) ); + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_init( &ctx->mutex ); +#endif +} + +#define MAX_KEY_BYTES 32 /* 256 bits */ + +/* + * Generate/update a key + */ +static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx, + unsigned char index ) +{ + int ret; + unsigned char buf[MAX_KEY_BYTES]; + mbedtls_ssl_ticket_key *key = ctx->keys + index; + +#if defined(MBEDTLS_HAVE_TIME) + key->generation_time = (uint32_t) time( NULL ); +#endif + + if( ( ret = ctx->f_rng( ctx->p_rng, key->name, sizeof( key->name ) ) ) != 0 ) + return( ret ); + + if( ( ret = ctx->f_rng( ctx->p_rng, buf, sizeof( buf ) ) ) != 0 ) + return( ret ); + + /* With GCM and CCM, same context can encrypt & decrypt */ + ret = mbedtls_cipher_setkey( &key->ctx, buf, + mbedtls_cipher_get_key_bitlen( &key->ctx ), + MBEDTLS_ENCRYPT ); + + mbedtls_zeroize( buf, sizeof( buf ) ); + + return( ret ); +} + +/* + * Rotate/generate keys if necessary + */ +static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx ) +{ +#if !defined(MBEDTLS_HAVE_TIME) + ((void) ctx); +#else + if( ctx->ticket_lifetime != 0 ) + { + uint32_t current_time = (uint32_t) time( NULL ); + uint32_t key_time = ctx->keys[ctx->active].generation_time; + + if( current_time > key_time && + current_time - key_time < ctx->ticket_lifetime ) + { + return( 0 ); + } + + ctx->active = 1 - ctx->active; + + return( ssl_ticket_gen_key( ctx, ctx->active ) ); + } + else +#endif /* MBEDTLS_HAVE_TIME */ + return( 0 ); +} + +/* + * Setup context for actual use + */ +int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_cipher_type_t cipher, + uint32_t lifetime ) +{ + int ret; + const mbedtls_cipher_info_t *cipher_info; + + ctx->f_rng = f_rng; + ctx->p_rng = p_rng; + + ctx->ticket_lifetime = lifetime; + + cipher_info = mbedtls_cipher_info_from_type( cipher); + if( cipher_info == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + if( cipher_info->mode != MBEDTLS_MODE_GCM && + cipher_info->mode != MBEDTLS_MODE_CCM ) + { + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 || + ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 ) + { + return( ret ); + } + + if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 || + ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 ) + { + return( ret ); + } + + return( 0 ); +} + +/* + * Serialize a session in the following format: + * 0 . n-1 session structure, n = sizeof(mbedtls_ssl_session) + * n . n+2 peer_cert length = m (0 if no certificate) + * n+3 . n+2+m peer cert ASN.1 + */ +static int ssl_save_session( const mbedtls_ssl_session *session, + unsigned char *buf, size_t buf_len, + size_t *olen ) +{ + unsigned char *p = buf; + size_t left = buf_len; +#if defined(MBEDTLS_X509_CRT_PARSE_C) + size_t cert_len; +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + if( left < sizeof( mbedtls_ssl_session ) ) + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + + memcpy( p, session, sizeof( mbedtls_ssl_session ) ); + p += sizeof( mbedtls_ssl_session ); + left -= sizeof( mbedtls_ssl_session ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( session->peer_cert == NULL ) + cert_len = 0; + else + cert_len = session->peer_cert->raw.len; + + if( left < 3 + cert_len ) + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + + *p++ = (unsigned char)( cert_len >> 16 & 0xFF ); + *p++ = (unsigned char)( cert_len >> 8 & 0xFF ); + *p++ = (unsigned char)( cert_len & 0xFF ); + + if( session->peer_cert != NULL ) + memcpy( p, session->peer_cert->raw.p, cert_len ); + + p += cert_len; +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + *olen = p - buf; + + return( 0 ); +} + +/* + * Unserialise session, see ssl_save_session() + */ +static int ssl_load_session( mbedtls_ssl_session *session, + const unsigned char *buf, size_t len ) +{ + const unsigned char *p = buf; + const unsigned char * const end = buf + len; +#if defined(MBEDTLS_X509_CRT_PARSE_C) + size_t cert_len; +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + if( p + sizeof( mbedtls_ssl_session ) > end ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + memcpy( session, p, sizeof( mbedtls_ssl_session ) ); + p += sizeof( mbedtls_ssl_session ); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( p + 3 > end ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2]; + p += 3; + + if( cert_len == 0 ) + { + session->peer_cert = NULL; + } + else + { + int ret; + + if( p + cert_len > end ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + session->peer_cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); + + if( session->peer_cert == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + + mbedtls_x509_crt_init( session->peer_cert ); + + if( ( ret = mbedtls_x509_crt_parse_der( session->peer_cert, + p, cert_len ) ) != 0 ) + { + mbedtls_x509_crt_free( session->peer_cert ); + mbedtls_free( session->peer_cert ); + session->peer_cert = NULL; + return( ret ); + } + + p += cert_len; + } +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + + if( p != end ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + return( 0 ); +} + +/* + * Create session ticket, with the following structure: + * + * struct { + * opaque key_name[4]; + * opaque iv[12]; + * opaque encrypted_state<0..2^16-1>; + * opaque tag[16]; + * } ticket; + * + * The key_name, iv, and length of encrypted_state are the additional + * authenticated data. + */ +int mbedtls_ssl_ticket_write( void *p_ticket, + const mbedtls_ssl_session *session, + unsigned char *start, + const unsigned char *end, + size_t *tlen, + uint32_t *ticket_lifetime ) +{ + int ret; + mbedtls_ssl_ticket_context *ctx = p_ticket; + mbedtls_ssl_ticket_key *key; + unsigned char *key_name = start; + unsigned char *iv = start + 4; + unsigned char *state_len_bytes = iv + 12; + unsigned char *state = state_len_bytes + 2; + unsigned char *tag; + size_t clear_len, ciph_len; + + *tlen = 0; + + if( ctx == NULL || ctx->f_rng == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + /* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag, + * in addition to session itself, that will be checked when writing it. */ + if( end - start < 4 + 12 + 2 + 16 ) + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( ret ); +#endif + + if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 ) + goto cleanup; + + key = &ctx->keys[ctx->active]; + + *ticket_lifetime = ctx->ticket_lifetime; + + memcpy( key_name, key->name, 4 ); + + if( ( ret = ctx->f_rng( ctx->p_rng, iv, 12 ) ) != 0 ) + goto cleanup; + + /* Dump session state */ + if( ( ret = ssl_save_session( session, + state, end - state, &clear_len ) ) != 0 || + (unsigned long) clear_len > 65535 ) + { + goto cleanup; + } + state_len_bytes[0] = ( clear_len >> 8 ) & 0xff; + state_len_bytes[1] = ( clear_len ) & 0xff; + + /* Encrypt and authenticate */ + tag = state + clear_len; + if( ( ret = mbedtls_cipher_auth_encrypt( &key->ctx, + iv, 12, key_name, 4 + 12 + 2, + state, clear_len, state, &ciph_len, tag, 16 ) ) != 0 ) + { + goto cleanup; + } + if( ciph_len != clear_len ) + { + ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; + goto cleanup; + } + + *tlen = 4 + 12 + 2 + 16 + ciph_len; + +cleanup: +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif + + return( ret ); +} + +/* + * Select key based on name + */ +static mbedtls_ssl_ticket_key *ssl_ticket_select_key( + mbedtls_ssl_ticket_context *ctx, + const unsigned char name[4] ) +{ + unsigned char i; + + for( i = 0; i < sizeof( ctx->keys ) / sizeof( *ctx->keys ); i++ ) + if( memcmp( name, ctx->keys[i].name, 4 ) == 0 ) + return( &ctx->keys[i] ); + + return( NULL ); +} + +/* + * Load session ticket (see mbedtls_ssl_ticket_write for structure) + */ +int mbedtls_ssl_ticket_parse( void *p_ticket, + mbedtls_ssl_session *session, + unsigned char *buf, + size_t len ) +{ + int ret; + mbedtls_ssl_ticket_context *ctx = p_ticket; + mbedtls_ssl_ticket_key *key; + unsigned char *key_name = buf; + unsigned char *iv = buf + 4; + unsigned char *enc_len_p = iv + 12; + unsigned char *ticket = enc_len_p + 2; + unsigned char *tag; + size_t enc_len, clear_len; + + if( ctx == NULL || ctx->f_rng == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + /* See mbedtls_ssl_ticket_write() */ + if( len < 4 + 12 + 2 + 16 ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) + return( ret ); +#endif + + if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 ) + goto cleanup; + + enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1]; + tag = ticket + enc_len; + + if( len != 4 + 12 + 2 + enc_len + 16 ) + { + ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + goto cleanup; + } + + /* Select key */ + if( ( key = ssl_ticket_select_key( ctx, key_name ) ) == NULL ) + { + /* We can't know for sure but this is a likely option unless we're + * under attack - this is only informative anyway */ + ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; + goto cleanup; + } + + /* Decrypt and authenticate */ + if( ( ret = mbedtls_cipher_auth_decrypt( &key->ctx, iv, 12, + key_name, 4 + 12 + 2, ticket, enc_len, + ticket, &clear_len, tag, 16 ) ) != 0 ) + { + if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) + ret = MBEDTLS_ERR_SSL_INVALID_MAC; + + goto cleanup; + } + if( clear_len != enc_len ) + { + ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; + goto cleanup; + } + + /* Actually load session */ + if( ( ret = ssl_load_session( session, ticket, clear_len ) ) != 0 ) + goto cleanup; + +#if defined(MBEDTLS_HAVE_TIME) + { + /* Check for expiration */ + time_t current_time = time( NULL ); + + if( current_time < session->start || + (uint32_t)( current_time - session->start ) > ctx->ticket_lifetime ) + { + ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; + goto cleanup; + } + } +#endif + +cleanup: +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif + + return( ret ); +} + +/* + * Free context + */ +void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx ) +{ + mbedtls_cipher_free( &ctx->keys[0].ctx ); + mbedtls_cipher_free( &ctx->keys[1].ctx ); + +#if defined(MBEDTLS_THREADING_C) + mbedtls_mutex_free( &ctx->mutex ); +#endif + + mbedtls_zeroize( ctx, sizeof( mbedtls_ssl_ticket_context ) ); +} + +#endif /* MBEDTLS_SSL_TICKET_C */ diff --git a/ext/mbedtls/library/ssl_tls.c b/ext/mbedtls/library/ssl_tls.c index b8fb507153..998f77b393 100644 --- a/ext/mbedtls/library/ssl_tls.c +++ b/ext/mbedtls/library/ssl_tls.c @@ -28,43 +28,117 @@ * http://www.ietf.org/rfc/rfc4346.txt */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_SSL_TLS_C) +#if defined(MBEDTLS_SSL_TLS_C) -#include "polarssl/debug.h" -#include "polarssl/ssl.h" +#include "mbedtls/debug.h" +#include "mbedtls/ssl.h" +#include "mbedtls/ssl_internal.h" #include -#if defined(POLARSSL_X509_CRT_PARSE_C) && \ - defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) -#include "polarssl/oid.h" +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) +#include "mbedtls/oid.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_malloc malloc -#define polarssl_free free -#endif - -#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \ - !defined(EFI32) -#define strcasecmp _stricmp +#define mbedtls_calloc calloc +#define mbedtls_free free #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) +/* Length of the "epoch" field in the record header */ +static inline size_t ssl_ep_len( const mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + return( 2 ); +#else + ((void) ssl); +#endif + return( 0 ); +} + +/* + * Start a timer. + * Passing millisecs = 0 cancels a running timer. + */ +static void ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs ) +{ + if( ssl->f_set_timer == NULL ) + return; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "set_timer to %d ms", (int) millisecs ) ); + ssl->f_set_timer( ssl->p_timer, millisecs / 4, millisecs ); +} + +/* + * Return -1 is timer is expired, 0 if it isn't. + */ +static int ssl_check_timer( mbedtls_ssl_context *ssl ) +{ + if( ssl->f_get_timer == NULL ) + return( 0 ); + + if( ssl->f_get_timer( ssl->p_timer ) == 2 ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "timer expired" ) ); + return( -1 ); + } + + return( 0 ); +} + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +/* + * Double the retransmit timeout value, within the allowed range, + * returning -1 if the maximum value has already been reached. + */ +static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl ) +{ + uint32_t new_timeout; + + if( ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max ) + return( -1 ); + + new_timeout = 2 * ssl->handshake->retransmit_timeout; + + /* Avoid arithmetic overflow and range overflow */ + if( new_timeout < ssl->handshake->retransmit_timeout || + new_timeout > ssl->conf->hs_timeout_max ) + { + new_timeout = ssl->conf->hs_timeout_max; + } + + ssl->handshake->retransmit_timeout = new_timeout; + MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs", + ssl->handshake->retransmit_timeout ) ); + + return( 0 ); +} + +static void ssl_reset_retransmit_timeout( mbedtls_ssl_context *ssl ) +{ + ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min; + MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs", + ssl->handshake->retransmit_timeout ) ); +} +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) /* * Convert max_fragment_length codes to length. * RFC 6066 says: @@ -73,89 +147,91 @@ static void polarssl_zeroize( void *v, size_t n ) { * } MaxFragmentLength; * and we add 0 -> extension unused */ -static unsigned int mfl_code_to_length[SSL_MAX_FRAG_LEN_INVALID] = +static unsigned int mfl_code_to_length[MBEDTLS_SSL_MAX_FRAG_LEN_INVALID] = { - SSL_MAX_CONTENT_LEN, /* SSL_MAX_FRAG_LEN_NONE */ - 512, /* SSL_MAX_FRAG_LEN_512 */ - 1024, /* SSL_MAX_FRAG_LEN_1024 */ - 2048, /* SSL_MAX_FRAG_LEN_2048 */ - 4096, /* SSL_MAX_FRAG_LEN_4096 */ + MBEDTLS_SSL_MAX_CONTENT_LEN, /* MBEDTLS_SSL_MAX_FRAG_LEN_NONE */ + 512, /* MBEDTLS_SSL_MAX_FRAG_LEN_512 */ + 1024, /* MBEDTLS_SSL_MAX_FRAG_LEN_1024 */ + 2048, /* MBEDTLS_SSL_MAX_FRAG_LEN_2048 */ + 4096, /* MBEDTLS_SSL_MAX_FRAG_LEN_4096 */ }; -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -static int ssl_session_copy( ssl_session *dst, const ssl_session *src ) +#if defined(MBEDTLS_SSL_CLI_C) +static int ssl_session_copy( mbedtls_ssl_session *dst, const mbedtls_ssl_session *src ) { - ssl_session_free( dst ); - memcpy( dst, src, sizeof( ssl_session ) ); + mbedtls_ssl_session_free( dst ); + memcpy( dst, src, sizeof( mbedtls_ssl_session ) ); -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) if( src->peer_cert != NULL ) { int ret; - dst->peer_cert = polarssl_malloc( sizeof(x509_crt) ); + dst->peer_cert = mbedtls_calloc( 1, sizeof(mbedtls_x509_crt) ); if( dst->peer_cert == NULL ) - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - x509_crt_init( dst->peer_cert ); + mbedtls_x509_crt_init( dst->peer_cert ); - if( ( ret = x509_crt_parse_der( dst->peer_cert, src->peer_cert->raw.p, + if( ( ret = mbedtls_x509_crt_parse_der( dst->peer_cert, src->peer_cert->raw.p, src->peer_cert->raw.len ) ) != 0 ) { - polarssl_free( dst->peer_cert ); + mbedtls_free( dst->peer_cert ); dst->peer_cert = NULL; return( ret ); } } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) if( src->ticket != NULL ) { - dst->ticket = polarssl_malloc( src->ticket_len ); + dst->ticket = mbedtls_calloc( 1, src->ticket_len ); if( dst->ticket == NULL ) - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); memcpy( dst->ticket, src->ticket, src->ticket_len ); } -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ return( 0 ); } +#endif /* MBEDTLS_SSL_CLI_C */ -#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) -int (*ssl_hw_record_init)( ssl_context *ssl, +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) +int (*mbedtls_ssl_hw_record_init)( mbedtls_ssl_context *ssl, const unsigned char *key_enc, const unsigned char *key_dec, size_t keylen, const unsigned char *iv_enc, const unsigned char *iv_dec, size_t ivlen, const unsigned char *mac_enc, const unsigned char *mac_dec, size_t maclen ) = NULL; -int (*ssl_hw_record_activate)( ssl_context *ssl, int direction) = NULL; -int (*ssl_hw_record_reset)( ssl_context *ssl ) = NULL; -int (*ssl_hw_record_write)( ssl_context *ssl ) = NULL; -int (*ssl_hw_record_read)( ssl_context *ssl ) = NULL; -int (*ssl_hw_record_finish)( ssl_context *ssl ) = NULL; -#endif /* POLARSSL_SSL_HW_RECORD_ACCEL */ +int (*mbedtls_ssl_hw_record_activate)( mbedtls_ssl_context *ssl, int direction) = NULL; +int (*mbedtls_ssl_hw_record_reset)( mbedtls_ssl_context *ssl ) = NULL; +int (*mbedtls_ssl_hw_record_write)( mbedtls_ssl_context *ssl ) = NULL; +int (*mbedtls_ssl_hw_record_read)( mbedtls_ssl_context *ssl ) = NULL; +int (*mbedtls_ssl_hw_record_finish)( mbedtls_ssl_context *ssl ) = NULL; +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ /* * Key material generation */ -#if defined(POLARSSL_SSL_PROTO_SSL3) +#if defined(MBEDTLS_SSL_PROTO_SSL3) static int ssl3_prf( const unsigned char *secret, size_t slen, const char *label, const unsigned char *random, size_t rlen, unsigned char *dstbuf, size_t dlen ) { size_t i; - md5_context md5; - sha1_context sha1; + mbedtls_md5_context md5; + mbedtls_sha1_context sha1; unsigned char padding[16]; unsigned char sha1sum[20]; ((void)label); - md5_init( &md5 ); - sha1_init( &sha1 ); + mbedtls_md5_init( &md5 ); + mbedtls_sha1_init( &sha1 ); /* * SSLv3: @@ -169,29 +245,29 @@ static int ssl3_prf( const unsigned char *secret, size_t slen, { memset( padding, (unsigned char) ('A' + i), 1 + i ); - sha1_starts( &sha1 ); - sha1_update( &sha1, padding, 1 + i ); - sha1_update( &sha1, secret, slen ); - sha1_update( &sha1, random, rlen ); - sha1_finish( &sha1, sha1sum ); + mbedtls_sha1_starts( &sha1 ); + mbedtls_sha1_update( &sha1, padding, 1 + i ); + mbedtls_sha1_update( &sha1, secret, slen ); + mbedtls_sha1_update( &sha1, random, rlen ); + mbedtls_sha1_finish( &sha1, sha1sum ); - md5_starts( &md5 ); - md5_update( &md5, secret, slen ); - md5_update( &md5, sha1sum, 20 ); - md5_finish( &md5, dstbuf + i * 16 ); + mbedtls_md5_starts( &md5 ); + mbedtls_md5_update( &md5, secret, slen ); + mbedtls_md5_update( &md5, sha1sum, 20 ); + mbedtls_md5_finish( &md5, dstbuf + i * 16 ); } - md5_free( &md5 ); - sha1_free( &sha1 ); + mbedtls_md5_free( &md5 ); + mbedtls_sha1_free( &sha1 ); - polarssl_zeroize( padding, sizeof( padding ) ); - polarssl_zeroize( sha1sum, sizeof( sha1sum ) ); + mbedtls_zeroize( padding, sizeof( padding ) ); + mbedtls_zeroize( sha1sum, sizeof( sha1sum ) ); return( 0 ); } -#endif /* POLARSSL_SSL_PROTO_SSL3 */ +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) static int tls1_prf( const unsigned char *secret, size_t slen, const char *label, const unsigned char *random, size_t rlen, @@ -202,9 +278,14 @@ static int tls1_prf( const unsigned char *secret, size_t slen, const unsigned char *S1, *S2; unsigned char tmp[128]; unsigned char h_i[20]; + const mbedtls_md_info_t *md_info; + mbedtls_md_context_t md_ctx; + int ret; + + mbedtls_md_init( &md_ctx ); if( sizeof( tmp ) < 20 + strlen( label ) + rlen ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); hs = ( slen + 1 ) / 2; S1 = secret; @@ -218,12 +299,25 @@ static int tls1_prf( const unsigned char *secret, size_t slen, /* * First compute P_md5(secret,label+random)[0..dlen] */ - md5_hmac( S1, hs, tmp + 20, nb, 4 + tmp ); + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + + if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) + return( ret ); + + mbedtls_md_hmac_starts( &md_ctx, S1, hs ); + mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); + mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); for( i = 0; i < dlen; i += 16 ) { - md5_hmac( S1, hs, 4 + tmp, 16 + nb, h_i ); - md5_hmac( S1, hs, 4 + tmp, 16, 4 + tmp ); + mbedtls_md_hmac_reset ( &md_ctx ); + mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 + nb ); + mbedtls_md_hmac_finish( &md_ctx, h_i ); + + mbedtls_md_hmac_reset ( &md_ctx ); + mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 ); + mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); k = ( i + 16 > dlen ) ? dlen % 16 : 16; @@ -231,15 +325,30 @@ static int tls1_prf( const unsigned char *secret, size_t slen, dstbuf[i + j] = h_i[j]; } + mbedtls_md_free( &md_ctx ); + /* * XOR out with P_sha1(secret,label+random)[0..dlen] */ - sha1_hmac( S2, hs, tmp + 20, nb, tmp ); + if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + + if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) + return( ret ); + + mbedtls_md_hmac_starts( &md_ctx, S2, hs ); + mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); + mbedtls_md_hmac_finish( &md_ctx, tmp ); for( i = 0; i < dlen; i += 20 ) { - sha1_hmac( S2, hs, tmp, 20 + nb, h_i ); - sha1_hmac( S2, hs, tmp, 20, tmp ); + mbedtls_md_hmac_reset ( &md_ctx ); + mbedtls_md_hmac_update( &md_ctx, tmp, 20 + nb ); + mbedtls_md_hmac_finish( &md_ctx, h_i ); + + mbedtls_md_hmac_reset ( &md_ctx ); + mbedtls_md_hmac_update( &md_ctx, tmp, 20 ); + mbedtls_md_hmac_finish( &md_ctx, tmp ); k = ( i + 20 > dlen ) ? dlen % 20 : 20; @@ -247,131 +356,134 @@ static int tls1_prf( const unsigned char *secret, size_t slen, dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] ); } - polarssl_zeroize( tmp, sizeof( tmp ) ); - polarssl_zeroize( h_i, sizeof( h_i ) ); + mbedtls_md_free( &md_ctx ); + + mbedtls_zeroize( tmp, sizeof( tmp ) ); + mbedtls_zeroize( h_i, sizeof( h_i ) ); return( 0 ); } -#endif /* POLARSSL_SSL_PROTO_TLS1) || POLARSSL_SSL_PROTO_TLS1_1 */ - -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#if defined(POLARSSL_SHA256_C) -static int tls_prf_sha256( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +#endif /* MBEDTLS_SSL_PROTO_TLS1) || MBEDTLS_SSL_PROTO_TLS1_1 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +static int tls_prf_generic( mbedtls_md_type_t md_type, + const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) { size_t nb; - size_t i, j, k; + size_t i, j, k, md_len; unsigned char tmp[128]; - unsigned char h_i[32]; + unsigned char h_i[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info; + mbedtls_md_context_t md_ctx; + int ret; + + mbedtls_md_init( &md_ctx ); + + if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == NULL ) + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + + md_len = mbedtls_md_get_size( md_info ); - if( sizeof( tmp ) < 32 + strlen( label ) + rlen ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + if( sizeof( tmp ) < md_len + strlen( label ) + rlen ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); nb = strlen( label ); - memcpy( tmp + 32, label, nb ); - memcpy( tmp + 32 + nb, random, rlen ); + memcpy( tmp + md_len, label, nb ); + memcpy( tmp + md_len + nb, random, rlen ); nb += rlen; /* * Compute P_(secret, label + random)[0..dlen] */ - sha256_hmac( secret, slen, tmp + 32, nb, tmp, 0 ); + if ( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) + return( ret ); + + mbedtls_md_hmac_starts( &md_ctx, secret, slen ); + mbedtls_md_hmac_update( &md_ctx, tmp + md_len, nb ); + mbedtls_md_hmac_finish( &md_ctx, tmp ); - for( i = 0; i < dlen; i += 32 ) + for( i = 0; i < dlen; i += md_len ) { - sha256_hmac( secret, slen, tmp, 32 + nb, h_i, 0 ); - sha256_hmac( secret, slen, tmp, 32, tmp, 0 ); + mbedtls_md_hmac_reset ( &md_ctx ); + mbedtls_md_hmac_update( &md_ctx, tmp, md_len + nb ); + mbedtls_md_hmac_finish( &md_ctx, h_i ); - k = ( i + 32 > dlen ) ? dlen % 32 : 32; + mbedtls_md_hmac_reset ( &md_ctx ); + mbedtls_md_hmac_update( &md_ctx, tmp, md_len ); + mbedtls_md_hmac_finish( &md_ctx, tmp ); + + k = ( i + md_len > dlen ) ? dlen % md_len : md_len; for( j = 0; j < k; j++ ) dstbuf[i + j] = h_i[j]; } - polarssl_zeroize( tmp, sizeof( tmp ) ); - polarssl_zeroize( h_i, sizeof( h_i ) ); + mbedtls_md_free( &md_ctx ); + + mbedtls_zeroize( tmp, sizeof( tmp ) ); + mbedtls_zeroize( h_i, sizeof( h_i ) ); return( 0 ); } -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) -static int tls_prf_sha384( const unsigned char *secret, size_t slen, +#if defined(MBEDTLS_SHA256_C) +static int tls_prf_sha256( const unsigned char *secret, size_t slen, const char *label, const unsigned char *random, size_t rlen, unsigned char *dstbuf, size_t dlen ) { - size_t nb; - size_t i, j, k; - unsigned char tmp[128]; - unsigned char h_i[48]; - - if( sizeof( tmp ) < 48 + strlen( label ) + rlen ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - - nb = strlen( label ); - memcpy( tmp + 48, label, nb ); - memcpy( tmp + 48 + nb, random, rlen ); - nb += rlen; - - /* - * Compute P_(secret, label + random)[0..dlen] - */ - sha512_hmac( secret, slen, tmp + 48, nb, tmp, 1 ); - - for( i = 0; i < dlen; i += 48 ) - { - sha512_hmac( secret, slen, tmp, 48 + nb, h_i, 1 ); - sha512_hmac( secret, slen, tmp, 48, tmp, 1 ); - - k = ( i + 48 > dlen ) ? dlen % 48 : 48; - - for( j = 0; j < k; j++ ) - dstbuf[i + j] = h_i[j]; - } - - polarssl_zeroize( tmp, sizeof( tmp ) ); - polarssl_zeroize( h_i, sizeof( h_i ) ); + return( tls_prf_generic( MBEDTLS_MD_SHA256, secret, slen, + label, random, rlen, dstbuf, dlen ) ); +} +#endif /* MBEDTLS_SHA256_C */ - return( 0 ); +#if defined(MBEDTLS_SHA512_C) +static int tls_prf_sha384( const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) +{ + return( tls_prf_generic( MBEDTLS_MD_SHA384, secret, slen, + label, random, rlen, dstbuf, dlen ) ); } -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -static void ssl_update_checksum_start( ssl_context *, const unsigned char *, size_t ); +static void ssl_update_checksum_start( mbedtls_ssl_context *, const unsigned char *, size_t ); -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_1) -static void ssl_update_checksum_md5sha1( ssl_context *, const unsigned char *, size_t ); +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) +static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *, const unsigned char *, size_t ); #endif -#if defined(POLARSSL_SSL_PROTO_SSL3) -static void ssl_calc_verify_ssl( ssl_context *, unsigned char * ); -static void ssl_calc_finished_ssl( ssl_context *, unsigned char *, int ); +#if defined(MBEDTLS_SSL_PROTO_SSL3) +static void ssl_calc_verify_ssl( mbedtls_ssl_context *, unsigned char * ); +static void ssl_calc_finished_ssl( mbedtls_ssl_context *, unsigned char *, int ); #endif -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) -static void ssl_calc_verify_tls( ssl_context *, unsigned char * ); -static void ssl_calc_finished_tls( ssl_context *, unsigned char *, int ); +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) +static void ssl_calc_verify_tls( mbedtls_ssl_context *, unsigned char * ); +static void ssl_calc_finished_tls( mbedtls_ssl_context *, unsigned char *, int ); #endif -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#if defined(POLARSSL_SHA256_C) -static void ssl_update_checksum_sha256( ssl_context *, const unsigned char *, size_t ); -static void ssl_calc_verify_tls_sha256( ssl_context *,unsigned char * ); -static void ssl_calc_finished_tls_sha256( ssl_context *,unsigned char *, int ); +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) +static void ssl_update_checksum_sha256( mbedtls_ssl_context *, const unsigned char *, size_t ); +static void ssl_calc_verify_tls_sha256( mbedtls_ssl_context *,unsigned char * ); +static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int ); #endif -#if defined(POLARSSL_SHA512_C) -static void ssl_update_checksum_sha384( ssl_context *, const unsigned char *, size_t ); -static void ssl_calc_verify_tls_sha384( ssl_context *, unsigned char * ); -static void ssl_calc_finished_tls_sha384( ssl_context *, unsigned char *, int ); +#if defined(MBEDTLS_SHA512_C) +static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t ); +static void ssl_calc_verify_tls_sha384( mbedtls_ssl_context *, unsigned char * ); +static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int ); #endif -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -int ssl_derive_keys( ssl_context *ssl ) +int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) { int ret = 0; unsigned char tmp[64]; @@ -381,36 +493,36 @@ int ssl_derive_keys( ssl_context *ssl ) unsigned char *mac_enc; unsigned char *mac_dec; size_t iv_copy_len; - const cipher_info_t *cipher_info; - const md_info_t *md_info; + const mbedtls_cipher_info_t *cipher_info; + const mbedtls_md_info_t *md_info; - ssl_session *session = ssl->session_negotiate; - ssl_transform *transform = ssl->transform_negotiate; - ssl_handshake_params *handshake = ssl->handshake; + mbedtls_ssl_session *session = ssl->session_negotiate; + mbedtls_ssl_transform *transform = ssl->transform_negotiate; + mbedtls_ssl_handshake_params *handshake = ssl->handshake; - SSL_DEBUG_MSG( 2, ( "=> derive keys" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) ); - cipher_info = cipher_info_from_type( transform->ciphersuite_info->cipher ); + cipher_info = mbedtls_cipher_info_from_type( transform->ciphersuite_info->cipher ); if( cipher_info == NULL ) { - SSL_DEBUG_MSG( 1, ( "cipher info for %d not found", + MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %d not found", transform->ciphersuite_info->cipher ) ); - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - md_info = md_info_from_type( transform->ciphersuite_info->mac ); + md_info = mbedtls_md_info_from_type( transform->ciphersuite_info->mac ); if( md_info == NULL ) { - SSL_DEBUG_MSG( 1, ( "md info for %d not found", + MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found", transform->ciphersuite_info->mac ) ); - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } /* * Set appropriate PRF function and other SSL / TLS / TLS1.2 functions */ -#if defined(POLARSSL_SSL_PROTO_SSL3) - if( ssl->minor_ver == SSL_MINOR_VERSION_0 ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { handshake->tls_prf = ssl3_prf; handshake->calc_verify = ssl_calc_verify_ssl; @@ -418,8 +530,8 @@ int ssl_derive_keys( ssl_context *ssl ) } else #endif -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) - if( ssl->minor_ver < SSL_MINOR_VERSION_3 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) { handshake->tls_prf = tls1_prf; handshake->calc_verify = ssl_calc_verify_tls; @@ -427,10 +539,10 @@ int ssl_derive_keys( ssl_context *ssl ) } else #endif -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#if defined(POLARSSL_SHA512_C) - if( ssl->minor_ver == SSL_MINOR_VERSION_3 && - transform->ciphersuite_info->mac == POLARSSL_MD_SHA384 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA512_C) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && + transform->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) { handshake->tls_prf = tls_prf_sha384; handshake->calc_verify = ssl_calc_verify_tls_sha384; @@ -438,8 +550,8 @@ int ssl_derive_keys( ssl_context *ssl ) } else #endif -#if defined(POLARSSL_SHA256_C) - if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) +#if defined(MBEDTLS_SHA256_C) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { handshake->tls_prf = tls_prf_sha256; handshake->calc_verify = ssl_calc_verify_tls_sha256; @@ -447,10 +559,10 @@ int ssl_derive_keys( ssl_context *ssl ) } else #endif -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } /* @@ -465,25 +577,25 @@ int ssl_derive_keys( ssl_context *ssl ) */ if( handshake->resume == 0 ) { - SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster, + MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster, handshake->pmslen ); -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) - if( ssl->handshake->extended_ms == SSL_EXTENDED_MS_ENABLED ) +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED ) { unsigned char session_hash[48]; size_t hash_len; - SSL_DEBUG_MSG( 3, ( "using extended master secret" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "using extended master secret" ) ); ssl->handshake->calc_verify( ssl, session_hash ); -#if defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { -#if defined(POLARSSL_SHA512_C) +#if defined(MBEDTLS_SHA512_C) if( ssl->transform_negotiate->ciphersuite_info->mac == - POLARSSL_MD_SHA384 ) + MBEDTLS_MD_SHA384 ) { hash_len = 48; } @@ -492,27 +604,38 @@ int ssl_derive_keys( ssl_context *ssl ) hash_len = 32; } else -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ hash_len = 36; - SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len ); - handshake->tls_prf( handshake->premaster, handshake->pmslen, - "extended master secret", - session_hash, hash_len, session->master, 48 ); + ret = handshake->tls_prf( handshake->premaster, handshake->pmslen, + "extended master secret", + session_hash, hash_len, + session->master, 48 ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); + return( ret ); + } } else #endif - handshake->tls_prf( handshake->premaster, handshake->pmslen, - "master secret", - handshake->randbytes, 64, session->master, 48 ); - + ret = handshake->tls_prf( handshake->premaster, handshake->pmslen, + "master secret", + handshake->randbytes, 64, + session->master, 48 ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); + return( ret ); + } - polarssl_zeroize( handshake->premaster, sizeof(handshake->premaster) ); + mbedtls_zeroize( handshake->premaster, sizeof(handshake->premaster) ); } else - SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) ); /* * Swap the client and server random values. @@ -520,7 +643,7 @@ int ssl_derive_keys( ssl_context *ssl ) memcpy( tmp, handshake->randbytes, 64 ); memcpy( handshake->randbytes, tmp + 32, 32 ); memcpy( handshake->randbytes + 32, tmp, 32 ); - polarssl_zeroize( tmp, sizeof( tmp ) ); + mbedtls_zeroize( tmp, sizeof( tmp ) ); /* * SSLv3: @@ -534,25 +657,30 @@ int ssl_derive_keys( ssl_context *ssl ) * TLSv1: * key block = PRF( master, "key expansion", randbytes ) */ - handshake->tls_prf( session->master, 48, "key expansion", - handshake->randbytes, 64, keyblk, 256 ); + ret = handshake->tls_prf( session->master, 48, "key expansion", + handshake->randbytes, 64, keyblk, 256 ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); + return( ret ); + } - SSL_DEBUG_MSG( 3, ( "ciphersuite = %s", - ssl_get_ciphersuite_name( session->ciphersuite ) ) ); - SSL_DEBUG_BUF( 3, "master secret", session->master, 48 ); - SSL_DEBUG_BUF( 4, "random bytes", handshake->randbytes, 64 ); - SSL_DEBUG_BUF( 4, "key block", keyblk, 256 ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite = %s", + mbedtls_ssl_get_ciphersuite_name( session->ciphersuite ) ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "master secret", session->master, 48 ); + MBEDTLS_SSL_DEBUG_BUF( 4, "random bytes", handshake->randbytes, 64 ); + MBEDTLS_SSL_DEBUG_BUF( 4, "key block", keyblk, 256 ); - polarssl_zeroize( handshake->randbytes, sizeof( handshake->randbytes ) ); + mbedtls_zeroize( handshake->randbytes, sizeof( handshake->randbytes ) ); /* * Determine the appropriate key, IV and MAC length. */ - transform->keylen = cipher_info->key_length / 8; + transform->keylen = cipher_info->key_bitlen / 8; - if( cipher_info->mode == POLARSSL_MODE_GCM || - cipher_info->mode == POLARSSL_MODE_CCM ) + if( cipher_info->mode == MBEDTLS_MODE_GCM || + cipher_info->mode == MBEDTLS_MODE_CCM ) { transform->maclen = 0; @@ -562,38 +690,38 @@ int ssl_derive_keys( ssl_context *ssl ) /* Minimum length is expicit IV + tag */ transform->minlen = transform->ivlen - transform->fixed_ivlen + ( transform->ciphersuite_info->flags & - POLARSSL_CIPHERSUITE_SHORT_TAG ? 8 : 16 ); + MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16 ); } else { int ret; /* Initialize HMAC contexts */ - if( ( ret = md_init_ctx( &transform->md_ctx_enc, md_info ) ) != 0 || - ( ret = md_init_ctx( &transform->md_ctx_dec, md_info ) ) != 0 ) + if( ( ret = mbedtls_md_setup( &transform->md_ctx_enc, md_info, 1 ) ) != 0 || + ( ret = mbedtls_md_setup( &transform->md_ctx_dec, md_info, 1 ) ) != 0 ) { - SSL_DEBUG_RET( 1, "md_init_ctx", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret ); return( ret ); } /* Get MAC length */ - transform->maclen = md_get_size( md_info ); + transform->maclen = mbedtls_md_get_size( md_info ); -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) /* * If HMAC is to be truncated, we shall keep the leftmost bytes, * (rfc 6066 page 13 or rfc 2104 section 4), * so we only need to adjust the length here. */ - if( session->trunc_hmac == SSL_TRUNC_HMAC_ENABLED ) - transform->maclen = SSL_TRUNCATED_HMAC_LEN; -#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ + if( session->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) + transform->maclen = MBEDTLS_SSL_TRUNCATED_HMAC_LEN; +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ /* IV length */ transform->ivlen = cipher_info->iv_size; /* Minimum length */ - if( cipher_info->mode == POLARSSL_MODE_STREAM ) + if( cipher_info->mode == MBEDTLS_MODE_STREAM ) transform->minlen = transform->maclen; else { @@ -603,8 +731,8 @@ int ssl_derive_keys( ssl_context *ssl ) * otherwise: * first multiple of blocklen greater than maclen * 2. IV except for SSL3 and TLS 1.0 */ -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) - if( session->encrypt_then_mac == SSL_ETM_ENABLED ) +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + if( session->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED ) { transform->minlen = transform->maclen + cipher_info->block_size; @@ -617,36 +745,36 @@ int ssl_derive_keys( ssl_context *ssl ) - transform->maclen % cipher_info->block_size; } -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) - if( ssl->minor_ver == SSL_MINOR_VERSION_0 || - ssl->minor_ver == SSL_MINOR_VERSION_1 ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_1 ) ; /* No need to adjust minlen */ else #endif -#if defined(POLARSSL_SSL_PROTO_TLS1_1) || defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == SSL_MINOR_VERSION_2 || - ssl->minor_ver == SSL_MINOR_VERSION_3 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_2 || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { transform->minlen += transform->ivlen; } else #endif { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } } } - SSL_DEBUG_MSG( 3, ( "keylen: %d, minlen: %d, ivlen: %d, maclen: %d", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "keylen: %d, minlen: %d, ivlen: %d, maclen: %d", transform->keylen, transform->minlen, transform->ivlen, transform->maclen ) ); /* * Finally setup the cipher contexts, IVs and MAC secrets. */ -#if defined(POLARSSL_SSL_CLI_C) - if( ssl->endpoint == SSL_IS_CLIENT ) +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { key1 = keyblk + transform->maclen * 2; key2 = keyblk + transform->maclen * 2 + transform->keylen; @@ -664,9 +792,9 @@ int ssl_derive_keys( ssl_context *ssl ) iv_copy_len ); } else -#endif /* POLARSSL_SSL_CLI_C */ -#if defined(POLARSSL_SSL_SRV_C) - if( ssl->endpoint == SSL_IS_SERVER ) +#endif /* MBEDTLS_SSL_CLI_C */ +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { key1 = keyblk + transform->maclen * 2 + transform->keylen; key2 = keyblk + transform->maclen * 2; @@ -684,128 +812,128 @@ int ssl_derive_keys( ssl_context *ssl ) iv_copy_len ); } else -#endif /* POLARSSL_SSL_SRV_C */ +#endif /* MBEDTLS_SSL_SRV_C */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined(POLARSSL_SSL_PROTO_SSL3) - if( ssl->minor_ver == SSL_MINOR_VERSION_0 ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { if( transform->maclen > sizeof transform->mac_enc ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } memcpy( transform->mac_enc, mac_enc, transform->maclen ); memcpy( transform->mac_dec, mac_dec, transform->maclen ); } else -#endif /* POLARSSL_SSL_PROTO_SSL3 */ -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= SSL_MINOR_VERSION_1 ) +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) { - md_hmac_starts( &transform->md_ctx_enc, mac_enc, transform->maclen ); - md_hmac_starts( &transform->md_ctx_dec, mac_dec, transform->maclen ); + mbedtls_md_hmac_starts( &transform->md_ctx_enc, mac_enc, transform->maclen ); + mbedtls_md_hmac_starts( &transform->md_ctx_dec, mac_dec, transform->maclen ); } else #endif { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) - if( ssl_hw_record_init != NULL ) +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_init != NULL ) { int ret = 0; - SSL_DEBUG_MSG( 2, ( "going for ssl_hw_record_init()" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_init()" ) ); - if( ( ret = ssl_hw_record_init( ssl, key1, key2, transform->keylen, + if( ( ret = mbedtls_ssl_hw_record_init( ssl, key1, key2, transform->keylen, transform->iv_enc, transform->iv_dec, iv_copy_len, mac_enc, mac_dec, transform->maclen ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_hw_record_init", ret ); - return( POLARSSL_ERR_SSL_HW_ACCEL_FAILED ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_init", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } } -#endif /* POLARSSL_SSL_HW_RECORD_ACCEL */ +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ - if( ( ret = cipher_init_ctx( &transform->cipher_ctx_enc, + if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc, cipher_info ) ) != 0 ) { - SSL_DEBUG_RET( 1, "cipher_init_ctx", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); return( ret ); } - if( ( ret = cipher_init_ctx( &transform->cipher_ctx_dec, + if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec, cipher_info ) ) != 0 ) { - SSL_DEBUG_RET( 1, "cipher_init_ctx", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); return( ret ); } - if( ( ret = cipher_setkey( &transform->cipher_ctx_enc, key1, - cipher_info->key_length, - POLARSSL_ENCRYPT ) ) != 0 ) + if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc, key1, + cipher_info->key_bitlen, + MBEDTLS_ENCRYPT ) ) != 0 ) { - SSL_DEBUG_RET( 1, "cipher_setkey", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); return( ret ); } - if( ( ret = cipher_setkey( &transform->cipher_ctx_dec, key2, - cipher_info->key_length, - POLARSSL_DECRYPT ) ) != 0 ) + if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec, key2, + cipher_info->key_bitlen, + MBEDTLS_DECRYPT ) ) != 0 ) { - SSL_DEBUG_RET( 1, "cipher_setkey", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); return( ret ); } -#if defined(POLARSSL_CIPHER_MODE_CBC) - if( cipher_info->mode == POLARSSL_MODE_CBC ) +#if defined(MBEDTLS_CIPHER_MODE_CBC) + if( cipher_info->mode == MBEDTLS_MODE_CBC ) { - if( ( ret = cipher_set_padding_mode( &transform->cipher_ctx_enc, - POLARSSL_PADDING_NONE ) ) != 0 ) + if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_enc, + MBEDTLS_PADDING_NONE ) ) != 0 ) { - SSL_DEBUG_RET( 1, "cipher_set_padding_mode", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret ); return( ret ); } - if( ( ret = cipher_set_padding_mode( &transform->cipher_ctx_dec, - POLARSSL_PADDING_NONE ) ) != 0 ) + if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_dec, + MBEDTLS_PADDING_NONE ) ) != 0 ) { - SSL_DEBUG_RET( 1, "cipher_set_padding_mode", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret ); return( ret ); } } -#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ - polarssl_zeroize( keyblk, sizeof( keyblk ) ); + mbedtls_zeroize( keyblk, sizeof( keyblk ) ); -#if defined(POLARSSL_ZLIB_SUPPORT) +#if defined(MBEDTLS_ZLIB_SUPPORT) // Initialize compression // - if( session->compression == SSL_COMPRESS_DEFLATE ) + if( session->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) { if( ssl->compress_buf == NULL ) { - SSL_DEBUG_MSG( 3, ( "Allocating compression buffer" ) ); - ssl->compress_buf = polarssl_malloc( SSL_BUFFER_LEN ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Allocating compression buffer" ) ); + ssl->compress_buf = mbedtls_calloc( 1, MBEDTLS_SSL_BUFFER_LEN ); if( ssl->compress_buf == NULL ) { - SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", - SSL_BUFFER_LEN ) ); - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", + MBEDTLS_SSL_BUFFER_LEN ) ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); } } - SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) ); memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) ); memset( &transform->ctx_inflate, 0, sizeof( transform->ctx_inflate ) ); @@ -814,132 +942,151 @@ int ssl_derive_keys( ssl_context *ssl ) Z_DEFAULT_COMPRESSION ) != Z_OK || inflateInit( &transform->ctx_inflate ) != Z_OK ) { - SSL_DEBUG_MSG( 1, ( "Failed to initialize compression" ) ); - return( POLARSSL_ERR_SSL_COMPRESSION_FAILED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to initialize compression" ) ); + return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); } } -#endif /* POLARSSL_ZLIB_SUPPORT */ +#endif /* MBEDTLS_ZLIB_SUPPORT */ - SSL_DEBUG_MSG( 2, ( "<= derive keys" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive keys" ) ); return( 0 ); } -#if defined(POLARSSL_SSL_PROTO_SSL3) -void ssl_calc_verify_ssl( ssl_context *ssl, unsigned char hash[36] ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) +void ssl_calc_verify_ssl( mbedtls_ssl_context *ssl, unsigned char hash[36] ) { - md5_context md5; - sha1_context sha1; + mbedtls_md5_context md5; + mbedtls_sha1_context sha1; unsigned char pad_1[48]; unsigned char pad_2[48]; - SSL_DEBUG_MSG( 2, ( "=> calc verify ssl" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify ssl" ) ); + + mbedtls_md5_init( &md5 ); + mbedtls_sha1_init( &sha1 ); - memcpy( &md5 , &ssl->handshake->fin_md5 , sizeof(md5_context) ); - memcpy( &sha1, &ssl->handshake->fin_sha1, sizeof(sha1_context) ); + mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); + mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); memset( pad_1, 0x36, 48 ); memset( pad_2, 0x5C, 48 ); - md5_update( &md5, ssl->session_negotiate->master, 48 ); - md5_update( &md5, pad_1, 48 ); - md5_finish( &md5, hash ); + mbedtls_md5_update( &md5, ssl->session_negotiate->master, 48 ); + mbedtls_md5_update( &md5, pad_1, 48 ); + mbedtls_md5_finish( &md5, hash ); - md5_starts( &md5 ); - md5_update( &md5, ssl->session_negotiate->master, 48 ); - md5_update( &md5, pad_2, 48 ); - md5_update( &md5, hash, 16 ); - md5_finish( &md5, hash ); + mbedtls_md5_starts( &md5 ); + mbedtls_md5_update( &md5, ssl->session_negotiate->master, 48 ); + mbedtls_md5_update( &md5, pad_2, 48 ); + mbedtls_md5_update( &md5, hash, 16 ); + mbedtls_md5_finish( &md5, hash ); - sha1_update( &sha1, ssl->session_negotiate->master, 48 ); - sha1_update( &sha1, pad_1, 40 ); - sha1_finish( &sha1, hash + 16 ); + mbedtls_sha1_update( &sha1, ssl->session_negotiate->master, 48 ); + mbedtls_sha1_update( &sha1, pad_1, 40 ); + mbedtls_sha1_finish( &sha1, hash + 16 ); - sha1_starts( &sha1 ); - sha1_update( &sha1, ssl->session_negotiate->master, 48 ); - sha1_update( &sha1, pad_2, 40 ); - sha1_update( &sha1, hash + 16, 20 ); - sha1_finish( &sha1, hash + 16 ); + mbedtls_sha1_starts( &sha1 ); + mbedtls_sha1_update( &sha1, ssl->session_negotiate->master, 48 ); + mbedtls_sha1_update( &sha1, pad_2, 40 ); + mbedtls_sha1_update( &sha1, hash + 16, 20 ); + mbedtls_sha1_finish( &sha1, hash + 16 ); - SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 ); - SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); - md5_free( &md5 ); - sha1_free( &sha1 ); + mbedtls_md5_free( &md5 ); + mbedtls_sha1_free( &sha1 ); return; } -#endif /* POLARSSL_SSL_PROTO_SSL3 */ +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) -void ssl_calc_verify_tls( ssl_context *ssl, unsigned char hash[36] ) +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) +void ssl_calc_verify_tls( mbedtls_ssl_context *ssl, unsigned char hash[36] ) { - md5_context md5; - sha1_context sha1; + mbedtls_md5_context md5; + mbedtls_sha1_context sha1; - SSL_DEBUG_MSG( 2, ( "=> calc verify tls" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify tls" ) ); - memcpy( &md5 , &ssl->handshake->fin_md5 , sizeof(md5_context) ); - memcpy( &sha1, &ssl->handshake->fin_sha1, sizeof(sha1_context) ); + mbedtls_md5_init( &md5 ); + mbedtls_sha1_init( &sha1 ); - md5_finish( &md5, hash ); - sha1_finish( &sha1, hash + 16 ); + mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); + mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); - SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 ); - SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + mbedtls_md5_finish( &md5, hash ); + mbedtls_sha1_finish( &sha1, hash + 16 ); - md5_free( &md5 ); - sha1_free( &sha1 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + + mbedtls_md5_free( &md5 ); + mbedtls_sha1_free( &sha1 ); return; } -#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#if defined(POLARSSL_SHA256_C) -void ssl_calc_verify_tls_sha256( ssl_context *ssl, unsigned char hash[32] ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) +void ssl_calc_verify_tls_sha256( mbedtls_ssl_context *ssl, unsigned char hash[32] ) { - sha256_context sha256; + mbedtls_sha256_context sha256; + + mbedtls_sha256_init( &sha256 ); - SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) ); - memcpy( &sha256, &ssl->handshake->fin_sha256, sizeof(sha256_context) ); - sha256_finish( &sha256, hash ); + mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); + mbedtls_sha256_finish( &sha256, hash ); - SSL_DEBUG_BUF( 3, "calculated verify result", hash, 32 ); - SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 32 ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); - sha256_free( &sha256 ); + mbedtls_sha256_free( &sha256 ); return; } -#endif /* POLARSSL_SHA256_C */ +#endif /* MBEDTLS_SHA256_C */ -#if defined(POLARSSL_SHA512_C) -void ssl_calc_verify_tls_sha384( ssl_context *ssl, unsigned char hash[48] ) +#if defined(MBEDTLS_SHA512_C) +void ssl_calc_verify_tls_sha384( mbedtls_ssl_context *ssl, unsigned char hash[48] ) { - sha512_context sha512; + mbedtls_sha512_context sha512; - SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) ); + mbedtls_sha512_init( &sha512 ); - memcpy( &sha512, &ssl->handshake->fin_sha512, sizeof(sha512_context) ); - sha512_finish( &sha512, hash ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) ); - SSL_DEBUG_BUF( 3, "calculated verify result", hash, 48 ); - SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); + mbedtls_sha512_finish( &sha512, hash ); - sha512_free( &sha512 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 48 ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + + mbedtls_sha512_free( &sha512 ); return; } -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) -int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex ) { unsigned char *p = ssl->handshake->premaster; unsigned char *end = p + sizeof( ssl->handshake->premaster ); + const unsigned char *psk = ssl->conf->psk; + size_t psk_len = ssl->conf->psk_len; + + /* If the psk callback was called, use its result */ + if( ssl->handshake->psk != NULL ) + { + psk = ssl->handshake->psk; + psk_len = ssl->handshake->psk_len; + } /* * PMS = struct { @@ -948,20 +1095,20 @@ int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) * }; * with "other_secret" depending on the particular key exchange */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) - if( key_ex == POLARSSL_KEY_EXCHANGE_PSK ) +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if( key_ex == MBEDTLS_KEY_EXCHANGE_PSK ) { - if( end - p < 2 + (int) ssl->psk_len ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + if( end - p < 2 + (int) psk_len ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = (unsigned char)( ssl->psk_len >> 8 ); - *(p++) = (unsigned char)( ssl->psk_len ); - p += ssl->psk_len; + *(p++) = (unsigned char)( psk_len >> 8 ); + *(p++) = (unsigned char)( psk_len ); + p += psk_len; } else -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( key_ex == POLARSSL_KEY_EXCHANGE_RSA_PSK ) +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( key_ex == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) { /* * other_secret already set by the ClientKeyExchange message, @@ -972,40 +1119,40 @@ int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) p += 48; } else -#endif /* POLARSSL_KEY_EXCHANGE_RSA_PKS_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( key_ex == POLARSSL_KEY_EXCHANGE_DHE_PSK ) +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) { int ret; - size_t len = end - ( p + 2 ); + size_t len; /* Write length only when we know the actual value */ - if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx, - p + 2, &len, - ssl->f_rng, ssl->p_rng ) ) != 0 ) + if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, + p + 2, end - ( p + 2 ), &len, + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { - SSL_DEBUG_RET( 1, "dhm_calc_secret", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); return( ret ); } *(p++) = (unsigned char)( len >> 8 ); *(p++) = (unsigned char)( len ); p += len; - SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); + MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); } else -#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( key_ex == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { int ret; size_t zlen; - if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen, + if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen, p + 2, end - ( p + 2 ), - ssl->f_rng, ssl->p_rng ) ) != 0 ) + ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ecdh_calc_secret", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); return( ret ); } @@ -1013,46 +1160,46 @@ int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) *(p++) = (unsigned char)( zlen ); p += zlen; - SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z ); + MBEDTLS_SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z ); } else -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } /* opaque psk<0..2^16-1>; */ - if( end - p < 2 + (int) ssl->psk_len ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + if( end - p < 2 + (int) psk_len ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - *(p++) = (unsigned char)( ssl->psk_len >> 8 ); - *(p++) = (unsigned char)( ssl->psk_len ); - memcpy( p, ssl->psk, ssl->psk_len ); - p += ssl->psk_len; + *(p++) = (unsigned char)( psk_len >> 8 ); + *(p++) = (unsigned char)( psk_len ); + memcpy( p, psk, psk_len ); + p += psk_len; ssl->handshake->pmslen = p - ssl->handshake->premaster; return( 0 ); } -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(POLARSSL_SSL_PROTO_SSL3) +#if defined(MBEDTLS_SSL_PROTO_SSL3) /* * SSLv3.0 MAC functions */ -static void ssl_mac( md_context_t *md_ctx, unsigned char *secret, +static void ssl_mac( mbedtls_md_context_t *md_ctx, unsigned char *secret, unsigned char *buf, size_t len, unsigned char *ctr, int type ) { unsigned char header[11]; unsigned char padding[48]; int padlen; - int md_size = md_get_size( md_ctx->md_info ); - int md_type = md_get_type( md_ctx->md_info ); + int md_size = mbedtls_md_get_size( md_ctx->md_info ); + int md_type = mbedtls_md_get_type( md_ctx->md_info ); /* Only MD5 and SHA-1 supported */ - if( md_type == POLARSSL_MD_MD5 ) + if( md_type == MBEDTLS_MD_MD5 ) padlen = 48; else padlen = 40; @@ -1063,63 +1210,62 @@ static void ssl_mac( md_context_t *md_ctx, unsigned char *secret, header[10] = (unsigned char)( len ); memset( padding, 0x36, padlen ); - md_starts( md_ctx ); - md_update( md_ctx, secret, md_size ); - md_update( md_ctx, padding, padlen ); - md_update( md_ctx, header, 11 ); - md_update( md_ctx, buf, len ); - md_finish( md_ctx, buf + len ); + mbedtls_md_starts( md_ctx ); + mbedtls_md_update( md_ctx, secret, md_size ); + mbedtls_md_update( md_ctx, padding, padlen ); + mbedtls_md_update( md_ctx, header, 11 ); + mbedtls_md_update( md_ctx, buf, len ); + mbedtls_md_finish( md_ctx, buf + len ); memset( padding, 0x5C, padlen ); - md_starts( md_ctx ); - md_update( md_ctx, secret, md_size ); - md_update( md_ctx, padding, padlen ); - md_update( md_ctx, buf + len, md_size ); - md_finish( md_ctx, buf + len ); + mbedtls_md_starts( md_ctx ); + mbedtls_md_update( md_ctx, secret, md_size ); + mbedtls_md_update( md_ctx, padding, padlen ); + mbedtls_md_update( md_ctx, buf + len, md_size ); + mbedtls_md_finish( md_ctx, buf + len ); } -#endif /* POLARSSL_SSL_PROTO_SSL3 */ +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ -#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) || \ - ( defined(POLARSSL_CIPHER_MODE_CBC) && \ - ( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) ) -#define POLARSSL_SOME_MODES_USE_MAC +#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \ + ( defined(MBEDTLS_CIPHER_MODE_CBC) && \ + ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) ) ) +#define SSL_SOME_MODES_USE_MAC #endif /* * Encryption/decryption functions */ -static int ssl_encrypt_buf( ssl_context *ssl ) +static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) { - size_t i; - cipher_mode_t mode; + mbedtls_cipher_mode_t mode; int auth_done = 0; - SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) ); if( ssl->session_out == NULL || ssl->transform_out == NULL ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - mode = cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc ); + mode = mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc ); - SSL_DEBUG_BUF( 4, "before encrypt: output payload", + MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload", ssl->out_msg, ssl->out_msglen ); /* * Add MAC before if needed */ -#if defined(POLARSSL_SOME_MODES_USE_MAC) - if( mode == POLARSSL_MODE_STREAM || - ( mode == POLARSSL_MODE_CBC -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) - && ssl->session_out->encrypt_then_mac == SSL_ETM_DISABLED +#if defined(SSL_SOME_MODES_USE_MAC) + if( mode == MBEDTLS_MODE_STREAM || + ( mode == MBEDTLS_MODE_CBC +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + && ssl->session_out->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED #endif ) ) { -#if defined(POLARSSL_SSL_PROTO_SSL3) - if( ssl->minor_ver == SSL_MINOR_VERSION_0 ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { ssl_mac( &ssl->transform_out->md_ctx_enc, ssl->transform_out->mac_enc, @@ -1128,25 +1274,27 @@ static int ssl_encrypt_buf( ssl_context *ssl ) } else #endif -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= SSL_MINOR_VERSION_1 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) { - md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_ctr, 13 ); - md_hmac_update( &ssl->transform_out->md_ctx_enc, + mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_ctr, 8 ); + mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_hdr, 3 ); + mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_len, 2 ); + mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_msg, ssl->out_msglen ); - md_hmac_finish( &ssl->transform_out->md_ctx_enc, + mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, ssl->out_msg + ssl->out_msglen ); - md_hmac_reset( &ssl->transform_out->md_ctx_enc ); + mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc ); } else #endif { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - SSL_DEBUG_BUF( 4, "computed mac", + MBEDTLS_SSL_DEBUG_BUF( 4, "computed mac", ssl->out_msg + ssl->out_msglen, ssl->transform_out->maclen ); @@ -1158,60 +1306,60 @@ static int ssl_encrypt_buf( ssl_context *ssl ) /* * Encrypt */ -#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) - if( mode == POLARSSL_MODE_STREAM ) +#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) + if( mode == MBEDTLS_MODE_STREAM ) { int ret; size_t olen = 0; - SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " + MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " "including %d bytes of padding", ssl->out_msglen, 0 ) ); - if( ( ret = cipher_crypt( &ssl->transform_out->cipher_ctx_enc, + if( ( ret = mbedtls_cipher_crypt( &ssl->transform_out->cipher_ctx_enc, ssl->transform_out->iv_enc, ssl->transform_out->ivlen, ssl->out_msg, ssl->out_msglen, ssl->out_msg, &olen ) ) != 0 ) { - SSL_DEBUG_RET( 1, "cipher_crypt", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); return( ret ); } if( ssl->out_msglen != olen ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } } else -#endif /* POLARSSL_ARC4_C || POLARSSL_CIPHER_NULL_CIPHER */ -#if defined(POLARSSL_GCM_C) || defined(POLARSSL_CCM_C) - if( mode == POLARSSL_MODE_GCM || - mode == POLARSSL_MODE_CCM ) +#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */ +#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) + if( mode == MBEDTLS_MODE_GCM || + mode == MBEDTLS_MODE_CCM ) { int ret; size_t enc_msglen, olen; unsigned char *enc_msg; unsigned char add_data[13]; unsigned char taglen = ssl->transform_out->ciphersuite_info->flags & - POLARSSL_CIPHERSUITE_SHORT_TAG ? 8 : 16; + MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16; memcpy( add_data, ssl->out_ctr, 8 ); add_data[8] = ssl->out_msgtype; - add_data[9] = ssl->major_ver; - add_data[10] = ssl->minor_ver; + mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, add_data + 9 ); add_data[11] = ( ssl->out_msglen >> 8 ) & 0xFF; add_data[12] = ssl->out_msglen & 0xFF; - SSL_DEBUG_BUF( 4, "additional data used for AEAD", + MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD", add_data, 13 ); /* * Generate IV */ -#if defined(POLARSSL_SSL_AEAD_RANDOM_IV) - ret = ssl->f_rng( ssl->p_rng, +#if defined(MBEDTLS_SSL_AEAD_RANDOM_IV) + ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen, ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen ); if( ret != 0 ) @@ -1224,8 +1372,8 @@ static int ssl_encrypt_buf( ssl_context *ssl ) if( ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen != 8 ) { /* Reminder if we ever add an AEAD mode with a different size */ - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } memcpy( ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen, @@ -1233,7 +1381,7 @@ static int ssl_encrypt_buf( ssl_context *ssl ) memcpy( ssl->out_iv, ssl->out_ctr, 8 ); #endif - SSL_DEBUG_BUF( 4, "IV used", ssl->out_iv, + MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", ssl->out_iv, ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen ); /* @@ -1244,14 +1392,14 @@ static int ssl_encrypt_buf( ssl_context *ssl ) ssl->out_msglen += ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen; - SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " + MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " "including %d bytes of padding", ssl->out_msglen, 0 ) ); /* * Encrypt and authenticate */ - if( ( ret = cipher_auth_encrypt( &ssl->transform_out->cipher_ctx_enc, + if( ( ret = mbedtls_cipher_auth_encrypt( &ssl->transform_out->cipher_ctx_enc, ssl->transform_out->iv_enc, ssl->transform_out->ivlen, add_data, 13, @@ -1259,30 +1407,30 @@ static int ssl_encrypt_buf( ssl_context *ssl ) enc_msg, &olen, enc_msg + enc_msglen, taglen ) ) != 0 ) { - SSL_DEBUG_RET( 1, "cipher_auth_encrypt", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret ); return( ret ); } if( olen != enc_msglen ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } ssl->out_msglen += taglen; auth_done++; - SSL_DEBUG_BUF( 4, "after encrypt: tag", enc_msg + enc_msglen, taglen ); + MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag", enc_msg + enc_msglen, taglen ); } else -#endif /* POLARSSL_GCM_C || POLARSSL_CCM_C */ -#if defined(POLARSSL_CIPHER_MODE_CBC) && \ - ( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) - if( mode == POLARSSL_MODE_CBC ) +#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CIPHER_MODE_CBC) && \ + ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) ) + if( mode == MBEDTLS_MODE_CBC ) { int ret; unsigned char *enc_msg; - size_t enc_msglen, padlen, olen = 0; + size_t enc_msglen, padlen, olen = 0, i; padlen = ssl->transform_out->ivlen - ( ssl->out_msglen + 1 ) % ssl->transform_out->ivlen; @@ -1297,17 +1445,17 @@ static int ssl_encrypt_buf( ssl_context *ssl ) enc_msglen = ssl->out_msglen; enc_msg = ssl->out_msg; -#if defined(POLARSSL_SSL_PROTO_TLS1_1) || defined(POLARSSL_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) /* * Prepend per-record IV for block cipher in TLS v1.1 and up as per * Method 1 (6.2.3.2. in RFC4346 and RFC5246) */ - if( ssl->minor_ver >= SSL_MINOR_VERSION_2 ) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) { /* * Generate IV */ - int ret = ssl->f_rng( ssl->p_rng, ssl->transform_out->iv_enc, + int ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->transform_out->iv_enc, ssl->transform_out->ivlen ); if( ret != 0 ) return( ret ); @@ -1322,31 +1470,31 @@ static int ssl_encrypt_buf( ssl_context *ssl ) enc_msglen = ssl->out_msglen; ssl->out_msglen += ssl->transform_out->ivlen; } -#endif /* POLARSSL_SSL_PROTO_TLS1_1 || POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ - SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " + MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " "including %d bytes of IV and %d bytes of padding", ssl->out_msglen, ssl->transform_out->ivlen, padlen + 1 ) ); - if( ( ret = cipher_crypt( &ssl->transform_out->cipher_ctx_enc, + if( ( ret = mbedtls_cipher_crypt( &ssl->transform_out->cipher_ctx_enc, ssl->transform_out->iv_enc, ssl->transform_out->ivlen, enc_msg, enc_msglen, enc_msg, &olen ) ) != 0 ) { - SSL_DEBUG_RET( 1, "cipher_crypt", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); return( ret ); } if( enc_msglen != olen ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) - if( ssl->minor_ver < SSL_MINOR_VERSION_2 ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) + if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) { /* * Save IV in SSL3 and TLS1 @@ -1357,7 +1505,7 @@ static int ssl_encrypt_buf( ssl_context *ssl ) } #endif -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) if( auth_done == 0 ) { /* @@ -1370,115 +1518,104 @@ static int ssl_encrypt_buf( ssl_context *ssl ) */ unsigned char pseudo_hdr[13]; - SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); memcpy( pseudo_hdr + 0, ssl->out_ctr, 8 ); memcpy( pseudo_hdr + 8, ssl->out_hdr, 3 ); pseudo_hdr[11] = (unsigned char)( ( ssl->out_msglen >> 8 ) & 0xFF ); pseudo_hdr[12] = (unsigned char)( ( ssl->out_msglen ) & 0xFF ); - SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 ); + MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 ); - md_hmac_update( &ssl->transform_out->md_ctx_enc, pseudo_hdr, 13 ); - md_hmac_update( &ssl->transform_out->md_ctx_enc, + mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, pseudo_hdr, 13 ); + mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_iv, ssl->out_msglen ); - md_hmac_finish( &ssl->transform_out->md_ctx_enc, + mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, ssl->out_iv + ssl->out_msglen ); - md_hmac_reset( &ssl->transform_out->md_ctx_enc ); + mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc ); ssl->out_msglen += ssl->transform_out->maclen; auth_done++; } -#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */ +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ } else -#endif /* POLARSSL_CIPHER_MODE_CBC && - ( POLARSSL_AES_C || POLARSSL_CAMELLIA_C ) */ +#endif /* MBEDTLS_CIPHER_MODE_CBC && + ( MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C ) */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } /* Make extra sure authentication was performed, exactly once */ if( auth_done != 1 ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); - } - - for( i = 8; i > 0; i-- ) - if( ++ssl->out_ctr[i - 1] != 0 ) - break; - - /* The loops goes to its end iff the counter is wrapping */ - if( i == 0 ) - { - SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) ); - return( POLARSSL_ERR_SSL_COUNTER_WRAPPING ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - SSL_DEBUG_MSG( 2, ( "<= encrypt buf" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= encrypt buf" ) ); return( 0 ); } -#define POLARSSL_SSL_MAX_MAC_SIZE 48 +#define SSL_MAX_MAC_SIZE 48 -static int ssl_decrypt_buf( ssl_context *ssl ) +static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) { size_t i; - cipher_mode_t mode; + mbedtls_cipher_mode_t mode; int auth_done = 0; -#if defined(POLARSSL_SOME_MODES_USE_MAC) +#if defined(SSL_SOME_MODES_USE_MAC) size_t padlen = 0, correct = 1; #endif - SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) ); if( ssl->session_in == NULL || ssl->transform_in == NULL ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - mode = cipher_get_cipher_mode( &ssl->transform_in->cipher_ctx_dec ); + mode = mbedtls_cipher_get_cipher_mode( &ssl->transform_in->cipher_ctx_dec ); if( ssl->in_msglen < ssl->transform_in->minlen ) { - SSL_DEBUG_MSG( 1, ( "in_msglen (%d) < minlen (%d)", + MBEDTLS_SSL_DEBUG_MSG( 1, ( "in_msglen (%d) < minlen (%d)", ssl->in_msglen, ssl->transform_in->minlen ) ); - return( POLARSSL_ERR_SSL_INVALID_MAC ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); } -#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) - if( mode == POLARSSL_MODE_STREAM ) +#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) + if( mode == MBEDTLS_MODE_STREAM ) { int ret; size_t olen = 0; padlen = 0; - if( ( ret = cipher_crypt( &ssl->transform_in->cipher_ctx_dec, + if( ( ret = mbedtls_cipher_crypt( &ssl->transform_in->cipher_ctx_dec, ssl->transform_in->iv_dec, ssl->transform_in->ivlen, ssl->in_msg, ssl->in_msglen, ssl->in_msg, &olen ) ) != 0 ) { - SSL_DEBUG_RET( 1, "cipher_crypt", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); return( ret ); } if( ssl->in_msglen != olen ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } } else -#endif /* POLARSSL_ARC4_C || POLARSSL_CIPHER_NULL_CIPHER */ -#if defined(POLARSSL_GCM_C) || defined(POLARSSL_CCM_C) - if( mode == POLARSSL_MODE_GCM || - mode == POLARSSL_MODE_CCM ) +#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */ +#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) + if( mode == MBEDTLS_MODE_GCM || + mode == MBEDTLS_MODE_CCM ) { int ret; size_t dec_msglen, olen; @@ -1486,16 +1623,16 @@ static int ssl_decrypt_buf( ssl_context *ssl ) unsigned char *dec_msg_result; unsigned char add_data[13]; unsigned char taglen = ssl->transform_in->ciphersuite_info->flags & - POLARSSL_CIPHERSUITE_SHORT_TAG ? 8 : 16; - unsigned char explicit_iv_len = ssl->transform_in->ivlen - - ssl->transform_in->fixed_ivlen; + MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16; + size_t explicit_iv_len = ssl->transform_in->ivlen - + ssl->transform_in->fixed_ivlen; - if( ssl->in_msglen < (size_t) explicit_iv_len + taglen ) + if( ssl->in_msglen < explicit_iv_len + taglen ) { - SSL_DEBUG_MSG( 1, ( "msglen (%d) < explicit_iv_len (%d) " + MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < explicit_iv_len (%d) " "+ taglen (%d)", ssl->in_msglen, explicit_iv_len, taglen ) ); - return( POLARSSL_ERR_SSL_INVALID_MAC ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); } dec_msglen = ssl->in_msglen - explicit_iv_len - taglen; @@ -1505,26 +1642,26 @@ static int ssl_decrypt_buf( ssl_context *ssl ) memcpy( add_data, ssl->in_ctr, 8 ); add_data[8] = ssl->in_msgtype; - add_data[9] = ssl->major_ver; - add_data[10] = ssl->minor_ver; + mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, add_data + 9 ); add_data[11] = ( ssl->in_msglen >> 8 ) & 0xFF; add_data[12] = ssl->in_msglen & 0xFF; - SSL_DEBUG_BUF( 4, "additional data used for AEAD", + MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD", add_data, 13 ); memcpy( ssl->transform_in->iv_dec + ssl->transform_in->fixed_ivlen, ssl->in_iv, ssl->transform_in->ivlen - ssl->transform_in->fixed_ivlen ); - SSL_DEBUG_BUF( 4, "IV used", ssl->transform_in->iv_dec, + MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", ssl->transform_in->iv_dec, ssl->transform_in->ivlen ); - SSL_DEBUG_BUF( 4, "TAG used", dec_msg + dec_msglen, taglen ); + MBEDTLS_SSL_DEBUG_BUF( 4, "TAG used", dec_msg + dec_msglen, taglen ); /* * Decrypt and authenticate */ - if( ( ret = cipher_auth_decrypt( &ssl->transform_in->cipher_ctx_dec, + if( ( ret = mbedtls_cipher_auth_decrypt( &ssl->transform_in->cipher_ctx_dec, ssl->transform_in->iv_dec, ssl->transform_in->ivlen, add_data, 13, @@ -1532,10 +1669,10 @@ static int ssl_decrypt_buf( ssl_context *ssl ) dec_msg_result, &olen, dec_msg + dec_msglen, taglen ) ) != 0 ) { - SSL_DEBUG_RET( 1, "cipher_auth_decrypt", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret ); - if( ret == POLARSSL_ERR_CIPHER_AUTH_FAILED ) - return( POLARSSL_ERR_SSL_INVALID_MAC ); + if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) + return( MBEDTLS_ERR_SSL_INVALID_MAC ); return( ret ); } @@ -1543,15 +1680,15 @@ static int ssl_decrypt_buf( ssl_context *ssl ) if( olen != dec_msglen ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } } else -#endif /* POLARSSL_GCM_C || POLARSSL_CCM_C */ -#if defined(POLARSSL_CIPHER_MODE_CBC) && \ - ( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) - if( mode == POLARSSL_MODE_CBC ) +#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CIPHER_MODE_CBC) && \ + ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) ) + if( mode == MBEDTLS_MODE_CBC ) { /* * Decrypt and check the padding @@ -1566,19 +1703,19 @@ static int ssl_decrypt_buf( ssl_context *ssl ) /* * Check immediate ciphertext sanity */ -#if defined(POLARSSL_SSL_PROTO_TLS1_1) || defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= SSL_MINOR_VERSION_2 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) minlen += ssl->transform_in->ivlen; #endif if( ssl->in_msglen < minlen + ssl->transform_in->ivlen || ssl->in_msglen < minlen + ssl->transform_in->maclen + 1 ) { - SSL_DEBUG_MSG( 1, ( "msglen (%d) < max( ivlen(%d), maclen (%d) " + MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < max( ivlen(%d), maclen (%d) " "+ 1 ) ( + expl IV )", ssl->in_msglen, ssl->transform_in->ivlen, ssl->transform_in->maclen ) ); - return( POLARSSL_ERR_SSL_INVALID_MAC ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); } dec_msglen = ssl->in_msglen; @@ -1588,13 +1725,13 @@ static int ssl_decrypt_buf( ssl_context *ssl ) /* * Authenticate before decrypt if enabled */ -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) - if( ssl->session_in->encrypt_then_mac == SSL_ETM_ENABLED ) +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + if( ssl->session_in->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED ) { - unsigned char computed_mac[POLARSSL_SSL_MAX_MAC_SIZE]; + unsigned char computed_mac[SSL_MAX_MAC_SIZE]; unsigned char pseudo_hdr[13]; - SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); dec_msglen -= ssl->transform_in->maclen; ssl->in_msglen -= ssl->transform_in->maclen; @@ -1604,45 +1741,45 @@ static int ssl_decrypt_buf( ssl_context *ssl ) pseudo_hdr[11] = (unsigned char)( ( ssl->in_msglen >> 8 ) & 0xFF ); pseudo_hdr[12] = (unsigned char)( ( ssl->in_msglen ) & 0xFF ); - SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 ); + MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 ); - md_hmac_update( &ssl->transform_in->md_ctx_dec, pseudo_hdr, 13 ); - md_hmac_update( &ssl->transform_in->md_ctx_dec, + mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, pseudo_hdr, 13 ); + mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_iv, ssl->in_msglen ); - md_hmac_finish( &ssl->transform_in->md_ctx_dec, computed_mac ); - md_hmac_reset( &ssl->transform_in->md_ctx_dec ); + mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec, computed_mac ); + mbedtls_md_hmac_reset( &ssl->transform_in->md_ctx_dec ); - SSL_DEBUG_BUF( 4, "message mac", ssl->in_iv + ssl->in_msglen, + MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", ssl->in_iv + ssl->in_msglen, ssl->transform_in->maclen ); - SSL_DEBUG_BUF( 4, "computed mac", computed_mac, + MBEDTLS_SSL_DEBUG_BUF( 4, "computed mac", computed_mac, ssl->transform_in->maclen ); - if( safer_memcmp( ssl->in_iv + ssl->in_msglen, computed_mac, + if( mbedtls_ssl_safer_memcmp( ssl->in_iv + ssl->in_msglen, computed_mac, ssl->transform_in->maclen ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); - return( POLARSSL_ERR_SSL_INVALID_MAC ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); } auth_done++; } -#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */ +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ /* * Check length sanity */ if( ssl->in_msglen % ssl->transform_in->ivlen != 0 ) { - SSL_DEBUG_MSG( 1, ( "msglen (%d) %% ivlen (%d) != 0", + MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) %% ivlen (%d) != 0", ssl->in_msglen, ssl->transform_in->ivlen ) ); - return( POLARSSL_ERR_SSL_INVALID_MAC ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); } -#if defined(POLARSSL_SSL_PROTO_TLS1_1) || defined(POLARSSL_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) /* * Initialize for prepended IV for block cipher in TLS v1.1 and up */ - if( ssl->minor_ver >= SSL_MINOR_VERSION_2 ) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) { dec_msglen -= ssl->transform_in->ivlen; ssl->in_msglen -= ssl->transform_in->ivlen; @@ -1650,26 +1787,26 @@ static int ssl_decrypt_buf( ssl_context *ssl ) for( i = 0; i < ssl->transform_in->ivlen; i++ ) ssl->transform_in->iv_dec[i] = ssl->in_iv[i]; } -#endif /* POLARSSL_SSL_PROTO_TLS1_1 || POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ - if( ( ret = cipher_crypt( &ssl->transform_in->cipher_ctx_dec, + if( ( ret = mbedtls_cipher_crypt( &ssl->transform_in->cipher_ctx_dec, ssl->transform_in->iv_dec, ssl->transform_in->ivlen, dec_msg, dec_msglen, dec_msg_result, &olen ) ) != 0 ) { - SSL_DEBUG_RET( 1, "cipher_crypt", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); return( ret ); } if( dec_msglen != olen ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) - if( ssl->minor_ver < SSL_MINOR_VERSION_2 ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) + if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) { /* * Save IV in SSL3 and TLS1 @@ -1685,21 +1822,21 @@ static int ssl_decrypt_buf( ssl_context *ssl ) if( ssl->in_msglen < ssl->transform_in->maclen + padlen && auth_done == 0 ) { -#if defined(POLARSSL_SSL_DEBUG_ALL) - SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)", +#if defined(MBEDTLS_SSL_DEBUG_ALL) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)", ssl->in_msglen, ssl->transform_in->maclen, padlen ) ); #endif padlen = 0; correct = 0; } -#if defined(POLARSSL_SSL_PROTO_SSL3) - if( ssl->minor_ver == SSL_MINOR_VERSION_0 ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { if( padlen > ssl->transform_in->ivlen ) { -#if defined(POLARSSL_SSL_DEBUG_ALL) - SSL_DEBUG_MSG( 1, ( "bad padding length: is %d, " +#if defined(MBEDTLS_SSL_DEBUG_ALL) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding length: is %d, " "should be no more than %d", padlen, ssl->transform_in->ivlen ) ); #endif @@ -1707,10 +1844,10 @@ static int ssl_decrypt_buf( ssl_context *ssl ) } } else -#endif /* POLARSSL_SSL_PROTO_SSL3 */ -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver > SSL_MINOR_VERSION_0 ) +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 ) { /* * TLSv1+: always check the padding up to the first failure @@ -1723,14 +1860,14 @@ static int ssl_decrypt_buf( ssl_context *ssl ) * Padding is guaranteed to be incorrect if: * 1. padlen >= ssl->in_msglen * - * 2. padding_idx >= SSL_MAX_CONTENT_LEN + + * 2. padding_idx >= MBEDTLS_SSL_MAX_CONTENT_LEN + * ssl->transform_in->maclen * * In both cases we reset padding_idx to a safe value (0) to * prevent out-of-buffer reads. */ correct &= ( ssl->in_msglen >= padlen + 1 ); - correct &= ( padding_idx < SSL_MAX_CONTENT_LEN + + correct &= ( padding_idx < MBEDTLS_SSL_MAX_CONTENT_LEN + ssl->transform_in->maclen ); padding_idx *= correct; @@ -1744,51 +1881,51 @@ static int ssl_decrypt_buf( ssl_context *ssl ) correct &= ( pad_count == padlen ); /* Only 1 on correct padding */ -#if defined(POLARSSL_SSL_DEBUG_ALL) +#if defined(MBEDTLS_SSL_DEBUG_ALL) if( padlen > 0 && correct == 0 ) - SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) ); #endif padlen &= correct * 0x1FF; } else -#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 || \ - POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ + MBEDTLS_SSL_PROTO_TLS1_2 */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } ssl->in_msglen -= padlen; } else -#endif /* POLARSSL_CIPHER_MODE_CBC && - ( POLARSSL_AES_C || POLARSSL_CAMELLIA_C ) */ +#endif /* MBEDTLS_CIPHER_MODE_CBC && + ( MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C ) */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - SSL_DEBUG_BUF( 4, "raw buffer after decryption", + MBEDTLS_SSL_DEBUG_BUF( 4, "raw buffer after decryption", ssl->in_msg, ssl->in_msglen ); /* * Authenticate if not done yet. * Compute the MAC regardless of the padding result (RFC4346, CBCTIME). */ -#if defined(POLARSSL_SOME_MODES_USE_MAC) +#if defined(SSL_SOME_MODES_USE_MAC) if( auth_done == 0 ) { - unsigned char tmp[POLARSSL_SSL_MAX_MAC_SIZE]; + unsigned char tmp[SSL_MAX_MAC_SIZE]; ssl->in_msglen -= ssl->transform_in->maclen; - ssl->in_hdr[3] = (unsigned char)( ssl->in_msglen >> 8 ); - ssl->in_hdr[4] = (unsigned char)( ssl->in_msglen ); + ssl->in_len[0] = (unsigned char)( ssl->in_msglen >> 8 ); + ssl->in_len[1] = (unsigned char)( ssl->in_msglen ); memcpy( tmp, ssl->in_msg + ssl->in_msglen, ssl->transform_in->maclen ); -#if defined(POLARSSL_SSL_PROTO_SSL3) - if( ssl->minor_ver == SSL_MINOR_VERSION_0 ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { ssl_mac( &ssl->transform_in->md_ctx_dec, ssl->transform_in->mac_dec, @@ -1796,10 +1933,10 @@ static int ssl_decrypt_buf( ssl_context *ssl ) ssl->in_ctr, ssl->in_msgtype ); } else -#endif /* POLARSSL_SSL_PROTO_SSL3 */ -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver > SSL_MINOR_VERSION_0 ) +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 ) { /* * Process MAC and always update for padlen afterwards to make @@ -1820,34 +1957,36 @@ static int ssl_decrypt_buf( ssl_context *ssl ) extra_run &= correct * 0xFF; - md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_ctr, 13 ); - md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_msg, + mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_ctr, 8 ); + mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_hdr, 3 ); + mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_len, 2 ); + mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_msg, ssl->in_msglen ); - md_hmac_finish( &ssl->transform_in->md_ctx_dec, + mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec, ssl->in_msg + ssl->in_msglen ); - /* Call md_process at least once due to cache attacks */ + /* Call mbedtls_md_process at least once due to cache attacks */ for( j = 0; j < extra_run + 1; j++ ) - md_process( &ssl->transform_in->md_ctx_dec, ssl->in_msg ); + mbedtls_md_process( &ssl->transform_in->md_ctx_dec, ssl->in_msg ); - md_hmac_reset( &ssl->transform_in->md_ctx_dec ); + mbedtls_md_hmac_reset( &ssl->transform_in->md_ctx_dec ); } else -#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 || \ - POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ + MBEDTLS_SSL_PROTO_TLS1_2 */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - SSL_DEBUG_BUF( 4, "message mac", tmp, ssl->transform_in->maclen ); - SSL_DEBUG_BUF( 4, "computed mac", ssl->in_msg + ssl->in_msglen, + MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", tmp, ssl->transform_in->maclen ); + MBEDTLS_SSL_DEBUG_BUF( 4, "computed mac", ssl->in_msg + ssl->in_msglen, ssl->transform_in->maclen ); - if( safer_memcmp( tmp, ssl->in_msg + ssl->in_msglen, + if( mbedtls_ssl_safer_memcmp( tmp, ssl->in_msg + ssl->in_msglen, ssl->transform_in->maclen ) != 0 ) { -#if defined(POLARSSL_SSL_DEBUG_ALL) - SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); +#if defined(MBEDTLS_SSL_DEBUG_ALL) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); #endif correct = 0; } @@ -1857,15 +1996,15 @@ static int ssl_decrypt_buf( ssl_context *ssl ) * Finally check the correct flag */ if( correct == 0 ) - return( POLARSSL_ERR_SSL_INVALID_MAC ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); } -#endif /* POLARSSL_SOME_MODES_USE_MAC */ +#endif /* SSL_SOME_MODES_USE_MAC */ /* Make extra sure authentication was performed, exactly once */ if( auth_done != 1 ) { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } if( ssl->in_msglen == 0 ) @@ -1878,26 +2017,35 @@ static int ssl_decrypt_buf( ssl_context *ssl ) */ if( ssl->nb_zero > 3 ) { - SSL_DEBUG_MSG( 1, ( "received four consecutive empty " + MBEDTLS_SSL_DEBUG_MSG( 1, ( "received four consecutive empty " "messages, possible DoS attack" ) ); - return( POLARSSL_ERR_SSL_INVALID_MAC ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); } } else ssl->nb_zero = 0; - for( i = 8; i > 0; i-- ) - if( ++ssl->in_ctr[i - 1] != 0 ) - break; - - /* The loops goes to its end iff the counter is wrapping */ - if( i == 0 ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ; /* in_ctr read from peer, not maintained internally */ + } + else +#endif { - SSL_DEBUG_MSG( 1, ( "incoming message counter would wrap" ) ); - return( POLARSSL_ERR_SSL_COUNTER_WRAPPING ); + for( i = 8; i > ssl_ep_len( ssl ); i-- ) + if( ++ssl->in_ctr[i - 1] != 0 ) + break; + + /* The loop goes to its end iff the counter is wrapping */ + if( i == ssl_ep_len( ssl ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "incoming message counter would wrap" ) ); + return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + } } - SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) ); return( 0 ); } @@ -1906,138 +2054,350 @@ static int ssl_decrypt_buf( ssl_context *ssl ) #undef MAC_PLAINTEXT #undef MAC_CIPHERTEXT -#if defined(POLARSSL_ZLIB_SUPPORT) +#if defined(MBEDTLS_ZLIB_SUPPORT) /* * Compression/decompression functions */ -static int ssl_compress_buf( ssl_context *ssl ) +static int ssl_compress_buf( mbedtls_ssl_context *ssl ) { int ret; unsigned char *msg_post = ssl->out_msg; size_t len_pre = ssl->out_msglen; unsigned char *msg_pre = ssl->compress_buf; - SSL_DEBUG_MSG( 2, ( "=> compress buf" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> compress buf" ) ); if( len_pre == 0 ) return( 0 ); memcpy( msg_pre, ssl->out_msg, len_pre ); - SSL_DEBUG_MSG( 3, ( "before compression: msglen = %d, ", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "before compression: msglen = %d, ", ssl->out_msglen ) ); - SSL_DEBUG_BUF( 4, "before compression: output payload", + MBEDTLS_SSL_DEBUG_BUF( 4, "before compression: output payload", ssl->out_msg, ssl->out_msglen ); ssl->transform_out->ctx_deflate.next_in = msg_pre; ssl->transform_out->ctx_deflate.avail_in = len_pre; ssl->transform_out->ctx_deflate.next_out = msg_post; - ssl->transform_out->ctx_deflate.avail_out = SSL_BUFFER_LEN; + ssl->transform_out->ctx_deflate.avail_out = MBEDTLS_SSL_BUFFER_LEN; ret = deflate( &ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH ); if( ret != Z_OK ) { - SSL_DEBUG_MSG( 1, ( "failed to perform compression (%d)", ret ) ); - return( POLARSSL_ERR_SSL_COMPRESSION_FAILED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform compression (%d)", ret ) ); + return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); } - ssl->out_msglen = SSL_BUFFER_LEN - + ssl->out_msglen = MBEDTLS_SSL_BUFFER_LEN - ssl->transform_out->ctx_deflate.avail_out; - SSL_DEBUG_MSG( 3, ( "after compression: msglen = %d, ", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "after compression: msglen = %d, ", ssl->out_msglen ) ); - SSL_DEBUG_BUF( 4, "after compression: output payload", + MBEDTLS_SSL_DEBUG_BUF( 4, "after compression: output payload", ssl->out_msg, ssl->out_msglen ); - SSL_DEBUG_MSG( 2, ( "<= compress buf" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= compress buf" ) ); return( 0 ); } -static int ssl_decompress_buf( ssl_context *ssl ) +static int ssl_decompress_buf( mbedtls_ssl_context *ssl ) { int ret; unsigned char *msg_post = ssl->in_msg; size_t len_pre = ssl->in_msglen; unsigned char *msg_pre = ssl->compress_buf; - SSL_DEBUG_MSG( 2, ( "=> decompress buf" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decompress buf" ) ); if( len_pre == 0 ) return( 0 ); memcpy( msg_pre, ssl->in_msg, len_pre ); - SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %d, ", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %d, ", ssl->in_msglen ) ); - SSL_DEBUG_BUF( 4, "before decompression: input payload", + MBEDTLS_SSL_DEBUG_BUF( 4, "before decompression: input payload", ssl->in_msg, ssl->in_msglen ); ssl->transform_in->ctx_inflate.next_in = msg_pre; ssl->transform_in->ctx_inflate.avail_in = len_pre; ssl->transform_in->ctx_inflate.next_out = msg_post; - ssl->transform_in->ctx_inflate.avail_out = SSL_MAX_CONTENT_LEN; + ssl->transform_in->ctx_inflate.avail_out = MBEDTLS_SSL_MAX_CONTENT_LEN; ret = inflate( &ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH ); if( ret != Z_OK ) { - SSL_DEBUG_MSG( 1, ( "failed to perform decompression (%d)", ret ) ); - return( POLARSSL_ERR_SSL_COMPRESSION_FAILED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform decompression (%d)", ret ) ); + return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); } - ssl->in_msglen = SSL_MAX_CONTENT_LEN - + ssl->in_msglen = MBEDTLS_SSL_MAX_CONTENT_LEN - ssl->transform_in->ctx_inflate.avail_out; - SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %d, ", + MBEDTLS_SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %d, ", ssl->in_msglen ) ); - SSL_DEBUG_BUF( 4, "after decompression: input payload", + MBEDTLS_SSL_DEBUG_BUF( 4, "after decompression: input payload", ssl->in_msg, ssl->in_msglen ); - SSL_DEBUG_MSG( 2, ( "<= decompress buf" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decompress buf" ) ); return( 0 ); } -#endif /* POLARSSL_ZLIB_SUPPORT */ +#endif /* MBEDTLS_ZLIB_SUPPORT */ + +#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) +static int ssl_write_hello_request( mbedtls_ssl_context *ssl ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +static int ssl_resend_hello_request( mbedtls_ssl_context *ssl ) +{ + /* If renegotiation is not enforced, retransmit until we would reach max + * timeout if we were using the usual handshake doubling scheme */ + if( ssl->conf->renego_max_records < 0 ) + { + uint32_t ratio = ssl->conf->hs_timeout_max / ssl->conf->hs_timeout_min + 1; + unsigned char doublings = 1; + + while( ratio != 0 ) + { + ++doublings; + ratio >>= 1; + } + + if( ++ssl->renego_records_seen > doublings ) + { + MBEDTLS_SSL_DEBUG_MSG( 0, ( "no longer retransmitting hello request" ) ); + return( 0 ); + } + } + + return( ssl_write_hello_request( ssl ) ); +} +#endif +#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ /* - * Fill the input message buffer + * Fill the input message buffer by appending data to it. + * The amount of data already fetched is in ssl->in_left. + * + * If we return 0, is it guaranteed that (at least) nb_want bytes are + * available (from this read and/or a previous one). Otherwise, an error code + * is returned (possibly EOF or WANT_READ). + * + * With stream transport (TLS) on success ssl->in_left == nb_want, but + * with datagram transport (DTLS) on success ssl->in_left >= nb_want, + * since we always read a whole datagram at once. + * + * For DTLS, it is up to the caller to set ssl->next_record_offset when + * they're done reading a record. */ -int ssl_fetch_input( ssl_context *ssl, size_t nb_want ) +int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) { int ret; size_t len; - SSL_DEBUG_MSG( 2, ( "=> fetch input" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> fetch input" ) ); + + if( ssl->f_recv == NULL && ssl->f_recv_timeout == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() " + "or mbedtls_ssl_set_bio()" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } - if( nb_want > SSL_BUFFER_LEN - 8 ) + if( nb_want > MBEDTLS_SSL_BUFFER_LEN - (size_t)( ssl->in_hdr - ssl->in_buf ) ) { - SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) ); - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - while( ssl->in_left < nb_want ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { - len = nb_want - ssl->in_left; - ret = ssl->f_recv( ssl->p_recv, ssl->in_hdr + ssl->in_left, len ); + uint32_t timeout; + + /* Just to be sure */ + if( ssl->f_set_timer == NULL || ssl->f_get_timer == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "You must use " + "mbedtls_ssl_set_timer_cb() for DTLS" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + /* + * The point is, we need to always read a full datagram at once, so we + * sometimes read more then requested, and handle the additional data. + * It could be the rest of the current record (while fetching the + * header) and/or some other records in the same datagram. + */ - SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d", + /* + * Move to the next record in the already read datagram if applicable + */ + if( ssl->next_record_offset != 0 ) + { + if( ssl->in_left < ssl->next_record_offset ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + ssl->in_left -= ssl->next_record_offset; + + if( ssl->in_left != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "next record in same datagram, offset: %d", + ssl->next_record_offset ) ); + memmove( ssl->in_hdr, + ssl->in_hdr + ssl->next_record_offset, + ssl->in_left ); + } + + ssl->next_record_offset = 0; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d", ssl->in_left, nb_want ) ); - SSL_DEBUG_RET( 2, "ssl->f_recv", ret ); - if( ret == 0 ) - return( POLARSSL_ERR_SSL_CONN_EOF ); + /* + * Done if we already have enough data. + */ + if( nb_want <= ssl->in_left) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) ); + return( 0 ); + } + + /* + * A record can't be split accross datagrams. If we need to read but + * are not at the beginning of a new record, the caller did something + * wrong. + */ + if( ssl->in_left != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + /* + * Don't even try to read if time's out already. + * This avoids by-passing the timer when repeatedly receiving messages + * that will end up being dropped. + */ + if( ssl_check_timer( ssl ) != 0 ) + ret = MBEDTLS_ERR_SSL_TIMEOUT; + else + { + len = MBEDTLS_SSL_BUFFER_LEN - ( ssl->in_hdr - ssl->in_buf ); + + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + timeout = ssl->handshake->retransmit_timeout; + else + timeout = ssl->conf->read_timeout; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "f_recv_timeout: %u ms", timeout ) ); + + if( ssl->f_recv_timeout != NULL ) + ret = ssl->f_recv_timeout( ssl->p_bio, ssl->in_hdr, len, + timeout ); + else + ret = ssl->f_recv( ssl->p_bio, ssl->in_hdr, len ); + + MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret ); + + if( ret == 0 ) + return( MBEDTLS_ERR_SSL_CONN_EOF ); + } + + if( ret == MBEDTLS_ERR_SSL_TIMEOUT ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "timeout" ) ); + ssl_set_timer( ssl, 0 ); + + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + { + if( ssl_double_retransmit_timeout( ssl ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake timeout" ) ); + return( MBEDTLS_ERR_SSL_TIMEOUT ); + } + + if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret ); + return( ret ); + } + + return( MBEDTLS_ERR_SSL_WANT_READ ); + } +#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) + else if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) + { + if( ( ret = ssl_resend_hello_request( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_resend_hello_request", ret ); + return( ret ); + } + + return( MBEDTLS_ERR_SSL_WANT_READ ); + } +#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ + } if( ret < 0 ) return( ret ); - ssl->in_left += ret; + ssl->in_left = ret; + } + else +#endif + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d", + ssl->in_left, nb_want ) ); + + while( ssl->in_left < nb_want ) + { + len = nb_want - ssl->in_left; + + if( ssl_check_timer( ssl ) != 0 ) + ret = MBEDTLS_ERR_SSL_TIMEOUT; + else + { + if( ssl->f_recv_timeout != NULL ) + { + ret = ssl->f_recv_timeout( ssl->p_bio, + ssl->in_hdr + ssl->in_left, len, + ssl->conf->read_timeout ); + } + else + { + ret = ssl->f_recv( ssl->p_bio, + ssl->in_hdr + ssl->in_left, len ); + } + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d", + ssl->in_left, nb_want ) ); + MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret ); + + if( ret == 0 ) + return( MBEDTLS_ERR_SSL_CONN_EOF ); + + if( ret < 0 ) + return( ret ); + + ssl->in_left += ret; + } } - SSL_DEBUG_MSG( 2, ( "<= fetch input" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) ); return( 0 ); } @@ -2045,22 +2405,37 @@ int ssl_fetch_input( ssl_context *ssl, size_t nb_want ) /* * Flush any data not yet written */ -int ssl_flush_output( ssl_context *ssl ) +int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) { int ret; - unsigned char *buf; + unsigned char *buf, i; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> flush output" ) ); - SSL_DEBUG_MSG( 2, ( "=> flush output" ) ); + if( ssl->f_send == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() " + "or mbedtls_ssl_set_bio()" ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + /* Avoid incrementing counter if data is flushed */ + if( ssl->out_left == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); + return( 0 ); + } while( ssl->out_left > 0 ) { - SSL_DEBUG_MSG( 2, ( "message length: %d, out_left: %d", - 5 + ssl->out_msglen, ssl->out_left ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "message length: %d, out_left: %d", + mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen, ssl->out_left ) ); - buf = ssl->out_hdr + 5 + ssl->out_msglen - ssl->out_left; - ret = ssl->f_send( ssl->p_send, buf, ssl->out_left ); + buf = ssl->out_hdr + mbedtls_ssl_hdr_len( ssl ) + + ssl->out_msglen - ssl->out_left; + ret = ssl->f_send( ssl->p_bio, buf, ssl->out_left ); - SSL_DEBUG_RET( 2, "ssl->f_send", ret ); + MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", ret ); if( ret <= 0 ) return( ret ); @@ -2068,379 +2443,1251 @@ int ssl_flush_output( ssl_context *ssl ) ssl->out_left -= ret; } - SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); + for( i = 8; i > ssl_ep_len( ssl ); i-- ) + if( ++ssl->out_ctr[i - 1] != 0 ) + break; + + /* The loop goes to its end iff the counter is wrapping */ + if( i == ssl_ep_len( ssl ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) ); + return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); return( 0 ); } /* - * Record layer functions + * Functions to handle the DTLS retransmission state machine + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) +/* + * Append current handshake message to current outgoing flight */ -int ssl_write_record( ssl_context *ssl ) +static int ssl_flight_append( mbedtls_ssl_context *ssl ) { - int ret, done = 0; + mbedtls_ssl_flight_item *msg; + + /* Allocate space for current message */ + if( ( msg = mbedtls_calloc( 1, sizeof( mbedtls_ssl_flight_item ) ) ) == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %d bytes failed", + sizeof( mbedtls_ssl_flight_item ) ) ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } + + if( ( msg->p = mbedtls_calloc( 1, ssl->out_msglen ) ) == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %d bytes failed", ssl->out_msglen ) ); + mbedtls_free( msg ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } + + /* Copy current handshake message with headers */ + memcpy( msg->p, ssl->out_msg, ssl->out_msglen ); + msg->len = ssl->out_msglen; + msg->type = ssl->out_msgtype; + msg->next = NULL; + + /* Append to the current flight */ + if( ssl->handshake->flight == NULL ) + ssl->handshake->flight = msg; + else + { + mbedtls_ssl_flight_item *cur = ssl->handshake->flight; + while( cur->next != NULL ) + cur = cur->next; + cur->next = msg; + } + + return( 0 ); +} + +/* + * Free the current flight of handshake messages + */ +static void ssl_flight_free( mbedtls_ssl_flight_item *flight ) +{ + mbedtls_ssl_flight_item *cur = flight; + mbedtls_ssl_flight_item *next; + + while( cur != NULL ) + { + next = cur->next; + + mbedtls_free( cur->p ); + mbedtls_free( cur ); + + cur = next; + } +} + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +static void ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ); +#endif + +/* + * Swap transform_out and out_ctr with the alternative ones + */ +static void ssl_swap_epochs( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_transform *tmp_transform; + unsigned char tmp_out_ctr[8]; + + if( ssl->transform_out == ssl->handshake->alt_transform_out ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip swap epochs" ) ); + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "swap epochs" ) ); + + /* Swap transforms */ + tmp_transform = ssl->transform_out; + ssl->transform_out = ssl->handshake->alt_transform_out; + ssl->handshake->alt_transform_out = tmp_transform; + + /* Swap epoch + sequence_number */ + memcpy( tmp_out_ctr, ssl->out_ctr, 8 ); + memcpy( ssl->out_ctr, ssl->handshake->alt_out_ctr, 8 ); + memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr, 8 ); + + /* Adjust to the newly activated transform */ + if( ssl->transform_out != NULL && + ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + { + ssl->out_msg = ssl->out_iv + ssl->transform_out->ivlen - + ssl->transform_out->fixed_ivlen; + } + else + ssl->out_msg = ssl->out_iv; + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_activate != NULL ) + { + if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } + } +#endif +} + +/* + * Retransmit the current flight of messages. + * + * Need to remember the current message in case flush_output returns + * WANT_WRITE, causing us to exit this function and come back later. + * This function must be called until state is no longer SENDING. + */ +int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ) +{ + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_resend" ) ); + + if( ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialise resending" ) ); + + ssl->handshake->cur_msg = ssl->handshake->flight; + ssl_swap_epochs( ssl ); + + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_SENDING; + } + + while( ssl->handshake->cur_msg != NULL ) + { + int ret; + mbedtls_ssl_flight_item *cur = ssl->handshake->cur_msg; + + /* Swap epochs before sending Finished: we can't do it after + * sending ChangeCipherSpec, in case write returns WANT_READ. + * Must be done before copying, may change out_msg pointer */ + if( cur->type == MBEDTLS_SSL_MSG_HANDSHAKE && + cur->p[0] == MBEDTLS_SSL_HS_FINISHED ) + { + ssl_swap_epochs( ssl ); + } + + memcpy( ssl->out_msg, cur->p, cur->len ); + ssl->out_msglen = cur->len; + ssl->out_msgtype = cur->type; + + ssl->handshake->cur_msg = cur->next; + + MBEDTLS_SSL_DEBUG_BUF( 3, "resent handshake message header", ssl->out_msg, 12 ); + + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + return( ret ); + } + } + + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; + else + { + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; + ssl_set_timer( ssl, ssl->handshake->retransmit_timeout ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_resend" ) ); + + return( 0 ); +} + +/* + * To be called when the last message of an incoming flight is received. + */ +void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ) +{ + /* We won't need to resend that one any more */ + ssl_flight_free( ssl->handshake->flight ); + ssl->handshake->flight = NULL; + ssl->handshake->cur_msg = NULL; + + /* The next incoming flight will start with this msg_seq */ + ssl->handshake->in_flight_start_seq = ssl->handshake->in_msg_seq; + + /* Cancel timer */ + ssl_set_timer( ssl, 0 ); + + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED ) + { + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; + } + else + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; +} + +/* + * To be called when the last message of an outgoing flight is send. + */ +void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ) +{ + ssl_reset_retransmit_timeout( ssl ); + ssl_set_timer( ssl, ssl->handshake->retransmit_timeout ); + + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED ) + { + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; + } + else + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; +} +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +/* + * Record layer functions + */ + +/* + * Write current record. + * Uses ssl->out_msgtype, ssl->out_msglen and bytes at ssl->out_msg. + */ +int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) +{ + int ret, done = 0; size_t len = ssl->out_msglen; - SSL_DEBUG_MSG( 2, ( "=> write record" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) ); - if( ssl->out_msgtype == SSL_MSG_HANDSHAKE ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake != NULL && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + { + ; /* Skip special handshake treatment when resending */ + } + else +#endif + if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) { + if( ssl->out_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST && + ssl->handshake == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + ssl->out_msg[1] = (unsigned char)( ( len - 4 ) >> 16 ); ssl->out_msg[2] = (unsigned char)( ( len - 4 ) >> 8 ); ssl->out_msg[3] = (unsigned char)( ( len - 4 ) ); - if( ssl->out_msg[0] != SSL_HS_HELLO_REQUEST ) + /* + * DTLS has additional fields in the Handshake layer, + * between the length field and the actual payload: + * uint16 message_seq; + * uint24 fragment_offset; + * uint24 fragment_length; + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + /* Make room for the additional DTLS fields */ + memmove( ssl->out_msg + 12, ssl->out_msg + 4, len - 4 ); + ssl->out_msglen += 8; + len += 8; + + /* Write message_seq and update it, except for HelloRequest */ + if( ssl->out_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST ) + { + ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF; + ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF; + ++( ssl->handshake->out_msg_seq ); + } + else + { + ssl->out_msg[4] = 0; + ssl->out_msg[5] = 0; + } + + /* We don't fragment, so frag_offset = 0 and frag_len = len */ + memset( ssl->out_msg + 6, 0x00, 3 ); + memcpy( ssl->out_msg + 9, ssl->out_msg + 1, 3 ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + if( ssl->out_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST ) ssl->handshake->update_checksum( ssl, ssl->out_msg, len ); } -#if defined(POLARSSL_ZLIB_SUPPORT) + /* Save handshake and CCS messages for resending */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake != NULL && + ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING && + ( ssl->out_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC || + ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) ) + { + if( ( ret = ssl_flight_append( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_flight_append", ret ); + return( ret ); + } + } +#endif + +#if defined(MBEDTLS_ZLIB_SUPPORT) if( ssl->transform_out != NULL && - ssl->session_out->compression == SSL_COMPRESS_DEFLATE ) + ssl->session_out->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) { if( ( ret = ssl_compress_buf( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_compress_buf", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_compress_buf", ret ); return( ret ); } len = ssl->out_msglen; } -#endif /*POLARSSL_ZLIB_SUPPORT */ +#endif /*MBEDTLS_ZLIB_SUPPORT */ -#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) - if( ssl_hw_record_write != NULL ) +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_write != NULL ) { - SSL_DEBUG_MSG( 2, ( "going for ssl_hw_record_write()" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_write()" ) ); - ret = ssl_hw_record_write( ssl ); - if( ret != 0 && ret != POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH ) + ret = mbedtls_ssl_hw_record_write( ssl ); + if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ) { - SSL_DEBUG_RET( 1, "ssl_hw_record_write", ret ); - return( POLARSSL_ERR_SSL_HW_ACCEL_FAILED ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_write", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } if( ret == 0 ) done = 1; } -#endif /* POLARSSL_SSL_HW_RECORD_ACCEL */ +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ if( !done ) { ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype; - ssl->out_hdr[1] = (unsigned char) ssl->major_ver; - ssl->out_hdr[2] = (unsigned char) ssl->minor_ver; - ssl->out_hdr[3] = (unsigned char)( len >> 8 ); - ssl->out_hdr[4] = (unsigned char)( len ); + mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, ssl->out_hdr + 1 ); + + ssl->out_len[0] = (unsigned char)( len >> 8 ); + ssl->out_len[1] = (unsigned char)( len ); if( ssl->transform_out != NULL ) { if( ( ret = ssl_encrypt_buf( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_encrypt_buf", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_encrypt_buf", ret ); return( ret ); } len = ssl->out_msglen; - ssl->out_hdr[3] = (unsigned char)( len >> 8 ); - ssl->out_hdr[4] = (unsigned char)( len ); + ssl->out_len[0] = (unsigned char)( len >> 8 ); + ssl->out_len[1] = (unsigned char)( len ); } - ssl->out_left = 5 + ssl->out_msglen; + ssl->out_left = mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen; - SSL_DEBUG_MSG( 3, ( "output record: msgtype = %d, " + MBEDTLS_SSL_DEBUG_MSG( 3, ( "output record: msgtype = %d, " "version = [%d:%d], msglen = %d", ssl->out_hdr[0], ssl->out_hdr[1], ssl->out_hdr[2], - ( ssl->out_hdr[3] << 8 ) | ssl->out_hdr[4] ) ); + ( ssl->out_len[0] << 8 ) | ssl->out_len[1] ) ); - SSL_DEBUG_BUF( 4, "output record sent to network", - ssl->out_hdr, 5 + ssl->out_msglen ); + MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network", + ssl->out_hdr, mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen ); } - if( ( ret = ssl_flush_output( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_flush_output", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= write record" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write record" ) ); return( 0 ); } -int ssl_read_record( ssl_context *ssl ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) +/* + * Mark bits in bitmask (used for DTLS HS reassembly) + */ +static void ssl_bitmask_set( unsigned char *mask, size_t offset, size_t len ) { - int ret, done = 0; + unsigned int start_bits, end_bits; - SSL_DEBUG_MSG( 2, ( "=> read record" ) ); + start_bits = 8 - ( offset % 8 ); + if( start_bits != 8 ) + { + size_t first_byte_idx = offset / 8; - if( ssl->in_hslen != 0 && - ssl->in_hslen < ssl->in_msglen ) + /* Special case */ + if( len <= start_bits ) + { + for( ; len != 0; len-- ) + mask[first_byte_idx] |= 1 << ( start_bits - len ); + + /* Avoid potential issues with offset or len becoming invalid */ + return; + } + + offset += start_bits; /* Now offset % 8 == 0 */ + len -= start_bits; + + for( ; start_bits != 0; start_bits-- ) + mask[first_byte_idx] |= 1 << ( start_bits - 1 ); + } + + end_bits = len % 8; + if( end_bits != 0 ) { - /* - * Get next Handshake message in the current record - */ - ssl->in_msglen -= ssl->in_hslen; + size_t last_byte_idx = ( offset + len ) / 8; - memmove( ssl->in_msg, ssl->in_msg + ssl->in_hslen, - ssl->in_msglen ); + len -= end_bits; /* Now len % 8 == 0 */ + + for( ; end_bits != 0; end_bits-- ) + mask[last_byte_idx] |= 1 << ( 8 - end_bits ); + } + + memset( mask + offset / 8, 0xFF, len / 8 ); +} + +/* + * Check that bitmask is full + */ +static int ssl_bitmask_check( unsigned char *mask, size_t len ) +{ + size_t i; + + for( i = 0; i < len / 8; i++ ) + if( mask[i] != 0xFF ) + return( -1 ); + + for( i = 0; i < len % 8; i++ ) + if( ( mask[len / 8] & ( 1 << ( 7 - i ) ) ) == 0 ) + return( -1 ); + + return( 0 ); +} + +/* + * Reassemble fragmented DTLS handshake messages. + * + * Use a temporary buffer for reassembly, divided in two parts: + * - the first holds the reassembled message (including handshake header), + * - the second holds a bitmask indicating which parts of the message + * (excluding headers) have been received so far. + */ +static int ssl_reassemble_dtls_handshake( mbedtls_ssl_context *ssl ) +{ + unsigned char *msg, *bitmask; + size_t frag_len, frag_off; + size_t msg_len = ssl->in_hslen - 12; /* Without headers */ - ssl->in_hslen = 4; - ssl->in_hslen += ( ssl->in_msg[2] << 8 ) | ssl->in_msg[3]; + if( ssl->handshake == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "not supported outside handshake (for now)" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } + + /* + * For first fragment, check size and allocate buffer + */ + if( ssl->handshake->hs_msg == NULL ) + { + size_t alloc_len; - SSL_DEBUG_MSG( 3, ( "handshake message: msglen =" - " %d, type = %d, hslen = %d", - ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %d", + msg_len ) ); - if( ssl->in_msglen < 4 || ssl->in_msg[1] != 0 ) + if( ssl->in_hslen > MBEDTLS_SSL_MAX_CONTENT_LEN ) { - SSL_DEBUG_MSG( 1, ( "bad handshake length" ) ); - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too large" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); } - if( ssl->in_msglen < ssl->in_hslen ) + /* The bitmask needs one bit per byte of message excluding header */ + alloc_len = 12 + msg_len + msg_len / 8 + ( msg_len % 8 != 0 ); + + ssl->handshake->hs_msg = mbedtls_calloc( 1, alloc_len ); + if( ssl->handshake->hs_msg == NULL ) { - SSL_DEBUG_MSG( 1, ( "bad handshake length" ) ); - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed (%d bytes)", alloc_len ) ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); } - if( ssl->state != SSL_HANDSHAKE_OVER ) - ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen ); + /* Prepare final header: copy msg_type, length and message_seq, + * then add standardised fragment_offset and fragment_length */ + memcpy( ssl->handshake->hs_msg, ssl->in_msg, 6 ); + memset( ssl->handshake->hs_msg + 6, 0, 3 ); + memcpy( ssl->handshake->hs_msg + 9, + ssl->handshake->hs_msg + 1, 3 ); + } + else + { + /* Make sure msg_type and length are consistent */ + if( memcmp( ssl->handshake->hs_msg, ssl->in_msg, 4 ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment header mismatch" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + } - return( 0 ); + msg = ssl->handshake->hs_msg + 12; + bitmask = msg + msg_len; + + /* + * Check and copy current fragment + */ + frag_off = ( ssl->in_msg[6] << 16 ) | + ( ssl->in_msg[7] << 8 ) | + ssl->in_msg[8]; + frag_len = ( ssl->in_msg[9] << 16 ) | + ( ssl->in_msg[10] << 8 ) | + ssl->in_msg[11]; + + if( frag_off + frag_len > msg_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid fragment offset/len: %d + %d > %d", + frag_off, frag_len, msg_len ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); } - ssl->in_hslen = 0; + if( frag_len + 12 > ssl->in_msglen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid fragment length: %d + 12 > %d", + frag_len, ssl->in_msglen ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %d, length = %d", + frag_off, frag_len ) ); + + memcpy( msg + frag_off, ssl->in_msg + 12, frag_len ); + ssl_bitmask_set( bitmask, frag_off, frag_len ); /* - * Read the record header and validate it + * Do we have the complete message by now? + * If yes, finalize it, else ask to read the next record. */ - if( ( ret = ssl_fetch_input( ssl, 5 ) ) != 0 ) + if( ssl_bitmask_check( bitmask, msg_len ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_fetch_input", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "message is not complete yet" ) ); + return( MBEDTLS_ERR_SSL_WANT_READ ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake message completed" ) ); + + if( frag_len + 12 < ssl->in_msglen ) + { + /* + * We'got more handshake messages in the same record. + * This case is not handled now because no know implementation does + * that and it's hard to test, so we prefer to fail cleanly for now. + */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "last fragment not alone in its record" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } + + if( ssl->in_left > ssl->next_record_offset ) + { + /* + * We've got more data in the buffer after the current record, + * that we don't want to overwrite. Move it before writing the + * reassembled message, and adjust in_left and next_record_offset. + */ + unsigned char *cur_remain = ssl->in_hdr + ssl->next_record_offset; + unsigned char *new_remain = ssl->in_msg + ssl->in_hslen; + size_t remain_len = ssl->in_left - ssl->next_record_offset; + + /* First compute and check new lengths */ + ssl->next_record_offset = new_remain - ssl->in_hdr; + ssl->in_left = ssl->next_record_offset + remain_len; + + if( ssl->in_left > MBEDTLS_SSL_BUFFER_LEN - + (size_t)( ssl->in_hdr - ssl->in_buf ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "reassembled message too large for buffer" ) ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + } + + memmove( new_remain, cur_remain, remain_len ); + } + + memcpy( ssl->in_msg, ssl->handshake->hs_msg, ssl->in_hslen ); + + mbedtls_free( ssl->handshake->hs_msg ); + ssl->handshake->hs_msg = NULL; + + MBEDTLS_SSL_DEBUG_BUF( 3, "reassembled handshake message", + ssl->in_msg, ssl->in_hslen ); + + return( 0 ); +} +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +static int ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) +{ + if( ssl->in_msglen < mbedtls_ssl_hs_hdr_len( ssl ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too short: %d", + ssl->in_msglen ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + ssl->in_hslen = mbedtls_ssl_hs_hdr_len( ssl ) + ( + ( ssl->in_msg[1] << 16 ) | + ( ssl->in_msg[2] << 8 ) | + ssl->in_msg[3] ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "handshake message: msglen =" + " %d, type = %d, hslen = %d", + ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + int ret; + unsigned int recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5]; + + /* ssl->handshake is NULL when receiving ClientHello for renego */ + if( ssl->handshake != NULL && + recv_msg_seq != ssl->handshake->in_msg_seq ) + { + /* Retransmit only on last message from previous flight, to avoid + * too many retransmissions. + * Besides, No sane server ever retransmits HelloVerifyRequest */ + if( recv_msg_seq == ssl->handshake->in_flight_start_seq - 1 && + ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "received message from last flight, " + "message_seq = %d, start_of_flight = %d", + recv_msg_seq, + ssl->handshake->in_flight_start_seq ) ); + + if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret ); + return( ret ); + } + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "dropping out-of-sequence message: " + "message_seq = %d, expected = %d", + recv_msg_seq, + ssl->handshake->in_msg_seq ) ); + } + + return( MBEDTLS_ERR_SSL_WANT_READ ); + } + /* Wait until message completion to increment in_msg_seq */ + + /* Reassemble if current message is fragmented or reassembly is + * already in progress */ + if( ssl->in_msglen < ssl->in_hslen || + memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 || + memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 || + ( ssl->handshake != NULL && ssl->handshake->hs_msg != NULL ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "found fragmented DTLS handshake message" ) ); + + if( ( ret = ssl_reassemble_dtls_handshake( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_reassemble_dtls_handshake", ret ); + return( ret ); + } + } + } + else +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + /* With TLS we don't handle fragmentation (for now) */ + if( ssl->in_msglen < ssl->in_hslen ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS handshake fragmentation not supported" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } + + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && + ssl->handshake != NULL ) + { + ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen ); + } + + /* Handshake message is complete, increment counter */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake != NULL ) + { + ssl->handshake->in_msg_seq++; + } +#endif + + return( 0 ); +} + +/* + * DTLS anti-replay: RFC 6347 4.1.2.6 + * + * in_window is a field of bits numbered from 0 (lsb) to 63 (msb). + * Bit n is set iff record number in_window_top - n has been seen. + * + * Usually, in_window_top is the last record number seen and the lsb of + * in_window is set. The only exception is the initial state (record number 0 + * not seen yet). + */ +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +static void ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ) +{ + ssl->in_window_top = 0; + ssl->in_window = 0; +} + +static inline uint64_t ssl_load_six_bytes( unsigned char *buf ) +{ + return( ( (uint64_t) buf[0] << 40 ) | + ( (uint64_t) buf[1] << 32 ) | + ( (uint64_t) buf[2] << 24 ) | + ( (uint64_t) buf[3] << 16 ) | + ( (uint64_t) buf[4] << 8 ) | + ( (uint64_t) buf[5] ) ); +} + +/* + * Return 0 if sequence number is acceptable, -1 otherwise + */ +int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl ) +{ + uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 ); + uint64_t bit; + + if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED ) + return( 0 ); + + if( rec_seqnum > ssl->in_window_top ) + return( 0 ); + + bit = ssl->in_window_top - rec_seqnum; + + if( bit >= 64 ) + return( -1 ); + + if( ( ssl->in_window & ( (uint64_t) 1 << bit ) ) != 0 ) + return( -1 ); + + return( 0 ); +} + +/* + * Update replay window on new validated record + */ +void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ) +{ + uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 ); + + if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED ) + return; + + if( rec_seqnum > ssl->in_window_top ) + { + /* Update window_top and the contents of the window */ + uint64_t shift = rec_seqnum - ssl->in_window_top; + + if( shift >= 64 ) + ssl->in_window = 1; + else + { + ssl->in_window <<= shift; + ssl->in_window |= 1; + } + + ssl->in_window_top = rec_seqnum; } + else + { + /* Mark that number as seen in the current window */ + uint64_t bit = ssl->in_window_top - rec_seqnum; + + if( bit < 64 ) /* Always true, but be extra sure */ + ssl->in_window |= (uint64_t) 1 << bit; + } +} +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ + +/* + * ContentType type; + * ProtocolVersion version; + * uint16 epoch; // DTLS only + * uint48 sequence_number; // DTLS only + * uint16 length; + */ +static int ssl_parse_record_header( mbedtls_ssl_context *ssl ) +{ + int ret; + int major_ver, minor_ver; + + MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", ssl->in_hdr, mbedtls_ssl_hdr_len( ssl ) ); ssl->in_msgtype = ssl->in_hdr[0]; - ssl->in_msglen = ( ssl->in_hdr[3] << 8 ) | ssl->in_hdr[4]; + ssl->in_msglen = ( ssl->in_len[0] << 8 ) | ssl->in_len[1]; + mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, ssl->in_hdr + 1 ); - SSL_DEBUG_MSG( 3, ( "input record: msgtype = %d, " + MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %d, " "version = [%d:%d], msglen = %d", - ssl->in_hdr[0], ssl->in_hdr[1], ssl->in_hdr[2], - ( ssl->in_hdr[3] << 8 ) | ssl->in_hdr[4] ) ); + ssl->in_msgtype, + major_ver, minor_ver, ssl->in_msglen ) ); - if( ssl->in_hdr[1] != ssl->major_ver ) + /* Check record type */ + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msgtype != MBEDTLS_SSL_MSG_ALERT && + ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && + ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA ) { - SSL_DEBUG_MSG( 1, ( "major version mismatch" ) ); - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) ); + + if( ( ret = mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ) ) != 0 ) + { + return( ret ); + } + + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); } - if( ssl->in_hdr[2] > ssl->max_minor_ver ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { - SSL_DEBUG_MSG( 1, ( "minor version mismatch" ) ); - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + /* Drop unexpected ChangeCipherSpec messages */ + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && + ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC && + ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping unexpected ChangeCipherSpec" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + /* Drop unexpected ApplicationData records, + * except at the beginning of renegotiations */ + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA && + ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER +#if defined(MBEDTLS_SSL_RENEGOTIATION) + && ! ( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->state == MBEDTLS_SSL_SERVER_HELLO ) +#endif + ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping unexpected ApplicationData" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } } +#endif - /* Sanity check (outer boundaries) */ - if( ssl->in_msglen < 1 || ssl->in_msglen > SSL_BUFFER_LEN - 13 ) + /* Check version */ + if( major_ver != ssl->major_ver ) { - SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "major version mismatch" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); } - /* - * Make sure the message length is acceptable for the current transform - * and protocol version. - */ + if( minor_ver > ssl->conf->max_minor_ver ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "minor version mismatch" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + /* Check epoch (and sequence number) with DTLS */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + unsigned int rec_epoch = ( ssl->in_ctr[0] << 8 ) | ssl->in_ctr[1]; + + if( rec_epoch != ssl->in_epoch ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "record from another epoch: " + "expected %d, received %d", + ssl->in_epoch, rec_epoch ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } +#endif + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + /* Check length against the size of our buffer */ + if( ssl->in_msglen > MBEDTLS_SSL_BUFFER_LEN + - (size_t)( ssl->in_msg - ssl->in_buf ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + /* Check length against bounds of the current transform and version */ if( ssl->transform_in == NULL ) { - if( ssl->in_msglen > SSL_MAX_CONTENT_LEN ) + if( ssl->in_msglen < 1 || + ssl->in_msglen > MBEDTLS_SSL_MAX_CONTENT_LEN ) { - SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); } } else { if( ssl->in_msglen < ssl->transform_in->minlen ) { - SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); } -#if defined(POLARSSL_SSL_PROTO_SSL3) - if( ssl->minor_ver == SSL_MINOR_VERSION_0 && - ssl->in_msglen > ssl->transform_in->minlen + SSL_MAX_CONTENT_LEN ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && + ssl->in_msglen > ssl->transform_in->minlen + MBEDTLS_SSL_MAX_CONTENT_LEN ) { - SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); } #endif - -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) /* * TLS encrypted messages can have up to 256 bytes of padding */ - if( ssl->minor_ver >= SSL_MINOR_VERSION_1 && + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 && ssl->in_msglen > ssl->transform_in->minlen + - SSL_MAX_CONTENT_LEN + 256 ) + MBEDTLS_SSL_MAX_CONTENT_LEN + 256 ) { - SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); } #endif } - /* - * Read and optionally decrypt the message contents - */ - if( ( ret = ssl_fetch_input( ssl, 5 + ssl->in_msglen ) ) != 0 ) - { - SSL_DEBUG_RET( 1, "ssl_fetch_input", ret ); - return( ret ); - } + return( 0 ); +} + +/* + * If applicable, decrypt (and decompress) record content + */ +static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) +{ + int ret, done = 0; - SSL_DEBUG_BUF( 4, "input record from network", - ssl->in_hdr, 5 + ssl->in_msglen ); + MBEDTLS_SSL_DEBUG_BUF( 4, "input record from network", + ssl->in_hdr, mbedtls_ssl_hdr_len( ssl ) + ssl->in_msglen ); -#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) - if( ssl_hw_record_read != NULL ) +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_read != NULL ) { - SSL_DEBUG_MSG( 2, ( "going for ssl_hw_record_read()" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_read()" ) ); - ret = ssl_hw_record_read( ssl ); - if( ret != 0 && ret != POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH ) + ret = mbedtls_ssl_hw_record_read( ssl ); + if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ) { - SSL_DEBUG_RET( 1, "ssl_hw_record_read", ret ); - return( POLARSSL_ERR_SSL_HW_ACCEL_FAILED ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_read", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } if( ret == 0 ) done = 1; } -#endif /* POLARSSL_SSL_HW_RECORD_ACCEL */ +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ if( !done && ssl->transform_in != NULL ) { if( ( ret = ssl_decrypt_buf( ssl ) ) != 0 ) { -#if defined(POLARSSL_SSL_ALERT_MESSAGES) - if( ret == POLARSSL_ERR_SSL_INVALID_MAC ) - { - ssl_send_alert_message( ssl, - SSL_ALERT_LEVEL_FATAL, - SSL_ALERT_MSG_BAD_RECORD_MAC ); - } -#endif - SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret ); return( ret ); } - SSL_DEBUG_BUF( 4, "input payload after decrypt", + MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt", ssl->in_msg, ssl->in_msglen ); - if( ssl->in_msglen > SSL_MAX_CONTENT_LEN ) + if( ssl->in_msglen > MBEDTLS_SSL_MAX_CONTENT_LEN ) { - SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); } } -#if defined(POLARSSL_ZLIB_SUPPORT) +#if defined(MBEDTLS_ZLIB_SUPPORT) if( ssl->transform_in != NULL && - ssl->session_in->compression == SSL_COMPRESS_DEFLATE ) + ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) { if( ( ret = ssl_decompress_buf( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret ); return( ret ); } - ssl->in_hdr[3] = (unsigned char)( ssl->in_msglen >> 8 ); - ssl->in_hdr[4] = (unsigned char)( ssl->in_msglen ); + // TODO: what's the purpose of these lines? is in_len used? + ssl->in_len[0] = (unsigned char)( ssl->in_msglen >> 8 ); + ssl->in_len[1] = (unsigned char)( ssl->in_msglen ); } -#endif /* POLARSSL_ZLIB_SUPPORT */ +#endif /* MBEDTLS_ZLIB_SUPPORT */ - if( ssl->in_msgtype != SSL_MSG_HANDSHAKE && - ssl->in_msgtype != SSL_MSG_ALERT && - ssl->in_msgtype != SSL_MSG_CHANGE_CIPHER_SPEC && - ssl->in_msgtype != SSL_MSG_APPLICATION_DATA ) +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { - SSL_DEBUG_MSG( 1, ( "unknown record type" ) ); + mbedtls_ssl_dtls_replay_update( ssl ); + } +#endif - if( ( ret = ssl_send_alert_message( ssl, - SSL_ALERT_LEVEL_FATAL, - SSL_ALERT_MSG_UNEXPECTED_MESSAGE ) ) != 0 ) - { + return( 0 ); +} + +static void ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ); + +/* + * Read a record. + * + * For DTLS, silently ignore invalid records (RFC 4.1.2.7.) + * and continue reading until a valid record is found. + */ +int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) +{ + int ret; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read record" ) ); + + if( ssl->in_hslen != 0 && ssl->in_hslen < ssl->in_msglen ) + { + /* + * Get next Handshake message in the current record + */ + ssl->in_msglen -= ssl->in_hslen; + + memmove( ssl->in_msg, ssl->in_msg + ssl->in_hslen, + ssl->in_msglen ); + + MBEDTLS_SSL_DEBUG_BUF( 4, "remaining content in record", + ssl->in_msg, ssl->in_msglen ); + + if( ( ret = ssl_prepare_handshake_record( ssl ) ) != 0 ) return( ret ); + + return( 0 ); + } + + ssl->in_hslen = 0; + + /* + * Read the record header and parse it + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) +read_record_header: +#endif + if( ( ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_hdr_len( ssl ) ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); + return( ret ); + } + + if( ( ret = ssl_parse_record_header( ssl ) ) != 0 ) + { +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + /* Ignore bad record and get next one; drop the whole datagram + * since current header cannot be trusted to find the next record + * in current datagram */ + ssl->next_record_offset = 0; + ssl->in_left = 0; + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record (header)" ) ); + goto read_record_header; } +#endif + return( ret ); + } - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + /* + * Read and optionally decrypt the message contents + */ + if( ( ret = mbedtls_ssl_fetch_input( ssl, + mbedtls_ssl_hdr_len( ssl ) + ssl->in_msglen ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); + return( ret ); } - if( ssl->in_msgtype == SSL_MSG_HANDSHAKE ) + /* Done reading this record, get ready for the next one */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + ssl->next_record_offset = ssl->in_msglen + mbedtls_ssl_hdr_len( ssl ); + else +#endif + ssl->in_left = 0; + + if( ( ret = ssl_prepare_record_content( ssl ) ) != 0 ) { - ssl->in_hslen = 4; - ssl->in_hslen += ( ssl->in_msg[2] << 8 ) | ssl->in_msg[3]; +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + /* Silently discard invalid records */ + if( ret == MBEDTLS_ERR_SSL_INVALID_RECORD || + ret == MBEDTLS_ERR_SSL_INVALID_MAC ) + { +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) + if( ssl->conf->badmac_limit != 0 && + ++ssl->badmac_seen >= ssl->conf->badmac_limit ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "too many records with bad MAC" ) ); + return( MBEDTLS_ERR_SSL_INVALID_MAC ); + } +#endif - SSL_DEBUG_MSG( 3, ( "handshake message: msglen =" - " %d, type = %d, hslen = %d", - ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record (mac)" ) ); + goto read_record_header; + } - /* - * Additional checks to validate the handshake header - */ - if( ssl->in_msglen < 4 || ssl->in_msg[1] != 0 ) + return( ret ); + } + else +#endif { - SSL_DEBUG_MSG( 1, ( "bad handshake length" ) ); - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + /* Error out (and send alert) on invalid records */ +#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) + if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) + { + mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC ); + } +#endif + return( ret ); } + } - if( ssl->in_msglen < ssl->in_hslen ) + /* + * When we sent the last flight of the handshake, we MUST respond to a + * retransmit of the peer's previous flight with a retransmit. (In + * practice, only the Finished message will make it, other messages + * including CCS use the old transform so they're dropped as invalid.) + * + * If the record we received is not a handshake message, however, it + * means the peer received our last flight so we can clean up + * handshake info. + * + * This check needs to be done before prepare_handshake() due to an edge + * case: if the client immediately requests renegotiation, this + * finishes the current handshake first, avoiding the new ClientHello + * being mistaken for an ancient message in the current handshake. + */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake != NULL && + ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) + { + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "received retransmit of last flight" ) ); + + if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret ); + return( ret ); + } + + return( MBEDTLS_ERR_SSL_WANT_READ ); + } + else { - SSL_DEBUG_MSG( 1, ( "bad handshake length" ) ); - return( POLARSSL_ERR_SSL_INVALID_RECORD ); + ssl_handshake_wrapup_free_hs_transform( ssl ); } + } +#endif - if( ssl->state != SSL_HANDSHAKE_OVER ) - ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen ); + /* + * Handle particular types of records + */ + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) + { + if( ( ret = ssl_prepare_handshake_record( ssl ) ) != 0 ) + return( ret ); } - if( ssl->in_msgtype == SSL_MSG_ALERT ) + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT ) { - SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%d:%d]", + MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%d:%d]", ssl->in_msg[0], ssl->in_msg[1] ) ); /* * Ignore non-fatal alerts, except close_notify */ - if( ssl->in_msg[0] == SSL_ALERT_LEVEL_FATAL ) + if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_FATAL ) { - SSL_DEBUG_MSG( 1, ( "is a fatal alert message (msg %d)", + MBEDTLS_SSL_DEBUG_MSG( 1, ( "is a fatal alert message (msg %d)", ssl->in_msg[1] ) ); - return( POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE ); + return( MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE ); } - if( ssl->in_msg[0] == SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == SSL_ALERT_MSG_CLOSE_NOTIFY ) + if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) { - SSL_DEBUG_MSG( 2, ( "is a close notify message" ) ); - return( POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a close notify message" ) ); + return( MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ); } } - ssl->in_left = 0; - - SSL_DEBUG_MSG( 2, ( "<= read record" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read record" ) ); return( 0 ); } -int ssl_send_fatal_handshake_failure( ssl_context *ssl ) +int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ) { int ret; - if( ( ret = ssl_send_alert_message( ssl, - SSL_ALERT_LEVEL_FATAL, - SSL_ALERT_MSG_HANDSHAKE_FAILURE ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ) ) != 0 ) { return( ret ); } @@ -2448,26 +3695,26 @@ int ssl_send_fatal_handshake_failure( ssl_context *ssl ) return( 0 ); } -int ssl_send_alert_message( ssl_context *ssl, +int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, unsigned char level, unsigned char message ) { int ret; - SSL_DEBUG_MSG( 2, ( "=> send alert message" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> send alert message" ) ); - ssl->out_msgtype = SSL_MSG_ALERT; + ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT; ssl->out_msglen = 2; ssl->out_msg[0] = level; ssl->out_msg[1] = message; - if( ( ret = ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= send alert message" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= send alert message" ) ); return( 0 ); } @@ -2475,110 +3722,110 @@ int ssl_send_alert_message( ssl_context *ssl, /* * Handshake functions */ -#if !defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \ - !defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -int ssl_write_certificate( ssl_context *ssl ) +#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \ + !defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) { - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { - SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); ssl->state++; return( 0 ); } - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -int ssl_parse_certificate( ssl_context *ssl ) +int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) { - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { - SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); ssl->state++; return( 0 ); } - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } #else -int ssl_write_certificate( ssl_context *ssl ) +int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t i, n; - const x509_crt *crt; - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + const mbedtls_x509_crt *crt; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { - SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); ssl->state++; return( 0 ); } -#if defined(POLARSSL_SSL_CLI_C) - if( ssl->endpoint == SSL_IS_CLIENT ) +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) { if( ssl->client_auth == 0 ) { - SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); ssl->state++; return( 0 ); } -#if defined(POLARSSL_SSL_PROTO_SSL3) +#if defined(MBEDTLS_SSL_PROTO_SSL3) /* * If using SSLv3 and got no cert, send an Alert message * (otherwise an empty Certificate message will be sent). */ - if( ssl_own_cert( ssl ) == NULL && - ssl->minor_ver == SSL_MINOR_VERSION_0 ) + if( mbedtls_ssl_own_cert( ssl ) == NULL && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { ssl->out_msglen = 2; - ssl->out_msgtype = SSL_MSG_ALERT; - ssl->out_msg[0] = SSL_ALERT_LEVEL_WARNING; - ssl->out_msg[1] = SSL_ALERT_MSG_NO_CERT; + ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT; + ssl->out_msg[0] = MBEDTLS_SSL_ALERT_LEVEL_WARNING; + ssl->out_msg[1] = MBEDTLS_SSL_ALERT_MSG_NO_CERT; - SSL_DEBUG_MSG( 2, ( "got no certificate to send" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "got no certificate to send" ) ); goto write_msg; } -#endif /* POLARSSL_SSL_PROTO_SSL3 */ +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ } -#endif /* POLARSSL_SSL_CLI_C */ -#if defined(POLARSSL_SSL_SRV_C) - if( ssl->endpoint == SSL_IS_SERVER ) +#endif /* MBEDTLS_SSL_CLI_C */ +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { - if( ssl_own_cert( ssl ) == NULL ) + if( mbedtls_ssl_own_cert( ssl ) == NULL ) { - SSL_DEBUG_MSG( 1, ( "got no certificate to send" ) ); - return( POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no certificate to send" ) ); + return( MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED ); } } #endif - SSL_DEBUG_CRT( 3, "own certificate", ssl_own_cert( ssl ) ); + MBEDTLS_SSL_DEBUG_CRT( 3, "own certificate", mbedtls_ssl_own_cert( ssl ) ); /* * 0 . 0 handshake type @@ -2590,16 +3837,16 @@ int ssl_write_certificate( ssl_context *ssl ) * n+3 . ... upper level cert, etc. */ i = 7; - crt = ssl_own_cert( ssl ); + crt = mbedtls_ssl_own_cert( ssl ); while( crt != NULL ) { n = crt->raw.len; - if( n > SSL_MAX_CONTENT_LEN - 3 - i ) + if( n > MBEDTLS_SSL_MAX_CONTENT_LEN - 3 - i ) { - SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d", - i + 3 + n, SSL_MAX_CONTENT_LEN ) ); - return( POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d", + i + 3 + n, MBEDTLS_SSL_MAX_CONTENT_LEN ) ); + return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE ); } ssl->out_msg[i ] = (unsigned char)( n >> 16 ); @@ -2615,158 +3862,175 @@ int ssl_write_certificate( ssl_context *ssl ) ssl->out_msg[6] = (unsigned char)( ( i - 7 ) ); ssl->out_msglen = i; - ssl->out_msgtype = SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = SSL_HS_CERTIFICATE; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE; -#if defined(POLARSSL_SSL_PROTO_SSL3) +#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C) write_msg: #endif ssl->state++; - if( ( ret = ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= write certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate" ) ); return( ret ); } -int ssl_parse_certificate( ssl_context *ssl ) +int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t i, n; - const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + int authmode = ssl->conf->authmode; - SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { - SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); ssl->state++; return( 0 ); } -#if defined(POLARSSL_SSL_SRV_C) - if( ssl->endpoint == SSL_IS_SERVER && - ( ssl->authmode == SSL_VERIFY_NONE || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) ) +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + ssl->state++; + return( 0 ); + } + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) + authmode = ssl->handshake->sni_authmode; +#endif + + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + authmode == MBEDTLS_SSL_VERIFY_NONE ) { - ssl->session_negotiate->verify_result = BADCERT_SKIP_VERIFY; - SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_SKIP_VERIFY; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); ssl->state++; return( 0 ); } #endif - if( ( ret = ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); } ssl->state++; -#if defined(POLARSSL_SSL_SRV_C) -#if defined(POLARSSL_SSL_PROTO_SSL3) +#if defined(MBEDTLS_SSL_SRV_C) +#if defined(MBEDTLS_SSL_PROTO_SSL3) /* * Check if the client sent an empty certificate */ - if( ssl->endpoint == SSL_IS_SERVER && - ssl->minor_ver == SSL_MINOR_VERSION_0 ) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { if( ssl->in_msglen == 2 && - ssl->in_msgtype == SSL_MSG_ALERT && - ssl->in_msg[0] == SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == SSL_ALERT_MSG_NO_CERT ) + ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT && + ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT ) { - SSL_DEBUG_MSG( 1, ( "SSLv3 client has no certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "SSLv3 client has no certificate" ) ); - ssl->session_negotiate->verify_result = BADCERT_MISSING; - if( ssl->authmode == SSL_VERIFY_OPTIONAL ) + ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING; + if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL ) return( 0 ); else - return( POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE ); } } -#endif /* POLARSSL_SSL_PROTO_SSL3 */ +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->endpoint == SSL_IS_SERVER && - ssl->minor_ver != SSL_MINOR_VERSION_0 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) { - if( ssl->in_hslen == 7 && - ssl->in_msgtype == SSL_MSG_HANDSHAKE && - ssl->in_msg[0] == SSL_HS_CERTIFICATE && - memcmp( ssl->in_msg + 4, "\0\0\0", 3 ) == 0 ) + if( ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len( ssl ) && + ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE && + memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 ) { - SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) ); - ssl->session_negotiate->verify_result = BADCERT_MISSING; - if( ssl->authmode == SSL_VERIFY_REQUIRED ) - return( POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE ); - else + ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING; + if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL ) return( 0 ); + else + return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE ); } } -#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 || \ - POLARSSL_SSL_PROTO_TLS1_2 */ -#endif /* POLARSSL_SSL_SRV_C */ +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ + MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_SRV_C */ - if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) { - SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } - if( ssl->in_msg[0] != SSL_HS_CERTIFICATE || ssl->in_hslen < 10 ) + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE || + ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 3 + 3 ) { - SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); } + i = mbedtls_ssl_hs_hdr_len( ssl ); + /* - * Same message structure as in ssl_write_certificate() + * Same message structure as in mbedtls_ssl_write_certificate() */ - n = ( ssl->in_msg[5] << 8 ) | ssl->in_msg[6]; + n = ( ssl->in_msg[i+1] << 8 ) | ssl->in_msg[i+2]; - if( ssl->in_msg[4] != 0 || ssl->in_hslen != 7 + n ) + if( ssl->in_msg[i] != 0 || + ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len( ssl ) ) { - SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); } /* In case we tried to reuse a session but it failed */ if( ssl->session_negotiate->peer_cert != NULL ) { - x509_crt_free( ssl->session_negotiate->peer_cert ); - polarssl_free( ssl->session_negotiate->peer_cert ); + mbedtls_x509_crt_free( ssl->session_negotiate->peer_cert ); + mbedtls_free( ssl->session_negotiate->peer_cert ); } - if( ( ssl->session_negotiate->peer_cert = polarssl_malloc( - sizeof( x509_crt ) ) ) == NULL ) + if( ( ssl->session_negotiate->peer_cert = mbedtls_calloc( 1, + sizeof( mbedtls_x509_crt ) ) ) == NULL ) { - SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", - sizeof( x509_crt ) ) ); - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", + sizeof( mbedtls_x509_crt ) ) ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); } - x509_crt_init( ssl->session_negotiate->peer_cert ); + mbedtls_x509_crt_init( ssl->session_negotiate->peer_cert ); - i = 7; + i += 3; while( i < ssl->in_hslen ) { if( ssl->in_msg[i] != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); } n = ( (unsigned int) ssl->in_msg[i + 1] << 8 ) @@ -2775,35 +4039,35 @@ int ssl_parse_certificate( ssl_context *ssl ) if( n < 128 || i + n > ssl->in_hslen ) { - SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); } - ret = x509_crt_parse_der( ssl->session_negotiate->peer_cert, + ret = mbedtls_x509_crt_parse_der( ssl->session_negotiate->peer_cert, ssl->in_msg + i, n ); if( ret != 0 ) { - SSL_DEBUG_RET( 1, " x509_crt_parse_der", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, " mbedtls_x509_crt_parse_der", ret ); return( ret ); } i += n; } - SSL_DEBUG_CRT( 3, "peer certificate", ssl->session_negotiate->peer_cert ); + MBEDTLS_SSL_DEBUG_CRT( 3, "peer certificate", ssl->session_negotiate->peer_cert ); /* * On client, make sure the server cert doesn't change during renego to * avoid "triple handshake" attack: https://secure-resumption.com/ */ -#if defined(POLARSSL_SSL_RENEGOTIATION) && defined(POLARSSL_SSL_CLI_C) - if( ssl->endpoint == SSL_IS_CLIENT && - ssl->renegotiation == SSL_RENEGOTIATION ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) { if( ssl->session->peer_cert == NULL ) { - SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); } if( ssl->session->peer_cert->raw.len != @@ -2812,227 +4076,314 @@ int ssl_parse_certificate( ssl_context *ssl ) ssl->session_negotiate->peer_cert->raw.p, ssl->session->peer_cert->raw.len ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "server cert changed during renegotiation" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "server cert changed during renegotiation" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + } + } +#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */ + + if( authmode != MBEDTLS_SSL_VERIFY_NONE ) + { + mbedtls_x509_crt *ca_chain; + mbedtls_x509_crl *ca_crl; + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + if( ssl->handshake->sni_ca_chain != NULL ) + { + ca_chain = ssl->handshake->sni_ca_chain; + ca_crl = ssl->handshake->sni_ca_crl; + } + else +#endif + { + ca_chain = ssl->conf->ca_chain; + ca_crl = ssl->conf->ca_crl; } - } -#endif /* POLARSSL_SSL_RENEGOTIATION && POLARSSL_SSL_CLI_C */ - if( ssl->authmode != SSL_VERIFY_NONE ) - { - if( ssl->ca_chain == NULL ) + if( ca_chain == NULL ) { - SSL_DEBUG_MSG( 1, ( "got no CA chain" ) ); - return( POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no CA chain" ) ); + return( MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED ); } /* * Main check: verify certificate */ - ret = x509_crt_verify( ssl->session_negotiate->peer_cert, - ssl->ca_chain, ssl->ca_crl, ssl->peer_cn, - &ssl->session_negotiate->verify_result, - ssl->f_vrfy, ssl->p_vrfy ); + ret = mbedtls_x509_crt_verify_with_profile( + ssl->session_negotiate->peer_cert, + ca_chain, ca_crl, + ssl->conf->cert_profile, + ssl->hostname, + &ssl->session_negotiate->verify_result, + ssl->conf->f_vrfy, ssl->conf->p_vrfy ); if( ret != 0 ) { - SSL_DEBUG_RET( 1, "x509_verify_cert", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "x509_verify_cert", ret ); } /* * Secondary checks: always done, but change 'ret' only if it was 0 */ -#if defined(POLARSSL_SSL_SET_CURVES) +#if defined(MBEDTLS_ECP_C) { - pk_context *pk = &ssl->session_negotiate->peer_cert->pk; + const mbedtls_pk_context *pk = &ssl->session_negotiate->peer_cert->pk; /* If certificate uses an EC key, make sure the curve is OK */ - if( pk_can_do( pk, POLARSSL_PK_ECKEY ) && - ! ssl_curve_is_acceptable( ssl, pk_ec( *pk )->grp.id ) ) + if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) && + mbedtls_ssl_check_curve( ssl, mbedtls_pk_ec( *pk )->grp.id ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad certificate (EC key curve)" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (EC key curve)" ) ); if( ret == 0 ) - ret = POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE; + ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } } -#endif /* POLARSSL_SSL_SET_CURVES */ +#endif /* MBEDTLS_ECP_C */ - if( ssl_check_cert_usage( ssl->session_negotiate->peer_cert, + if( mbedtls_ssl_check_cert_usage( ssl->session_negotiate->peer_cert, ciphersuite_info, - ! ssl->endpoint, + ! ssl->conf->endpoint, &ssl->session_negotiate->verify_result ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) ); if( ret == 0 ) - ret = POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE; + ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } - if( ssl->authmode != SSL_VERIFY_REQUIRED ) + if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL ) ret = 0; } - SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) ); return( ret ); } -#endif /* !POLARSSL_KEY_EXCHANGE_RSA_ENABLED - !POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED - !POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED - !POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED - !POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - !POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED - !POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -int ssl_write_change_cipher_spec( ssl_context *ssl ) +#endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + !MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + !MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + !MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + !MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + !MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + !MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ + +int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ) { int ret; - SSL_DEBUG_MSG( 2, ( "=> write change cipher spec" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write change cipher spec" ) ); - ssl->out_msgtype = SSL_MSG_CHANGE_CIPHER_SPEC; + ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; ssl->out_msglen = 1; ssl->out_msg[0] = 1; ssl->state++; - if( ( ret = ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= write change cipher spec" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write change cipher spec" ) ); return( 0 ); } -int ssl_parse_change_cipher_spec( ssl_context *ssl ) +int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) { int ret; - SSL_DEBUG_MSG( 2, ( "=> parse change cipher spec" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse change cipher spec" ) ); - if( ( ret = ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); } - if( ssl->in_msgtype != SSL_MSG_CHANGE_CIPHER_SPEC ) + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) { - SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } if( ssl->in_msglen != 1 || ssl->in_msg[0] != 1 ) { - SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC ); + } + + /* + * Switch to our negotiated transform and session parameters for inbound + * data. + */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for inbound data" ) ); + ssl->transform_in = ssl->transform_negotiate; + ssl->session_in = ssl->session_negotiate; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + ssl_dtls_replay_reset( ssl ); +#endif + + /* Increment epoch */ + if( ++ssl->in_epoch == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); + return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + } + } + else +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + memset( ssl->in_ctr, 0, 8 ); + + /* + * Set the in_msg pointer to the correct location based on IV length + */ + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + { + ssl->in_msg = ssl->in_iv + ssl->transform_negotiate->ivlen - + ssl->transform_negotiate->fixed_ivlen; + } + else + ssl->in_msg = ssl->in_iv; + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_activate != NULL ) + { + if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_INBOUND ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + } } +#endif ssl->state++; - SSL_DEBUG_MSG( 2, ( "<= parse change cipher spec" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse change cipher spec" ) ); return( 0 ); } -void ssl_optimize_checksum( ssl_context *ssl, - const ssl_ciphersuite_t *ciphersuite_info ) +void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, + const mbedtls_ssl_ciphersuite_t *ciphersuite_info ) { ((void) ciphersuite_info); -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_1) - if( ssl->minor_ver < SSL_MINOR_VERSION_3 ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) ssl->handshake->update_checksum = ssl_update_checksum_md5sha1; else #endif -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#if defined(POLARSSL_SHA512_C) - if( ciphersuite_info->mac == POLARSSL_MD_SHA384 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA512_C) + if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) ssl->handshake->update_checksum = ssl_update_checksum_sha384; else #endif -#if defined(POLARSSL_SHA256_C) - if( ciphersuite_info->mac != POLARSSL_MD_SHA384 ) +#if defined(MBEDTLS_SHA256_C) + if( ciphersuite_info->mac != MBEDTLS_MD_SHA384 ) ssl->handshake->update_checksum = ssl_update_checksum_sha256; else #endif -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return; } } -static void ssl_update_checksum_start( ssl_context *ssl, +void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ) +{ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + mbedtls_md5_starts( &ssl->handshake->fin_md5 ); + mbedtls_sha1_starts( &ssl->handshake->fin_sha1 ); +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) + mbedtls_sha256_starts( &ssl->handshake->fin_sha256, 0 ); +#endif +#if defined(MBEDTLS_SHA512_C) + mbedtls_sha512_starts( &ssl->handshake->fin_sha512, 1 ); +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +} + +static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_1) - md5_update( &ssl->handshake->fin_md5 , buf, len ); - sha1_update( &ssl->handshake->fin_sha1, buf, len ); +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + mbedtls_md5_update( &ssl->handshake->fin_md5 , buf, len ); + mbedtls_sha1_update( &ssl->handshake->fin_sha1, buf, len ); #endif -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#if defined(POLARSSL_SHA256_C) - sha256_update( &ssl->handshake->fin_sha256, buf, len ); +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) + mbedtls_sha256_update( &ssl->handshake->fin_sha256, buf, len ); #endif -#if defined(POLARSSL_SHA512_C) - sha512_update( &ssl->handshake->fin_sha512, buf, len ); +#if defined(MBEDTLS_SHA512_C) + mbedtls_sha512_update( &ssl->handshake->fin_sha512, buf, len ); #endif -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ } -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_1) -static void ssl_update_checksum_md5sha1( ssl_context *ssl, +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) +static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { - md5_update( &ssl->handshake->fin_md5 , buf, len ); - sha1_update( &ssl->handshake->fin_sha1, buf, len ); + mbedtls_md5_update( &ssl->handshake->fin_md5 , buf, len ); + mbedtls_sha1_update( &ssl->handshake->fin_sha1, buf, len ); } #endif -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#if defined(POLARSSL_SHA256_C) -static void ssl_update_checksum_sha256( ssl_context *ssl, +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) +static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { - sha256_update( &ssl->handshake->fin_sha256, buf, len ); + mbedtls_sha256_update( &ssl->handshake->fin_sha256, buf, len ); } #endif -#if defined(POLARSSL_SHA512_C) -static void ssl_update_checksum_sha384( ssl_context *ssl, +#if defined(MBEDTLS_SHA512_C) +static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { - sha512_update( &ssl->handshake->fin_sha512, buf, len ); + mbedtls_sha512_update( &ssl->handshake->fin_sha512, buf, len ); } #endif -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(POLARSSL_SSL_PROTO_SSL3) +#if defined(MBEDTLS_SSL_PROTO_SSL3) static void ssl_calc_finished_ssl( - ssl_context *ssl, unsigned char *buf, int from ) + mbedtls_ssl_context *ssl, unsigned char *buf, int from ) { const char *sender; - md5_context md5; - sha1_context sha1; + mbedtls_md5_context md5; + mbedtls_sha1_context sha1; unsigned char padbuf[48]; unsigned char md5sum[16]; unsigned char sha1sum[20]; - ssl_session *session = ssl->session_negotiate; + mbedtls_ssl_session *session = ssl->session_negotiate; if( !session ) session = ssl->session; - SSL_DEBUG_MSG( 2, ( "=> calc finished ssl" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished ssl" ) ); + + mbedtls_md5_init( &md5 ); + mbedtls_sha1_init( &sha1 ); - memcpy( &md5 , &ssl->handshake->fin_md5 , sizeof(md5_context) ); - memcpy( &sha1, &ssl->handshake->fin_sha1, sizeof(sha1_context) ); + mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); + mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); /* * SSLv3: @@ -3043,76 +4394,79 @@ static void ssl_calc_finished_ssl( * SHA1( handshake + sender + master + pad1 ) ) */ -#if !defined(POLARSSL_MD5_ALT) - SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) +#if !defined(MBEDTLS_MD5_ALT) + MBEDTLS_SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) md5.state, sizeof( md5.state ) ); #endif -#if !defined(POLARSSL_SHA1_ALT) - SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) +#if !defined(MBEDTLS_SHA1_ALT) + MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) sha1.state, sizeof( sha1.state ) ); #endif - sender = ( from == SSL_IS_CLIENT ) ? "CLNT" + sender = ( from == MBEDTLS_SSL_IS_CLIENT ) ? "CLNT" : "SRVR"; memset( padbuf, 0x36, 48 ); - md5_update( &md5, (const unsigned char *) sender, 4 ); - md5_update( &md5, session->master, 48 ); - md5_update( &md5, padbuf, 48 ); - md5_finish( &md5, md5sum ); + mbedtls_md5_update( &md5, (const unsigned char *) sender, 4 ); + mbedtls_md5_update( &md5, session->master, 48 ); + mbedtls_md5_update( &md5, padbuf, 48 ); + mbedtls_md5_finish( &md5, md5sum ); - sha1_update( &sha1, (const unsigned char *) sender, 4 ); - sha1_update( &sha1, session->master, 48 ); - sha1_update( &sha1, padbuf, 40 ); - sha1_finish( &sha1, sha1sum ); + mbedtls_sha1_update( &sha1, (const unsigned char *) sender, 4 ); + mbedtls_sha1_update( &sha1, session->master, 48 ); + mbedtls_sha1_update( &sha1, padbuf, 40 ); + mbedtls_sha1_finish( &sha1, sha1sum ); memset( padbuf, 0x5C, 48 ); - md5_starts( &md5 ); - md5_update( &md5, session->master, 48 ); - md5_update( &md5, padbuf, 48 ); - md5_update( &md5, md5sum, 16 ); - md5_finish( &md5, buf ); + mbedtls_md5_starts( &md5 ); + mbedtls_md5_update( &md5, session->master, 48 ); + mbedtls_md5_update( &md5, padbuf, 48 ); + mbedtls_md5_update( &md5, md5sum, 16 ); + mbedtls_md5_finish( &md5, buf ); - sha1_starts( &sha1 ); - sha1_update( &sha1, session->master, 48 ); - sha1_update( &sha1, padbuf , 40 ); - sha1_update( &sha1, sha1sum, 20 ); - sha1_finish( &sha1, buf + 16 ); + mbedtls_sha1_starts( &sha1 ); + mbedtls_sha1_update( &sha1, session->master, 48 ); + mbedtls_sha1_update( &sha1, padbuf , 40 ); + mbedtls_sha1_update( &sha1, sha1sum, 20 ); + mbedtls_sha1_finish( &sha1, buf + 16 ); - SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 ); - md5_free( &md5 ); - sha1_free( &sha1 ); + mbedtls_md5_free( &md5 ); + mbedtls_sha1_free( &sha1 ); - polarssl_zeroize( padbuf, sizeof( padbuf ) ); - polarssl_zeroize( md5sum, sizeof( md5sum ) ); - polarssl_zeroize( sha1sum, sizeof( sha1sum ) ); + mbedtls_zeroize( padbuf, sizeof( padbuf ) ); + mbedtls_zeroize( md5sum, sizeof( md5sum ) ); + mbedtls_zeroize( sha1sum, sizeof( sha1sum ) ); - SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); } -#endif /* POLARSSL_SSL_PROTO_SSL3 */ +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) static void ssl_calc_finished_tls( - ssl_context *ssl, unsigned char *buf, int from ) + mbedtls_ssl_context *ssl, unsigned char *buf, int from ) { int len = 12; const char *sender; - md5_context md5; - sha1_context sha1; + mbedtls_md5_context md5; + mbedtls_sha1_context sha1; unsigned char padbuf[36]; - ssl_session *session = ssl->session_negotiate; + mbedtls_ssl_session *session = ssl->session_negotiate; if( !session ) session = ssl->session; - SSL_DEBUG_MSG( 2, ( "=> calc finished tls" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls" ) ); - memcpy( &md5 , &ssl->handshake->fin_md5 , sizeof(md5_context) ); - memcpy( &sha1, &ssl->handshake->fin_sha1, sizeof(sha1_context) ); + mbedtls_md5_init( &md5 ); + mbedtls_sha1_init( &sha1 ); + + mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); + mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); /* * TLSv1: @@ -3120,54 +4474,56 @@ static void ssl_calc_finished_tls( * MD5( handshake ) + SHA1( handshake ) )[0..11] */ -#if !defined(POLARSSL_MD5_ALT) - SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) +#if !defined(MBEDTLS_MD5_ALT) + MBEDTLS_SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) md5.state, sizeof( md5.state ) ); #endif -#if !defined(POLARSSL_SHA1_ALT) - SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) +#if !defined(MBEDTLS_SHA1_ALT) + MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) sha1.state, sizeof( sha1.state ) ); #endif - sender = ( from == SSL_IS_CLIENT ) + sender = ( from == MBEDTLS_SSL_IS_CLIENT ) ? "client finished" : "server finished"; - md5_finish( &md5, padbuf ); - sha1_finish( &sha1, padbuf + 16 ); + mbedtls_md5_finish( &md5, padbuf ); + mbedtls_sha1_finish( &sha1, padbuf + 16 ); ssl->handshake->tls_prf( session->master, 48, sender, padbuf, 36, buf, len ); - SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); - md5_free( &md5 ); - sha1_free( &sha1 ); + mbedtls_md5_free( &md5 ); + mbedtls_sha1_free( &sha1 ); - polarssl_zeroize( padbuf, sizeof( padbuf ) ); + mbedtls_zeroize( padbuf, sizeof( padbuf ) ); - SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); } -#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#if defined(POLARSSL_SHA256_C) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) static void ssl_calc_finished_tls_sha256( - ssl_context *ssl, unsigned char *buf, int from ) + mbedtls_ssl_context *ssl, unsigned char *buf, int from ) { int len = 12; const char *sender; - sha256_context sha256; + mbedtls_sha256_context sha256; unsigned char padbuf[32]; - ssl_session *session = ssl->session_negotiate; + mbedtls_ssl_session *session = ssl->session_negotiate; if( !session ) session = ssl->session; - SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha256" ) ); + mbedtls_sha256_init( &sha256 ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha256" ) ); - memcpy( &sha256, &ssl->handshake->fin_sha256, sizeof(sha256_context) ); + mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); /* * TLSv1.2: @@ -3175,46 +4531,48 @@ static void ssl_calc_finished_tls_sha256( * Hash( handshake ) )[0.11] */ -#if !defined(POLARSSL_SHA256_ALT) - SSL_DEBUG_BUF( 4, "finished sha2 state", (unsigned char *) +#if !defined(MBEDTLS_SHA256_ALT) + MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha2 state", (unsigned char *) sha256.state, sizeof( sha256.state ) ); #endif - sender = ( from == SSL_IS_CLIENT ) + sender = ( from == MBEDTLS_SSL_IS_CLIENT ) ? "client finished" : "server finished"; - sha256_finish( &sha256, padbuf ); + mbedtls_sha256_finish( &sha256, padbuf ); ssl->handshake->tls_prf( session->master, 48, sender, padbuf, 32, buf, len ); - SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); - sha256_free( &sha256 ); + mbedtls_sha256_free( &sha256 ); - polarssl_zeroize( padbuf, sizeof( padbuf ) ); + mbedtls_zeroize( padbuf, sizeof( padbuf ) ); - SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); } -#endif /* POLARSSL_SHA256_C */ +#endif /* MBEDTLS_SHA256_C */ -#if defined(POLARSSL_SHA512_C) +#if defined(MBEDTLS_SHA512_C) static void ssl_calc_finished_tls_sha384( - ssl_context *ssl, unsigned char *buf, int from ) + mbedtls_ssl_context *ssl, unsigned char *buf, int from ) { int len = 12; const char *sender; - sha512_context sha512; + mbedtls_sha512_context sha512; unsigned char padbuf[48]; - ssl_session *session = ssl->session_negotiate; + mbedtls_ssl_session *session = ssl->session_negotiate; if( !session ) session = ssl->session; - SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha384" ) ); + mbedtls_sha512_init( &sha512 ); - memcpy( &sha512, &ssl->handshake->fin_sha512, sizeof(sha512_context) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha384" ) ); + + mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); /* * TLSv1.2: @@ -3222,73 +4580,83 @@ static void ssl_calc_finished_tls_sha384( * Hash( handshake ) )[0.11] */ -#if !defined(POLARSSL_SHA512_ALT) - SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *) +#if !defined(MBEDTLS_SHA512_ALT) + MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *) sha512.state, sizeof( sha512.state ) ); #endif - sender = ( from == SSL_IS_CLIENT ) + sender = ( from == MBEDTLS_SSL_IS_CLIENT ) ? "client finished" : "server finished"; - sha512_finish( &sha512, padbuf ); + mbedtls_sha512_finish( &sha512, padbuf ); ssl->handshake->tls_prf( session->master, 48, sender, padbuf, 48, buf, len ); - SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); - sha512_free( &sha512 ); + mbedtls_sha512_free( &sha512 ); - polarssl_zeroize( padbuf, sizeof( padbuf ) ); + mbedtls_zeroize( padbuf, sizeof( padbuf ) ); - SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); } -#endif /* POLARSSL_SHA512_C */ -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -void ssl_handshake_wrapup( ssl_context *ssl ) +static void ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ) { - int resume = ssl->handshake->resume; - - SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup: final free" ) ); /* * Free our handshake params */ - ssl_handshake_free( ssl->handshake ); - polarssl_free( ssl->handshake ); + mbedtls_ssl_handshake_free( ssl->handshake ); + mbedtls_free( ssl->handshake ); ssl->handshake = NULL; -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->renegotiation == SSL_RENEGOTIATION ) - { - ssl->renegotiation = SSL_RENEGOTIATION_DONE; - ssl->renego_records_seen = 0; - } -#endif - /* - * Switch in our now active transform context + * Free the previous transform and swith in the current one */ if( ssl->transform ) { - ssl_transform_free( ssl->transform ); - polarssl_free( ssl->transform ); + mbedtls_ssl_transform_free( ssl->transform ); + mbedtls_free( ssl->transform ); } ssl->transform = ssl->transform_negotiate; ssl->transform_negotiate = NULL; + MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup: final free" ) ); +} + +void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ) +{ + int resume = ssl->handshake->resume; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) ); + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) + { + ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_DONE; + ssl->renego_records_seen = 0; + } +#endif + + /* + * Free the previous session and switch in the current one + */ if( ssl->session ) { -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) /* RFC 7366 3.1: keep the EtM state */ ssl->session_negotiate->encrypt_then_mac = ssl->session->encrypt_then_mac; #endif - ssl_session_free( ssl->session ); - polarssl_free( ssl->session ); + mbedtls_ssl_session_free( ssl->session ); + mbedtls_free( ssl->session ); } ssl->session = ssl->session_negotiate; ssl->session_negotiate = NULL; @@ -3296,29 +4664,44 @@ void ssl_handshake_wrapup( ssl_context *ssl ) /* * Add cache entry */ - if( ssl->f_set_cache != NULL && - ssl->session->length != 0 && + if( ssl->conf->f_set_cache != NULL && + ssl->session->id_len != 0 && resume == 0 ) { - if( ssl->f_set_cache( ssl->p_set_cache, ssl->session ) != 0 ) - SSL_DEBUG_MSG( 1, ( "cache did not store session" ) ); + if( ssl->conf->f_set_cache( ssl->conf->p_cache, ssl->session ) != 0 ) + MBEDTLS_SSL_DEBUG_MSG( 1, ( "cache did not store session" ) ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->flight != NULL ) + { + /* Cancel handshake timer */ + ssl_set_timer( ssl, 0 ); + + /* Keep last flight around in case we need to resend it: + * we need the handshake and transform structures for that */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip freeing handshake and transform" ) ); } + else +#endif + ssl_handshake_wrapup_free_hs_transform( ssl ); ssl->state++; - SSL_DEBUG_MSG( 3, ( "<= handshake wrapup" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup" ) ); } -int ssl_write_finished( ssl_context *ssl ) +int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) { int ret, hash_len; - SSL_DEBUG_MSG( 2, ( "=> write finished" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write finished" ) ); /* * Set the out_msg pointer to the correct location based on IV length */ - if( ssl->minor_ver >= SSL_MINOR_VERSION_2 ) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) { ssl->out_msg = ssl->out_iv + ssl->transform_negotiate->ivlen - ssl->transform_negotiate->fixed_ivlen; @@ -3326,19 +4709,19 @@ int ssl_write_finished( ssl_context *ssl ) else ssl->out_msg = ssl->out_iv; - ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->endpoint ); + ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint ); // TODO TLS/1.2 Hash length is determined by cipher suite (Page 63) - hash_len = ( ssl->minor_ver == SSL_MINOR_VERSION_0 ) ? 36 : 12; + hash_len = ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) ? 36 : 12; -#if defined(POLARSSL_SSL_RENEGOTIATION) +#if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->verify_data_len = hash_len; memcpy( ssl->own_verify_data, ssl->out_msg + 4, hash_len ); #endif ssl->out_msglen = 4 + hash_len; - ssl->out_msgtype = SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = SSL_HS_FINISHED; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_FINISHED; /* * In case of session resuming, invert the client and server @@ -3346,13 +4729,13 @@ int ssl_write_finished( ssl_context *ssl ) */ if( ssl->handshake->resume != 0 ) { -#if defined(POLARSSL_SSL_CLI_C) - if( ssl->endpoint == SSL_IS_CLIENT ) - ssl->state = SSL_HANDSHAKE_WRAPUP; +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; #endif -#if defined(POLARSSL_SSL_SRV_C) - if( ssl->endpoint == SSL_IS_SERVER ) - ssl->state = SSL_CLIENT_CHANGE_CIPHER_SPEC; +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC; #endif } else @@ -3362,184 +4745,207 @@ int ssl_write_finished( ssl_context *ssl ) * Switch to our negotiated transform and session parameters for outbound * data. */ - SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + unsigned char i; + + /* Remember current epoch settings for resending */ + ssl->handshake->alt_transform_out = ssl->transform_out; + memcpy( ssl->handshake->alt_out_ctr, ssl->out_ctr, 8 ); + + /* Set sequence_number to zero */ + memset( ssl->out_ctr + 2, 0, 6 ); + + /* Increment epoch */ + for( i = 2; i > 0; i-- ) + if( ++ssl->out_ctr[i - 1] != 0 ) + break; + + /* The loop goes to its end iff the counter is wrapping */ + if( i == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); + return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + } + } + else +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + memset( ssl->out_ctr, 0, 8 ); + ssl->transform_out = ssl->transform_negotiate; ssl->session_out = ssl->session_negotiate; - memset( ssl->out_ctr, 0, 8 ); -#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) - if( ssl_hw_record_activate != NULL ) +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_activate != NULL ) { - if( ( ret = ssl_hw_record_activate( ssl, SSL_CHANNEL_OUTBOUND ) ) != 0 ) + if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_hw_record_activate", ret ); - return( POLARSSL_ERR_SSL_HW_ACCEL_FAILED ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } } #endif - if( ( ret = ssl_write_record( ssl ) ) != 0 ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_send_flight_completed( ssl ); +#endif + + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= write finished" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write finished" ) ); return( 0 ); } -int ssl_parse_finished( ssl_context *ssl ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) +#define SSL_MAX_HASH_LEN 36 +#else +#define SSL_MAX_HASH_LEN 12 +#endif + +int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) { int ret; unsigned int hash_len; - unsigned char buf[36]; - - SSL_DEBUG_MSG( 2, ( "=> parse finished" ) ); - - ssl->handshake->calc_finished( ssl, buf, ssl->endpoint ^ 1 ); - - /* - * Switch to our negotiated transform and session parameters for inbound - * data. - */ - SSL_DEBUG_MSG( 3, ( "switching to new transform spec for inbound data" ) ); - ssl->transform_in = ssl->transform_negotiate; - ssl->session_in = ssl->session_negotiate; - memset( ssl->in_ctr, 0, 8 ); + unsigned char buf[SSL_MAX_HASH_LEN]; - /* - * Set the in_msg pointer to the correct location based on IV length - */ - if( ssl->minor_ver >= SSL_MINOR_VERSION_2 ) - { - ssl->in_msg = ssl->in_iv + ssl->transform_negotiate->ivlen - - ssl->transform_negotiate->fixed_ivlen; - } - else - ssl->in_msg = ssl->in_iv; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) ); -#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) - if( ssl_hw_record_activate != NULL ) - { - if( ( ret = ssl_hw_record_activate( ssl, SSL_CHANNEL_INBOUND ) ) != 0 ) - { - SSL_DEBUG_RET( 1, "ssl_hw_record_activate", ret ); - return( POLARSSL_ERR_SSL_HW_ACCEL_FAILED ); - } - } -#endif + ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 ); - if( ( ret = ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); } - if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) { - SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } - // TODO TLS/1.2 Hash length is determined by cipher suite (Page 63) - hash_len = ( ssl->minor_ver == SSL_MINOR_VERSION_0 ) ? 36 : 12; + /* There is currently no ciphersuite using another length with TLS 1.2 */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + hash_len = 36; + else +#endif + hash_len = 12; - if( ssl->in_msg[0] != SSL_HS_FINISHED || - ssl->in_hslen != 4 + hash_len ) + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len ) { - SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_FINISHED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); } - if( safer_memcmp( ssl->in_msg + 4, buf, hash_len ) != 0 ) + if( mbedtls_ssl_safer_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), + buf, hash_len ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_FINISHED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); + return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); } -#if defined(POLARSSL_SSL_RENEGOTIATION) +#if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->verify_data_len = hash_len; memcpy( ssl->peer_verify_data, buf, hash_len ); #endif if( ssl->handshake->resume != 0 ) { -#if defined(POLARSSL_SSL_CLI_C) - if( ssl->endpoint == SSL_IS_CLIENT ) - ssl->state = SSL_CLIENT_CHANGE_CIPHER_SPEC; +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC; #endif -#if defined(POLARSSL_SSL_SRV_C) - if( ssl->endpoint == SSL_IS_SERVER ) - ssl->state = SSL_HANDSHAKE_WRAPUP; +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; #endif } else ssl->state++; - SSL_DEBUG_MSG( 2, ( "<= parse finished" ) ); +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + mbedtls_ssl_recv_flight_completed( ssl ); +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) ); return( 0 ); } -static void ssl_handshake_params_init( ssl_handshake_params *handshake ) +static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) { - memset( handshake, 0, sizeof( ssl_handshake_params ) ); - -#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_1) - md5_init( &handshake->fin_md5 ); - sha1_init( &handshake->fin_sha1 ); - md5_starts( &handshake->fin_md5 ); - sha1_starts( &handshake->fin_sha1 ); + memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) ); + +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + mbedtls_md5_init( &handshake->fin_md5 ); + mbedtls_sha1_init( &handshake->fin_sha1 ); + mbedtls_md5_starts( &handshake->fin_md5 ); + mbedtls_sha1_starts( &handshake->fin_sha1 ); #endif -#if defined(POLARSSL_SSL_PROTO_TLS1_2) -#if defined(POLARSSL_SHA256_C) - sha256_init( &handshake->fin_sha256 ); - sha256_starts( &handshake->fin_sha256, 0 ); +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) + mbedtls_sha256_init( &handshake->fin_sha256 ); + mbedtls_sha256_starts( &handshake->fin_sha256, 0 ); #endif -#if defined(POLARSSL_SHA512_C) - sha512_init( &handshake->fin_sha512 ); - sha512_starts( &handshake->fin_sha512, 1 ); +#if defined(MBEDTLS_SHA512_C) + mbedtls_sha512_init( &handshake->fin_sha512 ); + mbedtls_sha512_starts( &handshake->fin_sha512, 1 ); #endif -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ handshake->update_checksum = ssl_update_checksum_start; - handshake->sig_alg = SSL_HASH_SHA1; + handshake->sig_alg = MBEDTLS_SSL_HASH_SHA1; -#if defined(POLARSSL_DHM_C) - dhm_init( &handshake->dhm_ctx ); +#if defined(MBEDTLS_DHM_C) + mbedtls_dhm_init( &handshake->dhm_ctx ); #endif -#if defined(POLARSSL_ECDH_C) - ecdh_init( &handshake->ecdh_ctx ); +#if defined(MBEDTLS_ECDH_C) + mbedtls_ecdh_init( &handshake->ecdh_ctx ); +#endif + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + handshake->sni_authmode = MBEDTLS_SSL_VERIFY_UNSET; #endif } -static void ssl_transform_init( ssl_transform *transform ) +static void ssl_transform_init( mbedtls_ssl_transform *transform ) { - memset( transform, 0, sizeof(ssl_transform) ); + memset( transform, 0, sizeof(mbedtls_ssl_transform) ); - cipher_init( &transform->cipher_ctx_enc ); - cipher_init( &transform->cipher_ctx_dec ); + mbedtls_cipher_init( &transform->cipher_ctx_enc ); + mbedtls_cipher_init( &transform->cipher_ctx_dec ); - md_init( &transform->md_ctx_enc ); - md_init( &transform->md_ctx_dec ); + mbedtls_md_init( &transform->md_ctx_enc ); + mbedtls_md_init( &transform->md_ctx_dec ); } -void ssl_session_init( ssl_session *session ) +void mbedtls_ssl_session_init( mbedtls_ssl_session *session ) { - memset( session, 0, sizeof(ssl_session) ); + memset( session, 0, sizeof(mbedtls_ssl_session) ); } -static int ssl_handshake_init( ssl_context *ssl ) +static int ssl_handshake_init( mbedtls_ssl_context *ssl ) { /* Clear old handshake information if present */ if( ssl->transform_negotiate ) - ssl_transform_free( ssl->transform_negotiate ); + mbedtls_ssl_transform_free( ssl->transform_negotiate ); if( ssl->session_negotiate ) - ssl_session_free( ssl->session_negotiate ); + mbedtls_ssl_session_free( ssl->session_negotiate ); if( ssl->handshake ) - ssl_handshake_free( ssl->handshake ); + mbedtls_ssl_handshake_free( ssl->handshake ); /* * Either the pointers are now NULL or cleared properly and can be freed. @@ -3547,17 +4953,17 @@ static int ssl_handshake_init( ssl_context *ssl ) */ if( ssl->transform_negotiate == NULL ) { - ssl->transform_negotiate = polarssl_malloc( sizeof(ssl_transform) ); + ssl->transform_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_transform) ); } if( ssl->session_negotiate == NULL ) { - ssl->session_negotiate = polarssl_malloc( sizeof(ssl_session) ); + ssl->session_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_session) ); } if( ssl->handshake == NULL ) { - ssl->handshake = polarssl_malloc( sizeof(ssl_handshake_params) ); + ssl->handshake = mbedtls_calloc( 1, sizeof(mbedtls_ssl_handshake_params) ); } /* All pointers should exist and can be directly freed without issue */ @@ -3565,106 +4971,131 @@ static int ssl_handshake_init( ssl_context *ssl ) ssl->transform_negotiate == NULL || ssl->session_negotiate == NULL ) { - SSL_DEBUG_MSG( 1, ( "malloc() of ssl sub-contexts failed" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc() of ssl sub-contexts failed" ) ); - polarssl_free( ssl->handshake ); - polarssl_free( ssl->transform_negotiate ); - polarssl_free( ssl->session_negotiate ); + mbedtls_free( ssl->handshake ); + mbedtls_free( ssl->transform_negotiate ); + mbedtls_free( ssl->session_negotiate ); ssl->handshake = NULL; ssl->transform_negotiate = NULL; ssl->session_negotiate = NULL; - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); } /* Initialize structures */ - ssl_session_init( ssl->session_negotiate ); + mbedtls_ssl_session_init( ssl->session_negotiate ); ssl_transform_init( ssl->transform_negotiate ); ssl_handshake_params_init( ssl->handshake ); -#if defined(POLARSSL_X509_CRT_PARSE_C) - ssl->handshake->key_cert = ssl->key_cert; +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->handshake->alt_transform_out = ssl->transform_out; + + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; + else + ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; + + ssl_set_timer( ssl, 0 ); + } #endif return( 0 ); } -/* - * Initialize an SSL context - */ -int ssl_init( ssl_context *ssl ) +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) +/* Dummy cookie callbacks for defaults */ +static int ssl_cookie_write_dummy( void *ctx, + unsigned char **p, unsigned char *end, + const unsigned char *cli_id, size_t cli_id_len ) { - int ret; - int len = SSL_BUFFER_LEN; + ((void) ctx); + ((void) p); + ((void) end); + ((void) cli_id); + ((void) cli_id_len); - memset( ssl, 0, sizeof( ssl_context ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} - /* - * Sane defaults - */ - ssl->min_major_ver = SSL_MIN_MAJOR_VERSION; - ssl->min_minor_ver = SSL_MIN_MINOR_VERSION; - ssl->max_major_ver = SSL_MAX_MAJOR_VERSION; - ssl->max_minor_ver = SSL_MAX_MINOR_VERSION; +static int ssl_cookie_check_dummy( void *ctx, + const unsigned char *cookie, size_t cookie_len, + const unsigned char *cli_id, size_t cli_id_len ) +{ + ((void) ctx); + ((void) cookie); + ((void) cookie_len); + ((void) cli_id); + ((void) cli_id_len); - ssl_set_ciphersuites( ssl, ssl_list_ciphersuites() ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +} +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ -#if defined(POLARSSL_SSL_RENEGOTIATION) - ssl->renego_max_records = SSL_RENEGO_MAX_RECORDS_DEFAULT; - memset( ssl->renego_period, 0xFF, 7 ); - ssl->renego_period[7] = 0x00; -#endif +/* + * Initialize an SSL context + */ +void mbedtls_ssl_init( mbedtls_ssl_context *ssl ) +{ + memset( ssl, 0, sizeof( mbedtls_ssl_context ) ); +} -#if defined(POLARSSL_DHM_C) - if( ( ret = mpi_read_string( &ssl->dhm_P, 16, - POLARSSL_DHM_RFC5114_MODP_2048_P) ) != 0 || - ( ret = mpi_read_string( &ssl->dhm_G, 16, - POLARSSL_DHM_RFC5114_MODP_2048_G) ) != 0 ) - { - SSL_DEBUG_RET( 1, "mpi_read_string", ret ); - return( ret ); - } -#endif +/* + * Setup an SSL context + */ +int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, + const mbedtls_ssl_config *conf ) +{ + int ret; + const size_t len = MBEDTLS_SSL_BUFFER_LEN; + + ssl->conf = conf; /* * Prepare base structures */ - if( ( ssl->in_ctr = polarssl_malloc( len ) ) == NULL || - ( ssl->out_ctr = polarssl_malloc( len ) ) == NULL ) + if( ( ssl-> in_buf = mbedtls_calloc( 1, len ) ) == NULL || + ( ssl->out_buf = mbedtls_calloc( 1, len ) ) == NULL ) { - SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len ) ); - polarssl_free( ssl->in_ctr ); - ssl->in_ctr = NULL; - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", len ) ); + mbedtls_free( ssl->in_buf ); + ssl->in_buf = NULL; + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); } - memset( ssl-> in_ctr, 0, SSL_BUFFER_LEN ); - memset( ssl->out_ctr, 0, SSL_BUFFER_LEN ); - - ssl->in_hdr = ssl->in_ctr + 8; - ssl->in_iv = ssl->in_ctr + 13; - ssl->in_msg = ssl->in_ctr + 13; - - ssl->out_hdr = ssl->out_ctr + 8; - ssl->out_iv = ssl->out_ctr + 13; - ssl->out_msg = ssl->out_ctr + 13; - -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) - ssl->encrypt_then_mac = SSL_ETM_ENABLED; -#endif - -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) - ssl->extended_ms = SSL_EXTENDED_MS_ENABLED; -#endif +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->out_hdr = ssl->out_buf; + ssl->out_ctr = ssl->out_buf + 3; + ssl->out_len = ssl->out_buf + 11; + ssl->out_iv = ssl->out_buf + 13; + ssl->out_msg = ssl->out_buf + 13; -#if defined(POLARSSL_SSL_SESSION_TICKETS) - ssl->ticket_lifetime = SSL_DEFAULT_TICKET_LIFETIME; + ssl->in_hdr = ssl->in_buf; + ssl->in_ctr = ssl->in_buf + 3; + ssl->in_len = ssl->in_buf + 11; + ssl->in_iv = ssl->in_buf + 13; + ssl->in_msg = ssl->in_buf + 13; + } + else #endif + { + ssl->out_ctr = ssl->out_buf; + ssl->out_hdr = ssl->out_buf + 8; + ssl->out_len = ssl->out_buf + 11; + ssl->out_iv = ssl->out_buf + 13; + ssl->out_msg = ssl->out_buf + 13; -#if defined(POLARSSL_SSL_SET_CURVES) - ssl->curve_list = ecp_grp_id_list( ); -#endif + ssl->in_ctr = ssl->in_buf; + ssl->in_hdr = ssl->in_buf + 8; + ssl->in_len = ssl->in_buf + 11; + ssl->in_iv = ssl->in_buf + 13; + ssl->in_msg = ssl->in_buf + 13; + } if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) return( ret ); @@ -3676,224 +5107,219 @@ int ssl_init( ssl_context *ssl ) * Reset an initialized and used SSL context for re-use while retaining * all application-set variables, function pointers and data. */ -int ssl_session_reset( ssl_context *ssl ) +int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ) { int ret; - ssl->state = SSL_HELLO_REQUEST; + ssl->state = MBEDTLS_SSL_HELLO_REQUEST; + + /* Cancel any possibly running timer */ + ssl_set_timer( ssl, 0 ); -#if defined(POLARSSL_SSL_RENEGOTIATION) - ssl->renegotiation = SSL_INITIAL_HANDSHAKE; +#if defined(MBEDTLS_SSL_RENEGOTIATION) + ssl->renego_status = MBEDTLS_SSL_INITIAL_HANDSHAKE; ssl->renego_records_seen = 0; ssl->verify_data_len = 0; - memset( ssl->own_verify_data, 0, SSL_VERIFY_DATA_MAX_LEN ); - memset( ssl->peer_verify_data, 0, SSL_VERIFY_DATA_MAX_LEN ); + memset( ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); + memset( ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); #endif - ssl->secure_renegotiation = SSL_LEGACY_RENEGOTIATION; + ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION; ssl->in_offt = NULL; - ssl->in_msg = ssl->in_ctr + 13; + ssl->in_msg = ssl->in_buf + 13; ssl->in_msgtype = 0; ssl->in_msglen = 0; ssl->in_left = 0; +#if defined(MBEDTLS_SSL_PROTO_DTLS) + ssl->next_record_offset = 0; + ssl->in_epoch = 0; +#endif +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + ssl_dtls_replay_reset( ssl ); +#endif ssl->in_hslen = 0; ssl->nb_zero = 0; ssl->record_read = 0; - ssl->out_msg = ssl->out_ctr + 13; + ssl->out_msg = ssl->out_buf + 13; ssl->out_msgtype = 0; ssl->out_msglen = 0; ssl->out_left = 0; -#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) - if( ssl->split_done != SSL_CBC_RECORD_SPLITTING_DISABLED ) +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + if( ssl->split_done != MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ) ssl->split_done = 0; #endif ssl->transform_in = NULL; ssl->transform_out = NULL; - memset( ssl->out_ctr, 0, SSL_BUFFER_LEN ); - memset( ssl->in_ctr, 0, SSL_BUFFER_LEN ); + memset( ssl->out_buf, 0, MBEDTLS_SSL_BUFFER_LEN ); + memset( ssl->in_buf, 0, MBEDTLS_SSL_BUFFER_LEN ); -#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) - if( ssl_hw_record_reset != NULL ) +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_reset != NULL ) { - SSL_DEBUG_MSG( 2, ( "going for ssl_hw_record_reset()" ) ); - if( ( ret = ssl_hw_record_reset( ssl ) ) != 0 ) + MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_reset()" ) ); + if( ( ret = mbedtls_ssl_hw_record_reset( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_hw_record_reset", ret ); - return( POLARSSL_ERR_SSL_HW_ACCEL_FAILED ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_reset", ret ); + return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); } } #endif if( ssl->transform ) { - ssl_transform_free( ssl->transform ); - polarssl_free( ssl->transform ); + mbedtls_ssl_transform_free( ssl->transform ); + mbedtls_free( ssl->transform ); ssl->transform = NULL; } if( ssl->session ) { - ssl_session_free( ssl->session ); - polarssl_free( ssl->session ); + mbedtls_ssl_session_free( ssl->session ); + mbedtls_free( ssl->session ); ssl->session = NULL; } -#if defined(POLARSSL_SSL_ALPN) +#if defined(MBEDTLS_SSL_ALPN) ssl->alpn_chosen = NULL; #endif +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) + mbedtls_free( ssl->cli_id ); + ssl->cli_id = NULL; + ssl->cli_id_len = 0; +#endif + if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) return( ret ); return( 0 ); } -#if defined(POLARSSL_SSL_SESSION_TICKETS) -static void ssl_ticket_keys_free( ssl_ticket_keys *tkeys ) -{ - aes_free( &tkeys->enc ); - aes_free( &tkeys->dec ); - - polarssl_zeroize( tkeys, sizeof(ssl_ticket_keys) ); -} - /* - * Allocate and initialize ticket keys + * SSL set accessors */ -static int ssl_ticket_keys_init( ssl_context *ssl ) +void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ) { - int ret; - ssl_ticket_keys *tkeys; - unsigned char buf[16]; - - if( ssl->ticket_keys != NULL ) - return( 0 ); - - tkeys = polarssl_malloc( sizeof(ssl_ticket_keys) ); - if( tkeys == NULL ) - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); - - aes_init( &tkeys->enc ); - aes_init( &tkeys->dec ); - - if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->key_name, 16 ) ) != 0 ) - { - ssl_ticket_keys_free( tkeys ); - polarssl_free( tkeys ); - return( ret ); - } - - if( ( ret = ssl->f_rng( ssl->p_rng, buf, 16 ) ) != 0 || - ( ret = aes_setkey_enc( &tkeys->enc, buf, 128 ) ) != 0 || - ( ret = aes_setkey_dec( &tkeys->dec, buf, 128 ) ) != 0 ) - { - ssl_ticket_keys_free( tkeys ); - polarssl_free( tkeys ); - return( ret ); - } - - if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->mac_key, 16 ) ) != 0 ) - { - ssl_ticket_keys_free( tkeys ); - polarssl_free( tkeys ); - return( ret ); - } - - ssl->ticket_keys = tkeys; - - return( 0 ); + conf->endpoint = endpoint; } -#endif /* POLARSSL_SSL_SESSION_TICKETS */ -/* - * SSL set accessors - */ -void ssl_set_endpoint( ssl_context *ssl, int endpoint ) +void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ) { - ssl->endpoint = endpoint; + conf->transport = transport; +} -#if defined(POLARSSL_SSL_SESSION_TICKETS) && \ - defined(POLARSSL_SSL_CLI_C) - if( endpoint == SSL_IS_CLIENT ) - ssl->session_tickets = SSL_SESSION_TICKETS_ENABLED; +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) +void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ) +{ + conf->anti_replay = mode; +} #endif -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) - if( endpoint == SSL_IS_SERVER ) - ssl->trunc_hmac = SSL_TRUNC_HMAC_ENABLED; +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) +void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ) +{ + conf->badmac_limit = limit; +} #endif + +#if defined(MBEDTLS_SSL_PROTO_DTLS) +void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max ) +{ + conf->hs_timeout_min = min; + conf->hs_timeout_max = max; } +#endif -void ssl_set_authmode( ssl_context *ssl, int authmode ) +void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ) { - ssl->authmode = authmode; + conf->authmode = authmode; } -#if defined(POLARSSL_X509_CRT_PARSE_C) -void ssl_set_verify( ssl_context *ssl, - int (*f_vrfy)(void *, x509_crt *, int, int *), +#if defined(MBEDTLS_X509_CRT_PARSE_C) +void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), void *p_vrfy ) { - ssl->f_vrfy = f_vrfy; - ssl->p_vrfy = p_vrfy; + conf->f_vrfy = f_vrfy; + conf->p_vrfy = p_vrfy; } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ -void ssl_set_rng( ssl_context *ssl, +void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - ssl->f_rng = f_rng; - ssl->p_rng = p_rng; + conf->f_rng = f_rng; + conf->p_rng = p_rng; } -void ssl_set_dbg( ssl_context *ssl, - void (*f_dbg)(void *, int, const char *), +void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, + void (*f_dbg)(void *, int, const char *, int, const char *), void *p_dbg ) { - ssl->f_dbg = f_dbg; - ssl->p_dbg = p_dbg; + conf->f_dbg = f_dbg; + conf->p_dbg = p_dbg; +} + +void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, + void *p_bio, + int (*f_send)(void *, const unsigned char *, size_t), + int (*f_recv)(void *, unsigned char *, size_t), + int (*f_recv_timeout)(void *, unsigned char *, size_t, uint32_t) ) +{ + ssl->p_bio = p_bio; + ssl->f_send = f_send; + ssl->f_recv = f_recv; + ssl->f_recv_timeout = f_recv_timeout; +} + +void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) +{ + conf->read_timeout = timeout; } -void ssl_set_bio( ssl_context *ssl, - int (*f_recv)(void *, unsigned char *, size_t), void *p_recv, - int (*f_send)(void *, const unsigned char *, size_t), void *p_send ) +void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, + void *p_timer, + void (*f_set_timer)(void *, uint32_t int_ms, uint32_t fin_ms), + int (*f_get_timer)(void *) ) { - ssl->f_recv = f_recv; - ssl->f_send = f_send; - ssl->p_recv = p_recv; - ssl->p_send = p_send; + ssl->p_timer = p_timer; + ssl->f_set_timer = f_set_timer; + ssl->f_get_timer = f_get_timer; + + /* Make sure we start with no timer running */ + ssl_set_timer( ssl, 0 ); } -#if defined(POLARSSL_SSL_SRV_C) -void ssl_set_session_cache( ssl_context *ssl, - int (*f_get_cache)(void *, ssl_session *), void *p_get_cache, - int (*f_set_cache)(void *, const ssl_session *), void *p_set_cache ) +#if defined(MBEDTLS_SSL_SRV_C) +void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, + void *p_cache, + int (*f_get_cache)(void *, mbedtls_ssl_session *), + int (*f_set_cache)(void *, const mbedtls_ssl_session *) ) { - ssl->f_get_cache = f_get_cache; - ssl->p_get_cache = p_get_cache; - ssl->f_set_cache = f_set_cache; - ssl->p_set_cache = p_set_cache; + conf->p_cache = p_cache; + conf->f_get_cache = f_get_cache; + conf->f_set_cache = f_set_cache; } -#endif /* POLARSSL_SSL_SRV_C */ +#endif /* MBEDTLS_SSL_SRV_C */ -#if defined(POLARSSL_SSL_CLI_C) -int ssl_set_session( ssl_context *ssl, const ssl_session *session ) +#if defined(MBEDTLS_SSL_CLI_C) +int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session ) { int ret; if( ssl == NULL || session == NULL || ssl->session_negotiate == NULL || - ssl->endpoint != SSL_IS_CLIENT ) + ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT ) { - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } if( ( ret = ssl_session_copy( ssl->session_negotiate, session ) ) != 0 ) @@ -3903,271 +5329,281 @@ int ssl_set_session( ssl_context *ssl, const ssl_session *session ) return( 0 ); } -#endif /* POLARSSL_SSL_CLI_C */ +#endif /* MBEDTLS_SSL_CLI_C */ -void ssl_set_ciphersuites( ssl_context *ssl, const int *ciphersuites ) +void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, + const int *ciphersuites ) { - ssl->ciphersuite_list[SSL_MINOR_VERSION_0] = ciphersuites; - ssl->ciphersuite_list[SSL_MINOR_VERSION_1] = ciphersuites; - ssl->ciphersuite_list[SSL_MINOR_VERSION_2] = ciphersuites; - ssl->ciphersuite_list[SSL_MINOR_VERSION_3] = ciphersuites; + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites; + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = ciphersuites; + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = ciphersuites; + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites; } -void ssl_set_ciphersuites_for_version( ssl_context *ssl, +void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, const int *ciphersuites, int major, int minor ) { - if( major != SSL_MAJOR_VERSION_3 ) + if( major != MBEDTLS_SSL_MAJOR_VERSION_3 ) return; - if( minor < SSL_MINOR_VERSION_0 || minor > SSL_MINOR_VERSION_3 ) + if( minor < MBEDTLS_SSL_MINOR_VERSION_0 || minor > MBEDTLS_SSL_MINOR_VERSION_3 ) return; - ssl->ciphersuite_list[minor] = ciphersuites; + conf->ciphersuite_list[minor] = ciphersuites; +} + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, + mbedtls_x509_crt_profile *profile ) +{ + conf->cert_profile = profile; } -#if defined(POLARSSL_X509_CRT_PARSE_C) -/* Add a new (empty) key_cert entry an return a pointer to it */ -static ssl_key_cert *ssl_add_key_cert( ssl_context *ssl ) +/* Append a new keycert entry to a (possibly empty) list */ +static int ssl_append_key_cert( mbedtls_ssl_key_cert **head, + mbedtls_x509_crt *cert, + mbedtls_pk_context *key ) { - ssl_key_cert *key_cert, *last; + mbedtls_ssl_key_cert *new; - key_cert = polarssl_malloc( sizeof(ssl_key_cert) ); - if( key_cert == NULL ) - return( NULL ); + new = mbedtls_calloc( 1, sizeof( mbedtls_ssl_key_cert ) ); + if( new == NULL ) + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - memset( key_cert, 0, sizeof( ssl_key_cert ) ); + new->cert = cert; + new->key = key; + new->next = NULL; - /* Append the new key_cert to the (possibly empty) current list */ - if( ssl->key_cert == NULL ) + /* Update head is the list was null, else add to the end */ + if( *head == NULL ) { - ssl->key_cert = key_cert; - if( ssl->handshake != NULL ) - ssl->handshake->key_cert = key_cert; + *head = new; } else { - last = ssl->key_cert; - while( last->next != NULL ) - last = last->next; - last->next = key_cert; + mbedtls_ssl_key_cert *cur = *head; + while( cur->next != NULL ) + cur = cur->next; + cur->next = new; } - return( key_cert ); + return( 0 ); } -void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain, - x509_crl *ca_crl, const char *peer_cn ) +int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, + mbedtls_x509_crt *own_cert, + mbedtls_pk_context *pk_key ) { - ssl->ca_chain = ca_chain; - ssl->ca_crl = ca_crl; - ssl->peer_cn = peer_cn; + return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) ); } -int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert, - pk_context *pk_key ) +void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, + mbedtls_x509_crt *ca_chain, + mbedtls_x509_crl *ca_crl ) { - ssl_key_cert *key_cert = ssl_add_key_cert( ssl ); - - if( key_cert == NULL ) - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); - - key_cert->cert = own_cert; - key_cert->key = pk_key; - - return( 0 ); + conf->ca_chain = ca_chain; + conf->ca_crl = ca_crl; } +#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -#if defined(POLARSSL_RSA_C) -int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert, - rsa_context *rsa_key ) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *own_cert, + mbedtls_pk_context *pk_key ) { - int ret; - ssl_key_cert *key_cert = ssl_add_key_cert( ssl ); - - if( key_cert == NULL ) - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); - - key_cert->key = polarssl_malloc( sizeof(pk_context) ); - if( key_cert->key == NULL ) - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); - - pk_init( key_cert->key ); - - ret = pk_init_ctx( key_cert->key, pk_info_from_type( POLARSSL_PK_RSA ) ); - if( ret != 0 ) - return( ret ); - - if( ( ret = rsa_copy( pk_rsa( *key_cert->key ), rsa_key ) ) != 0 ) - return( ret ); + return( ssl_append_key_cert( &ssl->handshake->sni_key_cert, + own_cert, pk_key ) ); +} - key_cert->cert = own_cert; - key_cert->key_own_alloc = 1; +void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, + mbedtls_x509_crt *ca_chain, + mbedtls_x509_crl *ca_crl ) +{ + ssl->handshake->sni_ca_chain = ca_chain; + ssl->handshake->sni_ca_crl = ca_crl; +} - return( 0 ); +void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, + int authmode ) +{ + ssl->handshake->sni_authmode = authmode; } -#endif /* POLARSSL_RSA_C */ +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, - void *rsa_key, - rsa_decrypt_func rsa_decrypt, - rsa_sign_func rsa_sign, - rsa_key_len_func rsa_key_len ) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, + const unsigned char *psk, size_t psk_len, + const unsigned char *psk_identity, size_t psk_identity_len ) { - int ret; - ssl_key_cert *key_cert = ssl_add_key_cert( ssl ); + if( psk == NULL || psk_identity == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( key_cert == NULL ) - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + if( psk_len > MBEDTLS_PSK_MAX_LEN ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - key_cert->key = polarssl_malloc( sizeof(pk_context) ); - if( key_cert->key == NULL ) - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + if( conf->psk != NULL || conf->psk_identity != NULL ) + { + mbedtls_free( conf->psk ); + mbedtls_free( conf->psk_identity ); + } - pk_init( key_cert->key ); + if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL || + ( conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ) ) == NULL ) + { + mbedtls_free( conf->psk ); + conf->psk = NULL; + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } - if( ( ret = pk_init_ctx_rsa_alt( key_cert->key, rsa_key, - rsa_decrypt, rsa_sign, rsa_key_len ) ) != 0 ) - return( ret ); + conf->psk_len = psk_len; + conf->psk_identity_len = psk_identity_len; - key_cert->cert = own_cert; - key_cert->key_own_alloc = 1; + memcpy( conf->psk, psk, conf->psk_len ); + memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len ); return( 0 ); } -#endif /* POLARSSL_DEPRECATED_REMOVED */ -#endif /* POLARSSL_X509_CRT_PARSE_C */ -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) -int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len, - const unsigned char *psk_identity, size_t psk_identity_len ) +int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, + const unsigned char *psk, size_t psk_len ) { - if( psk == NULL || psk_identity == NULL ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + if( psk == NULL || ssl->handshake == NULL ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( psk_len > POLARSSL_PSK_MAX_LEN ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + if( psk_len > MBEDTLS_PSK_MAX_LEN ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( ssl->psk != NULL || ssl->psk_identity != NULL ) - { - polarssl_free( ssl->psk ); - polarssl_free( ssl->psk_identity ); - } + if( ssl->handshake->psk != NULL ) + mbedtls_free( ssl->conf->psk ); - if( ( ssl->psk = polarssl_malloc( psk_len ) ) == NULL || - ( ssl->psk_identity = polarssl_malloc( psk_identity_len ) ) == NULL ) + if( ( ssl->handshake->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) { - polarssl_free( ssl->psk ); - ssl->psk = NULL; - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + mbedtls_free( ssl->handshake->psk ); + ssl->handshake->psk = NULL; + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); } - ssl->psk_len = psk_len; - ssl->psk_identity_len = psk_identity_len; - - memcpy( ssl->psk, psk, ssl->psk_len ); - memcpy( ssl->psk_identity, psk_identity, ssl->psk_identity_len ); + ssl->handshake->psk_len = psk_len; + memcpy( ssl->handshake->psk, psk, ssl->handshake->psk_len ); return( 0 ); } -void ssl_set_psk_cb( ssl_context *ssl, - int (*f_psk)(void *, ssl_context *, const unsigned char *, +void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, + int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t), void *p_psk ) { - ssl->f_psk = f_psk; - ssl->p_psk = p_psk; + conf->f_psk = f_psk; + conf->p_psk = p_psk; } -#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ -#if defined(POLARSSL_DHM_C) -int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G ) +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) +int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G ) { int ret; - if( ( ret = mpi_read_string( &ssl->dhm_P, 16, dhm_P ) ) != 0 ) - { - SSL_DEBUG_RET( 1, "mpi_read_string", ret ); - return( ret ); - } - - if( ( ret = mpi_read_string( &ssl->dhm_G, 16, dhm_G ) ) != 0 ) + if( ( ret = mbedtls_mpi_read_string( &conf->dhm_P, 16, dhm_P ) ) != 0 || + ( ret = mbedtls_mpi_read_string( &conf->dhm_G, 16, dhm_G ) ) != 0 ) { - SSL_DEBUG_RET( 1, "mpi_read_string", ret ); + mbedtls_mpi_free( &conf->dhm_P ); + mbedtls_mpi_free( &conf->dhm_G ); return( ret ); } return( 0 ); } -int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx ) -{ - int ret; - - if( ( ret = mpi_copy( &ssl->dhm_P, &dhm_ctx->P ) ) != 0 ) - { - SSL_DEBUG_RET( 1, "mpi_copy", ret ); - return( ret ); - } - - if( ( ret = mpi_copy( &ssl->dhm_G, &dhm_ctx->G ) ) != 0 ) +int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ) +{ + int ret; + + if( ( ret = mbedtls_mpi_copy( &conf->dhm_P, &dhm_ctx->P ) ) != 0 || + ( ret = mbedtls_mpi_copy( &conf->dhm_G, &dhm_ctx->G ) ) != 0 ) { - SSL_DEBUG_RET( 1, "mpi_copy", ret ); + mbedtls_mpi_free( &conf->dhm_P ); + mbedtls_mpi_free( &conf->dhm_G ); return( ret ); } return( 0 ); } -#endif /* POLARSSL_DHM_C */ +#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) +/* + * Set the minimum length for Diffie-Hellman parameters + */ +void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, + unsigned int bitlen ) +{ + conf->dhm_min_bitlen = bitlen; +} +#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */ -#if defined(POLARSSL_SSL_SET_CURVES) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED) +/* + * Set allowed/preferred hashes for handshake signatures + */ +void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, + const int *hashes ) +{ + conf->sig_hashes = hashes; +} +#endif + +#if defined(MBEDTLS_ECP_C) /* * Set the allowed elliptic curves */ -void ssl_set_curves( ssl_context *ssl, const ecp_group_id *curve_list ) +void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, + const mbedtls_ecp_group_id *curve_list ) { - ssl->curve_list = curve_list; + conf->curve_list = curve_list; } #endif -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) -int ssl_set_hostname( ssl_context *ssl, const char *hostname ) +#if defined(MBEDTLS_X509_CRT_PARSE_C) +int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ) { + size_t hostname_len; + if( hostname == NULL ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - ssl->hostname_len = strlen( hostname ); + hostname_len = strlen( hostname ); - if( ssl->hostname_len + 1 == 0 ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + if( hostname_len + 1 == 0 ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - ssl->hostname = polarssl_malloc( ssl->hostname_len + 1 ); + ssl->hostname = mbedtls_calloc( 1, hostname_len + 1 ); if( ssl->hostname == NULL ) - return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - memcpy( ssl->hostname, (const unsigned char *) hostname, - ssl->hostname_len ); + memcpy( ssl->hostname, hostname, hostname_len ); - ssl->hostname[ssl->hostname_len] = '\0'; + ssl->hostname[hostname_len] = '\0'; return( 0 ); } +#endif -void ssl_set_sni( ssl_context *ssl, - int (*f_sni)(void *, ssl_context *, +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) +void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, + int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t), void *p_sni ) { - ssl->f_sni = f_sni; - ssl->p_sni = p_sni; + conf->f_sni = f_sni; + conf->p_sni = p_sni; } -#endif /* POLARSSL_SSL_SERVER_NAME_INDICATION */ +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined(POLARSSL_SSL_ALPN) -int ssl_set_alpn_protocols( ssl_context *ssl, const char **protos ) +#if defined(MBEDTLS_SSL_ALPN) +int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos ) { size_t cur_len, tot_len; const char **p; @@ -4183,154 +5619,142 @@ int ssl_set_alpn_protocols( ssl_context *ssl, const char **protos ) tot_len += cur_len; if( cur_len == 0 || cur_len > 255 || tot_len > 65535 ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - ssl->alpn_list = protos; + conf->alpn_list = protos; return( 0 ); } -const char *ssl_get_alpn_protocol( const ssl_context *ssl ) +const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl ) { return( ssl->alpn_chosen ); } -#endif /* POLARSSL_SSL_ALPN */ +#endif /* MBEDTLS_SSL_ALPN */ -void ssl_set_max_version( ssl_context *ssl, int major, int minor ) +void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ) { - if( major >= SSL_MIN_MAJOR_VERSION && major <= SSL_MAX_MAJOR_VERSION && - minor >= SSL_MIN_MINOR_VERSION && minor <= SSL_MAX_MINOR_VERSION ) - { - ssl->max_major_ver = major; - ssl->max_minor_ver = minor; - } + conf->max_major_ver = major; + conf->max_minor_ver = minor; } -void ssl_set_min_version( ssl_context *ssl, int major, int minor ) +void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ) { - if( major >= SSL_MIN_MAJOR_VERSION && major <= SSL_MAX_MAJOR_VERSION && - minor >= SSL_MIN_MINOR_VERSION && minor <= SSL_MAX_MINOR_VERSION ) - { - ssl->min_major_ver = major; - ssl->min_minor_ver = minor; - } + conf->min_major_ver = major; + conf->min_minor_ver = minor; } -#if defined(POLARSSL_SSL_FALLBACK_SCSV) && defined(POLARSSL_SSL_CLI_C) -void ssl_set_fallback( ssl_context *ssl, char fallback ) +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) +void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ) { - ssl->fallback = fallback; + conf->fallback = fallback; } #endif -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) -void ssl_set_encrypt_then_mac( ssl_context *ssl, char etm ) +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) +void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ) { - ssl->encrypt_then_mac = etm; + conf->encrypt_then_mac = etm; } #endif -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) -void ssl_set_extended_master_secret( ssl_context *ssl, char ems ) +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) +void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ) { - ssl->extended_ms = ems; + conf->extended_ms = ems; } #endif -void ssl_set_arc4_support( ssl_context *ssl, char arc4 ) +#if defined(MBEDTLS_ARC4_C) +void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ) { - ssl->arc4_disabled = arc4; + conf->arc4_disabled = arc4; } +#endif -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) -int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code ) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ) { - if( mfl_code >= SSL_MAX_FRAG_LEN_INVALID || - mfl_code_to_length[mfl_code] > SSL_MAX_CONTENT_LEN ) + if( mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID || + mfl_code_to_length[mfl_code] > MBEDTLS_SSL_MAX_CONTENT_LEN ) { - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - ssl->mfl_code = mfl_code; + conf->mfl_code = mfl_code; return( 0 ); } -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) -int ssl_set_truncated_hmac( ssl_context *ssl, int truncate ) +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ) { - ssl->trunc_hmac = truncate; - - return( 0 ); + conf->trunc_hmac = truncate; } -#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) -void ssl_set_cbc_record_splitting( ssl_context *ssl, char split ) +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) +void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ) { - ssl->split_done = split; + conf->cbc_record_splitting = split; } #endif -void ssl_legacy_renegotiation( ssl_context *ssl, int allow_legacy ) +void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ) { - ssl->allow_legacy_renegotiation = allow_legacy; + conf->allow_legacy_renegotiation = allow_legacy; } -#if defined(POLARSSL_SSL_RENEGOTIATION) -void ssl_set_renegotiation( ssl_context *ssl, int renegotiation ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) +void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation ) { - ssl->disable_renegotiation = renegotiation; + conf->disable_renegotiation = renegotiation; } -void ssl_set_renegotiation_enforced( ssl_context *ssl, int max_records ) +void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records ) { - ssl->renego_max_records = max_records; + conf->renego_max_records = max_records; } -void ssl_set_renegotiation_period( ssl_context *ssl, +void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, const unsigned char period[8] ) { - memcpy( ssl->renego_period, period, 8 ); + memcpy( conf->renego_period, period, 8 ); } -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) -int ssl_set_session_tickets( ssl_context *ssl, int use_tickets ) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_CLI_C) +void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ) { - ssl->session_tickets = use_tickets; - -#if defined(POLARSSL_SSL_CLI_C) - if( ssl->endpoint == SSL_IS_CLIENT ) - return( 0 ); -#endif - - if( use_tickets == SSL_SESSION_TICKETS_DISABLED ) - return( 0 ); - - if( ssl->f_rng == NULL ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - - return( ssl_ticket_keys_init( ssl ) ); + conf->session_tickets = use_tickets; } +#endif -void ssl_set_session_ticket_lifetime( ssl_context *ssl, int lifetime ) +#if defined(MBEDTLS_SSL_SRV_C) +void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, + mbedtls_ssl_ticket_write_t *f_ticket_write, + mbedtls_ssl_ticket_parse_t *f_ticket_parse, + void *p_ticket ) { - ssl->ticket_lifetime = lifetime; + conf->f_ticket_write = f_ticket_write; + conf->f_ticket_parse = f_ticket_parse; + conf->p_ticket = p_ticket; } -#endif /* POLARSSL_SSL_SESSION_TICKETS */ +#endif +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ /* * SSL get accessors */ -size_t ssl_get_bytes_avail( const ssl_context *ssl ) +size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ) { return( ssl->in_offt == NULL ? 0 : ssl->in_msglen ); } -int ssl_get_verify_result( const ssl_context *ssl ) +uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ) { if( ssl->session != NULL ) return( ssl->session->verify_result ); @@ -4338,78 +5762,128 @@ int ssl_get_verify_result( const ssl_context *ssl ) if( ssl->session_negotiate != NULL ) return( ssl->session_negotiate->verify_result ); - return( -1 ); + return( 0xFFFFFFFF ); } -const char *ssl_get_ciphersuite( const ssl_context *ssl ) +const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ) { if( ssl == NULL || ssl->session == NULL ) return( NULL ); - return ssl_get_ciphersuite_name( ssl->session->ciphersuite ); + return mbedtls_ssl_get_ciphersuite_name( ssl->session->ciphersuite ); } -const char *ssl_get_version( const ssl_context *ssl ) +const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ) { +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + switch( ssl->minor_ver ) + { + case MBEDTLS_SSL_MINOR_VERSION_2: + return( "DTLSv1.0" ); + + case MBEDTLS_SSL_MINOR_VERSION_3: + return( "DTLSv1.2" ); + + default: + return( "unknown (DTLS)" ); + } + } +#endif + switch( ssl->minor_ver ) { - case SSL_MINOR_VERSION_0: + case MBEDTLS_SSL_MINOR_VERSION_0: return( "SSLv3.0" ); - case SSL_MINOR_VERSION_1: + case MBEDTLS_SSL_MINOR_VERSION_1: return( "TLSv1.0" ); - case SSL_MINOR_VERSION_2: + case MBEDTLS_SSL_MINOR_VERSION_2: return( "TLSv1.1" ); - case SSL_MINOR_VERSION_3: + case MBEDTLS_SSL_MINOR_VERSION_3: return( "TLSv1.2" ); default: + return( "unknown" ); + } +} + +int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) +{ + size_t transform_expansion; + const mbedtls_ssl_transform *transform = ssl->transform_out; + +#if defined(MBEDTLS_ZLIB_SUPPORT) + if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); +#endif + + if( transform == NULL ) + return( (int) mbedtls_ssl_hdr_len( ssl ) ); + + switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) ) + { + case MBEDTLS_MODE_GCM: + case MBEDTLS_MODE_CCM: + case MBEDTLS_MODE_STREAM: + transform_expansion = transform->minlen; + break; + + case MBEDTLS_MODE_CBC: + transform_expansion = transform->maclen + + mbedtls_cipher_get_block_size( &transform->cipher_ctx_enc ); break; + + default: + MBEDTLS_SSL_DEBUG_MSG( 0, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - return( "unknown" ); + + return( (int)( mbedtls_ssl_hdr_len( ssl ) + transform_expansion ) ); } -#if defined(POLARSSL_X509_CRT_PARSE_C) -const x509_crt *ssl_get_peer_cert( const ssl_context *ssl ) +#if defined(MBEDTLS_X509_CRT_PARSE_C) +const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ) { if( ssl == NULL || ssl->session == NULL ) return( NULL ); return( ssl->session->peer_cert ); } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(POLARSSL_SSL_CLI_C) -int ssl_get_session( const ssl_context *ssl, ssl_session *dst ) +#if defined(MBEDTLS_SSL_CLI_C) +int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *dst ) { if( ssl == NULL || dst == NULL || ssl->session == NULL || - ssl->endpoint != SSL_IS_CLIENT ) + ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT ) { - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } return( ssl_session_copy( dst, ssl->session ) ); } -#endif /* POLARSSL_SSL_CLI_C */ +#endif /* MBEDTLS_SSL_CLI_C */ /* * Perform a single step of the SSL handshake */ -int ssl_handshake_step( ssl_context *ssl ) +int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; -#if defined(POLARSSL_SSL_CLI_C) - if( ssl->endpoint == SSL_IS_CLIENT ) - ret = ssl_handshake_client_step( ssl ); +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + ret = mbedtls_ssl_handshake_client_step( ssl ); #endif -#if defined(POLARSSL_SSL_SRV_C) - if( ssl->endpoint == SSL_IS_SERVER ) - ret = ssl_handshake_server_step( ssl ); +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + ret = mbedtls_ssl_handshake_server_step( ssl ); #endif return( ret ); @@ -4418,80 +5892,93 @@ int ssl_handshake_step( ssl_context *ssl ) /* * Perform the SSL handshake */ -int ssl_handshake( ssl_context *ssl ) +int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ) { int ret = 0; - SSL_DEBUG_MSG( 2, ( "=> handshake" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> handshake" ) ); - while( ssl->state != SSL_HANDSHAKE_OVER ) + while( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) { - ret = ssl_handshake_step( ssl ); + ret = mbedtls_ssl_handshake_step( ssl ); if( ret != 0 ) break; } - SSL_DEBUG_MSG( 2, ( "<= handshake" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= handshake" ) ); return( ret ); } -#if defined(POLARSSL_SSL_RENEGOTIATION) -#if defined(POLARSSL_SSL_SRV_C) +#if defined(MBEDTLS_SSL_RENEGOTIATION) +#if defined(MBEDTLS_SSL_SRV_C) /* * Write HelloRequest to request renegotiation on server */ -static int ssl_write_hello_request( ssl_context *ssl ) +static int ssl_write_hello_request( mbedtls_ssl_context *ssl ) { int ret; - SSL_DEBUG_MSG( 2, ( "=> write hello request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello request" ) ); ssl->out_msglen = 4; - ssl->out_msgtype = SSL_MSG_HANDSHAKE; - ssl->out_msg[0] = SSL_HS_HELLO_REQUEST; + ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_REQUEST; - if( ( ret = ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= write hello request" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello request" ) ); return( 0 ); } -#endif /* POLARSSL_SSL_SRV_C */ +#endif /* MBEDTLS_SSL_SRV_C */ /* * Actually renegotiate current connection, triggered by either: - * - any side: calling ssl_renegotiate(), - * - client: receiving a HelloRequest during ssl_read(), - * - server: receiving any handshake message on server during ssl_read() after + * - any side: calling mbedtls_ssl_renegotiate(), + * - client: receiving a HelloRequest during mbedtls_ssl_read(), + * - server: receiving any handshake message on server during mbedtls_ssl_read() after * the initial handshake is completed. * If the handshake doesn't complete due to waiting for I/O, it will continue - * during the next calls to ssl_renegotiate() or ssl_read() respectively. + * during the next calls to mbedtls_ssl_renegotiate() or mbedtls_ssl_read() respectively. */ -static int ssl_start_renegotiation( ssl_context *ssl ) +static int ssl_start_renegotiation( mbedtls_ssl_context *ssl ) { int ret; - SSL_DEBUG_MSG( 2, ( "=> renegotiate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> renegotiate" ) ); if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) return( ret ); - ssl->state = SSL_HELLO_REQUEST; - ssl->renegotiation = SSL_RENEGOTIATION; + /* RFC 6347 4.2.2: "[...] the HelloRequest will have message_seq = 0 and + * the ServerHello will have message_seq = 1" */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) + { + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + ssl->handshake->out_msg_seq = 1; + else + ssl->handshake->in_msg_seq = 1; + } +#endif - if( ( ret = ssl_handshake( ssl ) ) != 0 ) + ssl->state = MBEDTLS_SSL_HELLO_REQUEST; + ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS; + + if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_handshake", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); return( ret ); } - SSL_DEBUG_MSG( 2, ( "<= renegotiate" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= renegotiate" ) ); return( 0 ); } @@ -4500,52 +5987,52 @@ static int ssl_start_renegotiation( ssl_context *ssl ) * Renegotiate current connection on client, * or request renegotiation on server */ -int ssl_renegotiate( ssl_context *ssl ) +int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; -#if defined(POLARSSL_SSL_SRV_C) +#if defined(MBEDTLS_SSL_SRV_C) /* On server, just send the request */ - if( ssl->endpoint == SSL_IS_SERVER ) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) { - if( ssl->state != SSL_HANDSHAKE_OVER ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - ssl->renegotiation = SSL_RENEGOTIATION_PENDING; + ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; /* Did we already try/start sending HelloRequest? */ if( ssl->out_left != 0 ) - return( ssl_flush_output( ssl ) ); + return( mbedtls_ssl_flush_output( ssl ) ); return( ssl_write_hello_request( ssl ) ); } -#endif /* POLARSSL_SSL_SRV_C */ +#endif /* MBEDTLS_SSL_SRV_C */ -#if defined(POLARSSL_SSL_CLI_C) +#if defined(MBEDTLS_SSL_CLI_C) /* * On client, either start the renegotiation process or, * if already in progress, continue the handshake */ - if( ssl->renegotiation != SSL_RENEGOTIATION ) + if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) { - if( ssl->state != SSL_HANDSHAKE_OVER ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); if( ( ret = ssl_start_renegotiation( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret ); return( ret ); } } else { - if( ( ret = ssl_handshake( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_handshake", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); return( ret ); } } -#endif /* POLARSSL_SSL_CLI_C */ +#endif /* MBEDTLS_SSL_CLI_C */ return( ret ); } @@ -4553,188 +6040,259 @@ int ssl_renegotiate( ssl_context *ssl ) /* * Check record counters and renegotiate if they're above the limit. */ -static int ssl_check_ctr_renegotiate( ssl_context *ssl ) +static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) { - if( ssl->state != SSL_HANDSHAKE_OVER || - ssl->renegotiation == SSL_RENEGOTIATION_PENDING || - ssl->disable_renegotiation == SSL_RENEGOTIATION_DISABLED ) + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER || + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING || + ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED ) { return( 0 ); } - // TODO: adapt for DTLS - if( memcmp( ssl->in_ctr, ssl->renego_period, 8 ) <= 0 && - memcmp( ssl->out_ctr, ssl->renego_period, 8 ) <= 0 ) + if( memcmp( ssl->in_ctr, ssl->conf->renego_period, 8 ) <= 0 && + memcmp( ssl->out_ctr, ssl->conf->renego_period, 8 ) <= 0 ) { return( 0 ); } - SSL_DEBUG_MSG( 0, ( "record counter limit reached: renegotiate" ) ); - return( ssl_renegotiate( ssl ) ); + MBEDTLS_SSL_DEBUG_MSG( 0, ( "record counter limit reached: renegotiate" ) ); + return( mbedtls_ssl_renegotiate( ssl ) ); } -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ /* * Receive application data decrypted from the SSL layer */ -int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ) +int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) { int ret, record_read = 0; size_t n; - SSL_DEBUG_MSG( 2, ( "=> read" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read" ) ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + + if( ssl->handshake != NULL && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) + { + if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) + return( ret ); + } + } +#endif -#if defined(POLARSSL_SSL_RENEGOTIATION) +#if defined(MBEDTLS_SSL_RENEGOTIATION) if( ( ret = ssl_check_ctr_renegotiate( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); return( ret ); } #endif - if( ssl->state != SSL_HANDSHAKE_OVER ) + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) { - ret = ssl_handshake( ssl ); - if( ret == POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ) + ret = mbedtls_ssl_handshake( ssl ); + if( ret == MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ) { record_read = 1; } else if( ret != 0 ) { - SSL_DEBUG_RET( 1, "ssl_handshake", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); return( ret ); } } if( ssl->in_offt == NULL ) { + /* Start timer if not already running */ + if( ssl->f_get_timer != NULL && + ssl->f_get_timer( ssl->p_timer ) == -1 ) + { + ssl_set_timer( ssl, ssl->conf->read_timeout ); + } + if( ! record_read ) { - if( ( ret = ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - if( ret == POLARSSL_ERR_SSL_CONN_EOF ) + if( ret == MBEDTLS_ERR_SSL_CONN_EOF ) return( 0 ); - SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); } } if( ssl->in_msglen == 0 && - ssl->in_msgtype == SSL_MSG_APPLICATION_DATA ) + ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA ) { /* * OpenSSL sends empty messages to randomize the IV */ - if( ( ret = ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) { - if( ret == POLARSSL_ERR_SSL_CONN_EOF ) + if( ret == MBEDTLS_ERR_SSL_CONN_EOF ) return( 0 ); - SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); } } -#if defined(POLARSSL_SSL_RENEGOTIATION) - if( ssl->in_msgtype == SSL_MSG_HANDSHAKE ) +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) { - SSL_DEBUG_MSG( 1, ( "received handshake message" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "received handshake message" ) ); + +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + ( ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) ); + + /* With DTLS, drop the packet (probably from last handshake) */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + return( MBEDTLS_ERR_SSL_WANT_READ ); +#endif + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } -#if defined(POLARSSL_SSL_CLI_C) - if( ssl->endpoint == SSL_IS_CLIENT && - ( ssl->in_msg[0] != SSL_HS_HELLO_REQUEST || - ssl->in_hslen != 4 ) ) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) { - SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not ClientHello)" ) ); + + /* With DTLS, drop the packet (probably from last handshake) */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + return( MBEDTLS_ERR_SSL_WANT_READ ); +#endif + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } #endif - if( ssl->disable_renegotiation == SSL_RENEGOTIATION_DISABLED || - ( ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && - ssl->allow_legacy_renegotiation == - SSL_LEGACY_NO_RENEGOTIATION ) ) + if( ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || + ( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == + MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) ) { - SSL_DEBUG_MSG( 3, ( "ignoring renegotiation, sending alert" ) ); + MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); -#if defined(POLARSSL_SSL_PROTO_SSL3) - if( ssl->minor_ver == SSL_MINOR_VERSION_0 ) +#if defined(MBEDTLS_SSL_PROTO_SSL3) + if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) { /* * SSLv3 does not have a "no_renegotiation" alert */ - if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) return( ret ); } else -#endif /* POLARSSL_SSL_PROTO_SSL3 */ -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= SSL_MINOR_VERSION_1 ) +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) { - if( ( ret = ssl_send_alert_message( ssl, - SSL_ALERT_LEVEL_WARNING, - SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_WARNING, + MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) { return( ret ); } } else -#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 || - POLARSSL_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || + MBEDTLS_SSL_PROTO_TLS1_2 */ { - SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } } else { + /* DTLS clients need to know renego is server-initiated */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + { + ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; + } +#endif ret = ssl_start_renegotiation( ssl ); - if( ret == POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ) + if( ret == MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ) { record_read = 1; } else if( ret != 0 ) { - SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret ); return( ret ); } } /* If a non-handshake record was read during renego, fallthrough, - * else tell the user they should call ssl_read() again */ + * else tell the user they should call mbedtls_ssl_read() again */ if( ! record_read ) - return( POLARSSL_ERR_NET_WANT_READ ); + return( MBEDTLS_ERR_SSL_WANT_READ ); } - else if( ssl->renegotiation == SSL_RENEGOTIATION_PENDING ) + else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) { - ssl->renego_records_seen++; - if( ssl->renego_max_records >= 0 && - ssl->renego_records_seen > ssl->renego_max_records ) + if( ssl->conf->renego_max_records >= 0 ) { - SSL_DEBUG_MSG( 1, ( "renegotiation requested, " - "but not honored by client" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + if( ++ssl->renego_records_seen > ssl->conf->renego_max_records ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation requested, " + "but not honored by client" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } } } -#endif /* POLARSSL_SSL_RENEGOTIATION */ +#endif /* MBEDTLS_SSL_RENEGOTIATION */ - /* Fatal and closure alerts handled by ssl_read_record() */ - if( ssl->in_msgtype == SSL_MSG_ALERT ) + /* Fatal and closure alerts handled by mbedtls_ssl_read_record() */ + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT ) { - SSL_DEBUG_MSG( 2, ( "ignoring non-fatal non-closure alert" ) ); - return( POLARSSL_ERR_NET_WANT_READ ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "ignoring non-fatal non-closure alert" ) ); + return( MBEDTLS_ERR_SSL_WANT_READ ); } - if( ssl->in_msgtype != SSL_MSG_APPLICATION_DATA ) + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA ) { - SSL_DEBUG_MSG( 1, ( "bad application data message" ) ); - return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad application data message" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } ssl->in_offt = ssl->in_msg; + + /* We're going to return something now, cancel timer, + * except if handshake (renegotiation) is in progress */ + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) + ssl_set_timer( ssl, 0 ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + /* If we requested renego but received AppData, resend HelloRequest. + * Do it now, after setting in_offt, to avoid taking this branch + * again if ssl_write_hello_request() returns WANT_WRITE */ +#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) + { + if( ( ret = ssl_resend_hello_request( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_resend_hello_request", ret ); + return( ret ); + } + } +#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ +#endif } n = ( len < ssl->in_msglen ) @@ -4750,7 +6308,7 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ) /* more data available */ ssl->in_offt += n; - SSL_DEBUG_MSG( 2, ( "<= read" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read" ) ); return( (int) n ); } @@ -4759,18 +6317,19 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ) * Send application data to be encrypted by the SSL layer, * taking care of max fragment length and buffer size */ -static int ssl_write_real( ssl_context *ssl, +static int ssl_write_real( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { int ret; - size_t n; - unsigned int max_len = SSL_MAX_CONTENT_LEN; +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + unsigned int max_len; +#endif -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) /* * Assume mfl_code is correct since it was checked when set */ - max_len = mfl_code_to_length[ssl->mfl_code]; + max_len = mfl_code_to_length[ssl->conf->mfl_code]; /* * Check if a smaller max length was negotiated @@ -4780,32 +6339,45 @@ static int ssl_write_real( ssl_context *ssl, { max_len = mfl_code_to_length[ssl->session_out->mfl_code]; } -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ - n = ( len < max_len) ? len : max_len; + if( len > max_len ) + { +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment larger than the (negotiated) " + "maximum fragment length: %d > %d", + len, max_len ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + else +#endif + len = max_len; + } +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ if( ssl->out_left != 0 ) { - if( ( ret = ssl_flush_output( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_flush_output", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret ); return( ret ); } } else { - ssl->out_msglen = n; - ssl->out_msgtype = SSL_MSG_APPLICATION_DATA; - memcpy( ssl->out_msg, buf, n ); + ssl->out_msglen = len; + ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; + memcpy( ssl->out_msg, buf, len ); - if( ( ret = ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } } - return( (int) n ); + return( (int) len ); } /* @@ -4815,17 +6387,18 @@ static int ssl_write_real( ssl_context *ssl, * then the caller will call us again with the same arguments, so * remember wether we already did the split or not. */ -#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) -static int ssl_write_split( ssl_context *ssl, +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) +static int ssl_write_split( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { int ret; - if( ssl->split_done == SSL_CBC_RECORD_SPLITTING_DISABLED || + if( ssl->conf->cbc_record_splitting == + MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED || len <= 1 || - ssl->minor_ver > SSL_MINOR_VERSION_1 || - cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc ) - != POLARSSL_MODE_CBC ) + ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_1 || + mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc ) + != MBEDTLS_MODE_CBC ) { return( ssl_write_real( ssl, buf, len ) ); } @@ -4843,41 +6416,41 @@ static int ssl_write_split( ssl_context *ssl, return( ret + 1 ); } -#endif /* POLARSSL_SSL_CBC_RECORD_SPLITTING */ +#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ /* * Write application data (public-facing wrapper) */ -int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len ) +int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { int ret; - SSL_DEBUG_MSG( 2, ( "=> write" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write" ) ); -#if defined(POLARSSL_SSL_RENEGOTIATION) +#if defined(MBEDTLS_SSL_RENEGOTIATION) if( ( ret = ssl_check_ctr_renegotiate( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); return( ret ); } #endif - if( ssl->state != SSL_HANDSHAKE_OVER ) + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) { - if( ( ret = ssl_handshake( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_handshake", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); return( ret ); } } -#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) ret = ssl_write_split( ssl, buf, len ); #else ret = ssl_write_real( ssl, buf, len ); #endif - SSL_DEBUG_MSG( 2, ( "<= write" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write" ) ); return( ret ); } @@ -4885,407 +6458,718 @@ int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len ) /* * Notify the peer that the connection is being closed */ -int ssl_close_notify( ssl_context *ssl ) +int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl ) { int ret; - SSL_DEBUG_MSG( 2, ( "=> write close notify" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write close notify" ) ); if( ssl->out_left != 0 ) - return( ssl_flush_output( ssl ) ); + return( mbedtls_ssl_flush_output( ssl ) ); - if( ssl->state == SSL_HANDSHAKE_OVER ) + if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) { - if( ( ret = ssl_send_alert_message( ssl, - SSL_ALERT_LEVEL_WARNING, - SSL_ALERT_MSG_CLOSE_NOTIFY ) ) != 0 ) + if( ( ret = mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_WARNING, + MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ssl_send_alert_message", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_send_alert_message", ret ); return( ret ); } } - SSL_DEBUG_MSG( 2, ( "<= write close notify" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write close notify" ) ); return( 0 ); } -void ssl_transform_free( ssl_transform *transform ) +void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ) { if( transform == NULL ) return; -#if defined(POLARSSL_ZLIB_SUPPORT) +#if defined(MBEDTLS_ZLIB_SUPPORT) deflateEnd( &transform->ctx_deflate ); inflateEnd( &transform->ctx_inflate ); #endif - cipher_free( &transform->cipher_ctx_enc ); - cipher_free( &transform->cipher_ctx_dec ); + mbedtls_cipher_free( &transform->cipher_ctx_enc ); + mbedtls_cipher_free( &transform->cipher_ctx_dec ); - md_free( &transform->md_ctx_enc ); - md_free( &transform->md_ctx_dec ); + mbedtls_md_free( &transform->md_ctx_enc ); + mbedtls_md_free( &transform->md_ctx_dec ); - polarssl_zeroize( transform, sizeof( ssl_transform ) ); + mbedtls_zeroize( transform, sizeof( mbedtls_ssl_transform ) ); } -#if defined(POLARSSL_X509_CRT_PARSE_C) -static void ssl_key_cert_free( ssl_key_cert *key_cert ) +#if defined(MBEDTLS_X509_CRT_PARSE_C) +static void ssl_key_cert_free( mbedtls_ssl_key_cert *key_cert ) { - ssl_key_cert *cur = key_cert, *next; + mbedtls_ssl_key_cert *cur = key_cert, *next; while( cur != NULL ) { next = cur->next; - - if( cur->key_own_alloc ) - { - pk_free( cur->key ); - polarssl_free( cur->key ); - } - polarssl_free( cur ); - + mbedtls_free( cur ); cur = next; } } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ -void ssl_handshake_free( ssl_handshake_params *handshake ) +void mbedtls_ssl_handshake_free( mbedtls_ssl_handshake_params *handshake ) { if( handshake == NULL ) return; -#if defined(POLARSSL_DHM_C) - dhm_free( &handshake->dhm_ctx ); +#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) + mbedtls_md5_free( &handshake->fin_md5 ); + mbedtls_sha1_free( &handshake->fin_sha1 ); +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SHA256_C) + mbedtls_sha256_free( &handshake->fin_sha256 ); +#endif +#if defined(MBEDTLS_SHA512_C) + mbedtls_sha512_free( &handshake->fin_sha512 ); +#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_DHM_C) + mbedtls_dhm_free( &handshake->dhm_ctx ); #endif -#if defined(POLARSSL_ECDH_C) - ecdh_free( &handshake->ecdh_ctx ); +#if defined(MBEDTLS_ECDH_C) + mbedtls_ecdh_free( &handshake->ecdh_ctx ); #endif -#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) /* explicit void pointer cast for buggy MS compiler */ - polarssl_free( (void *) handshake->curves ); + mbedtls_free( (void *) handshake->curves ); +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( handshake->psk != NULL ) + { + mbedtls_zeroize( handshake->psk, handshake->psk_len ); + mbedtls_free( handshake->psk ); + } #endif -#if defined(POLARSSL_X509_CRT_PARSE_C) && \ - defined(POLARSSL_SSL_SERVER_NAME_INDICATION) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) /* * Free only the linked list wrapper, not the keys themselves * since the belong to the SNI callback */ if( handshake->sni_key_cert != NULL ) { - ssl_key_cert *cur = handshake->sni_key_cert, *next; + mbedtls_ssl_key_cert *cur = handshake->sni_key_cert, *next; while( cur != NULL ) { next = cur->next; - polarssl_free( cur ); + mbedtls_free( cur ); cur = next; } } -#endif /* POLARSSL_X509_CRT_PARSE_C && POLARSSL_SSL_SERVER_NAME_INDICATION */ +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_SERVER_NAME_INDICATION */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + mbedtls_free( handshake->verify_cookie ); + mbedtls_free( handshake->hs_msg ); + ssl_flight_free( handshake->flight ); +#endif - polarssl_zeroize( handshake, sizeof( ssl_handshake_params ) ); + mbedtls_zeroize( handshake, sizeof( mbedtls_ssl_handshake_params ) ); } -void ssl_session_free( ssl_session *session ) +void mbedtls_ssl_session_free( mbedtls_ssl_session *session ) { if( session == NULL ) return; -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) if( session->peer_cert != NULL ) { - x509_crt_free( session->peer_cert ); - polarssl_free( session->peer_cert ); + mbedtls_x509_crt_free( session->peer_cert ); + mbedtls_free( session->peer_cert ); } #endif -#if defined(POLARSSL_SSL_SESSION_TICKETS) - polarssl_free( session->ticket ); +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) + mbedtls_free( session->ticket ); #endif - polarssl_zeroize( session, sizeof( ssl_session ) ); + mbedtls_zeroize( session, sizeof( mbedtls_ssl_session ) ); } /* * Free an SSL context */ -void ssl_free( ssl_context *ssl ) +void mbedtls_ssl_free( mbedtls_ssl_context *ssl ) { if( ssl == NULL ) return; - SSL_DEBUG_MSG( 2, ( "=> free" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> free" ) ); - if( ssl->out_ctr != NULL ) + if( ssl->out_buf != NULL ) { - polarssl_zeroize( ssl->out_ctr, SSL_BUFFER_LEN ); - polarssl_free( ssl->out_ctr ); + mbedtls_zeroize( ssl->out_buf, MBEDTLS_SSL_BUFFER_LEN ); + mbedtls_free( ssl->out_buf ); } - if( ssl->in_ctr != NULL ) + if( ssl->in_buf != NULL ) { - polarssl_zeroize( ssl->in_ctr, SSL_BUFFER_LEN ); - polarssl_free( ssl->in_ctr ); + mbedtls_zeroize( ssl->in_buf, MBEDTLS_SSL_BUFFER_LEN ); + mbedtls_free( ssl->in_buf ); } -#if defined(POLARSSL_ZLIB_SUPPORT) +#if defined(MBEDTLS_ZLIB_SUPPORT) if( ssl->compress_buf != NULL ) { - polarssl_zeroize( ssl->compress_buf, SSL_BUFFER_LEN ); - polarssl_free( ssl->compress_buf ); + mbedtls_zeroize( ssl->compress_buf, MBEDTLS_SSL_BUFFER_LEN ); + mbedtls_free( ssl->compress_buf ); } #endif -#if defined(POLARSSL_DHM_C) - mpi_free( &ssl->dhm_P ); - mpi_free( &ssl->dhm_G ); -#endif - if( ssl->transform ) { - ssl_transform_free( ssl->transform ); - polarssl_free( ssl->transform ); + mbedtls_ssl_transform_free( ssl->transform ); + mbedtls_free( ssl->transform ); } if( ssl->handshake ) { - ssl_handshake_free( ssl->handshake ); - ssl_transform_free( ssl->transform_negotiate ); - ssl_session_free( ssl->session_negotiate ); + mbedtls_ssl_handshake_free( ssl->handshake ); + mbedtls_ssl_transform_free( ssl->transform_negotiate ); + mbedtls_ssl_session_free( ssl->session_negotiate ); - polarssl_free( ssl->handshake ); - polarssl_free( ssl->transform_negotiate ); - polarssl_free( ssl->session_negotiate ); + mbedtls_free( ssl->handshake ); + mbedtls_free( ssl->transform_negotiate ); + mbedtls_free( ssl->session_negotiate ); } if( ssl->session ) { - ssl_session_free( ssl->session ); - polarssl_free( ssl->session ); + mbedtls_ssl_session_free( ssl->session ); + mbedtls_free( ssl->session ); } -#if defined(POLARSSL_SSL_SESSION_TICKETS) - if( ssl->ticket_keys ) +#if defined(MBEDTLS_X509_CRT_PARSE_C) + if( ssl->hostname != NULL ) { - ssl_ticket_keys_free( ssl->ticket_keys ); - polarssl_free( ssl->ticket_keys ); + mbedtls_zeroize( ssl->hostname, strlen( ssl->hostname ) ); + mbedtls_free( ssl->hostname ); } #endif -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) - if( ssl->hostname != NULL ) +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + if( mbedtls_ssl_hw_record_finish != NULL ) { - polarssl_zeroize( ssl->hostname, ssl->hostname_len ); - polarssl_free( ssl->hostname ); - ssl->hostname_len = 0; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_finish()" ) ); + mbedtls_ssl_hw_record_finish( ssl ); } #endif -#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) - if( ssl->psk != NULL ) +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) + mbedtls_free( ssl->cli_id ); +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= free" ) ); + + /* Actually clear after last debug message */ + mbedtls_zeroize( ssl, sizeof( mbedtls_ssl_context ) ); +} + +/* + * Initialze mbedtls_ssl_config + */ +void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ) +{ + memset( conf, 0, sizeof( mbedtls_ssl_config ) ); +} + +static int ssl_preset_suiteb_ciphersuites[] = { + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, + 0 +}; + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED) +static int ssl_preset_suiteb_hashes[] = { + MBEDTLS_MD_SHA256, + MBEDTLS_MD_SHA384, + MBEDTLS_MD_NONE +}; +#endif + +#if defined(MBEDTLS_ECP_C) +static mbedtls_ecp_group_id ssl_preset_suiteb_curves[] = { + MBEDTLS_ECP_DP_SECP256R1, + MBEDTLS_ECP_DP_SECP384R1, + MBEDTLS_ECP_DP_NONE +}; +#endif + +/* + * Load default in mbetls_ssl_config + */ +int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, + int endpoint, int transport, int preset ) +{ +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) + int ret; +#endif + + /* Use the functions here so that they are covered in tests, + * but otherwise access member directly for efficiency */ + mbedtls_ssl_conf_endpoint( conf, endpoint ); + mbedtls_ssl_conf_transport( conf, transport ); + + /* + * Things that are common to all presets + */ +#if defined(MBEDTLS_SSL_CLI_C) + if( endpoint == MBEDTLS_SSL_IS_CLIENT ) { - polarssl_zeroize( ssl->psk, ssl->psk_len ); - polarssl_zeroize( ssl->psk_identity, ssl->psk_identity_len ); - polarssl_free( ssl->psk ); - polarssl_free( ssl->psk_identity ); - ssl->psk_len = 0; - ssl->psk_identity_len = 0; + conf->authmode = MBEDTLS_SSL_VERIFY_REQUIRED; +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + conf->session_tickets = MBEDTLS_SSL_SESSION_TICKETS_ENABLED; +#endif } #endif -#if defined(POLARSSL_X509_CRT_PARSE_C) - ssl_key_cert_free( ssl->key_cert ); +#if defined(MBEDTLS_ARC4_C) + conf->arc4_disabled = MBEDTLS_SSL_ARC4_DISABLED; +#endif + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + conf->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; +#endif + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + conf->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; +#endif + +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + conf->cbc_record_splitting = MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED; +#endif + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) + conf->f_cookie_write = ssl_cookie_write_dummy; + conf->f_cookie_check = ssl_cookie_check_dummy; +#endif + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + conf->anti_replay = MBEDTLS_SSL_ANTI_REPLAY_ENABLED; +#endif + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + conf->hs_timeout_min = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN; + conf->hs_timeout_max = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX; +#endif + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT; + memset( conf->renego_period, 0xFF, 7 ); + conf->renego_period[7] = 0x00; +#endif + +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) + if( endpoint == MBEDTLS_SSL_IS_SERVER ) + { + if( ( ret = mbedtls_ssl_conf_dh_param( conf, + MBEDTLS_DHM_RFC5114_MODP_2048_P, + MBEDTLS_DHM_RFC5114_MODP_2048_G ) ) != 0 ) + { + return( ret ); + } + } +#endif + + /* + * Preset-specific defaults + */ + switch( preset ) + { + /* + * NSA Suite B + */ + case MBEDTLS_SSL_PRESET_SUITEB: + conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; + conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; /* TLS 1.2 */ + conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; + conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; + + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = + ssl_preset_suiteb_ciphersuites; + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + conf->cert_profile = &mbedtls_x509_crt_profile_suiteb; +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED) + conf->sig_hashes = ssl_preset_suiteb_hashes; +#endif + +#if defined(MBEDTLS_ECP_C) + conf->curve_list = ssl_preset_suiteb_curves; +#endif + + /* + * Default + */ + default: + conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; + conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_1; /* TLS 1.0 */ + conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; + conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2; +#endif + + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = + mbedtls_ssl_list_ciphersuites(); + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + conf->cert_profile = &mbedtls_x509_crt_profile_default; +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED) + conf->sig_hashes = mbedtls_md_list(); +#endif + +#if defined(MBEDTLS_ECP_C) + conf->curve_list = mbedtls_ecp_grp_id_list(); #endif -#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) - if( ssl_hw_record_finish != NULL ) +#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) + conf->dhm_min_bitlen = 1024; +#endif + } + + return( 0 ); +} + +/* + * Free mbedtls_ssl_config + */ +void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ) +{ +#if defined(MBEDTLS_DHM_C) + mbedtls_mpi_free( &conf->dhm_P ); + mbedtls_mpi_free( &conf->dhm_G ); +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( conf->psk != NULL ) { - SSL_DEBUG_MSG( 2, ( "going for ssl_hw_record_finish()" ) ); - ssl_hw_record_finish( ssl ); + mbedtls_zeroize( conf->psk, conf->psk_len ); + mbedtls_zeroize( conf->psk_identity, conf->psk_identity_len ); + mbedtls_free( conf->psk ); + mbedtls_free( conf->psk_identity ); + conf->psk_len = 0; + conf->psk_identity_len = 0; } #endif - SSL_DEBUG_MSG( 2, ( "<= free" ) ); +#if defined(MBEDTLS_X509_CRT_PARSE_C) + ssl_key_cert_free( conf->key_cert ); +#endif - /* Actually clear after last debug message */ - polarssl_zeroize( ssl, sizeof( ssl_context ) ); + mbedtls_zeroize( conf, sizeof( mbedtls_ssl_config ) ); } -#if defined(POLARSSL_PK_C) +#if defined(MBEDTLS_PK_C) /* - * Convert between POLARSSL_PK_XXX and SSL_SIG_XXX + * Convert between MBEDTLS_PK_XXX and SSL_SIG_XXX */ -unsigned char ssl_sig_from_pk( pk_context *pk ) +unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk ) { -#if defined(POLARSSL_RSA_C) - if( pk_can_do( pk, POLARSSL_PK_RSA ) ) - return( SSL_SIG_RSA ); +#if defined(MBEDTLS_RSA_C) + if( mbedtls_pk_can_do( pk, MBEDTLS_PK_RSA ) ) + return( MBEDTLS_SSL_SIG_RSA ); #endif -#if defined(POLARSSL_ECDSA_C) - if( pk_can_do( pk, POLARSSL_PK_ECDSA ) ) - return( SSL_SIG_ECDSA ); +#if defined(MBEDTLS_ECDSA_C) + if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECDSA ) ) + return( MBEDTLS_SSL_SIG_ECDSA ); #endif - return( SSL_SIG_ANON ); + return( MBEDTLS_SSL_SIG_ANON ); } -pk_type_t ssl_pk_alg_from_sig( unsigned char sig ) +mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ) { switch( sig ) { -#if defined(POLARSSL_RSA_C) - case SSL_SIG_RSA: - return( POLARSSL_PK_RSA ); +#if defined(MBEDTLS_RSA_C) + case MBEDTLS_SSL_SIG_RSA: + return( MBEDTLS_PK_RSA ); #endif -#if defined(POLARSSL_ECDSA_C) - case SSL_SIG_ECDSA: - return( POLARSSL_PK_ECDSA ); +#if defined(MBEDTLS_ECDSA_C) + case MBEDTLS_SSL_SIG_ECDSA: + return( MBEDTLS_PK_ECDSA ); #endif default: - return( POLARSSL_PK_NONE ); + return( MBEDTLS_PK_NONE ); } } -#endif /* POLARSSL_PK_C */ +#endif /* MBEDTLS_PK_C */ /* - * Convert between SSL_HASH_XXX and POLARSSL_MD_XXX + * Convert from MBEDTLS_SSL_HASH_XXX to MBEDTLS_MD_XXX */ -md_type_t ssl_md_alg_from_hash( unsigned char hash ) +mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ) { switch( hash ) { -#if defined(POLARSSL_MD5_C) - case SSL_HASH_MD5: - return( POLARSSL_MD_MD5 ); +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_SSL_HASH_MD5: + return( MBEDTLS_MD_MD5 ); +#endif +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_SSL_HASH_SHA1: + return( MBEDTLS_MD_SHA1 ); +#endif +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_SSL_HASH_SHA224: + return( MBEDTLS_MD_SHA224 ); + case MBEDTLS_SSL_HASH_SHA256: + return( MBEDTLS_MD_SHA256 ); +#endif +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_SSL_HASH_SHA384: + return( MBEDTLS_MD_SHA384 ); + case MBEDTLS_SSL_HASH_SHA512: + return( MBEDTLS_MD_SHA512 ); +#endif + default: + return( MBEDTLS_MD_NONE ); + } +} + +/* + * Convert from MBEDTLS_MD_XXX to MBEDTLS_SSL_HASH_XXX + */ +unsigned char mbedtls_ssl_hash_from_md_alg( int md ) +{ + switch( md ) + { +#if defined(MBEDTLS_MD5_C) + case MBEDTLS_MD_MD5: + return( MBEDTLS_SSL_HASH_MD5 ); #endif -#if defined(POLARSSL_SHA1_C) - case SSL_HASH_SHA1: - return( POLARSSL_MD_SHA1 ); +#if defined(MBEDTLS_SHA1_C) + case MBEDTLS_MD_SHA1: + return( MBEDTLS_SSL_HASH_SHA1 ); #endif -#if defined(POLARSSL_SHA256_C) - case SSL_HASH_SHA224: - return( POLARSSL_MD_SHA224 ); - case SSL_HASH_SHA256: - return( POLARSSL_MD_SHA256 ); +#if defined(MBEDTLS_SHA256_C) + case MBEDTLS_MD_SHA224: + return( MBEDTLS_SSL_HASH_SHA224 ); + case MBEDTLS_MD_SHA256: + return( MBEDTLS_SSL_HASH_SHA256 ); #endif -#if defined(POLARSSL_SHA512_C) - case SSL_HASH_SHA384: - return( POLARSSL_MD_SHA384 ); - case SSL_HASH_SHA512: - return( POLARSSL_MD_SHA512 ); +#if defined(MBEDTLS_SHA512_C) + case MBEDTLS_MD_SHA384: + return( MBEDTLS_SSL_HASH_SHA384 ); + case MBEDTLS_MD_SHA512: + return( MBEDTLS_SSL_HASH_SHA512 ); #endif default: - return( POLARSSL_MD_NONE ); + return( MBEDTLS_SSL_HASH_NONE ); } } -#if defined(POLARSSL_SSL_SET_CURVES) +#if defined(MBEDTLS_ECP_C) /* - * Check is a curve proposed by the peer is in our list. - * Return 1 if we're willing to use it, 0 otherwise. + * Check if a curve proposed by the peer is in our list. + * Return 0 if we're willing to use it, -1 otherwise. */ -int ssl_curve_is_acceptable( const ssl_context *ssl, ecp_group_id grp_id ) +int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ) { - const ecp_group_id *gid; + const mbedtls_ecp_group_id *gid; + + if( ssl->conf->curve_list == NULL ) + return( -1 ); - for( gid = ssl->curve_list; *gid != POLARSSL_ECP_DP_NONE; gid++ ) + for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) if( *gid == grp_id ) - return( 1 ); + return( 0 ); - return( 0 ); + return( -1 ); +} +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED) +/* + * Check if a hash proposed by the peer is in our list. + * Return 0 if we're willing to use it, -1 otherwise. + */ +int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl, + mbedtls_md_type_t md ) +{ + const int *cur; + + if( ssl->conf->sig_hashes == NULL ) + return( -1 ); + + for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ ) + if( *cur == (int) md ) + return( 0 ); + + return( -1 ); } -#endif /* POLARSSL_SSL_SET_CURVES */ +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED */ -#if defined(POLARSSL_X509_CRT_PARSE_C) -int ssl_check_cert_usage( const x509_crt *cert, - const ssl_ciphersuite_t *ciphersuite, +#if defined(MBEDTLS_X509_CRT_PARSE_C) +int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, + const mbedtls_ssl_ciphersuite_t *ciphersuite, int cert_endpoint, - int *flags ) + uint32_t *flags ) { int ret = 0; -#if defined(POLARSSL_X509_CHECK_KEY_USAGE) +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) int usage = 0; #endif -#if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) +#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) const char *ext_oid; size_t ext_len; #endif -#if !defined(POLARSSL_X509_CHECK_KEY_USAGE) && \ - !defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) +#if !defined(MBEDTLS_X509_CHECK_KEY_USAGE) && \ + !defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) ((void) cert); ((void) cert_endpoint); ((void) flags); #endif -#if defined(POLARSSL_X509_CHECK_KEY_USAGE) - if( cert_endpoint == SSL_IS_SERVER ) +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) + if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) { /* Server part of the key exchange */ switch( ciphersuite->key_exchange ) { - case POLARSSL_KEY_EXCHANGE_RSA: - case POLARSSL_KEY_EXCHANGE_RSA_PSK: - usage = KU_KEY_ENCIPHERMENT; + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + usage = MBEDTLS_X509_KU_KEY_ENCIPHERMENT; break; - case POLARSSL_KEY_EXCHANGE_DHE_RSA: - case POLARSSL_KEY_EXCHANGE_ECDHE_RSA: - case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA: - usage = KU_DIGITAL_SIGNATURE; + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE; break; - case POLARSSL_KEY_EXCHANGE_ECDH_RSA: - case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA: - usage = KU_KEY_AGREEMENT; + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + usage = MBEDTLS_X509_KU_KEY_AGREEMENT; break; /* Don't use default: we want warnings when adding new values */ - case POLARSSL_KEY_EXCHANGE_NONE: - case POLARSSL_KEY_EXCHANGE_PSK: - case POLARSSL_KEY_EXCHANGE_DHE_PSK: - case POLARSSL_KEY_EXCHANGE_ECDHE_PSK: + case MBEDTLS_KEY_EXCHANGE_NONE: + case MBEDTLS_KEY_EXCHANGE_PSK: + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: usage = 0; } } else { - /* Client auth: we only implement rsa_sign and ecdsa_sign for now */ - usage = KU_DIGITAL_SIGNATURE; + /* Client auth: we only implement rsa_sign and mbedtls_ecdsa_sign for now */ + usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE; } - if( x509_crt_check_key_usage( cert, usage ) != 0 ) + if( mbedtls_x509_crt_check_key_usage( cert, usage ) != 0 ) { - *flags |= BADCERT_KEY_USAGE; + *flags |= MBEDTLS_X509_BADCERT_KEY_USAGE; ret = -1; } #else ((void) ciphersuite); -#endif /* POLARSSL_X509_CHECK_KEY_USAGE */ +#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ -#if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) - if( cert_endpoint == SSL_IS_SERVER ) +#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) + if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) { - ext_oid = OID_SERVER_AUTH; - ext_len = OID_SIZE( OID_SERVER_AUTH ); + ext_oid = MBEDTLS_OID_SERVER_AUTH; + ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_SERVER_AUTH ); } else { - ext_oid = OID_CLIENT_AUTH; - ext_len = OID_SIZE( OID_CLIENT_AUTH ); + ext_oid = MBEDTLS_OID_CLIENT_AUTH; + ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_CLIENT_AUTH ); } - if( x509_crt_check_extended_key_usage( cert, ext_oid, ext_len ) != 0 ) + if( mbedtls_x509_crt_check_extended_key_usage( cert, ext_oid, ext_len ) != 0 ) { - *flags |= BADCERT_EXT_KEY_USAGE; + *flags |= MBEDTLS_X509_BADCERT_EXT_KEY_USAGE; ret = -1; } -#endif /* POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE */ +#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ return( ret ); } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +/* + * Convert version numbers to/from wire format + * and, for DTLS, to/from TLS equivalent. + * + * For TLS this is the identity. + * For DTLS, use one complement (v -> 255 - v, and then map as follows: + * 1.0 <-> 3.2 (DTLS 1.0 is based on TLS 1.1) + * 1.x <-> 3.x+1 for x != 0 (DTLS 1.2 based on TLS 1.2) + */ +void mbedtls_ssl_write_version( int major, int minor, int transport, + unsigned char ver[2] ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + if( minor == MBEDTLS_SSL_MINOR_VERSION_2 ) + --minor; /* DTLS 1.0 stored as TLS 1.1 internally */ + + ver[0] = (unsigned char)( 255 - ( major - 2 ) ); + ver[1] = (unsigned char)( 255 - ( minor - 1 ) ); + } + else +#else + ((void) transport); +#endif + { + ver[0] = (unsigned char) major; + ver[1] = (unsigned char) minor; + } +} + +void mbedtls_ssl_read_version( int *major, int *minor, int transport, + const unsigned char ver[2] ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + *major = 255 - ver[0] + 2; + *minor = 255 - ver[1] + 1; + + if( *minor == MBEDTLS_SSL_MINOR_VERSION_1 ) + ++*minor; /* DTLS 1.0 stored as TLS 1.1 internally */ + } + else +#else + ((void) transport); +#endif + { + *major = ver[0]; + *minor = ver[1]; + } +} -#endif /* POLARSSL_SSL_TLS_C */ +#endif /* MBEDTLS_SSL_TLS_C */ diff --git a/ext/mbedtls/library/threading.c b/ext/mbedtls/library/threading.c index fa745afdb3..b499a44c80 100644 --- a/ext/mbedtls/library/threading.c +++ b/ext/mbedtls/library/threading.c @@ -20,91 +20,118 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_THREADING_C) +#if defined(MBEDTLS_THREADING_C) -#include "polarssl/threading.h" +#include "mbedtls/threading.h" -#if defined(POLARSSL_THREADING_PTHREAD) -static int threading_mutex_init_pthread( threading_mutex_t *mutex ) +#if defined(MBEDTLS_THREADING_PTHREAD) +static void threading_mutex_init_pthread( mbedtls_threading_mutex_t *mutex ) { if( mutex == NULL ) - return( POLARSSL_ERR_THREADING_BAD_INPUT_DATA ); + return; - if( pthread_mutex_init( mutex, NULL ) != 0 ) - return( POLARSSL_ERR_THREADING_MUTEX_ERROR ); - - return( 0 ); + mutex->is_valid = pthread_mutex_init( &mutex->mutex, NULL ) == 0; } -static int threading_mutex_free_pthread( threading_mutex_t *mutex ) +static void threading_mutex_free_pthread( mbedtls_threading_mutex_t *mutex ) { if( mutex == NULL ) - return( POLARSSL_ERR_THREADING_BAD_INPUT_DATA ); + return; - if( pthread_mutex_destroy( mutex ) != 0 ) - return( POLARSSL_ERR_THREADING_MUTEX_ERROR ); - - return( 0 ); + (void) pthread_mutex_destroy( &mutex->mutex ); } -static int threading_mutex_lock_pthread( threading_mutex_t *mutex ) +static int threading_mutex_lock_pthread( mbedtls_threading_mutex_t *mutex ) { - if( mutex == NULL ) - return( POLARSSL_ERR_THREADING_BAD_INPUT_DATA ); + if( mutex == NULL || ! mutex->is_valid ) + return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA ); - if( pthread_mutex_lock( mutex ) != 0 ) - return( POLARSSL_ERR_THREADING_MUTEX_ERROR ); + if( pthread_mutex_lock( &mutex->mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); return( 0 ); } -static int threading_mutex_unlock_pthread( threading_mutex_t *mutex ) +static int threading_mutex_unlock_pthread( mbedtls_threading_mutex_t *mutex ) { - if( mutex == NULL ) - return( POLARSSL_ERR_THREADING_BAD_INPUT_DATA ); + if( mutex == NULL || ! mutex->is_valid ) + return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA ); - if( pthread_mutex_unlock( mutex ) != 0 ) - return( POLARSSL_ERR_THREADING_MUTEX_ERROR ); + if( pthread_mutex_unlock( &mutex->mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); return( 0 ); } -int (*polarssl_mutex_init)( threading_mutex_t * ) = threading_mutex_init_pthread; -int (*polarssl_mutex_free)( threading_mutex_t * ) = threading_mutex_free_pthread; -int (*polarssl_mutex_lock)( threading_mutex_t * ) = threading_mutex_lock_pthread; -int (*polarssl_mutex_unlock)( threading_mutex_t * ) = threading_mutex_unlock_pthread; -#endif /* POLARSSL_THREADING_PTHREAD */ +void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t * ) = threading_mutex_init_pthread; +void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t * ) = threading_mutex_free_pthread; +int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t * ) = threading_mutex_lock_pthread; +int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_unlock_pthread; -#if defined(POLARSSL_THREADING_ALT) -static int threading_mutex_fail( threading_mutex_t *mutex ) +/* + * With phtreads we can statically initialize mutexes + */ +#define MUTEX_INIT = { PTHREAD_MUTEX_INITIALIZER, 1 } + +#endif /* MBEDTLS_THREADING_PTHREAD */ + +#if defined(MBEDTLS_THREADING_ALT) +static int threading_mutex_fail( mbedtls_threading_mutex_t *mutex ) +{ + ((void) mutex ); + return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA ); +} +static void threading_mutex_dummy( mbedtls_threading_mutex_t *mutex ) { ((void) mutex ); - return( POLARSSL_ERR_THREADING_BAD_INPUT_DATA ); + return; } -int (*polarssl_mutex_init)( threading_mutex_t * ) = threading_mutex_fail; -int (*polarssl_mutex_free)( threading_mutex_t * ) = threading_mutex_fail; -int (*polarssl_mutex_lock)( threading_mutex_t * ) = threading_mutex_fail; -int (*polarssl_mutex_unlock)( threading_mutex_t * ) = threading_mutex_fail; +void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t * ) = threading_mutex_dummy; +void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t * ) = threading_mutex_dummy; +int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t * ) = threading_mutex_fail; +int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_fail; -int threading_set_alt( int (*mutex_init)( threading_mutex_t * ), - int (*mutex_free)( threading_mutex_t * ), - int (*mutex_lock)( threading_mutex_t * ), - int (*mutex_unlock)( threading_mutex_t * ) ) +/* + * Set functions pointers and initialize global mutexes + */ +void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ), + void (*mutex_free)( mbedtls_threading_mutex_t * ), + int (*mutex_lock)( mbedtls_threading_mutex_t * ), + int (*mutex_unlock)( mbedtls_threading_mutex_t * ) ) { - polarssl_mutex_init = mutex_init; - polarssl_mutex_free = mutex_free; - polarssl_mutex_lock = mutex_lock; - polarssl_mutex_unlock = mutex_unlock; + mbedtls_mutex_init = mutex_init; + mbedtls_mutex_free = mutex_free; + mbedtls_mutex_lock = mutex_lock; + mbedtls_mutex_unlock = mutex_unlock; - return( 0 ); + mbedtls_mutex_init( &mbedtls_threading_readdir_mutex ); + mbedtls_mutex_init( &mbedtls_threading_gmtime_mutex ); +} + +/* + * Free global mutexes + */ +void mbedtls_threading_free_alt( void ) +{ + mbedtls_mutex_free( &mbedtls_threading_readdir_mutex ); + mbedtls_mutex_free( &mbedtls_threading_gmtime_mutex ); } -#endif /* POLARSSL_THREADING_ALT_C */ +#endif /* MBEDTLS_THREADING_ALT */ + +/* + * Define global mutexes + */ +#ifndef MUTEX_INIT +#define MUTEX_INIT +#endif +mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex MUTEX_INIT; +mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex MUTEX_INIT; -#endif /* POLARSSL_THREADING_C */ +#endif /* MBEDTLS_THREADING_C */ diff --git a/ext/mbedtls/library/timing.c b/ext/mbedtls/library/timing.c index c5d8d42a13..5a36fb72a7 100644 --- a/ext/mbedtls/library/timing.c +++ b/ext/mbedtls/library/timing.c @@ -20,22 +20,28 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf +#define mbedtls_printf printf #endif -#if defined(POLARSSL_TIMING_C) && !defined(POLARSSL_TIMING_ALT) +#if defined(MBEDTLS_TIMING_C) -#include "polarssl/timing.h" +#include "mbedtls/timing.h" + +#if !defined(MBEDTLS_TIMING_ALT) + +#ifndef asm +#define asm __asm +#endif #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -62,57 +68,57 @@ struct _hr_time #endif /* _WIN32 && !EFIX64 && !EFI32 */ -#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ ( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__) -#define POLARSSL_HAVE_HARDCLOCK +#define HAVE_HARDCLOCK -unsigned long hardclock( void ) +unsigned long mbedtls_timing_hardclock( void ) { unsigned long tsc; __asm rdtsc __asm mov [tsc], eax return( tsc ); } -#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM && +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */ /* some versions of mingw-64 have 32-bit longs even on x84_64 */ -#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ defined(__GNUC__) && ( defined(__i386__) || ( \ ( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) ) -#define POLARSSL_HAVE_HARDCLOCK +#define HAVE_HARDCLOCK -unsigned long hardclock( void ) +unsigned long mbedtls_timing_hardclock( void ) { unsigned long lo, hi; asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) ); return( lo ); } -#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM && +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __i386__ */ -#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ defined(__GNUC__) && ( defined(__amd64__) || defined(__x86_64__) ) -#define POLARSSL_HAVE_HARDCLOCK +#define HAVE_HARDCLOCK -unsigned long hardclock( void ) +unsigned long mbedtls_timing_hardclock( void ) { unsigned long lo, hi; asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) ); return( lo | ( hi << 32 ) ); } -#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM && +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && ( __amd64__ || __x86_64__ ) */ -#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ defined(__GNUC__) && ( defined(__powerpc__) || defined(__ppc__) ) -#define POLARSSL_HAVE_HARDCLOCK +#define HAVE_HARDCLOCK -unsigned long hardclock( void ) +unsigned long mbedtls_timing_hardclock( void ) { unsigned long tbl, tbu0, tbu1; @@ -126,76 +132,76 @@ unsigned long hardclock( void ) return( tbl ); } -#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM && +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && ( __powerpc__ || __ppc__ ) */ -#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ defined(__GNUC__) && defined(__sparc64__) #if defined(__OpenBSD__) #warning OpenBSD does not allow access to tick register using software version instead #else -#define POLARSSL_HAVE_HARDCLOCK +#define HAVE_HARDCLOCK -unsigned long hardclock( void ) +unsigned long mbedtls_timing_hardclock( void ) { unsigned long tick; asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) ); return( tick ); } #endif /* __OpenBSD__ */ -#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM && +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __sparc64__ */ -#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__) -#define POLARSSL_HAVE_HARDCLOCK +#define HAVE_HARDCLOCK -unsigned long hardclock( void ) +unsigned long mbedtls_timing_hardclock( void ) { unsigned long tick; asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" ); asm volatile( "mov %%g1, %0" : "=r" (tick) ); return( tick ); } -#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM && +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __sparc__ && !__sparc64__ */ -#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ defined(__GNUC__) && defined(__alpha__) -#define POLARSSL_HAVE_HARDCLOCK +#define HAVE_HARDCLOCK -unsigned long hardclock( void ) +unsigned long mbedtls_timing_hardclock( void ) { unsigned long cc; asm volatile( "rpcc %0" : "=r" (cc) ); return( cc & 0xFFFFFFFF ); } -#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM && +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __alpha__ */ -#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ defined(__GNUC__) && defined(__ia64__) -#define POLARSSL_HAVE_HARDCLOCK +#define HAVE_HARDCLOCK -unsigned long hardclock( void ) +unsigned long mbedtls_timing_hardclock( void ) { unsigned long itc; asm volatile( "mov %0 = ar.itc" : "=r" (itc) ); return( itc ); } -#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM && +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __ia64__ */ -#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(_MSC_VER) && \ +#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \ !defined(EFIX64) && !defined(EFI32) -#define POLARSSL_HAVE_HARDCLOCK +#define HAVE_HARDCLOCK -unsigned long hardclock( void ) +unsigned long mbedtls_timing_hardclock( void ) { LARGE_INTEGER offset; @@ -203,16 +209,16 @@ unsigned long hardclock( void ) return( (unsigned long)( offset.QuadPart ) ); } -#endif /* !POLARSSL_HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */ +#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */ -#if !defined(POLARSSL_HAVE_HARDCLOCK) +#if !defined(HAVE_HARDCLOCK) -#define POLARSSL_HAVE_HARDCLOCK +#define HAVE_HARDCLOCK static int hardclock_init = 0; static struct timeval tv_init; -unsigned long hardclock( void ) +unsigned long mbedtls_timing_hardclock( void ) { struct timeval tv_cur; @@ -226,13 +232,13 @@ unsigned long hardclock( void ) return( ( tv_cur.tv_sec - tv_init.tv_sec ) * 1000000 + ( tv_cur.tv_usec - tv_init.tv_usec ) ); } -#endif /* !POLARSSL_HAVE_HARDCLOCK */ +#endif /* !HAVE_HARDCLOCK */ -volatile int alarmed = 0; +volatile int mbedtls_timing_alarmed = 0; #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) -unsigned long get_timer( struct hr_time *val, int reset ) +unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) { unsigned long delta; LARGE_INTEGER offset, hfreq; @@ -258,27 +264,22 @@ static DWORD WINAPI TimerProc( LPVOID TimerContext ) { ((void) TimerContext); Sleep( alarmMs ); - alarmed = 1; + mbedtls_timing_alarmed = 1; return( TRUE ); } -void set_alarm( int seconds ) +void mbedtls_set_alarm( int seconds ) { DWORD ThreadId; - alarmed = 0; + mbedtls_timing_alarmed = 0; alarmMs = seconds * 1000; CloseHandle( CreateThread( NULL, 0, TimerProc, NULL, 0, &ThreadId ) ); } -void m_sleep( int milliseconds ) -{ - Sleep( milliseconds ); -} - #else /* _WIN32 && !EFIX64 && !EFI32 */ -unsigned long get_timer( struct hr_time *val, int reset ) +unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) { unsigned long delta; struct timeval offset; @@ -299,132 +300,169 @@ unsigned long get_timer( struct hr_time *val, int reset ) return( delta ); } -#if defined(INTEGRITY) -void m_sleep( int milliseconds ) -{ - usleep( milliseconds * 1000 ); -} - -#else /* INTEGRITY */ - static void sighandler( int signum ) { - alarmed = 1; + mbedtls_timing_alarmed = 1; signal( signum, sighandler ); } -void set_alarm( int seconds ) +void mbedtls_set_alarm( int seconds ) { - alarmed = 0; + mbedtls_timing_alarmed = 0; signal( SIGALRM, sighandler ); alarm( seconds ); } -void m_sleep( int milliseconds ) +#endif /* _WIN32 && !EFIX64 && !EFI32 */ + +/* + * Set delays to watch + */ +void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ) { - struct timeval tv; + mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data; - tv.tv_sec = milliseconds / 1000; - tv.tv_usec = ( milliseconds % 1000 ) * 1000; + ctx->int_ms = int_ms; + ctx->fin_ms = fin_ms; - select( 0, NULL, NULL, NULL, &tv ); + if( fin_ms != 0 ) + (void) mbedtls_timing_get_timer( &ctx->timer, 1 ); } -#endif /* INTEGRITY */ -#endif /* _WIN32 && !EFIX64 && !EFI32 */ +/* + * Get number of delays expired + */ +int mbedtls_timing_get_delay( void *data ) +{ + mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data; + unsigned long elapsed_ms; -#if defined(POLARSSL_SELF_TEST) + if( ctx->fin_ms == 0 ) + return( -1 ); -/* To test net_usleep against our functions */ -#if defined(POLARSSL_NET_C) && defined(POLARSSL_HAVE_TIME) -#include "polarssl/net.h" -#endif + elapsed_ms = mbedtls_timing_get_timer( &ctx->timer, 0 ); + + if( elapsed_ms >= ctx->fin_ms ) + return( 2 ); + + if( elapsed_ms >= ctx->int_ms ) + return( 1 ); + + return( 0 ); +} + +#endif /* !MBEDTLS_TIMING_ALT */ + +#if defined(MBEDTLS_SELF_TEST) /* * Busy-waits for the given number of milliseconds. - * Used for testing hardclock. + * Used for testing mbedtls_timing_hardclock. */ static void busy_msleep( unsigned long msec ) { - struct hr_time hires; + struct mbedtls_timing_hr_time hires; unsigned long i = 0; /* for busy-waiting */ volatile unsigned long j; /* to prevent optimisation */ - (void) get_timer( &hires, 1 ); + (void) mbedtls_timing_get_timer( &hires, 1 ); - while( get_timer( &hires, 0 ) < msec ) + while( mbedtls_timing_get_timer( &hires, 0 ) < msec ) i++; j = i; (void) j; } +#define FAIL do \ +{ \ + if( verbose != 0 ) \ + mbedtls_printf( "failed\n" ); \ + \ + return( 1 ); \ +} while( 0 ) + /* * Checkup routine * * Warning: this is work in progress, some tests may not be reliable enough * yet! False positives may happen. */ -int timing_self_test( int verbose ) +int mbedtls_timing_self_test( int verbose ) { unsigned long cycles, ratio; unsigned long millisecs, secs; int hardfail; - struct hr_time hires; + struct mbedtls_timing_hr_time hires; + uint32_t a, b; + mbedtls_timing_delay_context ctx; if( verbose != 0 ) - polarssl_printf( " TIMING tests note: will take some time!\n" ); + mbedtls_printf( " TIMING tests note: will take some time!\n" ); + if( verbose != 0 ) - polarssl_printf( " TIMING test #1 (m_sleep / get_timer): " ); + mbedtls_printf( " TIMING test #1 (set_alarm / get_timer): " ); for( secs = 1; secs <= 3; secs++ ) { - (void) get_timer( &hires, 1 ); + (void) mbedtls_timing_get_timer( &hires, 1 ); - m_sleep( (int)( 500 * secs ) ); + mbedtls_set_alarm( (int) secs ); + while( !mbedtls_timing_alarmed ) + ; - millisecs = get_timer( &hires, 0 ); + millisecs = mbedtls_timing_get_timer( &hires, 0 ); - if( millisecs < 450 * secs || millisecs > 550 * secs ) + if( millisecs < 900 * secs || millisecs > 1100 * secs ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( 1 ); } } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); if( verbose != 0 ) - polarssl_printf( " TIMING test #2 (set_alarm / get_timer): " ); + mbedtls_printf( " TIMING test #2 (set/get_delay ): " ); - for( secs = 1; secs <= 3; secs++ ) + for( a = 100; a <= 200; a += 100 ) { - (void) get_timer( &hires, 1 ); + for( b = 100; b <= 200; b += 100 ) + { + mbedtls_timing_set_delay( &ctx, a, a + b ); - set_alarm( (int) secs ); - while( !alarmed ) - ; + busy_msleep( a - a / 10 ); + if( mbedtls_timing_get_delay( &ctx ) != 0 ) + FAIL; - millisecs = get_timer( &hires, 0 ); + busy_msleep( a / 5 ); + if( mbedtls_timing_get_delay( &ctx ) != 1 ) + FAIL; - if( millisecs < 900 * secs || millisecs > 1100 * secs ) - { - if( verbose != 0 ) - polarssl_printf( "failed\n" ); + busy_msleep( b - a / 5 ); + if( mbedtls_timing_get_delay( &ctx ) != 1 ) + FAIL; - return( 1 ); + busy_msleep( b / 5 ); + if( mbedtls_timing_get_delay( &ctx ) != 2 ) + FAIL; } } + mbedtls_timing_set_delay( &ctx, 0, 0 ); + busy_msleep( 200 ); + if( mbedtls_timing_get_delay( &ctx ) != -1 ) + FAIL; + if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); if( verbose != 0 ) - polarssl_printf( " TIMING test #3 (hardclock / get_timer): " ); + mbedtls_printf( " TIMING test #3 (hardclock / get_timer): " ); /* * Allow one failure for possible counter wrapping. @@ -437,24 +475,24 @@ hard_test: if( hardfail > 1 ) { if( verbose != 0 ) - polarssl_printf( "failed (ignored)\n" ); + mbedtls_printf( "failed (ignored)\n" ); goto hard_test_done; } /* Get a reference ratio cycles/ms */ millisecs = 1; - cycles = hardclock(); + cycles = mbedtls_timing_hardclock(); busy_msleep( millisecs ); - cycles = hardclock() - cycles; + cycles = mbedtls_timing_hardclock() - cycles; ratio = cycles / millisecs; /* Check that the ratio is mostly constant */ for( millisecs = 2; millisecs <= 4; millisecs++ ) { - cycles = hardclock(); + cycles = mbedtls_timing_hardclock(); busy_msleep( millisecs ); - cycles = hardclock() - cycles; + cycles = mbedtls_timing_hardclock() - cycles; /* Allow variation up to 20% */ if( cycles / millisecs < ratio - ratio / 5 || @@ -466,41 +504,16 @@ hard_test: } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); hard_test_done: -#if defined(POLARSSL_NET_C) && defined(POLARSSL_HAVE_TIME) - if( verbose != 0 ) - polarssl_printf( " TIMING test #4 (net_usleep/ get_timer): " ); - - for( secs = 1; secs <= 3; secs++ ) - { - (void) get_timer( &hires, 1 ); - - net_usleep( 500000 * secs ); - - millisecs = get_timer( &hires, 0 ); - - if( millisecs < 450 * secs || millisecs > 550 * secs ) - { - if( verbose != 0 ) - polarssl_printf( "failed\n" ); - - return( 1 ); - } - } - - if( verbose != 0 ) - polarssl_printf( "passed\n" ); -#endif /* POLARSSL_NET_C */ - if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); return( 0 ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_TIMING_C && !POLARSSL_TIMING_ALT */ +#endif /* MBEDTLS_TIMING_C */ diff --git a/ext/mbedtls/library/version.c b/ext/mbedtls/library/version.c index 2856d6ccd4..4e881f0a74 100644 --- a/ext/mbedtls/library/version.c +++ b/ext/mbedtls/library/version.c @@ -20,32 +20,32 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_VERSION_C) +#if defined(MBEDTLS_VERSION_C) -#include "polarssl/version.h" +#include "mbedtls/version.h" #include -unsigned int version_get_number() +unsigned int mbedtls_version_get_number() { - return( POLARSSL_VERSION_NUMBER ); + return( MBEDTLS_VERSION_NUMBER ); } -void version_get_string( char *string ) +void mbedtls_version_get_string( char *string ) { - memcpy( string, POLARSSL_VERSION_STRING, - sizeof( POLARSSL_VERSION_STRING ) ); + memcpy( string, MBEDTLS_VERSION_STRING, + sizeof( MBEDTLS_VERSION_STRING ) ); } -void version_get_string_full( char *string ) +void mbedtls_version_get_string_full( char *string ) { - memcpy( string, POLARSSL_VERSION_STRING_FULL, - sizeof( POLARSSL_VERSION_STRING_FULL ) ); + memcpy( string, MBEDTLS_VERSION_STRING_FULL, + sizeof( MBEDTLS_VERSION_STRING_FULL ) ); } -#endif /* POLARSSL_VERSION_C */ +#endif /* MBEDTLS_VERSION_C */ diff --git a/ext/mbedtls/library/version_features.c b/ext/mbedtls/library/version_features.c index b8b3a4a35a..868289ce1b 100644 --- a/ext/mbedtls/library/version_features.c +++ b/ext/mbedtls/library/version_features.c @@ -20,555 +20,589 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_VERSION_C) +#if defined(MBEDTLS_VERSION_C) -#include "polarssl/version.h" +#include "mbedtls/version.h" #include -#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \ - !defined(EFI32) -#define strcasecmp _stricmp -#endif - static const char *features[] = { -#if defined(POLARSSL_VERSION_FEATURES) -#if defined(POLARSSL_HAVE_INT8) - "POLARSSL_HAVE_INT8", -#endif /* POLARSSL_HAVE_INT8 */ -#if defined(POLARSSL_HAVE_INT16) - "POLARSSL_HAVE_INT16", -#endif /* POLARSSL_HAVE_INT16 */ -#if defined(POLARSSL_HAVE_LONGLONG) - "POLARSSL_HAVE_LONGLONG", -#endif /* POLARSSL_HAVE_LONGLONG */ -#if defined(POLARSSL_HAVE_ASM) - "POLARSSL_HAVE_ASM", -#endif /* POLARSSL_HAVE_ASM */ -#if defined(POLARSSL_HAVE_SSE2) - "POLARSSL_HAVE_SSE2", -#endif /* POLARSSL_HAVE_SSE2 */ -#if defined(POLARSSL_HAVE_TIME) - "POLARSSL_HAVE_TIME", -#endif /* POLARSSL_HAVE_TIME */ -#if defined(POLARSSL_HAVE_IPV6) - "POLARSSL_HAVE_IPV6", -#endif /* POLARSSL_HAVE_IPV6 */ -#if defined(POLARSSL_PLATFORM_MEMORY) - "POLARSSL_PLATFORM_MEMORY", -#endif /* POLARSSL_PLATFORM_MEMORY */ -#if defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS) - "POLARSSL_PLATFORM_NO_STD_FUNCTIONS", -#endif /* POLARSSL_PLATFORM_NO_STD_FUNCTIONS */ -#if defined(POLARSSL_PLATFORM_EXIT_ALT) - "POLARSSL_PLATFORM_EXIT_ALT", -#endif /* POLARSSL_PLATFORM_EXIT_ALT */ -#if defined(POLARSSL_PLATFORM_FPRINTF_ALT) - "POLARSSL_PLATFORM_FPRINTF_ALT", -#endif /* POLARSSL_PLATFORM_FPRINTF_ALT */ -#if defined(POLARSSL_PLATFORM_PRINTF_ALT) - "POLARSSL_PLATFORM_PRINTF_ALT", -#endif /* POLARSSL_PLATFORM_PRINTF_ALT */ -#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) - "POLARSSL_PLATFORM_SNPRINTF_ALT", -#endif /* POLARSSL_PLATFORM_SNPRINTF_ALT */ -#if defined(POLARSSL_DEPRECATED_WARNING) - "POLARSSL_DEPRECATED_WARNING", -#endif /* POLARSSL_DEPRECATED_WARNING */ -#if defined(POLARSSL_DEPRECATED_REMOVED) - "POLARSSL_DEPRECATED_REMOVED", -#endif /* POLARSSL_DEPRECATED_REMOVED */ -#if defined(POLARSSL_TIMING_ALT) - "POLARSSL_TIMING_ALT", -#endif /* POLARSSL_TIMING_ALT */ -#if defined(POLARSSL_AES_ALT) - "POLARSSL_AES_ALT", -#endif /* POLARSSL_AES_ALT */ -#if defined(POLARSSL_ARC4_ALT) - "POLARSSL_ARC4_ALT", -#endif /* POLARSSL_ARC4_ALT */ -#if defined(POLARSSL_BLOWFISH_ALT) - "POLARSSL_BLOWFISH_ALT", -#endif /* POLARSSL_BLOWFISH_ALT */ -#if defined(POLARSSL_CAMELLIA_ALT) - "POLARSSL_CAMELLIA_ALT", -#endif /* POLARSSL_CAMELLIA_ALT */ -#if defined(POLARSSL_DES_ALT) - "POLARSSL_DES_ALT", -#endif /* POLARSSL_DES_ALT */ -#if defined(POLARSSL_XTEA_ALT) - "POLARSSL_XTEA_ALT", -#endif /* POLARSSL_XTEA_ALT */ -#if defined(POLARSSL_MD2_ALT) - "POLARSSL_MD2_ALT", -#endif /* POLARSSL_MD2_ALT */ -#if defined(POLARSSL_MD4_ALT) - "POLARSSL_MD4_ALT", -#endif /* POLARSSL_MD4_ALT */ -#if defined(POLARSSL_MD5_ALT) - "POLARSSL_MD5_ALT", -#endif /* POLARSSL_MD5_ALT */ -#if defined(POLARSSL_RIPEMD160_ALT) - "POLARSSL_RIPEMD160_ALT", -#endif /* POLARSSL_RIPEMD160_ALT */ -#if defined(POLARSSL_SHA1_ALT) - "POLARSSL_SHA1_ALT", -#endif /* POLARSSL_SHA1_ALT */ -#if defined(POLARSSL_SHA256_ALT) - "POLARSSL_SHA256_ALT", -#endif /* POLARSSL_SHA256_ALT */ -#if defined(POLARSSL_SHA512_ALT) - "POLARSSL_SHA512_ALT", -#endif /* POLARSSL_SHA512_ALT */ -#if defined(POLARSSL_AES_ROM_TABLES) - "POLARSSL_AES_ROM_TABLES", -#endif /* POLARSSL_AES_ROM_TABLES */ -#if defined(POLARSSL_CAMELLIA_SMALL_MEMORY) - "POLARSSL_CAMELLIA_SMALL_MEMORY", -#endif /* POLARSSL_CAMELLIA_SMALL_MEMORY */ -#if defined(POLARSSL_CIPHER_MODE_CBC) - "POLARSSL_CIPHER_MODE_CBC", -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#if defined(POLARSSL_CIPHER_MODE_CFB) - "POLARSSL_CIPHER_MODE_CFB", -#endif /* POLARSSL_CIPHER_MODE_CFB */ -#if defined(POLARSSL_CIPHER_MODE_CTR) - "POLARSSL_CIPHER_MODE_CTR", -#endif /* POLARSSL_CIPHER_MODE_CTR */ -#if defined(POLARSSL_CIPHER_NULL_CIPHER) - "POLARSSL_CIPHER_NULL_CIPHER", -#endif /* POLARSSL_CIPHER_NULL_CIPHER */ -#if defined(POLARSSL_CIPHER_PADDING_PKCS7) - "POLARSSL_CIPHER_PADDING_PKCS7", -#endif /* POLARSSL_CIPHER_PADDING_PKCS7 */ -#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS) - "POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS", -#endif /* POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS */ -#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN) - "POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN", -#endif /* POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN */ -#if defined(POLARSSL_CIPHER_PADDING_ZEROS) - "POLARSSL_CIPHER_PADDING_ZEROS", -#endif /* POLARSSL_CIPHER_PADDING_ZEROS */ -#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) - "POLARSSL_ENABLE_WEAK_CIPHERSUITES", -#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */ -#if defined(POLARSSL_REMOVE_ARC4_CIPHERSUITES) - "POLARSSL_REMOVE_ARC4_CIPHERSUITES", -#endif /* POLARSSL_REMOVE_ARC4_CIPHERSUITES */ -#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) - "POLARSSL_ECP_DP_SECP192R1_ENABLED", -#endif /* POLARSSL_ECP_DP_SECP192R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) - "POLARSSL_ECP_DP_SECP224R1_ENABLED", -#endif /* POLARSSL_ECP_DP_SECP224R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) - "POLARSSL_ECP_DP_SECP256R1_ENABLED", -#endif /* POLARSSL_ECP_DP_SECP256R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) - "POLARSSL_ECP_DP_SECP384R1_ENABLED", -#endif /* POLARSSL_ECP_DP_SECP384R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) - "POLARSSL_ECP_DP_SECP521R1_ENABLED", -#endif /* POLARSSL_ECP_DP_SECP521R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) - "POLARSSL_ECP_DP_SECP192K1_ENABLED", -#endif /* POLARSSL_ECP_DP_SECP192K1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) - "POLARSSL_ECP_DP_SECP224K1_ENABLED", -#endif /* POLARSSL_ECP_DP_SECP224K1_ENABLED */ -#if defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) - "POLARSSL_ECP_DP_SECP256K1_ENABLED", -#endif /* POLARSSL_ECP_DP_SECP256K1_ENABLED */ -#if defined(POLARSSL_ECP_DP_BP256R1_ENABLED) - "POLARSSL_ECP_DP_BP256R1_ENABLED", -#endif /* POLARSSL_ECP_DP_BP256R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_BP384R1_ENABLED) - "POLARSSL_ECP_DP_BP384R1_ENABLED", -#endif /* POLARSSL_ECP_DP_BP384R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_BP512R1_ENABLED) - "POLARSSL_ECP_DP_BP512R1_ENABLED", -#endif /* POLARSSL_ECP_DP_BP512R1_ENABLED */ -#if defined(POLARSSL_ECP_DP_M221_ENABLED) - "POLARSSL_ECP_DP_M221_ENABLED", -#endif /* POLARSSL_ECP_DP_M221_ENABLED */ -#if defined(POLARSSL_ECP_DP_M255_ENABLED) - "POLARSSL_ECP_DP_M255_ENABLED", -#endif /* POLARSSL_ECP_DP_M255_ENABLED */ -#if defined(POLARSSL_ECP_DP_M383_ENABLED) - "POLARSSL_ECP_DP_M383_ENABLED", -#endif /* POLARSSL_ECP_DP_M383_ENABLED */ -#if defined(POLARSSL_ECP_DP_M511_ENABLED) - "POLARSSL_ECP_DP_M511_ENABLED", -#endif /* POLARSSL_ECP_DP_M511_ENABLED */ -#if defined(POLARSSL_ECP_NIST_OPTIM) - "POLARSSL_ECP_NIST_OPTIM", -#endif /* POLARSSL_ECP_NIST_OPTIM */ -#if defined(POLARSSL_ECDSA_DETERMINISTIC) - "POLARSSL_ECDSA_DETERMINISTIC", -#endif /* POLARSSL_ECDSA_DETERMINISTIC */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) - "POLARSSL_KEY_EXCHANGE_PSK_ENABLED", -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) - "POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED", -#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - "POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED", -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) - "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED", -#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) - "POLARSSL_KEY_EXCHANGE_RSA_ENABLED", -#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) - "POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED", -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) - "POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED", -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - "POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - "POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", -#endif /* POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) - "POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED", -#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED */ -#if defined(POLARSSL_PK_PARSE_EC_EXTENDED) - "POLARSSL_PK_PARSE_EC_EXTENDED", -#endif /* POLARSSL_PK_PARSE_EC_EXTENDED */ -#if defined(POLARSSL_ERROR_STRERROR_BC) - "POLARSSL_ERROR_STRERROR_BC", -#endif /* POLARSSL_ERROR_STRERROR_BC */ -#if defined(POLARSSL_ERROR_STRERROR_DUMMY) - "POLARSSL_ERROR_STRERROR_DUMMY", -#endif /* POLARSSL_ERROR_STRERROR_DUMMY */ -#if defined(POLARSSL_GENPRIME) - "POLARSSL_GENPRIME", -#endif /* POLARSSL_GENPRIME */ -#if defined(POLARSSL_FS_IO) - "POLARSSL_FS_IO", -#endif /* POLARSSL_FS_IO */ -#if defined(POLARSSL_NO_DEFAULT_ENTROPY_SOURCES) - "POLARSSL_NO_DEFAULT_ENTROPY_SOURCES", -#endif /* POLARSSL_NO_DEFAULT_ENTROPY_SOURCES */ -#if defined(POLARSSL_NO_PLATFORM_ENTROPY) - "POLARSSL_NO_PLATFORM_ENTROPY", -#endif /* POLARSSL_NO_PLATFORM_ENTROPY */ -#if defined(POLARSSL_ENTROPY_FORCE_SHA256) - "POLARSSL_ENTROPY_FORCE_SHA256", -#endif /* POLARSSL_ENTROPY_FORCE_SHA256 */ -#if defined(POLARSSL_MEMORY_DEBUG) - "POLARSSL_MEMORY_DEBUG", -#endif /* POLARSSL_MEMORY_DEBUG */ -#if defined(POLARSSL_MEMORY_BACKTRACE) - "POLARSSL_MEMORY_BACKTRACE", -#endif /* POLARSSL_MEMORY_BACKTRACE */ -#if defined(POLARSSL_PKCS1_V15) - "POLARSSL_PKCS1_V15", -#endif /* POLARSSL_PKCS1_V15 */ -#if defined(POLARSSL_PKCS1_V21) - "POLARSSL_PKCS1_V21", -#endif /* POLARSSL_PKCS1_V21 */ -#if defined(POLARSSL_RSA_NO_CRT) - "POLARSSL_RSA_NO_CRT", -#endif /* POLARSSL_RSA_NO_CRT */ -#if defined(POLARSSL_SELF_TEST) - "POLARSSL_SELF_TEST", -#endif /* POLARSSL_SELF_TEST */ -#if defined(POLARSSL_SSL_AEAD_RANDOM_IV) - "POLARSSL_SSL_AEAD_RANDOM_IV", -#endif /* POLARSSL_SSL_AEAD_RANDOM_IV */ -#if defined(POLARSSL_SSL_ALERT_MESSAGES) - "POLARSSL_SSL_ALERT_MESSAGES", -#endif /* POLARSSL_SSL_ALERT_MESSAGES */ -#if defined(POLARSSL_SSL_DEBUG_ALL) - "POLARSSL_SSL_DEBUG_ALL", -#endif /* POLARSSL_SSL_DEBUG_ALL */ -#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) - "POLARSSL_SSL_ENCRYPT_THEN_MAC", -#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */ -#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) - "POLARSSL_SSL_EXTENDED_MASTER_SECRET", -#endif /* POLARSSL_SSL_EXTENDED_MASTER_SECRET */ -#if defined(POLARSSL_SSL_FALLBACK_SCSV) - "POLARSSL_SSL_FALLBACK_SCSV", -#endif /* POLARSSL_SSL_FALLBACK_SCSV */ -#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) - "POLARSSL_SSL_HW_RECORD_ACCEL", -#endif /* POLARSSL_SSL_HW_RECORD_ACCEL */ -#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) - "POLARSSL_SSL_CBC_RECORD_SPLITTING", -#endif /* POLARSSL_SSL_CBC_RECORD_SPLITTING */ -#if defined(POLARSSL_SSL_DISABLE_RENEGOTIATION) - "POLARSSL_SSL_DISABLE_RENEGOTIATION", -#endif /* POLARSSL_SSL_DISABLE_RENEGOTIATION */ -#if defined(POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) - "POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO", -#endif /* POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ -#if defined(POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - "POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE", -#endif /* POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE */ -#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) - "POLARSSL_SSL_MAX_FRAGMENT_LENGTH", -#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(POLARSSL_SSL_PROTO_SSL3) - "POLARSSL_SSL_PROTO_SSL3", -#endif /* POLARSSL_SSL_PROTO_SSL3 */ -#if defined(POLARSSL_SSL_PROTO_TLS1) - "POLARSSL_SSL_PROTO_TLS1", -#endif /* POLARSSL_SSL_PROTO_TLS1 */ -#if defined(POLARSSL_SSL_PROTO_TLS1_1) - "POLARSSL_SSL_PROTO_TLS1_1", -#endif /* POLARSSL_SSL_PROTO_TLS1_1 */ -#if defined(POLARSSL_SSL_PROTO_TLS1_2) - "POLARSSL_SSL_PROTO_TLS1_2", -#endif /* POLARSSL_SSL_PROTO_TLS1_2 */ -#if defined(POLARSSL_SSL_ALPN) - "POLARSSL_SSL_ALPN", -#endif /* POLARSSL_SSL_ALPN */ -#if defined(POLARSSL_SSL_SESSION_TICKETS) - "POLARSSL_SSL_SESSION_TICKETS", -#endif /* POLARSSL_SSL_SESSION_TICKETS */ -#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) - "POLARSSL_SSL_SERVER_NAME_INDICATION", -#endif /* POLARSSL_SSL_SERVER_NAME_INDICATION */ -#if defined(POLARSSL_SSL_TRUNCATED_HMAC) - "POLARSSL_SSL_TRUNCATED_HMAC", -#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ -#if defined(POLARSSL_SSL_SET_CURVES) - "POLARSSL_SSL_SET_CURVES", -#endif /* POLARSSL_SSL_SET_CURVES */ -#if defined(POLARSSL_THREADING_ALT) - "POLARSSL_THREADING_ALT", -#endif /* POLARSSL_THREADING_ALT */ -#if defined(POLARSSL_THREADING_PTHREAD) - "POLARSSL_THREADING_PTHREAD", -#endif /* POLARSSL_THREADING_PTHREAD */ -#if defined(POLARSSL_VERSION_FEATURES) - "POLARSSL_VERSION_FEATURES", -#endif /* POLARSSL_VERSION_FEATURES */ -#if defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3) - "POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3", -#endif /* POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 */ -#if defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - "POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION", -#endif /* POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */ -#if defined(POLARSSL_X509_CHECK_KEY_USAGE) - "POLARSSL_X509_CHECK_KEY_USAGE", -#endif /* POLARSSL_X509_CHECK_KEY_USAGE */ -#if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) - "POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE", -#endif /* POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE */ -#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) - "POLARSSL_X509_RSASSA_PSS_SUPPORT", -#endif /* POLARSSL_X509_RSASSA_PSS_SUPPORT */ -#if defined(POLARSSL_ZLIB_SUPPORT) - "POLARSSL_ZLIB_SUPPORT", -#endif /* POLARSSL_ZLIB_SUPPORT */ -#if defined(POLARSSL_AESNI_C) - "POLARSSL_AESNI_C", -#endif /* POLARSSL_AESNI_C */ -#if defined(POLARSSL_AES_C) - "POLARSSL_AES_C", -#endif /* POLARSSL_AES_C */ -#if defined(POLARSSL_ARC4_C) - "POLARSSL_ARC4_C", -#endif /* POLARSSL_ARC4_C */ -#if defined(POLARSSL_ASN1_PARSE_C) - "POLARSSL_ASN1_PARSE_C", -#endif /* POLARSSL_ASN1_PARSE_C */ -#if defined(POLARSSL_ASN1_WRITE_C) - "POLARSSL_ASN1_WRITE_C", -#endif /* POLARSSL_ASN1_WRITE_C */ -#if defined(POLARSSL_BASE64_C) - "POLARSSL_BASE64_C", -#endif /* POLARSSL_BASE64_C */ -#if defined(POLARSSL_BIGNUM_C) - "POLARSSL_BIGNUM_C", -#endif /* POLARSSL_BIGNUM_C */ -#if defined(POLARSSL_BLOWFISH_C) - "POLARSSL_BLOWFISH_C", -#endif /* POLARSSL_BLOWFISH_C */ -#if defined(POLARSSL_CAMELLIA_C) - "POLARSSL_CAMELLIA_C", -#endif /* POLARSSL_CAMELLIA_C */ -#if defined(POLARSSL_CCM_C) - "POLARSSL_CCM_C", -#endif /* POLARSSL_CCM_C */ -#if defined(POLARSSL_CERTS_C) - "POLARSSL_CERTS_C", -#endif /* POLARSSL_CERTS_C */ -#if defined(POLARSSL_CIPHER_C) - "POLARSSL_CIPHER_C", -#endif /* POLARSSL_CIPHER_C */ -#if defined(POLARSSL_CTR_DRBG_C) - "POLARSSL_CTR_DRBG_C", -#endif /* POLARSSL_CTR_DRBG_C */ -#if defined(POLARSSL_DEBUG_C) - "POLARSSL_DEBUG_C", -#endif /* POLARSSL_DEBUG_C */ -#if defined(POLARSSL_DES_C) - "POLARSSL_DES_C", -#endif /* POLARSSL_DES_C */ -#if defined(POLARSSL_DHM_C) - "POLARSSL_DHM_C", -#endif /* POLARSSL_DHM_C */ -#if defined(POLARSSL_ECDH_C) - "POLARSSL_ECDH_C", -#endif /* POLARSSL_ECDH_C */ -#if defined(POLARSSL_ECDSA_C) - "POLARSSL_ECDSA_C", -#endif /* POLARSSL_ECDSA_C */ -#if defined(POLARSSL_ECP_C) - "POLARSSL_ECP_C", -#endif /* POLARSSL_ECP_C */ -#if defined(POLARSSL_ENTROPY_C) - "POLARSSL_ENTROPY_C", -#endif /* POLARSSL_ENTROPY_C */ -#if defined(POLARSSL_ERROR_C) - "POLARSSL_ERROR_C", -#endif /* POLARSSL_ERROR_C */ -#if defined(POLARSSL_GCM_C) - "POLARSSL_GCM_C", -#endif /* POLARSSL_GCM_C */ -#if defined(POLARSSL_HAVEGE_C) - "POLARSSL_HAVEGE_C", -#endif /* POLARSSL_HAVEGE_C */ -#if defined(POLARSSL_HMAC_DRBG_C) - "POLARSSL_HMAC_DRBG_C", -#endif /* POLARSSL_HMAC_DRBG_C */ -#if defined(POLARSSL_MD_C) - "POLARSSL_MD_C", -#endif /* POLARSSL_MD_C */ -#if defined(POLARSSL_MD2_C) - "POLARSSL_MD2_C", -#endif /* POLARSSL_MD2_C */ -#if defined(POLARSSL_MD4_C) - "POLARSSL_MD4_C", -#endif /* POLARSSL_MD4_C */ -#if defined(POLARSSL_MD5_C) - "POLARSSL_MD5_C", -#endif /* POLARSSL_MD5_C */ -#if defined(POLARSSL_MEMORY_C) - "POLARSSL_MEMORY_C", -#endif /* POLARSSL_MEMORY_C */ -#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) - "POLARSSL_MEMORY_BUFFER_ALLOC_C", -#endif /* POLARSSL_MEMORY_BUFFER_ALLOC_C */ -#if defined(POLARSSL_NET_C) - "POLARSSL_NET_C", -#endif /* POLARSSL_NET_C */ -#if defined(POLARSSL_OID_C) - "POLARSSL_OID_C", -#endif /* POLARSSL_OID_C */ -#if defined(POLARSSL_PADLOCK_C) - "POLARSSL_PADLOCK_C", -#endif /* POLARSSL_PADLOCK_C */ -#if defined(POLARSSL_PBKDF2_C) - "POLARSSL_PBKDF2_C", -#endif /* POLARSSL_PBKDF2_C */ -#if defined(POLARSSL_PEM_PARSE_C) - "POLARSSL_PEM_PARSE_C", -#endif /* POLARSSL_PEM_PARSE_C */ -#if defined(POLARSSL_PEM_WRITE_C) - "POLARSSL_PEM_WRITE_C", -#endif /* POLARSSL_PEM_WRITE_C */ -#if defined(POLARSSL_PK_C) - "POLARSSL_PK_C", -#endif /* POLARSSL_PK_C */ -#if defined(POLARSSL_PK_PARSE_C) - "POLARSSL_PK_PARSE_C", -#endif /* POLARSSL_PK_PARSE_C */ -#if defined(POLARSSL_PK_WRITE_C) - "POLARSSL_PK_WRITE_C", -#endif /* POLARSSL_PK_WRITE_C */ -#if defined(POLARSSL_PKCS5_C) - "POLARSSL_PKCS5_C", -#endif /* POLARSSL_PKCS5_C */ -#if defined(POLARSSL_PKCS11_C) - "POLARSSL_PKCS11_C", -#endif /* POLARSSL_PKCS11_C */ -#if defined(POLARSSL_PKCS12_C) - "POLARSSL_PKCS12_C", -#endif /* POLARSSL_PKCS12_C */ -#if defined(POLARSSL_PLATFORM_C) - "POLARSSL_PLATFORM_C", -#endif /* POLARSSL_PLATFORM_C */ -#if defined(POLARSSL_RIPEMD160_C) - "POLARSSL_RIPEMD160_C", -#endif /* POLARSSL_RIPEMD160_C */ -#if defined(POLARSSL_RSA_C) - "POLARSSL_RSA_C", -#endif /* POLARSSL_RSA_C */ -#if defined(POLARSSL_SHA1_C) - "POLARSSL_SHA1_C", -#endif /* POLARSSL_SHA1_C */ -#if defined(POLARSSL_SHA256_C) - "POLARSSL_SHA256_C", -#endif /* POLARSSL_SHA256_C */ -#if defined(POLARSSL_SHA512_C) - "POLARSSL_SHA512_C", -#endif /* POLARSSL_SHA512_C */ -#if defined(POLARSSL_SSL_CACHE_C) - "POLARSSL_SSL_CACHE_C", -#endif /* POLARSSL_SSL_CACHE_C */ -#if defined(POLARSSL_SSL_CLI_C) - "POLARSSL_SSL_CLI_C", -#endif /* POLARSSL_SSL_CLI_C */ -#if defined(POLARSSL_SSL_SRV_C) - "POLARSSL_SSL_SRV_C", -#endif /* POLARSSL_SSL_SRV_C */ -#if defined(POLARSSL_SSL_TLS_C) - "POLARSSL_SSL_TLS_C", -#endif /* POLARSSL_SSL_TLS_C */ -#if defined(POLARSSL_THREADING_C) - "POLARSSL_THREADING_C", -#endif /* POLARSSL_THREADING_C */ -#if defined(POLARSSL_TIMING_C) - "POLARSSL_TIMING_C", -#endif /* POLARSSL_TIMING_C */ -#if defined(POLARSSL_VERSION_C) - "POLARSSL_VERSION_C", -#endif /* POLARSSL_VERSION_C */ -#if defined(POLARSSL_X509_USE_C) - "POLARSSL_X509_USE_C", -#endif /* POLARSSL_X509_USE_C */ -#if defined(POLARSSL_X509_CRT_PARSE_C) - "POLARSSL_X509_CRT_PARSE_C", -#endif /* POLARSSL_X509_CRT_PARSE_C */ -#if defined(POLARSSL_X509_CRL_PARSE_C) - "POLARSSL_X509_CRL_PARSE_C", -#endif /* POLARSSL_X509_CRL_PARSE_C */ -#if defined(POLARSSL_X509_CSR_PARSE_C) - "POLARSSL_X509_CSR_PARSE_C", -#endif /* POLARSSL_X509_CSR_PARSE_C */ -#if defined(POLARSSL_X509_CREATE_C) - "POLARSSL_X509_CREATE_C", -#endif /* POLARSSL_X509_CREATE_C */ -#if defined(POLARSSL_X509_CRT_WRITE_C) - "POLARSSL_X509_CRT_WRITE_C", -#endif /* POLARSSL_X509_CRT_WRITE_C */ -#if defined(POLARSSL_X509_CSR_WRITE_C) - "POLARSSL_X509_CSR_WRITE_C", -#endif /* POLARSSL_X509_CSR_WRITE_C */ -#if defined(POLARSSL_XTEA_C) - "POLARSSL_XTEA_C", -#endif /* POLARSSL_XTEA_C */ -#endif /* POLARSSL_VERSION_FEATURES */ +#if defined(MBEDTLS_VERSION_FEATURES) +#if defined(MBEDTLS_HAVE_ASM) + "MBEDTLS_HAVE_ASM", +#endif /* MBEDTLS_HAVE_ASM */ +#if defined(MBEDTLS_HAVE_SSE2) + "MBEDTLS_HAVE_SSE2", +#endif /* MBEDTLS_HAVE_SSE2 */ +#if defined(MBEDTLS_HAVE_TIME) + "MBEDTLS_HAVE_TIME", +#endif /* MBEDTLS_HAVE_TIME */ +#if defined(MBEDTLS_HAVE_TIME_DATE) + "MBEDTLS_HAVE_TIME_DATE", +#endif /* MBEDTLS_HAVE_TIME_DATE */ +#if defined(MBEDTLS_PLATFORM_MEMORY) + "MBEDTLS_PLATFORM_MEMORY", +#endif /* MBEDTLS_PLATFORM_MEMORY */ +#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) + "MBEDTLS_PLATFORM_NO_STD_FUNCTIONS", +#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ +#if defined(MBEDTLS_PLATFORM_EXIT_ALT) + "MBEDTLS_PLATFORM_EXIT_ALT", +#endif /* MBEDTLS_PLATFORM_EXIT_ALT */ +#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) + "MBEDTLS_PLATFORM_FPRINTF_ALT", +#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ +#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) + "MBEDTLS_PLATFORM_PRINTF_ALT", +#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ +#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) + "MBEDTLS_PLATFORM_SNPRINTF_ALT", +#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ +#if defined(MBEDTLS_DEPRECATED_WARNING) + "MBEDTLS_DEPRECATED_WARNING", +#endif /* MBEDTLS_DEPRECATED_WARNING */ +#if defined(MBEDTLS_DEPRECATED_REMOVED) + "MBEDTLS_DEPRECATED_REMOVED", +#endif /* MBEDTLS_DEPRECATED_REMOVED */ +#if defined(MBEDTLS_TIMING_ALT) + "MBEDTLS_TIMING_ALT", +#endif /* MBEDTLS_TIMING_ALT */ +#if defined(MBEDTLS_AES_ALT) + "MBEDTLS_AES_ALT", +#endif /* MBEDTLS_AES_ALT */ +#if defined(MBEDTLS_ARC4_ALT) + "MBEDTLS_ARC4_ALT", +#endif /* MBEDTLS_ARC4_ALT */ +#if defined(MBEDTLS_BLOWFISH_ALT) + "MBEDTLS_BLOWFISH_ALT", +#endif /* MBEDTLS_BLOWFISH_ALT */ +#if defined(MBEDTLS_CAMELLIA_ALT) + "MBEDTLS_CAMELLIA_ALT", +#endif /* MBEDTLS_CAMELLIA_ALT */ +#if defined(MBEDTLS_DES_ALT) + "MBEDTLS_DES_ALT", +#endif /* MBEDTLS_DES_ALT */ +#if defined(MBEDTLS_XTEA_ALT) + "MBEDTLS_XTEA_ALT", +#endif /* MBEDTLS_XTEA_ALT */ +#if defined(MBEDTLS_MD2_ALT) + "MBEDTLS_MD2_ALT", +#endif /* MBEDTLS_MD2_ALT */ +#if defined(MBEDTLS_MD4_ALT) + "MBEDTLS_MD4_ALT", +#endif /* MBEDTLS_MD4_ALT */ +#if defined(MBEDTLS_MD5_ALT) + "MBEDTLS_MD5_ALT", +#endif /* MBEDTLS_MD5_ALT */ +#if defined(MBEDTLS_RIPEMD160_ALT) + "MBEDTLS_RIPEMD160_ALT", +#endif /* MBEDTLS_RIPEMD160_ALT */ +#if defined(MBEDTLS_SHA1_ALT) + "MBEDTLS_SHA1_ALT", +#endif /* MBEDTLS_SHA1_ALT */ +#if defined(MBEDTLS_SHA256_ALT) + "MBEDTLS_SHA256_ALT", +#endif /* MBEDTLS_SHA256_ALT */ +#if defined(MBEDTLS_SHA512_ALT) + "MBEDTLS_SHA512_ALT", +#endif /* MBEDTLS_SHA512_ALT */ +#if defined(MBEDTLS_MD2_PROCESS_ALT) + "MBEDTLS_MD2_PROCESS_ALT", +#endif /* MBEDTLS_MD2_PROCESS_ALT */ +#if defined(MBEDTLS_MD4_PROCESS_ALT) + "MBEDTLS_MD4_PROCESS_ALT", +#endif /* MBEDTLS_MD4_PROCESS_ALT */ +#if defined(MBEDTLS_MD5_PROCESS_ALT) + "MBEDTLS_MD5_PROCESS_ALT", +#endif /* MBEDTLS_MD5_PROCESS_ALT */ +#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT) + "MBEDTLS_RIPEMD160_PROCESS_ALT", +#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */ +#if defined(MBEDTLS_SHA1_PROCESS_ALT) + "MBEDTLS_SHA1_PROCESS_ALT", +#endif /* MBEDTLS_SHA1_PROCESS_ALT */ +#if defined(MBEDTLS_SHA256_PROCESS_ALT) + "MBEDTLS_SHA256_PROCESS_ALT", +#endif /* MBEDTLS_SHA256_PROCESS_ALT */ +#if defined(MBEDTLS_SHA512_PROCESS_ALT) + "MBEDTLS_SHA512_PROCESS_ALT", +#endif /* MBEDTLS_SHA512_PROCESS_ALT */ +#if defined(MBEDTLS_DES_SETKEY_ALT) + "MBEDTLS_DES_SETKEY_ALT", +#endif /* MBEDTLS_DES_SETKEY_ALT */ +#if defined(MBEDTLS_DES_CRYPT_ECB_ALT) + "MBEDTLS_DES_CRYPT_ECB_ALT", +#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */ +#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT) + "MBEDTLS_DES3_CRYPT_ECB_ALT", +#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */ +#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) + "MBEDTLS_AES_SETKEY_ENC_ALT", +#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */ +#if defined(MBEDTLS_AES_SETKEY_DEC_ALT) + "MBEDTLS_AES_SETKEY_DEC_ALT", +#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */ +#if defined(MBEDTLS_AES_ENCRYPT_ALT) + "MBEDTLS_AES_ENCRYPT_ALT", +#endif /* MBEDTLS_AES_ENCRYPT_ALT */ +#if defined(MBEDTLS_AES_DECRYPT_ALT) + "MBEDTLS_AES_DECRYPT_ALT", +#endif /* MBEDTLS_AES_DECRYPT_ALT */ +#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) + "MBEDTLS_ENTROPY_HARDWARE_ALT", +#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ +#if defined(MBEDTLS_AES_ROM_TABLES) + "MBEDTLS_AES_ROM_TABLES", +#endif /* MBEDTLS_AES_ROM_TABLES */ +#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY) + "MBEDTLS_CAMELLIA_SMALL_MEMORY", +#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ +#if defined(MBEDTLS_CIPHER_MODE_CBC) + "MBEDTLS_CIPHER_MODE_CBC", +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if defined(MBEDTLS_CIPHER_MODE_CFB) + "MBEDTLS_CIPHER_MODE_CFB", +#endif /* MBEDTLS_CIPHER_MODE_CFB */ +#if defined(MBEDTLS_CIPHER_MODE_CTR) + "MBEDTLS_CIPHER_MODE_CTR", +#endif /* MBEDTLS_CIPHER_MODE_CTR */ +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) + "MBEDTLS_CIPHER_NULL_CIPHER", +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + "MBEDTLS_CIPHER_PADDING_PKCS7", +#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ +#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) + "MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS", +#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ +#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) + "MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN", +#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ +#if defined(MBEDTLS_CIPHER_PADDING_ZEROS) + "MBEDTLS_CIPHER_PADDING_ZEROS", +#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ +#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) + "MBEDTLS_ENABLE_WEAK_CIPHERSUITES", +#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ +#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) + "MBEDTLS_REMOVE_ARC4_CIPHERSUITES", +#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + "MBEDTLS_ECP_DP_SECP192R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + "MBEDTLS_ECP_DP_SECP224R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + "MBEDTLS_ECP_DP_SECP256R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + "MBEDTLS_ECP_DP_SECP384R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + "MBEDTLS_ECP_DP_SECP521R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + "MBEDTLS_ECP_DP_SECP192K1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + "MBEDTLS_ECP_DP_SECP224K1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + "MBEDTLS_ECP_DP_SECP256K1_ENABLED", +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) + "MBEDTLS_ECP_DP_BP256R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + "MBEDTLS_ECP_DP_BP384R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + "MBEDTLS_ECP_DP_BP512R1_ENABLED", +#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + "MBEDTLS_ECP_DP_CURVE25519_ENABLED", +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ +#if defined(MBEDTLS_ECP_NIST_OPTIM) + "MBEDTLS_ECP_NIST_OPTIM", +#endif /* MBEDTLS_ECP_NIST_OPTIM */ +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + "MBEDTLS_ECDSA_DETERMINISTIC", +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) + "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ +#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) + "MBEDTLS_PK_PARSE_EC_EXTENDED", +#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ +#if defined(MBEDTLS_ERROR_STRERROR_DUMMY) + "MBEDTLS_ERROR_STRERROR_DUMMY", +#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */ +#if defined(MBEDTLS_GENPRIME) + "MBEDTLS_GENPRIME", +#endif /* MBEDTLS_GENPRIME */ +#if defined(MBEDTLS_FS_IO) + "MBEDTLS_FS_IO", +#endif /* MBEDTLS_FS_IO */ +#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) + "MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES", +#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ +#if defined(MBEDTLS_NO_PLATFORM_ENTROPY) + "MBEDTLS_NO_PLATFORM_ENTROPY", +#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */ +#if defined(MBEDTLS_ENTROPY_FORCE_SHA256) + "MBEDTLS_ENTROPY_FORCE_SHA256", +#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */ +#if defined(MBEDTLS_MEMORY_DEBUG) + "MBEDTLS_MEMORY_DEBUG", +#endif /* MBEDTLS_MEMORY_DEBUG */ +#if defined(MBEDTLS_MEMORY_BACKTRACE) + "MBEDTLS_MEMORY_BACKTRACE", +#endif /* MBEDTLS_MEMORY_BACKTRACE */ +#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) + "MBEDTLS_PK_RSA_ALT_SUPPORT", +#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ +#if defined(MBEDTLS_PKCS1_V15) + "MBEDTLS_PKCS1_V15", +#endif /* MBEDTLS_PKCS1_V15 */ +#if defined(MBEDTLS_PKCS1_V21) + "MBEDTLS_PKCS1_V21", +#endif /* MBEDTLS_PKCS1_V21 */ +#if defined(MBEDTLS_RSA_NO_CRT) + "MBEDTLS_RSA_NO_CRT", +#endif /* MBEDTLS_RSA_NO_CRT */ +#if defined(MBEDTLS_SELF_TEST) + "MBEDTLS_SELF_TEST", +#endif /* MBEDTLS_SELF_TEST */ +#if defined(MBEDTLS_SHA256_SMALLER) + "MBEDTLS_SHA256_SMALLER", +#endif /* MBEDTLS_SHA256_SMALLER */ +#if defined(MBEDTLS_SSL_AEAD_RANDOM_IV) + "MBEDTLS_SSL_AEAD_RANDOM_IV", +#endif /* MBEDTLS_SSL_AEAD_RANDOM_IV */ +#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) + "MBEDTLS_SSL_ALL_ALERT_MESSAGES", +#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ +#if defined(MBEDTLS_SSL_DEBUG_ALL) + "MBEDTLS_SSL_DEBUG_ALL", +#endif /* MBEDTLS_SSL_DEBUG_ALL */ +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + "MBEDTLS_SSL_ENCRYPT_THEN_MAC", +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) + "MBEDTLS_SSL_FALLBACK_SCSV", +#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + "MBEDTLS_SSL_HW_RECORD_ACCEL", +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + "MBEDTLS_SSL_CBC_RECORD_SPLITTING", +#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ +#if defined(MBEDTLS_SSL_RENEGOTIATION) + "MBEDTLS_SSL_RENEGOTIATION", +#endif /* MBEDTLS_SSL_RENEGOTIATION */ +#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) + "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO", +#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ +#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) + "MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE", +#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */ +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) + "MBEDTLS_SSL_PROTO_SSL3", +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1) + "MBEDTLS_SSL_PROTO_TLS1", +#endif /* MBEDTLS_SSL_PROTO_TLS1 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) + "MBEDTLS_SSL_PROTO_TLS1_1", +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + "MBEDTLS_SSL_PROTO_TLS1_2", +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + "MBEDTLS_SSL_PROTO_DTLS", +#endif /* MBEDTLS_SSL_PROTO_DTLS */ +#if defined(MBEDTLS_SSL_ALPN) + "MBEDTLS_SSL_ALPN", +#endif /* MBEDTLS_SSL_ALPN */ +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + "MBEDTLS_SSL_DTLS_ANTI_REPLAY", +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + "MBEDTLS_SSL_DTLS_HELLO_VERIFY", +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) + "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", +#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + "MBEDTLS_SSL_SESSION_TICKETS", +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + "MBEDTLS_SSL_SERVER_NAME_INDICATION", +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + "MBEDTLS_SSL_TRUNCATED_HMAC", +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ +#if defined(MBEDTLS_THREADING_ALT) + "MBEDTLS_THREADING_ALT", +#endif /* MBEDTLS_THREADING_ALT */ +#if defined(MBEDTLS_THREADING_PTHREAD) + "MBEDTLS_THREADING_PTHREAD", +#endif /* MBEDTLS_THREADING_PTHREAD */ +#if defined(MBEDTLS_VERSION_FEATURES) + "MBEDTLS_VERSION_FEATURES", +#endif /* MBEDTLS_VERSION_FEATURES */ +#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) + "MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3", +#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */ +#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) + "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION", +#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */ +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) + "MBEDTLS_X509_CHECK_KEY_USAGE", +#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ +#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) + "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", +#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + "MBEDTLS_X509_RSASSA_PSS_SUPPORT", +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ +#if defined(MBEDTLS_ZLIB_SUPPORT) + "MBEDTLS_ZLIB_SUPPORT", +#endif /* MBEDTLS_ZLIB_SUPPORT */ +#if defined(MBEDTLS_AESNI_C) + "MBEDTLS_AESNI_C", +#endif /* MBEDTLS_AESNI_C */ +#if defined(MBEDTLS_AES_C) + "MBEDTLS_AES_C", +#endif /* MBEDTLS_AES_C */ +#if defined(MBEDTLS_ARC4_C) + "MBEDTLS_ARC4_C", +#endif /* MBEDTLS_ARC4_C */ +#if defined(MBEDTLS_ASN1_PARSE_C) + "MBEDTLS_ASN1_PARSE_C", +#endif /* MBEDTLS_ASN1_PARSE_C */ +#if defined(MBEDTLS_ASN1_WRITE_C) + "MBEDTLS_ASN1_WRITE_C", +#endif /* MBEDTLS_ASN1_WRITE_C */ +#if defined(MBEDTLS_BASE64_C) + "MBEDTLS_BASE64_C", +#endif /* MBEDTLS_BASE64_C */ +#if defined(MBEDTLS_BIGNUM_C) + "MBEDTLS_BIGNUM_C", +#endif /* MBEDTLS_BIGNUM_C */ +#if defined(MBEDTLS_BLOWFISH_C) + "MBEDTLS_BLOWFISH_C", +#endif /* MBEDTLS_BLOWFISH_C */ +#if defined(MBEDTLS_CAMELLIA_C) + "MBEDTLS_CAMELLIA_C", +#endif /* MBEDTLS_CAMELLIA_C */ +#if defined(MBEDTLS_CCM_C) + "MBEDTLS_CCM_C", +#endif /* MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CERTS_C) + "MBEDTLS_CERTS_C", +#endif /* MBEDTLS_CERTS_C */ +#if defined(MBEDTLS_CIPHER_C) + "MBEDTLS_CIPHER_C", +#endif /* MBEDTLS_CIPHER_C */ +#if defined(MBEDTLS_CTR_DRBG_C) + "MBEDTLS_CTR_DRBG_C", +#endif /* MBEDTLS_CTR_DRBG_C */ +#if defined(MBEDTLS_DEBUG_C) + "MBEDTLS_DEBUG_C", +#endif /* MBEDTLS_DEBUG_C */ +#if defined(MBEDTLS_DES_C) + "MBEDTLS_DES_C", +#endif /* MBEDTLS_DES_C */ +#if defined(MBEDTLS_DHM_C) + "MBEDTLS_DHM_C", +#endif /* MBEDTLS_DHM_C */ +#if defined(MBEDTLS_ECDH_C) + "MBEDTLS_ECDH_C", +#endif /* MBEDTLS_ECDH_C */ +#if defined(MBEDTLS_ECDSA_C) + "MBEDTLS_ECDSA_C", +#endif /* MBEDTLS_ECDSA_C */ +#if defined(MBEDTLS_ECP_C) + "MBEDTLS_ECP_C", +#endif /* MBEDTLS_ECP_C */ +#if defined(MBEDTLS_ENTROPY_C) + "MBEDTLS_ENTROPY_C", +#endif /* MBEDTLS_ENTROPY_C */ +#if defined(MBEDTLS_ERROR_C) + "MBEDTLS_ERROR_C", +#endif /* MBEDTLS_ERROR_C */ +#if defined(MBEDTLS_GCM_C) + "MBEDTLS_GCM_C", +#endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_HAVEGE_C) + "MBEDTLS_HAVEGE_C", +#endif /* MBEDTLS_HAVEGE_C */ +#if defined(MBEDTLS_HMAC_DRBG_C) + "MBEDTLS_HMAC_DRBG_C", +#endif /* MBEDTLS_HMAC_DRBG_C */ +#if defined(MBEDTLS_MD_C) + "MBEDTLS_MD_C", +#endif /* MBEDTLS_MD_C */ +#if defined(MBEDTLS_MD2_C) + "MBEDTLS_MD2_C", +#endif /* MBEDTLS_MD2_C */ +#if defined(MBEDTLS_MD4_C) + "MBEDTLS_MD4_C", +#endif /* MBEDTLS_MD4_C */ +#if defined(MBEDTLS_MD5_C) + "MBEDTLS_MD5_C", +#endif /* MBEDTLS_MD5_C */ +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + "MBEDTLS_MEMORY_BUFFER_ALLOC_C", +#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ +#if defined(MBEDTLS_NET_C) + "MBEDTLS_NET_C", +#endif /* MBEDTLS_NET_C */ +#if defined(MBEDTLS_OID_C) + "MBEDTLS_OID_C", +#endif /* MBEDTLS_OID_C */ +#if defined(MBEDTLS_PADLOCK_C) + "MBEDTLS_PADLOCK_C", +#endif /* MBEDTLS_PADLOCK_C */ +#if defined(MBEDTLS_PEM_PARSE_C) + "MBEDTLS_PEM_PARSE_C", +#endif /* MBEDTLS_PEM_PARSE_C */ +#if defined(MBEDTLS_PEM_WRITE_C) + "MBEDTLS_PEM_WRITE_C", +#endif /* MBEDTLS_PEM_WRITE_C */ +#if defined(MBEDTLS_PK_C) + "MBEDTLS_PK_C", +#endif /* MBEDTLS_PK_C */ +#if defined(MBEDTLS_PK_PARSE_C) + "MBEDTLS_PK_PARSE_C", +#endif /* MBEDTLS_PK_PARSE_C */ +#if defined(MBEDTLS_PK_WRITE_C) + "MBEDTLS_PK_WRITE_C", +#endif /* MBEDTLS_PK_WRITE_C */ +#if defined(MBEDTLS_PKCS5_C) + "MBEDTLS_PKCS5_C", +#endif /* MBEDTLS_PKCS5_C */ +#if defined(MBEDTLS_PKCS11_C) + "MBEDTLS_PKCS11_C", +#endif /* MBEDTLS_PKCS11_C */ +#if defined(MBEDTLS_PKCS12_C) + "MBEDTLS_PKCS12_C", +#endif /* MBEDTLS_PKCS12_C */ +#if defined(MBEDTLS_PLATFORM_C) + "MBEDTLS_PLATFORM_C", +#endif /* MBEDTLS_PLATFORM_C */ +#if defined(MBEDTLS_RIPEMD160_C) + "MBEDTLS_RIPEMD160_C", +#endif /* MBEDTLS_RIPEMD160_C */ +#if defined(MBEDTLS_RSA_C) + "MBEDTLS_RSA_C", +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_SHA1_C) + "MBEDTLS_SHA1_C", +#endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_SHA256_C) + "MBEDTLS_SHA256_C", +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA512_C) + "MBEDTLS_SHA512_C", +#endif /* MBEDTLS_SHA512_C */ +#if defined(MBEDTLS_SSL_CACHE_C) + "MBEDTLS_SSL_CACHE_C", +#endif /* MBEDTLS_SSL_CACHE_C */ +#if defined(MBEDTLS_SSL_COOKIE_C) + "MBEDTLS_SSL_COOKIE_C", +#endif /* MBEDTLS_SSL_COOKIE_C */ +#if defined(MBEDTLS_SSL_TICKET_C) + "MBEDTLS_SSL_TICKET_C", +#endif /* MBEDTLS_SSL_TICKET_C */ +#if defined(MBEDTLS_SSL_CLI_C) + "MBEDTLS_SSL_CLI_C", +#endif /* MBEDTLS_SSL_CLI_C */ +#if defined(MBEDTLS_SSL_SRV_C) + "MBEDTLS_SSL_SRV_C", +#endif /* MBEDTLS_SSL_SRV_C */ +#if defined(MBEDTLS_SSL_TLS_C) + "MBEDTLS_SSL_TLS_C", +#endif /* MBEDTLS_SSL_TLS_C */ +#if defined(MBEDTLS_THREADING_C) + "MBEDTLS_THREADING_C", +#endif /* MBEDTLS_THREADING_C */ +#if defined(MBEDTLS_TIMING_C) + "MBEDTLS_TIMING_C", +#endif /* MBEDTLS_TIMING_C */ +#if defined(MBEDTLS_VERSION_C) + "MBEDTLS_VERSION_C", +#endif /* MBEDTLS_VERSION_C */ +#if defined(MBEDTLS_X509_USE_C) + "MBEDTLS_X509_USE_C", +#endif /* MBEDTLS_X509_USE_C */ +#if defined(MBEDTLS_X509_CRT_PARSE_C) + "MBEDTLS_X509_CRT_PARSE_C", +#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_X509_CRL_PARSE_C) + "MBEDTLS_X509_CRL_PARSE_C", +#endif /* MBEDTLS_X509_CRL_PARSE_C */ +#if defined(MBEDTLS_X509_CSR_PARSE_C) + "MBEDTLS_X509_CSR_PARSE_C", +#endif /* MBEDTLS_X509_CSR_PARSE_C */ +#if defined(MBEDTLS_X509_CREATE_C) + "MBEDTLS_X509_CREATE_C", +#endif /* MBEDTLS_X509_CREATE_C */ +#if defined(MBEDTLS_X509_CRT_WRITE_C) + "MBEDTLS_X509_CRT_WRITE_C", +#endif /* MBEDTLS_X509_CRT_WRITE_C */ +#if defined(MBEDTLS_X509_CSR_WRITE_C) + "MBEDTLS_X509_CSR_WRITE_C", +#endif /* MBEDTLS_X509_CSR_WRITE_C */ +#if defined(MBEDTLS_XTEA_C) + "MBEDTLS_XTEA_C", +#endif /* MBEDTLS_XTEA_C */ +#endif /* MBEDTLS_VERSION_FEATURES */ NULL }; -int version_check_feature( const char *feature ) +int mbedtls_version_check_feature( const char *feature ) { const char **idx = features; @@ -580,11 +614,11 @@ int version_check_feature( const char *feature ) while( *idx != NULL ) { - if( !strcasecmp( *idx, feature ) ) + if( !strcmp( *idx, feature ) ) return( 0 ); idx++; } return( -1 ); } -#endif /* POLARSSL_VERSION_C */ +#endif /* MBEDTLS_VERSION_C */ diff --git a/ext/mbedtls/library/x509.c b/ext/mbedtls/library/x509.c index ab105d8fa1..2ba3f98bfe 100644 --- a/ext/mbedtls/library/x509.c +++ b/ext/mbedtls/library/x509.c @@ -30,34 +30,34 @@ * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_X509_USE_C) +#if defined(MBEDTLS_X509_USE_C) -#include "polarssl/x509.h" -#include "polarssl/asn1.h" -#include "polarssl/oid.h" +#include "mbedtls/x509.h" +#include "mbedtls/asn1.h" +#include "mbedtls/oid.h" #include #include -#if defined(POLARSSL_PEM_PARSE_C) -#include "polarssl/pem.h" +#if defined(MBEDTLS_PEM_PARSE_C) +#include "mbedtls/pem.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include #include -#define polarssl_free free -#define polarssl_malloc malloc -#define polarssl_printf printf -#define polarssl_snprintf snprintf +#define mbedtls_free free +#define mbedtls_calloc calloc +#define mbedtls_printf printf +#define mbedtls_snprintf snprintf #endif #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -66,7 +66,7 @@ #include #endif -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) #include #if !defined(_WIN32) #include @@ -80,24 +80,24 @@ /* * CertificateSerialNumber ::= INTEGER */ -int x509_get_serial( unsigned char **p, const unsigned char *end, - x509_buf *serial ) +int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *serial ) { int ret; if( ( end - *p ) < 1 ) - return( POLARSSL_ERR_X509_INVALID_SERIAL + - POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_X509_INVALID_SERIAL + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - if( **p != ( ASN1_CONTEXT_SPECIFIC | ASN1_PRIMITIVE | 2 ) && - **p != ASN1_INTEGER ) - return( POLARSSL_ERR_X509_INVALID_SERIAL + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + if( **p != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2 ) && + **p != MBEDTLS_ASN1_INTEGER ) + return( MBEDTLS_ERR_X509_INVALID_SERIAL + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); serial->tag = *(*p)++; - if( ( ret = asn1_get_len( p, end, &serial->len ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_SERIAL + ret ); + if( ( ret = mbedtls_asn1_get_len( p, end, &serial->len ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_SERIAL + ret ); serial->p = *p; *p += serial->len; @@ -111,13 +111,13 @@ int x509_get_serial( unsigned char **p, const unsigned char *end, * algorithm OBJECT IDENTIFIER, * parameters ANY DEFINED BY algorithm OPTIONAL } */ -int x509_get_alg_null( unsigned char **p, const unsigned char *end, - x509_buf *alg ) +int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg ) { int ret; - if( ( ret = asn1_get_alg_null( p, end, alg ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); return( 0 ); } @@ -125,18 +125,18 @@ int x509_get_alg_null( unsigned char **p, const unsigned char *end, /* * Parse an algorithm identifier with (optional) paramaters */ -int x509_get_alg( unsigned char **p, const unsigned char *end, - x509_buf *alg, x509_buf *params ) +int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg, mbedtls_x509_buf *params ) { int ret; - if( ( ret = asn1_get_alg( p, end, alg, params ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); return( 0 ); } -#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) /* * HashAlgorithm ::= AlgorithmIdentifier * @@ -146,49 +146,49 @@ int x509_get_alg( unsigned char **p, const unsigned char *end, * * For HashAlgorithm, parameters MUST be NULL or absent. */ -static int x509_get_hash_alg( const x509_buf *alg, md_type_t *md_alg ) +static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg ) { int ret; unsigned char *p; const unsigned char *end; - x509_buf md_oid; + mbedtls_x509_buf md_oid; size_t len; /* Make sure we got a SEQUENCE and setup bounds */ - if( alg->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + if( alg->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); p = (unsigned char *) alg->p; end = p + alg->len; if( p >= end ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); /* Parse md_oid */ md_oid.tag = *p; - if( ( ret = asn1_get_tag( &p, end, &md_oid.len, ASN1_OID ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + if( ( ret = mbedtls_asn1_get_tag( &p, end, &md_oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); md_oid.p = p; p += md_oid.len; /* Get md_alg from md_oid */ - if( ( ret = oid_get_md_alg( &md_oid, md_alg ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + if( ( ret = mbedtls_oid_get_md_alg( &md_oid, md_alg ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); /* Make sure params is absent of NULL */ if( p == end ) return( 0 ); - if( ( ret = asn1_get_tag( &p, end, &len, ASN1_NULL ) ) != 0 || len != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_NULL ) ) != 0 || len != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); if( p != end ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } @@ -205,25 +205,25 @@ static int x509_get_hash_alg( const x509_buf *alg, md_type_t *md_alg ) * of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other * option. Enfore this at parsing time. */ -int x509_get_rsassa_pss_params( const x509_buf *params, - md_type_t *md_alg, md_type_t *mgf_md, +int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, + mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, int *salt_len ) { int ret; unsigned char *p; const unsigned char *end, *end2; size_t len; - x509_buf alg_id, alg_params; + mbedtls_x509_buf alg_id, alg_params; /* First set everything to defaults */ - *md_alg = POLARSSL_MD_SHA1; - *mgf_md = POLARSSL_MD_SHA1; + *md_alg = MBEDTLS_MD_SHA1; + *mgf_md = MBEDTLS_MD_SHA1; *salt_len = 20; /* Make sure params is a SEQUENCE and setup bounds */ - if( params->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); p = (unsigned char *) params->p; end = p + params->len; @@ -234,24 +234,24 @@ int x509_get_rsassa_pss_params( const x509_buf *params, /* * HashAlgorithm */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 ) { end2 = p + len; /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */ - if( ( ret = x509_get_alg_null( &p, end2, &alg_id ) ) != 0 ) + if( ( ret = mbedtls_x509_get_alg_null( &p, end2, &alg_id ) ) != 0 ) return( ret ); - if( ( ret = oid_get_md_alg( &alg_id, md_alg ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + if( ( ret = mbedtls_oid_get_md_alg( &alg_id, md_alg ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); if( p != end2 ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } - else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); if( p == end ) return( 0 ); @@ -259,30 +259,30 @@ int x509_get_rsassa_pss_params( const x509_buf *params, /* * MaskGenAlgorithm */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 ) { end2 = p + len; /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */ - if( ( ret = x509_get_alg( &p, end2, &alg_id, &alg_params ) ) != 0 ) + if( ( ret = mbedtls_x509_get_alg( &p, end2, &alg_id, &alg_params ) ) != 0 ) return( ret ); /* Only MFG1 is recognised for now */ - if( ! OID_CMP( OID_MGF1, &alg_id ) ) - return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE + - POLARSSL_ERR_OID_NOT_FOUND ); + if( MBEDTLS_OID_CMP( MBEDTLS_OID_MGF1, &alg_id ) != 0 ) + return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE + + MBEDTLS_ERR_OID_NOT_FOUND ); /* Parse HashAlgorithm */ if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 ) return( ret ); if( p != end2 ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } - else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); if( p == end ) return( 0 ); @@ -290,20 +290,20 @@ int x509_get_rsassa_pss_params( const x509_buf *params, /* * salt_len */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 2 ) ) == 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 2 ) ) == 0 ) { end2 = p + len; - if( ( ret = asn1_get_int( &p, end2, salt_len ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + if( ( ret = mbedtls_asn1_get_int( &p, end2, salt_len ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); if( p != end2 ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } - else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); if( p == end ) return( 0 ); @@ -311,33 +311,33 @@ int x509_get_rsassa_pss_params( const x509_buf *params, /* * trailer_field (if present, must be 1) */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 3 ) ) == 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 3 ) ) == 0 ) { int trailer_field; end2 = p + len; - if( ( ret = asn1_get_int( &p, end2, &trailer_field ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + if( ( ret = mbedtls_asn1_get_int( &p, end2, &trailer_field ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); if( p != end2 ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); if( trailer_field != 1 ) - return( POLARSSL_ERR_X509_INVALID_ALG ); + return( MBEDTLS_ERR_X509_INVALID_ALG ); } - else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) - return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); if( p != end ) - return( POLARSSL_ERR_X509_INVALID_ALG + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_ALG + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } -#endif /* POLARSSL_X509_RSASSA_PSS_SUPPORT */ +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ /* * AttributeTypeAndValue ::= SEQUENCE { @@ -350,46 +350,46 @@ int x509_get_rsassa_pss_params( const x509_buf *params, */ static int x509_get_attr_type_value( unsigned char **p, const unsigned char *end, - x509_name *cur ) + mbedtls_x509_name *cur ) { int ret; size_t len; - x509_buf *oid; - x509_buf *val; + mbedtls_x509_buf *oid; + mbedtls_x509_buf *val; - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_NAME + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); if( ( end - *p ) < 1 ) - return( POLARSSL_ERR_X509_INVALID_NAME + - POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_X509_INVALID_NAME + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); oid = &cur->oid; oid->tag = **p; - if( ( ret = asn1_get_tag( p, end, &oid->len, ASN1_OID ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_NAME + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &oid->len, MBEDTLS_ASN1_OID ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); oid->p = *p; *p += oid->len; if( ( end - *p ) < 1 ) - return( POLARSSL_ERR_X509_INVALID_NAME + - POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_X509_INVALID_NAME + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - if( **p != ASN1_BMP_STRING && **p != ASN1_UTF8_STRING && - **p != ASN1_T61_STRING && **p != ASN1_PRINTABLE_STRING && - **p != ASN1_IA5_STRING && **p != ASN1_UNIVERSAL_STRING && - **p != ASN1_BIT_STRING ) - return( POLARSSL_ERR_X509_INVALID_NAME + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + if( **p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING && + **p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING && + **p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING && + **p != MBEDTLS_ASN1_BIT_STRING ) + return( MBEDTLS_ERR_X509_INVALID_NAME + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); val = &cur->val; val->tag = *(*p)++; - if( ( ret = asn1_get_len( p, end, &val->len ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_NAME + ret ); + if( ( ret = mbedtls_asn1_get_len( p, end, &val->len ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); val->p = *p; *p += val->len; @@ -420,10 +420,10 @@ static int x509_get_attr_type_value( unsigned char **p, * one element, which is represented as a list of AttributeTypeAndValue. * For the general case we still use a flat list, but we mark elements of the * same set so that they are "merged" together in the functions that consume - * this list, eg x509_dn_gets(). + * this list, eg mbedtls_x509_dn_gets(). */ -int x509_get_name( unsigned char **p, const unsigned char *end, - x509_name *cur ) +int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, + mbedtls_x509_name *cur ) { int ret; size_t set_len; @@ -435,9 +435,9 @@ int x509_get_name( unsigned char **p, const unsigned char *end, /* * parse SET */ - if( ( ret = asn1_get_tag( p, end, &set_len, - ASN1_CONSTRUCTED | ASN1_SET ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_NAME + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &set_len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); end_set = *p + set_len; @@ -449,15 +449,13 @@ int x509_get_name( unsigned char **p, const unsigned char *end, if( *p == end_set ) break; - /* Mark this item as being not the only one in a set */ + /* Mark this item as being no the only one in a set */ cur->next_merged = 1; - cur->next = polarssl_malloc( sizeof( x509_name ) ); + cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) ); if( cur->next == NULL ) - return( POLARSSL_ERR_X509_MALLOC_FAILED ); - - memset( cur->next, 0, sizeof( x509_name ) ); + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); cur = cur->next; } @@ -468,12 +466,10 @@ int x509_get_name( unsigned char **p, const unsigned char *end, if( *p == end ) return( 0 ); - cur->next = polarssl_malloc( sizeof( x509_name ) ); + cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) ); if( cur->next == NULL ) - return( POLARSSL_ERR_X509_MALLOC_FAILED ); - - memset( cur->next, 0, sizeof( x509_name ) ); + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); cur = cur->next; } @@ -482,7 +478,7 @@ int x509_get_name( unsigned char **p, const unsigned char *end, static int x509_parse_int(unsigned char **p, unsigned n, int *res){ *res = 0; for( ; n > 0; --n ){ - if( ( **p < '0') || ( **p > '9' ) ) return POLARSSL_ERR_X509_INVALID_DATE; + if( ( **p < '0') || ( **p > '9' ) ) return MBEDTLS_ERR_X509_INVALID_DATE; *res *= 10; *res += (*(*p)++ - '0'); } @@ -494,26 +490,26 @@ static int x509_parse_int(unsigned char **p, unsigned n, int *res){ * utcTime UTCTime, * generalTime GeneralizedTime } */ -int x509_get_time( unsigned char **p, const unsigned char *end, - x509_time *time ) +int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, + mbedtls_x509_time *time ) { int ret; size_t len; unsigned char tag; if( ( end - *p ) < 1 ) - return( POLARSSL_ERR_X509_INVALID_DATE + - POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_X509_INVALID_DATE + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); tag = **p; - if( tag == ASN1_UTC_TIME ) + if( tag == MBEDTLS_ASN1_UTC_TIME ) { (*p)++; - ret = asn1_get_len( p, end, &len ); + ret = mbedtls_asn1_get_len( p, end, &len ); if( ret != 0 ) - return( POLARSSL_ERR_X509_INVALID_DATE + ret ); + return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); CHECK( x509_parse_int( p, 2, &time->year ) ); CHECK( x509_parse_int( p, 2, &time->mon ) ); @@ -523,20 +519,20 @@ int x509_get_time( unsigned char **p, const unsigned char *end, if( len > 10 ) CHECK( x509_parse_int( p, 2, &time->sec ) ); if( len > 12 && *(*p)++ != 'Z' ) - return( POLARSSL_ERR_X509_INVALID_DATE ); + return( MBEDTLS_ERR_X509_INVALID_DATE ); time->year += 100 * ( time->year < 50 ); time->year += 1900; return( 0 ); } - else if( tag == ASN1_GENERALIZED_TIME ) + else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME ) { (*p)++; - ret = asn1_get_len( p, end, &len ); + ret = mbedtls_asn1_get_len( p, end, &len ); if( ret != 0 ) - return( POLARSSL_ERR_X509_INVALID_DATE + ret ); + return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); CHECK( x509_parse_int( p, 4, &time->year ) ); CHECK( x509_parse_int( p, 2, &time->mon ) ); @@ -546,28 +542,28 @@ int x509_get_time( unsigned char **p, const unsigned char *end, if( len > 12 ) CHECK( x509_parse_int( p, 2, &time->sec ) ); if( len > 14 && *(*p)++ != 'Z' ) - return( POLARSSL_ERR_X509_INVALID_DATE ); + return( MBEDTLS_ERR_X509_INVALID_DATE ); return( 0 ); } else - return( POLARSSL_ERR_X509_INVALID_DATE + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERR_X509_INVALID_DATE + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); } -int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ) +int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ) { int ret; size_t len; if( ( end - *p ) < 1 ) - return( POLARSSL_ERR_X509_INVALID_SIGNATURE + - POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); sig->tag = **p; - if( ( ret = asn1_get_bitstring_null( p, end, &len ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_SIGNATURE + ret ); + if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret ); sig->len = len; sig->p = *p; @@ -580,46 +576,46 @@ int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ) /* * Get signature algorithm from alg OID and optional parameters */ -int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, - md_type_t *md_alg, pk_type_t *pk_alg, +int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, + mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, void **sig_opts ) { int ret; if( *sig_opts != NULL ) - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - if( ( ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) - return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + ret ); + if( ( ret = mbedtls_oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) + return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + ret ); -#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) - if( *pk_alg == POLARSSL_PK_RSASSA_PSS ) +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + if( *pk_alg == MBEDTLS_PK_RSASSA_PSS ) { - pk_rsassa_pss_options *pss_opts; + mbedtls_pk_rsassa_pss_options *pss_opts; - pss_opts = polarssl_malloc( sizeof( pk_rsassa_pss_options ) ); + pss_opts = mbedtls_calloc( 1, sizeof( mbedtls_pk_rsassa_pss_options ) ); if( pss_opts == NULL ) - return( POLARSSL_ERR_X509_MALLOC_FAILED ); + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - ret = x509_get_rsassa_pss_params( sig_params, + ret = mbedtls_x509_get_rsassa_pss_params( sig_params, md_alg, &pss_opts->mgf1_hash_id, &pss_opts->expected_salt_len ); if( ret != 0 ) { - polarssl_free( pss_opts ); + mbedtls_free( pss_opts ); return( ret ); } *sig_opts = (void *) pss_opts; } else -#endif /* POLARSSL_X509_RSASSA_PSS_SUPPORT */ +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ { /* Make sure parameters are absent or NULL */ - if( ( sig_params->tag != ASN1_NULL && sig_params->tag != 0 ) || + if( ( sig_params->tag != MBEDTLS_ASN1_NULL && sig_params->tag != 0 ) || sig_params->len != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG ); + return( MBEDTLS_ERR_X509_INVALID_ALG ); } return( 0 ); @@ -629,8 +625,8 @@ int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, * X.509 Extensions (No parsing of extensions, pointer should * be either manually updated or extensions should be parsed! */ -int x509_get_ext( unsigned char **p, const unsigned char *end, - x509_buf *ext, int tag ) +int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *ext, int tag ) { int ret; size_t len; @@ -640,8 +636,8 @@ int x509_get_ext( unsigned char **p, const unsigned char *end, ext->tag = **p; - if( ( ret = asn1_get_tag( p, end, &ext->len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | tag ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag ) ) != 0 ) return( ret ); ext->p = *p; @@ -655,81 +651,29 @@ int x509_get_ext( unsigned char **p, const unsigned char *end, * critical BOOLEAN DEFAULT FALSE, * extnValue OCTET STRING } */ - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); if( end != *p + len ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } -#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \ - !defined(EFI32) -#include - -#if !defined vsnprintf -#define vsnprintf _vsnprintf -#endif // vsnprintf - -/* - * Windows _snprintf and _vsnprintf are not compatible to linux versions. - * Result value is not size of buffer needed, but -1 if no fit is possible. - * - * This fuction tries to 'fix' this by at least suggesting enlarging the - * size by 20. - */ -static int compat_snprintf( char *str, size_t size, const char *format, ... ) -{ - va_list ap; - int res = -1; - - va_start( ap, format ); - - res = vsnprintf( str, size, format, ap ); - - va_end( ap ); - - // No quick fix possible - if( res < 0 ) - return( (int) size + 20 ); - - return( res ); -} - -#define snprintf compat_snprintf -#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */ - -#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2 - -#define SAFE_SNPRINTF() \ -{ \ - if( ret == -1 ) \ - return( -1 ); \ - \ - if( (unsigned int) ret > n ) { \ - p[n - 1] = '\0'; \ - return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL ); \ - } \ - \ - n -= (unsigned int) ret; \ - p += (unsigned int) ret; \ -} - /* * Store the name in printable form into buf; no more * than size characters will be written */ -int x509_dn_gets( char *buf, size_t size, const x509_name *dn ) +int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ) { int ret; size_t i, n; unsigned char c, merge = 0; - const x509_name *name; + const mbedtls_x509_name *name; const char *short_name = NULL; - char s[X509_MAX_DN_NAME_SIZE], *p; + char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p; memset( s, 0, sizeof( s ) ); @@ -747,17 +691,17 @@ int x509_dn_gets( char *buf, size_t size, const x509_name *dn ) if( name != dn ) { - ret = polarssl_snprintf( p, n, merge ? " + " : ", " ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, merge ? " + " : ", " ); + MBEDTLS_X509_SAFE_SNPRINTF; } - ret = oid_get_attr_short_name( &name->oid, &short_name ); + ret = mbedtls_oid_get_attr_short_name( &name->oid, &short_name ); if( ret == 0 ) - ret = polarssl_snprintf( p, n, "%s=", short_name ); + ret = mbedtls_snprintf( p, n, "%s=", short_name ); else - ret = polarssl_snprintf( p, n, "\?\?=" ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\?\?=" ); + MBEDTLS_X509_SAFE_SNPRINTF; for( i = 0; i < name->val.len; i++ ) { @@ -770,8 +714,8 @@ int x509_dn_gets( char *buf, size_t size, const x509_name *dn ) else s[i] = c; } s[i] = '\0'; - ret = polarssl_snprintf( p, n, "%s", s ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "%s", s ); + MBEDTLS_X509_SAFE_SNPRINTF; merge = name->next_merged; name = name->next; @@ -784,7 +728,7 @@ int x509_dn_gets( char *buf, size_t size, const x509_name *dn ) * Store the serial in printable form into buf; no more * than size characters will be written */ -int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ) +int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ) { int ret; size_t i, n, nr; @@ -801,15 +745,15 @@ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ) if( i == 0 && nr > 1 && serial->p[i] == 0x0 ) continue; - ret = polarssl_snprintf( p, n, "%02X%s", + ret = mbedtls_snprintf( p, n, "%02X%s", serial->p[i], ( i < nr - 1 ) ? ":" : "" ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; } if( nr != serial->len ) { - ret = polarssl_snprintf( p, n, "...." ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "...." ); + MBEDTLS_X509_SAFE_SNPRINTF; } return( (int) ( size - n ) ); @@ -818,8 +762,8 @@ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ) /* * Helper for writing signature algorithms */ -int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, - pk_type_t pk_alg, md_type_t md_alg, +int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, + mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, const void *sig_opts ) { int ret; @@ -827,35 +771,35 @@ int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, size_t n = size; const char *desc = NULL; - ret = oid_get_sig_alg_desc( sig_oid, &desc ); + ret = mbedtls_oid_get_sig_alg_desc( sig_oid, &desc ); if( ret != 0 ) - ret = polarssl_snprintf( p, n, "???" ); + ret = mbedtls_snprintf( p, n, "???" ); else - ret = polarssl_snprintf( p, n, "%s", desc ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "%s", desc ); + MBEDTLS_X509_SAFE_SNPRINTF; -#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) - if( pk_alg == POLARSSL_PK_RSASSA_PSS ) +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + if( pk_alg == MBEDTLS_PK_RSASSA_PSS ) { - const pk_rsassa_pss_options *pss_opts; - const md_info_t *md_info, *mgf_md_info; + const mbedtls_pk_rsassa_pss_options *pss_opts; + const mbedtls_md_info_t *md_info, *mgf_md_info; - pss_opts = (const pk_rsassa_pss_options *) sig_opts; + pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts; - md_info = md_info_from_type( md_alg ); - mgf_md_info = md_info_from_type( pss_opts->mgf1_hash_id ); + md_info = mbedtls_md_info_from_type( md_alg ); + mgf_md_info = mbedtls_md_info_from_type( pss_opts->mgf1_hash_id ); - ret = polarssl_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", - md_info ? md_info->name : "???", - mgf_md_info ? mgf_md_info->name : "???", + ret = mbedtls_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", + md_info ? mbedtls_md_get_name( md_info ) : "???", + mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???", pss_opts->expected_salt_len ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; } #else ((void) pk_alg); ((void) md_alg); ((void) sig_opts); -#endif /* POLARSSL_X509_RSASSA_PSS_SUPPORT */ +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ return( (int)( size - n ) ); } @@ -863,85 +807,79 @@ int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, /* * Helper for writing "RSA key size", "EC key size", etc */ -int x509_key_size_helper( char *buf, size_t size, const char *name ) +int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ) { char *p = buf; - size_t n = size; + size_t n = buf_size; int ret; - if( strlen( name ) + sizeof( " key size" ) > size ) - return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL ); - - ret = polarssl_snprintf( p, n, "%s key size", name ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "%s key size", name ); + MBEDTLS_X509_SAFE_SNPRINTF; return( 0 ); } +#if defined(MBEDTLS_HAVE_TIME_DATE) /* - * Return an informational string describing the given OID - */ -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -const char *x509_oid_get_description( x509_buf *oid ) -{ - const char *desc = NULL; - int ret; - - ret = oid_get_extended_key_usage( oid, &desc ); - - if( ret != 0 ) - return( NULL ); - - return( desc ); -} -#endif - -/* Return the x.y.z.... style numeric string for the given OID */ -#if ! defined(POLARSSL_DEPRECATED_REMOVED) -int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ) -{ - return oid_get_numeric_string( buf, size, oid ); -} -#endif - -/* - * Return 0 if the x509_time is still valid, or 1 otherwise. + * Set the time structure to the current time. + * Return 0 on success, non-zero on failure. */ -#if defined(POLARSSL_HAVE_TIME) - -static void x509_get_current_time( x509_time *now ) -{ #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) +static int x509_get_current_time( mbedtls_x509_time *now ) +{ SYSTEMTIME st; GetSystemTime( &st ); now->year = st.wYear; - now->mon = st.wMonth; - now->day = st.wDay; + now->mon = st.wMonth; + now->day = st.wDay; now->hour = st.wHour; - now->min = st.wMinute; - now->sec = st.wSecond; + now->min = st.wMinute; + now->sec = st.wSecond; + + return( 0 ); +} #else - struct tm lt; +static int x509_get_current_time( mbedtls_x509_time *now ) +{ + struct tm *lt; time_t tt; + int ret = 0; + +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_lock( &mbedtls_threading_gmtime_mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif tt = time( NULL ); - gmtime_r( &tt, < ); - - now->year = lt.tm_year + 1900; - now->mon = lt.tm_mon + 1; - now->day = lt.tm_mday; - now->hour = lt.tm_hour; - now->min = lt.tm_min; - now->sec = lt.tm_sec; -#endif /* _WIN32 && !EFIX64 && !EFI32 */ + lt = gmtime( &tt ); + + if( lt == NULL ) + ret = -1; + else + { + now->year = lt->tm_year + 1900; + now->mon = lt->tm_mon + 1; + now->day = lt->tm_mday; + now->hour = lt->tm_hour; + now->min = lt->tm_min; + now->sec = lt->tm_sec; + } + +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &mbedtls_threading_gmtime_mutex ) != 0 ) + return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); +#endif + + return( ret ); } +#endif /* _WIN32 && !EFIX64 && !EFI32 */ /* * Return 0 if before <= after, 1 otherwise */ -static int x509_check_time( const x509_time *before, const x509_time *after ) +static int x509_check_time( const mbedtls_x509_time *before, const mbedtls_x509_time *after ) { if( before->year > after->year ) return( 1 ); @@ -979,109 +917,109 @@ static int x509_check_time( const x509_time *before, const x509_time *after ) return( 0 ); } -int x509_time_expired( const x509_time *to ) +int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ) { - x509_time now; + mbedtls_x509_time now; - x509_get_current_time( &now ); + if( x509_get_current_time( &now ) != 0 ) + return( 1 ); return( x509_check_time( &now, to ) ); } -int x509_time_future( const x509_time *from ) +int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) { - x509_time now; + mbedtls_x509_time now; - x509_get_current_time( &now ); + if( x509_get_current_time( &now ) != 0 ) + return( 1 ); return( x509_check_time( from, &now ) ); } -#else /* POLARSSL_HAVE_TIME */ +#else /* MBEDTLS_HAVE_TIME_DATE */ -int x509_time_expired( const x509_time *to ) +int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ) { ((void) to); return( 0 ); } -int x509_time_future( const x509_time *from ) +int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) { ((void) from); return( 0 ); } -#endif /* POLARSSL_HAVE_TIME */ +#endif /* MBEDTLS_HAVE_TIME_DATE */ -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) -#include "polarssl/x509_crt.h" -#include "polarssl/certs.h" +#include "mbedtls/x509_crt.h" +#include "mbedtls/certs.h" /* * Checkup routine */ -int x509_self_test( int verbose ) +int mbedtls_x509_self_test( int verbose ) { -#if defined(POLARSSL_CERTS_C) && defined(POLARSSL_SHA1_C) +#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA1_C) int ret; - int flags; - x509_crt cacert; - x509_crt clicert; + uint32_t flags; + mbedtls_x509_crt cacert; + mbedtls_x509_crt clicert; if( verbose != 0 ) - polarssl_printf( " X.509 certificate load: " ); + mbedtls_printf( " X.509 certificate load: " ); - x509_crt_init( &clicert ); + mbedtls_x509_crt_init( &clicert ); - ret = x509_crt_parse( &clicert, (const unsigned char *) test_cli_crt, - strlen( test_cli_crt ) ); + ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, + mbedtls_test_cli_crt_len ); if( ret != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( ret ); } - x509_crt_init( &cacert ); + mbedtls_x509_crt_init( &cacert ); - ret = x509_crt_parse( &cacert, (const unsigned char *) test_ca_crt, - strlen( test_ca_crt ) ); + ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_ca_crt, + mbedtls_test_ca_crt_len ); if( ret != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); return( ret ); } if( verbose != 0 ) - polarssl_printf( "passed\n X.509 signature verify: "); + mbedtls_printf( "passed\n X.509 signature verify: "); - ret = x509_crt_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL ); + ret = mbedtls_x509_crt_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL ); if( ret != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); - - polarssl_printf( "ret = %d, &flags = %04x\n", ret, flags ); + mbedtls_printf( "failed\n" ); return( ret ); } if( verbose != 0 ) - polarssl_printf( "passed\n\n"); + mbedtls_printf( "passed\n\n"); - x509_crt_free( &cacert ); - x509_crt_free( &clicert ); + mbedtls_x509_crt_free( &cacert ); + mbedtls_x509_crt_free( &clicert ); return( 0 ); #else ((void) verbose); - return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE ); -#endif /* POLARSSL_CERTS_C && POLARSSL_SHA1_C */ + return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); +#endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA1_C */ } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_X509_USE_C */ +#endif /* MBEDTLS_X509_USE_C */ diff --git a/ext/mbedtls/library/x509_create.c b/ext/mbedtls/library/x509_create.c index f505bab80b..ed8c57797f 100644 --- a/ext/mbedtls/library/x509_create.c +++ b/ext/mbedtls/library/x509_create.c @@ -20,25 +20,20 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_X509_CREATE_C) +#if defined(MBEDTLS_X509_CREATE_C) -#include "polarssl/x509.h" -#include "polarssl/asn1write.h" -#include "polarssl/oid.h" +#include "mbedtls/x509.h" +#include "mbedtls/asn1write.h" +#include "mbedtls/oid.h" #include -#if defined(_MSC_VER) && !defined strncasecmp && !defined(EFIX64) && \ - !defined(EFI32) -#define strncasecmp _strnicmp -#endif - typedef struct { const char *name; size_t name_len; @@ -49,34 +44,34 @@ typedef struct { static const x509_attr_descriptor_t x509_attrs[] = { - { ADD_STRLEN( "CN" ), OID_AT_CN }, - { ADD_STRLEN( "commonName" ), OID_AT_CN }, - { ADD_STRLEN( "C" ), OID_AT_COUNTRY }, - { ADD_STRLEN( "countryName" ), OID_AT_COUNTRY }, - { ADD_STRLEN( "O" ), OID_AT_ORGANIZATION }, - { ADD_STRLEN( "organizationName" ), OID_AT_ORGANIZATION }, - { ADD_STRLEN( "L" ), OID_AT_LOCALITY }, - { ADD_STRLEN( "locality" ), OID_AT_LOCALITY }, - { ADD_STRLEN( "R" ), OID_PKCS9_EMAIL }, - { ADD_STRLEN( "OU" ), OID_AT_ORG_UNIT }, - { ADD_STRLEN( "organizationalUnitName" ), OID_AT_ORG_UNIT }, - { ADD_STRLEN( "ST" ), OID_AT_STATE }, - { ADD_STRLEN( "stateOrProvinceName" ), OID_AT_STATE }, - { ADD_STRLEN( "emailAddress" ), OID_PKCS9_EMAIL }, - { ADD_STRLEN( "serialNumber" ), OID_AT_SERIAL_NUMBER }, - { ADD_STRLEN( "postalAddress" ), OID_AT_POSTAL_ADDRESS }, - { ADD_STRLEN( "postalCode" ), OID_AT_POSTAL_CODE }, - { ADD_STRLEN( "dnQualifier" ), OID_AT_DN_QUALIFIER }, - { ADD_STRLEN( "title" ), OID_AT_TITLE }, - { ADD_STRLEN( "surName" ), OID_AT_SUR_NAME }, - { ADD_STRLEN( "SN" ), OID_AT_SUR_NAME }, - { ADD_STRLEN( "givenName" ), OID_AT_GIVEN_NAME }, - { ADD_STRLEN( "GN" ), OID_AT_GIVEN_NAME }, - { ADD_STRLEN( "initials" ), OID_AT_INITIALS }, - { ADD_STRLEN( "pseudonym" ), OID_AT_PSEUDONYM }, - { ADD_STRLEN( "generationQualifier" ), OID_AT_GENERATION_QUALIFIER }, - { ADD_STRLEN( "domainComponent" ), OID_DOMAIN_COMPONENT }, - { ADD_STRLEN( "DC" ), OID_DOMAIN_COMPONENT }, + { ADD_STRLEN( "CN" ), MBEDTLS_OID_AT_CN }, + { ADD_STRLEN( "commonName" ), MBEDTLS_OID_AT_CN }, + { ADD_STRLEN( "C" ), MBEDTLS_OID_AT_COUNTRY }, + { ADD_STRLEN( "countryName" ), MBEDTLS_OID_AT_COUNTRY }, + { ADD_STRLEN( "O" ), MBEDTLS_OID_AT_ORGANIZATION }, + { ADD_STRLEN( "organizationName" ), MBEDTLS_OID_AT_ORGANIZATION }, + { ADD_STRLEN( "L" ), MBEDTLS_OID_AT_LOCALITY }, + { ADD_STRLEN( "locality" ), MBEDTLS_OID_AT_LOCALITY }, + { ADD_STRLEN( "R" ), MBEDTLS_OID_PKCS9_EMAIL }, + { ADD_STRLEN( "OU" ), MBEDTLS_OID_AT_ORG_UNIT }, + { ADD_STRLEN( "organizationalUnitName" ), MBEDTLS_OID_AT_ORG_UNIT }, + { ADD_STRLEN( "ST" ), MBEDTLS_OID_AT_STATE }, + { ADD_STRLEN( "stateOrProvinceName" ), MBEDTLS_OID_AT_STATE }, + { ADD_STRLEN( "emailAddress" ), MBEDTLS_OID_PKCS9_EMAIL }, + { ADD_STRLEN( "serialNumber" ), MBEDTLS_OID_AT_SERIAL_NUMBER }, + { ADD_STRLEN( "postalAddress" ), MBEDTLS_OID_AT_POSTAL_ADDRESS }, + { ADD_STRLEN( "postalCode" ), MBEDTLS_OID_AT_POSTAL_CODE }, + { ADD_STRLEN( "dnQualifier" ), MBEDTLS_OID_AT_DN_QUALIFIER }, + { ADD_STRLEN( "title" ), MBEDTLS_OID_AT_TITLE }, + { ADD_STRLEN( "surName" ), MBEDTLS_OID_AT_SUR_NAME }, + { ADD_STRLEN( "SN" ), MBEDTLS_OID_AT_SUR_NAME }, + { ADD_STRLEN( "givenName" ), MBEDTLS_OID_AT_GIVEN_NAME }, + { ADD_STRLEN( "GN" ), MBEDTLS_OID_AT_GIVEN_NAME }, + { ADD_STRLEN( "initials" ), MBEDTLS_OID_AT_INITIALS }, + { ADD_STRLEN( "pseudonym" ), MBEDTLS_OID_AT_PSEUDONYM }, + { ADD_STRLEN( "generationQualifier" ), MBEDTLS_OID_AT_GENERATION_QUALIFIER }, + { ADD_STRLEN( "domainComponent" ), MBEDTLS_OID_DOMAIN_COMPONENT }, + { ADD_STRLEN( "DC" ), MBEDTLS_OID_DOMAIN_COMPONENT }, { NULL, 0, NULL } }; @@ -86,24 +81,24 @@ static const char *x509_at_oid_from_name( const char *name, size_t name_len ) for( cur = x509_attrs; cur->name != NULL; cur++ ) if( cur->name_len == name_len && - strncasecmp( cur->name, name, name_len ) == 0 ) + strncmp( cur->name, name, name_len ) == 0 ) break; return( cur->oid ); } -int x509_string_to_names( asn1_named_data **head, const char *name ) +int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ) { int ret = 0; const char *s = name, *c = s; const char *end = s + strlen( s ); const char *oid = NULL; int in_tag = 1; - char data[X509_MAX_DN_NAME_SIZE]; + char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; char *d = data; /* Clear existing chain if present */ - asn1_free_named_data_list( head ); + mbedtls_asn1_free_named_data_list( head ); while( c <= end ) { @@ -111,7 +106,7 @@ int x509_string_to_names( asn1_named_data **head, const char *name ) { if( ( oid = x509_at_oid_from_name( s, c - s ) ) == NULL ) { - ret = POLARSSL_ERR_X509_UNKNOWN_OID; + ret = MBEDTLS_ERR_X509_UNKNOWN_OID; goto exit; } @@ -127,17 +122,17 @@ int x509_string_to_names( asn1_named_data **head, const char *name ) /* Check for valid escaped characters */ if( c == end || *c != ',' ) { - ret = POLARSSL_ERR_X509_INVALID_NAME; + ret = MBEDTLS_ERR_X509_INVALID_NAME; goto exit; } } else if( !in_tag && ( *c == ',' || c == end ) ) { - if( asn1_store_named_data( head, oid, strlen( oid ), + if( mbedtls_asn1_store_named_data( head, oid, strlen( oid ), (unsigned char *) data, d - data ) == NULL ) { - return( POLARSSL_ERR_X509_MALLOC_FAILED ); + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); } while( c < end && *(c + 1) == ' ' ) @@ -151,9 +146,9 @@ int x509_string_to_names( asn1_named_data **head, const char *name ) { *(d++) = *c; - if( d - data == X509_MAX_DN_NAME_SIZE ) + if( d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE ) { - ret = POLARSSL_ERR_X509_INVALID_NAME; + ret = MBEDTLS_ERR_X509_INVALID_NAME; goto exit; } } @@ -166,18 +161,18 @@ exit: return( ret ); } -/* The first byte of the value in the asn1_named_data structure is reserved +/* The first byte of the value in the mbedtls_asn1_named_data structure is reserved * to store the critical boolean for us */ -int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len, +int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, int critical, const unsigned char *val, size_t val_len ) { - asn1_named_data *cur; + mbedtls_asn1_named_data *cur; - if( ( cur = asn1_store_named_data( head, oid, oid_len, + if( ( cur = mbedtls_asn1_store_named_data( head, oid, oid_len, NULL, val_len + 1 ) ) == NULL ) { - return( POLARSSL_ERR_X509_MALLOC_FAILED ); + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); } cur->val.p[0] = critical; @@ -205,60 +200,60 @@ static int x509_write_name( unsigned char **p, unsigned char *start, int ret; size_t len = 0; - // Write PrintableString for all except OID_PKCS9_EMAIL + // Write PrintableString for all except MBEDTLS_OID_PKCS9_EMAIL // - if( OID_SIZE( OID_PKCS9_EMAIL ) == oid_len && - memcmp( oid, OID_PKCS9_EMAIL, oid_len ) == 0 ) + if( MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_EMAIL ) == oid_len && + memcmp( oid, MBEDTLS_OID_PKCS9_EMAIL, oid_len ) == 0 ) { - ASN1_CHK_ADD( len, asn1_write_ia5_string( p, start, + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_ia5_string( p, start, (const char *) name, name_len ) ); } else { - ASN1_CHK_ADD( len, asn1_write_printable_string( p, start, + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_printable_string( p, start, (const char *) name, name_len ) ); } // Write OID // - ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) ); - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | - ASN1_SET ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SET ) ); return( (int) len ); } -int x509_write_names( unsigned char **p, unsigned char *start, - asn1_named_data *first ) +int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first ) { int ret; size_t len = 0; - asn1_named_data *cur = first; + mbedtls_asn1_named_data *cur = first; while( cur != NULL ) { - ASN1_CHK_ADD( len, x509_write_name( p, start, (char *) cur->oid.p, + MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, (char *) cur->oid.p, cur->oid.len, cur->val.p, cur->val.len ) ); cur = cur->next; } - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); return( (int) len ); } -int x509_write_sig( unsigned char **p, unsigned char *start, +int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start, const char *oid, size_t oid_len, unsigned char *sig, size_t size ) { @@ -266,7 +261,7 @@ int x509_write_sig( unsigned char **p, unsigned char *start, size_t len = 0; if( *p - start < (int) size + 1 ) - return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); len = size; (*p) -= len; @@ -275,41 +270,41 @@ int x509_write_sig( unsigned char **p, unsigned char *start, *--(*p) = 0; len += 1; - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BIT_STRING ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) ); // Write OID // - ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( p, start, oid, + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( p, start, oid, oid_len, 0 ) ); return( (int) len ); } static int x509_write_extension( unsigned char **p, unsigned char *start, - asn1_named_data *ext ) + mbedtls_asn1_named_data *ext ) { int ret; size_t len = 0; - ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, ext->val.p + 1, + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->val.p + 1, ext->val.len - 1 ) ); - ASN1_CHK_ADD( len, asn1_write_len( p, start, ext->val.len - 1 ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_OCTET_STRING ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->val.len - 1 ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) ); if( ext->val.p[0] != 0 ) { - ASN1_CHK_ADD( len, asn1_write_bool( p, start, 1 ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( p, start, 1 ) ); } - ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, ext->oid.p, + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->oid.p, ext->oid.len ) ); - ASN1_CHK_ADD( len, asn1_write_len( p, start, ext->oid.len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_OID ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->oid.len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) ); - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); return( (int) len ); } @@ -324,20 +319,20 @@ static int x509_write_extension( unsigned char **p, unsigned char *start, * -- by extnID * } */ -int x509_write_extensions( unsigned char **p, unsigned char *start, - asn1_named_data *first ) +int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first ) { int ret; size_t len = 0; - asn1_named_data *cur_ext = first; + mbedtls_asn1_named_data *cur_ext = first; while( cur_ext != NULL ) { - ASN1_CHK_ADD( len, x509_write_extension( p, start, cur_ext ) ); + MBEDTLS_ASN1_CHK_ADD( len, x509_write_extension( p, start, cur_ext ) ); cur_ext = cur_ext->next; } return( (int) len ); } -#endif /* POLARSSL_X509_CREATE_C */ +#endif /* MBEDTLS_X509_CREATE_C */ diff --git a/ext/mbedtls/library/x509_crl.c b/ext/mbedtls/library/x509_crl.c index de2079fc7b..85de93058f 100644 --- a/ext/mbedtls/library/x509_crl.c +++ b/ext/mbedtls/library/x509_crl.c @@ -30,31 +30,31 @@ * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_X509_CRL_PARSE_C) +#if defined(MBEDTLS_X509_CRL_PARSE_C) -#include "polarssl/x509_crl.h" -#include "polarssl/oid.h" +#include "mbedtls/x509_crl.h" +#include "mbedtls/oid.h" #include -#if defined(POLARSSL_PEM_PARSE_C) -#include "polarssl/pem.h" +#if defined(MBEDTLS_PEM_PARSE_C) +#include "mbedtls/pem.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include #include -#define polarssl_free free -#define polarssl_malloc malloc -#define polarssl_snprintf snprintf +#define mbedtls_free free +#define mbedtls_calloc calloc +#define mbedtls_snprintf snprintf #endif #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -63,12 +63,12 @@ #include #endif -#if defined(POLARSSL_FS_IO) || defined(EFIX64) || defined(EFI32) +#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32) #include #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } @@ -81,15 +81,15 @@ static int x509_crl_get_version( unsigned char **p, { int ret; - if( ( ret = asn1_get_int( p, end, ver ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) { - if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) { *ver = 0; return( 0 ); } - return( POLARSSL_ERR_X509_INVALID_VERSION + ret ); + return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); } return( 0 ); @@ -100,15 +100,15 @@ static int x509_crl_get_version( unsigned char **p, */ static int x509_get_crl_ext( unsigned char **p, const unsigned char *end, - x509_buf *ext ) + mbedtls_x509_buf *ext ) { int ret; size_t len = 0; /* Get explicit tag */ - if( ( ret = x509_get_ext( p, end, ext, 0) ) != 0 ) + if( ( ret = mbedtls_x509_get_ext( p, end, ext, 0) ) != 0 ) { - if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) return( 0 ); return( ret ); @@ -116,16 +116,16 @@ static int x509_get_crl_ext( unsigned char **p, while( *p < end ) { - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); *p += len; } if( *p != end ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } @@ -135,7 +135,7 @@ static int x509_get_crl_ext( unsigned char **p, */ static int x509_get_crl_entry_ext( unsigned char **p, const unsigned char *end, - x509_buf *ext ) + mbedtls_x509_buf *ext ) { int ret; size_t len = 0; @@ -151,35 +151,35 @@ static int x509_get_crl_entry_ext( unsigned char **p, * Get CRL-entry extension sequence header * crlEntryExtensions Extensions OPTIONAL -- if present, MUST be v2 */ - if( ( ret = asn1_get_tag( p, end, &ext->len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) { ext->p = NULL; return( 0 ); } - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); } end = *p + ext->len; if( end != *p + ext->len ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); while( *p < end ) { - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); *p += len; } if( *p != end ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } @@ -189,19 +189,19 @@ static int x509_get_crl_entry_ext( unsigned char **p, */ static int x509_get_entries( unsigned char **p, const unsigned char *end, - x509_crl_entry *entry ) + mbedtls_x509_crl_entry *entry ) { int ret; size_t entry_len; - x509_crl_entry *cur_entry = entry; + mbedtls_x509_crl_entry *cur_entry = entry; if( *p == end ) return( 0 ); - if( ( ret = asn1_get_tag( p, end, &entry_len, - ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &entry_len, + MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 ) { - if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) return( 0 ); return( ret ); @@ -214,8 +214,8 @@ static int x509_get_entries( unsigned char **p, size_t len2; const unsigned char *end2; - if( ( ret = asn1_get_tag( p, end, &len2, - ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &len2, + MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 ) { return( ret ); } @@ -225,10 +225,10 @@ static int x509_get_entries( unsigned char **p, cur_entry->raw.len = len2; end2 = *p + len2; - if( ( ret = x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 ) + if( ( ret = mbedtls_x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 ) return( ret ); - if( ( ret = x509_get_time( p, end2, + if( ( ret = mbedtls_x509_get_time( p, end2, &cur_entry->revocation_date ) ) != 0 ) return( ret ); @@ -238,12 +238,11 @@ static int x509_get_entries( unsigned char **p, if( *p < end ) { - cur_entry->next = polarssl_malloc( sizeof( x509_crl_entry ) ); + cur_entry->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl_entry ) ); if( cur_entry->next == NULL ) - return( POLARSSL_ERR_X509_MALLOC_FAILED ); + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - memset( cur_entry->next, 0, sizeof( x509_crl_entry ) ); cur_entry = cur_entry->next; } } @@ -254,23 +253,24 @@ static int x509_get_entries( unsigned char **p, /* * Parse one CRLs in DER format and append it to the chained list */ -int x509_crl_parse_der( x509_crl *chain, +int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ) { int ret; size_t len; unsigned char *p, *end; - x509_buf sig_params1, sig_params2; - x509_crl *crl = chain; + mbedtls_x509_buf sig_params1, sig_params2, sig_oid2; + mbedtls_x509_crl *crl = chain; /* * Check for valid input */ if( crl == NULL || buf == NULL ) - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - memset( &sig_params1, 0, sizeof( x509_buf ) ); - memset( &sig_params2, 0, sizeof( x509_buf ) ); + memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) ); + memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) ); + memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) ); /* * Add new CRL on the end of the chain if needed. @@ -280,23 +280,23 @@ int x509_crl_parse_der( x509_crl *chain, if( crl->version != 0 && crl->next == NULL ) { - crl->next = polarssl_malloc( sizeof( x509_crl ) ); + crl->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ); if( crl->next == NULL ) { - x509_crl_free( crl ); - return( POLARSSL_ERR_X509_MALLOC_FAILED ); + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); } - x509_crl_init( crl->next ); + mbedtls_x509_crl_init( crl->next ); crl = crl->next; } /* * Copy raw DER-encoded CRL */ - if( ( p = polarssl_malloc( buflen ) ) == NULL ) - return( POLARSSL_ERR_X509_MALLOC_FAILED ); + if( ( p = mbedtls_calloc( 1, buflen ) ) == NULL ) + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); memcpy( p, buf, buflen ); @@ -311,18 +311,18 @@ int x509_crl_parse_der( x509_crl *chain, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING } */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - x509_crl_free( crl ); - return( POLARSSL_ERR_X509_INVALID_FORMAT ); + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT ); } if( len != (size_t) ( end - p ) ) { - x509_crl_free( crl ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } /* @@ -330,11 +330,11 @@ int x509_crl_parse_der( x509_crl *chain, */ crl->tbs.p = p; - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - x509_crl_free( crl ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + ret ); + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); } end = p + len; @@ -347,9 +347,9 @@ int x509_crl_parse_der( x509_crl *chain, * signature AlgorithmIdentifier */ if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 || - ( ret = x509_get_alg( &p, end, &crl->sig_oid1, &sig_params1 ) ) != 0 ) + ( ret = mbedtls_x509_get_alg( &p, end, &crl->sig_oid, &sig_params1 ) ) != 0 ) { - x509_crl_free( crl ); + mbedtls_x509_crl_free( crl ); return( ret ); } @@ -357,16 +357,16 @@ int x509_crl_parse_der( x509_crl *chain, if( crl->version > 2 ) { - x509_crl_free( crl ); - return( POLARSSL_ERR_X509_UNKNOWN_VERSION ); + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); } - if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &sig_params1, + if( ( ret = mbedtls_x509_get_sig_alg( &crl->sig_oid, &sig_params1, &crl->sig_md, &crl->sig_pk, &crl->sig_opts ) ) != 0 ) { - x509_crl_free( crl ); - return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG ); + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG ); } /* @@ -374,16 +374,16 @@ int x509_crl_parse_der( x509_crl *chain, */ crl->issuer_raw.p = p; - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - x509_crl_free( crl ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + ret ); + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); } - if( ( ret = x509_get_name( &p, p + len, &crl->issuer ) ) != 0 ) + if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 ) { - x509_crl_free( crl ); + mbedtls_x509_crl_free( crl ); return( ret ); } @@ -393,20 +393,20 @@ int x509_crl_parse_der( x509_crl *chain, * thisUpdate Time * nextUpdate Time OPTIONAL */ - if( ( ret = x509_get_time( &p, end, &crl->this_update ) ) != 0 ) + if( ( ret = mbedtls_x509_get_time( &p, end, &crl->this_update ) ) != 0 ) { - x509_crl_free( crl ); + mbedtls_x509_crl_free( crl ); return( ret ); } - if( ( ret = x509_get_time( &p, end, &crl->next_update ) ) != 0 ) + if( ( ret = mbedtls_x509_get_time( &p, end, &crl->next_update ) ) != 0 ) { - if( ret != ( POLARSSL_ERR_X509_INVALID_DATE + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) && - ret != ( POLARSSL_ERR_X509_INVALID_DATE + - POLARSSL_ERR_ASN1_OUT_OF_DATA ) ) + if( ret != ( MBEDTLS_ERR_X509_INVALID_DATE + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) && + ret != ( MBEDTLS_ERR_X509_INVALID_DATE + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ) { - x509_crl_free( crl ); + mbedtls_x509_crl_free( crl ); return( ret ); } } @@ -421,7 +421,7 @@ int x509_crl_parse_der( x509_crl *chain, */ if( ( ret = x509_get_entries( &p, end, &crl->entry ) ) != 0 ) { - x509_crl_free( crl ); + mbedtls_x509_crl_free( crl ); return( ret ); } @@ -435,16 +435,16 @@ int x509_crl_parse_der( x509_crl *chain, if( ret != 0 ) { - x509_crl_free( crl ); + mbedtls_x509_crl_free( crl ); return( ret ); } } if( p != end ) { - x509_crl_free( crl ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } end = crl->raw.p + crl->raw.len; @@ -453,33 +453,33 @@ int x509_crl_parse_der( x509_crl *chain, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ - if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2, &sig_params2 ) ) != 0 ) + if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 ) { - x509_crl_free( crl ); + mbedtls_x509_crl_free( crl ); return( ret ); } - if( crl->sig_oid1.len != crl->sig_oid2.len || - memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 || + if( crl->sig_oid.len != sig_oid2.len || + memcmp( crl->sig_oid.p, sig_oid2.p, crl->sig_oid.len ) != 0 || sig_params1.len != sig_params2.len || ( sig_params1.len != 0 && memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) ) { - x509_crl_free( crl ); - return( POLARSSL_ERR_X509_SIG_MISMATCH ); + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_SIG_MISMATCH ); } - if( ( ret = x509_get_sig( &p, end, &crl->sig ) ) != 0 ) + if( ( ret = mbedtls_x509_get_sig( &p, end, &crl->sig ) ) != 0 ) { - x509_crl_free( crl ); + mbedtls_x509_crl_free( crl ); return( ret ); } if( p != end ) { - x509_crl_free( crl ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + mbedtls_x509_crl_free( crl ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } return( 0 ); @@ -488,21 +488,26 @@ int x509_crl_parse_der( x509_crl *chain, /* * Parse one or more CRLs and add them to the chained list */ -int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) +int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ) { -#if defined(POLARSSL_PEM_PARSE_C) +#if defined(MBEDTLS_PEM_PARSE_C) int ret; size_t use_len; - pem_context pem; + mbedtls_pem_context pem; int is_pem = 0; if( chain == NULL || buf == NULL ) - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); do { - pem_init( &pem ); - ret = pem_read_buffer( &pem, + mbedtls_pem_init( &pem ); + + /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ + if( buflen == 0 || buf[buflen - 1] != '\0' ) + ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + else + ret = mbedtls_pem_read_buffer( &pem, "-----BEGIN X509 CRL-----", "-----END X509 CRL-----", buf, NULL, 0, &use_len ); @@ -517,102 +522,52 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) buflen -= use_len; buf += use_len; - if( ( ret = x509_crl_parse_der( chain, + if( ( ret = mbedtls_x509_crl_parse_der( chain, pem.buf, pem.buflen ) ) != 0 ) { return( ret ); } - pem_free( &pem ); + mbedtls_pem_free( &pem ); } - else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) { - pem_free( &pem ); + mbedtls_pem_free( &pem ); return( ret ); } } - while( is_pem && buflen > 0 ); + /* In the PEM case, buflen is 1 at the end, for the terminated NULL byte. + * And a valid CRL cannot be less than 1 byte anyway. */ + while( is_pem && buflen > 1 ); if( is_pem ) return( 0 ); else -#endif /* POLARSSL_PEM_PARSE_C */ - return( x509_crl_parse_der( chain, buf, buflen ) ); +#endif /* MBEDTLS_PEM_PARSE_C */ + return( mbedtls_x509_crl_parse_der( chain, buf, buflen ) ); } -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /* * Load one or more CRLs and add them to the chained list */ -int x509_crl_parse_file( x509_crl *chain, const char *path ) +int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ) { int ret; size_t n; unsigned char *buf; - if( ( ret = pk_load_file( path, &buf, &n ) ) != 0 ) + if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) return( ret ); - ret = x509_crl_parse( chain, buf, n ); + ret = mbedtls_x509_crl_parse( chain, buf, n ); - polarssl_zeroize( buf, n + 1 ); - polarssl_free( buf ); + mbedtls_zeroize( buf, n ); + mbedtls_free( buf ); return( ret ); } -#endif /* POLARSSL_FS_IO */ - -#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \ - !defined(EFI32) -#include - -#if !defined vsnprintf -#define vsnprintf _vsnprintf -#endif // vsnprintf - -/* - * Windows _snprintf and _vsnprintf are not compatible to linux versions. - * Result value is not size of buffer needed, but -1 if no fit is possible. - * - * This fuction tries to 'fix' this by at least suggesting enlarging the - * size by 20. - */ -static int compat_snprintf( char *str, size_t size, const char *format, ... ) -{ - va_list ap; - int res = -1; - - va_start( ap, format ); - - res = vsnprintf( str, size, format, ap ); - - va_end( ap ); - - // No quick fix possible - if( res < 0 ) - return( (int) size + 20 ); - - return( res ); -} - -#define snprintf compat_snprintf -#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */ - -#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2 - -#define SAFE_SNPRINTF() \ -{ \ - if( ret == -1 ) \ - return( -1 ); \ - \ - if( (unsigned int) ret > n ) { \ - p[n - 1] = '\0'; \ - return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL ); \ - } \ - \ - n -= (unsigned int) ret; \ - p += (unsigned int) ret; \ -} +#endif /* MBEDTLS_FS_IO */ /* * Return an informational string about the certificate. @@ -622,74 +577,74 @@ static int compat_snprintf( char *str, size_t size, const char *format, ... ) /* * Return an informational string about the CRL. */ -int x509_crl_info( char *buf, size_t size, const char *prefix, - const x509_crl *crl ) +int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, + const mbedtls_x509_crl *crl ) { int ret; size_t n; char *p; - const x509_crl_entry *entry; + const mbedtls_x509_crl_entry *entry; p = buf; n = size; - ret = polarssl_snprintf( p, n, "%sCRL version : %d", + ret = mbedtls_snprintf( p, n, "%sCRL version : %d", prefix, crl->version ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = polarssl_snprintf( p, n, "\n%sissuer name : ", prefix ); - SAFE_SNPRINTF(); - ret = x509_dn_gets( p, n, &crl->issuer ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_x509_dn_gets( p, n, &crl->issuer ); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = polarssl_snprintf( p, n, "\n%sthis update : " \ + ret = mbedtls_snprintf( p, n, "\n%sthis update : " \ "%04d-%02d-%02d %02d:%02d:%02d", prefix, crl->this_update.year, crl->this_update.mon, crl->this_update.day, crl->this_update.hour, crl->this_update.min, crl->this_update.sec ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = polarssl_snprintf( p, n, "\n%snext update : " \ + ret = mbedtls_snprintf( p, n, "\n%snext update : " \ "%04d-%02d-%02d %02d:%02d:%02d", prefix, crl->next_update.year, crl->next_update.mon, crl->next_update.day, crl->next_update.hour, crl->next_update.min, crl->next_update.sec ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; entry = &crl->entry; - ret = polarssl_snprintf( p, n, "\n%sRevoked certificates:", + ret = mbedtls_snprintf( p, n, "\n%sRevoked certificates:", prefix ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; while( entry != NULL && entry->raw.len != 0 ) { - ret = polarssl_snprintf( p, n, "\n%sserial number: ", + ret = mbedtls_snprintf( p, n, "\n%sserial number: ", prefix ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = x509_serial_gets( p, n, &entry->serial ); - SAFE_SNPRINTF(); + ret = mbedtls_x509_serial_gets( p, n, &entry->serial ); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = polarssl_snprintf( p, n, " revocation date: " \ + ret = mbedtls_snprintf( p, n, " revocation date: " \ "%04d-%02d-%02d %02d:%02d:%02d", entry->revocation_date.year, entry->revocation_date.mon, entry->revocation_date.day, entry->revocation_date.hour, entry->revocation_date.min, entry->revocation_date.sec ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; entry = entry->next; } - ret = polarssl_snprintf( p, n, "\n%ssigned using : ", prefix ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = x509_sig_alg_gets( p, n, &crl->sig_oid1, crl->sig_pk, crl->sig_md, + ret = mbedtls_x509_sig_alg_gets( p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md, crl->sig_opts ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = polarssl_snprintf( p, n, "\n" ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n" ); + MBEDTLS_X509_SAFE_SNPRINTF; return( (int) ( size - n ) ); } @@ -697,30 +652,30 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, /* * Initialize a CRL chain */ -void x509_crl_init( x509_crl *crl ) +void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ) { - memset( crl, 0, sizeof(x509_crl) ); + memset( crl, 0, sizeof(mbedtls_x509_crl) ); } /* * Unallocate all CRL data */ -void x509_crl_free( x509_crl *crl ) +void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ) { - x509_crl *crl_cur = crl; - x509_crl *crl_prv; - x509_name *name_cur; - x509_name *name_prv; - x509_crl_entry *entry_cur; - x509_crl_entry *entry_prv; + mbedtls_x509_crl *crl_cur = crl; + mbedtls_x509_crl *crl_prv; + mbedtls_x509_name *name_cur; + mbedtls_x509_name *name_prv; + mbedtls_x509_crl_entry *entry_cur; + mbedtls_x509_crl_entry *entry_prv; if( crl == NULL ) return; do { -#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) - polarssl_free( crl_cur->sig_opts ); +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + mbedtls_free( crl_cur->sig_opts ); #endif name_cur = crl_cur->issuer.next; @@ -728,8 +683,8 @@ void x509_crl_free( x509_crl *crl ) { name_prv = name_cur; name_cur = name_cur->next; - polarssl_zeroize( name_prv, sizeof( x509_name ) ); - polarssl_free( name_prv ); + mbedtls_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); + mbedtls_free( name_prv ); } entry_cur = crl_cur->entry.next; @@ -737,14 +692,14 @@ void x509_crl_free( x509_crl *crl ) { entry_prv = entry_cur; entry_cur = entry_cur->next; - polarssl_zeroize( entry_prv, sizeof( x509_crl_entry ) ); - polarssl_free( entry_prv ); + mbedtls_zeroize( entry_prv, sizeof( mbedtls_x509_crl_entry ) ); + mbedtls_free( entry_prv ); } if( crl_cur->raw.p != NULL ) { - polarssl_zeroize( crl_cur->raw.p, crl_cur->raw.len ); - polarssl_free( crl_cur->raw.p ); + mbedtls_zeroize( crl_cur->raw.p, crl_cur->raw.len ); + mbedtls_free( crl_cur->raw.p ); } crl_cur = crl_cur->next; @@ -757,11 +712,11 @@ void x509_crl_free( x509_crl *crl ) crl_prv = crl_cur; crl_cur = crl_cur->next; - polarssl_zeroize( crl_prv, sizeof( x509_crl ) ); + mbedtls_zeroize( crl_prv, sizeof( mbedtls_x509_crl ) ); if( crl_prv != crl ) - polarssl_free( crl_prv ); + mbedtls_free( crl_prv ); } while( crl_cur != NULL ); } -#endif /* POLARSSL_X509_CRL_PARSE_C */ +#endif /* MBEDTLS_X509_CRL_PARSE_C */ diff --git a/ext/mbedtls/library/x509_crt.c b/ext/mbedtls/library/x509_crt.c index b94f213222..c837c03d13 100644 --- a/ext/mbedtls/library/x509_crt.c +++ b/ext/mbedtls/library/x509_crt.c @@ -30,35 +30,35 @@ * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) -#include "polarssl/x509_crt.h" -#include "polarssl/oid.h" +#include "mbedtls/x509_crt.h" +#include "mbedtls/oid.h" #include #include -#if defined(POLARSSL_PEM_PARSE_C) -#include "polarssl/pem.h" +#if defined(MBEDTLS_PEM_PARSE_C) +#include "mbedtls/pem.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_free free -#define polarssl_malloc malloc -#define polarssl_snprintf snprintf +#define mbedtls_free free +#define mbedtls_calloc calloc +#define mbedtls_snprintf snprintf #endif -#if defined(POLARSSL_THREADING_C) -#include "polarssl/threading.h" +#if defined(MBEDTLS_THREADING_C) +#include "mbedtls/threading.h" #endif #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -67,7 +67,7 @@ #include #endif -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) #include #if !defined(_WIN32) || defined(EFIX64) || defined(EFI32) #include @@ -77,10 +77,131 @@ #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } +/* + * Default profile + */ +const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = +{ + /* Hashes from SHA-1 and above */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + 0xFFFFFFF, /* Any PK alg */ + 0xFFFFFFF, /* Any curve */ + 2048, +}; + +/* + * Next-default profile + */ +const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next = +{ + /* Hashes from SHA-256 and above */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + 0xFFFFFFF, /* Any PK alg */ +#if defined(MBEDTLS_ECP_C) + /* Curves at or above 128-bit security level */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256K1 ), +#else + 0, +#endif + 2048, +}; + +/* + * NSA Suite B Profile + */ +const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb = +{ + /* Only SHA-256 and 384 */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ), + /* Only ECDSA */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECDSA ), +#if defined(MBEDTLS_ECP_C) + /* Only NIST P-256 and P-384 */ + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | + MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ), +#else + 0, +#endif + 0, +}; + +/* + * Check md_alg against profile + * Return 0 if md_alg acceptable for this profile, -1 otherwise + */ +static int x509_profile_check_md_alg( const mbedtls_x509_crt_profile *profile, + mbedtls_md_type_t md_alg ) +{ + if( ( profile->allowed_mds & MBEDTLS_X509_ID_FLAG( md_alg ) ) != 0 ) + return( 0 ); + + return( -1 ); +} + +/* + * Check pk_alg against profile + * Return 0 if pk_alg acceptable for this profile, -1 otherwise + */ +static int x509_profile_check_pk_alg( const mbedtls_x509_crt_profile *profile, + mbedtls_pk_type_t pk_alg ) +{ + if( ( profile->allowed_pks & MBEDTLS_X509_ID_FLAG( pk_alg ) ) != 0 ) + return( 0 ); + + return( -1 ); +} + +/* + * Check key against profile + * Return 0 if pk_alg acceptable for this profile, -1 otherwise + */ +static int x509_profile_check_key( const mbedtls_x509_crt_profile *profile, + mbedtls_pk_type_t pk_alg, + const mbedtls_pk_context *pk ) +{ +#if defined(MBEDTLS_RSA_C) + if( pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS ) + { + if( mbedtls_pk_get_bitlen( pk ) >= profile->rsa_min_bitlen ) + return( 0 ); + + return( -1 ); + } +#endif + +#if defined(MBEDTLS_ECDSA_C) + if( pk_alg == MBEDTLS_PK_ECDSA ) + { + mbedtls_ecp_group_id gid = mbedtls_pk_ec( *pk )->grp.id; + + if( ( profile->allowed_curves & MBEDTLS_X509_ID_FLAG( gid ) ) != 0 ) + return( 0 ); + + return( -1 ); + } +#endif + + return( -1 ); +} + /* * Version ::= INTEGER { v1(0), v2(1), v3(2) } */ @@ -91,10 +212,10 @@ static int x509_get_version( unsigned char **p, int ret; size_t len; - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) != 0 ) { - if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) { *ver = 0; return( 0 ); @@ -105,12 +226,12 @@ static int x509_get_version( unsigned char **p, end = *p + len; - if( ( ret = asn1_get_int( p, end, ver ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_VERSION + ret ); + if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); if( *p != end ) - return( POLARSSL_ERR_X509_INVALID_VERSION + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_VERSION + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } @@ -122,27 +243,27 @@ static int x509_get_version( unsigned char **p, */ static int x509_get_dates( unsigned char **p, const unsigned char *end, - x509_time *from, - x509_time *to ) + mbedtls_x509_time *from, + mbedtls_x509_time *to ) { int ret; size_t len; - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_DATE + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); end = *p + len; - if( ( ret = x509_get_time( p, end, from ) ) != 0 ) + if( ( ret = mbedtls_x509_get_time( p, end, from ) ) != 0 ) return( ret ); - if( ( ret = x509_get_time( p, end, to ) ) != 0 ) + if( ( ret = mbedtls_x509_get_time( p, end, to ) ) != 0 ) return( ret ); if( *p != end ) - return( POLARSSL_ERR_X509_INVALID_DATE + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_DATE + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } @@ -152,7 +273,7 @@ static int x509_get_dates( unsigned char **p, */ static int x509_get_uid( unsigned char **p, const unsigned char *end, - x509_buf *uid, int n ) + mbedtls_x509_buf *uid, int n ) { int ret; @@ -161,10 +282,10 @@ static int x509_get_uid( unsigned char **p, uid->tag = **p; - if( ( ret = asn1_get_tag( p, end, &uid->len, - ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | n ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end, &uid->len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | n ) ) != 0 ) { - if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) return( 0 ); return( ret ); @@ -192,20 +313,20 @@ static int x509_get_basic_constraints( unsigned char **p, *ca_istrue = 0; /* DEFAULT FALSE */ *max_pathlen = 0; /* endless */ - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); if( *p == end ) return( 0 ); - if( ( ret = asn1_get_bool( p, end, ca_istrue ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_bool( p, end, ca_istrue ) ) != 0 ) { - if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) - ret = asn1_get_int( p, end, ca_istrue ); + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) + ret = mbedtls_asn1_get_int( p, end, ca_istrue ); if( ret != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); if( *ca_istrue != 0 ) *ca_istrue = 1; @@ -214,12 +335,12 @@ static int x509_get_basic_constraints( unsigned char **p, if( *p == end ) return( 0 ); - if( ( ret = asn1_get_int( p, end, max_pathlen ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_int( p, end, max_pathlen ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); if( *p != end ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); (*max_pathlen)++; @@ -231,14 +352,14 @@ static int x509_get_ns_cert_type( unsigned char **p, unsigned char *ns_cert_type) { int ret; - x509_bitstring bs = { 0, 0, NULL }; + mbedtls_x509_bitstring bs = { 0, 0, NULL }; - if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); if( bs.len != 1 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_INVALID_LENGTH ); /* Get actual bitstring */ *ns_cert_type = *bs.p; @@ -247,20 +368,26 @@ static int x509_get_ns_cert_type( unsigned char **p, static int x509_get_key_usage( unsigned char **p, const unsigned char *end, - unsigned char *key_usage) + unsigned int *key_usage) { int ret; - x509_bitstring bs = { 0, 0, NULL }; + size_t i; + mbedtls_x509_bitstring bs = { 0, 0, NULL }; - if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); if( bs.len < 1 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_INVALID_LENGTH ); /* Get actual bitstring */ - *key_usage = *bs.p; + *key_usage = 0; + for( i = 0; i < bs.len && i < sizeof( unsigned int ); i++ ) + { + *key_usage |= (unsigned int) bs.p[i] << (8*i); + } + return( 0 ); } @@ -271,17 +398,17 @@ static int x509_get_key_usage( unsigned char **p, */ static int x509_get_ext_key_usage( unsigned char **p, const unsigned char *end, - x509_sequence *ext_key_usage) + mbedtls_x509_sequence *ext_key_usage) { int ret; - if( ( ret = asn1_get_sequence_of( p, end, ext_key_usage, ASN1_OID ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_sequence_of( p, end, ext_key_usage, MBEDTLS_ASN1_OID ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); /* Sequence length must be >= 1 */ if( ext_key_usage->buf.p == NULL ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return( 0 ); } @@ -314,40 +441,40 @@ static int x509_get_ext_key_usage( unsigned char **p, */ static int x509_get_subject_alt_name( unsigned char **p, const unsigned char *end, - x509_sequence *subject_alt_name ) + mbedtls_x509_sequence *subject_alt_name ) { int ret; size_t len, tag_len; - asn1_buf *buf; + mbedtls_asn1_buf *buf; unsigned char tag; - asn1_sequence *cur = subject_alt_name; + mbedtls_asn1_sequence *cur = subject_alt_name; /* Get main sequence tag */ - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); if( *p + len != end ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); while( *p < end ) { if( ( end - *p ) < 1 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); tag = **p; (*p)++; - if( ( ret = asn1_get_len( p, end, &tag_len ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); - if( ( tag & ASN1_CONTEXT_SPECIFIC ) != ASN1_CONTEXT_SPECIFIC ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + if( ( tag & MBEDTLS_ASN1_CONTEXT_SPECIFIC ) != MBEDTLS_ASN1_CONTEXT_SPECIFIC ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); /* Skip everything but DNS name */ - if( tag != ( ASN1_CONTEXT_SPECIFIC | 2 ) ) + if( tag != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | 2 ) ) { *p += tag_len; continue; @@ -357,15 +484,14 @@ static int x509_get_subject_alt_name( unsigned char **p, if( cur->buf.p != NULL ) { if( cur->next != NULL ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS ); - cur->next = polarssl_malloc( sizeof( asn1_sequence ) ); + cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); if( cur->next == NULL ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_MALLOC_FAILED ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_ALLOC_FAILED ); - memset( cur->next, 0, sizeof( asn1_sequence ) ); cur = cur->next; } @@ -380,8 +506,8 @@ static int x509_get_subject_alt_name( unsigned char **p, cur->next = NULL; if( *p != end ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } @@ -395,15 +521,15 @@ static int x509_get_subject_alt_name( unsigned char **p, */ static int x509_get_crt_ext( unsigned char **p, const unsigned char *end, - x509_crt *crt ) + mbedtls_x509_crt *crt ) { int ret; size_t len; unsigned char *end_ext_data, *end_ext_octet; - if( ( ret = x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 ) + if( ( ret = mbedtls_x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 ) { - if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) return( 0 ); return( ret ); @@ -417,61 +543,61 @@ static int x509_get_crt_ext( unsigned char **p, * critical BOOLEAN DEFAULT FALSE, * extnValue OCTET STRING } */ - x509_buf extn_oid = {0, 0, NULL}; + mbedtls_x509_buf extn_oid = {0, 0, NULL}; int is_critical = 0; /* DEFAULT FALSE */ int ext_type = 0; - if( ( ret = asn1_get_tag( p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); end_ext_data = *p + len; /* Get extension ID */ extn_oid.tag = **p; - if( ( ret = asn1_get_tag( p, end, &extn_oid.len, ASN1_OID ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &extn_oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); extn_oid.p = *p; *p += extn_oid.len; if( ( end - *p ) < 1 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_OUT_OF_DATA ); /* Get optional critical */ - if( ( ret = asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 && - ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 && + ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); /* Data should be octet string type */ - if( ( ret = asn1_get_tag( p, end_ext_data, &len, - ASN1_OCTET_STRING ) ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret ); + if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, + MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); end_ext_octet = *p + len; if( end_ext_octet != end_ext_data ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); /* * Detect supported extensions */ - ret = oid_get_x509_ext_type( &extn_oid, &ext_type ); + ret = mbedtls_oid_get_x509_ext_type( &extn_oid, &ext_type ); if( ret != 0 ) { /* No parser found, skip extension */ *p = end_ext_octet; -#if !defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) +#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) if( is_critical ) { /* Data is marked as critical: fail */ - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); } #endif continue; @@ -479,41 +605,41 @@ static int x509_get_crt_ext( unsigned char **p, /* Forbid repeated extensions */ if( ( crt->ext_types & ext_type ) != 0 ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS ); crt->ext_types |= ext_type; switch( ext_type ) { - case EXT_BASIC_CONSTRAINTS: + case MBEDTLS_X509_EXT_BASIC_CONSTRAINTS: /* Parse basic constraints */ if( ( ret = x509_get_basic_constraints( p, end_ext_octet, &crt->ca_istrue, &crt->max_pathlen ) ) != 0 ) return( ret ); break; - case EXT_KEY_USAGE: + case MBEDTLS_X509_EXT_KEY_USAGE: /* Parse key usage */ if( ( ret = x509_get_key_usage( p, end_ext_octet, &crt->key_usage ) ) != 0 ) return( ret ); break; - case EXT_EXTENDED_KEY_USAGE: + case MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE: /* Parse extended key usage */ if( ( ret = x509_get_ext_key_usage( p, end_ext_octet, &crt->ext_key_usage ) ) != 0 ) return( ret ); break; - case EXT_SUBJECT_ALT_NAME: + case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME: /* Parse subject alt name */ if( ( ret = x509_get_subject_alt_name( p, end_ext_octet, &crt->subject_alt_names ) ) != 0 ) return( ret ); break; - case EXT_NS_CERT_TYPE: + case MBEDTLS_X509_EXT_NS_CERT_TYPE: /* Parse netscape certificate type */ if( ( ret = x509_get_ns_cert_type( p, end_ext_octet, &crt->ns_cert_type ) ) != 0 ) @@ -521,13 +647,13 @@ static int x509_get_crt_ext( unsigned char **p, break; default: - return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE ); + return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); } } if( *p != end ) - return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return( 0 ); } @@ -535,27 +661,27 @@ static int x509_get_crt_ext( unsigned char **p, /* * Parse and fill a single X.509 certificate in DER format */ -static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, +static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, const unsigned char *buf, size_t buflen ) { int ret; size_t len; unsigned char *p, *end, *crt_end; - x509_buf sig_params1, sig_params2; + mbedtls_x509_buf sig_params1, sig_params2, sig_oid2; - memset( &sig_params1, 0, sizeof( x509_buf ) ); - memset( &sig_params2, 0, sizeof( x509_buf ) ); + memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) ); + memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) ); + memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) ); /* * Check for valid input */ if( crt == NULL || buf == NULL ) - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); - - p = polarssl_malloc( len = buflen ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + p = mbedtls_calloc( 1, len = buflen ); if( p == NULL ) - return( POLARSSL_ERR_X509_MALLOC_FAILED ); + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); memcpy( p, buf, buflen ); @@ -569,18 +695,18 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING } */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - x509_crt_free( crt ); - return( POLARSSL_ERR_X509_INVALID_FORMAT ); + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT ); } if( len > (size_t) ( end - p ) ) { - x509_crt_free( crt ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } crt_end = p + len; @@ -589,11 +715,11 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, */ crt->tbs.p = p; - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - x509_crt_free( crt ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + ret ); + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); } end = p + len; @@ -607,11 +733,11 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, * signature AlgorithmIdentifier */ if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 || - ( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 || - ( ret = x509_get_alg( &p, end, &crt->sig_oid1, + ( ret = mbedtls_x509_get_serial( &p, end, &crt->serial ) ) != 0 || + ( ret = mbedtls_x509_get_alg( &p, end, &crt->sig_oid, &sig_params1 ) ) != 0 ) { - x509_crt_free( crt ); + mbedtls_x509_crt_free( crt ); return( ret ); } @@ -619,15 +745,15 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, if( crt->version > 3 ) { - x509_crt_free( crt ); - return( POLARSSL_ERR_X509_UNKNOWN_VERSION ); + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); } - if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &sig_params1, + if( ( ret = mbedtls_x509_get_sig_alg( &crt->sig_oid, &sig_params1, &crt->sig_md, &crt->sig_pk, &crt->sig_opts ) ) != 0 ) { - x509_crt_free( crt ); + mbedtls_x509_crt_free( crt ); return( ret ); } @@ -636,16 +762,16 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, */ crt->issuer_raw.p = p; - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - x509_crt_free( crt ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + ret ); + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); } - if( ( ret = x509_get_name( &p, p + len, &crt->issuer ) ) != 0 ) + if( ( ret = mbedtls_x509_get_name( &p, p + len, &crt->issuer ) ) != 0 ) { - x509_crt_free( crt ); + mbedtls_x509_crt_free( crt ); return( ret ); } @@ -660,7 +786,7 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, if( ( ret = x509_get_dates( &p, end, &crt->valid_from, &crt->valid_to ) ) != 0 ) { - x509_crt_free( crt ); + mbedtls_x509_crt_free( crt ); return( ret ); } @@ -669,16 +795,16 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, */ crt->subject_raw.p = p; - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - x509_crt_free( crt ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + ret ); + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); } - if( len && ( ret = x509_get_name( &p, p + len, &crt->subject ) ) != 0 ) + if( len && ( ret = mbedtls_x509_get_name( &p, p + len, &crt->subject ) ) != 0 ) { - x509_crt_free( crt ); + mbedtls_x509_crt_free( crt ); return( ret ); } @@ -687,9 +813,9 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, /* * SubjectPublicKeyInfo */ - if( ( ret = pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 ) + if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 ) { - x509_crt_free( crt ); + mbedtls_x509_crt_free( crt ); return( ret ); } @@ -706,7 +832,7 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, ret = x509_get_uid( &p, end, &crt->issuer_id, 1 ); if( ret != 0 ) { - x509_crt_free( crt ); + mbedtls_x509_crt_free( crt ); return( ret ); } } @@ -716,30 +842,28 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, ret = x509_get_uid( &p, end, &crt->subject_id, 2 ); if( ret != 0 ) { - x509_crt_free( crt ); + mbedtls_x509_crt_free( crt ); return( ret ); } } -#if !defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3) +#if !defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) if( crt->version == 3 ) - { #endif + { ret = x509_get_crt_ext( &p, end, crt ); if( ret != 0 ) { - x509_crt_free( crt ); + mbedtls_x509_crt_free( crt ); return( ret ); } -#if !defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3) } -#endif if( p != end ) { - x509_crt_free( crt ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } end = crt_end; @@ -751,33 +875,33 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ - if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2, &sig_params2 ) ) != 0 ) + if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 ) { - x509_crt_free( crt ); + mbedtls_x509_crt_free( crt ); return( ret ); } - if( crt->sig_oid1.len != crt->sig_oid2.len || - memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 || + if( crt->sig_oid.len != sig_oid2.len || + memcmp( crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len ) != 0 || sig_params1.len != sig_params2.len || ( sig_params1.len != 0 && memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) ) { - x509_crt_free( crt ); - return( POLARSSL_ERR_X509_SIG_MISMATCH ); + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_SIG_MISMATCH ); } - if( ( ret = x509_get_sig( &p, end, &crt->sig ) ) != 0 ) + if( ( ret = mbedtls_x509_get_sig( &p, end, &crt->sig ) ) != 0 ) { - x509_crt_free( crt ); + mbedtls_x509_crt_free( crt ); return( ret ); } if( p != end ) { - x509_crt_free( crt ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + mbedtls_x509_crt_free( crt ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } return( 0 ); @@ -787,17 +911,17 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, * Parse one X.509 certificate in DER format from a buffer and add them to a * chained list */ -int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf, +int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ) { int ret; - x509_crt *crt = chain, *prev = NULL; + mbedtls_x509_crt *crt = chain, *prev = NULL; /* * Check for valid input */ if( crt == NULL || buf == NULL ) - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); while( crt->version != 0 && crt->next != NULL ) { @@ -810,13 +934,13 @@ int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf, */ if( crt->version != 0 && crt->next == NULL ) { - crt->next = polarssl_malloc( sizeof( x509_crt ) ); + crt->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); if( crt->next == NULL ) - return( POLARSSL_ERR_X509_MALLOC_FAILED ); + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); prev = crt; - x509_crt_init( crt->next ); + mbedtls_x509_crt_init( crt->next ); crt = crt->next; } @@ -826,7 +950,7 @@ int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf, prev->next = NULL; if( crt != chain ) - polarssl_free( crt ); + mbedtls_free( crt ); return( ret ); } @@ -838,41 +962,46 @@ int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf, * Parse one or more PEM certificates from a buffer and add them to the chained * list */ -int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen ) +int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ) { int success = 0, first_error = 0, total_failed = 0; - int buf_format = X509_FORMAT_DER; + int buf_format = MBEDTLS_X509_FORMAT_DER; /* * Check for valid input */ if( chain == NULL || buf == NULL ) - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); /* * Determine buffer content. Buffer contains either one DER certificate or * one or more PEM certificates. */ -#if defined(POLARSSL_PEM_PARSE_C) - if( strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL ) - buf_format = X509_FORMAT_PEM; +#if defined(MBEDTLS_PEM_PARSE_C) + if( buflen != 0 && buf[buflen - 1] == '\0' && + strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL ) + { + buf_format = MBEDTLS_X509_FORMAT_PEM; + } #endif - if( buf_format == X509_FORMAT_DER ) - return x509_crt_parse_der( chain, buf, buflen ); + if( buf_format == MBEDTLS_X509_FORMAT_DER ) + return mbedtls_x509_crt_parse_der( chain, buf, buflen ); -#if defined(POLARSSL_PEM_PARSE_C) - if( buf_format == X509_FORMAT_PEM ) +#if defined(MBEDTLS_PEM_PARSE_C) + if( buf_format == MBEDTLS_X509_FORMAT_PEM ) { int ret; - pem_context pem; + mbedtls_pem_context pem; - while( buflen > 0 ) + /* 1 rather than 0 since the terminating NULL byte is counted in */ + while( buflen > 1 ) { size_t use_len; - pem_init( &pem ); + mbedtls_pem_init( &pem ); - ret = pem_read_buffer( &pem, + /* If we get there, we know the string is null-terminated */ + ret = mbedtls_pem_read_buffer( &pem, "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----", buf, NULL, 0, &use_len ); @@ -885,13 +1014,13 @@ int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen ) buflen -= use_len; buf += use_len; } - else if( ret == POLARSSL_ERR_PEM_BAD_INPUT_DATA ) + else if( ret == MBEDTLS_ERR_PEM_BAD_INPUT_DATA ) { return( ret ); } - else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) { - pem_free( &pem ); + mbedtls_pem_free( &pem ); /* * PEM header and footer were found @@ -908,16 +1037,16 @@ int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen ) else break; - ret = x509_crt_parse_der( chain, pem.buf, pem.buflen ); + ret = mbedtls_x509_crt_parse_der( chain, pem.buf, pem.buflen ); - pem_free( &pem ); + mbedtls_pem_free( &pem ); if( ret != 0 ) { /* * Quit parsing on a memory error */ - if( ret == POLARSSL_ERR_X509_MALLOC_FAILED ) + if( ret == MBEDTLS_ERR_X509_ALLOC_FAILED ) return( ret ); if( first_error == 0 ) @@ -930,42 +1059,38 @@ int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen ) success = 1; } } -#endif /* POLARSSL_PEM_PARSE_C */ +#endif /* MBEDTLS_PEM_PARSE_C */ if( success ) return( total_failed ); else if( first_error ) return( first_error ); else - return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT ); + return( MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT ); } -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /* * Load one or more certificates and add them to the chained list */ -int x509_crt_parse_file( x509_crt *chain, const char *path ) +int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ) { int ret; size_t n; unsigned char *buf; - if( ( ret = pk_load_file( path, &buf, &n ) ) != 0 ) + if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) return( ret ); - ret = x509_crt_parse( chain, buf, n ); + ret = mbedtls_x509_crt_parse( chain, buf, n ); - polarssl_zeroize( buf, n + 1 ); - polarssl_free( buf ); + mbedtls_zeroize( buf, n ); + mbedtls_free( buf ); return( ret ); } -#if defined(POLARSSL_THREADING_PTHREAD) -static threading_mutex_t readdir_mutex = PTHREAD_MUTEX_INITIALIZER; -#endif - -int x509_crt_parse_path( x509_crt *chain, const char *path ) +int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) { int ret = 0; #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -979,7 +1104,7 @@ int x509_crt_parse_path( x509_crt *chain, const char *path ) HANDLE hFind; if( len > MAX_PATH - 3 ) - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); memset( szDir, 0, sizeof(szDir) ); memset( filename, 0, MAX_PATH ); @@ -991,11 +1116,11 @@ int x509_crt_parse_path( x509_crt *chain, const char *path ) w_ret = MultiByteToWideChar( CP_ACP, 0, filename, len, szDir, MAX_PATH - 3 ); if( w_ret == 0 ) - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); hFind = FindFirstFileW( szDir, &file_data ); if( hFind == INVALID_HANDLE_VALUE ) - return( POLARSSL_ERR_X509_FILE_IO_ERROR ); + return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); len = MAX_PATH - len; do @@ -1010,9 +1135,9 @@ int x509_crt_parse_path( x509_crt *chain, const char *path ) p, len - 1, NULL, NULL ); if( w_ret == 0 ) - return( POLARSSL_ERR_X509_FILE_IO_ERROR ); + return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); - w_ret = x509_crt_parse_file( chain, filename ); + w_ret = mbedtls_x509_crt_parse_file( chain, filename ); if( w_ret < 0 ) ret++; else @@ -1021,7 +1146,7 @@ int x509_crt_parse_path( x509_crt *chain, const char *path ) while( FindNextFileW( hFind, &file_data ) != 0 ); if( GetLastError() != ERROR_NO_MORE_FILES ) - ret = POLARSSL_ERR_X509_FILE_IO_ERROR; + ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; FindClose( hFind ); #else /* _WIN32 */ @@ -1032,21 +1157,24 @@ int x509_crt_parse_path( x509_crt *chain, const char *path ) DIR *dir = opendir( path ); if( dir == NULL ) - return( POLARSSL_ERR_X509_FILE_IO_ERROR ); + return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); -#if defined(POLARSSL_THREADING_PTHREAD) - if( ( ret = polarssl_mutex_lock( &readdir_mutex ) ) != 0 ) +#if defined(MBEDTLS_THREADING_PTHREAD) + if( ( ret = mbedtls_mutex_lock( &mbedtls_threading_readdir_mutex ) ) != 0 ) + { + closedir( dir ); return( ret ); + } #endif while( ( entry = readdir( dir ) ) != NULL ) { - polarssl_snprintf( entry_name, sizeof entry_name, "%s/%s", path, entry->d_name ); + mbedtls_snprintf( entry_name, sizeof entry_name, "%s/%s", path, entry->d_name ); if( stat( entry_name, &sb ) == -1 ) { closedir( dir ); - ret = POLARSSL_ERR_X509_FILE_IO_ERROR; + ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; goto cleanup; } @@ -1055,7 +1183,7 @@ int x509_crt_parse_path( x509_crt *chain, const char *path ) // Ignore parse errors // - t_ret = x509_crt_parse_file( chain, entry_name ); + t_ret = mbedtls_x509_crt_parse_file( chain, entry_name ); if( t_ret < 0 ) ret++; else @@ -1064,76 +1192,24 @@ int x509_crt_parse_path( x509_crt *chain, const char *path ) closedir( dir ); cleanup: -#if defined(POLARSSL_THREADING_PTHREAD) - if( polarssl_mutex_unlock( &readdir_mutex ) != 0 ) - ret = POLARSSL_ERR_THREADING_MUTEX_ERROR; +#if defined(MBEDTLS_THREADING_PTHREAD) + if( mbedtls_mutex_unlock( &mbedtls_threading_readdir_mutex ) != 0 ) + ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR; #endif #endif /* _WIN32 */ return( ret ); } -#endif /* POLARSSL_FS_IO */ - -#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \ - !defined(EFI32) -#include - -#if !defined vsnprintf -#define vsnprintf _vsnprintf -#endif // vsnprintf - -/* - * Windows _snprintf and _vsnprintf are not compatible to linux versions. - * Result value is not size of buffer needed, but -1 if no fit is possible. - * - * This fuction tries to 'fix' this by at least suggesting enlarging the - * size by 20. - */ -static int compat_snprintf( char *str, size_t size, const char *format, ... ) -{ - va_list ap; - int res = -1; - - va_start( ap, format ); - - res = vsnprintf( str, size, format, ap ); - - va_end( ap ); - - // No quick fix possible - if( res < 0 ) - return( (int) size + 20 ); - - return( res ); -} - -#define snprintf compat_snprintf -#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */ - -#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2 - -#define SAFE_SNPRINTF() \ -{ \ - if( ret == -1 ) \ - return( -1 ); \ - \ - if( (unsigned int) ret > n ) { \ - p[n - 1] = '\0'; \ - return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL ); \ - } \ - \ - n -= (unsigned int) ret; \ - p += (unsigned int) ret; \ -} +#endif /* MBEDTLS_FS_IO */ static int x509_info_subject_alt_name( char **buf, size_t *size, - const x509_sequence *subject_alt_name ) + const mbedtls_x509_sequence *subject_alt_name ) { size_t i; size_t n = *size; char *p = *buf; - const x509_sequence *cur = subject_alt_name; + const mbedtls_x509_sequence *cur = subject_alt_name; const char *sep = ""; size_t sep_len = 0; @@ -1142,7 +1218,7 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, if( cur->buf.len + sep_len >= n ) { *p = '\0'; - return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL ); + return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); } n -= cur->buf.len + sep_len; @@ -1167,8 +1243,8 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, #define PRINT_ITEM(i) \ { \ - ret = polarssl_snprintf( p, n, "%s" i, sep ); \ - SAFE_SNPRINTF(); \ + ret = mbedtls_snprintf( p, n, "%s" i, sep ); \ + MBEDTLS_X509_SAFE_SNPRINTF; \ sep = ", "; \ } @@ -1184,14 +1260,14 @@ static int x509_info_cert_type( char **buf, size_t *size, char *p = *buf; const char *sep = ""; - CERT_TYPE( NS_CERT_TYPE_SSL_CLIENT, "SSL Client" ); - CERT_TYPE( NS_CERT_TYPE_SSL_SERVER, "SSL Server" ); - CERT_TYPE( NS_CERT_TYPE_EMAIL, "Email" ); - CERT_TYPE( NS_CERT_TYPE_OBJECT_SIGNING, "Object Signing" ); - CERT_TYPE( NS_CERT_TYPE_RESERVED, "Reserved" ); - CERT_TYPE( NS_CERT_TYPE_SSL_CA, "SSL CA" ); - CERT_TYPE( NS_CERT_TYPE_EMAIL_CA, "Email CA" ); - CERT_TYPE( NS_CERT_TYPE_OBJECT_SIGNING_CA, "Object Signing CA" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT, "SSL Client" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER, "SSL Server" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL, "Email" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING, "Object Signing" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_RESERVED, "Reserved" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CA, "SSL CA" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA, "Email CA" ); + CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA, "Object Signing CA" ); *size = n; *buf = p; @@ -1204,20 +1280,22 @@ static int x509_info_cert_type( char **buf, size_t *size, PRINT_ITEM( name ); static int x509_info_key_usage( char **buf, size_t *size, - unsigned char key_usage ) + unsigned int key_usage ) { int ret; size_t n = *size; char *p = *buf; const char *sep = ""; - KEY_USAGE( KU_DIGITAL_SIGNATURE, "Digital Signature" ); - KEY_USAGE( KU_NON_REPUDIATION, "Non Repudiation" ); - KEY_USAGE( KU_KEY_ENCIPHERMENT, "Key Encipherment" ); - KEY_USAGE( KU_DATA_ENCIPHERMENT, "Data Encipherment" ); - KEY_USAGE( KU_KEY_AGREEMENT, "Key Agreement" ); - KEY_USAGE( KU_KEY_CERT_SIGN, "Key Cert Sign" ); - KEY_USAGE( KU_CRL_SIGN, "CRL Sign" ); + KEY_USAGE( MBEDTLS_X509_KU_DIGITAL_SIGNATURE, "Digital Signature" ); + KEY_USAGE( MBEDTLS_X509_KU_NON_REPUDIATION, "Non Repudiation" ); + KEY_USAGE( MBEDTLS_X509_KU_KEY_ENCIPHERMENT, "Key Encipherment" ); + KEY_USAGE( MBEDTLS_X509_KU_DATA_ENCIPHERMENT, "Data Encipherment" ); + KEY_USAGE( MBEDTLS_X509_KU_KEY_AGREEMENT, "Key Agreement" ); + KEY_USAGE( MBEDTLS_X509_KU_KEY_CERT_SIGN, "Key Cert Sign" ); + KEY_USAGE( MBEDTLS_X509_KU_CRL_SIGN, "CRL Sign" ); + KEY_USAGE( MBEDTLS_X509_KU_ENCIPHER_ONLY, "Encipher Only" ); + KEY_USAGE( MBEDTLS_X509_KU_DECIPHER_ONLY, "Decipher Only" ); *size = n; *buf = p; @@ -1226,22 +1304,22 @@ static int x509_info_key_usage( char **buf, size_t *size, } static int x509_info_ext_key_usage( char **buf, size_t *size, - const x509_sequence *extended_key_usage ) + const mbedtls_x509_sequence *extended_key_usage ) { int ret; const char *desc; size_t n = *size; char *p = *buf; - const x509_sequence *cur = extended_key_usage; + const mbedtls_x509_sequence *cur = extended_key_usage; const char *sep = ""; while( cur != NULL ) { - if( oid_get_extended_key_usage( &cur->buf, &desc ) != 0 ) + if( mbedtls_oid_get_extended_key_usage( &cur->buf, &desc ) != 0 ) desc = "???"; - ret = polarssl_snprintf( p, n, "%s%s", sep, desc ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "%s%s", sep, desc ); + MBEDTLS_X509_SAFE_SNPRINTF; sep = ", "; @@ -1259,8 +1337,8 @@ static int x509_info_ext_key_usage( char **buf, size_t *size, */ #define BEFORE_COLON 18 #define BC "18" -int x509_crt_info( char *buf, size_t size, const char *prefix, - const x509_crt *crt ) +int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, + const mbedtls_x509_crt *crt ) { int ret; size_t n; @@ -1270,115 +1348,115 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, p = buf; n = size; - ret = polarssl_snprintf( p, n, "%scert. version : %d\n", + ret = mbedtls_snprintf( p, n, "%scert. version : %d\n", prefix, crt->version ); - SAFE_SNPRINTF(); - ret = polarssl_snprintf( p, n, "%sserial number : ", + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_snprintf( p, n, "%sserial number : ", prefix ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = x509_serial_gets( p, n, &crt->serial ); - SAFE_SNPRINTF(); + ret = mbedtls_x509_serial_gets( p, n, &crt->serial ); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = polarssl_snprintf( p, n, "\n%sissuer name : ", prefix ); - SAFE_SNPRINTF(); - ret = x509_dn_gets( p, n, &crt->issuer ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_x509_dn_gets( p, n, &crt->issuer ); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = polarssl_snprintf( p, n, "\n%ssubject name : ", prefix ); - SAFE_SNPRINTF(); - ret = x509_dn_gets( p, n, &crt->subject ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_x509_dn_gets( p, n, &crt->subject ); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = polarssl_snprintf( p, n, "\n%sissued on : " \ + ret = mbedtls_snprintf( p, n, "\n%sissued on : " \ "%04d-%02d-%02d %02d:%02d:%02d", prefix, crt->valid_from.year, crt->valid_from.mon, crt->valid_from.day, crt->valid_from.hour, crt->valid_from.min, crt->valid_from.sec ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = polarssl_snprintf( p, n, "\n%sexpires on : " \ + ret = mbedtls_snprintf( p, n, "\n%sexpires on : " \ "%04d-%02d-%02d %02d:%02d:%02d", prefix, crt->valid_to.year, crt->valid_to.mon, crt->valid_to.day, crt->valid_to.hour, crt->valid_to.min, crt->valid_to.sec ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = polarssl_snprintf( p, n, "\n%ssigned using : ", prefix ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = x509_sig_alg_gets( p, n, &crt->sig_oid1, crt->sig_pk, + ret = mbedtls_x509_sig_alg_gets( p, n, &crt->sig_oid, crt->sig_pk, crt->sig_md, crt->sig_opts ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; /* Key size */ - if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, - pk_get_name( &crt->pk ) ) ) != 0 ) + if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON, + mbedtls_pk_get_name( &crt->pk ) ) ) != 0 ) { return( ret ); } - ret = polarssl_snprintf( p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str, - (int) pk_get_size( &crt->pk ) ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str, + (int) mbedtls_pk_get_bitlen( &crt->pk ) ); + MBEDTLS_X509_SAFE_SNPRINTF; /* * Optional extensions */ - if( crt->ext_types & EXT_BASIC_CONSTRAINTS ) + if( crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS ) { - ret = polarssl_snprintf( p, n, "\n%sbasic constraints : CA=%s", prefix, + ret = mbedtls_snprintf( p, n, "\n%sbasic constraints : CA=%s", prefix, crt->ca_istrue ? "true" : "false" ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; if( crt->max_pathlen > 0 ) { - ret = polarssl_snprintf( p, n, ", max_pathlen=%d", crt->max_pathlen - 1 ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, ", max_pathlen=%d", crt->max_pathlen - 1 ); + MBEDTLS_X509_SAFE_SNPRINTF; } } - if( crt->ext_types & EXT_SUBJECT_ALT_NAME ) + if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) { - ret = polarssl_snprintf( p, n, "\n%ssubject alt name : ", prefix ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%ssubject alt name : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; if( ( ret = x509_info_subject_alt_name( &p, &n, &crt->subject_alt_names ) ) != 0 ) return( ret ); } - if( crt->ext_types & EXT_NS_CERT_TYPE ) + if( crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE ) { - ret = polarssl_snprintf( p, n, "\n%scert. type : ", prefix ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%scert. type : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; if( ( ret = x509_info_cert_type( &p, &n, crt->ns_cert_type ) ) != 0 ) return( ret ); } - if( crt->ext_types & EXT_KEY_USAGE ) + if( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) { - ret = polarssl_snprintf( p, n, "\n%skey usage : ", prefix ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%skey usage : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; if( ( ret = x509_info_key_usage( &p, &n, crt->key_usage ) ) != 0 ) return( ret ); } - if( crt->ext_types & EXT_EXTENDED_KEY_USAGE ) + if( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) { - ret = polarssl_snprintf( p, n, "\n%sext key usage : ", prefix ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%sext key usage : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; if( ( ret = x509_info_ext_key_usage( &p, &n, &crt->ext_key_usage ) ) != 0 ) return( ret ); } - ret = polarssl_snprintf( p, n, "\n" ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n" ); + MBEDTLS_X509_SAFE_SNPRINTF; return( (int) ( size - n ) ); } @@ -1389,25 +1467,31 @@ struct x509_crt_verify_string { }; static const struct x509_crt_verify_string x509_crt_verify_strings[] = { - { BADCERT_EXPIRED, "The certificate validity has expired" }, - { BADCERT_REVOKED, "The certificate has been revoked (is on a CRL)" }, - { BADCERT_CN_MISMATCH, "The certificate Common Name (CN) does not match with the expected CN" }, - { BADCERT_NOT_TRUSTED, "The certificate is not correctly signed by the trusted CA" }, - { BADCRL_NOT_TRUSTED, "The CRL is not correctly signed by the trusted CA" }, - { BADCRL_EXPIRED, "The CRL is expired" }, - { BADCERT_MISSING, "Certificate was missing" }, - { BADCERT_SKIP_VERIFY, "Certificate verification was skipped" }, - { BADCERT_OTHER, "Other reason (can be used by verify callback)" }, - { BADCERT_FUTURE, "The certificate validity starts in the future" }, - { BADCRL_FUTURE, "The CRL is from the future" }, - { BADCERT_KEY_USAGE, "Usage does not match the keyUsage extension" }, - { BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" }, - { BADCERT_NS_CERT_TYPE, "Usage does not match the nsCertType extension" }, + { MBEDTLS_X509_BADCERT_EXPIRED, "The certificate validity has expired" }, + { MBEDTLS_X509_BADCERT_REVOKED, "The certificate has been revoked (is on a CRL)" }, + { MBEDTLS_X509_BADCERT_CN_MISMATCH, "The certificate Common Name (CN) does not match with the expected CN" }, + { MBEDTLS_X509_BADCERT_NOT_TRUSTED, "The certificate is not correctly signed by the trusted CA" }, + { MBEDTLS_X509_BADCRL_NOT_TRUSTED, "The CRL is not correctly signed by the trusted CA" }, + { MBEDTLS_X509_BADCRL_EXPIRED, "The CRL is expired" }, + { MBEDTLS_X509_BADCERT_MISSING, "Certificate was missing" }, + { MBEDTLS_X509_BADCERT_SKIP_VERIFY, "Certificate verification was skipped" }, + { MBEDTLS_X509_BADCERT_OTHER, "Other reason (can be used by verify callback)" }, + { MBEDTLS_X509_BADCERT_FUTURE, "The certificate validity starts in the future" }, + { MBEDTLS_X509_BADCRL_FUTURE, "The CRL is from the future" }, + { MBEDTLS_X509_BADCERT_KEY_USAGE, "Usage does not match the keyUsage extension" }, + { MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" }, + { MBEDTLS_X509_BADCERT_NS_CERT_TYPE, "Usage does not match the nsCertType extension" }, + { MBEDTLS_X509_BADCERT_BAD_MD, "The certificate is signed with an unacceptable hash." }, + { MBEDTLS_X509_BADCERT_BAD_PK, "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, + { MBEDTLS_X509_BADCERT_BAD_KEY, "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." }, + { MBEDTLS_X509_BADCRL_BAD_MD, "The CRL is signed with an unacceptable hash." }, + { MBEDTLS_X509_BADCRL_BAD_PK, "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, + { MBEDTLS_X509_BADCRL_BAD_KEY, "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." }, { 0, NULL } }; -int x509_crt_verify_info( char *buf, size_t size, const char *prefix, - int flags ) +int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, + uint32_t flags ) { int ret; const struct x509_crt_verify_string *cur; @@ -1419,41 +1503,55 @@ int x509_crt_verify_info( char *buf, size_t size, const char *prefix, if( ( flags & cur->code ) == 0 ) continue; - ret = polarssl_snprintf( p, n, "%s%s\n", prefix, cur->string ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, cur->string ); + MBEDTLS_X509_SAFE_SNPRINTF; flags ^= cur->code; } if( flags != 0 ) { - ret = polarssl_snprintf( p, n, "%sUnknown reason " + ret = mbedtls_snprintf( p, n, "%sUnknown reason " "(this should not happen)\n", prefix ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; } return( (int) ( size - n ) ); } -#if defined(POLARSSL_X509_CHECK_KEY_USAGE) -int x509_crt_check_key_usage( const x509_crt *crt, int usage ) +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) +int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, + unsigned int usage ) { - if( ( crt->ext_types & EXT_KEY_USAGE ) != 0 && - ( crt->key_usage & usage ) != usage ) - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + unsigned int usage_must, usage_may; + unsigned int may_mask = MBEDTLS_X509_KU_ENCIPHER_ONLY + | MBEDTLS_X509_KU_DECIPHER_ONLY; + + if( ( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) == 0 ) + return( 0 ); + + usage_must = usage & ~may_mask; + + if( ( ( crt->key_usage & ~may_mask ) & usage_must ) != usage_must ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + + usage_may = usage & may_mask; + + if( ( ( crt->key_usage & may_mask ) | usage_may ) != usage_may ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); return( 0 ); } #endif -#if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) -int x509_crt_check_extended_key_usage( const x509_crt *crt, +#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) +int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, const char *usage_oid, size_t usage_len ) { - const x509_sequence *cur; + const mbedtls_x509_sequence *cur; /* Extension is not mandatory, absent means no restriction */ - if( ( crt->ext_types & EXT_EXTENDED_KEY_USAGE ) == 0 ) + if( ( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) == 0 ) return( 0 ); /* @@ -1461,7 +1559,7 @@ int x509_crt_check_extended_key_usage( const x509_crt *crt, */ for( cur = &crt->ext_key_usage; cur != NULL; cur = cur->next ) { - const x509_buf *cur_oid = &cur->buf; + const mbedtls_x509_buf *cur_oid = &cur->buf; if( cur_oid->len == usage_len && memcmp( cur_oid->p, usage_oid, usage_len ) == 0 ) @@ -1469,28 +1567,28 @@ int x509_crt_check_extended_key_usage( const x509_crt *crt, return( 0 ); } - if( OID_CMP( OID_ANY_EXTENDED_KEY_USAGE, cur_oid ) ) + if( MBEDTLS_OID_CMP( MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE, cur_oid ) == 0 ) return( 0 ); } - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); } -#endif /* POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE */ +#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ -#if defined(POLARSSL_X509_CRL_PARSE_C) +#if defined(MBEDTLS_X509_CRL_PARSE_C) /* * Return 1 if the certificate is revoked, or 0 otherwise. */ -int x509_crt_revoked( const x509_crt *crt, const x509_crl *crl ) +int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ) { - const x509_crl_entry *cur = &crl->entry; + const mbedtls_x509_crl_entry *cur = &crl->entry; while( cur != NULL && cur->serial.len != 0 ) { if( crt->serial.len == cur->serial.len && memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 ) { - if( x509_time_expired( &cur->revocation_date ) ) + if( mbedtls_x509_time_is_past( &cur->revocation_date ) ) return( 1 ); } @@ -1503,12 +1601,13 @@ int x509_crt_revoked( const x509_crt *crt, const x509_crl *crl ) /* * Check that the given certificate is valid according to the CRL. */ -static int x509_crt_verifycrl( x509_crt *crt, x509_crt *ca, - x509_crl *crl_list) +static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, + mbedtls_x509_crl *crl_list, + const mbedtls_x509_crt_profile *profile ) { int flags = 0; - unsigned char hash[POLARSSL_MD_MAX_SIZE]; - const md_info_t *md_info; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info; if( ca == NULL ) return( flags ); @@ -1533,10 +1632,10 @@ static int x509_crt_verifycrl( x509_crt *crt, x509_crt *ca, /* * Check if the CA is configured to sign CRLs */ -#if defined(POLARSSL_X509_CHECK_KEY_USAGE) - if( x509_crt_check_key_usage( ca, KU_CRL_SIGN ) != 0 ) +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) + if( mbedtls_x509_crt_check_key_usage( ca, MBEDTLS_X509_KU_CRL_SIGN ) != 0 ) { - flags |= BADCRL_NOT_TRUSTED; + flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; break; } #endif @@ -1544,49 +1643,59 @@ static int x509_crt_verifycrl( x509_crt *crt, x509_crt *ca, /* * Check if CRL is correctly signed by the trusted CA */ - md_info = md_info_from_type( crl_list->sig_md ); + if( x509_profile_check_md_alg( profile, crl_list->sig_md ) != 0 ) + flags |= MBEDTLS_X509_BADCRL_BAD_MD; + + if( x509_profile_check_pk_alg( profile, crl_list->sig_pk ) != 0 ) + flags |= MBEDTLS_X509_BADCRL_BAD_PK; + + md_info = mbedtls_md_info_from_type( crl_list->sig_md ); if( md_info == NULL ) { /* * Cannot check 'unknown' hash */ - flags |= BADCRL_NOT_TRUSTED; + flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; break; } - md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash ); + mbedtls_md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash ); + + if( x509_profile_check_key( profile, crl_list->sig_pk, &ca->pk ) != 0 ) + flags |= MBEDTLS_X509_BADCERT_BAD_KEY; - if( pk_verify_ext( crl_list->sig_pk, crl_list->sig_opts, &ca->pk, - crl_list->sig_md, hash, md_info->size, + if( mbedtls_pk_verify_ext( crl_list->sig_pk, crl_list->sig_opts, &ca->pk, + crl_list->sig_md, hash, mbedtls_md_get_size( md_info ), crl_list->sig.p, crl_list->sig.len ) != 0 ) { - flags |= BADCRL_NOT_TRUSTED; + flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; break; } /* * Check for validity of CRL (Do not drop out) */ - if( x509_time_expired( &crl_list->next_update ) ) - flags |= BADCRL_EXPIRED; + if( mbedtls_x509_time_is_past( &crl_list->next_update ) ) + flags |= MBEDTLS_X509_BADCRL_EXPIRED; - if( x509_time_future( &crl_list->this_update ) ) - flags |= BADCRL_FUTURE; + if( mbedtls_x509_time_is_future( &crl_list->this_update ) ) + flags |= MBEDTLS_X509_BADCRL_FUTURE; /* * Check if certificate is revoked */ - if( x509_crt_revoked( crt, crl_list ) ) + if( mbedtls_x509_crt_is_revoked( crt, crl_list ) ) { - flags |= BADCERT_REVOKED; + flags |= MBEDTLS_X509_BADCERT_REVOKED; break; } crl_list = crl_list->next; } + return( flags ); } -#endif /* POLARSSL_X509_CRL_PARSE_C */ +#endif /* MBEDTLS_X509_CRL_PARSE_C */ /* * Like memcmp, but case-insensitive and always returns -1 if different @@ -1618,10 +1727,9 @@ static int x509_memcasecmp( const void *s1, const void *s2, size_t len ) } /* - * Return 1 if match, 0 if not - * TODO: inverted return value! + * Return 0 if name matches wildcard, -1 otherwise */ -static int x509_wildcard_verify( const char *cn, x509_buf *name ) +static int x509_check_wildcard( const char *cn, mbedtls_x509_buf *name ) { size_t i; size_t cn_idx = 0, cn_len = strlen( cn ); @@ -1639,15 +1747,15 @@ static int x509_wildcard_verify( const char *cn, x509_buf *name ) } if( cn_idx == 0 ) - return( 0 ); + return( -1 ); if( cn_len - cn_idx == name->len - 1 && x509_memcasecmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 ) { - return( 1 ); + return( 0 ); } - return( 0 ); + return( -1 ); } /* @@ -1656,7 +1764,7 @@ static int x509_wildcard_verify( const char *cn, x509_buf *name ) * * Return 0 if equal, -1 otherwise. */ -static int x509_string_cmp( const x509_buf *a, const x509_buf *b ) +static int x509_string_cmp( const mbedtls_x509_buf *a, const mbedtls_x509_buf *b ) { if( a->tag == b->tag && a->len == b->len && @@ -1665,8 +1773,8 @@ static int x509_string_cmp( const x509_buf *a, const x509_buf *b ) return( 0 ); } - if( ( a->tag == ASN1_UTF8_STRING || a->tag == ASN1_PRINTABLE_STRING ) && - ( b->tag == ASN1_UTF8_STRING || b->tag == ASN1_PRINTABLE_STRING ) && + if( ( a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && + ( b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && a->len == b->len && x509_memcasecmp( a->p, b->p, b->len ) == 0 ) { @@ -1686,7 +1794,7 @@ static int x509_string_cmp( const x509_buf *a, const x509_buf *b ) * * Return 0 if equal, -1 otherwise. */ -static int x509_name_cmp( const x509_name *a, const x509_name *b ) +static int x509_name_cmp( const mbedtls_x509_name *a, const mbedtls_x509_name *b ) { /* Avoid recursion, it might not be optimised by the compiler */ while( a != NULL || b != NULL ) @@ -1725,8 +1833,8 @@ static int x509_name_cmp( const x509_name *a, const x509_name *b ) * top means parent is a locally-trusted certificate * bottom means child is the end entity cert */ -static int x509_crt_check_parent( const x509_crt *child, - const x509_crt *parent, +static int x509_crt_check_parent( const mbedtls_x509_crt *child, + const mbedtls_x509_crt *parent, int top, int bottom ) { int need_ca_bit; @@ -1753,9 +1861,9 @@ static int x509_crt_check_parent( const x509_crt *child, if( need_ca_bit && ! parent->ca_istrue ) return( -1 ); -#if defined(POLARSSL_X509_CHECK_KEY_USAGE) +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) if( need_ca_bit && - x509_crt_check_key_usage( parent, KU_KEY_CERT_SIGN ) != 0 ) + mbedtls_x509_crt_check_key_usage( parent, MBEDTLS_X509_KU_KEY_CERT_SIGN ) != 0 ) { return( -1 ); } @@ -1765,28 +1873,37 @@ static int x509_crt_check_parent( const x509_crt *child, } static int x509_crt_verify_top( - x509_crt *child, x509_crt *trust_ca, - x509_crl *ca_crl, int path_cnt, int *flags, - int (*f_vrfy)(void *, x509_crt *, int, int *), + mbedtls_x509_crt *child, mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + int path_cnt, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), void *p_vrfy ) { int ret; - int ca_flags = 0, check_path_cnt; - unsigned char hash[POLARSSL_MD_MAX_SIZE]; - const md_info_t *md_info; + uint32_t ca_flags = 0; + int check_path_cnt; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; + const mbedtls_md_info_t *md_info; - if( x509_time_expired( &child->valid_to ) ) - *flags |= BADCERT_EXPIRED; + if( mbedtls_x509_time_is_past( &child->valid_to ) ) + *flags |= MBEDTLS_X509_BADCERT_EXPIRED; - if( x509_time_future( &child->valid_from ) ) - *flags |= BADCERT_FUTURE; + if( mbedtls_x509_time_is_future( &child->valid_from ) ) + *flags |= MBEDTLS_X509_BADCERT_FUTURE; + + if( x509_profile_check_md_alg( profile, child->sig_md ) != 0 ) + *flags |= MBEDTLS_X509_BADCERT_BAD_MD; + + if( x509_profile_check_pk_alg( profile, child->sig_pk ) != 0 ) + *flags |= MBEDTLS_X509_BADCERT_BAD_PK; /* * Child is the top of the chain. Check against the trust_ca list. */ - *flags |= BADCERT_NOT_TRUSTED; + *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; - md_info = md_info_from_type( child->sig_md ); + md_info = mbedtls_md_info_from_type( child->sig_md ); if( md_info == NULL ) { /* @@ -1795,7 +1912,7 @@ static int x509_crt_verify_top( trust_ca = NULL; } else - md( md_info, child->tbs.p, child->tbs.len, hash ); + mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ); for( /* trust_ca */ ; trust_ca != NULL; trust_ca = trust_ca->next ) { @@ -1821,8 +1938,8 @@ static int x509_crt_verify_top( continue; } - if( pk_verify_ext( child->sig_pk, child->sig_opts, &trust_ca->pk, - child->sig_md, hash, md_info->size, + if( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &trust_ca->pk, + child->sig_md, hash, mbedtls_md_get_size( md_info ), child->sig.p, child->sig.len ) != 0 ) { continue; @@ -1831,7 +1948,11 @@ static int x509_crt_verify_top( /* * Top of chain is signed by a trusted CA */ - *flags &= ~BADCERT_NOT_TRUSTED; + *flags &= ~MBEDTLS_X509_BADCERT_NOT_TRUSTED; + + if( x509_profile_check_key( profile, child->sig_pk, &trust_ca->pk ) != 0 ) + *flags |= MBEDTLS_X509_BADCERT_BAD_KEY; + break; } @@ -1845,18 +1966,18 @@ static int x509_crt_verify_top( memcmp( child->subject_raw.p, trust_ca->subject_raw.p, child->issuer_raw.len ) != 0 ) ) { -#if defined(POLARSSL_X509_CRL_PARSE_C) +#if defined(MBEDTLS_X509_CRL_PARSE_C) /* Check trusted CA's CRL for the chain's top crt */ - *flags |= x509_crt_verifycrl( child, trust_ca, ca_crl ); + *flags |= x509_crt_verifycrl( child, trust_ca, ca_crl, profile ); #else ((void) ca_crl); #endif - if( x509_time_expired( &trust_ca->valid_to ) ) - ca_flags |= BADCERT_EXPIRED; + if( mbedtls_x509_time_is_past( &trust_ca->valid_to ) ) + ca_flags |= MBEDTLS_X509_BADCERT_EXPIRED; - if( x509_time_future( &trust_ca->valid_from ) ) - ca_flags |= BADCERT_FUTURE; + if( mbedtls_x509_time_is_future( &trust_ca->valid_from ) ) + ca_flags |= MBEDTLS_X509_BADCERT_FUTURE; if( NULL != f_vrfy ) { @@ -1881,53 +2002,64 @@ static int x509_crt_verify_top( } static int x509_crt_verify_child( - x509_crt *child, x509_crt *parent, x509_crt *trust_ca, - x509_crl *ca_crl, int path_cnt, int *flags, - int (*f_vrfy)(void *, x509_crt *, int, int *), + mbedtls_x509_crt *child, mbedtls_x509_crt *parent, + mbedtls_x509_crt *trust_ca, mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + int path_cnt, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), void *p_vrfy ) { int ret; - int parent_flags = 0; - unsigned char hash[POLARSSL_MD_MAX_SIZE]; - x509_crt *grandparent; - const md_info_t *md_info; + uint32_t parent_flags = 0; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; + mbedtls_x509_crt *grandparent; + const mbedtls_md_info_t *md_info; /* path_cnt is 0 for the first intermediate CA */ - if( 1 + path_cnt > POLARSSL_X509_MAX_INTERMEDIATE_CA ) + if( 1 + path_cnt > MBEDTLS_X509_MAX_INTERMEDIATE_CA ) { - *flags |= BADCERT_NOT_TRUSTED; - return( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ); + *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; + return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ); } - if( x509_time_expired( &child->valid_to ) ) - *flags |= BADCERT_EXPIRED; + if( mbedtls_x509_time_is_past( &child->valid_to ) ) + *flags |= MBEDTLS_X509_BADCERT_EXPIRED; + + if( mbedtls_x509_time_is_future( &child->valid_from ) ) + *flags |= MBEDTLS_X509_BADCERT_FUTURE; - if( x509_time_future( &child->valid_from ) ) - *flags |= BADCERT_FUTURE; + if( x509_profile_check_md_alg( profile, child->sig_md ) != 0 ) + *flags |= MBEDTLS_X509_BADCERT_BAD_MD; - md_info = md_info_from_type( child->sig_md ); + if( x509_profile_check_pk_alg( profile, child->sig_pk ) != 0 ) + *flags |= MBEDTLS_X509_BADCERT_BAD_PK; + + md_info = mbedtls_md_info_from_type( child->sig_md ); if( md_info == NULL ) { /* * Cannot check 'unknown' hash */ - *flags |= BADCERT_NOT_TRUSTED; + *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; } else { - md( md_info, child->tbs.p, child->tbs.len, hash ); + mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ); + + if( x509_profile_check_key( profile, child->sig_pk, &parent->pk ) != 0 ) + *flags |= MBEDTLS_X509_BADCERT_BAD_KEY; - if( pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk, - child->sig_md, hash, md_info->size, + if( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk, + child->sig_md, hash, mbedtls_md_get_size( md_info ), child->sig.p, child->sig.len ) != 0 ) { - *flags |= BADCERT_NOT_TRUSTED; + *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; } } -#if defined(POLARSSL_X509_CRL_PARSE_C) +#if defined(MBEDTLS_X509_CRL_PARSE_C) /* Check trusted CA's CRL for the given crt */ - *flags |= x509_crt_verifycrl(child, parent, ca_crl); + *flags |= x509_crt_verifycrl(child, parent, ca_crl, profile ); #endif /* Look for a grandparent upwards the chain */ @@ -1943,14 +2075,14 @@ static int x509_crt_verify_child( /* Is our parent part of the chain or at the top? */ if( grandparent != NULL ) { - ret = x509_crt_verify_child( parent, grandparent, trust_ca, ca_crl, + ret = x509_crt_verify_child( parent, grandparent, trust_ca, ca_crl, profile, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy ); if( ret != 0 ) return( ret ); } else { - ret = x509_crt_verify_top( parent, trust_ca, ca_crl, + ret = x509_crt_verify_top( parent, trust_ca, ca_crl, profile, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy ); if( ret != 0 ) return( ret ); @@ -1969,19 +2101,38 @@ static int x509_crt_verify_child( /* * Verify the certificate validity */ -int x509_crt_verify( x509_crt *crt, - x509_crt *trust_ca, - x509_crl *ca_crl, - const char *cn, int *flags, - int (*f_vrfy)(void *, x509_crt *, int, int *), +int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ) +{ + return( mbedtls_x509_crt_verify_with_profile( crt, trust_ca, ca_crl, + &mbedtls_x509_crt_profile_default, cn, flags, f_vrfy, p_vrfy ) ); +} + + +/* + * Verify the certificate validity, with profile + */ +int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), void *p_vrfy ) { size_t cn_len; int ret; int pathlen = 0; - x509_crt *parent; - x509_name *name; - x509_sequence *cur = NULL; + mbedtls_x509_crt *parent; + mbedtls_x509_name *name; + mbedtls_x509_sequence *cur = NULL; + + if( profile == NULL ) + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); *flags = 0; @@ -1990,7 +2141,7 @@ int x509_crt_verify( x509_crt *crt, name = &crt->subject; cn_len = strlen( cn ); - if( crt->ext_types & EXT_SUBJECT_ALT_NAME ) + if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) { cur = &crt->subject_alt_names; @@ -2002,20 +2153,22 @@ int x509_crt_verify( x509_crt *crt, if( cur->buf.len > 2 && memcmp( cur->buf.p, "*.", 2 ) == 0 && - x509_wildcard_verify( cn, &cur->buf ) ) + x509_check_wildcard( cn, &cur->buf ) == 0 ) + { break; + } cur = cur->next; } if( cur == NULL ) - *flags |= BADCERT_CN_MISMATCH; + *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; } else { while( name != NULL ) { - if( OID_CMP( OID_AT_CN, &name->oid ) ) + if( MBEDTLS_OID_CMP( MBEDTLS_OID_AT_CN, &name->oid ) == 0 ) { if( name->val.len == cn_len && x509_memcasecmp( name->val.p, cn, cn_len ) == 0 ) @@ -2023,7 +2176,7 @@ int x509_crt_verify( x509_crt *crt, if( name->val.len > 2 && memcmp( name->val.p, "*.", 2 ) == 0 && - x509_wildcard_verify( cn, &name->val ) ) + x509_check_wildcard( cn, &name->val ) == 0 ) break; } @@ -2031,7 +2184,7 @@ int x509_crt_verify( x509_crt *crt, } if( name == NULL ) - *flags |= BADCERT_CN_MISMATCH; + *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; } } @@ -2045,21 +2198,21 @@ int x509_crt_verify( x509_crt *crt, /* Are we part of the chain or at the top? */ if( parent != NULL ) { - ret = x509_crt_verify_child( crt, parent, trust_ca, ca_crl, + ret = x509_crt_verify_child( crt, parent, trust_ca, ca_crl, profile, pathlen, flags, f_vrfy, p_vrfy ); if( ret != 0 ) return( ret ); } else { - ret = x509_crt_verify_top( crt, trust_ca, ca_crl, + ret = x509_crt_verify_top( crt, trust_ca, ca_crl, profile, pathlen, flags, f_vrfy, p_vrfy ); if( ret != 0 ) return( ret ); } if( *flags != 0 ) - return( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ); + return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ); return( 0 ); } @@ -2067,32 +2220,32 @@ int x509_crt_verify( x509_crt *crt, /* * Initialize a certificate chain */ -void x509_crt_init( x509_crt *crt ) +void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ) { - memset( crt, 0, sizeof(x509_crt) ); + memset( crt, 0, sizeof(mbedtls_x509_crt) ); } /* * Unallocate all certificate data */ -void x509_crt_free( x509_crt *crt ) +void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ) { - x509_crt *cert_cur = crt; - x509_crt *cert_prv; - x509_name *name_cur; - x509_name *name_prv; - x509_sequence *seq_cur; - x509_sequence *seq_prv; + mbedtls_x509_crt *cert_cur = crt; + mbedtls_x509_crt *cert_prv; + mbedtls_x509_name *name_cur; + mbedtls_x509_name *name_prv; + mbedtls_x509_sequence *seq_cur; + mbedtls_x509_sequence *seq_prv; if( crt == NULL ) return; do { - pk_free( &cert_cur->pk ); + mbedtls_pk_free( &cert_cur->pk ); -#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) - polarssl_free( cert_cur->sig_opts ); +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + mbedtls_free( cert_cur->sig_opts ); #endif name_cur = cert_cur->issuer.next; @@ -2100,8 +2253,8 @@ void x509_crt_free( x509_crt *crt ) { name_prv = name_cur; name_cur = name_cur->next; - polarssl_zeroize( name_prv, sizeof( x509_name ) ); - polarssl_free( name_prv ); + mbedtls_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); + mbedtls_free( name_prv ); } name_cur = cert_cur->subject.next; @@ -2109,8 +2262,8 @@ void x509_crt_free( x509_crt *crt ) { name_prv = name_cur; name_cur = name_cur->next; - polarssl_zeroize( name_prv, sizeof( x509_name ) ); - polarssl_free( name_prv ); + mbedtls_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); + mbedtls_free( name_prv ); } seq_cur = cert_cur->ext_key_usage.next; @@ -2118,8 +2271,8 @@ void x509_crt_free( x509_crt *crt ) { seq_prv = seq_cur; seq_cur = seq_cur->next; - polarssl_zeroize( seq_prv, sizeof( x509_sequence ) ); - polarssl_free( seq_prv ); + mbedtls_zeroize( seq_prv, sizeof( mbedtls_x509_sequence ) ); + mbedtls_free( seq_prv ); } seq_cur = cert_cur->subject_alt_names.next; @@ -2127,14 +2280,14 @@ void x509_crt_free( x509_crt *crt ) { seq_prv = seq_cur; seq_cur = seq_cur->next; - polarssl_zeroize( seq_prv, sizeof( x509_sequence ) ); - polarssl_free( seq_prv ); + mbedtls_zeroize( seq_prv, sizeof( mbedtls_x509_sequence ) ); + mbedtls_free( seq_prv ); } if( cert_cur->raw.p != NULL ) { - polarssl_zeroize( cert_cur->raw.p, cert_cur->raw.len ); - polarssl_free( cert_cur->raw.p ); + mbedtls_zeroize( cert_cur->raw.p, cert_cur->raw.len ); + mbedtls_free( cert_cur->raw.p ); } cert_cur = cert_cur->next; @@ -2147,11 +2300,11 @@ void x509_crt_free( x509_crt *crt ) cert_prv = cert_cur; cert_cur = cert_cur->next; - polarssl_zeroize( cert_prv, sizeof( x509_crt ) ); + mbedtls_zeroize( cert_prv, sizeof( mbedtls_x509_crt ) ); if( cert_prv != crt ) - polarssl_free( cert_prv ); + mbedtls_free( cert_prv ); } while( cert_cur != NULL ); } -#endif /* POLARSSL_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ diff --git a/ext/mbedtls/library/x509_csr.c b/ext/mbedtls/library/x509_csr.c index 558b078b73..0e727b4459 100644 --- a/ext/mbedtls/library/x509_csr.c +++ b/ext/mbedtls/library/x509_csr.c @@ -30,39 +30,39 @@ * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_X509_CSR_PARSE_C) +#if defined(MBEDTLS_X509_CSR_PARSE_C) -#include "polarssl/x509_csr.h" -#include "polarssl/oid.h" +#include "mbedtls/x509_csr.h" +#include "mbedtls/oid.h" #include -#if defined(POLARSSL_PEM_PARSE_C) -#include "polarssl/pem.h" +#if defined(MBEDTLS_PEM_PARSE_C) +#include "mbedtls/pem.h" #endif -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include #include -#define polarssl_free free -#define polarssl_malloc malloc -#define polarssl_snprintf snprintf +#define mbedtls_free free +#define mbedtls_calloc calloc +#define mbedtls_snprintf snprintf #endif -#if defined(POLARSSL_FS_IO) || defined(EFIX64) || defined(EFI32) +#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32) #include #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } @@ -75,15 +75,15 @@ static int x509_csr_get_version( unsigned char **p, { int ret; - if( ( ret = asn1_get_int( p, end, ver ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) { - if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) { *ver = 0; return( 0 ); } - return( POLARSSL_ERR_X509_INVALID_VERSION + ret ); + return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); } return( 0 ); @@ -92,31 +92,31 @@ static int x509_csr_get_version( unsigned char **p, /* * Parse a CSR in DER format */ -int x509_csr_parse_der( x509_csr *csr, +int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ) { int ret; size_t len; unsigned char *p, *end; - x509_buf sig_params; + mbedtls_x509_buf sig_params; - memset( &sig_params, 0, sizeof( x509_buf ) ); + memset( &sig_params, 0, sizeof( mbedtls_x509_buf ) ); /* * Check for valid input */ if( csr == NULL || buf == NULL ) - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - x509_csr_init( csr ); + mbedtls_x509_csr_init( csr ); /* * first copy the raw DER data */ - p = polarssl_malloc( len = buflen ); + p = mbedtls_calloc( 1, len = buflen ); if( p == NULL ) - return( POLARSSL_ERR_X509_MALLOC_FAILED ); + return( MBEDTLS_ERR_X509_ALLOC_FAILED ); memcpy( p, buf, buflen ); @@ -131,18 +131,18 @@ int x509_csr_parse_der( x509_csr *csr, * signature BIT STRING * } */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - x509_csr_free( csr ); - return( POLARSSL_ERR_X509_INVALID_FORMAT ); + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT ); } if( len != (size_t) ( end - p ) ) { - x509_csr_free( csr ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } /* @@ -150,11 +150,11 @@ int x509_csr_parse_der( x509_csr *csr, */ csr->cri.p = p; - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - x509_csr_free( csr ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + ret ); + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); } end = p + len; @@ -165,7 +165,7 @@ int x509_csr_parse_der( x509_csr *csr, */ if( ( ret = x509_csr_get_version( &p, end, &csr->version ) ) != 0 ) { - x509_csr_free( csr ); + mbedtls_x509_csr_free( csr ); return( ret ); } @@ -173,8 +173,8 @@ int x509_csr_parse_der( x509_csr *csr, if( csr->version != 1 ) { - x509_csr_free( csr ); - return( POLARSSL_ERR_X509_UNKNOWN_VERSION ); + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); } /* @@ -182,16 +182,16 @@ int x509_csr_parse_der( x509_csr *csr, */ csr->subject_raw.p = p; - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - x509_csr_free( csr ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + ret ); + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); } - if( ( ret = x509_get_name( &p, p + len, &csr->subject ) ) != 0 ) + if( ( ret = mbedtls_x509_get_name( &p, p + len, &csr->subject ) ) != 0 ) { - x509_csr_free( csr ); + mbedtls_x509_csr_free( csr ); return( ret ); } @@ -200,20 +200,20 @@ int x509_csr_parse_der( x509_csr *csr, /* * subjectPKInfo SubjectPublicKeyInfo */ - if( ( ret = pk_parse_subpubkey( &p, end, &csr->pk ) ) != 0 ) + if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &csr->pk ) ) != 0 ) { - x509_csr_free( csr ); + mbedtls_x509_csr_free( csr ); return( ret ); } /* * attributes [0] Attributes */ - if( ( ret = asn1_get_tag( &p, end, &len, - ASN1_CONSTRUCTED | ASN1_CONTEXT_SPECIFIC ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 ) { - x509_csr_free( csr ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + ret ); + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); } // TODO Parse Attributes / extension requests @@ -225,31 +225,31 @@ int x509_csr_parse_der( x509_csr *csr, * signatureAlgorithm AlgorithmIdentifier, * signature BIT STRING */ - if( ( ret = x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 ) + if( ( ret = mbedtls_x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 ) { - x509_csr_free( csr ); + mbedtls_x509_csr_free( csr ); return( ret ); } - if( ( ret = x509_get_sig_alg( &csr->sig_oid, &sig_params, + if( ( ret = mbedtls_x509_get_sig_alg( &csr->sig_oid, &sig_params, &csr->sig_md, &csr->sig_pk, &csr->sig_opts ) ) != 0 ) { - x509_csr_free( csr ); - return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG ); + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG ); } - if( ( ret = x509_get_sig( &p, end, &csr->sig ) ) != 0 ) + if( ( ret = mbedtls_x509_get_sig( &p, end, &csr->sig ) ) != 0 ) { - x509_csr_free( csr ); + mbedtls_x509_csr_free( csr ); return( ret ); } if( p != end ) { - x509_csr_free( csr ); - return( POLARSSL_ERR_X509_INVALID_FORMAT + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + mbedtls_x509_csr_free( csr ); + return( MBEDTLS_ERR_X509_INVALID_FORMAT + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } return( 0 ); @@ -258,129 +258,82 @@ int x509_csr_parse_der( x509_csr *csr, /* * Parse a CSR, allowing for PEM or raw DER encoding */ -int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ) +int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ) { int ret; -#if defined(POLARSSL_PEM_PARSE_C) +#if defined(MBEDTLS_PEM_PARSE_C) size_t use_len; - pem_context pem; + mbedtls_pem_context pem; #endif /* * Check for valid input */ if( csr == NULL || buf == NULL ) - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); -#if defined(POLARSSL_PEM_PARSE_C) - pem_init( &pem ); - ret = pem_read_buffer( &pem, - "-----BEGIN CERTIFICATE REQUEST-----", - "-----END CERTIFICATE REQUEST-----", - buf, NULL, 0, &use_len ); +#if defined(MBEDTLS_PEM_PARSE_C) + mbedtls_pem_init( &pem ); + + /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ + if( buflen == 0 || buf[buflen - 1] != '\0' ) + ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + else + ret = mbedtls_pem_read_buffer( &pem, + "-----BEGIN CERTIFICATE REQUEST-----", + "-----END CERTIFICATE REQUEST-----", + buf, NULL, 0, &use_len ); if( ret == 0 ) { /* * Was PEM encoded, parse the result */ - if( ( ret = x509_csr_parse_der( csr, pem.buf, pem.buflen ) ) != 0 ) + if( ( ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ) ) != 0 ) return( ret ); - pem_free( &pem ); + mbedtls_pem_free( &pem ); return( 0 ); } - else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) { - pem_free( &pem ); + mbedtls_pem_free( &pem ); return( ret ); } else -#endif /* POLARSSL_PEM_PARSE_C */ - return( x509_csr_parse_der( csr, buf, buflen ) ); +#endif /* MBEDTLS_PEM_PARSE_C */ + return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) ); } -#if defined(POLARSSL_FS_IO) +#if defined(MBEDTLS_FS_IO) /* * Load a CSR into the structure */ -int x509_csr_parse_file( x509_csr *csr, const char *path ) +int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ) { int ret; size_t n; unsigned char *buf; - if( ( ret = pk_load_file( path, &buf, &n ) ) != 0 ) + if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) return( ret ); - ret = x509_csr_parse( csr, buf, n ); + ret = mbedtls_x509_csr_parse( csr, buf, n ); - polarssl_zeroize( buf, n + 1 ); - polarssl_free( buf ); + mbedtls_zeroize( buf, n ); + mbedtls_free( buf ); return( ret ); } -#endif /* POLARSSL_FS_IO */ - -#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \ - !defined(EFI32) -#include - -#if !defined vsnprintf -#define vsnprintf _vsnprintf -#endif // vsnprintf - -/* - * Windows _snprintf and _vsnprintf are not compatible to linux versions. - * Result value is not size of buffer needed, but -1 if no fit is possible. - * - * This fuction tries to 'fix' this by at least suggesting enlarging the - * size by 20. - */ -static int compat_snprintf( char *str, size_t size, const char *format, ... ) -{ - va_list ap; - int res = -1; - - va_start( ap, format ); - - res = vsnprintf( str, size, format, ap ); - - va_end( ap ); - - // No quick fix possible - if( res < 0 ) - return( (int) size + 20 ); - - return( res ); -} - -#define snprintf compat_snprintf -#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */ - -#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2 - -#define SAFE_SNPRINTF() \ -{ \ - if( ret == -1 ) \ - return( -1 ); \ - \ - if( (unsigned int) ret > n ) { \ - p[n - 1] = '\0'; \ - return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL ); \ - } \ - \ - n -= (unsigned int) ret; \ - p += (unsigned int) ret; \ -} +#endif /* MBEDTLS_FS_IO */ #define BEFORE_COLON 14 #define BC "14" /* * Return an informational string about the CSR. */ -int x509_csr_info( char *buf, size_t size, const char *prefix, - const x509_csr *csr ) +int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, + const mbedtls_x509_csr *csr ) { int ret; size_t n; @@ -390,31 +343,31 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, p = buf; n = size; - ret = polarssl_snprintf( p, n, "%sCSR version : %d", + ret = mbedtls_snprintf( p, n, "%sCSR version : %d", prefix, csr->version ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = polarssl_snprintf( p, n, "\n%ssubject name : ", prefix ); - SAFE_SNPRINTF(); - ret = x509_dn_gets( p, n, &csr->subject ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_x509_dn_gets( p, n, &csr->subject ); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = polarssl_snprintf( p, n, "\n%ssigned using : ", prefix ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; - ret = x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md, + ret = mbedtls_x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md, csr->sig_opts ); - SAFE_SNPRINTF(); + MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, - pk_get_name( &csr->pk ) ) ) != 0 ) + if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON, + mbedtls_pk_get_name( &csr->pk ) ) ) != 0 ) { return( ret ); } - ret = polarssl_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str, - (int) pk_get_size( &csr->pk ) ); - SAFE_SNPRINTF(); + ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str, + (int) mbedtls_pk_get_bitlen( &csr->pk ) ); + MBEDTLS_X509_SAFE_SNPRINTF; return( (int) ( size - n ) ); } @@ -422,26 +375,26 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, /* * Initialize a CSR */ -void x509_csr_init( x509_csr *csr ) +void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ) { - memset( csr, 0, sizeof(x509_csr) ); + memset( csr, 0, sizeof(mbedtls_x509_csr) ); } /* * Unallocate all CSR data */ -void x509_csr_free( x509_csr *csr ) +void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ) { - x509_name *name_cur; - x509_name *name_prv; + mbedtls_x509_name *name_cur; + mbedtls_x509_name *name_prv; if( csr == NULL ) return; - pk_free( &csr->pk ); + mbedtls_pk_free( &csr->pk ); -#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) - polarssl_free( csr->sig_opts ); +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + mbedtls_free( csr->sig_opts ); #endif name_cur = csr->subject.next; @@ -449,17 +402,17 @@ void x509_csr_free( x509_csr *csr ) { name_prv = name_cur; name_cur = name_cur->next; - polarssl_zeroize( name_prv, sizeof( x509_name ) ); - polarssl_free( name_prv ); + mbedtls_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); + mbedtls_free( name_prv ); } if( csr->raw.p != NULL ) { - polarssl_zeroize( csr->raw.p, csr->raw.len ); - polarssl_free( csr->raw.p ); + mbedtls_zeroize( csr->raw.p, csr->raw.len ); + mbedtls_free( csr->raw.p ); } - polarssl_zeroize( csr, sizeof( x509_csr ) ); + mbedtls_zeroize( csr, sizeof( mbedtls_x509_csr ) ); } -#endif /* POLARSSL_X509_CSR_PARSE_C */ +#endif /* MBEDTLS_X509_CSR_PARSE_C */ diff --git a/ext/mbedtls/library/x509write_crt.c b/ext/mbedtls/library/x509write_crt.c index 80913ec191..2e43084a66 100644 --- a/ext/mbedtls/library/x509write_crt.c +++ b/ext/mbedtls/library/x509write_crt.c @@ -26,117 +26,117 @@ * - attributes: PKCS#9 v2.0 aka RFC 2985 */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_X509_CRT_WRITE_C) +#if defined(MBEDTLS_X509_CRT_WRITE_C) -#include "polarssl/x509_crt.h" -#include "polarssl/oid.h" -#include "polarssl/asn1write.h" -#include "polarssl/sha1.h" +#include "mbedtls/x509_crt.h" +#include "mbedtls/oid.h" +#include "mbedtls/asn1write.h" +#include "mbedtls/sha1.h" #include -#if defined(POLARSSL_PEM_WRITE_C) -#include "polarssl/pem.h" -#endif /* POLARSSL_PEM_WRITE_C */ +#if defined(MBEDTLS_PEM_WRITE_C) +#include "mbedtls/pem.h" +#endif /* MBEDTLS_PEM_WRITE_C */ /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -void x509write_crt_init( x509write_cert *ctx ) +void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ) { - memset( ctx, 0, sizeof(x509write_cert) ); + memset( ctx, 0, sizeof(mbedtls_x509write_cert) ); - mpi_init( &ctx->serial ); - ctx->version = X509_CRT_VERSION_3; + mbedtls_mpi_init( &ctx->serial ); + ctx->version = MBEDTLS_X509_CRT_VERSION_3; } -void x509write_crt_free( x509write_cert *ctx ) +void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ) { - mpi_free( &ctx->serial ); + mbedtls_mpi_free( &ctx->serial ); - asn1_free_named_data_list( &ctx->subject ); - asn1_free_named_data_list( &ctx->issuer ); - asn1_free_named_data_list( &ctx->extensions ); + mbedtls_asn1_free_named_data_list( &ctx->subject ); + mbedtls_asn1_free_named_data_list( &ctx->issuer ); + mbedtls_asn1_free_named_data_list( &ctx->extensions ); - polarssl_zeroize( ctx, sizeof(x509write_cert) ); + mbedtls_zeroize( ctx, sizeof(mbedtls_x509write_cert) ); } -void x509write_crt_set_version( x509write_cert *ctx, int version ) +void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version ) { ctx->version = version; } -void x509write_crt_set_md_alg( x509write_cert *ctx, md_type_t md_alg ) +void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg ) { ctx->md_alg = md_alg; } -void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key ) +void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ) { ctx->subject_key = key; } -void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key ) +void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ) { ctx->issuer_key = key; } -int x509write_crt_set_subject_name( x509write_cert *ctx, +int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, const char *subject_name ) { - return x509_string_to_names( &ctx->subject, subject_name ); + return mbedtls_x509_string_to_names( &ctx->subject, subject_name ); } -int x509write_crt_set_issuer_name( x509write_cert *ctx, +int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, const char *issuer_name ) { - return x509_string_to_names( &ctx->issuer, issuer_name ); + return mbedtls_x509_string_to_names( &ctx->issuer, issuer_name ); } -int x509write_crt_set_serial( x509write_cert *ctx, const mpi *serial ) +int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial ) { int ret; - if( ( ret = mpi_copy( &ctx->serial, serial ) ) != 0 ) + if( ( ret = mbedtls_mpi_copy( &ctx->serial, serial ) ) != 0 ) return( ret ); return( 0 ); } -int x509write_crt_set_validity( x509write_cert *ctx, const char *not_before, +int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before, const char *not_after ) { - if( strlen( not_before ) != X509_RFC5280_UTC_TIME_LEN - 1 || - strlen( not_after ) != X509_RFC5280_UTC_TIME_LEN - 1 ) + if( strlen( not_before ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 || + strlen( not_after ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 ) { - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); } - strncpy( ctx->not_before, not_before, X509_RFC5280_UTC_TIME_LEN ); - strncpy( ctx->not_after , not_after , X509_RFC5280_UTC_TIME_LEN ); - ctx->not_before[X509_RFC5280_UTC_TIME_LEN - 1] = 'Z'; - ctx->not_after[X509_RFC5280_UTC_TIME_LEN - 1] = 'Z'; + strncpy( ctx->not_before, not_before, MBEDTLS_X509_RFC5280_UTC_TIME_LEN ); + strncpy( ctx->not_after , not_after , MBEDTLS_X509_RFC5280_UTC_TIME_LEN ); + ctx->not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z'; + ctx->not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z'; return( 0 ); } -int x509write_crt_set_extension( x509write_cert *ctx, +int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, const char *oid, size_t oid_len, int critical, const unsigned char *val, size_t val_len ) { - return x509_set_extension( &ctx->extensions, oid, oid_len, + return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len, critical, val, val_len ); } -int x509write_crt_set_basic_constraints( x509write_cert *ctx, +int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, int is_ca, int max_pathlen ) { int ret; @@ -147,89 +147,95 @@ int x509write_crt_set_basic_constraints( x509write_cert *ctx, memset( buf, 0, sizeof(buf) ); if( is_ca && max_pathlen > 127 ) - return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); if( is_ca ) { if( max_pathlen >= 0 ) { - ASN1_CHK_ADD( len, asn1_write_int( &c, buf, max_pathlen ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, max_pathlen ) ); } - ASN1_CHK_ADD( len, asn1_write_bool( &c, buf, 1 ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( &c, buf, 1 ) ); } - ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); - return x509write_crt_set_extension( ctx, OID_BASIC_CONSTRAINTS, - OID_SIZE( OID_BASIC_CONSTRAINTS ), + return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS, + MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ), 0, buf + sizeof(buf) - len, len ); } -#if defined(POLARSSL_SHA1_C) -int x509write_crt_set_subject_key_identifier( x509write_cert *ctx ) +#if defined(MBEDTLS_SHA1_C) +int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ) { int ret; - unsigned char buf[POLARSSL_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ + unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ unsigned char *c = buf + sizeof(buf); size_t len = 0; memset( buf, 0, sizeof(buf) ); - ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, ctx->subject_key ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) ); - sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 ); + mbedtls_sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 ); c = buf + sizeof(buf) - 20; len = 20; - ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_OCTET_STRING ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_OCTET_STRING ) ); - return x509write_crt_set_extension( ctx, OID_SUBJECT_KEY_IDENTIFIER, - OID_SIZE( OID_SUBJECT_KEY_IDENTIFIER ), + return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER, + MBEDTLS_OID_SIZE( MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER ), 0, buf + sizeof(buf) - len, len ); } -int x509write_crt_set_authority_key_identifier( x509write_cert *ctx ) +int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ) { int ret; - unsigned char buf[POLARSSL_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ + unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ unsigned char *c = buf + sizeof(buf); size_t len = 0; memset( buf, 0, sizeof(buf) ); - ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, ctx->issuer_key ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) ); - sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 ); + mbedtls_sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 ); c = buf + sizeof(buf) - 20; len = 20; - ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONTEXT_SPECIFIC | 0 ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0 ) ); - ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); - return x509write_crt_set_extension( ctx, OID_AUTHORITY_KEY_IDENTIFIER, - OID_SIZE( OID_AUTHORITY_KEY_IDENTIFIER ), + return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER, + MBEDTLS_OID_SIZE( MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER ), 0, buf + sizeof(buf) - len, len ); } -#endif /* POLARSSL_SHA1_C */ +#endif /* MBEDTLS_SHA1_C */ -int x509write_crt_set_key_usage( x509write_cert *ctx, unsigned char key_usage ) +int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, + unsigned int key_usage ) { - unsigned char buf[4]; + unsigned char buf[4], ku; unsigned char *c; int ret; + /* We currently only support 7 bits, from 0x80 to 0x02 */ + if( ( key_usage & ~0xfe ) != 0 ) + return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + c = buf + 4; + ku = (unsigned char) key_usage; - if( ( ret = asn1_write_bitstring( &c, buf, &key_usage, 7 ) ) != 4 ) + if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ku, 7 ) ) != 4 ) return( ret ); - ret = x509write_crt_set_extension( ctx, OID_KEY_USAGE, - OID_SIZE( OID_KEY_USAGE ), + ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, + MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), 1, buf, 4 ); if( ret != 0 ) return( ret ); @@ -237,7 +243,7 @@ int x509write_crt_set_key_usage( x509write_cert *ctx, unsigned char key_usage ) return( 0 ); } -int x509write_crt_set_ns_cert_type( x509write_cert *ctx, +int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, unsigned char ns_cert_type ) { unsigned char buf[4]; @@ -246,11 +252,11 @@ int x509write_crt_set_ns_cert_type( x509write_cert *ctx, c = buf + 4; - if( ( ret = asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 ) + if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 ) return( ret ); - ret = x509write_crt_set_extension( ctx, OID_NS_CERT_TYPE, - OID_SIZE( OID_NS_CERT_TYPE ), + ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, + MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), 0, buf, 4 ); if( ret != 0 ) return( ret ); @@ -265,29 +271,29 @@ static int x509_write_time( unsigned char **p, unsigned char *start, size_t len = 0; /* - * write ASN1_UTC_TIME if year < 2050 (2 bytes shorter) + * write MBEDTLS_ASN1_UTC_TIME if year < 2050 (2 bytes shorter) */ if( time[0] == '2' && time[1] == '0' && time [2] < '5' ) { - ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, (const unsigned char *) time + 2, size - 2 ) ); - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_UTC_TIME ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_UTC_TIME ) ); } else { - ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, (const unsigned char *) time, size ) ); - ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_GENERALIZED_TIME ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_GENERALIZED_TIME ) ); } return( (int) len ); } -int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size, +int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { @@ -296,11 +302,11 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size, size_t sig_oid_len = 0; unsigned char *c, *c2; unsigned char hash[64]; - unsigned char sig[POLARSSL_MPI_MAX_SIZE]; + unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; unsigned char tmp_buf[2048]; size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len; size_t len = 0; - pk_type_t pk_alg; + mbedtls_pk_type_t pk_alg; /* * Prepare data to be signed in tmp_buf @@ -308,11 +314,11 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size, c = tmp_buf + sizeof( tmp_buf ); /* Signature algorithm needed in TBS, and later for actual signature */ - pk_alg = pk_get_type( ctx->issuer_key ); - if( pk_alg == POLARSSL_PK_ECKEY ) - pk_alg = POLARSSL_PK_ECDSA; + pk_alg = mbedtls_pk_get_type( ctx->issuer_key ); + if( pk_alg == MBEDTLS_PK_ECKEY ) + pk_alg = MBEDTLS_PK_ECDSA; - if( ( ret = oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, + if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, &sig_oid, &sig_oid_len ) ) != 0 ) { return( ret ); @@ -321,18 +327,18 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size, /* * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension */ - ASN1_CHK_ADD( len, x509_write_extensions( &c, tmp_buf, ctx->extensions ) ); - ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); - ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONTEXT_SPECIFIC | - ASN1_CONSTRUCTED | 3 ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, tmp_buf, ctx->extensions ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 3 ) ); /* * SubjectPublicKeyInfo */ - ASN1_CHK_ADD( pub_len, pk_write_pubkey_der( ctx->subject_key, + MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->subject_key, tmp_buf, c - tmp_buf ) ); c -= pub_len; len += pub_len; @@ -340,7 +346,7 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size, /* * Subject ::= Name */ - ASN1_CHK_ADD( len, x509_write_names( &c, tmp_buf, ctx->subject ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->subject ) ); /* * Validity ::= SEQUENCE { @@ -349,53 +355,53 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size, */ sub_len = 0; - ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_after, - X509_RFC5280_UTC_TIME_LEN ) ); + MBEDTLS_ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_after, + MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) ); - ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_before, - X509_RFC5280_UTC_TIME_LEN ) ); + MBEDTLS_ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_before, + MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) ); len += sub_len; - ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, sub_len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, sub_len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); /* * Issuer ::= Name */ - ASN1_CHK_ADD( len, x509_write_names( &c, tmp_buf, ctx->issuer ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->issuer ) ); /* * Signature ::= AlgorithmIdentifier */ - ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, tmp_buf, + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, tmp_buf, sig_oid, strlen( sig_oid ), 0 ) ); /* * Serial ::= INTEGER */ - ASN1_CHK_ADD( len, asn1_write_mpi( &c, tmp_buf, &ctx->serial ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, tmp_buf, &ctx->serial ) ); /* * Version ::= INTEGER { v1(0), v2(1), v3(2) } */ sub_len = 0; - ASN1_CHK_ADD( sub_len, asn1_write_int( &c, tmp_buf, ctx->version ) ); + MBEDTLS_ASN1_CHK_ADD( sub_len, mbedtls_asn1_write_int( &c, tmp_buf, ctx->version ) ); len += sub_len; - ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, sub_len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONTEXT_SPECIFIC | - ASN1_CONSTRUCTED | 0 ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, sub_len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 0 ) ); - ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); /* * Make signature */ - md( md_info_from_type( ctx->md_alg ), c, len, hash ); + mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash ); - if( ( ret = pk_sign( ctx->issuer_key, ctx->md_alg, hash, 0, sig, &sig_len, + if( ( ret = mbedtls_pk_sign( ctx->issuer_key, ctx->md_alg, hash, 0, sig, &sig_len, f_rng, p_rng ) ) != 0 ) { return( ret ); @@ -405,16 +411,16 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size, * Write data to output buffer */ c2 = buf + size; - ASN1_CHK_ADD( sig_and_oid_len, x509_write_sig( &c2, buf, + MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf, sig_oid, sig_oid_len, sig, sig_len ) ); c2 -= len; memcpy( c2, c, len ); len += sig_and_oid_len; - ASN1_CHK_ADD( len, asn1_write_len( &c2, buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c2, buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c2, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); return( (int) len ); } @@ -422,8 +428,8 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size, #define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n" #define PEM_END_CRT "-----END CERTIFICATE-----\n" -#if defined(POLARSSL_PEM_WRITE_C) -int x509write_crt_pem( x509write_cert *crt, unsigned char *buf, size_t size, +#if defined(MBEDTLS_PEM_WRITE_C) +int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *crt, unsigned char *buf, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { @@ -431,13 +437,13 @@ int x509write_crt_pem( x509write_cert *crt, unsigned char *buf, size_t size, unsigned char output_buf[4096]; size_t olen = 0; - if( ( ret = x509write_crt_der( crt, output_buf, sizeof(output_buf), + if( ( ret = mbedtls_x509write_crt_der( crt, output_buf, sizeof(output_buf), f_rng, p_rng ) ) < 0 ) { return( ret ); } - if( ( ret = pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT, + if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT, output_buf + sizeof(output_buf) - ret, ret, buf, size, &olen ) ) != 0 ) { @@ -446,6 +452,6 @@ int x509write_crt_pem( x509write_cert *crt, unsigned char *buf, size_t size, return( 0 ); } -#endif /* POLARSSL_PEM_WRITE_C */ +#endif /* MBEDTLS_PEM_WRITE_C */ -#endif /* POLARSSL_X509_CRT_WRITE_C */ +#endif /* MBEDTLS_X509_CRT_WRITE_C */ diff --git a/ext/mbedtls/library/x509write_csr.c b/ext/mbedtls/library/x509write_csr.c index c5a5875401..4095ba1906 100644 --- a/ext/mbedtls/library/x509write_csr.c +++ b/ext/mbedtls/library/x509write_csr.c @@ -25,68 +25,68 @@ * - attributes: PKCS#9 v2.0 aka RFC 2985 */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_X509_CSR_WRITE_C) +#if defined(MBEDTLS_X509_CSR_WRITE_C) -#include "polarssl/x509_csr.h" -#include "polarssl/oid.h" -#include "polarssl/asn1write.h" +#include "mbedtls/x509_csr.h" +#include "mbedtls/oid.h" +#include "mbedtls/asn1write.h" #include #include -#if defined(POLARSSL_PEM_WRITE_C) -#include "polarssl/pem.h" +#if defined(MBEDTLS_PEM_WRITE_C) +#include "mbedtls/pem.h" #endif /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } -void x509write_csr_init( x509write_csr *ctx ) +void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ) { - memset( ctx, 0, sizeof(x509write_csr) ); + memset( ctx, 0, sizeof(mbedtls_x509write_csr) ); } -void x509write_csr_free( x509write_csr *ctx ) +void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ) { - asn1_free_named_data_list( &ctx->subject ); - asn1_free_named_data_list( &ctx->extensions ); + mbedtls_asn1_free_named_data_list( &ctx->subject ); + mbedtls_asn1_free_named_data_list( &ctx->extensions ); - polarssl_zeroize( ctx, sizeof(x509write_csr) ); + mbedtls_zeroize( ctx, sizeof(mbedtls_x509write_csr) ); } -void x509write_csr_set_md_alg( x509write_csr *ctx, md_type_t md_alg ) +void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ) { ctx->md_alg = md_alg; } -void x509write_csr_set_key( x509write_csr *ctx, pk_context *key ) +void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ) { ctx->key = key; } -int x509write_csr_set_subject_name( x509write_csr *ctx, +int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, const char *subject_name ) { - return x509_string_to_names( &ctx->subject, subject_name ); + return mbedtls_x509_string_to_names( &ctx->subject, subject_name ); } -int x509write_csr_set_extension( x509write_csr *ctx, +int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len ) { - return x509_set_extension( &ctx->extensions, oid, oid_len, + return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len, 0, val, val_len ); } -int x509write_csr_set_key_usage( x509write_csr *ctx, unsigned char key_usage ) +int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ) { unsigned char buf[4]; unsigned char *c; @@ -94,11 +94,11 @@ int x509write_csr_set_key_usage( x509write_csr *ctx, unsigned char key_usage ) c = buf + 4; - if( ( ret = asn1_write_bitstring( &c, buf, &key_usage, 7 ) ) != 4 ) + if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &key_usage, 7 ) ) != 4 ) return( ret ); - ret = x509write_csr_set_extension( ctx, OID_KEY_USAGE, - OID_SIZE( OID_KEY_USAGE ), + ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, + MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), buf, 4 ); if( ret != 0 ) return( ret ); @@ -106,7 +106,7 @@ int x509write_csr_set_key_usage( x509write_csr *ctx, unsigned char key_usage ) return( 0 ); } -int x509write_csr_set_ns_cert_type( x509write_csr *ctx, +int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, unsigned char ns_cert_type ) { unsigned char buf[4]; @@ -115,11 +115,11 @@ int x509write_csr_set_ns_cert_type( x509write_csr *ctx, c = buf + 4; - if( ( ret = asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 ) + if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 ) return( ret ); - ret = x509write_csr_set_extension( ctx, OID_NS_CERT_TYPE, - OID_SIZE( OID_NS_CERT_TYPE ), + ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, + MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), buf, 4 ); if( ret != 0 ) return( ret ); @@ -127,7 +127,7 @@ int x509write_csr_set_ns_cert_type( x509write_csr *ctx, return( 0 ); } -int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size, +int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { @@ -136,42 +136,42 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size, size_t sig_oid_len = 0; unsigned char *c, *c2; unsigned char hash[64]; - unsigned char sig[POLARSSL_MPI_MAX_SIZE]; + unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; unsigned char tmp_buf[2048]; size_t pub_len = 0, sig_and_oid_len = 0, sig_len; size_t len = 0; - pk_type_t pk_alg; + mbedtls_pk_type_t pk_alg; /* * Prepare data to be signed in tmp_buf */ c = tmp_buf + sizeof( tmp_buf ); - ASN1_CHK_ADD( len, x509_write_extensions( &c, tmp_buf, ctx->extensions ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, tmp_buf, ctx->extensions ) ); if( len ) { - ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); - ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | - ASN1_SET ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SET ) ); - ASN1_CHK_ADD( len, asn1_write_oid( &c, tmp_buf, OID_PKCS9_CSR_EXT_REQ, - OID_SIZE( OID_PKCS9_CSR_EXT_REQ ) ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( &c, tmp_buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ, + MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) ); - ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); } - ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | - ASN1_CONTEXT_SPECIFIC ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ); - ASN1_CHK_ADD( pub_len, pk_write_pubkey_der( ctx->key, + MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key, tmp_buf, c - tmp_buf ) ); c -= pub_len; len += pub_len; @@ -179,29 +179,29 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size, /* * Subject ::= Name */ - ASN1_CHK_ADD( len, x509_write_names( &c, tmp_buf, ctx->subject ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->subject ) ); /* * Version ::= INTEGER { v1(0), v2(1), v3(2) } */ - ASN1_CHK_ADD( len, asn1_write_int( &c, tmp_buf, 0 ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, tmp_buf, 0 ) ); - ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); /* * Prepare signature */ - md( md_info_from_type( ctx->md_alg ), c, len, hash ); + mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash ); - pk_alg = pk_get_type( ctx->key ); - if( pk_alg == POLARSSL_PK_ECKEY ) - pk_alg = POLARSSL_PK_ECDSA; + pk_alg = mbedtls_pk_get_type( ctx->key ); + if( pk_alg == MBEDTLS_PK_ECKEY ) + pk_alg = MBEDTLS_PK_ECDSA; - if( ( ret = pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len, + if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len, f_rng, p_rng ) ) != 0 || - ( ret = oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, + ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, &sig_oid, &sig_oid_len ) ) != 0 ) { return( ret ); @@ -211,16 +211,16 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size, * Write data to output buffer */ c2 = buf + size; - ASN1_CHK_ADD( sig_and_oid_len, x509_write_sig( &c2, buf, + MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf, sig_oid, sig_oid_len, sig, sig_len ) ); c2 -= len; memcpy( c2, c, len ); len += sig_and_oid_len; - ASN1_CHK_ADD( len, asn1_write_len( &c2, buf, len ) ); - ASN1_CHK_ADD( len, asn1_write_tag( &c2, buf, ASN1_CONSTRUCTED | - ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c2, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); return( (int) len ); } @@ -228,8 +228,8 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size, #define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n" #define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n" -#if defined(POLARSSL_PEM_WRITE_C) -int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size, +#if defined(MBEDTLS_PEM_WRITE_C) +int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { @@ -237,13 +237,13 @@ int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size, unsigned char output_buf[4096]; size_t olen = 0; - if( ( ret = x509write_csr_der( ctx, output_buf, sizeof(output_buf), + if( ( ret = mbedtls_x509write_csr_der( ctx, output_buf, sizeof(output_buf), f_rng, p_rng ) ) < 0 ) { return( ret ); } - if( ( ret = pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR, + if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR, output_buf + sizeof(output_buf) - ret, ret, buf, size, &olen ) ) != 0 ) { @@ -252,6 +252,6 @@ int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size, return( 0 ); } -#endif /* POLARSSL_PEM_WRITE_C */ +#endif /* MBEDTLS_PEM_WRITE_C */ -#endif /* POLARSSL_X509_CSR_WRITE_C */ +#endif /* MBEDTLS_X509_CSR_WRITE_C */ diff --git a/ext/mbedtls/library/xtea.c b/ext/mbedtls/library/xtea.c index 0558b93c89..c44892e604 100644 --- a/ext/mbedtls/library/xtea.c +++ b/ext/mbedtls/library/xtea.c @@ -20,31 +20,31 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#if !defined(POLARSSL_CONFIG_FILE) -#include "polarssl/config.h" +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" #else -#include POLARSSL_CONFIG_FILE +#include MBEDTLS_CONFIG_FILE #endif -#if defined(POLARSSL_XTEA_C) +#if defined(MBEDTLS_XTEA_C) -#include "polarssl/xtea.h" +#include "mbedtls/xtea.h" #include -#if defined(POLARSSL_SELF_TEST) -#if defined(POLARSSL_PLATFORM_C) -#include "polarssl/platform.h" +#if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" #else #include -#define polarssl_printf printf -#endif /* POLARSSL_PLATFORM_C */ -#endif /* POLARSSL_SELF_TEST */ +#define mbedtls_printf printf +#endif /* MBEDTLS_PLATFORM_C */ +#endif /* MBEDTLS_SELF_TEST */ -#if !defined(POLARSSL_XTEA_ALT) +#if !defined(MBEDTLS_XTEA_ALT) /* Implementation that should never be optimized out by the compiler */ -static void polarssl_zeroize( void *v, size_t n ) { +static void mbedtls_zeroize( void *v, size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ = 0; } @@ -71,27 +71,27 @@ static void polarssl_zeroize( void *v, size_t n ) { } #endif -void xtea_init( xtea_context *ctx ) +void mbedtls_xtea_init( mbedtls_xtea_context *ctx ) { - memset( ctx, 0, sizeof( xtea_context ) ); + memset( ctx, 0, sizeof( mbedtls_xtea_context ) ); } -void xtea_free( xtea_context *ctx ) +void mbedtls_xtea_free( mbedtls_xtea_context *ctx ) { if( ctx == NULL ) return; - polarssl_zeroize( ctx, sizeof( xtea_context ) ); + mbedtls_zeroize( ctx, sizeof( mbedtls_xtea_context ) ); } /* * XTEA key schedule */ -void xtea_setup( xtea_context *ctx, const unsigned char key[16] ) +void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] ) { int i; - memset( ctx, 0, sizeof(xtea_context) ); + memset( ctx, 0, sizeof(mbedtls_xtea_context) ); for( i = 0; i < 4; i++ ) { @@ -102,7 +102,7 @@ void xtea_setup( xtea_context *ctx, const unsigned char key[16] ) /* * XTEA encrypt function */ -int xtea_crypt_ecb( xtea_context *ctx, int mode, +int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, int mode, const unsigned char input[8], unsigned char output[8]) { uint32_t *k, v0, v1, i; @@ -112,7 +112,7 @@ int xtea_crypt_ecb( xtea_context *ctx, int mode, GET_UINT32_BE( v0, input, 0 ); GET_UINT32_BE( v1, input, 4 ); - if( mode == XTEA_ENCRYPT ) + if( mode == MBEDTLS_XTEA_ENCRYPT ) { uint32_t sum = 0, delta = 0x9E3779B9; @@ -123,7 +123,7 @@ int xtea_crypt_ecb( xtea_context *ctx, int mode, v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); } } - else /* XTEA_DECRYPT */ + else /* MBEDTLS_XTEA_DECRYPT */ { uint32_t delta = 0x9E3779B9, sum = delta * 32; @@ -141,11 +141,11 @@ int xtea_crypt_ecb( xtea_context *ctx, int mode, return( 0 ); } -#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) /* * XTEA-CBC buffer encryption/decryption */ -int xtea_crypt_cbc( xtea_context *ctx, int mode, size_t length, +int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length, unsigned char iv[8], const unsigned char *input, unsigned char *output) { @@ -153,14 +153,14 @@ int xtea_crypt_cbc( xtea_context *ctx, int mode, size_t length, unsigned char temp[8]; if( length % 8 ) - return( POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH ); + return( MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH ); - if( mode == XTEA_DECRYPT ) + if( mode == MBEDTLS_XTEA_DECRYPT ) { while( length > 0 ) { memcpy( temp, input, 8 ); - xtea_crypt_ecb( ctx, mode, input, output ); + mbedtls_xtea_crypt_ecb( ctx, mode, input, output ); for( i = 0; i < 8; i++ ) output[i] = (unsigned char)( output[i] ^ iv[i] ); @@ -179,7 +179,7 @@ int xtea_crypt_cbc( xtea_context *ctx, int mode, size_t length, for( i = 0; i < 8; i++ ) output[i] = (unsigned char)( input[i] ^ iv[i] ); - xtea_crypt_ecb( ctx, mode, output, output ); + mbedtls_xtea_crypt_ecb( ctx, mode, output, output ); memcpy( iv, output, 8 ); input += 8; @@ -190,10 +190,10 @@ int xtea_crypt_cbc( xtea_context *ctx, int mode, size_t length, return( 0 ); } -#endif /* POLARSSL_CIPHER_MODE_CBC */ -#endif /* !POLARSSL_XTEA_ALT */ +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* !MBEDTLS_XTEA_ALT */ -#if defined(POLARSSL_SELF_TEST) +#if defined(MBEDTLS_SELF_TEST) /* * XTEA tests vectors (non-official) @@ -238,45 +238,45 @@ static const unsigned char xtea_test_ct[6][8] = /* * Checkup routine */ -int xtea_self_test( int verbose ) +int mbedtls_xtea_self_test( int verbose ) { int i, ret = 0; unsigned char buf[8]; - xtea_context ctx; + mbedtls_xtea_context ctx; - xtea_init( &ctx ); + mbedtls_xtea_init( &ctx ); for( i = 0; i < 6; i++ ) { if( verbose != 0 ) - polarssl_printf( " XTEA test #%d: ", i + 1 ); + mbedtls_printf( " XTEA test #%d: ", i + 1 ); memcpy( buf, xtea_test_pt[i], 8 ); - xtea_setup( &ctx, xtea_test_key[i] ); - xtea_crypt_ecb( &ctx, XTEA_ENCRYPT, buf, buf ); + mbedtls_xtea_setup( &ctx, xtea_test_key[i] ); + mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf ); if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 ) { if( verbose != 0 ) - polarssl_printf( "failed\n" ); + mbedtls_printf( "failed\n" ); ret = 1; goto exit; } if( verbose != 0 ) - polarssl_printf( "passed\n" ); + mbedtls_printf( "passed\n" ); } if( verbose != 0 ) - polarssl_printf( "\n" ); + mbedtls_printf( "\n" ); exit: - xtea_free( &ctx ); + mbedtls_xtea_free( &ctx ); return( ret ); } -#endif /* POLARSSL_SELF_TEST */ +#endif /* MBEDTLS_SELF_TEST */ -#endif /* POLARSSL_XTEA_C */ +#endif /* MBEDTLS_XTEA_C */ diff --git a/m4/pdns_with_system_mbedtls.m4 b/m4/pdns_with_system_mbedtls.m4 index d98a0a65f9..d93bcb7b70 100644 --- a/m4/pdns_with_system_mbedtls.m4 +++ b/m4/pdns_with_system_mbedtls.m4 @@ -7,7 +7,7 @@ AC_DEFUN([PDNS_WITH_SYSTEM_MBEDTLS],[ MBEDTLS_SUBDIR=mbedtls MBEDTLS_CFLAGS=-I\$\(top_srcdir\)/ext/$MBEDTLS_SUBDIR/include/ - MBEDTLS_LIBS="-L\$(top_builddir)/ext/$MBEDTLS_SUBDIR/library/ -lpolarssl" + MBEDTLS_LIBS="-L\$(top_builddir)/ext/$MBEDTLS_SUBDIR/library/ -lmbedtls" AS_IF([test "x$with_system_mbedtls" = "xyes"],[ OLD_LIBS=$LIBS @@ -39,8 +39,9 @@ AC_DEFUN([PDNS_WITH_SYSTEM_MBEDTLS],[ AS_IF([test "x$have_system_mbedtls" = "xyes"],[ MBEDTLS_CFLAGS= MBEDTLS_SUBDIR= - AC_DEFINE([POLARSSL_SYSTEM], [1], [Defined if system mbed TLS is used]) - ],[ + AC_DEFINE([MBEDTLS_SYSTEM], [1], [Defined if system mbed TLS is used]) + ],[ + AC_DEFINE([HAVE_MBEDTLS2], [1], [Defined if mbed TLS version 2.x.x is used]) AS_IF([test "x$with_system_mbedtls" = "xyes"],[ AC_MSG_ERROR([use of system mbedtls requested but not found])] )]