From d367990ef3496a3f89e753fd97dae84731c4de77 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 15 Feb 2021 13:42:35 +0100 Subject: [PATCH 001/160] Allow skipping 3DES in CMAC self-test when ALT implemented Signed-off-by: Steven Cooreman --- library/cmac.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/cmac.c b/library/cmac.c index 06f8eec0d..3cc49d10c 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -867,11 +867,12 @@ static int cmac_test_wth_cipher( int verbose, { /* When CMAC is implemented by an alternative implementation, or * the underlying primitive itself is implemented alternatively, - * AES-192 may be unavailable. This should not cause the selftest - * function to fail. */ + * AES-192 and/or 3DES may be unavailable. This should not cause + * the selftest function to fail. */ if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED || ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) && - cipher_type == MBEDTLS_CIPHER_AES_192_ECB ) { + ( cipher_type == MBEDTLS_CIPHER_AES_192_ECB || + cipher_type == MBEDTLS_CIPHER_DES_EDE3_ECB ) ) { if( verbose != 0 ) mbedtls_printf( "skipped\n" ); continue; From 12078f4c22411c3270d346a93e02b8a6a66c8f9f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 2 Mar 2021 15:28:41 +0000 Subject: [PATCH 002/160] Keep pointer to TLS record sequence number static The field `cur_out_ctr` in the SSL context keeps track of the record sequence number for the next outgoing record. For TLS, this sequence number is implicit and not transmitted on the wire, while for DTLS, it's part of of the record header. For DTLS, the position of the record sequence number of the next outgoing record in that record's header is tracked in the pointer `out_ctr`. This pointer moves forward along with other pointers such as `out_hdr` or `out_msg` within the outgoing data buffer `out_buf` as multiple records are written in the same datagram. For TLS, the `out_ctr` pointer is logically superfluous, but for some reason, we're still maintaining it by having it point to the 8 Bytes prior to the header of the next outgoing record, and always copying `cur_out_ctr` to this position prior to encrypting an outgoing record. After a record has been prepared for writing in `ssl_write_record()`, the `out_xxx` pointers (except for `out_buf`, which is static), are shifted forward so that they point to the header and content of the next outgoing record. This is used only in DTLS in order to stack multiple records into a single datagram, but the shifting is happening for TLS as well. However, it has little effect in TLS because we're always flushing immediately after writing, and afterwards reset the `out_xxx` pointers. While the present code works as-is, it is wrong to shift `out_ctr` in the case of TLS, because it makes `out_ctr` point to the last 8 Bytes of the ciphertext of the last outgoing record. Should we ever aim to prepare more than one protected record in `out_buf` before dispatching it to the underlying transport, the superfluous copying of `cur_out_ctr` to `out_buf` will corrupt the last 8 bytes of the last record. This commit aims to fix this problem in the minimal possible way, by simply not shifting `out_ctr` after a record has been written. It does deliberately not attempt to remove `out_ctr` for TLS altogether, because any change in the messaging layer is hard to review, and we're going to replace it soon anyhow. The shifting happens in the helper routine mbedtls_ssl_update_out_pointers, which assumed correctness of `out_hdr` for the beginning of the record header of the next outgoing record, and derives the other `out_xxx` variables. We remove the update of `out_ctr` from this function in the case of TLS, and instead move the proper initialization of `out_ctr` to `out_buf == initial_out_hdr - 8` to the function mbedtls_ssl_reset_in_out_pointers(). Signed-off-by: Hanno Becker --- library/ssl_msg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 72f09bb42..bced3cd19 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5185,7 +5185,6 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl, else #endif { - ssl->out_ctr = ssl->out_hdr - 8; ssl->out_len = ssl->out_hdr + 3; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ssl->out_cid = ssl->out_len; @@ -5266,6 +5265,7 @@ void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ) else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { + ssl->out_ctr = ssl->out_buf; ssl->out_hdr = ssl->out_buf + 8; ssl->in_hdr = ssl->in_buf + 8; } From d4bfb3e8d6fefd7e112e2127f4fa1d02ebf0a156 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 11 Mar 2021 13:18:29 +0100 Subject: [PATCH 003/160] Add missing parenthesis Signed-off-by: Steven Cooreman --- library/ecp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ecp.c b/library/ecp.c index 6a005d510..c5abab30c 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2475,7 +2475,7 @@ static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P { #if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng ); + return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng ) ); #endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) From a71e369f2d7b8ebf9762205eb871bdf7a2779223 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 29 Mar 2021 15:46:55 +0200 Subject: [PATCH 004/160] Add changelog entry for #4217 Signed-off-by: Steven Cooreman --- ChangeLog.d/add-missing-parenthesis.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/add-missing-parenthesis.txt diff --git a/ChangeLog.d/add-missing-parenthesis.txt b/ChangeLog.d/add-missing-parenthesis.txt new file mode 100644 index 000000000..ec01985e9 --- /dev/null +++ b/ChangeLog.d/add-missing-parenthesis.txt @@ -0,0 +1,4 @@ +Bugfix + * Add a parenthesis that was missing from ecp.c when + MBEDTLS_ECP_RANDOMIZE_MXZ_ALT is defined. Found and reported by + mbeniamino in #4217. From c6b0d96c31ce7989d5a30ac9f490544561d2bb48 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Dec 2020 22:31:52 +0100 Subject: [PATCH 005/160] More precise testing of dhm_min_len An SSL client can be configured to insist on a minimum size for the Diffie-Hellman (DHM) parameters sent by the server. Add several test cases where the server sends parameters with exactly the minimum size (must be accepted) or parameters that are one bit too short (must be rejected). Make sure that there are test cases both where the boundary is byte-aligned and where it isn't. Signed-off-by: Gilles Peskine --- tests/data_files/Makefile | 10 ++++++++++ tests/data_files/dh.998.pem | 17 +++++++++++++++++ tests/data_files/dh.999.pem | 17 +++++++++++++++++ tests/ssl-opt.sh | 35 +++++++++++++++++++++++++++++++++++ 4 files changed, 79 insertions(+) create mode 100644 tests/data_files/dh.998.pem create mode 100644 tests/data_files/dh.999.pem diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 0962898fe..f3cba5acb 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -1131,6 +1131,16 @@ cert_md5.crt: cert_md5.csr $(MBEDTLS_CERT_WRITE) request_file=$< serial=6 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD5 version=3 output_file=$@ all_final += cert_md5.crt +################################################################ +#### Diffie-Hellman parameters +################################################################ + +dh.998.pem: + $(OPENSSL) dhparam -out $@ -text 998 + +dh.999.pem: + $(OPENSSL) dhparam -out $@ -text 999 + ################################################################ #### Meta targets ################################################################ diff --git a/tests/data_files/dh.998.pem b/tests/data_files/dh.998.pem new file mode 100644 index 000000000..96d6cf2b8 --- /dev/null +++ b/tests/data_files/dh.998.pem @@ -0,0 +1,17 @@ + DH Parameters: (998 bit) + prime: + 39:5f:30:c0:7b:06:b7:6a:49:c6:c0:81:1f:39:77: + b3:35:e2:8d:66:fc:6a:6e:94:f3:df:97:f2:89:31: + 6c:75:39:08:16:d1:a4:b8:0c:68:c5:63:21:61:eb: + 48:2d:77:99:08:1d:67:38:37:0a:cd:cf:39:b6:3c: + 9d:8a:e5:85:3c:71:e3:4b:3e:1e:b9:80:e3:cc:7a: + fd:84:05:b0:df:36:15:29:4e:3e:23:3b:c3:ae:6b: + c7:11:b9:64:43:40:75:c7:4a:ef:a7:2d:00:e2:62: + 8f:93:78:96:8f:2c:25:8d:7d:1f:eb:5c:3c:bf:51: + de:f8:08:25:db + generator: 2 (0x2) +-----BEGIN DH PARAMETERS----- +MIGCAn05XzDAewa3aknGwIEfOXezNeKNZvxqbpTz35fyiTFsdTkIFtGkuAxoxWMh +YetILXeZCB1nODcKzc85tjydiuWFPHHjSz4euYDjzHr9hAWw3zYVKU4+IzvDrmvH +EblkQ0B1x0rvpy0A4mKPk3iWjywljX0f61w8v1He+Agl2wIBAg== +-----END DH PARAMETERS----- diff --git a/tests/data_files/dh.999.pem b/tests/data_files/dh.999.pem new file mode 100644 index 000000000..6e3ceb3ba --- /dev/null +++ b/tests/data_files/dh.999.pem @@ -0,0 +1,17 @@ + DH Parameters: (999 bit) + prime: + 4f:b8:d2:d8:3c:b3:02:c9:64:f5:99:fe:61:cc:b3: + 69:1c:ba:bb:a2:33:db:38:2f:85:87:b7:12:fb:69: + 6e:a5:32:3e:ff:24:df:c4:61:07:0c:e1:88:72:fa: + 14:d4:22:65:18:66:09:7e:43:35:c4:5a:62:f7:0a: + 69:be:45:71:6e:ac:c5:56:d8:22:9e:c4:9c:23:2b: + bd:6d:3b:b6:02:4f:5d:12:a7:ac:90:b8:9e:be:93: + 82:bc:09:7c:cd:e1:09:21:1e:3d:69:2a:76:41:00: + 68:6d:b7:e8:e8:df:d6:1b:82:93:d9:21:4a:ea:71: + f2:e6:c4:94:03 + generator: 2 (0x2) +-----BEGIN DH PARAMETERS----- +MIGCAn1PuNLYPLMCyWT1mf5hzLNpHLq7ojPbOC+Fh7cS+2lupTI+/yTfxGEHDOGI +cvoU1CJlGGYJfkM1xFpi9wppvkVxbqzFVtginsScIyu9bTu2Ak9dEqeskLievpOC +vAl8zeEJIR49aSp2QQBobbfo6N/WG4KT2SFK6nHy5sSUAwIBAg== +-----END DH PARAMETERS----- diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 6c54900ce..7f9ec005e 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5537,6 +5537,20 @@ run_test "DHM size: server 1024, client default, OK" \ 0 \ -C "DHM prime too short:" +run_test "DHM size: server 999, client 999, OK" \ + "$P_SRV dhm_file=data_files/dh.999.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=999" \ + 0 \ + -C "DHM prime too short:" + +run_test "DHM size: server 1000, client 1000, OK" \ + "$P_SRV dhm_file=data_files/dh.1000.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=1000" \ + 0 \ + -C "DHM prime too short:" + run_test "DHM size: server 1000, client default, rejected" \ "$P_SRV dhm_file=data_files/dh.1000.pem" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -5544,6 +5558,27 @@ run_test "DHM size: server 1000, client default, rejected" \ 1 \ -c "DHM prime too short:" +run_test "DHM size: server 1000, client 1001, rejected" \ + "$P_SRV dhm_file=data_files/dh.1000.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=1001" \ + 1 \ + -c "DHM prime too short:" + +run_test "DHM size: server 999, client 1000, rejected" \ + "$P_SRV dhm_file=data_files/dh.999.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=1000" \ + 1 \ + -c "DHM prime too short:" + +run_test "DHM size: server 998, client 999, rejected" \ + "$P_SRV dhm_file=data_files/dh.998.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=999" \ + 1 \ + -c "DHM prime too short:" + run_test "DHM size: server default, client 2049, rejected" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ From e8a2fc8461adf2349a2bed4453561038c2b476dd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 8 Dec 2020 22:46:11 +0100 Subject: [PATCH 006/160] Enforce dhm_min_bitlen exactly, not just the byte size In a TLS client, enforce the Diffie-Hellman minimum parameter size set with mbedtls_ssl_conf_dhm_min_bitlen() precisely. Before, the minimum size was rounded down to the nearest multiple of 8. Signed-off-by: Gilles Peskine --- ChangeLog.d/dhm_min_bitlen.txt | 4 ++++ library/ssl_cli.c | 6 ++++-- 2 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 ChangeLog.d/dhm_min_bitlen.txt diff --git a/ChangeLog.d/dhm_min_bitlen.txt b/ChangeLog.d/dhm_min_bitlen.txt new file mode 100644 index 000000000..e7ea82730 --- /dev/null +++ b/ChangeLog.d/dhm_min_bitlen.txt @@ -0,0 +1,4 @@ +Bugfix + * In a TLS client, enforce the Diffie-Hellman minimum parameter size + set with mbedtls_ssl_conf_dhm_min_bitlen() precisely. Before, the + minimum size was rounded down to the nearest multiple of 8. diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 55a8e6134..01e3f111e 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2610,6 +2610,7 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char *end ) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + size_t dhm_actual_bitlen; /* * Ephemeral DH parameters: @@ -2627,10 +2628,11 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, return( ret ); } - if( ssl->handshake->dhm_ctx.len * 8 < ssl->conf->dhm_min_bitlen ) + dhm_actual_bitlen = mbedtls_mpi_bitlen( &ssl->handshake->dhm_ctx.P ); + if( dhm_actual_bitlen < ssl->conf->dhm_min_bitlen ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %" MBEDTLS_PRINTF_SIZET " < %u", - ssl->handshake->dhm_ctx.len * 8, + dhm_actual_bitlen, ssl->conf->dhm_min_bitlen ) ); return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } From 96ae73b0ea49b550edb48cb97f2983213e071ecc Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Fri, 8 Jan 2021 17:04:59 +0000 Subject: [PATCH 007/160] Add macro for error code addition Adds a macro (`MBEDTLS_ERR_ADD`) to add error codes together and check that the result will not be corrupted. This additional check is only enabled during testing when `MBEDTLS_TEST_HOOKS` is defined. Also includes a reference usage example in `rsa.c` where two high-level error codes could be incorrectly added together under the right conditions. This now ensures that when this error occurs during testing it will be correctly reported. Signed-off-by: Chris Jones --- include/mbedtls/error.h | 10 ++++++++++ library/error.c | 7 +++++++ library/rsa.c | 2 +- tests/include/test/helpers.h | 10 ++++++++++ tests/src/helpers.c | 13 +++++++++++++ tests/suites/main_test.function | 8 ++++++++ 6 files changed, 49 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index cd7731e6b..d164e9f8f 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -114,6 +114,16 @@ extern "C" { #define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */ #define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */ +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_err_add_hook)( int, int, const char *, int ); +int mbedtls_err_add( int high, int low, const char *file, int line ); +#define MBEDTLS_ERR_ADD( high, low ) \ + ( mbedtls_err_add( high, low, __FILE__, __LINE__ ) ) +#else +#define MBEDTLS_ERR_ADD( high, low ) \ + ( high + low ) +#endif + /** * \brief Translate a mbed TLS error code into a string representation, * Result is truncated if necessary and always includes a terminating diff --git a/library/error.c b/library/error.c index 901a3699a..486afedfa 100644 --- a/library/error.c +++ b/library/error.c @@ -210,6 +210,13 @@ #include "mbedtls/xtea.h" #endif +#if defined(MBEDTLS_TEST_HOOKS) +int mbedtls_err_add( int high, int low, const char *file, int line ) { + if( mbedtls_test_err_add_hook != NULL ) + (*mbedtls_test_err_add_hook)( high, low, file, line ); + return ( high + low ); +} +#endif const char * mbedtls_high_level_strerr( int error_code ) { diff --git a/library/rsa.c b/library/rsa.c index fea76bf7d..f4bec4682 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1085,7 +1085,7 @@ cleanup: mbedtls_mpi_free( &I ); if( ret != 0 && ret >= -0x007f ) - return( MBEDTLS_ERR_RSA_PRIVATE_FAILED + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret ) ); return( ret ); } diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index c3a844b60..1fe25d89f 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -278,4 +278,14 @@ void mbedtls_test_mutex_usage_init( void ); void mbedtls_test_mutex_usage_check( void ); #endif /* MBEDTLS_TEST_MUTEX_USAGE */ +#if defined(MBEDTLS_TEST_HOOKS) +/** + * \brief Check that a pure high-level error code is being combined with a + * pure low-level error code as otherwise the resultant error code + * would be corrupted. + */ +void mbedtls_test_err_add_check( int high, int low, + const char *file, int line); +#endif + #endif /* TEST_HELPERS_H */ diff --git a/tests/src/helpers.c b/tests/src/helpers.c index e323275e5..2c01a584a 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -282,3 +282,16 @@ void mbedtls_param_failed( const char *failure_condition, } } #endif /* MBEDTLS_CHECK_PARAMS */ + +#if defined(MBEDTLS_TEST_HOOKS) +void mbedtls_test_err_add_check( int high, int low, + const char *file, int line ) +{ + if ( high < -0x0FFF && low > -0x007F ) + { + mbedtls_fprintf( stderr, "\nIncorrect error code addition at %s:%d\n", + file, line ); + mbedtls_exit( 1 ); + } +} +#endif /* MBEDTLS_TEST_HOOKS */ diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 36a7d231e..6a4758af9 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -33,6 +33,10 @@ #include "psa/crypto.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_TEST_HOOKS) +#include "mbedtls/error.h" +#endif + /* Test code may use deprecated identifiers only if the preprocessor symbol * MBEDTLS_TEST_DEPRECATED is defined. When building tests, set * MBEDTLS_TEST_DEPRECATED explicitly if MBEDTLS_DEPRECATED_WARNING is @@ -279,6 +283,10 @@ $platform_code */ int main( int argc, const char *argv[] ) { +#if defined(MBEDTLS_TEST_HOOKS) + mbedtls_test_err_add_hook = &mbedtls_test_err_add_check; +#endif + int ret = mbedtls_test_platform_setup(); if( ret != 0 ) { From 220cdece404c53be0017aaf6597622662b6bd696 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Mon, 11 Jan 2021 12:27:21 +0000 Subject: [PATCH 008/160] Fix error code combination check `mbedtls_test_err_add_check` was previously incorrectly throwing an error if both error codes were correct and valid pure error codes. This change fixes that behaviour to correctly throw errors when invalid combinations are found. Signed-off-by: Chris Jones --- tests/src/helpers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 2c01a584a..d88ef43f0 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -287,7 +287,7 @@ void mbedtls_param_failed( const char *failure_condition, void mbedtls_test_err_add_check( int high, int low, const char *file, int line ) { - if ( high < -0x0FFF && low > -0x007F ) + if ( high > -0x1000 || low < -0x007F ) { mbedtls_fprintf( stderr, "\nIncorrect error code addition at %s:%d\n", file, line ); From 713e4e77b4aade1f7c86d3c27a2d88f85bee84bd Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Mon, 11 Jan 2021 12:31:27 +0000 Subject: [PATCH 009/160] Expand use of MBEDTLS_ERR_ADD to the rest of rsa.c All occurences of manual error code addition/combination, in `rsa.c`, have been replaced with the `MBEDTLS_ERR_ADD` macro. Signed-off-by: Chris Jones --- library/rsa.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index f4bec4682..a32d4e8c5 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -102,7 +102,7 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx, ( D != NULL && ( ret = mbedtls_mpi_copy( &ctx->D, D ) ) != 0 ) || ( E != NULL && ( ret = mbedtls_mpi_copy( &ctx->E, E ) ) != 0 ) ) { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } if( N != NULL ) @@ -142,7 +142,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, cleanup: if( ret != 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); return( 0 ); } @@ -293,7 +293,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) if( ( ret = mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, &ctx->Q ) ) != 0 ) { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } ctx->len = mbedtls_mpi_size( &ctx->N ); @@ -308,7 +308,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) ret = mbedtls_rsa_deduce_primes( &ctx->N, &ctx->E, &ctx->D, &ctx->P, &ctx->Q ); if( ret != 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } else if( d_missing ) @@ -318,7 +318,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) &ctx->E, &ctx->D ) ) != 0 ) { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } } @@ -333,7 +333,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, &ctx->DP, &ctx->DQ, &ctx->QP ); if( ret != 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } #endif /* MBEDTLS_RSA_NO_CRT */ @@ -461,13 +461,13 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, ( DQ != NULL && ( ret = mbedtls_mpi_copy( DQ, &ctx->DQ ) ) != 0 ) || ( QP != NULL && ( ret = mbedtls_mpi_copy( QP, &ctx->QP ) ) != 0 ) ) { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } #else if( ( ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, DP, DQ, QP ) ) != 0 ) { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } #endif @@ -636,7 +636,7 @@ cleanup: { mbedtls_rsa_free( ctx ); if( ( -ret & ~0x7f ) == 0 ) - ret = MBEDTLS_ERR_RSA_KEY_GEN_FAILED + ret; + ret = MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret ); return( ret ); } @@ -769,7 +769,7 @@ cleanup: mbedtls_mpi_free( &T ); if( ret != 0 ) - return( MBEDTLS_ERR_RSA_PUBLIC_FAILED + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret ) ); return( 0 ); } @@ -1198,7 +1198,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, /* Generate a random octet string seed */ if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 ) - return( MBEDTLS_ERR_RSA_RNG_FAILED + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); p += hlen; @@ -1287,7 +1287,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, /* Check if RNG failed to generate data */ if( rng_dl == 0 || ret != 0 ) - return( MBEDTLS_ERR_RSA_RNG_FAILED + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); p++; } @@ -1881,7 +1881,7 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, /* Generate salt of length slen in place in the encoded message */ salt = p; if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 ) - return( MBEDTLS_ERR_RSA_RNG_FAILED + ret ); + return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); p += slen; From 5e8805afeb3e14756f9364b3af2033c97047aab3 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Tue, 12 Jan 2021 15:21:57 +0000 Subject: [PATCH 010/160] Move `MBEDTLS_ERR_ADD` macro and function to `common.*` `error.c` is a file generated from `error.h` and thus cannot contain the code that was previously added. This commit fixes that issue by moving the `MBEDTLS_ERR_ADD` macro and associated function and function pointer into `common.h` and `common.c`. Also fix a typo in `tests/include/test/helpers.h` where tabs were accidentally used instead of spaces. Signed-off-by: Chris Jones --- include/mbedtls/error.h | 10 ---------- library/common.c | 27 +++++++++++++++++++++++++++ library/common.h | 20 ++++++++++++++++++-- library/error.c | 7 ------- tests/include/test/helpers.h | 6 +++--- tests/suites/main_test.function | 4 ---- visualc/VS2010/mbedTLS.vcxproj | 1 + 7 files changed, 49 insertions(+), 26 deletions(-) create mode 100644 library/common.c diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index d164e9f8f..cd7731e6b 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -114,16 +114,6 @@ extern "C" { #define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */ #define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */ -#if defined(MBEDTLS_TEST_HOOKS) -void (*mbedtls_test_err_add_hook)( int, int, const char *, int ); -int mbedtls_err_add( int high, int low, const char *file, int line ); -#define MBEDTLS_ERR_ADD( high, low ) \ - ( mbedtls_err_add( high, low, __FILE__, __LINE__ ) ) -#else -#define MBEDTLS_ERR_ADD( high, low ) \ - ( high + low ) -#endif - /** * \brief Translate a mbed TLS error code into a string representation, * Result is truncated if necessary and always includes a terminating diff --git a/library/common.c b/library/common.c new file mode 100644 index 000000000..9f901f006 --- /dev/null +++ b/library/common.c @@ -0,0 +1,27 @@ +/* + * Internal invasive testing helper functions + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_err_add_hook)( int, int, const char *, int ); +int mbedtls_err_add( int high, int low, const char *file, int line ) { + if( mbedtls_test_err_add_hook != NULL ) + (*mbedtls_test_err_add_hook)( high, low, file, line ); + return ( high + low ); +} +#endif diff --git a/library/common.h b/library/common.h index 5845766ac..f4cef97b9 100644 --- a/library/common.h +++ b/library/common.h @@ -29,6 +29,7 @@ #include "mbedtls/config.h" #endif +#if defined(MBEDTLS_TEST_HOOKS) /** Helper to define a function as static except when building invasive tests. * * If a function is only used inside its own source file and should be @@ -44,10 +45,25 @@ * #endif * ``` */ -#if defined(MBEDTLS_TEST_HOOKS) #define MBEDTLS_STATIC_TESTABLE + +/** Helper macro and function to combine a high and low level error code. + * + * This function uses a hook (`mbedtls_test_err_add_hook`) to allow invasive + * testing of its inputs. This is used in the test infrastructure to report + * on errors when combining two error codes of the same level (e.g: two high + * or two low level errors). + */ +int mbedtls_err_add( int high, int low, const char *file, int line ); +#define MBEDTLS_ERR_ADD( high, low ) \ + ( mbedtls_err_add( high, low, __FILE__, __LINE__ ) ) + #else #define MBEDTLS_STATIC_TESTABLE static -#endif + +#define MBEDTLS_ERR_ADD( high, low ) \ + ( high + low ) + +#endif /* MBEDTLS_TEST_HOOKS */ #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/error.c b/library/error.c index 486afedfa..901a3699a 100644 --- a/library/error.c +++ b/library/error.c @@ -210,13 +210,6 @@ #include "mbedtls/xtea.h" #endif -#if defined(MBEDTLS_TEST_HOOKS) -int mbedtls_err_add( int high, int low, const char *file, int line ) { - if( mbedtls_test_err_add_hook != NULL ) - (*mbedtls_test_err_add_hook)( high, low, file, line ); - return ( high + low ); -} -#endif const char * mbedtls_high_level_strerr( int error_code ) { diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index 1fe25d89f..a26f1eeda 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -280,9 +280,9 @@ void mbedtls_test_mutex_usage_check( void ); #if defined(MBEDTLS_TEST_HOOKS) /** - * \brief Check that a pure high-level error code is being combined with a - * pure low-level error code as otherwise the resultant error code - * would be corrupted. + * \brief Check that a pure high-level error code is being combined with a + * pure low-level error code as otherwise the resultant error code + * would be corrupted. */ void mbedtls_test_err_add_check( int high, int low, const char *file, int line); diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 6a4758af9..b35b1437f 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -33,10 +33,6 @@ #include "psa/crypto.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#if defined(MBEDTLS_TEST_HOOKS) -#include "mbedtls/error.h" -#endif - /* Test code may use deprecated identifiers only if the preprocessor symbol * MBEDTLS_TEST_DEPRECATED is defined. When building tests, set * MBEDTLS_TEST_DEPRECATED explicitly if MBEDTLS_DEPRECATED_WARNING is diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index cb819a8bd..9cf432915 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -293,6 +293,7 @@ + From 808b7c8a8abe61aa9e2f19ee5a63502c13b36307 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Wed, 13 Jan 2021 12:33:36 +0000 Subject: [PATCH 011/160] Fix building with `MBEDTLS_TEST_HOOKS` enabled Fix building by adding `common.c` to the build scripts (both make and Cmake). Also reworks the hook function pointer (also renamed to `err_add_hook`) to be a static local to `common.c` with a setter function to set the pointer to a checking function. Signed-off-by: Chris Jones --- library/CMakeLists.txt | 1 + library/Makefile | 1 + library/common.c | 17 +++++++++++++---- library/common.h | 8 +++++++- tests/suites/main_test.function | 6 +++++- 5 files changed, 27 insertions(+), 6 deletions(-) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 220fbf92b..e25fe57e5 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -27,6 +27,7 @@ set(src_crypto cipher.c cipher_wrap.c cmac.c + common.c ctr_drbg.c des.c dhm.c diff --git a/library/Makefile b/library/Makefile index 13b0b2934..66110166a 100644 --- a/library/Makefile +++ b/library/Makefile @@ -84,6 +84,7 @@ OBJS_CRYPTO= \ cipher.o \ cipher_wrap.o \ cmac.o \ + common.o \ ctr_drbg.o \ des.o \ dhm.o \ diff --git a/library/common.c b/library/common.c index 9f901f006..4273600c4 100644 --- a/library/common.c +++ b/library/common.c @@ -17,11 +17,20 @@ * limitations under the License. */ +#include "common.h" + +#include + #if defined(MBEDTLS_TEST_HOOKS) -void (*mbedtls_test_err_add_hook)( int, int, const char *, int ); -int mbedtls_err_add( int high, int low, const char *file, int line ) { - if( mbedtls_test_err_add_hook != NULL ) - (*mbedtls_test_err_add_hook)( high, low, file, line ); +static void (*err_add_hook)( int, int, const char *, int ); +void mbedtls_set_err_add_hook(void *hook) +{ + err_add_hook = hook; +} +int mbedtls_err_add( int high, int low, const char *file, int line ) +{ + if( err_add_hook != NULL ) + (*err_add_hook)( high, low, file, line ); return ( high + low ); } #endif diff --git a/library/common.h b/library/common.h index f4cef97b9..a9b6187b3 100644 --- a/library/common.h +++ b/library/common.h @@ -48,12 +48,18 @@ #define MBEDTLS_STATIC_TESTABLE /** Helper macro and function to combine a high and low level error code. - * + * * This function uses a hook (`mbedtls_test_err_add_hook`) to allow invasive * testing of its inputs. This is used in the test infrastructure to report * on errors when combining two error codes of the same level (e.g: two high * or two low level errors). + * + * To set a hook use + * ``` + * mbedtls_set_err_add_hook(&mbedtls_check_foo); + * ``` */ +void mbedtls_set_err_add_hook( void *hook ); int mbedtls_err_add( int high, int low, const char *file, int line ); #define MBEDTLS_ERR_ADD( high, low ) \ ( mbedtls_err_add( high, low, __FILE__, __LINE__ ) ) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index b35b1437f..09927fe7b 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -33,6 +33,10 @@ #include "psa/crypto.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_TEST_HOOKS) +#include "common.h" +#endif + /* Test code may use deprecated identifiers only if the preprocessor symbol * MBEDTLS_TEST_DEPRECATED is defined. When building tests, set * MBEDTLS_TEST_DEPRECATED explicitly if MBEDTLS_DEPRECATED_WARNING is @@ -280,7 +284,7 @@ $platform_code int main( int argc, const char *argv[] ) { #if defined(MBEDTLS_TEST_HOOKS) - mbedtls_test_err_add_hook = &mbedtls_test_err_add_check; + mbedtls_set_err_add_hook( &mbedtls_test_err_add_check ); #endif int ret = mbedtls_test_platform_setup(); From ef180af3505656e9965345ab52b651c9a2c61dfd Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Tue, 26 Jan 2021 17:50:48 +0000 Subject: [PATCH 012/160] Move `MBEDTLS_ERR_ADD` macro and functions to `error.*` `error.c` and error.h are the more logical place to keep this code and it prevents issues with building `common.c` and conflicts with other projects that use mbedtls (such as mbedOS). `error.c` has been automatically generated by first adding the code to `error.fmt` and then running `./scripts/generate_errors.pl`. Also add parenthesis to the addition in `MBEDTLS_ERR_ADD`. Signed-off-by: Chris Jones --- include/mbedtls/error.h | 22 ++++++++++++++++++++ library/CMakeLists.txt | 1 - library/Makefile | 1 - library/common.c | 36 --------------------------------- library/common.h | 26 ++---------------------- library/error.c | 16 +++++++++++++++ scripts/data_files/error.fmt | 16 +++++++++++++++ tests/suites/main_test.function | 2 +- visualc/VS2010/mbedTLS.vcxproj | 1 - 9 files changed, 57 insertions(+), 64 deletions(-) delete mode 100644 library/common.c diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index cd7731e6b..d060d177b 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -114,6 +114,28 @@ extern "C" { #define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */ #define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */ +/** Helper macro and function to combine a high and low level error code. + * + * This function uses a hook (`mbedtls_test_err_add_hook`) to allow invasive + * testing of its inputs. This is used in the test infrastructure to report + * on errors when combining two error codes of the same level (e.g: two high + * or two low level errors). + * + * To set a hook use + * ``` + * mbedtls_set_err_add_hook(&mbedtls_check_foo); + * ``` + */ +#if defined(MBEDTLS_TEST_HOOKS) +void mbedtls_set_err_add_hook( void *hook ); +int mbedtls_err_add( int high, int low, const char *file, int line ); +#define MBEDTLS_ERR_ADD( high, low ) \ + ( mbedtls_err_add( high, low, __FILE__, __LINE__ ) ) +#else +#define MBEDTLS_ERR_ADD( high, low ) \ + ( ( high ) + ( low ) ) +#endif /* MBEDTLS_TEST_HOOKS */ + /** * \brief Translate a mbed TLS error code into a string representation, * Result is truncated if necessary and always includes a terminating diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index e25fe57e5..220fbf92b 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -27,7 +27,6 @@ set(src_crypto cipher.c cipher_wrap.c cmac.c - common.c ctr_drbg.c des.c dhm.c diff --git a/library/Makefile b/library/Makefile index 66110166a..13b0b2934 100644 --- a/library/Makefile +++ b/library/Makefile @@ -84,7 +84,6 @@ OBJS_CRYPTO= \ cipher.o \ cipher_wrap.o \ cmac.o \ - common.o \ ctr_drbg.o \ des.o \ dhm.o \ diff --git a/library/common.c b/library/common.c deleted file mode 100644 index 4273600c4..000000000 --- a/library/common.c +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Internal invasive testing helper functions - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "common.h" - -#include - -#if defined(MBEDTLS_TEST_HOOKS) -static void (*err_add_hook)( int, int, const char *, int ); -void mbedtls_set_err_add_hook(void *hook) -{ - err_add_hook = hook; -} -int mbedtls_err_add( int high, int low, const char *file, int line ) -{ - if( err_add_hook != NULL ) - (*err_add_hook)( high, low, file, line ); - return ( high + low ); -} -#endif diff --git a/library/common.h b/library/common.h index a9b6187b3..5845766ac 100644 --- a/library/common.h +++ b/library/common.h @@ -29,7 +29,6 @@ #include "mbedtls/config.h" #endif -#if defined(MBEDTLS_TEST_HOOKS) /** Helper to define a function as static except when building invasive tests. * * If a function is only used inside its own source file and should be @@ -45,31 +44,10 @@ * #endif * ``` */ +#if defined(MBEDTLS_TEST_HOOKS) #define MBEDTLS_STATIC_TESTABLE - -/** Helper macro and function to combine a high and low level error code. - * - * This function uses a hook (`mbedtls_test_err_add_hook`) to allow invasive - * testing of its inputs. This is used in the test infrastructure to report - * on errors when combining two error codes of the same level (e.g: two high - * or two low level errors). - * - * To set a hook use - * ``` - * mbedtls_set_err_add_hook(&mbedtls_check_foo); - * ``` - */ -void mbedtls_set_err_add_hook( void *hook ); -int mbedtls_err_add( int high, int low, const char *file, int line ); -#define MBEDTLS_ERR_ADD( high, low ) \ - ( mbedtls_err_add( high, low, __FILE__, __LINE__ ) ) - #else #define MBEDTLS_STATIC_TESTABLE static - -#define MBEDTLS_ERR_ADD( high, low ) \ - ( high + low ) - -#endif /* MBEDTLS_TEST_HOOKS */ +#endif #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/error.c b/library/error.c index 901a3699a..4e279b069 100644 --- a/library/error.c +++ b/library/error.c @@ -893,6 +893,22 @@ const char * mbedtls_low_level_strerr( int error_code ) return( NULL ); } +#if defined(MBEDTLS_TEST_HOOKS) +static void (*err_add_hook)( int, int, const char *, int ); + +void mbedtls_set_err_add_hook(void *hook) +{ + err_add_hook = hook; +} + +int mbedtls_err_add( int high, int low, const char *file, int line ) +{ + if( err_add_hook != NULL ) + (*err_add_hook)( high, low, file, line ); + return ( high + low ); +} +#endif /* MBEDTLS_TEST_HOOKS */ + void mbedtls_strerror( int ret, char *buf, size_t buflen ) { size_t len; diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 9e479bbfd..fdb3ce291 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -82,6 +82,22 @@ LOW_LEVEL_CODE_CHECKS return( NULL ); } +#if defined(MBEDTLS_TEST_HOOKS) +static void (*err_add_hook)( int, int, const char *, int ); + +void mbedtls_set_err_add_hook(void *hook) +{ + err_add_hook = hook; +} + +int mbedtls_err_add( int high, int low, const char *file, int line ) +{ + if( err_add_hook != NULL ) + (*err_add_hook)( high, low, file, line ); + return ( high + low ); +} +#endif /* MBEDTLS_TEST_HOOKS */ + void mbedtls_strerror( int ret, char *buf, size_t buflen ) { size_t len; diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 09927fe7b..76e1057d1 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -34,7 +34,7 @@ #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_TEST_HOOKS) -#include "common.h" +#include "mbedtls/error.h" #endif /* Test code may use deprecated identifiers only if the preprocessor symbol diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 9cf432915..cb819a8bd 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -293,7 +293,6 @@ - From a203c38576cd455740fc8581dbb680e264be8e7a Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Fri, 29 Jan 2021 14:56:20 +0000 Subject: [PATCH 013/160] Expand error addition checks Add new checks and specific error messages to `mbedtls_test_err_add_check`. This should now catch all types of error when combining error codes and provide a specific error message to explain what occured. Signed-off-by: Chris Jones --- tests/src/helpers.c | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/tests/src/helpers.c b/tests/src/helpers.c index d88ef43f0..9c981de67 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -287,10 +287,34 @@ void mbedtls_param_failed( const char *failure_condition, void mbedtls_test_err_add_check( int high, int low, const char *file, int line ) { - if ( high > -0x1000 || low < -0x007F ) + if ( high > -0x1000 ) { - mbedtls_fprintf( stderr, "\nIncorrect error code addition at %s:%d\n", - file, line ); + mbedtls_fprintf( stderr, "\n'high' is not a high-level error code - " + "%s:%d\n", file, line ); + mbedtls_exit( 1 ); + } + else if ( high < -0x7F80 ) + { + mbedtls_fprintf( stderr, "\n'high' is greater than 16-bits - " + "%s:%d\n", file, line ); + mbedtls_exit( 1 ); + } + else if ( ( high & 0x7F ) != 0 ) + { + mbedtls_fprintf( stderr, "\n'high' contains a low-level error code - " + "%s:%d\n", file, line ); + mbedtls_exit( 1 ); + } + else if ( low < -0x007F ) + { + mbedtls_fprintf( stderr, "\n'low' is greater than 8-bits - " + "%s:%d\n", file, line ); + mbedtls_exit( 1 ); + } + else if ( low > 0 ) + { + mbedtls_fprintf( stderr, "\n'low' is zero or greater - " + "%s:%d\n", file, line ); mbedtls_exit( 1 ); } } From d86ad60aa538ea9a376f979af83e364bae77f8f4 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Fri, 29 Jan 2021 15:47:47 +0000 Subject: [PATCH 014/160] Change mbedtls_set_err_add_hook to use doxygen style comment Signed-off-by: Chris Jones --- include/mbedtls/error.h | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index d060d177b..752f7bf05 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -114,19 +114,17 @@ extern "C" { #define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */ #define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */ -/** Helper macro and function to combine a high and low level error code. - * - * This function uses a hook (`mbedtls_test_err_add_hook`) to allow invasive - * testing of its inputs. This is used in the test infrastructure to report - * on errors when combining two error codes of the same level (e.g: two high - * or two low level errors). - * - * To set a hook use - * ``` - * mbedtls_set_err_add_hook(&mbedtls_check_foo); - * ``` - */ + #if defined(MBEDTLS_TEST_HOOKS) +/** + * \brief Set a function pointer (hook) to allow for invasive testing of error + * code addition. + * + * This hook is used in the test infrastructure to report on errors when + * combining two error codes of the same level. + * + * \param hook hook to invasive testing function + */ void mbedtls_set_err_add_hook( void *hook ); int mbedtls_err_add( int high, int low, const char *file, int line ); #define MBEDTLS_ERR_ADD( high, low ) \ From fe285f53e6f5ce8a23a2ea7cbf8ae851d56d9b52 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Mon, 8 Feb 2021 12:32:41 +0000 Subject: [PATCH 015/160] Make mbedtls_test_err_add_check fail tests Previously an error message was printed and then the test manually exited via `mbedtls_exit( 1 )`. This commit includes a rebase onto: 540320bf7b5de6d3dbd78abb3e5527674189d09c so that `mbedtls_test_fail` can be used instead to properly fail tests (and report them as such). Signed-off-by: Chris Jones --- tests/src/helpers.c | 22 +++++++--------------- 1 file changed, 7 insertions(+), 15 deletions(-) diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 9c981de67..8319e9004 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -289,33 +289,25 @@ void mbedtls_test_err_add_check( int high, int low, { if ( high > -0x1000 ) { - mbedtls_fprintf( stderr, "\n'high' is not a high-level error code - " - "%s:%d\n", file, line ); - mbedtls_exit( 1 ); + mbedtls_test_fail( "'high' is not a high-level error code", + line, file ); } else if ( high < -0x7F80 ) { - mbedtls_fprintf( stderr, "\n'high' is greater than 16-bits - " - "%s:%d\n", file, line ); - mbedtls_exit( 1 ); + mbedtls_test_fail( "'high' is greater than 16-bits", line, file ); } else if ( ( high & 0x7F ) != 0 ) { - mbedtls_fprintf( stderr, "\n'high' contains a low-level error code - " - "%s:%d\n", file, line ); - mbedtls_exit( 1 ); + mbedtls_test_fail( "'high' contains a low-level error code", + line, file ); } else if ( low < -0x007F ) { - mbedtls_fprintf( stderr, "\n'low' is greater than 8-bits - " - "%s:%d\n", file, line ); - mbedtls_exit( 1 ); + mbedtls_test_fail( "'low' is greater than 8-bits", line, file ); } else if ( low > 0 ) { - mbedtls_fprintf( stderr, "\n'low' is zero or greater - " - "%s:%d\n", file, line ); - mbedtls_exit( 1 ); + mbedtls_test_fail( "'low' is zero or greater", line, file ); } } #endif /* MBEDTLS_TEST_HOOKS */ From b179b843352643a1b53bc0acd9990366f37ea51b Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Mon, 8 Feb 2021 16:53:29 +0000 Subject: [PATCH 016/160] Change set_err_add_hook void pointer to actual function pointer signature Change the signature of the `hook` parameter of `mbedtls_set_err_add_hook` to use the actual signature of the function as opposed to `void *`. This fixes a warning when compiling with clang `-pedantic`. Signed-off-by: Chris Jones --- include/mbedtls/error.h | 2 +- library/error.c | 2 +- scripts/data_files/error.fmt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 752f7bf05..154f0718e 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -125,7 +125,7 @@ extern "C" { * * \param hook hook to invasive testing function */ -void mbedtls_set_err_add_hook( void *hook ); +void mbedtls_set_err_add_hook( void (*hook)( int, int, const char *, int ) ); int mbedtls_err_add( int high, int low, const char *file, int line ); #define MBEDTLS_ERR_ADD( high, low ) \ ( mbedtls_err_add( high, low, __FILE__, __LINE__ ) ) diff --git a/library/error.c b/library/error.c index 4e279b069..aaa66dddf 100644 --- a/library/error.c +++ b/library/error.c @@ -896,7 +896,7 @@ const char * mbedtls_low_level_strerr( int error_code ) #if defined(MBEDTLS_TEST_HOOKS) static void (*err_add_hook)( int, int, const char *, int ); -void mbedtls_set_err_add_hook(void *hook) +void mbedtls_set_err_add_hook( void (*hook)( int, int, const char *, int ) ) { err_add_hook = hook; } diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index fdb3ce291..5925904a4 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -85,7 +85,7 @@ LOW_LEVEL_CODE_CHECKS #if defined(MBEDTLS_TEST_HOOKS) static void (*err_add_hook)( int, int, const char *, int ); -void mbedtls_set_err_add_hook(void *hook) +void mbedtls_set_err_add_hook( void (*hook)( int, int, const char *, int ) ) { err_add_hook = hook; } From 759e30bdb0960ad78e58e8987b478e004ece387f Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Tue, 9 Feb 2021 15:30:54 +0000 Subject: [PATCH 017/160] Add MBEDTLS_ERROR_C dependency to invasive error code testing Fix builds where `MBEDTLS_ERROR_C` is not defined but `MBEDTLS_TEST_HOOKS` is defined. This was previously causing undefined reference errors in these builds. Signed-off-by: Chris Jones --- include/mbedtls/error.h | 2 +- tests/suites/main_test.function | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 154f0718e..5f2482284 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -115,7 +115,7 @@ extern "C" { #define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */ -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ERROR_C) /** * \brief Set a function pointer (hook) to allow for invasive testing of error * code addition. diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 76e1057d1..7cae0da2b 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -283,7 +283,7 @@ $platform_code */ int main( int argc, const char *argv[] ) { -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && defined (MBEDTLS_ERROR_C) mbedtls_set_err_add_hook( &mbedtls_test_err_add_check ); #endif From 3f613c17c1340bf30c5345fff8981e2367c2cb79 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Wed, 31 Mar 2021 09:34:22 +0100 Subject: [PATCH 018/160] Improve mbedtls_test_err_add_check documentation Improve and clarify error messages and comments when checking error codes. Signed-off-by: Chris Jones --- tests/include/test/helpers.h | 10 ++++++++-- tests/src/helpers.c | 28 +++++++++++++++++++++------- 2 files changed, 29 insertions(+), 9 deletions(-) diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index a26f1eeda..9bfe08547 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -280,9 +280,15 @@ void mbedtls_test_mutex_usage_check( void ); #if defined(MBEDTLS_TEST_HOOKS) /** - * \brief Check that a pure high-level error code is being combined with a - * pure low-level error code as otherwise the resultant error code + * \brief Check that only a pure high-level error code is being combined with + * a pure low-level error code as otherwise the resultant error code * would be corrupted. + * + * \note Both high-level and low-level error codes cannot be greater than + * zero however can be zero. If one error code is zero then the + * other error code is returned even if both codes are zero. + * + * \note If the check fails, fail the test currently being run. */ void mbedtls_test_err_add_check( int high, int low, const char *file, int line); diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 8319e9004..881967409 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -287,27 +287,41 @@ void mbedtls_param_failed( const char *failure_condition, void mbedtls_test_err_add_check( int high, int low, const char *file, int line ) { - if ( high > -0x1000 ) + /* Error codes are always negative (a value of zero is a success) however + * their positive opposites can be easier to understand. The following + * examples given in comments have been made positive for ease of + * understanding. The structure of an error code is such: + * + * shhhhhhhllllllll + * + * s = sign bit. + * h = high level error code (includes high and module error codes). + * l = low level error code. + */ + if ( high > -0x1000 ) // high < 0001000000000000 { mbedtls_test_fail( "'high' is not a high-level error code", line, file ); } - else if ( high < -0x7F80 ) + else if ( high < -0x7F80 ) // high > 0111111110000000 { - mbedtls_test_fail( "'high' is greater than 16-bits", line, file ); + mbedtls_test_fail( "'high' error code is greater than 15 bits", + line, file ); } - else if ( ( high & 0x7F ) != 0 ) + else if ( ( high & 0x7F ) != 0 ) // high & 0000000011111111 { mbedtls_test_fail( "'high' contains a low-level error code", line, file ); } - else if ( low < -0x007F ) + else if ( low < -0x007F ) // low > 0000000001111111 { - mbedtls_test_fail( "'low' is greater than 8-bits", line, file ); + mbedtls_test_fail( "'low' error code is greater than 7 bits", + line, file ); } else if ( low > 0 ) { - mbedtls_test_fail( "'low' is zero or greater", line, file ); + mbedtls_test_fail( "'low' error code is greater than zero", + line, file ); } } #endif /* MBEDTLS_TEST_HOOKS */ From ac33a3ab12bd3bfd6fd1bf642e5e73125aef6210 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Wed, 31 Mar 2021 16:09:28 +0100 Subject: [PATCH 019/160] Add exception in check when high error code == 0 Although not commonly done, it should be possible to add error codes together even if the high level error code is equal to zero. Signed-off-by: Chris Jones --- tests/src/helpers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 881967409..9c1198ea3 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -298,7 +298,7 @@ void mbedtls_test_err_add_check( int high, int low, * h = high level error code (includes high and module error codes). * l = low level error code. */ - if ( high > -0x1000 ) // high < 0001000000000000 + if ( high > -0x1000 && high != 0 ) // high < 0001000000000000 { mbedtls_test_fail( "'high' is not a high-level error code", line, file ); From 7439209bcca2f64c30334ca3754eeaea27df32d1 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Thu, 1 Apr 2021 16:00:01 +0100 Subject: [PATCH 020/160] Rewrite error addition interface The previous implementation of the error addition interface did not comply with the invasive testing architecture guidelines. This commit fixes that by: - Renaming functions/macros/variables to follow the mbedtls_error_xxx or mbedtls_test_hook_xxx convention. - Making mbedtls_test_hook_error_add a global variable that can be set by the testing code. - Using a static inline function call, as opposed to macro, to keep discrepancies between debug and production version to a minimum. Signed-off-by: Chris Jones --- include/mbedtls/error.h | 51 ++++++++++++++++++++++----------- library/error.c | 16 ----------- library/rsa.c | 29 ++++++++++--------- scripts/data_files/error.fmt | 16 ----------- tests/suites/main_test.function | 2 +- 5 files changed, 51 insertions(+), 63 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 5f2482284..5b31b61be 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -114,25 +114,44 @@ extern "C" { #define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */ #define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */ - -#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ERROR_C) /** - * \brief Set a function pointer (hook) to allow for invasive testing of error - * code addition. + * \brief Combines a high-level and low-level error code together. * - * This hook is used in the test infrastructure to report on errors when - * combining two error codes of the same level. - * - * \param hook hook to invasive testing function + * Wrapper function for mbedtls_err_add_ext(). See that function for + * more details. */ -void mbedtls_set_err_add_hook( void (*hook)( int, int, const char *, int ) ); -int mbedtls_err_add( int high, int low, const char *file, int line ); -#define MBEDTLS_ERR_ADD( high, low ) \ - ( mbedtls_err_add( high, low, __FILE__, __LINE__ ) ) -#else -#define MBEDTLS_ERR_ADD( high, low ) \ - ( ( high ) + ( low ) ) -#endif /* MBEDTLS_TEST_HOOKS */ +#define mbedtls_error_add( high, low ) \ + mbedtls_error_add_ext( high, low, __FILE__, __LINE__ ) + +/** + * \brief Testing hook called before adding/combining two error codes together. + * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. + */ +void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); + +/** + * \brief Combines a high-level and low-level error code together. + * + * This function can be called directly however it is usually + * called via the mbedtls_error_add macro. + * + * \note When invasive testing is enabled via MBEDTLS_TEST_HOOKS also try to + * call mbedtls_test_hook_error_add. + * + * \param high high-level error code. See error.h for more details. + * \param low low-level error code. See error.h for more details. + * \param file file where this error code addition occured. + * \param line line where this error code addition occured. + */ +static inline int mbedtls_error_add_ext( int high, int low, + const char *file, int line ) +{ +#if defined(MBEDTLS_TEST_HOOKS) + if( *mbedtls_test_hook_error_add != NULL ) + ( *mbedtls_test_hook_error_add )( high, low, file, line ); +#endif + return( high + low ); +} /** * \brief Translate a mbed TLS error code into a string representation, diff --git a/library/error.c b/library/error.c index aaa66dddf..901a3699a 100644 --- a/library/error.c +++ b/library/error.c @@ -893,22 +893,6 @@ const char * mbedtls_low_level_strerr( int error_code ) return( NULL ); } -#if defined(MBEDTLS_TEST_HOOKS) -static void (*err_add_hook)( int, int, const char *, int ); - -void mbedtls_set_err_add_hook( void (*hook)( int, int, const char *, int ) ) -{ - err_add_hook = hook; -} - -int mbedtls_err_add( int high, int low, const char *file, int line ) -{ - if( err_add_hook != NULL ) - (*err_add_hook)( high, low, file, line ); - return ( high + low ); -} -#endif /* MBEDTLS_TEST_HOOKS */ - void mbedtls_strerror( int ret, char *buf, size_t buflen ) { size_t len; diff --git a/library/rsa.c b/library/rsa.c index a32d4e8c5..42b43ca4d 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -102,7 +102,7 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx, ( D != NULL && ( ret = mbedtls_mpi_copy( &ctx->D, D ) ) != 0 ) || ( E != NULL && ( ret = mbedtls_mpi_copy( &ctx->E, E ) ) != 0 ) ) { - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } if( N != NULL ) @@ -142,7 +142,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, cleanup: if( ret != 0 ) - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); return( 0 ); } @@ -293,7 +293,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) if( ( ret = mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, &ctx->Q ) ) != 0 ) { - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } ctx->len = mbedtls_mpi_size( &ctx->N ); @@ -308,7 +308,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) ret = mbedtls_rsa_deduce_primes( &ctx->N, &ctx->E, &ctx->D, &ctx->P, &ctx->Q ); if( ret != 0 ) - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } else if( d_missing ) @@ -318,7 +318,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) &ctx->E, &ctx->D ) ) != 0 ) { - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } } @@ -333,7 +333,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, &ctx->DP, &ctx->DQ, &ctx->QP ); if( ret != 0 ) - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } #endif /* MBEDTLS_RSA_NO_CRT */ @@ -461,13 +461,13 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, ( DQ != NULL && ( ret = mbedtls_mpi_copy( DQ, &ctx->DQ ) ) != 0 ) || ( QP != NULL && ( ret = mbedtls_mpi_copy( QP, &ctx->QP ) ) != 0 ) ) { - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } #else if( ( ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, DP, DQ, QP ) ) != 0 ) { - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } #endif @@ -635,8 +635,9 @@ cleanup: if( ret != 0 ) { mbedtls_rsa_free( ctx ); + if( ( -ret & ~0x7f ) == 0 ) - ret = MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret ); + ret = mbedtls_error_add( MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret ); return( ret ); } @@ -769,7 +770,7 @@ cleanup: mbedtls_mpi_free( &T ); if( ret != 0 ) - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret ) ); return( 0 ); } @@ -1085,7 +1086,7 @@ cleanup: mbedtls_mpi_free( &I ); if( ret != 0 && ret >= -0x007f ) - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret ) ); return( ret ); } @@ -1198,7 +1199,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, /* Generate a random octet string seed */ if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 ) - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); p += hlen; @@ -1287,7 +1288,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, /* Check if RNG failed to generate data */ if( rng_dl == 0 || ret != 0 ) - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); p++; } @@ -1881,7 +1882,7 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, /* Generate salt of length slen in place in the encoded message */ salt = p; if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 ) - return( MBEDTLS_ERR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); + return( mbedtls_error_add( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); p += slen; diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 5925904a4..9e479bbfd 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -82,22 +82,6 @@ LOW_LEVEL_CODE_CHECKS return( NULL ); } -#if defined(MBEDTLS_TEST_HOOKS) -static void (*err_add_hook)( int, int, const char *, int ); - -void mbedtls_set_err_add_hook( void (*hook)( int, int, const char *, int ) ) -{ - err_add_hook = hook; -} - -int mbedtls_err_add( int high, int low, const char *file, int line ) -{ - if( err_add_hook != NULL ) - (*err_add_hook)( high, low, file, line ); - return ( high + low ); -} -#endif /* MBEDTLS_TEST_HOOKS */ - void mbedtls_strerror( int ret, char *buf, size_t buflen ) { size_t len; diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 7cae0da2b..ac00f45e5 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -284,7 +284,7 @@ $platform_code int main( int argc, const char *argv[] ) { #if defined(MBEDTLS_TEST_HOOKS) && defined (MBEDTLS_ERROR_C) - mbedtls_set_err_add_hook( &mbedtls_test_err_add_check ); + mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; #endif int ret = mbedtls_test_platform_setup(); From b7d02e0f15469237073aeaf4fe71e50ad1b0543b Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Thu, 1 Apr 2021 17:40:03 +0100 Subject: [PATCH 021/160] Fix misc issues with unused parameters and check-names.sh Fix unused parameter warnings when MBEDTLS_TEST_HOOKS is not enabled. A few issues were caught by check-names.sh namely: - mbedtls_error_add was not capitalised. - mbedtls_test_hook_error_add was being defined multiple times as the definition was in a header. Signed-off-by: Chris Jones --- include/mbedtls/error.h | 7 +++++-- library/error.c | 2 ++ library/rsa.c | 28 ++++++++++++++-------------- scripts/data_files/error.fmt | 2 ++ 4 files changed, 23 insertions(+), 16 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 5b31b61be..39874b9c4 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -120,14 +120,14 @@ extern "C" { * Wrapper function for mbedtls_err_add_ext(). See that function for * more details. */ -#define mbedtls_error_add( high, low ) \ +#define MBEDTLS_ERROR_ADD( high, low ) \ mbedtls_error_add_ext( high, low, __FILE__, __LINE__ ) /** * \brief Testing hook called before adding/combining two error codes together. * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. */ -void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); /** * \brief Combines a high-level and low-level error code together. @@ -150,6 +150,9 @@ static inline int mbedtls_error_add_ext( int high, int low, if( *mbedtls_test_hook_error_add != NULL ) ( *mbedtls_test_hook_error_add )( high, low, file, line ); #endif + (void)file; + (void)line; + return( high + low ); } diff --git a/library/error.c b/library/error.c index 901a3699a..b5bd8d77c 100644 --- a/library/error.c +++ b/library/error.c @@ -893,6 +893,8 @@ const char * mbedtls_low_level_strerr( int error_code ) return( NULL ); } +void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); + void mbedtls_strerror( int ret, char *buf, size_t buflen ) { size_t len; diff --git a/library/rsa.c b/library/rsa.c index 42b43ca4d..268d025e6 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -102,7 +102,7 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx, ( D != NULL && ( ret = mbedtls_mpi_copy( &ctx->D, D ) ) != 0 ) || ( E != NULL && ( ret = mbedtls_mpi_copy( &ctx->E, E ) ) != 0 ) ) { - return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } if( N != NULL ) @@ -142,7 +142,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, cleanup: if( ret != 0 ) - return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); return( 0 ); } @@ -293,7 +293,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) if( ( ret = mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, &ctx->Q ) ) != 0 ) { - return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } ctx->len = mbedtls_mpi_size( &ctx->N ); @@ -308,7 +308,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) ret = mbedtls_rsa_deduce_primes( &ctx->N, &ctx->E, &ctx->D, &ctx->P, &ctx->Q ); if( ret != 0 ) - return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } else if( d_missing ) @@ -318,7 +318,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) &ctx->E, &ctx->D ) ) != 0 ) { - return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } } @@ -333,7 +333,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, &ctx->DP, &ctx->DQ, &ctx->QP ); if( ret != 0 ) - return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } #endif /* MBEDTLS_RSA_NO_CRT */ @@ -461,13 +461,13 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, ( DQ != NULL && ( ret = mbedtls_mpi_copy( DQ, &ctx->DQ ) ) != 0 ) || ( QP != NULL && ( ret = mbedtls_mpi_copy( QP, &ctx->QP ) ) != 0 ) ) { - return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } #else if( ( ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, DP, DQ, QP ) ) != 0 ) { - return( mbedtls_error_add( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); } #endif @@ -637,7 +637,7 @@ cleanup: mbedtls_rsa_free( ctx ); if( ( -ret & ~0x7f ) == 0 ) - ret = mbedtls_error_add( MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret ); + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret ); return( ret ); } @@ -770,7 +770,7 @@ cleanup: mbedtls_mpi_free( &T ); if( ret != 0 ) - return( mbedtls_error_add( MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret ) ); return( 0 ); } @@ -1086,7 +1086,7 @@ cleanup: mbedtls_mpi_free( &I ); if( ret != 0 && ret >= -0x007f ) - return( mbedtls_error_add( MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret ) ); return( ret ); } @@ -1199,7 +1199,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, /* Generate a random octet string seed */ if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 ) - return( mbedtls_error_add( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); p += hlen; @@ -1288,7 +1288,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, /* Check if RNG failed to generate data */ if( rng_dl == 0 || ret != 0 ) - return( mbedtls_error_add( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); p++; } @@ -1882,7 +1882,7 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, /* Generate salt of length slen in place in the encoded message */ salt = p; if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 ) - return( mbedtls_error_add( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); p += slen; diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 9e479bbfd..7fed598ea 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -82,6 +82,8 @@ LOW_LEVEL_CODE_CHECKS return( NULL ); } +void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); + void mbedtls_strerror( int ret, char *buf, size_t buflen ) { size_t len; From abded0ed39a1d144755595d04782306c0071694f Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Mon, 12 Apr 2021 15:44:47 +0100 Subject: [PATCH 022/160] Improve and fix documentation for error code combination Improve documentation by: - Fixing off by one errors in binary representations of error codes. - Clarifying combinations of zero. - Linking references to variables/macros via doxygen. Signed-off-by: Chris Jones --- include/mbedtls/error.h | 10 +++++++--- tests/src/helpers.c | 4 ++-- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 39874b9c4..624228914 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -133,10 +133,14 @@ extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); * \brief Combines a high-level and low-level error code together. * * This function can be called directly however it is usually - * called via the mbedtls_error_add macro. + * called via the #MBEDTLS_ERROR_ADD macro. * - * \note When invasive testing is enabled via MBEDTLS_TEST_HOOKS also try to - * call mbedtls_test_hook_error_add. + * While a value of zero is not a negative error code, it is still an + * error code (that denotes success) and can be combined with both a + * negative error code or another value of zero. + * + * \note When invasive testing is enabled via #MBEDTLS_TEST_HOOKS, also try to + * call \link mbedtls_test_hook_error_add \endlink. * * \param high high-level error code. See error.h for more details. * \param low low-level error code. See error.h for more details. diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 9c1198ea3..b54661195 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -292,7 +292,7 @@ void mbedtls_test_err_add_check( int high, int low, * examples given in comments have been made positive for ease of * understanding. The structure of an error code is such: * - * shhhhhhhllllllll + * shhhhhhhhlllllll * * s = sign bit. * h = high level error code (includes high and module error codes). @@ -308,7 +308,7 @@ void mbedtls_test_err_add_check( int high, int low, mbedtls_test_fail( "'high' error code is greater than 15 bits", line, file ); } - else if ( ( high & 0x7F ) != 0 ) // high & 0000000011111111 + else if ( ( high & 0x7F ) != 0 ) // high & 0000000001111111 { mbedtls_test_fail( "'high' contains a low-level error code", line, file ); From ef01852d65987a461621b06306d80cb42be6ed0e Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Mon, 12 Apr 2021 17:27:18 +0100 Subject: [PATCH 023/160] Add missing guard to mbedtls_test_hook_error_add Add a missing guard for the definition and declaration of mbedtls_test_hook_error_add. Also make the declaration always visible when MBEDTLS_TEST_HOOKS is enabled. This fixes an issue when MBEDTLS_ERROR_C is not defined but MBEDTLS_TEST_HOOKS is. Signed-off-by: Chris Jones --- include/mbedtls/error.h | 2 ++ library/error.c | 6 ++++-- scripts/data_files/error.fmt | 6 ++++-- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 624228914..49c312082 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -123,11 +123,13 @@ extern "C" { #define MBEDTLS_ERROR_ADD( high, low ) \ mbedtls_error_add_ext( high, low, __FILE__, __LINE__ ) +#if defined(MBEDTLS_TEST_HOOKS) /** * \brief Testing hook called before adding/combining two error codes together. * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. */ extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +#endif /** * \brief Combines a high-level and low-level error code together. diff --git a/library/error.c b/library/error.c index b5bd8d77c..afad38904 100644 --- a/library/error.c +++ b/library/error.c @@ -893,8 +893,6 @@ const char * mbedtls_low_level_strerr( int error_code ) return( NULL ); } -void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); - void mbedtls_strerror( int ret, char *buf, size_t buflen ) { size_t len; @@ -975,4 +973,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) #endif /* MBEDTLS_ERROR_C */ +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +#endif + #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 7fed598ea..3be94bd2c 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -82,8 +82,6 @@ LOW_LEVEL_CODE_CHECKS return( NULL ); } -void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); - void mbedtls_strerror( int ret, char *buf, size_t buflen ) { size_t len; @@ -164,4 +162,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) #endif /* MBEDTLS_ERROR_C */ +#if defined(MBEDTLS_TEST_HOOKS) +void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +#endif + #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ From defe10df528f513ecafe02f01b24744b45be2499 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Mon, 12 Apr 2021 17:31:39 +0100 Subject: [PATCH 024/160] Add compatibility macro for the inline keyword in error.h MSVC is not fully compliant with C99 where the 'inline' keyword is defined. Add a macro to define an alternative for non-compliant compilers. Signed-off-by: Chris Jones --- include/mbedtls/error.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 49c312082..3d8a5eac0 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -30,6 +30,11 @@ #include +#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ + !defined(inline) && !defined(__cplusplus) +#define inline __inline +#endif + /** * Error code layout. * From 9f7a693f2c89419be19054e9065f8d2b71a88aca Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Wed, 14 Apr 2021 12:12:09 +0100 Subject: [PATCH 025/160] Apply MBEDTLS_ERROR_ADD to library Replace all occurences of error code addition in the library with the new MBEDTLS_ERROR_ADD macro. Signed-off-by: Chris Jones --- library/dhm.c | 22 +-- library/ecdsa.c | 4 +- library/pem.c | 4 +- library/pkcs12.c | 12 +- library/pkcs5.c | 24 ++-- library/pkparse.c | 115 ++++++++-------- library/ssl_cookie.c | 12 +- library/x509.c | 124 ++++++++--------- library/x509_crl.c | 58 ++++---- library/x509_crt.c | 152 ++++++++++----------- library/x509_csr.c | 16 +-- tests/suites/test_suite_x509parse.function | 28 ++-- 12 files changed, 287 insertions(+), 284 deletions(-) diff --git a/library/dhm.c b/library/dhm.c index f79681231..9758af787 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -79,7 +79,7 @@ static int dhm_read_bignum( mbedtls_mpi *X, return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); if( ( ret = mbedtls_mpi_read_binary( X, *p, n ) ) != 0 ) - return( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED, ret ) ); (*p) += n; @@ -222,7 +222,7 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, cleanup: if( ret != 0 ) - return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED, ret ) ); return( 0 ); } @@ -242,7 +242,7 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 || ( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 ) { - return( MBEDTLS_ERR_DHM_SET_GROUP_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_SET_GROUP_FAILED, ret ) ); } ctx->len = mbedtls_mpi_size( &ctx->P ); @@ -263,7 +263,7 @@ int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 ) - return( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED, ret ) ); return( 0 ); } @@ -313,7 +313,7 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, cleanup: if( ret != 0 ) - return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED, ret ) ); return( 0 ); } @@ -462,7 +462,7 @@ cleanup: mbedtls_mpi_free( &GYb ); if( ret != 0 ) - return( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED, ret ) ); return( 0 ); } @@ -544,7 +544,7 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret ); goto exit; } @@ -553,7 +553,7 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, if( ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->P ) ) != 0 || ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->G ) ) != 0 ) { - ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret ); goto exit; } @@ -567,13 +567,13 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, mbedtls_mpi_free( &rec ); if ( ret != 0 ) { - ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret ); goto exit; } if ( p != end ) { - ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); goto exit; } } diff --git a/library/ecdsa.c b/library/ecdsa.c index 7dc8708a3..7f259e105 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -870,8 +870,8 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, if( p + len != end ) { - ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); goto cleanup; } diff --git a/library/pem.c b/library/pem.c index 969d492e3..fcfde9479 100644 --- a/library/pem.c +++ b/library/pem.c @@ -343,7 +343,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 ); if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER ) - return( MBEDTLS_ERR_PEM_INVALID_DATA + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PEM_INVALID_DATA, ret ) ); if( ( buf = mbedtls_calloc( 1, len ) ) == NULL ) return( MBEDTLS_ERR_PEM_ALLOC_FAILED ); @@ -352,7 +352,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const { mbedtls_platform_zeroize( buf, len ); mbedtls_free( buf ); - return( MBEDTLS_ERR_PEM_INVALID_DATA + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PEM_INVALID_DATA, ret ) ); } if( enc != 0 ) diff --git a/library/pkcs12.c b/library/pkcs12.c index 4bdeb6835..9823d963c 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -60,21 +60,21 @@ static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params, * */ if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); if( ( ret = mbedtls_asn1_get_tag( p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret ) ); salt->p = *p; *p += salt->len; if( ( ret = mbedtls_asn1_get_int( p, end, iterations ) ) != 0 ) - return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret ) ); if( *p != end ) - return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } diff --git a/library/pkcs5.c b/library/pkcs5.c index e9e743fa9..2b014d91c 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -60,8 +60,8 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, const unsigned char *end = params->p + params->len; if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); /* * PBKDF2-params ::= SEQUENCE { * salt OCTET STRING, @@ -73,13 +73,13 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, */ if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); salt->p = p; p += salt->len; if( ( ret = mbedtls_asn1_get_int( &p, end, iterations ) ) != 0 ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); if( p == end ) return( 0 ); @@ -87,21 +87,21 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, if( ( ret = mbedtls_asn1_get_int( &p, end, keylen ) ) != 0 ) { if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); } if( p == end ) return( 0 ); if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); if( mbedtls_oid_get_md_hmac( &prf_alg_oid, md_type ) != 0 ) return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); if( p != end ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -134,12 +134,12 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, * } */ if( pbe_params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid, &kdf_alg_params ) ) != 0 ) - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); // Only PBKDF2 supported at the moment // @@ -160,7 +160,7 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid, &enc_scheme_params ) ) != 0 ) { - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); } if( mbedtls_oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 ) diff --git a/library/pkparse.c b/library/pkparse.c index 0590f2b05..3f3d5585a 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -186,8 +186,8 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if ( end - *p < 1 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); /* Tag may be either OID or SEQUENCE */ params->tag = **p; @@ -197,21 +197,21 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end, #endif ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } if( ( ret = mbedtls_asn1_get_tag( p, end, ¶ms->len, params->tag ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } params->p = *p; *p += params->len; if( *p != end ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -247,7 +247,7 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ /* SpecifiedECDomainVersion ::= INTEGER { 1, 2, 3 } */ if( ( ret = mbedtls_asn1_get_int( &p, end, &ver ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( ver < 1 || ver > 3 ) return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); @@ -285,13 +285,13 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ /* Prime-p ::= INTEGER -- Field of size p. */ if( ( ret = mbedtls_asn1_get_mpi( &p, end_field, &grp->P ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); grp->pbits = mbedtls_mpi_bitlen( &grp->P ); if( p != end_field ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* * Curve ::= SEQUENCE { @@ -315,7 +315,7 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 || ( ret = mbedtls_mpi_read_binary( &grp->A, p, len ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } p += len; @@ -323,7 +323,7 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 || ( ret = mbedtls_mpi_read_binary( &grp->B, p, len ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } p += len; @@ -333,14 +333,14 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ p += len; if( p != end_curve ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* * ECPoint ::= OCTET STRING */ if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( ( ret = mbedtls_ecp_point_read_binary( grp, &grp->G, ( const unsigned char *) p, len ) ) != 0 ) @@ -366,7 +366,7 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ * order INTEGER */ if( ( ret = mbedtls_asn1_get_mpi( &p, end, &grp->N ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); grp->nbits = mbedtls_mpi_bitlen( &grp->N ); @@ -528,15 +528,15 @@ static int pk_get_rsapubkey( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); if( *p + len != end ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* Import N */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); if( ( ret = mbedtls_rsa_import_raw( rsa, *p, len, NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) ) != 0 ) @@ -546,7 +546,7 @@ static int pk_get_rsapubkey( unsigned char **p, /* Import E */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); if( ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0, NULL, 0, *p, len ) ) != 0 ) @@ -561,8 +561,8 @@ static int pk_get_rsapubkey( unsigned char **p, } if( *p != end ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -584,7 +584,7 @@ static int pk_get_pk_alg( unsigned char **p, memset( params, 0, sizeof(mbedtls_asn1_buf) ); if( ( ret = mbedtls_asn1_get_alg( p, end, &alg_oid, params ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_ALG, ret ) ); if( mbedtls_oid_get_pk_alg( &alg_oid, pk_alg ) != 0 ) return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); @@ -624,7 +624,7 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } end = *p + len; @@ -633,11 +633,11 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, return( ret ); if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); if( *p + len != end ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL ) return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); @@ -662,8 +662,8 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, ret = MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; if( ret == 0 && *p != end ) - ret = MBEDTLS_ERR_PK_INVALID_PUBKEY + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); if( ret != 0 ) mbedtls_pk_free( pk ); @@ -734,14 +734,14 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } end = p + len; if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } if( version != 0 ) @@ -831,8 +831,8 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, if( p != end ) { - ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); } cleanup: @@ -843,7 +843,7 @@ cleanup: { /* Wrap error code if it's coming from a lower level */ if( ( ret & 0xff80 ) == 0 ) - ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret; + ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ); else ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; @@ -883,24 +883,24 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } end = p + len; if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( version != 1 ) return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION ); if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( ( ret = mbedtls_mpi_read_binary( &eck->d, p, len ) ) != 0 ) { mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } p += len; @@ -924,7 +924,7 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) { mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } } @@ -940,11 +940,11 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, end2 = p + len; if( ( ret = mbedtls_asn1_get_bitstring_null( &p, end2, &len ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( p + len != end2 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); if( ( ret = pk_get_ecpubkey( &p, end2, eck ) ) == 0 ) pubkey_done = 1; @@ -961,7 +961,7 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) { mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } } @@ -970,7 +970,7 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, NULL, NULL ) ) != 0 ) { mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } if( ( ret = mbedtls_ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 ) @@ -1028,26 +1028,26 @@ static int pk_parse_key_pkcs8_unencrypted_der( if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } end = p + len; if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( version != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_VERSION, ret ) ); if( ( ret = pk_get_pk_alg( &p, end, &pk_alg, ¶ms ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( len < 1 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL ) return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); @@ -1130,16 +1130,16 @@ static int pk_parse_key_pkcs8_encrypted_der( if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); } end = p + len; if( ( ret = mbedtls_asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); buf = p; @@ -1518,7 +1518,8 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, return( ret ); } mbedtls_pk_free( ctx ); - if( ret != ( MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) + if( ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) ) { return( ret ); } diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index c8bd1bd52..b64c354e6 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -174,7 +174,7 @@ int mbedtls_ssl_cookie_write( void *p_ctx, #if defined(MBEDTLS_THREADING_C) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret ) ); #endif ret = ssl_cookie_hmac( &ctx->hmac_ctx, *p - 4, @@ -182,8 +182,8 @@ int mbedtls_ssl_cookie_write( void *p_ctx, #if defined(MBEDTLS_THREADING_C) if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + - MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, + MBEDTLS_ERR_THREADING_MUTEX_ERROR ) ); #endif return( ret ); @@ -210,7 +210,7 @@ int mbedtls_ssl_cookie_check( void *p_ctx, #if defined(MBEDTLS_THREADING_C) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret ) ); #endif if( ssl_cookie_hmac( &ctx->hmac_ctx, cookie, @@ -220,8 +220,8 @@ int mbedtls_ssl_cookie_check( void *p_ctx, #if defined(MBEDTLS_THREADING_C) if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + - MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR , + MBEDTLS_ERR_THREADING_MUTEX_ERROR ) ); #endif if( ret != 0 ) diff --git a/library/x509.c b/library/x509.c index 2a7be329b..f21e9e694 100644 --- a/library/x509.c +++ b/library/x509.c @@ -81,18 +81,18 @@ int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_SERIAL + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); if( **p != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2 ) && **p != MBEDTLS_ASN1_INTEGER ) - return( MBEDTLS_ERR_X509_INVALID_SERIAL + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); serial->tag = *(*p)++; if( ( ret = mbedtls_asn1_get_len( p, end, &serial->len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_SERIAL + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, ret ) ); serial->p = *p; *p += serial->len; @@ -112,7 +112,7 @@ int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); return( 0 ); } @@ -126,7 +126,7 @@ int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); return( 0 ); } @@ -151,39 +151,39 @@ static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md /* Make sure we got a SEQUENCE and setup bounds */ if( alg->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); p = alg->p; end = p + alg->len; if( p >= end ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); /* Parse md_oid */ md_oid.tag = *p; if( ( ret = mbedtls_asn1_get_tag( &p, end, &md_oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); md_oid.p = p; p += md_oid.len; /* Get md_alg from md_oid */ if( ( ret = mbedtls_oid_get_md_alg( &md_oid, md_alg ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); /* Make sure params is absent of NULL */ if( p == end ) return( 0 ); if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_NULL ) ) != 0 || len != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p != end ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -217,8 +217,8 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, /* Make sure params is a SEQUENCE and setup bounds */ if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); p = (unsigned char *) params->p; end = p + params->len; @@ -239,14 +239,14 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, return( ret ); if( ( ret = mbedtls_oid_get_md_alg( &alg_id, md_alg ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p != end2 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p == end ) return( 0 ); @@ -265,19 +265,19 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, /* Only MFG1 is recognised for now */ if( MBEDTLS_OID_CMP( MBEDTLS_OID_MGF1, &alg_id ) != 0 ) - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE + - MBEDTLS_ERR_OID_NOT_FOUND ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE, + MBEDTLS_ERR_OID_NOT_FOUND ) ); /* Parse HashAlgorithm */ if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 ) return( ret ); if( p != end2 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p == end ) return( 0 ); @@ -291,14 +291,14 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, end2 = p + len; if( ( ret = mbedtls_asn1_get_int( &p, end2, salt_len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p != end2 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p == end ) return( 0 ); @@ -314,21 +314,21 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, end2 = p + len; if( ( ret = mbedtls_asn1_get_int( &p, end2, &trailer_field ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p != end2 ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); if( trailer_field != 1 ) return( MBEDTLS_ERR_X509_INVALID_ALG ); } else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); if( p != end ) - return( MBEDTLS_ERR_X509_INVALID_ALG + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -354,47 +354,47 @@ static int x509_get_attr_type_value( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); end = *p + len; if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); oid = &cur->oid; oid->tag = **p; if( ( ret = mbedtls_asn1_get_tag( p, end, &oid->len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); oid->p = *p; *p += oid->len; if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); if( **p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING && **p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING && **p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING && **p != MBEDTLS_ASN1_BIT_STRING ) - return( MBEDTLS_ERR_X509_INVALID_NAME + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); val = &cur->val; val->tag = *(*p)++; if( ( ret = mbedtls_asn1_get_len( p, end, &val->len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); val->p = *p; *p += val->len; if( *p != end ) { - return( MBEDTLS_ERR_X509_INVALID_NAME + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } cur->next = NULL; @@ -440,7 +440,7 @@ int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, */ if( ( ret = mbedtls_asn1_get_tag( p, end, &set_len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); end_set = *p + set_len; @@ -604,8 +604,8 @@ int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, unsigned char tag; if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); tag = **p; @@ -614,14 +614,14 @@ int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME ) year_len = 4; else - return( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); (*p)++; ret = mbedtls_asn1_get_len( p, end, &len ); if( ret != 0 ) - return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, ret ) ); return x509_parse_time( p, len, year_len, tm ); } @@ -633,13 +633,13 @@ int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x int tag_type; if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SIGNATURE, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); tag_type = **p; if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SIGNATURE, ret ) ); sig->tag = tag_type; sig->len = len; @@ -663,7 +663,7 @@ int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x50 return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); if( ( ret = mbedtls_oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) - return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, ret ) ); #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) if( *pk_alg == MBEDTLS_PK_RSASSA_PSS ) @@ -714,7 +714,7 @@ int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, ret = mbedtls_asn1_get_tag( p, end, &ext->len, MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag ); if( ret != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); ext->tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag; ext->p = *p; @@ -725,11 +725,11 @@ int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( end != *p + len ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } diff --git a/library/x509_crl.c b/library/x509_crl.c index edeb39b02..ac4fc75de 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -79,7 +79,7 @@ static int x509_crl_get_version( unsigned char **p, return( 0 ); } - return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) ); } return( 0 ); @@ -125,7 +125,7 @@ static int x509_get_crl_ext( unsigned char **p, /* Get enclosing sequence tag */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); end_ext_data = *p + len; @@ -133,7 +133,7 @@ static int x509_get_crl_ext( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, MBEDTLS_ASN1_OID ) ) != 0 ) { - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); } *p += len; @@ -142,29 +142,29 @@ static int x509_get_crl_ext( unsigned char **p, &is_critical ) ) != 0 && ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) { - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); } /* Data should be octet string type */ if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); /* Ignore data so far and just check its length */ *p += len; if( *p != end_ext_data ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* Abort on (unsupported) critical extensions */ if( is_critical ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -198,27 +198,27 @@ static int x509_get_crl_entry_ext( unsigned char **p, ext->p = NULL; return( 0 ); } - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); } end = *p + ext->len; if( end != *p + ext->len ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); while( *p < end ) { if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); *p += len; } if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -364,8 +364,8 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, if( len != (size_t) ( end - p ) ) { mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } /* @@ -377,7 +377,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } end = p + len; @@ -421,7 +421,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 ) @@ -444,10 +444,10 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, if( ( ret = mbedtls_x509_get_time( &p, end, &crl->next_update ) ) != 0 ) { - if( ret != ( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) && - ret != ( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ) + if( ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) && + ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ) ) { mbedtls_x509_crl_free( crl ); return( ret ); @@ -486,8 +486,8 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, if( p != end ) { mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } end = crl->raw.p + crl->raw.len; @@ -521,8 +521,8 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, if( p != end ) { mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } return( 0 ); diff --git a/library/x509_crt.c b/library/x509_crt.c index 0aa4f4c21..8086cc034 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -397,17 +397,17 @@ static int x509_get_version( unsigned char **p, return( 0 ); } - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } end = *p + len; if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) ); if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_VERSION + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -427,7 +427,7 @@ static int x509_get_dates( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, ret ) ); end = *p + len; @@ -438,8 +438,8 @@ static int x509_get_dates( unsigned char **p, return( ret ); if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_DATE + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -464,7 +464,7 @@ static int x509_get_uid( unsigned char **p, if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) return( 0 ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } uid->p = *p; @@ -491,7 +491,7 @@ static int x509_get_basic_constraints( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( *p == end ) return( 0 ); @@ -502,7 +502,7 @@ static int x509_get_basic_constraints( unsigned char **p, ret = mbedtls_asn1_get_int( p, end, ca_istrue ); if( ret != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( *ca_istrue != 0 ) *ca_istrue = 1; @@ -512,17 +512,17 @@ static int x509_get_basic_constraints( unsigned char **p, return( 0 ); if( ( ret = mbedtls_asn1_get_int( p, end, max_pathlen ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* Do not accept max_pathlen equal to INT_MAX to avoid a signed integer * overflow, which is an undefined behavior. */ if( *max_pathlen == INT_MAX ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); (*max_pathlen)++; @@ -537,11 +537,11 @@ static int x509_get_ns_cert_type( unsigned char **p, mbedtls_x509_bitstring bs = { 0, 0, NULL }; if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( bs.len != 1 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); /* Get actual bitstring */ *ns_cert_type = *bs.p; @@ -557,11 +557,11 @@ static int x509_get_key_usage( unsigned char **p, mbedtls_x509_bitstring bs = { 0, 0, NULL }; if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( bs.len < 1 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); /* Get actual bitstring */ *key_usage = 0; @@ -585,12 +585,12 @@ static int x509_get_ext_key_usage( unsigned char **p, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; if( ( ret = mbedtls_asn1_get_sequence_of( p, end, ext_key_usage, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); /* Sequence length must be >= 1 */ if( ext_key_usage->buf.p == NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); return( 0 ); } @@ -635,11 +635,11 @@ static int x509_get_subject_alt_name( unsigned char **p, /* Get main sequence tag */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( *p + len != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); while( *p < end ) { @@ -649,13 +649,13 @@ static int x509_get_subject_alt_name( unsigned char **p, tag = **p; (*p)++; if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( ( tag & MBEDTLS_ASN1_TAG_CLASS_MASK ) != MBEDTLS_ASN1_CONTEXT_SPECIFIC ) { - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } /* @@ -691,8 +691,8 @@ static int x509_get_subject_alt_name( unsigned char **p, cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); if( cur->next == NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_ALLOC_FAILED ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_ALLOC_FAILED ) ); cur = cur->next; } @@ -708,8 +708,8 @@ static int x509_get_subject_alt_name( unsigned char **p, cur->next = NULL; if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -776,18 +776,18 @@ static int x509_get_certificate_policies( unsigned char **p, ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ); if( ret != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( *p + len != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* * Cannot be an empty sequence. */ if( len == 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); while( *p < end ) { @@ -799,13 +799,13 @@ static int x509_get_certificate_policies( unsigned char **p, */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); policy_end = *p + len; if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); policy_oid.tag = MBEDTLS_ASN1_OID; policy_oid.len = len; @@ -833,8 +833,8 @@ static int x509_get_certificate_policies( unsigned char **p, cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); if( cur->next == NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_ALLOC_FAILED ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_ALLOC_FAILED ) ); cur = cur->next; } @@ -854,7 +854,7 @@ static int x509_get_certificate_policies( unsigned char **p, { if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); /* * Skip the optional policy qualifiers. */ @@ -862,16 +862,16 @@ static int x509_get_certificate_policies( unsigned char **p, } if( *p != policy_end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } /* Set final sequence entry's next pointer to NULL */ cur->next = NULL; if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( parse_ret ); } @@ -911,14 +911,14 @@ static int x509_get_crt_ext( unsigned char **p, if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); end_ext_data = *p + len; /* Get extension ID */ if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &extn_oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); extn_oid.tag = MBEDTLS_ASN1_OID; extn_oid.p = *p; @@ -927,19 +927,19 @@ static int x509_get_crt_ext( unsigned char **p, /* Get optional critical */ if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 && ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); /* Data should be octet string type */ if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); start_ext_octet = *p; end_ext_octet = *p + len; if( end_ext_octet != end_ext_data ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* * Detect supported extensions @@ -965,8 +965,8 @@ static int x509_get_crt_ext( unsigned char **p, if( is_critical ) { /* Data is marked as critical: fail */ - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } #endif continue; @@ -1059,8 +1059,8 @@ static int x509_get_crt_ext( unsigned char **p, } if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( 0 ); } @@ -1138,7 +1138,7 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } end = p + len; @@ -1185,7 +1185,7 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } if( ( ret = mbedtls_x509_get_name( &p, p + len, &crt->issuer ) ) != 0 ) @@ -1218,7 +1218,7 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } if( len && ( ret = mbedtls_x509_get_name( &p, p + len, &crt->subject ) ) != 0 ) @@ -1283,8 +1283,8 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, if( p != end ) { mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } end = crt_end; @@ -1322,8 +1322,8 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, if( p != end ) { mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } return( 0 ); @@ -1706,7 +1706,7 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); cur_oid.tag = MBEDTLS_ASN1_OID; cur_oid.p = p; @@ -1723,20 +1723,20 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, if( p + len >= end ) { mbedtls_platform_zeroize( other_name, sizeof( *other_name ) ); - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } p += len; if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); other_name->value.hardware_module_name.oid.tag = MBEDTLS_ASN1_OID; other_name->value.hardware_module_name.oid.p = p; @@ -1745,13 +1745,13 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, if( p + len >= end ) { mbedtls_platform_zeroize( other_name, sizeof( *other_name ) ); - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } p += len; if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); other_name->value.hardware_module_name.val.tag = MBEDTLS_ASN1_OCTET_STRING; other_name->value.hardware_module_name.val.p = p; @@ -1761,8 +1761,8 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, { mbedtls_platform_zeroize( other_name, sizeof( *other_name ) ); - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } return( 0 ); } diff --git a/library/x509_csr.c b/library/x509_csr.c index 5463f8a9e..e259410d0 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -73,7 +73,7 @@ static int x509_csr_get_version( unsigned char **p, return( 0 ); } - return( MBEDTLS_ERR_X509_INVALID_VERSION + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) ); } return( 0 ); @@ -131,8 +131,8 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, if( len != (size_t) ( end - p ) ) { mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } /* @@ -144,7 +144,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } end = p + len; @@ -176,7 +176,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } if( ( ret = mbedtls_x509_get_name( &p, p + len, &csr->subject ) ) != 0 ) @@ -210,7 +210,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 ) { mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); } p += len; @@ -244,8 +244,8 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, if( p != end ) { mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } return( 0 ); diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 66f03768b..29d28f780 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -7,6 +7,7 @@ #include "mbedtls/pem.h" #include "mbedtls/oid.h" #include "mbedtls/base64.h" +#include "mbedtls/error.h" #include "string.h" #if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19 @@ -320,18 +321,18 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ); if( ret != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); if( *p + len != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); /* * Cannot be an empty sequence. */ if( len == 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); while( *p < end ) { @@ -342,13 +343,13 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf */ if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); policy_end = *p + len; if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); /* * Recognize exclusively the policy with OID 1 @@ -366,7 +367,7 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf { if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); /* * Skip the optional policy qualifiers. */ @@ -374,13 +375,13 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf } if( *p != policy_end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); } if( *p != end ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); return( parse_ret ); } @@ -388,7 +389,8 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf memcmp( new_oid->p, oid->p, oid->len ) == 0 ) return( 0 ); else - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } #endif /* MBEDTLS_X509_CRT_PARSE_C */ /* END_HEADER */ From fdb588b3a775751ce9a132bfe0ce1f5ef5026ffc Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Wed, 14 Apr 2021 18:15:24 +0100 Subject: [PATCH 026/160] Fix an incorrect error code addition in pk_parse_key_pkcs8_unencrypted_der An incorrect error code addition was spotted by the new invasive testing infrastructure whereby pk_get_pk_alg will always return a high level error or zero and pk_parse_key_pkcs8_unencrypted_der will try to add another high level error, resulting in a garbage error code. Apply the same fix from ae3741e8a to fix the bug. Signed-off-by: Chris Jones --- ChangeLog.d/fix-pk-parse-key-error-code.txt | 2 ++ library/pkparse.c | 11 ++++++++++- 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 ChangeLog.d/fix-pk-parse-key-error-code.txt diff --git a/ChangeLog.d/fix-pk-parse-key-error-code.txt b/ChangeLog.d/fix-pk-parse-key-error-code.txt new file mode 100644 index 000000000..3aa330b1a --- /dev/null +++ b/ChangeLog.d/fix-pk-parse-key-error-code.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix an incorrect error code when parsing a PKCS#8 private key. diff --git a/library/pkparse.c b/library/pkparse.c index 3f3d5585a..31339c1cc 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1040,7 +1040,16 @@ static int pk_parse_key_pkcs8_unencrypted_der( return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_VERSION, ret ) ); if( ( ret = pk_get_pk_alg( &p, end, &pk_alg, ¶ms ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + { + if( ret >= -0x007F ) + { + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + } + else + { + return ret; + } + } if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); From 8810fd3250fd2d183125e4b697238588a4b01d1c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 5 Mar 2021 14:18:33 +0100 Subject: [PATCH 027/160] Copy AEAD output size macros to crypto_compat.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/psa/crypto_compat.h | 140 ++++++++++++++++++++++++++++++++++++ 1 file changed, 140 insertions(+) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index ae09a7012..5cdbcf996 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -269,6 +269,146 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key #define PSA_ALG_AEAD_WITH_TAG_LENGTH( aead_alg, tag_length ) \ MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_AEAD_WITH_SHORTENED_TAG( aead_alg, tag_length ) ) +/* + * Deprecated PSA AEAD output size macros (PSA Crypto API <= 1.0 beta3) + */ + +/** The tag size for an AEAD algorithm, in bytes. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return The tag size for the specified algorithm. + * If the AEAD algorithm does not have an identified + * tag that can be distinguished from the rest of + * the ciphertext, return 0. + * If the AEAD algorithm is not recognized, return 0. + */ +#define PSA_AEAD_TAG_LENGTH(alg) \ + (PSA_ALG_IS_AEAD(alg) ? \ + (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ + 0) + +/** The maximum size of the output of psa_aead_encrypt(), in bytes. + * + * If the size of the ciphertext buffer is at least this large, it is + * guaranteed that psa_aead_encrypt() will not fail due to an + * insufficient buffer size. Depending on the algorithm, the actual size of + * the ciphertext may be smaller. + * + * \warning This macro may evaluate its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param plaintext_length Size of the plaintext in bytes. + * + * \return The AEAD ciphertext size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + */ +#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ + (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ + (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \ + 0) + +/** The maximum size of the output of psa_aead_decrypt(), in bytes. + * + * If the size of the plaintext buffer is at least this large, it is + * guaranteed that psa_aead_decrypt() will not fail due to an + * insufficient buffer size. Depending on the algorithm, the actual size of + * the plaintext may be smaller. + * + * \warning This macro may evaluate its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param ciphertext_length Size of the plaintext in bytes. + * + * \return The AEAD ciphertext size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + */ +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ + (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ + (ciphertext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ + 0) + +/** A sufficient output buffer size for psa_aead_update(). + * + * If the size of the output buffer is at least this large, it is + * guaranteed that psa_aead_update() will not fail due to an + * insufficient buffer size. The actual size of the output may be smaller + * in any given call. + * + * \warning This macro may evaluate its arguments multiple times or + * zero times, so you should not pass arguments that contain + * side effects. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * \param input_length Size of the input in bytes. + * + * \return A sufficient output buffer size for the specified + * algorithm. + * If the AEAD algorithm is not recognized, return 0. + */ +/* For all the AEAD modes defined in this specification, it is possible + * to emit output without delay. However, hardware may not always be + * capable of this. So for modes based on a block cipher, allow the + * implementation to delay the output until it has a full block. */ +#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \ + (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)) : \ + (input_length)) + +/** A sufficient ciphertext buffer size for psa_aead_finish(). + * + * If the size of the ciphertext buffer is at least this large, it is + * guaranteed that psa_aead_finish() will not fail due to an + * insufficient ciphertext buffer size. The actual size of the output may + * be smaller in any given call. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return A sufficient ciphertext buffer size for the + * specified algorithm. + * If the AEAD algorithm is not recognized, return 0. + */ +#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \ + (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ + 0) + +/** A sufficient plaintext buffer size for psa_aead_verify(). + * + * If the size of the plaintext buffer is at least this large, it is + * guaranteed that psa_aead_verify() will not fail due to an + * insufficient plaintext buffer size. The actual size of the output may + * be smaller in any given call. + * + * \param alg An AEAD algorithm + * (\c PSA_ALG_XXX value such that + * #PSA_ALG_IS_AEAD(\p alg) is true). + * + * \return A sufficient plaintext buffer size for the + * specified algorithm. + * If the AEAD algorithm is not recognized, return 0. + */ +#define PSA_AEAD_VERIFY_OUTPUT_SIZE(alg) \ + (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ + 0) + #endif /* MBEDTLS_DEPRECATED_REMOVED */ /** Open a handle to an existing persistent key. From 670df7a41dc3645b7cc1c51c43cdbaace7e7518d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 8 Mar 2021 10:52:26 +0100 Subject: [PATCH 028/160] Rename AEAD output size macros in crypto_compat.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/psa/crypto_compat.h | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 5cdbcf996..2f920b28e 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -285,8 +285,8 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * the ciphertext, return 0. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_TAG_LENGTH(alg) \ - (PSA_ALG_IS_AEAD(alg) ? \ +#define PSA_AEAD_TAG_LENGTH_1_ARG(alg) \ + (PSA_ALG_IS_AEAD(alg) ? \ (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ 0) @@ -310,9 +310,9 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ - (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ - (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \ +#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG(alg, plaintext_length) \ + (PSA_AEAD_TAG_LENGTH_1_ARG(alg) != 0 ? \ + (plaintext_length) + PSA_AEAD_TAG_LENGTH_1_ARG(alg) : \ 0) /** The maximum size of the output of psa_aead_decrypt(), in bytes. @@ -335,9 +335,9 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ - (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ - (ciphertext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG(alg, ciphertext_length) \ + (PSA_AEAD_TAG_LENGTH_1_ARG(alg) != 0 ? \ + (ciphertext_length) - PSA_AEAD_TAG_LENGTH_1_ARG(alg) : \ 0) /** A sufficient output buffer size for psa_aead_update(). @@ -364,7 +364,7 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * to emit output without delay. However, hardware may not always be * capable of this. So for modes based on a block cipher, allow the * implementation to delay the output until it has a full block. */ -#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \ +#define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG(alg, input_length) \ (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)) : \ (input_length)) @@ -384,7 +384,7 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * specified algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \ +#define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG(alg) \ (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ 0) @@ -404,7 +404,7 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * specified algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_VERIFY_OUTPUT_SIZE(alg) \ +#define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG(alg) \ (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ 0) From 30f91a4bca61813f682dc0359de4d7d84537e353 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 8 Mar 2021 15:30:27 +0100 Subject: [PATCH 029/160] Mark AEAD compatibility macros as deprecated MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/psa/crypto_compat.h | 44 +++++++++++++++++++++---------------- 1 file changed, 25 insertions(+), 19 deletions(-) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 2f920b28e..72c76c120 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -285,10 +285,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * the ciphertext, return 0. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_TAG_LENGTH_1_ARG(alg) \ - (PSA_ALG_IS_AEAD(alg) ? \ - (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ - 0) +#define PSA_AEAD_TAG_LENGTH_1_ARG(alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD(alg) ? \ + (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ + 0) /** The maximum size of the output of psa_aead_encrypt(), in bytes. * @@ -311,9 +312,10 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * If the AEAD algorithm is not recognized, return 0. */ #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG(alg, plaintext_length) \ - (PSA_AEAD_TAG_LENGTH_1_ARG(alg) != 0 ? \ - (plaintext_length) + PSA_AEAD_TAG_LENGTH_1_ARG(alg) : \ - 0) + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_AEAD_TAG_LENGTH_1_ARG(alg) != 0 ? \ + (plaintext_length) + PSA_AEAD_TAG_LENGTH_1_ARG(alg) : \ + 0) /** The maximum size of the output of psa_aead_decrypt(), in bytes. * @@ -336,9 +338,10 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * If the AEAD algorithm is not recognized, return 0. */ #define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG(alg, ciphertext_length) \ - (PSA_AEAD_TAG_LENGTH_1_ARG(alg) != 0 ? \ - (ciphertext_length) - PSA_AEAD_TAG_LENGTH_1_ARG(alg) : \ - 0) + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_AEAD_TAG_LENGTH_1_ARG(alg) != 0 ? \ + (ciphertext_length) - PSA_AEAD_TAG_LENGTH_1_ARG(alg) : \ + 0) /** A sufficient output buffer size for psa_aead_update(). * @@ -365,9 +368,10 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * capable of this. So for modes based on a block cipher, allow the * implementation to delay the output until it has a full block. */ #define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG(alg, input_length) \ - (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)) : \ - (input_length)) + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)) : \ + (input_length)) /** A sufficient ciphertext buffer size for psa_aead_finish(). * @@ -385,9 +389,10 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * If the AEAD algorithm is not recognized, return 0. */ #define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG(alg) \ - (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ - 0) + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ + 0) /** A sufficient plaintext buffer size for psa_aead_verify(). * @@ -405,9 +410,10 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * If the AEAD algorithm is not recognized, return 0. */ #define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG(alg) \ - (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ - 0) + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ + 0) #endif /* MBEDTLS_DEPRECATED_REMOVED */ From f7b6b4e591b7ed3ab2f8b98a8bdfcfbe0a8bd77d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 8 Mar 2021 16:08:58 +0100 Subject: [PATCH 030/160] Align code style with the rest of the file MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/psa/crypto_compat.h | 56 ++++++++++++++++++------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 72c76c120..6caac8292 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -285,11 +285,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * the ciphertext, return 0. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_TAG_LENGTH_1_ARG(alg) \ - MBEDTLS_DEPRECATED_CONSTANT(size_t, \ - PSA_ALG_IS_AEAD(alg) ? \ - (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ - 0) +#define PSA_AEAD_TAG_LENGTH_1_ARG( alg ) \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, \ + PSA_ALG_IS_AEAD( alg ) ? \ + ( (alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK ) >> PSA_AEAD_TAG_LENGTH_OFFSET : \ + 0 ) /** The maximum size of the output of psa_aead_encrypt(), in bytes. * @@ -311,11 +311,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG(alg, plaintext_length) \ - MBEDTLS_DEPRECATED_CONSTANT(size_t, \ - PSA_AEAD_TAG_LENGTH_1_ARG(alg) != 0 ? \ - (plaintext_length) + PSA_AEAD_TAG_LENGTH_1_ARG(alg) : \ - 0) +#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG( alg, plaintext_length ) \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, \ + PSA_AEAD_TAG_LENGTH_1_ARG( alg ) != 0 ? \ + (plaintext_length) + PSA_AEAD_TAG_LENGTH_1_ARG( alg ) : \ + 0 ) /** The maximum size of the output of psa_aead_decrypt(), in bytes. * @@ -337,11 +337,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG(alg, ciphertext_length) \ - MBEDTLS_DEPRECATED_CONSTANT(size_t, \ - PSA_AEAD_TAG_LENGTH_1_ARG(alg) != 0 ? \ - (ciphertext_length) - PSA_AEAD_TAG_LENGTH_1_ARG(alg) : \ - 0) +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG( alg, ciphertext_length ) \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, \ + PSA_AEAD_TAG_LENGTH_1_ARG( alg ) != 0 ? \ + (ciphertext_length) - PSA_AEAD_TAG_LENGTH_1_ARG( alg ) : \ + 0 ) /** A sufficient output buffer size for psa_aead_update(). * @@ -367,11 +367,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * to emit output without delay. However, hardware may not always be * capable of this. So for modes based on a block cipher, allow the * implementation to delay the output until it has a full block. */ -#define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG(alg, input_length) \ - MBEDTLS_DEPRECATED_CONSTANT(size_t, \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)) : \ - (input_length)) +#define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG( alg, input_length ) \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \ + PSA_ROUND_UP_TO_MULTIPLE( PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length) ) : \ + (input_length) ) /** A sufficient ciphertext buffer size for psa_aead_finish(). * @@ -388,11 +388,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * specified algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG(alg) \ - MBEDTLS_DEPRECATED_CONSTANT(size_t, \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ +#define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG( alg ) \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \ PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ - 0) + 0 ) /** A sufficient plaintext buffer size for psa_aead_verify(). * @@ -409,11 +409,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * specified algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG(alg) \ - MBEDTLS_DEPRECATED_CONSTANT(size_t, \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ +#define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG( alg ) \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \ PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ - 0) + 0 ) #endif /* MBEDTLS_DEPRECATED_REMOVED */ From 12116bc3bb81d9a216c62e204b82a4454fcf9bb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 11 Mar 2021 15:59:24 +0100 Subject: [PATCH 031/160] Update the AEAD output size macros MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This brings them in line with PSA Crypto API version 1.0. Signed-off-by: Bence Szépkúti --- include/psa/crypto_sizes.h | 40 ++++++++++++++++++++------------------ 1 file changed, 21 insertions(+), 19 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index c9de0620c..10151c6af 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -129,9 +129,9 @@ * the ciphertext, return 0. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_TAG_LENGTH(alg) \ - (PSA_ALG_IS_AEAD(alg) ? \ - (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \ +#define PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ + ((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET : \ 0) /** The maximum tag size for all supported AEAD algorithms, in bytes. @@ -254,9 +254,9 @@ * algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \ - (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ - (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \ +#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext_length) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ + (plaintext_length) + PSA_AEAD_TAG_LENGTH(key_type, 0, alg) : \ 0) /** A sufficient output buffer size for psa_aead_encrypt(), for any of the @@ -300,9 +300,9 @@ * algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \ - (PSA_AEAD_TAG_LENGTH(alg) != 0 ? \ - (ciphertext_length) - PSA_AEAD_TAG_LENGTH(alg) : \ +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ + (ciphertext_length) - PSA_AEAD_TAG_LENGTH(key_type, 0, alg) : \ 0) /** A sufficient output buffer size for psa_aead_decrypt(), for any of the @@ -396,10 +396,12 @@ * to emit output without delay. However, hardware may not always be * capable of this. So for modes based on a block cipher, allow the * implementation to delay the output until it has a full block. */ -#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \ - (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)) : \ - (input_length)) +#define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \ + (input_length) : \ + 0) /** A sufficient output buffer size for psa_aead_update(), for any of the * supported key types and AEAD algorithms. @@ -429,9 +431,9 @@ * specified algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \ - (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ +#define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) && PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ 0) /** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the @@ -456,9 +458,9 @@ * specified algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_VERIFY_OUTPUT_SIZE(alg) \ - (PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ +#define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) && PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ 0) /** A sufficient plaintext buffer size for psa_aead_verify(), for any of the From eb1a301321830ced38759f3613db993f99b7b93c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 18 Mar 2021 10:33:33 +0100 Subject: [PATCH 032/160] Update documentation references to the AEAD macros MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Where a change was necessary, the new documentation was copied from the PSA Crypto API spec exactly, with the exception of PSA_AEAD_TAG_LENGTH, which needed some adjustment. Signed-off-by: Bence Szépkúti --- include/psa/crypto.h | 109 +++++++++++++++++++++++++------------ include/psa/crypto_sizes.h | 69 ++++++++++++++++++----- 2 files changed, 129 insertions(+), 49 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 81e1f2869..98de3359e 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2113,9 +2113,16 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * authentication tag is appended to the * encrypted data. * \param ciphertext_size Size of the \p ciphertext buffer in bytes. - * This must be at least - * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, - * \p plaintext_length). + * This must be appropriate for the selected + * algorithm and key: + * - A sufficient output size is + * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\c key_type, + * \p alg, \p plaintext_length) where + * \c key_type is the type of \p key. + * - #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p + * plaintext_length) evaluates to the maximum + * ciphertext size of any supported AEAD + * encryption. * \param[out] ciphertext_length On success, the size of the output * in the \p ciphertext buffer. * @@ -2173,9 +2180,16 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key, * \param ciphertext_length Size of \p ciphertext in bytes. * \param[out] plaintext Output buffer for the decrypted data. * \param plaintext_size Size of the \p plaintext buffer in bytes. - * This must be at least - * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, - * \p ciphertext_length). + * This must be appropriate for the selected + * algorithm and key: + * - A sufficient output size is + * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\c key_type, + * \p alg, \p ciphertext_length) where + * \c key_type is the type of \p key. + * - #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p + * ciphertext_length) evaluates to the maximum + * plaintext size of any supported AEAD + * decryption. * \param[out] plaintext_length On success, the size of the output * in the \p plaintext buffer. * @@ -2612,10 +2626,18 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * \param input_length Size of the \p input buffer in bytes. * \param[out] output Buffer where the output is to be written. * \param output_size Size of the \p output buffer in bytes. - * This must be at least - * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, - * \p input_length) where \c alg is the - * algorithm that is being calculated. + * This must be appropriate for the selected + * algorithm and key: + * - A sufficient output size is + * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c key_type, + * \c alg, \p input_length) where + * \c key_type is the type of key and \c alg is + * the algorithm that were used to set up the + * operation. + * - #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p + * input_length) evaluates to the maximum + * output size of any supported AEAD + * algorithm. * \param[out] output_length On success, the number of bytes * that make up the returned output. * @@ -2626,9 +2648,9 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * set, and have lengths set if required by the algorithm). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. - * You can determine a sufficient buffer size by calling - * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c alg, \p input_length) - * where \c alg is the algorithm that is being calculated. + * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c key_type, \c alg, \p input_length) or + * #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p input_length) can be used to + * determine the required buffer size. * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously @@ -2665,9 +2687,7 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * This function has two output buffers: * - \p ciphertext contains trailing ciphertext that was buffered from * preceding calls to psa_aead_update(). - * - \p tag contains the authentication tag. Its length is always - * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is the AEAD algorithm - * that the operation performs. + * - \p tag contains the authentication tag. * * When this function returns successfuly, the operation becomes inactive. * If this function returns an error status, the operation enters an error @@ -2677,18 +2697,32 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * \param[out] ciphertext Buffer where the last part of the ciphertext * is to be written. * \param ciphertext_size Size of the \p ciphertext buffer in bytes. - * This must be at least - * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) where - * \c alg is the algorithm that is being - * calculated. + * This must be appropriate for the selected + * algorithm and key: + * - A sufficient output size is + * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c key_type, + * \c alg) where \c key_type is the type of key + * and \c alg is the algorithm that were used to + * set up the operation. + * - #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE evaluates to + * the maximum output size of any supported AEAD + * algorithm. * \param[out] ciphertext_length On success, the number of bytes of * returned ciphertext. * \param[out] tag Buffer where the authentication tag is * to be written. * \param tag_size Size of the \p tag buffer in bytes. - * This must be at least - * #PSA_AEAD_TAG_LENGTH(\c alg) where \c alg is - * the algorithm that is being calculated. + * This must be appropriate for the selected + * algorithm and key: + * - The exact tag size is #PSA_AEAD_TAG_LENGTH(\c + * key_type, \c key_bits, \c alg) where + * \c key_type and \c key_bits are the type and + * bit-size of the key, and \c alg is the + * algorithm that were used in the call to + * psa_aead_encrypt_setup(). + * - #PSA_AEAD_TAG_MAX_SIZE evaluates to the + * maximum tag size of any supported AEAD + * algorithm. * \param[out] tag_length On success, the number of bytes * that make up the returned tag. * @@ -2699,11 +2733,11 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * operation with a nonce set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p ciphertext or \p tag buffer is too small. - * You can determine a sufficient buffer size for \p ciphertext by - * calling #PSA_AEAD_FINISH_OUTPUT_SIZE(\c alg) - * where \c alg is the algorithm that is being calculated. - * You can determine a sufficient buffer size for \p tag by - * calling #PSA_AEAD_TAG_LENGTH(\c alg). + * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c key_type, \c alg) or + * #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE can be used to determine the + * required \p ciphertext buffer size. #PSA_AEAD_TAG_LENGTH(\c key_type, + * \c key_bits, \c alg) or #PSA_AEAD_TAG_MAX_SIZE can be used to + * determine the required \p tag buffer size. * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously @@ -2762,10 +2796,15 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * that could not be processed until the end * of the input. * \param plaintext_size Size of the \p plaintext buffer in bytes. - * This must be at least - * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) where - * \c alg is the algorithm that is being - * calculated. + * This must be appropriate for the selected algorithm and key: + * - A sufficient output size is + * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c key_type, + * \c alg) where \c key_type is the type of key + * and \c alg is the algorithm that were used to + * set up the operation. + * - #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE evaluates to + * the maximum output size of any supported AEAD + * algorithm. * \param[out] plaintext_length On success, the number of bytes of * returned plaintext. * \param[in] tag Buffer containing the authentication tag. @@ -2781,9 +2820,9 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * operation with a nonce set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p plaintext buffer is too small. - * You can determine a sufficient buffer size for \p plaintext by - * calling #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c alg) - * where \c alg is the algorithm that is being calculated. + * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c key_type, \c alg) or + * #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE can be used to determine the + * required buffer size. * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 10151c6af..e4c5a3627 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -117,17 +117,26 @@ */ #define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE -/** The tag size for an AEAD algorithm, in bytes. +/** The length of a tag for an AEAD algorithm, in bytes. * + * This macro can be used to allocate a buffer of sufficient size to store the + * tag output from psa_aead_finish(). + * + * See also #PSA_AEAD_TAG_MAX_SIZE. + * + * \param key_type The type of the AEAD key. + * \param key_bits The size of the AEAD key in bits. * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). * - * \return The tag size for the specified algorithm. + * \return The tag size for the specified algorithm and key. * If the AEAD algorithm does not have an identified * tag that can be distinguished from the rest of * the ciphertext, return 0. - * If the AEAD algorithm is not recognized, return 0. + * If the key type or AEAD algorithm is not + * recognized, or the parameters are incompatible, + * return 0. */ #define PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ @@ -136,7 +145,7 @@ /** The maximum tag size for all supported AEAD algorithms, in bytes. * - * See also #PSA_AEAD_TAG_LENGTH(\p alg). + * See also #PSA_AEAD_TAG_LENGTH(\p key_type, \p key_bits, \p alg). */ #define PSA_AEAD_TAG_MAX_SIZE 16 @@ -241,10 +250,14 @@ * insufficient buffer size. Depending on the algorithm, the actual size of * the ciphertext may be smaller. * + * See also #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p plaintext_length). + * * \warning This macro may evaluate its arguments multiple times or * zero times, so you should not pass arguments that contain * side effects. * + * \param key_type A symmetric key type that is + * compatible with algorithm \p alg. * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -252,7 +265,9 @@ * * \return The AEAD ciphertext size for the specified * algorithm. - * If the AEAD algorithm is not recognized, return 0. + * If the key type or AEAD algorithm is not + * recognized, or the parameters are incompatible, + * return 0. */ #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext_length) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ @@ -268,7 +283,8 @@ * \note This macro returns a compile-time constant if its arguments are * compile-time constants. * - * See also #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, \p plaintext_length). + * See also #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p key_type, \p alg, + * \p plaintext_length). * * \param plaintext_length Size of the plaintext in bytes. * @@ -287,10 +303,14 @@ * insufficient buffer size. Depending on the algorithm, the actual size of * the plaintext may be smaller. * + * See also #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p ciphertext_length). + * * \warning This macro may evaluate its arguments multiple times or * zero times, so you should not pass arguments that contain * side effects. * + * \param key_type A symmetric key type that is + * compatible with algorithm \p alg. * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -298,7 +318,9 @@ * * \return The AEAD ciphertext size for the specified * algorithm. - * If the AEAD algorithm is not recognized, return 0. + * If the key type or AEAD algorithm is not + * recognized, or the parameters are incompatible, + * return 0. */ #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ @@ -314,7 +336,8 @@ * \note This macro returns a compile-time constant if its arguments are * compile-time constants. * - * See also #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, \p ciphertext_length). + * See also #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p key_type, \p alg, + * \p ciphertext_length). * * \param ciphertext_length Size of the ciphertext in bytes. * @@ -379,10 +402,14 @@ * insufficient buffer size. The actual size of the output may be smaller * in any given call. * + * See also #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p input_length). + * * \warning This macro may evaluate its arguments multiple times or * zero times, so you should not pass arguments that contain * side effects. * + * \param key_type A symmetric key type that is + * compatible with algorithm \p alg. * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). @@ -390,7 +417,9 @@ * * \return A sufficient output buffer size for the specified * algorithm. - * If the AEAD algorithm is not recognized, return 0. + * If the key type or AEAD algorithm is not + * recognized, or the parameters are incompatible, + * return 0. */ /* For all the AEAD modes defined in this specification, it is possible * to emit output without delay. However, hardware may not always be @@ -409,7 +438,7 @@ * If the size of the output buffer is at least this large, it is guaranteed * that psa_aead_update() will not fail due to an insufficient buffer size. * - * See also #PSA_AEAD_UPDATE_OUTPUT_SIZE(\p alg, \p input_length). + * See also #PSA_AEAD_UPDATE_OUTPUT_SIZE(\p key_type, \p alg, \p input_length). * * \param input_length Size of the input in bytes. */ @@ -423,13 +452,19 @@ * insufficient ciphertext buffer size. The actual size of the output may * be smaller in any given call. * + * See also #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE. + * + * \param key_type A symmetric key type that is + compatible with algorithm \p alg. * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). * * \return A sufficient ciphertext buffer size for the * specified algorithm. - * If the AEAD algorithm is not recognized, return 0. + * If the key type or AEAD algorithm is not + * recognized, or the parameters are incompatible, + * return 0. */ #define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) && PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ @@ -439,7 +474,7 @@ /** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the * supported key types and AEAD algorithms. * - * See also #PSA_AEAD_FINISH_OUTPUT_SIZE(\p alg). + * See also #PSA_AEAD_FINISH_OUTPUT_SIZE(\p key_type, \p alg). */ #define PSA_AEAD_FINISH_OUTPUT_MAX_SIZE (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE) @@ -450,13 +485,19 @@ * insufficient plaintext buffer size. The actual size of the output may * be smaller in any given call. * + * See also #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE. + * + * \param key_type A symmetric key type that is + * compatible with algorithm \p alg. * \param alg An AEAD algorithm * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). * * \return A sufficient plaintext buffer size for the * specified algorithm. - * If the AEAD algorithm is not recognized, return 0. + * If the key type or AEAD algorithm is not + * recognized, or the parameters are incompatible, + * return 0. */ #define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) && PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ @@ -466,7 +507,7 @@ /** A sufficient plaintext buffer size for psa_aead_verify(), for any of the * supported key types and AEAD algorithms. * - * See also #PSA_AEAD_VERIFY_OUTPUT_SIZE(\p alg). + * See also #PSA_AEAD_VERIFY_OUTPUT_SIZE(\p key_type, \p alg). */ #define PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE) From 6801f089733e3e9ab46c1b6be23597d4f135a97d Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Fri, 19 Feb 2021 17:21:22 +0100 Subject: [PATCH 033/160] Implement support for MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS According to the design in psa-driver-interface.md. Compiles without issue in test_psa_crypto_drivers. Signed-off-by: Steven Cooreman --- include/mbedtls/config.h | 16 +++++ include/psa/crypto_extra.h | 93 ++++++++++++++++++++++++++++ library/psa_crypto_driver_wrappers.c | 17 +++++ library/psa_crypto_driver_wrappers.h | 5 ++ library/psa_crypto_slot_management.c | 78 +++++++++++++++++++++-- library/version_features.c | 3 + programs/test/query_config.c | 8 +++ tests/scripts/all.sh | 1 + tests/src/helpers.c | 35 +++++++++++ 9 files changed, 251 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index d370dbff5..62d89c977 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1338,6 +1338,22 @@ */ #define MBEDTLS_PKCS1_V21 +/** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS + * + * Enable support for platform built-in keys. If you enable this feature, + * you must implement the function mbedtls_psa_platform_get_builtin_key(). + * See the documentation of that function for more information. + * + * Built-in keys are typically derived from a hardware unique key or + * stored in a secure element. + * + * Requires: MBEDTLS_PSA_CRYPTO_C. + * + * \warning This interface is experimental and may change or be removed + * without notice. + */ +//#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS + /** \def MBEDTLS_PSA_CRYPTO_CLIENT * * Enable support for PSA crypto client. diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index e01d827e8..f9a9aeeaf 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -713,6 +713,99 @@ psa_status_t mbedtls_psa_external_get_random( /**@}*/ +/** \defgroup psa_builtin_keys Built-in keys + * @{ + */ + +/** The minimum value for a key identifier that is built into the + * implementation. + * + * The range of key identifiers from #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + * to #MBEDTLS_PSA_KEY_ID_BUILTIN_MAX within the range from + * #PSA_KEY_ID_VENDOR_MIN and #PSA_KEY_ID_VENDOR_MAX and must not intersect + * with any other set of implementation-chosen key identifiers. + * + * This value is part of the library's ABI since changing it would invalidate + * the values of built-in key identifiers in applications. + */ +#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t)0x7fff0000) + +/** The maximum value for a key identifier that is built into the + * implementation. + * + * See #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information. + */ +#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t)0x7fffefff) + +/** A slot number identifying a key in a driver. + * + * Values of this type are used to identify built-in keys. + */ +typedef uint64_t psa_drv_slot_number_t; + +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) +/** Test whether a key identifier belongs to the builtin key range. + * + * \param key_id Key identifier to test. + * + * \retval 1 + * The key identifier is a builtin key identifier. + * \retval 0 + * The key identifier is not a builtin key identifier. + */ +static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) +{ + return( ( key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ) && + ( key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ) ); +} + +/** Platform function to obtain the data of a built-in key. + * + * An application-specific implementation of this function must be provided if + * #MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled. This would typically provided + * as part of a platform's system image. + * + * Call psa_get_key_id(\p attributes) to obtain the key identifier \c key_id. + * #MBEDTLS_SVC_KEY_ID_GET_KEY_ID(\p key_id) is in the range from + * #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN to #MBEDTLS_PSA_KEY_ID_BUILTIN_MAX. + * + * In a multi-application configuration + * (\c MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is defined), + * this function should check that #MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(\p key_id) + * is allowed to use the given key. + * + * \param[in,out] attributes On entry, this is #PSA_KEY_ATTRIBUTES_INIT or + * an equivalent value, except that the key + * identifier field is set. + * On successful return, this function must set + * the attributes of the key: lifetime, type, + * bit-size, usage policy. + * \param[out] slot_number On successful return, this function must + * this to the slot number known to the driver for + * the lifetime location reported through + * \p attributes which corresponds to the + * requested built-in key. + * + * \retval #PSA_SUCCESS + * The requested key identifier designates a built-in key. + * In a multi-application configuration, the requested owner + * is allowed to access it. + * \retval #PSA_ERROR_DOES_NOT_EXIST + * The requested key identifier is not a built-in key which is known + * to this function. If a key exists in the key storage with this + * identifier, the data from the storage will be used. + * \retval (any other error) + * Any other error is propagated to the function that requested the key. + * Common errors include: + * - #PSA_ERROR_NOT_PERMITTED: the key exists but the requested owner + * is not allowed to access it. + */ +psa_status_t mbedtls_psa_platform_get_builtin_key( + psa_key_attributes_t *attributes, psa_drv_slot_number_t *slot_number ); +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + +/** @} */ + #ifdef __cplusplus } #endif diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 536505ef4..70c3026ce 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -574,6 +574,23 @@ psa_status_t psa_driver_wrapper_export_public_key( } } +psa_status_t psa_driver_wrapper_get_builtin_key( + psa_drv_slot_number_t slot_number, + psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) +{ + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + switch( location ) + { + default: + (void) slot_number; + (void) key_buffer; + (void) key_buffer_size; + (void) key_buffer_length; + return( PSA_ERROR_DOES_NOT_EXIST ); + } +} + /* * Cipher functions */ diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index e49941138..e82d0931b 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -68,6 +68,11 @@ psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); +psa_status_t psa_driver_wrapper_get_builtin_key( + psa_drv_slot_number_t slot_number, + psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + /* * Cipher functions */ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index cf07a3693..c90ebee00 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -274,6 +274,67 @@ exit: } #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) +#include "psa_crypto_driver_wrappers.h" + +static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) +{ + /* Load keys in the 'builtin' range through their own interface */ + if( psa_key_id_is_builtin( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ) ) ) + { + /* Check the platform function to see whether this key actually exists */ + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_drv_slot_number_t slot_number; + + psa_set_key_id(&attributes, slot->attr.id); + psa_status_t status = mbedtls_psa_platform_get_builtin_key( + &attributes, &slot_number ); + if( status != PSA_SUCCESS ) + return( status ); + + /* If the key should exist according to the platform, load it through + * the driver interface. */ + uint8_t *key_buffer = NULL; + size_t key_buffer_length = 0; + + status = psa_driver_wrapper_get_key_buffer_size( &attributes, &key_buffer_length ); + if( status != PSA_SUCCESS ) + return( status ); + + key_buffer = mbedtls_calloc( 1, key_buffer_length ); + if( key_buffer == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + + status = psa_driver_wrapper_get_builtin_key( + slot_number, &attributes, + key_buffer, key_buffer_length, &key_buffer_length ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_copy_key_material_into_slot( slot, key_buffer, key_buffer_length ); + if( status != PSA_SUCCESS ) + goto exit; + + /* Copy core attributes into the slot on success. + * Use static allocations to make the compiler yell at us should one + * of the two structures change type. */ + psa_core_key_attributes_t* builtin_key_core_attributes = + &attributes.core; + psa_core_key_attributes_t* slot_core_attributes = + &slot->attr; + memcpy( slot_core_attributes, + builtin_key_core_attributes, + sizeof(psa_core_key_attributes_t) ); + +exit: + mbedtls_free( key_buffer ); + return( status ); + } else { + return( PSA_ERROR_DOES_NOT_EXIST ); + } +} +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot ) { @@ -291,17 +352,27 @@ psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, if( status != PSA_ERROR_DOES_NOT_EXIST ) return( status ); -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) psa_key_id_t volatile_key_id; status = psa_get_empty_key_slot( &volatile_key_id, p_slot ); if( status != PSA_SUCCESS ) return( status ); - (*p_slot)->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT; (*p_slot)->attr.id = key; + (*p_slot)->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT; + status = PSA_ERROR_DOES_NOT_EXIST; +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + status = psa_load_builtin_key_into_slot( *p_slot ); + if( status == PSA_SUCCESS ) + goto exit; +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) status = psa_load_persistent_key_into_slot( *p_slot ); +#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ + +exit: if( status != PSA_SUCCESS ) { psa_wipe_key_slot( *p_slot ); @@ -309,9 +380,6 @@ psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, status = PSA_ERROR_INVALID_HANDLE; } return( status ); -#else - return( PSA_ERROR_INVALID_HANDLE ); -#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ } psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) diff --git a/library/version_features.c b/library/version_features.c index 93329879a..f665a2375 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -438,6 +438,9 @@ static const char * const features[] = { #if defined(MBEDTLS_PKCS1_V21) "MBEDTLS_PKCS1_V21", #endif /* MBEDTLS_PKCS1_V21 */ +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS", +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) "MBEDTLS_PSA_CRYPTO_CLIENT", #endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index b9105f812..9760f626c 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1226,6 +1226,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PKCS1_V21 */ +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + if( strcmp( "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) if( strcmp( "MBEDTLS_PSA_CRYPTO_CLIENT", config ) == 0 ) { diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f768e1e5e..a85c7ce00 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2267,6 +2267,7 @@ component_test_psa_crypto_drivers () { msg "build: MBEDTLS_PSA_CRYPTO_DRIVERS w/ driver hooks" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS + scripts/config.py set MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS # Need to define the correct symbol and include the test driver header path in order to build with the test driver loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST" loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_KEY_TYPE_AES" diff --git a/tests/src/helpers.c b/tests/src/helpers.c index e323275e5..c282edc84 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -282,3 +282,38 @@ void mbedtls_param_failed( const char *failure_condition, } } #endif /* MBEDTLS_CHECK_PARAMS */ + +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) +#include +typedef struct +{ + psa_key_id_t builtin_key_id; + psa_key_location_t location; + psa_drv_slot_number_t slot_number; +} mbedtls_psa_builtin_key_description_t; +static const mbedtls_psa_builtin_key_description_t builtin_keys[] = { + // TODO: declare some keys + {0, 0, 0}, +}; +psa_status_t mbedtls_psa_platform_get_builtin_key( + psa_key_attributes_t *attributes, psa_drv_slot_number_t *slot_number ) +{ + mbedtls_svc_key_id_t svc_key_id = psa_get_key_id( attributes ); + psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( svc_key_id ); + + for( size_t i = 0; i < ( sizeof( builtin_keys ) / sizeof( builtin_keys[0] ) ); i++ ) + { + if( builtin_keys[i].builtin_key_id == app_key_id ) + { + psa_set_key_lifetime( attributes, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, + builtin_keys[i].location ) ); + *slot_number = builtin_keys[i].slot_number; + return( PSA_SUCCESS ); + } + } + + return( PSA_ERROR_DOES_NOT_EXIST ); +} +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ From f9a55ffa2ce2b6fa9489abd961d5de0d383f20f6 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Fri, 19 Feb 2021 18:04:59 +0100 Subject: [PATCH 034/160] Add test driver implementation for MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS As part of test_psa_crypto_drivers, define a builtin symmetric plus an ECC key on the test driver lifetime. Signed-off-by: Steven Cooreman --- library/psa_crypto_driver_wrappers.c | 21 ++++++++ tests/include/test/drivers/key_management.h | 10 ++++ tests/src/drivers/key_management.c | 59 +++++++++++++++++++++ tests/src/helpers.c | 21 +++++++- 4 files changed, 109 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 70c3026ce..28087de07 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -257,6 +257,16 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size( { #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LIFETIME: +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + /* Emulate property 'builtin_key_size' */ + if( psa_key_id_is_builtin( + MBEDTLS_SVC_KEY_ID_GET_KEY_ID( + psa_get_key_id( attributes ) ) ) ) + { + *key_buffer_size = sizeof(psa_drv_slot_number_t); + return( PSA_SUCCESS ); + } +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ #ifdef TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION *key_buffer_size = test_size_function( key_type, key_bits ); return( PSA_SUCCESS ); @@ -582,6 +592,17 @@ psa_status_t psa_driver_wrapper_get_builtin_key( psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); switch( location ) { +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TEST_DRIVER_LIFETIME: +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + return( test_opaque_get_builtin_key( + slot_number, + attributes, + key_buffer, key_buffer_size, key_buffer_length ) ); +#else + return( PSA_ERROR_DOES_NOT_EXIST ); +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ +#endif /* PSA_CRYPTO_DRIVER_TEST */ default: (void) slot_number; (void) key_buffer; diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index b30baa205..ee96024df 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -29,6 +29,11 @@ #if defined(PSA_CRYPTO_DRIVER_TEST) #include +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) +#define PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT 0 +#define PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT 1 +#endif + typedef struct { /* If non-null, on success, copy this to the output. */ void *forced_output; @@ -82,5 +87,10 @@ psa_status_t test_transparent_import_key( size_t *key_buffer_length, size_t *bits); +psa_status_t test_opaque_get_builtin_key( + psa_drv_slot_number_t slot_number, + psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */ diff --git a/tests/src/drivers/key_management.c b/tests/src/drivers/key_management.c index 10a40c37d..d8410be4e 100644 --- a/tests/src/drivers/key_management.c +++ b/tests/src/drivers/key_management.c @@ -232,4 +232,63 @@ psa_status_t test_opaque_export_public_key( return( PSA_ERROR_NOT_SUPPORTED ); } +/* The opaque test driver exposes two built-in keys when builtin key support is + * compiled in. + * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128 key which allows CTR mode + * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1 private key which allows ECDSA sign & verify + * The key buffer format for these is the raw format of psa_drv_slot_number_t + * (i.e. for an actual driver this would mean 'builtin_key_size' = sizeof(psa_drv_slot_number_t)) + */ +psa_status_t test_opaque_get_builtin_key( + psa_drv_slot_number_t slot_number, + psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) +{ +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + switch( slot_number ) + { + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: + if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + psa_set_key_type( attributes, PSA_KEY_TYPE_AES ); + psa_set_key_bits( attributes, 128 ); + psa_set_key_usage_flags( attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_algorithm( attributes, PSA_ALG_CTR ); + + *( (psa_drv_slot_number_t*) key_buffer ) = + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT; + *key_buffer_length = sizeof( psa_drv_slot_number_t ); + return( PSA_SUCCESS ); + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: + if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + psa_set_key_type( attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1) ); + psa_set_key_bits( attributes, 256 ); + psa_set_key_usage_flags( attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); + psa_set_key_algorithm( attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ); + + *( (psa_drv_slot_number_t*) key_buffer) = + PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT; + *key_buffer_length = sizeof( psa_drv_slot_number_t ); + return( PSA_SUCCESS ); + default: + (void) slot_number; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) key_buffer_length; + return( PSA_ERROR_INVALID_ARGUMENT ); + } +#else + (void) slot_number; + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) key_buffer_length; + return( PSA_ERROR_DOES_NOT_EXIST ); +#endif +} + #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/helpers.c b/tests/src/helpers.c index c282edc84..ee7fa209c 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -285,16 +285,33 @@ void mbedtls_param_failed( const char *failure_condition, #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) #include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include "test/drivers/test_driver.h" +#endif + typedef struct { psa_key_id_t builtin_key_id; psa_key_location_t location; psa_drv_slot_number_t slot_number; } mbedtls_psa_builtin_key_description_t; + static const mbedtls_psa_builtin_key_description_t builtin_keys[] = { - // TODO: declare some keys - {0, 0, 0}, +#if defined(PSA_CRYPTO_DRIVER_TEST) + /* For testing, assign the AES builtin key slot to the boundary values. + * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */ + {MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + {MBEDTLS_PSA_KEY_ID_BUILTIN_MIN, PSA_CRYPTO_TEST_DRIVER_LIFETIME, PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + {MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT}, + {MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + {MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, PSA_CRYPTO_TEST_DRIVER_LIFETIME, PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + {MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, +#else + {0, 0, 0} +#endif }; + psa_status_t mbedtls_psa_platform_get_builtin_key( psa_key_attributes_t *attributes, psa_drv_slot_number_t *slot_number ) { From 437fcfc32ed1249d7ff07ad381bae627295402cc Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 22 Feb 2021 12:44:15 +0100 Subject: [PATCH 035/160] Add simple test coverage for builtin keys (PSA opaque driver export) Signed-off-by: Steven Cooreman --- tests/include/test/drivers/key_management.h | 3 + tests/src/drivers/key_management.c | 114 +++++++++++++++++- ...test_suite_psa_crypto_driver_wrappers.data | 24 ++++ ..._suite_psa_crypto_driver_wrappers.function | 104 ++++++++++++++++ 4 files changed, 240 insertions(+), 5 deletions(-) diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index ee96024df..cf6fbb0b0 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -32,6 +32,9 @@ #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) #define PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT 0 #define PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT 1 + +extern const uint8_t test_driver_aes_key[16]; +extern const uint8_t test_driver_ecdsa_key[32]; #endif typedef struct { diff --git a/tests/src/drivers/key_management.c b/tests/src/drivers/key_management.c index d8410be4e..77a217f06 100644 --- a/tests/src/drivers/key_management.c +++ b/tests/src/drivers/key_management.c @@ -41,6 +41,30 @@ test_driver_key_management_hooks_t test_driver_key_management_hooks = TEST_DRIVER_KEY_MANAGEMENT_INIT; +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) +const uint8_t test_driver_aes_key[16] = + { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46, + 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 }; +const uint8_t test_driver_ecdsa_key[32] = + { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63, + 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18, + 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7, + 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a }; +const uint8_t test_driver_ecdsa_pubkey[65] = + { 0x04, + 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c, + 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44, + 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a, + 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19, + 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31, + 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b, + 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, + 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; + +static const psa_drv_slot_number_t aes_slot = PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT; +static const psa_drv_slot_number_t ecdsa_slot = PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT; +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + psa_status_t test_transparent_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ) @@ -154,6 +178,57 @@ psa_status_t test_opaque_export_key( const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ) { +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + if( psa_key_id_is_builtin( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( attributes ) ) ) ) + { + if( key_length != sizeof( psa_drv_slot_number_t ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + if( memcmp( key, &ecdsa_slot, sizeof( psa_drv_slot_number_t ) ) == 0 ) + { + /* This is the ECDSA slot. Verify key attributes before returning pubkey. */ + if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 256 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( (psa_get_key_usage_flags( attributes ) & PSA_KEY_USAGE_EXPORT) == 0 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + if( data_size < sizeof( test_driver_ecdsa_key ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( data, test_driver_ecdsa_key, sizeof( test_driver_ecdsa_key ) ); + *data_length = sizeof( test_driver_ecdsa_key ); + return( PSA_SUCCESS ); + } + + if( memcmp( key, &aes_slot, sizeof( psa_drv_slot_number_t ) ) == 0 ) + { + /* This is the ECDSA slot. Verify key attributes before returning pubkey. */ + if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 128 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( (psa_get_key_usage_flags( attributes ) & PSA_KEY_USAGE_EXPORT) == 0 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + if( data_size < sizeof( test_driver_aes_key ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( data, test_driver_aes_key, sizeof( test_driver_aes_key ) ); + *data_length = sizeof( test_driver_aes_key ); + return( PSA_SUCCESS ); + } + + /* Potentially add more slots here */ + + return( PSA_ERROR_DOES_NOT_EXIST ); + } +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ (void) attributes; (void) key; (void) key_length; @@ -223,6 +298,35 @@ psa_status_t test_opaque_export_public_key( const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ) { +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + if( psa_key_id_is_builtin( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( attributes ) ) ) ) + { + if( key_length != sizeof( psa_drv_slot_number_t ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + if( memcmp( key, &ecdsa_slot, sizeof( psa_drv_slot_number_t ) ) == 0 ) + { + /* This is the ECDSA slot. Verify key attributes before returning pubkey. */ + if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 256 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + if( data_size < sizeof( test_driver_ecdsa_pubkey ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy(data, test_driver_ecdsa_pubkey, sizeof( test_driver_ecdsa_pubkey ) ); + *data_length = sizeof( test_driver_ecdsa_pubkey ); + return( PSA_SUCCESS ); + } + + /* Potentially add more slots here */ + + return( PSA_ERROR_DOES_NOT_EXIST ); + } +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ (void) attributes; (void) key; (void) key_length; @@ -253,7 +357,7 @@ psa_status_t test_opaque_get_builtin_key( psa_set_key_type( attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( attributes, 128 ); - psa_set_key_usage_flags( attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); + psa_set_key_usage_flags( attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( attributes, PSA_ALG_CTR ); *( (psa_drv_slot_number_t*) key_buffer ) = @@ -264,9 +368,9 @@ psa_status_t test_opaque_get_builtin_key( if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - psa_set_key_type( attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1) ); + psa_set_key_type( attributes, PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); psa_set_key_bits( attributes, 256 ); - psa_set_key_usage_flags( attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); + psa_set_key_usage_flags( attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ); *( (psa_drv_slot_number_t*) key_buffer) = @@ -281,14 +385,14 @@ psa_status_t test_opaque_get_builtin_key( (void) key_buffer_length; return( PSA_ERROR_INVALID_ARGUMENT ); } -#else +#else /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ (void) slot_number; (void) attributes; (void) key_buffer; (void) key_buffer_size; (void) key_buffer_length; return( PSA_ERROR_DOES_NOT_EXIST ); -#endif +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 241d715b3..251388378 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -243,3 +243,27 @@ aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00 PSA AEAD decrypt, AES-GCM, 144 bytes #1, INSUFFICIENT_MEMORY depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INSUFFICIENT_MEMORY + +PSA opaque driver builtin key export: AES +builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS + +PSA opaque driver builtin key export: AES (registered to ID_MAX-1) +builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS + +PSA opaque driver builtin key export: AES (registered to ID_MAX) +builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_SUCCESS + +PSA opaque driver builtin key export: key ID out of range (ID_MIN - 1) +builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_ERROR_INVALID_HANDLE + +PSA opaque driver builtin key export: key ID out of range (ID_MAX + 1) +builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_ERROR_INVALID_HANDLE + +PSA opaque driver builtin key export: secp256r1 +builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"dc7d9d26d67a4f632c34c2dc0b6986183882c206df04cdb7d69aabe28be4f81a":PSA_SUCCESS + +PSA opaque driver builtin pubkey export: secp256r1 +builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_SUCCESS + +PSA opaque driver builtin pubkey export: not a public key +builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_ERROR_INVALID_ARGUMENT diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 20452b70c..449b52871 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -936,3 +936,107 @@ exit: test_driver_aead_hooks = test_driver_aead_hooks_init(); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ +void builtin_key_export( int builtin_key_id_arg, + int builtin_key_type_arg, + int builtin_key_bits_arg, + int builtin_key_algorithm_arg, + data_t *expected_output, + int expected_status_arg ) +{ + psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg; + psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg; + psa_algorithm_t builtin_key_alg = (psa_algorithm_t) builtin_key_algorithm_arg; + size_t builtin_key_bits = (size_t) builtin_key_bits_arg; + psa_status_t expected_status = expected_status_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0, builtin_key_id); + uint8_t* output_buffer = NULL; + size_t output_size = 0; + psa_status_t actual_status; + + PSA_ASSERT( psa_crypto_init( ) ); + ASSERT_ALLOC( output_buffer, expected_output->len ); + + actual_status = psa_export_key( key, output_buffer, expected_output->len, &output_size ); + + if( expected_status == PSA_SUCCESS ) + { + PSA_ASSERT( actual_status ); + TEST_EQUAL( output_size, expected_output->len ); + ASSERT_COMPARE( output_buffer, output_size, + expected_output->x, expected_output->len ); + + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits ); + TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg ); + } + else + { + if( actual_status != expected_status ) + fprintf(stderr, "Expected %d but got %d\n", expected_status, actual_status); + TEST_EQUAL( actual_status, expected_status ); + TEST_EQUAL( output_size, 0 ); + } + +exit: + mbedtls_free( output_buffer ); + psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ +void builtin_pubkey_export( int builtin_key_id_arg, + int builtin_key_type_arg, + int builtin_key_bits_arg, + int builtin_key_algorithm_arg, + data_t *expected_output, + int expected_status_arg ) +{ + psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg; + psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg; + psa_algorithm_t builtin_key_alg = (psa_algorithm_t) builtin_key_algorithm_arg; + size_t builtin_key_bits = (size_t) builtin_key_bits_arg; + psa_status_t expected_status = expected_status_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0, builtin_key_id); + uint8_t* output_buffer = NULL; + size_t output_size = 0; + psa_status_t actual_status; + + PSA_ASSERT( psa_crypto_init( ) ); + ASSERT_ALLOC( output_buffer, expected_output->len ); + + actual_status = psa_export_public_key( key, output_buffer, expected_output->len, &output_size ); + + if( expected_status == PSA_SUCCESS ) + { + PSA_ASSERT( actual_status ); + TEST_EQUAL( output_size, expected_output->len ); + ASSERT_COMPARE( output_buffer, output_size, + expected_output->x, expected_output->len ); + + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits ); + TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type ); + TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg ); + } + else + { + TEST_EQUAL( actual_status, expected_status ); + TEST_EQUAL( output_size, 0 ); + } + +exit: + mbedtls_free( output_buffer ); + psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ From 5be864f6451445af364b45182f02907f2fb425df Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 22 Feb 2021 12:48:51 +0100 Subject: [PATCH 036/160] Add changelog for MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS Signed-off-by: Steven Cooreman --- ChangeLog.d/psa-builtin-keys-implementation.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/psa-builtin-keys-implementation.txt diff --git a/ChangeLog.d/psa-builtin-keys-implementation.txt b/ChangeLog.d/psa-builtin-keys-implementation.txt new file mode 100644 index 000000000..66ba77d07 --- /dev/null +++ b/ChangeLog.d/psa-builtin-keys-implementation.txt @@ -0,0 +1,4 @@ +Features + * Added support for built-in driver keys through the PSA opaque crypto + driver interface. Refer to the documentation of + MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS for more information. From e5e30859b7bffef72e993f91326b37ed89172714 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 22 Feb 2021 14:40:04 +0100 Subject: [PATCH 037/160] Remove potentially unused exit label Signed-off-by: Steven Cooreman --- library/psa_crypto_slot_management.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index c90ebee00..dfc03fd5a 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -364,15 +364,13 @@ psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, status = PSA_ERROR_DOES_NOT_EXIST; #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) status = psa_load_builtin_key_into_slot( *p_slot ); - if( status == PSA_SUCCESS ) - goto exit; #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - status = psa_load_persistent_key_into_slot( *p_slot ); + if( status == PSA_ERROR_DOES_NOT_EXIST ) + status = psa_load_persistent_key_into_slot( *p_slot ); #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ -exit: if( status != PSA_SUCCESS ) { psa_wipe_key_slot( *p_slot ); From 203bcbbc47d824b12c95e7d8e3aa9cde3d0b410f Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Mar 2021 17:17:40 +0100 Subject: [PATCH 038/160] Style fixes (typos, whitespace, 80 column limit) Signed-off-by: Steven Cooreman --- include/psa/crypto_extra.h | 6 +- library/psa_crypto_driver_wrappers.c | 2 +- library/psa_crypto_slot_management.c | 99 ++++++++++--------- tests/src/drivers/key_management.c | 75 +++++++++----- tests/src/helpers.c | 21 ++-- ..._suite_psa_crypto_driver_wrappers.function | 6 +- 6 files changed, 123 insertions(+), 86 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index f9a9aeeaf..34436e4d4 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -762,7 +762,7 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) /** Platform function to obtain the data of a built-in key. * * An application-specific implementation of this function must be provided if - * #MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled. This would typically provided + * #MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled. This would typically be provided * as part of a platform's system image. * * Call psa_get_key_id(\p attributes) to obtain the key identifier \c key_id. @@ -780,7 +780,7 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) * On successful return, this function must set * the attributes of the key: lifetime, type, * bit-size, usage policy. - * \param[out] slot_number On successful return, this function must + * \param[out] slot_number On successful return, this function must set * this to the slot number known to the driver for * the lifetime location reported through * \p attributes which corresponds to the @@ -794,7 +794,7 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) * The requested key identifier is not a built-in key which is known * to this function. If a key exists in the key storage with this * identifier, the data from the storage will be used. - * \retval (any other error) + * \return (any other error) * Any other error is propagated to the function that requested the key. * Common errors include: * - #PSA_ERROR_NOT_PERMITTED: the key exists but the requested owner diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 28087de07..160076e15 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -263,7 +263,7 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( attributes ) ) ) ) { - *key_buffer_size = sizeof(psa_drv_slot_number_t); + *key_buffer_size = sizeof( psa_drv_slot_number_t ); return( PSA_SUCCESS ); } #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index dfc03fd5a..7a01f80fd 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -280,58 +280,59 @@ exit: static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) { /* Load keys in the 'builtin' range through their own interface */ - if( psa_key_id_is_builtin( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ) ) ) + if( ! psa_key_id_is_builtin( + MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ) ) ) { - /* Check the platform function to see whether this key actually exists */ - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_drv_slot_number_t slot_number; - - psa_set_key_id(&attributes, slot->attr.id); - psa_status_t status = mbedtls_psa_platform_get_builtin_key( - &attributes, &slot_number ); - if( status != PSA_SUCCESS ) - return( status ); - - /* If the key should exist according to the platform, load it through - * the driver interface. */ - uint8_t *key_buffer = NULL; - size_t key_buffer_length = 0; - - status = psa_driver_wrapper_get_key_buffer_size( &attributes, &key_buffer_length ); - if( status != PSA_SUCCESS ) - return( status ); - - key_buffer = mbedtls_calloc( 1, key_buffer_length ); - if( key_buffer == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - - status = psa_driver_wrapper_get_builtin_key( - slot_number, &attributes, - key_buffer, key_buffer_length, &key_buffer_length ); - if( status != PSA_SUCCESS ) - goto exit; - - status = psa_copy_key_material_into_slot( slot, key_buffer, key_buffer_length ); - if( status != PSA_SUCCESS ) - goto exit; - - /* Copy core attributes into the slot on success. - * Use static allocations to make the compiler yell at us should one - * of the two structures change type. */ - psa_core_key_attributes_t* builtin_key_core_attributes = - &attributes.core; - psa_core_key_attributes_t* slot_core_attributes = - &slot->attr; - memcpy( slot_core_attributes, - builtin_key_core_attributes, - sizeof(psa_core_key_attributes_t) ); - -exit: - mbedtls_free( key_buffer ); - return( status ); - } else { return( PSA_ERROR_DOES_NOT_EXIST ); } + + /* Check the platform function to see whether this key actually exists */ + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_drv_slot_number_t slot_number; + + psa_set_key_id( &attributes, slot->attr.id ); + psa_status_t status = mbedtls_psa_platform_get_builtin_key( + &attributes, &slot_number ); + if( status != PSA_SUCCESS ) + return( status ); + + /* If the key should exist according to the platform, load it through the + * driver interface. */ + uint8_t *key_buffer = NULL; + size_t key_buffer_length = 0; + + status = psa_driver_wrapper_get_key_buffer_size( &attributes, + &key_buffer_length ); + if( status != PSA_SUCCESS ) + return( status ); + + key_buffer = mbedtls_calloc( 1, key_buffer_length ); + if( key_buffer == NULL ) + return( PSA_ERROR_INSUFFICIENT_MEMORY ); + + status = psa_driver_wrapper_get_builtin_key( + slot_number, &attributes, + key_buffer, key_buffer_length, &key_buffer_length ); + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_copy_key_material_into_slot( + slot, key_buffer, key_buffer_length ); + if( status != PSA_SUCCESS ) + goto exit; + + /* Copy core attributes into the slot on success. + * Use static allocations to make the compiler yell at us should one + * of the two structures change type. */ + psa_core_key_attributes_t* builtin_key_core_attributes = &attributes.core; + psa_core_key_attributes_t* slot_core_attributes = &slot->attr; + memcpy( slot_core_attributes, + builtin_key_core_attributes, + sizeof( psa_core_key_attributes_t ) ); + +exit: + mbedtls_free( key_buffer ); + return( status ); } #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ diff --git a/tests/src/drivers/key_management.c b/tests/src/drivers/key_management.c index 77a217f06..ca00fe0e8 100644 --- a/tests/src/drivers/key_management.c +++ b/tests/src/drivers/key_management.c @@ -61,8 +61,10 @@ const uint8_t test_driver_ecdsa_pubkey[65] = 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; -static const psa_drv_slot_number_t aes_slot = PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT; -static const psa_drv_slot_number_t ecdsa_slot = PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT; +static const psa_drv_slot_number_t aes_slot = + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT; +static const psa_drv_slot_number_t ecdsa_slot = + PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT; #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ psa_status_t test_transparent_generate_key( @@ -179,41 +181,49 @@ psa_status_t test_opaque_export_key( uint8_t *data, size_t data_size, size_t *data_length ) { #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) - if( psa_key_id_is_builtin( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( attributes ) ) ) ) + if( psa_key_id_is_builtin( + MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( attributes ) ) ) ) { if( key_length != sizeof( psa_drv_slot_number_t ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( memcmp( key, &ecdsa_slot, sizeof( psa_drv_slot_number_t ) ) == 0 ) { - /* This is the ECDSA slot. Verify key attributes before returning pubkey. */ - if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) + /* This is the ECDSA slot. Verify key attributes before returning + * the private key. */ + if( psa_get_key_type( attributes ) != + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) return( PSA_ERROR_CORRUPTION_DETECTED ); if( psa_get_key_bits( attributes ) != 256 ) return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) + if( psa_get_key_algorithm( attributes ) != + PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) return( PSA_ERROR_CORRUPTION_DETECTED ); - if( (psa_get_key_usage_flags( attributes ) & PSA_KEY_USAGE_EXPORT) == 0 ) + if( ( psa_get_key_usage_flags( attributes ) & + PSA_KEY_USAGE_EXPORT ) == 0 ) return( PSA_ERROR_CORRUPTION_DETECTED ); if( data_size < sizeof( test_driver_ecdsa_key ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, test_driver_ecdsa_key, sizeof( test_driver_ecdsa_key ) ); + memcpy( data, test_driver_ecdsa_key, + sizeof( test_driver_ecdsa_key ) ); *data_length = sizeof( test_driver_ecdsa_key ); return( PSA_SUCCESS ); } if( memcmp( key, &aes_slot, sizeof( psa_drv_slot_number_t ) ) == 0 ) { - /* This is the ECDSA slot. Verify key attributes before returning pubkey. */ + /* This is the AES slot. Verify key attributes before returning + * the key. */ if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) return( PSA_ERROR_CORRUPTION_DETECTED ); if( psa_get_key_bits( attributes ) != 128 ) return( PSA_ERROR_CORRUPTION_DETECTED ); if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR ) return( PSA_ERROR_CORRUPTION_DETECTED ); - if( (psa_get_key_usage_flags( attributes ) & PSA_KEY_USAGE_EXPORT) == 0 ) + if( ( psa_get_key_usage_flags( attributes ) & + PSA_KEY_USAGE_EXPORT ) == 0 ) return( PSA_ERROR_CORRUPTION_DETECTED ); if( data_size < sizeof( test_driver_aes_key ) ) @@ -299,25 +309,30 @@ psa_status_t test_opaque_export_public_key( uint8_t *data, size_t data_size, size_t *data_length ) { #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) - if( psa_key_id_is_builtin( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( attributes ) ) ) ) + if( psa_key_id_is_builtin( + MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( attributes ) ) ) ) { if( key_length != sizeof( psa_drv_slot_number_t ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( memcmp( key, &ecdsa_slot, sizeof( psa_drv_slot_number_t ) ) == 0 ) { - /* This is the ECDSA slot. Verify key attributes before returning pubkey. */ - if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) + /* This is the ECDSA slot. Verify key attributes before returning + * the public key. */ + if( psa_get_key_type( attributes ) != + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) return( PSA_ERROR_CORRUPTION_DETECTED ); if( psa_get_key_bits( attributes ) != 256 ) return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) + if( psa_get_key_algorithm( attributes ) != + PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) return( PSA_ERROR_CORRUPTION_DETECTED ); if( data_size < sizeof( test_driver_ecdsa_pubkey ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy(data, test_driver_ecdsa_pubkey, sizeof( test_driver_ecdsa_pubkey ) ); + memcpy( data, test_driver_ecdsa_pubkey, + sizeof( test_driver_ecdsa_pubkey ) ); *data_length = sizeof( test_driver_ecdsa_pubkey ); return( PSA_SUCCESS ); } @@ -338,10 +353,13 @@ psa_status_t test_opaque_export_public_key( /* The opaque test driver exposes two built-in keys when builtin key support is * compiled in. - * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128 key which allows CTR mode - * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1 private key which allows ECDSA sign & verify + * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT is an AES-128 + * key which allows CTR mode. + * The key in slot #PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT is a secp256r1 + * private key which allows ECDSA sign & verify. * The key buffer format for these is the raw format of psa_drv_slot_number_t - * (i.e. for an actual driver this would mean 'builtin_key_size' = sizeof(psa_drv_slot_number_t)) + * (i.e. for an actual driver this would mean 'builtin_key_size' = + * sizeof(psa_drv_slot_number_t)). */ psa_status_t test_opaque_get_builtin_key( psa_drv_slot_number_t slot_number, @@ -357,7 +375,11 @@ psa_status_t test_opaque_get_builtin_key( psa_set_key_type( attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( attributes, 128 ); - psa_set_key_usage_flags( attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT ); + psa_set_key_usage_flags( + attributes, + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( attributes, PSA_ALG_CTR ); *( (psa_drv_slot_number_t*) key_buffer ) = @@ -368,12 +390,19 @@ psa_status_t test_opaque_get_builtin_key( if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - psa_set_key_type( attributes, PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); + psa_set_key_type( + attributes, + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); psa_set_key_bits( attributes, 256 ); - psa_set_key_usage_flags( attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ); + psa_set_key_usage_flags( + attributes, + PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_EXPORT ); + psa_set_key_algorithm( + attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ); - *( (psa_drv_slot_number_t*) key_buffer) = + *( (psa_drv_slot_number_t*) key_buffer ) = PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT; *key_buffer_length = sizeof( psa_drv_slot_number_t ); return( PSA_SUCCESS ); diff --git a/tests/src/helpers.c b/tests/src/helpers.c index ee7fa209c..75f55e371 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -301,12 +301,18 @@ static const mbedtls_psa_builtin_key_description_t builtin_keys[] = { #if defined(PSA_CRYPTO_DRIVER_TEST) /* For testing, assign the AES builtin key slot to the boundary values. * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */ - {MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, - {MBEDTLS_PSA_KEY_ID_BUILTIN_MIN, PSA_CRYPTO_TEST_DRIVER_LIFETIME, PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, - {MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT}, - {MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, - {MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, PSA_CRYPTO_TEST_DRIVER_LIFETIME, PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, - {MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN, PSA_CRYPTO_TEST_DRIVER_LIFETIME, + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, + PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, PSA_CRYPTO_TEST_DRIVER_LIFETIME, + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, #else {0, 0, 0} #endif @@ -318,7 +324,8 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( mbedtls_svc_key_id_t svc_key_id = psa_get_key_id( attributes ); psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( svc_key_id ); - for( size_t i = 0; i < ( sizeof( builtin_keys ) / sizeof( builtin_keys[0] ) ); i++ ) + for( size_t i = 0; + i < ( sizeof( builtin_keys ) / sizeof( builtin_keys[0] ) ); i++ ) { if( builtin_keys[i].builtin_key_id == app_key_id ) { diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 449b52871..eb6dce941 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -952,7 +952,7 @@ void builtin_key_export( int builtin_key_id_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0, builtin_key_id); + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id ); uint8_t* output_buffer = NULL; size_t output_size = 0; psa_status_t actual_status; @@ -977,7 +977,7 @@ void builtin_key_export( int builtin_key_id_arg, else { if( actual_status != expected_status ) - fprintf(stderr, "Expected %d but got %d\n", expected_status, actual_status); + fprintf( stderr, "Expected %d but got %d\n", expected_status, actual_status ); TEST_EQUAL( actual_status, expected_status ); TEST_EQUAL( output_size, 0 ); } @@ -1005,7 +1005,7 @@ void builtin_pubkey_export( int builtin_key_id_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0, builtin_key_id); + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id ); uint8_t* output_buffer = NULL; size_t output_size = 0; psa_status_t actual_status; From 85d554a99b155adb60688d0ea34834cc4947615f Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Mar 2021 17:19:30 +0100 Subject: [PATCH 039/160] Use different variables for buffer size and data length Signed-off-by: Steven Cooreman --- library/psa_crypto_slot_management.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 7a01f80fd..93de27331 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -299,20 +299,21 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) /* If the key should exist according to the platform, load it through the * driver interface. */ uint8_t *key_buffer = NULL; + size_t key_buffer_size = 0; size_t key_buffer_length = 0; status = psa_driver_wrapper_get_key_buffer_size( &attributes, - &key_buffer_length ); + &key_buffer_size ); if( status != PSA_SUCCESS ) return( status ); - key_buffer = mbedtls_calloc( 1, key_buffer_length ); + key_buffer = mbedtls_calloc( 1, key_buffer_size ); if( key_buffer == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); status = psa_driver_wrapper_get_builtin_key( slot_number, &attributes, - key_buffer, key_buffer_length, &key_buffer_length ); + key_buffer, key_buffer_size, &key_buffer_length ); if( status != PSA_SUCCESS ) goto exit; From ffc7fc9b7152554f0ff88c78d670afe857d871f7 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Mar 2021 17:33:46 +0100 Subject: [PATCH 040/160] Move variable declarations to top of function Signed-off-by: Steven Cooreman --- library/psa_crypto_slot_management.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 93de27331..ea3a5fc6b 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -279,6 +279,13 @@ exit: static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_drv_slot_number_t slot_number = 0; + uint8_t *key_buffer = NULL; + size_t key_buffer_size = 0; + size_t key_buffer_length = 0; + /* Load keys in the 'builtin' range through their own interface */ if( ! psa_key_id_is_builtin( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ) ) ) @@ -287,21 +294,13 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) } /* Check the platform function to see whether this key actually exists */ - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_drv_slot_number_t slot_number; - psa_set_key_id( &attributes, slot->attr.id ); - psa_status_t status = mbedtls_psa_platform_get_builtin_key( - &attributes, &slot_number ); + status = mbedtls_psa_platform_get_builtin_key( &attributes, &slot_number ); if( status != PSA_SUCCESS ) return( status ); /* If the key should exist according to the platform, load it through the * driver interface. */ - uint8_t *key_buffer = NULL; - size_t key_buffer_size = 0; - size_t key_buffer_length = 0; - status = psa_driver_wrapper_get_key_buffer_size( &attributes, &key_buffer_size ); if( status != PSA_SUCCESS ) From 649a8f43017004b0809c200be767a575c6b0a476 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Mar 2021 17:34:55 +0100 Subject: [PATCH 041/160] replace memcpy of structure with regular assignment Signed-off-by: Steven Cooreman --- library/psa_crypto_slot_management.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index ea3a5fc6b..5428b43a3 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -321,14 +321,8 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) if( status != PSA_SUCCESS ) goto exit; - /* Copy core attributes into the slot on success. - * Use static allocations to make the compiler yell at us should one - * of the two structures change type. */ - psa_core_key_attributes_t* builtin_key_core_attributes = &attributes.core; - psa_core_key_attributes_t* slot_core_attributes = &slot->attr; - memcpy( slot_core_attributes, - builtin_key_core_attributes, - sizeof( psa_core_key_attributes_t ) ); + /* Copy core attributes into the slot on success */ + slot->attr = attributes.core; exit: mbedtls_free( key_buffer ); From 33a32f024f73b5a1e55f1df2682e05e97a891891 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Mar 2021 18:43:15 +0100 Subject: [PATCH 042/160] Move test driver implementation of platform_get_builtin_key Move to its own file in the test tree, to simplify platform vendors providing their own implementation. Signed-off-by: Steven Cooreman --- tests/src/drivers/platform_builtin_keys.c | 81 +++++++++++++++++++++++ tests/src/helpers.c | 59 ----------------- 2 files changed, 81 insertions(+), 59 deletions(-) create mode 100644 tests/src/drivers/platform_builtin_keys.c diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c new file mode 100644 index 000000000..131343a90 --- /dev/null +++ b/tests/src/drivers/platform_builtin_keys.c @@ -0,0 +1,81 @@ +/** \file platform_builtin_keys.c + * + * \brief Test driver implementation of the builtin key support + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include +#endif + +typedef struct +{ + psa_key_id_t builtin_key_id; + psa_key_location_t location; + psa_drv_slot_number_t slot_number; +} mbedtls_psa_builtin_key_description_t; + +static const mbedtls_psa_builtin_key_description_t builtin_keys[] = { +#if defined(PSA_CRYPTO_DRIVER_TEST) + /* For testing, assign the AES builtin key slot to the boundary values. + * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */ + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN, PSA_CRYPTO_TEST_DRIVER_LIFETIME, + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, + PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, PSA_CRYPTO_TEST_DRIVER_LIFETIME, + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, +#else + {0, 0, 0} +#endif +}; + +psa_status_t mbedtls_psa_platform_get_builtin_key( + psa_key_attributes_t *attributes, psa_drv_slot_number_t *slot_number ) +{ + mbedtls_svc_key_id_t svc_key_id = psa_get_key_id( attributes ); + psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( svc_key_id ); + const mbedtls_psa_builtin_key_description_t *builtin_key; + + for( size_t i = 0; + i < ( sizeof( builtin_keys ) / sizeof( builtin_keys[0] ) ); i++ ) + { + builtin_key = &builtin_keys[i]; + if( builtin_key->builtin_key_id == app_key_id ) + { + psa_set_key_lifetime( attributes, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, + builtin_key->location ) ); + *slot_number = builtin_key->slot_number; + return( PSA_SUCCESS ); + } + } + + return( PSA_ERROR_DOES_NOT_EXIST ); +} diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 75f55e371..e323275e5 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -282,62 +282,3 @@ void mbedtls_param_failed( const char *failure_condition, } } #endif /* MBEDTLS_CHECK_PARAMS */ - -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) -#include - -#if defined(PSA_CRYPTO_DRIVER_TEST) -#include "test/drivers/test_driver.h" -#endif - -typedef struct -{ - psa_key_id_t builtin_key_id; - psa_key_location_t location; - psa_drv_slot_number_t slot_number; -} mbedtls_psa_builtin_key_description_t; - -static const mbedtls_psa_builtin_key_description_t builtin_keys[] = { -#if defined(PSA_CRYPTO_DRIVER_TEST) - /* For testing, assign the AES builtin key slot to the boundary values. - * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */ - { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, - { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN, PSA_CRYPTO_TEST_DRIVER_LIFETIME, - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, - { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, - PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT}, - { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, - { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, PSA_CRYPTO_TEST_DRIVER_LIFETIME, - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, - { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, -#else - {0, 0, 0} -#endif -}; - -psa_status_t mbedtls_psa_platform_get_builtin_key( - psa_key_attributes_t *attributes, psa_drv_slot_number_t *slot_number ) -{ - mbedtls_svc_key_id_t svc_key_id = psa_get_key_id( attributes ); - psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( svc_key_id ); - - for( size_t i = 0; - i < ( sizeof( builtin_keys ) / sizeof( builtin_keys[0] ) ); i++ ) - { - if( builtin_keys[i].builtin_key_id == app_key_id ) - { - psa_set_key_lifetime( attributes, - PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, - builtin_keys[i].location ) ); - *slot_number = builtin_keys[i].slot_number; - return( PSA_SUCCESS ); - } - } - - return( PSA_ERROR_DOES_NOT_EXIST ); -} -#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ From e384252cb7b823e7274926b62c41ebad0da0fd00 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Mar 2021 18:52:44 +0100 Subject: [PATCH 043/160] Move include to top of file Signed-off-by: Steven Cooreman --- library/psa_crypto_slot_management.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 5428b43a3..68943c178 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -26,6 +26,7 @@ #include "psa/crypto.h" #include "psa_crypto_core.h" +#include "psa_crypto_driver_wrappers.h" #include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -275,7 +276,6 @@ exit: #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) -#include "psa_crypto_driver_wrappers.h" static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) { From 1a0fbacde1f2fbc85eded52eed917dbb5131b804 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Mar 2021 19:19:53 +0100 Subject: [PATCH 044/160] Refactor opaque key handling in the test driver Builtin key support for the test driver is always compiled in, and no longer guarded by MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS. Parsing the key slot from the buffer by cast and assign instead of memcmp. For exporting keys, the test driver no longer reaches into the key identifier in order to check whether a key is builtin, but rather assumes so based on the key buffer length. It's the driver's responsibility to be able to detect the key material it returned as part of the get_builtin_key operation. Signed-off-by: Steven Cooreman --- library/psa_crypto_driver_wrappers.c | 4 - tests/include/test/drivers/key_management.h | 5 - tests/src/drivers/key_management.c | 208 ++++++++------------ 3 files changed, 86 insertions(+), 131 deletions(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 160076e15..1910894ac 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -594,14 +594,10 @@ psa_status_t psa_driver_wrapper_get_builtin_key( { #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LIFETIME: -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) return( test_opaque_get_builtin_key( slot_number, attributes, key_buffer, key_buffer_size, key_buffer_length ) ); -#else - return( PSA_ERROR_DOES_NOT_EXIST ); -#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ #endif /* PSA_CRYPTO_DRIVER_TEST */ default: (void) slot_number; diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index cf6fbb0b0..100fc18d3 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -29,14 +29,9 @@ #if defined(PSA_CRYPTO_DRIVER_TEST) #include -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) #define PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT 0 #define PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT 1 -extern const uint8_t test_driver_aes_key[16]; -extern const uint8_t test_driver_ecdsa_key[32]; -#endif - typedef struct { /* If non-null, on success, copy this to the output. */ void *forced_output; diff --git a/tests/src/drivers/key_management.c b/tests/src/drivers/key_management.c index ca00fe0e8..e908daf46 100644 --- a/tests/src/drivers/key_management.c +++ b/tests/src/drivers/key_management.c @@ -41,7 +41,6 @@ test_driver_key_management_hooks_t test_driver_key_management_hooks = TEST_DRIVER_KEY_MANAGEMENT_INIT; -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) const uint8_t test_driver_aes_key[16] = { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46, 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 }; @@ -61,12 +60,6 @@ const uint8_t test_driver_ecdsa_pubkey[65] = 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; -static const psa_drv_slot_number_t aes_slot = - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT; -static const psa_drv_slot_number_t ecdsa_slot = - PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT; -#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - psa_status_t test_transparent_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ) @@ -180,72 +173,66 @@ psa_status_t test_opaque_export_key( const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ) { -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) - if( psa_key_id_is_builtin( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( attributes ) ) ) ) + if( key_length == sizeof( psa_drv_slot_number_t ) ) { - if( key_length != sizeof( psa_drv_slot_number_t ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + /* Assume this is a builtin key based on the key material length. */ + psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); - if( memcmp( key, &ecdsa_slot, sizeof( psa_drv_slot_number_t ) ) == 0 ) + switch( slot_number ) { - /* This is the ECDSA slot. Verify key attributes before returning - * the private key. */ - if( psa_get_key_type( attributes ) != - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 256 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != - PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( ( psa_get_key_usage_flags( attributes ) & - PSA_KEY_USAGE_EXPORT ) == 0 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: + /* This is the ECDSA slot. Verify the key's attributes before + * returning the private key. */ + if( psa_get_key_type( attributes ) != + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 256 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != + PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( ( psa_get_key_usage_flags( attributes ) & + PSA_KEY_USAGE_EXPORT ) == 0 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); - if( data_size < sizeof( test_driver_ecdsa_key ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if( data_size < sizeof( test_driver_ecdsa_key ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, test_driver_ecdsa_key, - sizeof( test_driver_ecdsa_key ) ); - *data_length = sizeof( test_driver_ecdsa_key ); - return( PSA_SUCCESS ); + memcpy( data, test_driver_ecdsa_key, + sizeof( test_driver_ecdsa_key ) ); + *data_length = sizeof( test_driver_ecdsa_key ); + return( PSA_SUCCESS ); + + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: + /* This is the AES slot. Verify the key's attributes before + * returning the key. */ + if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 128 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( ( psa_get_key_usage_flags( attributes ) & + PSA_KEY_USAGE_EXPORT ) == 0 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + if( data_size < sizeof( test_driver_aes_key ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( data, test_driver_aes_key, + sizeof( test_driver_aes_key ) ); + *data_length = sizeof( test_driver_aes_key ); + return( PSA_SUCCESS ); + + default: + return( PSA_ERROR_DOES_NOT_EXIST ); } - - if( memcmp( key, &aes_slot, sizeof( psa_drv_slot_number_t ) ) == 0 ) - { - /* This is the AES slot. Verify key attributes before returning - * the key. */ - if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 128 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( ( psa_get_key_usage_flags( attributes ) & - PSA_KEY_USAGE_EXPORT ) == 0 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - - if( data_size < sizeof( test_driver_aes_key ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - memcpy( data, test_driver_aes_key, sizeof( test_driver_aes_key ) ); - *data_length = sizeof( test_driver_aes_key ); - return( PSA_SUCCESS ); - } - - /* Potentially add more slots here */ - - return( PSA_ERROR_DOES_NOT_EXIST ); } -#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - (void) attributes; - (void) key; - (void) key_length; - (void) data; - (void) data_size; - (void) data_length; - return( PSA_ERROR_NOT_SUPPORTED ); + else + { + /* Test driver does not support generic opaque key handling yet. */ + return( PSA_ERROR_NOT_SUPPORTED ); + } } psa_status_t test_transparent_export_public_key( @@ -308,47 +295,41 @@ psa_status_t test_opaque_export_public_key( const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ) { -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) - if( psa_key_id_is_builtin( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( attributes ) ) ) ) + if( key_length == sizeof( psa_drv_slot_number_t ) ) { - if( key_length != sizeof( psa_drv_slot_number_t ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - if( memcmp( key, &ecdsa_slot, sizeof( psa_drv_slot_number_t ) ) == 0 ) + /* Assume this is a builtin key based on the key material length. */ + psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); + switch( slot_number ) { - /* This is the ECDSA slot. Verify key attributes before returning - * the public key. */ - if( psa_get_key_type( attributes ) != - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 256 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != - PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: + /* This is the ECDSA slot. Verify the key's attributes before + * returning the public key. */ + if( psa_get_key_type( attributes ) != + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 256 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != + PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); - if( data_size < sizeof( test_driver_ecdsa_pubkey ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if( data_size < sizeof( test_driver_ecdsa_pubkey ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, test_driver_ecdsa_pubkey, - sizeof( test_driver_ecdsa_pubkey ) ); - *data_length = sizeof( test_driver_ecdsa_pubkey ); - return( PSA_SUCCESS ); + memcpy( data, test_driver_ecdsa_pubkey, + sizeof( test_driver_ecdsa_pubkey ) ); + *data_length = sizeof( test_driver_ecdsa_pubkey ); + return( PSA_SUCCESS ); + + default: + return( PSA_ERROR_DOES_NOT_EXIST ); } - - /* Potentially add more slots here */ - - return( PSA_ERROR_DOES_NOT_EXIST ); } -#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - (void) attributes; - (void) key; - (void) key_length; - (void) data; - (void) data_size; - (void) data_length; - return( PSA_ERROR_NOT_SUPPORTED ); + else + { + /* Test driver does not support generic opaque key handling yet. */ + return( PSA_ERROR_NOT_SUPPORTED ); + } } /* The opaque test driver exposes two built-in keys when builtin key support is @@ -366,13 +347,12 @@ psa_status_t test_opaque_get_builtin_key( psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) { -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + switch( slot_number ) { case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: - if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - psa_set_key_type( attributes, PSA_KEY_TYPE_AES ); psa_set_key_bits( attributes, 128 ); psa_set_key_usage_flags( @@ -387,9 +367,6 @@ psa_status_t test_opaque_get_builtin_key( *key_buffer_length = sizeof( psa_drv_slot_number_t ); return( PSA_SUCCESS ); case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: - if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - psa_set_key_type( attributes, PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); @@ -407,21 +384,8 @@ psa_status_t test_opaque_get_builtin_key( *key_buffer_length = sizeof( psa_drv_slot_number_t ); return( PSA_SUCCESS ); default: - (void) slot_number; - (void) attributes; - (void) key_buffer; - (void) key_buffer_size; - (void) key_buffer_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return( PSA_ERROR_DOES_NOT_EXIST ); } -#else /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - (void) slot_number; - (void) attributes; - (void) key_buffer; - (void) key_buffer_size; - (void) key_buffer_length; - return( PSA_ERROR_DOES_NOT_EXIST ); -#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ From 4b51925ede4c19524db3dd266d902b225da0997e Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Mar 2021 20:25:53 +0100 Subject: [PATCH 045/160] Stricter test dependencies on builtin key test It requires the driver under test to be the actual software test driver. Signed-off-by: Steven Cooreman --- tests/suites/test_suite_psa_crypto_driver_wrappers.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index eb6dce941..1eb087349 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -990,7 +990,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ +/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ void builtin_pubkey_export( int builtin_key_id_arg, int builtin_key_type_arg, int builtin_key_bits_arg, From c8b95343785b0bab44e88db71ff8bcae1db35299 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Mar 2021 20:48:06 +0100 Subject: [PATCH 046/160] Change signature of mbedtls_psa_platform_get_builtin_key Instead of the full attributes struct, it now only takes/returns what it actually needs to. Signed-off-by: Steven Cooreman --- include/psa/crypto_extra.h | 28 ++++++------- library/psa_crypto_slot_management.c | 7 +++- tests/src/drivers/platform_builtin_keys.c | 50 ++++++++++++++--------- 3 files changed, 50 insertions(+), 35 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 34436e4d4..38d6c2029 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -759,14 +759,13 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) ( key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ) ); } -/** Platform function to obtain the data of a built-in key. +/** Platform function to obtain the location and slot of a built-in key. * * An application-specific implementation of this function must be provided if * #MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled. This would typically be provided * as part of a platform's system image. * - * Call psa_get_key_id(\p attributes) to obtain the key identifier \c key_id. - * #MBEDTLS_SVC_KEY_ID_GET_KEY_ID(\p key_id) is in the range from + * #MBEDTLS_SVC_KEY_ID_GET_KEY_ID(\p key_id) needs to be in the range from * #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN to #MBEDTLS_PSA_KEY_ID_BUILTIN_MAX. * * In a multi-application configuration @@ -774,16 +773,15 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) * this function should check that #MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(\p key_id) * is allowed to use the given key. * - * \param[in,out] attributes On entry, this is #PSA_KEY_ATTRIBUTES_INIT or - * an equivalent value, except that the key - * identifier field is set. - * On successful return, this function must set - * the attributes of the key: lifetime, type, - * bit-size, usage policy. - * \param[out] slot_number On successful return, this function must set - * this to the slot number known to the driver for - * the lifetime location reported through - * \p attributes which corresponds to the + * \param key_id The key ID for which to retrieve the + * location and slot attributes. + * \param[out] lifetime On success, the lifetime associated with the key + * corresponding to \p key_id. Lifetime is a + * combination of which driver contains the key, + * and with what lifecycle the key can be used. + * \param[out] slot_number On success, the slot number known to the driver + * registered at the lifetime location reported + * through \p location which corresponds to the * requested built-in key. * * \retval #PSA_SUCCESS @@ -801,7 +799,9 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) * is not allowed to access it. */ psa_status_t mbedtls_psa_platform_get_builtin_key( - psa_key_attributes_t *attributes, psa_drv_slot_number_t *slot_number ); + mbedtls_svc_key_id_t key_id, + psa_key_lifetime_t *lifetime, + psa_drv_slot_number_t *slot_number ); #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ /** @} */ diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 68943c178..232e54401 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -281,6 +281,7 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_lifetime_t lifetime = PSA_KEY_LIFETIME_VOLATILE; psa_drv_slot_number_t slot_number = 0; uint8_t *key_buffer = NULL; size_t key_buffer_size = 0; @@ -295,10 +296,14 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) /* Check the platform function to see whether this key actually exists */ psa_set_key_id( &attributes, slot->attr.id ); - status = mbedtls_psa_platform_get_builtin_key( &attributes, &slot_number ); + status = mbedtls_psa_platform_get_builtin_key( + slot->attr.id, &lifetime, &slot_number ); if( status != PSA_SUCCESS ) return( status ); + /* Set mapped lifetime on the attributes */ + psa_set_key_lifetime( &attributes, lifetime ); + /* If the key should exist according to the platform, load it through the * driver interface. */ status = psa_driver_wrapper_get_key_buffer_size( &attributes, diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c index 131343a90..feccbfd0f 100644 --- a/tests/src/drivers/platform_builtin_keys.c +++ b/tests/src/drivers/platform_builtin_keys.c @@ -30,7 +30,7 @@ typedef struct { psa_key_id_t builtin_key_id; - psa_key_location_t location; + psa_key_lifetime_t lifetime; psa_drv_slot_number_t slot_number; } mbedtls_psa_builtin_key_description_t; @@ -38,28 +38,41 @@ static const mbedtls_psa_builtin_key_description_t builtin_keys[] = { #if defined(PSA_CRYPTO_DRIVER_TEST) /* For testing, assign the AES builtin key slot to the boundary values. * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */ - { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, - { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN, PSA_CRYPTO_TEST_DRIVER_LIFETIME, - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, - { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, - PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT}, - { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, - { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, PSA_CRYPTO_TEST_DRIVER_LIFETIME, - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, - { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1, PSA_CRYPTO_TEST_DRIVER_LIFETIME, - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LIFETIME ), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LIFETIME ), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LIFETIME ), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LIFETIME ), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LIFETIME ), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1, + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LIFETIME ), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, #else {0, 0, 0} #endif }; psa_status_t mbedtls_psa_platform_get_builtin_key( - psa_key_attributes_t *attributes, psa_drv_slot_number_t *slot_number ) + mbedtls_svc_key_id_t key_id, + psa_key_lifetime_t *lifetime, + psa_drv_slot_number_t *slot_number ) { - mbedtls_svc_key_id_t svc_key_id = psa_get_key_id( attributes ); - psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( svc_key_id ); + psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key_id ); const mbedtls_psa_builtin_key_description_t *builtin_key; for( size_t i = 0; @@ -68,10 +81,7 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( builtin_key = &builtin_keys[i]; if( builtin_key->builtin_key_id == app_key_id ) { - psa_set_key_lifetime( attributes, - PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, - builtin_key->location ) ); + *lifetime = builtin_key->lifetime; *slot_number = builtin_key->slot_number; return( PSA_SUCCESS ); } From a1ce2f26759754e14e85c0f96c0029d9999fcc72 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 18 Mar 2021 20:49:29 +0100 Subject: [PATCH 047/160] Rename test driver lifetime to location The macro always meant 'location', but was mistakenly named 'lifetime'. Naming it location instead makes much more sense, and drives home the conceptual differences between location and lifetime values. Signed-off-by: Steven Cooreman --- library/psa_crypto_driver_wrappers.c | 22 +++++++++++----------- tests/include/test/drivers/test_driver.h | 2 +- tests/src/drivers/platform_builtin_keys.c | 12 ++++++------ 3 files changed, 18 insertions(+), 18 deletions(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 1910894ac..2a3075b95 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -129,7 +129,7 @@ psa_status_t psa_driver_wrapper_sign_hash( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: return( test_opaque_signature_sign_hash( attributes, key_buffer, key_buffer_size, @@ -211,7 +211,7 @@ psa_status_t psa_driver_wrapper_verify_hash( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: return( test_opaque_signature_verify_hash( attributes, key_buffer, key_buffer_size, @@ -256,7 +256,7 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size( switch( location ) { #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) /* Emulate property 'builtin_key_size' */ if( psa_key_id_is_builtin( @@ -363,7 +363,7 @@ psa_status_t psa_driver_wrapper_generate_key( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = test_opaque_generate_key( attributes, key_buffer, key_buffer_size, key_buffer_length ); break; @@ -495,7 +495,7 @@ psa_status_t psa_driver_wrapper_export_key( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: return( test_opaque_export_key( attributes, key_buffer, key_buffer_size, @@ -569,7 +569,7 @@ psa_status_t psa_driver_wrapper_export_public_key( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: return( test_opaque_export_public_key( attributes, key_buffer, key_buffer_size, @@ -593,7 +593,7 @@ psa_status_t psa_driver_wrapper_get_builtin_key( switch( location ) { #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: return( test_opaque_get_builtin_key( slot_number, attributes, @@ -650,7 +650,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( return( PSA_ERROR_NOT_SUPPORTED ); /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: return( test_opaque_cipher_encrypt( &attributes, slot->key.data, slot->key.bytes, @@ -717,7 +717,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( return( PSA_ERROR_NOT_SUPPORTED ); /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: return( test_opaque_cipher_decrypt( &attributes, slot->key.data, slot->key.bytes, @@ -794,7 +794,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = test_opaque_cipher_encrypt_setup( &operation->ctx.opaque_test_driver_ctx, attributes, @@ -865,7 +865,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = test_opaque_cipher_decrypt_setup( &operation->ctx.opaque_test_driver_ctx, attributes, diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h index 2fdce5c79..84d0caa5e 100644 --- a/tests/include/test/drivers/test_driver.h +++ b/tests/include/test/drivers/test_driver.h @@ -20,7 +20,7 @@ #ifndef PSA_CRYPTO_TEST_DRIVER_H #define PSA_CRYPTO_TEST_DRIVER_H -#define PSA_CRYPTO_TEST_DRIVER_LIFETIME 0x7fffff +#define PSA_CRYPTO_TEST_DRIVER_LOCATION 0x7fffff #include "test/drivers/aead.h" #include "test/drivers/signature.h" diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c index feccbfd0f..759fa7830 100644 --- a/tests/src/drivers/platform_builtin_keys.c +++ b/tests/src/drivers/platform_builtin_keys.c @@ -40,27 +40,27 @@ static const mbedtls_psa_builtin_key_description_t builtin_keys[] = { * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */ { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LIFETIME ), + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LIFETIME ), + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LIFETIME ), + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT}, { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LIFETIME ), + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LIFETIME ), + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LIFETIME ), + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, #else {0, 0, 0} From b938b0bb03ef5c87339cc57eab5bce8be1999157 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Tue, 6 Apr 2021 13:08:42 +0200 Subject: [PATCH 048/160] Documentation clarification after review Signed-off-by: Steven Cooreman --- include/psa/crypto_extra.h | 4 ++-- library/psa_crypto_driver_wrappers.c | 4 ++-- library/psa_crypto_slot_management.c | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 38d6c2029..2c0e33ba7 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -759,7 +759,7 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) ( key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ) ); } -/** Platform function to obtain the location and slot of a built-in key. +/** Platform function to obtain the location and slot number of a built-in key. * * An application-specific implementation of this function must be provided if * #MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled. This would typically be provided @@ -781,7 +781,7 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) * and with what lifecycle the key can be used. * \param[out] slot_number On success, the slot number known to the driver * registered at the lifetime location reported - * through \p location which corresponds to the + * through \p lifetime which corresponds to the * requested built-in key. * * \retval #PSA_SUCCESS diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 2a3075b95..11160d82d 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -229,8 +229,8 @@ psa_status_t psa_driver_wrapper_verify_hash( } } -/** Get the key buffer size for the key material of a generated key in the - * case of an opaque driver without storage. +/** Get the key buffer size required to store the key material of a key + * associated with an opaque driver without storage. * * \param[in] attributes The key attributes. * \param[out] key_buffer_size Minimum buffer size to contain the key material diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 232e54401..336bc3716 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -287,7 +287,6 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) size_t key_buffer_size = 0; size_t key_buffer_length = 0; - /* Load keys in the 'builtin' range through their own interface */ if( ! psa_key_id_is_builtin( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ) ) ) { @@ -363,6 +362,7 @@ psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, status = PSA_ERROR_DOES_NOT_EXIST; #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + /* Load keys in the 'builtin' range through their own interface */ status = psa_load_builtin_key_into_slot( *p_slot ); #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ From 43e4a406d9f9e26fe3bea803abd9841e35d01a2d Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Tue, 6 Apr 2021 13:17:36 +0200 Subject: [PATCH 049/160] Give builtin key export test functions the same dependencies Signed-off-by: Steven Cooreman --- tests/suites/test_suite_psa_crypto_driver_wrappers.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 1eb087349..ad5b6c5fa 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -937,7 +937,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ +/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ void builtin_key_export( int builtin_key_id_arg, int builtin_key_type_arg, int builtin_key_bits_arg, From 054bf7f2a00bf7d14b4ba7350a1cc9039f23566f Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Tue, 6 Apr 2021 15:09:19 +0200 Subject: [PATCH 050/160] Reduce indentation need by checking negative case first Signed-off-by: Steven Cooreman --- tests/src/drivers/key_management.c | 170 ++++++++++++++--------------- 1 file changed, 83 insertions(+), 87 deletions(-) diff --git a/tests/src/drivers/key_management.c b/tests/src/drivers/key_management.c index e908daf46..5daec6bd5 100644 --- a/tests/src/drivers/key_management.c +++ b/tests/src/drivers/key_management.c @@ -173,66 +173,64 @@ psa_status_t test_opaque_export_key( const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ) { - if( key_length == sizeof( psa_drv_slot_number_t ) ) - { - /* Assume this is a builtin key based on the key material length. */ - psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); - - switch( slot_number ) - { - case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: - /* This is the ECDSA slot. Verify the key's attributes before - * returning the private key. */ - if( psa_get_key_type( attributes ) != - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 256 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != - PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( ( psa_get_key_usage_flags( attributes ) & - PSA_KEY_USAGE_EXPORT ) == 0 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - - if( data_size < sizeof( test_driver_ecdsa_key ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - memcpy( data, test_driver_ecdsa_key, - sizeof( test_driver_ecdsa_key ) ); - *data_length = sizeof( test_driver_ecdsa_key ); - return( PSA_SUCCESS ); - - case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: - /* This is the AES slot. Verify the key's attributes before - * returning the key. */ - if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 128 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( ( psa_get_key_usage_flags( attributes ) & - PSA_KEY_USAGE_EXPORT ) == 0 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - - if( data_size < sizeof( test_driver_aes_key ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - memcpy( data, test_driver_aes_key, - sizeof( test_driver_aes_key ) ); - *data_length = sizeof( test_driver_aes_key ); - return( PSA_SUCCESS ); - - default: - return( PSA_ERROR_DOES_NOT_EXIST ); - } - } - else + if( key_length != sizeof( psa_drv_slot_number_t ) ) { /* Test driver does not support generic opaque key handling yet. */ return( PSA_ERROR_NOT_SUPPORTED ); } + + /* Assume this is a builtin key based on the key material length. */ + psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); + + switch( slot_number ) + { + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: + /* This is the ECDSA slot. Verify the key's attributes before + * returning the private key. */ + if( psa_get_key_type( attributes ) != + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 256 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != + PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( ( psa_get_key_usage_flags( attributes ) & + PSA_KEY_USAGE_EXPORT ) == 0 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + if( data_size < sizeof( test_driver_ecdsa_key ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( data, test_driver_ecdsa_key, + sizeof( test_driver_ecdsa_key ) ); + *data_length = sizeof( test_driver_ecdsa_key ); + return( PSA_SUCCESS ); + + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: + /* This is the AES slot. Verify the key's attributes before + * returning the key. */ + if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 128 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( ( psa_get_key_usage_flags( attributes ) & + PSA_KEY_USAGE_EXPORT ) == 0 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + if( data_size < sizeof( test_driver_aes_key ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( data, test_driver_aes_key, + sizeof( test_driver_aes_key ) ); + *data_length = sizeof( test_driver_aes_key ); + return( PSA_SUCCESS ); + + default: + return( PSA_ERROR_DOES_NOT_EXIST ); + } } psa_status_t test_transparent_export_public_key( @@ -295,41 +293,39 @@ psa_status_t test_opaque_export_public_key( const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ) { - if( key_length == sizeof( psa_drv_slot_number_t ) ) - { - /* Assume this is a builtin key based on the key material length. */ - psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); - switch( slot_number ) - { - case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: - /* This is the ECDSA slot. Verify the key's attributes before - * returning the public key. */ - if( psa_get_key_type( attributes ) != - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 256 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != - PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - - if( data_size < sizeof( test_driver_ecdsa_pubkey ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - memcpy( data, test_driver_ecdsa_pubkey, - sizeof( test_driver_ecdsa_pubkey ) ); - *data_length = sizeof( test_driver_ecdsa_pubkey ); - return( PSA_SUCCESS ); - - default: - return( PSA_ERROR_DOES_NOT_EXIST ); - } - } - else + if( key_length != sizeof( psa_drv_slot_number_t ) ) { /* Test driver does not support generic opaque key handling yet. */ return( PSA_ERROR_NOT_SUPPORTED ); } + + /* Assume this is a builtin key based on the key material length. */ + psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); + switch( slot_number ) + { + case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: + /* This is the ECDSA slot. Verify the key's attributes before + * returning the public key. */ + if( psa_get_key_type( attributes ) != + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_bits( attributes ) != 256 ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + if( psa_get_key_algorithm( attributes ) != + PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) + return( PSA_ERROR_CORRUPTION_DETECTED ); + + if( data_size < sizeof( test_driver_ecdsa_pubkey ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( data, test_driver_ecdsa_pubkey, + sizeof( test_driver_ecdsa_pubkey ) ); + *data_length = sizeof( test_driver_ecdsa_pubkey ); + return( PSA_SUCCESS ); + + default: + return( PSA_ERROR_DOES_NOT_EXIST ); + } } /* The opaque test driver exposes two built-in keys when builtin key support is From 0bb653600f89eae09cbbe5c1925a1cb7da9bbf17 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Tue, 6 Apr 2021 15:09:57 +0200 Subject: [PATCH 051/160] If no storage backend is available, don't even attempt key loading Signed-off-by: Steven Cooreman --- library/psa_crypto_slot_management.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 336bc3716..de20fa137 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -351,6 +351,9 @@ psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, if( status != PSA_ERROR_DOES_NOT_EXIST ) return( status ); + /* Loading keys from storage requires support for such a mechanism */ +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || \ + defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) psa_key_id_t volatile_key_id; status = psa_get_empty_key_slot( &volatile_key_id, p_slot ); @@ -378,6 +381,9 @@ psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, status = PSA_ERROR_INVALID_HANDLE; } return( status ); +#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + return( PSA_ERROR_INVALID_HANDLE ); +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ } psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) From 7609b1ff6cea2d25347a395f4579f4ab03f48a3b Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Tue, 6 Apr 2021 16:45:06 +0200 Subject: [PATCH 052/160] leverage psa_allocate_buffer_to_slot from slot management It makes the implementation of psa_load_builtin_key_into_slot a lot cleaner. Signed-off-by: Steven Cooreman --- library/psa_crypto.c | 16 ++-------------- library/psa_crypto_core.h | 15 +++++++++++++++ library/psa_crypto_slot_management.c | 26 ++++++++++++-------------- 3 files changed, 29 insertions(+), 28 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 32568b322..068990a7a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -604,20 +604,8 @@ MBEDTLS_STATIC_TESTABLE psa_status_t psa_mac_key_can_do( return( PSA_ERROR_INVALID_ARGUMENT ); } -/** Try to allocate a buffer to an empty key slot. - * - * \param[in,out] slot Key slot to attach buffer to. - * \param[in] buffer_length Requested size of the buffer. - * - * \retval #PSA_SUCCESS - * The buffer has been successfully allocated. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * Not enough memory was available for allocation. - * \retval #PSA_ERROR_ALREADY_EXISTS - * Trying to allocate a buffer to a non-empty key slot. - */ -static psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot, - size_t buffer_length ) +psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot, + size_t buffer_length ) { if( slot->key.data != NULL ) return( PSA_ERROR_ALREADY_EXISTS ); diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index f949c7188..eeb0105e3 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -180,6 +180,21 @@ static inline psa_key_slot_number_t psa_key_slot_get_slot_number( */ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); +/** Try to allocate a buffer to an empty key slot. + * + * \param[in,out] slot Key slot to attach buffer to. + * \param[in] buffer_length Requested size of the buffer. + * + * \retval #PSA_SUCCESS + * The buffer has been successfully allocated. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * Not enough memory was available for allocation. + * \retval #PSA_ERROR_ALREADY_EXISTS + * Trying to allocate a buffer to a non-empty key slot. + */ +psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot, + size_t buffer_length ); + /** Copy key data (in export format) into an empty key slot. * * This function assumes that the slot does not contain diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index de20fa137..bdb45eed8 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -283,7 +283,6 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_lifetime_t lifetime = PSA_KEY_LIFETIME_VOLATILE; psa_drv_slot_number_t slot_number = 0; - uint8_t *key_buffer = NULL; size_t key_buffer_size = 0; size_t key_buffer_length = 0; @@ -303,33 +302,32 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) /* Set mapped lifetime on the attributes */ psa_set_key_lifetime( &attributes, lifetime ); - /* If the key should exist according to the platform, load it through the - * driver interface. */ + /* If the key should exist according to the platform, then ask the driver + * what its expected size is. */ status = psa_driver_wrapper_get_key_buffer_size( &attributes, &key_buffer_size ); if( status != PSA_SUCCESS ) return( status ); - key_buffer = mbedtls_calloc( 1, key_buffer_size ); - if( key_buffer == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + /* Allocate a buffer of the required size and load the builtin key directly + * into the slot buffer. */ + status = psa_allocate_buffer_to_slot( slot, key_buffer_size ); + if( status != PSA_SUCCESS ) + return( status ); status = psa_driver_wrapper_get_builtin_key( slot_number, &attributes, - key_buffer, key_buffer_size, &key_buffer_length ); + slot->key.data, slot->key.bytes, &key_buffer_length ); if( status != PSA_SUCCESS ) goto exit; - status = psa_copy_key_material_into_slot( - slot, key_buffer, key_buffer_length ); - if( status != PSA_SUCCESS ) - goto exit; - - /* Copy core attributes into the slot on success */ + /* Copy actual key length and core attributes into the slot on success */ + slot->key.bytes = key_buffer_length; slot->attr = attributes.core; exit: - mbedtls_free( key_buffer ); + if( status != PSA_SUCCESS ) + psa_wipe_key_slot( slot ); return( status ); } #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ From 7ddee7f7c58024ffbd3b129629985bd648a2169b Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Wed, 7 Apr 2021 18:08:30 +0200 Subject: [PATCH 053/160] Use remove_key_data_from_memory instead of wipe_key_slot Since the loading attempt of a builtin key might be followed by trying to load a persistent key, we can only wipe the allocated key data, not the associated metadata. Signed-off-by: Steven Cooreman --- library/psa_crypto.c | 3 +-- library/psa_crypto_core.h | 3 +++ library/psa_crypto_slot_management.c | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 068990a7a..f58df4aef 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1063,8 +1063,7 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( psa_get_and_lock_key_slot_with_policy( key, p_slot, usage, alg ) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -/** Wipe key data from a slot. Preserve metadata such as the policy. */ -static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) +psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) { /* Data pointer will always be either a valid pointer or NULL in an * initialized slot, so we can just free it. */ diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index eeb0105e3..90f9d1863 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -195,6 +195,9 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot, size_t buffer_length ); +/** Wipe key data from a slot. Preserves metadata such as the policy. */ +psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ); + /** Copy key data (in export format) into an empty key slot. * * This function assumes that the slot does not contain diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index bdb45eed8..f9ea369e8 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -327,7 +327,7 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) exit: if( status != PSA_SUCCESS ) - psa_wipe_key_slot( slot ); + psa_remove_key_data_from_memory( slot ); return( status ); } #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ From ce48702448e11bcd3ca702d7d784d84ecd0cdfd7 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Wed, 7 Apr 2021 18:09:53 +0200 Subject: [PATCH 054/160] Get a builtin key's attributes in order to correctly get its size Leverage the fact that the get_builtin_key entrypoint returns a key's attributes, such that a proper size for the builtin key's buffer can be calculated through the driver's get_key_buffer_size hook. Signed-off-by: Steven Cooreman --- library/psa_crypto_slot_management.c | 15 ++++++++++++++- tests/src/drivers/key_management.c | 9 ++++++--- 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index f9ea369e8..7809c0cff 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -302,6 +302,19 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) /* Set mapped lifetime on the attributes */ psa_set_key_lifetime( &attributes, lifetime ); + /* Get the full key attributes from the driver in order to be able to + * calculate the required buffer size. */ + status = psa_driver_wrapper_get_builtin_key( + slot_number, &attributes, + NULL, 0, NULL ); + if( status != PSA_ERROR_BUFFER_TOO_SMALL ) + { + /* Builtin keys cannot be defined by the attributes alone */ + if( status == PSA_SUCCESS ) + status = PSA_ERROR_CORRUPTION_DETECTED; + goto exit; + } + /* If the key should exist according to the platform, then ask the driver * what its expected size is. */ status = psa_driver_wrapper_get_key_buffer_size( &attributes, @@ -310,7 +323,7 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) return( status ); /* Allocate a buffer of the required size and load the builtin key directly - * into the slot buffer. */ + * into the (now properly sized) slot buffer. */ status = psa_allocate_buffer_to_slot( slot, key_buffer_size ); if( status != PSA_SUCCESS ) return( status ); diff --git a/tests/src/drivers/key_management.c b/tests/src/drivers/key_management.c index 5daec6bd5..a0626fbf4 100644 --- a/tests/src/drivers/key_management.c +++ b/tests/src/drivers/key_management.c @@ -343,9 +343,6 @@ psa_status_t test_opaque_get_builtin_key( psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) { - if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - switch( slot_number ) { case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: @@ -358,6 +355,9 @@ psa_status_t test_opaque_get_builtin_key( PSA_KEY_USAGE_EXPORT ); psa_set_key_algorithm( attributes, PSA_ALG_CTR ); + if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + *( (psa_drv_slot_number_t*) key_buffer ) = PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT; *key_buffer_length = sizeof( psa_drv_slot_number_t ); @@ -375,6 +375,9 @@ psa_status_t test_opaque_get_builtin_key( psa_set_key_algorithm( attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ); + if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + *( (psa_drv_slot_number_t*) key_buffer ) = PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT; *key_buffer_length = sizeof( psa_drv_slot_number_t ); From ec174e292daac0f5ca396dd34c45c770ae547018 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 19 Mar 2021 18:46:15 +0100 Subject: [PATCH 055/160] Update all uses of old AEAD output size macros MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- library/psa_crypto_aead.c | 8 +- programs/psa/key_ladder_demo.c | 13 ++- programs/psa/psa_constant_names_generated.c | 4 +- scripts/generate_psa_constants.py | 4 +- tests/suites/test_suite_psa_crypto.function | 81 +++++++++++-------- ..._suite_psa_crypto_driver_wrappers.function | 34 ++++---- .../test_suite_psa_crypto_metadata.data | 54 +++++++++++-- .../test_suite_psa_crypto_metadata.function | 17 ++-- 8 files changed, 148 insertions(+), 67 deletions(-) diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index 2632830f8..356679c38 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -154,10 +154,14 @@ static psa_status_t psa_aead_setup( return( PSA_ERROR_NOT_SUPPORTED ); } - if( PSA_AEAD_TAG_LENGTH( alg ) > full_tag_length ) + if( PSA_AEAD_TAG_LENGTH( attributes->core.type, + key_bits, alg ) + > full_tag_length ) return( PSA_ERROR_INVALID_ARGUMENT ); - operation->tag_length = PSA_AEAD_TAG_LENGTH( alg ); + operation->tag_length = PSA_AEAD_TAG_LENGTH( attributes->core.type, + key_bits, + alg ); return( PSA_SUCCESS ); } diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 47d5de642..5d643492b 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -365,6 +365,8 @@ static psa_status_t wrap_data( const char *input_file_name, psa_status_t status; FILE *input_file = NULL; FILE *output_file = NULL; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t key_type; long input_position; size_t input_size; size_t buffer_size = 0; @@ -385,7 +387,10 @@ static psa_status_t wrap_data( const char *input_file_name, } #endif input_size = input_position; - buffer_size = PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, input_size ); + PSA_CHECK( psa_get_key_attributes( wrapping_key, &attributes ) ); + key_type = psa_get_key_type( &attributes ); + buffer_size = + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, WRAPPING_ALG, input_size ); /* Check for integer overflow. */ if( buffer_size < input_size ) { @@ -442,6 +447,8 @@ static psa_status_t unwrap_data( const char *input_file_name, psa_status_t status; FILE *input_file = NULL; FILE *output_file = NULL; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t key_type; unsigned char *buffer = NULL; size_t ciphertext_size = 0; size_t plaintext_size; @@ -465,8 +472,10 @@ static psa_status_t unwrap_data( const char *input_file_name, status = DEMO_ERROR; goto exit; } + PSA_CHECK( psa_get_key_attributes( wrapping_key, &attributes) ); + key_type = psa_get_key_type( &attributes); ciphertext_size = - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, header.payload_size ); + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, WRAPPING_ALG, header.payload_size ); /* Check for integer overflow. */ if( ciphertext_size < header.payload_size ) { diff --git a/programs/psa/psa_constant_names_generated.c b/programs/psa/psa_constant_names_generated.c index 2175af9ff..dcbe87ff0 100644 --- a/programs/psa/psa_constant_names_generated.c +++ b/programs/psa/psa_constant_names_generated.c @@ -169,11 +169,11 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, } else if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) { append(&buffer, buffer_size, &required_size, "PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(", 43); - length_modifier = PSA_AEAD_TAG_LENGTH(alg); + length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); } else if (core_alg != alg) { append(&buffer, buffer_size, &required_size, "PSA_ALG_AEAD_WITH_SHORTENED_TAG(", 32); - length_modifier = PSA_AEAD_TAG_LENGTH(alg); + length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); } } else if (PSA_ALG_IS_KEY_AGREEMENT(alg) && !PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index ff07ecd45..71afd02c8 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -117,11 +117,11 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size, } else if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) { append(&buffer, buffer_size, &required_size, "PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(", 43); - length_modifier = PSA_AEAD_TAG_LENGTH(alg); + length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); } else if (core_alg != alg) { append(&buffer, buffer_size, &required_size, "PSA_ALG_AEAD_WITH_SHORTENED_TAG(", 32); - length_modifier = PSA_AEAD_TAG_LENGTH(alg); + length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); } } else if (PSA_ALG_IS_KEY_AGREEMENT(alg) && !PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4e568002e..310b2a7b6 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2985,24 +2985,16 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t key_bits; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; unsigned char *output_data2 = NULL; size_t output_length2 = 0; - size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_status_t expected_result = expected_result_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - output_size = input_data->len + tag_length; - /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE - * should be exact. */ - if( expected_result != PSA_ERROR_INVALID_ARGUMENT ) - TEST_EQUAL( output_size, - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) ); - ASSERT_ALLOC( output_data, output_size ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); @@ -3011,6 +3003,22 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); + + output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, + alg ); + /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE + * should be exact. */ + if( expected_result != PSA_ERROR_INVALID_ARGUMENT && + expected_result != PSA_ERROR_NOT_SUPPORTED ) + { + TEST_EQUAL( output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); + TEST_ASSERT( output_size <= + PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); + } + ASSERT_ALLOC( output_data, output_size ); status = psa_aead_encrypt( key, alg, nonce->x, nonce->len, @@ -3038,7 +3046,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE * should be exact. */ TEST_EQUAL( input_data->len, - PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, output_length ) ); + PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, output_length ) ); TEST_ASSERT( input_data->len <= PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( output_length ) ); @@ -3075,22 +3083,13 @@ void aead_encrypt( int key_type_arg, data_t *key_data, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t key_bits; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; - output_size = input_data->len + tag_length; - /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE - * should be exact. */ - TEST_EQUAL( output_size, - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); - ASSERT_ALLOC( output_data, output_size ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); @@ -3099,6 +3098,18 @@ void aead_encrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); + + output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, + alg ); + /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE + * should be exact. */ + TEST_EQUAL( output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); + TEST_ASSERT( output_size <= + PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); + ASSERT_ALLOC( output_data, output_size ); status = psa_aead_encrypt( key, alg, nonce->x, nonce->len, @@ -3139,26 +3150,14 @@ void aead_decrypt( int key_type_arg, data_t *key_data, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t key_bits; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_result = expected_result_arg; psa_status_t status = PSA_ERROR_GENERIC_ERROR; - output_size = input_data->len - tag_length; - if( expected_result != PSA_ERROR_INVALID_ARGUMENT ) - { - /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE - * should be exact. */ - TEST_EQUAL( output_size, - PSA_AEAD_DECRYPT_OUTPUT_SIZE( alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); - } - ASSERT_ALLOC( output_data, output_size ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); @@ -3167,6 +3166,22 @@ void aead_decrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); + + output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits, + alg ); + if( expected_result != PSA_ERROR_INVALID_ARGUMENT && + expected_result != PSA_ERROR_NOT_SUPPORTED ) + { + /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE + * should be exact. */ + TEST_EQUAL( output_size, + PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); + TEST_ASSERT( output_size <= + PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); + } + ASSERT_ALLOC( output_data, output_size ); status = psa_aead_decrypt( key, alg, nonce->x, nonce->len, diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 20452b70c..fc2a8e561 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -822,24 +822,15 @@ void aead_encrypt( int key_type_arg, data_t *key_data, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t key_bits; psa_status_t forced_status = forced_status_arg; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; test_driver_aead_hooks = test_driver_aead_hooks_init(); - output_size = input_data->len + tag_length; - /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE - * should be exact. */ - TEST_EQUAL( output_size, - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); - ASSERT_ALLOC( output_data, output_size ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); @@ -848,6 +839,18 @@ void aead_encrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); + + output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, + alg ); + /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE + * should be exact. */ + TEST_EQUAL( output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); + TEST_ASSERT( output_size <= + PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); + ASSERT_ALLOC( output_data, output_size ); test_driver_aead_hooks.forced_status = forced_status; status = psa_aead_encrypt( key, alg, @@ -888,18 +891,15 @@ void aead_decrypt( int key_type_arg, data_t *key_data, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; + size_t key_bits; psa_status_t forced_status = forced_status_arg; unsigned char *output_data = NULL; size_t output_size = 0; size_t output_length = 0; - size_t tag_length = PSA_AEAD_TAG_LENGTH( alg ); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; test_driver_aead_hooks = test_driver_aead_hooks_init(); - output_size = input_data->len - tag_length; - ASSERT_ALLOC( output_data, output_size ); - PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); @@ -908,6 +908,12 @@ void aead_decrypt( int key_type_arg, data_t *key_data, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); + + output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits, + alg ); + ASSERT_ALLOC( output_data, output_size ); test_driver_aead_hooks.forced_status = forced_status; status = psa_aead_decrypt( key, alg, diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index bd98a7688..4e2f4d5af 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -134,17 +134,57 @@ Cipher: XTS depends_on:PSA_WANT_ALG_XTS:MBEDTLS_CIPHER_C cipher_algorithm:PSA_ALG_XTS:0 -AEAD: CCM -depends_on:PSA_WANT_ALG_CCM -aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16 +AEAD: CCM-AES-128 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:128 -AEAD: GCM -depends_on:PSA_WANT_ALG_GCM -aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16 +AEAD: CCM-AES-192 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:192 + +AEAD: CCM-AES-256 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:256 + +AEAD: CCM-CAMELLIA-128 +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:128 + +AEAD: CCM-CAMELLIA-192 +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:192 + +AEAD: CCM-CAMELLIA-256 +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_CCM +aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:256 + +AEAD: GCM-AES-128 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:128 + +AEAD: GCM-AES-192 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:192 + +AEAD: GCM-AES-256 +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:256 + +AEAD: GCM-CAMELLIA-128 +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:128 + +AEAD: GCM-CAMELLIA-192 +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:192 + +AEAD: GCM-CAMELLIA-256 +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA:PSA_WANT_ALG_GCM +aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_CAMELLIA:256 AEAD: ChaCha20_Poly1305 depends_on:PSA_WANT_ALG_CHACHA20_POLY1305 -aead_algorithm:PSA_ALG_CHACHA20_POLY1305:0:16 +aead_algorithm:PSA_ALG_CHACHA20_POLY1305:0:16:PSA_KEY_TYPE_CHACHA20:256 Asymmetric signature: RSA PKCS#1 v1.5 raw depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index 8acbe44a8..8134f4471 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -169,6 +169,7 @@ exit: ; } void aead_algorithm_core( psa_algorithm_t alg, int classification_flags, + psa_key_type_t key_type, size_t key_bits, size_t tag_length ) { /* Algorithm classification */ @@ -183,7 +184,7 @@ void aead_algorithm_core( psa_algorithm_t alg, int classification_flags, algorithm_classification( alg, classification_flags ); /* Tag length */ - TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( alg ) ); + TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( key_type, key_bits, alg ) ); exit: ; } @@ -367,19 +368,24 @@ void cipher_algorithm( int alg_arg, int classification_flags ) /* BEGIN_CASE */ void aead_algorithm( int alg_arg, int classification_flags, - int tag_length_arg ) + int tag_length_arg, + int key_type_arg, int key_bits_arg ) { psa_algorithm_t alg = alg_arg; size_t tag_length = tag_length_arg; size_t n; + psa_key_type_t key_type = key_type_arg; + size_t key_bits = key_bits_arg; - aead_algorithm_core( alg, classification_flags, tag_length ); + aead_algorithm_core( alg, classification_flags, + key_type, key_bits, tag_length ); /* Truncated versions */ for( n = 1; n <= tag_length; n++ ) { psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, n ); - aead_algorithm_core( truncated_alg, classification_flags, n ); + aead_algorithm_core( truncated_alg, classification_flags, + key_type, key_bits, n ); TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( truncated_alg ), alg ); /* Check that calling PSA_ALG_AEAD_WITH_SHORTENED_TAG twice gives @@ -411,7 +417,8 @@ void aead_algorithm( int alg_arg, int classification_flags, for( n = 1; n <= tag_length; n++ ) { psa_algorithm_t policy_alg = PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, n ); - aead_algorithm_core( policy_alg, classification_flags | ALG_IS_WILDCARD, n ); + aead_algorithm_core( policy_alg, classification_flags | ALG_IS_WILDCARD, + key_type, key_bits, n ); TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( policy_alg ), alg ); /* Check that calling PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG twice From 0d8da39703a95cdf63014fa99b01703590e576ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 19 Mar 2021 19:28:52 +0100 Subject: [PATCH 056/160] Mark unused macro argument as unused MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/psa/crypto_sizes.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index e4c5a3627..0c4647fae 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -141,7 +141,7 @@ #define PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ ((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET : \ - 0) + ((void) (key_bits), 0)) /** The maximum tag size for all supported AEAD algorithms, in bytes. * From 8072db2fcb352d143e08eae1f1553d1c98f82608 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 22 Mar 2021 14:51:05 +0100 Subject: [PATCH 057/160] Add changelog MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- ChangeLog.d/psa-aead-output-size-macros-1.0.txt | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 ChangeLog.d/psa-aead-output-size-macros-1.0.txt diff --git a/ChangeLog.d/psa-aead-output-size-macros-1.0.txt b/ChangeLog.d/psa-aead-output-size-macros-1.0.txt new file mode 100644 index 000000000..77d88c76b --- /dev/null +++ b/ChangeLog.d/psa-aead-output-size-macros-1.0.txt @@ -0,0 +1,12 @@ +API changes + * Update AEAD output size macros to bring them in line with the PSA Crypto + API version 1.0 spec. This version of the spec parameterizes them on the + key type used, as well as the key bitsize in the case of + PSA_AEAD_TAG_LENGTH. + The old versions of these macros were renamed and deprecated as follows: + - PSA_AEAD_TAG_LENGTH -> PSA_AEAD_TAG_LENGTH_1_ARG + - PSA_AEAD_ENCRYPT_OUTPUT_SIZE -> PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG + - PSA_AEAD_DECRYPT_OUTPUT_SIZE -> PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG + - PSA_AEAD_UPDATE_OUTPUT_SIZE -> PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG + - PSA_AEAD_FINISH_OUTPUT_SIZE -> PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG + - PSA_AEAD_VERIFY_OUTPUT_SIZE -> PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG From 598e92991a67279ff03c2a70bf61cdf4d10b30ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Wed, 7 Apr 2021 10:59:35 +0200 Subject: [PATCH 058/160] Rework PSA_AEAD_NONCE_LENGTH to reduce expansion MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Due to repeated calls to PSA_AEAD_NONCE_LENGTH, which in turn calls PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG several times, some macros updated in this PR expanded to over 6000 characters, more than the 4095 that ISO C99 compilers are guaranteed to support. Signed-off-by: Bence Szépkúti --- include/psa/crypto_sizes.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 0c4647fae..205bd0b55 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -375,11 +375,14 @@ */ #define PSA_AEAD_NONCE_LENGTH(key_type, alg) \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \ - PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_CCM ? 13 : \ - PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_GCM ? 12 : \ + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0) == \ + PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0) ? 13 : \ + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0) == \ + PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0) ? 12 : \ 0 : \ (key_type) == PSA_KEY_TYPE_CHACHA20 && \ - PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_CHACHA20_POLY1305 ? 12 : \ + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0) == \ + PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0) ? 12 : \ 0) /** The maximum default nonce size among all supported pairs of key types and From 7e31009bdb2e75c7f22e2d0eb4a5d5a8fe454a65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 8 Apr 2021 12:05:18 +0200 Subject: [PATCH 059/160] Further reduce macro expansion MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/psa/crypto_sizes.h | 15 ++++++--------- include/psa/crypto_values.h | 14 ++++++++++++++ 2 files changed, 20 insertions(+), 9 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 205bd0b55..12bbf6e61 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -140,7 +140,7 @@ */ #define PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ - ((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET : \ + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ ((void) (key_bits), 0)) /** The maximum tag size for all supported AEAD algorithms, in bytes. @@ -271,7 +271,7 @@ */ #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext_length) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ - (plaintext_length) + PSA_AEAD_TAG_LENGTH(key_type, 0, alg) : \ + (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ 0) /** A sufficient output buffer size for psa_aead_encrypt(), for any of the @@ -324,7 +324,7 @@ */ #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ - (ciphertext_length) - PSA_AEAD_TAG_LENGTH(key_type, 0, alg) : \ + (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ 0) /** A sufficient output buffer size for psa_aead_decrypt(), for any of the @@ -375,14 +375,11 @@ */ #define PSA_AEAD_NONCE_LENGTH(key_type, alg) \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \ - PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0) == \ - PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0) ? 13 : \ - PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0) == \ - PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0) ? 12 : \ + PSA_ALG_AEAD_IS_BASE_EQUAL(alg, PSA_ALG_CCM) ? 13 : \ + PSA_ALG_AEAD_IS_BASE_EQUAL(alg, PSA_ALG_GCM) ? 12 : \ 0 : \ (key_type) == PSA_KEY_TYPE_CHACHA20 && \ - PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0) == \ - PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0) ? 12 : \ + PSA_ALG_AEAD_IS_BASE_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \ 0) /** The maximum default nonce size among all supported pairs of key types and diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 5e865c931..de5a3c8d3 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1175,6 +1175,20 @@ * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */ #define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000) +/** Macro to test whether two AEAD algorithms correspond to the same base algorithm. + * + * \param aead_alg_1 An AEAD algorithm identifier. + * \param aead_alg_2 An AEAD algorithm identifier. + * + * \return 1 if the base both arguments correspond to the same base + * algorithm, 0 otherwise. + * Unspecified if \p aead_alg_1 or \p aead_alg_2 are not + * supported AEAD algorithms. + */ +#define PSA_ALG_AEAD_IS_BASE_EQUAL(aead_alg_1, aead_alg_2) \ + (!(((aead_alg_1) ^ (aead_alg_2)) & \ + ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG))) + /** Macro to build a shortened AEAD algorithm. * * A shortened AEAD algorithm is similar to the corresponding AEAD From 607c0af246641b5aae57573ce3bb4851b08b3259 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 15 Apr 2021 13:23:54 +0200 Subject: [PATCH 060/160] Simplify PSA AEAD output size compatibility macros MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/psa/crypto_compat.h | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 6caac8292..04a4f30c8 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -285,10 +285,10 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * the ciphertext, return 0. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_TAG_LENGTH_1_ARG( alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD( alg ) ? \ - ( (alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK ) >> PSA_AEAD_TAG_LENGTH_OFFSET : \ +#define PSA_AEAD_TAG_LENGTH_1_ARG( alg ) \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, \ + PSA_ALG_IS_AEAD( alg ) ? \ + PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ 0 ) /** The maximum size of the output of psa_aead_encrypt(), in bytes. @@ -313,8 +313,8 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key */ #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG( alg, plaintext_length ) \ MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_AEAD_TAG_LENGTH_1_ARG( alg ) != 0 ? \ - (plaintext_length) + PSA_AEAD_TAG_LENGTH_1_ARG( alg ) : \ + PSA_ALG_IS_AEAD( alg ) ? \ + (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ 0 ) /** The maximum size of the output of psa_aead_decrypt(), in bytes. @@ -339,8 +339,8 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key */ #define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG( alg, ciphertext_length ) \ MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_AEAD_TAG_LENGTH_1_ARG( alg ) != 0 ? \ - (ciphertext_length) - PSA_AEAD_TAG_LENGTH_1_ARG( alg ) : \ + PSA_ALG_IS_AEAD( alg ) ? \ + (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ 0 ) /** A sufficient output buffer size for psa_aead_update(). From 16141ed2fb38476fa2566b02834cf150131c3b05 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 8 Apr 2021 10:58:33 +0200 Subject: [PATCH 061/160] Add test driver sources to VC build Signed-off-by: Steven Cooreman --- scripts/generate_visualc_files.pl | 3 +++ visualc/VS2010/mbedTLS.vcxproj | 6 ++++++ 2 files changed, 9 insertions(+) diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index df5d66e81..d11041c31 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -40,6 +40,7 @@ my $source_dir = 'library'; my $test_source_dir = 'tests/src'; my $test_header_dir = 'tests/include/test'; my $test_drivers_header_dir = 'tests/include/test/drivers'; +my $test_drivers_source_dir = 'tests/src/drivers'; my @thirdparty_header_dirs = qw( 3rdparty/everest/include/everest @@ -116,6 +117,7 @@ sub check_dirs { && -d $psa_header_dir && -d $source_dir && -d $test_source_dir + && -d $test_drivers_source_dir && -d $test_header_dir && -d $test_drivers_header_dir && -d $programs_dir; @@ -275,6 +277,7 @@ sub main { my @source_dirs = ( $source_dir, $test_source_dir, + $test_drivers_source_dir, @thirdparty_source_dirs, ); my @sources = (map { <$_/*.c> } @source_dirs); diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 832d42862..70ea6c5bc 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -379,6 +379,12 @@ + + + + + + From 2cca9b8f13c092013068001ce2dba2d88683fbb5 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Thu, 8 Apr 2021 12:34:02 +0200 Subject: [PATCH 062/160] Rename test driver source files to avoid file name conflicts MSVC doesn't like multiple compilation units with the same name. (conflict between cipher.c in the library and in the test driver folder) Signed-off-by: Steven Cooreman --- tests/src/drivers/{aead.c => test_driver_aead.c} | 0 tests/src/drivers/{cipher.c => test_driver_cipher.c} | 0 .../{key_management.c => test_driver_key_management.c} | 0 .../drivers/{signature.c => test_driver_signature.c} | 0 tests/src/drivers/{size.c => test_driver_size.c} | 0 visualc/VS2010/mbedTLS.vcxproj | 10 +++++----- 6 files changed, 5 insertions(+), 5 deletions(-) rename tests/src/drivers/{aead.c => test_driver_aead.c} (100%) rename tests/src/drivers/{cipher.c => test_driver_cipher.c} (100%) rename tests/src/drivers/{key_management.c => test_driver_key_management.c} (100%) rename tests/src/drivers/{signature.c => test_driver_signature.c} (100%) rename tests/src/drivers/{size.c => test_driver_size.c} (100%) diff --git a/tests/src/drivers/aead.c b/tests/src/drivers/test_driver_aead.c similarity index 100% rename from tests/src/drivers/aead.c rename to tests/src/drivers/test_driver_aead.c diff --git a/tests/src/drivers/cipher.c b/tests/src/drivers/test_driver_cipher.c similarity index 100% rename from tests/src/drivers/cipher.c rename to tests/src/drivers/test_driver_cipher.c diff --git a/tests/src/drivers/key_management.c b/tests/src/drivers/test_driver_key_management.c similarity index 100% rename from tests/src/drivers/key_management.c rename to tests/src/drivers/test_driver_key_management.c diff --git a/tests/src/drivers/signature.c b/tests/src/drivers/test_driver_signature.c similarity index 100% rename from tests/src/drivers/signature.c rename to tests/src/drivers/test_driver_signature.c diff --git a/tests/src/drivers/size.c b/tests/src/drivers/test_driver_size.c similarity index 100% rename from tests/src/drivers/size.c rename to tests/src/drivers/test_driver_size.c diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 70ea6c5bc..5277193f9 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -379,12 +379,12 @@ - - - - - + + + + + From 966db2677993048095d108ed508b9d5d0164f5bc Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Tue, 13 Apr 2021 13:45:45 +0200 Subject: [PATCH 063/160] Minor code flow improvements * group setting of attributes before calling get_builtin_key * return early instead of going to exit when no resources are allocated yet Signed-off-by: Steven Cooreman --- library/psa_crypto_slot_management.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 7809c0cff..0b1a3c166 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -293,13 +293,14 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) } /* Check the platform function to see whether this key actually exists */ - psa_set_key_id( &attributes, slot->attr.id ); status = mbedtls_psa_platform_get_builtin_key( slot->attr.id, &lifetime, &slot_number ); if( status != PSA_SUCCESS ) return( status ); - /* Set mapped lifetime on the attributes */ + /* Set required key attributes to ensure get_builtin_key can retrieve the + * full attributes. */ + psa_set_key_id( &attributes, slot->attr.id ); psa_set_key_lifetime( &attributes, lifetime ); /* Get the full key attributes from the driver in order to be able to @@ -312,7 +313,7 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) /* Builtin keys cannot be defined by the attributes alone */ if( status == PSA_SUCCESS ) status = PSA_ERROR_CORRUPTION_DETECTED; - goto exit; + return( status ); } /* If the key should exist according to the platform, then ask the driver From 31e27af0cc7c4fdfa5d528baf71d535b1c6acb35 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Wed, 14 Apr 2021 10:32:05 +0200 Subject: [PATCH 064/160] Reword the builtin key language on persistency declaration Specifically allow the driver to override the persistency level of a builtin key in cases where the driver is persistency-aware. Signed-off-by: Steven Cooreman --- docs/proposed/psa-driver-interface.md | 2 +- include/psa/crypto_extra.h | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/docs/proposed/psa-driver-interface.md b/docs/proposed/psa-driver-interface.md index 47d7271e6..2bdbff4e1 100644 --- a/docs/proposed/psa-driver-interface.md +++ b/docs/proposed/psa-driver-interface.md @@ -810,7 +810,7 @@ psa_status_t acme_get_builtin_key(psa_drv_slot_number_t slot_number, If this function returns `PSA_SUCCESS` or `PSA_ERROR_BUFFER_TOO_SMALL`, it must fill `attributes` with the attributes of the key (except for the key identifier). On success, this function must also fill `key_buffer` with the key context. -On entry, `psa_get_key_lifetime(attributes)` is the location at which the driver was declared and the persistence level `#PSA_KEY_LIFETIME_PERSISTENT`. The driver entry point may change the lifetime to one with the same location but a different persistence level. The standard attributes other than the key identifier and lifetime have the value conveyed by `PSA_KEY_ATTRIBUTES_INIT`. +On entry, `psa_get_key_lifetime(attributes)` is the location at which the driver was declared and a persistence level with which the platform is attempting to register the key. The driver entry point may choose to change the lifetime (`psa_set_key_lifetime(attributes, lifetime)`) of the reported key attributes to one with the same location but a different persistence level, in case the driver has more specific knowledge about the actual persistence level of the key which is being retrieved. For example, if a driver knows it cannot delete a key, it may override the persistence level in the lifetime to `PSA_KEY_PERSISTENCE_READ_ONLY`. The standard attributes other than the key identifier and lifetime have the value conveyed by `PSA_KEY_ATTRIBUTES_INIT`. The output parameter `key_buffer` points to a writable buffer of `key_buffer_size` bytes. If the driver has a [`"builtin_key_size"` property](#key-format-for-opaque-drivers) property, `key_buffer_size` has this value, otherwise `key_buffer_size` has the value determined from the key type and size. diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 2c0e33ba7..1310bb576 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -778,7 +778,12 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) * \param[out] lifetime On success, the lifetime associated with the key * corresponding to \p key_id. Lifetime is a * combination of which driver contains the key, - * and with what lifecycle the key can be used. + * and with what persistence level the key is + * intended to be used. If the platform + * implementation does not contain specific + * information about the intended key persistence + * level, the persistence level may be reported as + * #PSA_KEY_PERSISTENCE_DEFAULT. * \param[out] slot_number On success, the slot number known to the driver * registered at the lifetime location reported * through \p lifetime which corresponds to the From 359411fd070ab9fffca483afac61c98ba29b8df0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 16 Apr 2021 11:56:58 +0200 Subject: [PATCH 065/160] Adjust documentation of PSA_ALG_AEAD_IS_BASE_EQUAL MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/psa/crypto_values.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index de5a3c8d3..9e67cb4d5 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1182,8 +1182,8 @@ * * \return 1 if the base both arguments correspond to the same base * algorithm, 0 otherwise. - * Unspecified if \p aead_alg_1 or \p aead_alg_2 are not - * supported AEAD algorithms. + * Unspecified if neither \p aead_alg_1 nor \p aead_alg_2 are + * a supported AEAD algorithm. */ #define PSA_ALG_AEAD_IS_BASE_EQUAL(aead_alg_1, aead_alg_2) \ (!(((aead_alg_1) ^ (aead_alg_2)) & \ From 835beffcf45c39d47d178ee231137a6ebe7989ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= Date: Mon, 19 Apr 2021 23:54:27 +0200 Subject: [PATCH 066/160] Fix typo in architecture docs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Tobias Nießen --- docs/architecture/psa-crypto-implementation-structure.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/psa-crypto-implementation-structure.md b/docs/architecture/psa-crypto-implementation-structure.md index 025a6235f..cd4d427bf 100644 --- a/docs/architecture/psa-crypto-implementation-structure.md +++ b/docs/architecture/psa-crypto-implementation-structure.md @@ -63,7 +63,7 @@ Key creation implementation in Mbed TLS PSA core is articulated around three int 3. Generate or copy the key material into the key slot. This entails the allocation of the buffer to store the key material. 4. Call psa_finish_key_creation() that mostly saves persistent keys into persistent storage. -In case of any error occuring at step 3 or 4, psa_fail_key_creation() is called. It wipes and cleans the slot especially the key material: reset to zero of the RAM memory that contained the key material, free the allocated buffer. +In case of any error occurring at step 3 or 4, psa_fail_key_creation() is called. It wipes and cleans the slot especially the key material: reset to zero of the RAM memory that contained the key material, free the allocated buffer. ## Mbed TLS PSA Cryptography API implementation drivers From 7725a63c240b1db6026147ddc6b819b91ee43101 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 20 Apr 2021 18:54:59 +0100 Subject: [PATCH 067/160] Fix unchecked return in bignum Signed-off-by: Paul Elliott --- ChangeLog.d/fix_bignum_unchecked_return.txt | 2 ++ library/bignum.c | 3 +-- 2 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 ChangeLog.d/fix_bignum_unchecked_return.txt diff --git a/ChangeLog.d/fix_bignum_unchecked_return.txt b/ChangeLog.d/fix_bignum_unchecked_return.txt new file mode 100644 index 000000000..1c32da888 --- /dev/null +++ b/ChangeLog.d/fix_bignum_unchecked_return.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix unchecked return in bignum module. diff --git a/library/bignum.c b/library/bignum.c index bfca43d90..225e36c07 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1666,8 +1666,7 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint * calculating the result is trivial in those cases. */ if( b == 0 || n == 0 ) { - mbedtls_mpi_lset( X, 0 ); - return( 0 ); + return mbedtls_mpi_lset( X, 0 ); } /* Calculate A*b as A + A*(b-1) to take advantage of mpi_mul_hlp */ From 986b55af03c5d3c4339aefea3a809c1668527f40 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 20 Apr 2021 21:46:29 +0100 Subject: [PATCH 068/160] Style Fix Signed-off-by: Paul Elliott --- library/bignum.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/bignum.c b/library/bignum.c index 225e36c07..e00204b79 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1666,7 +1666,7 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint * calculating the result is trivial in those cases. */ if( b == 0 || n == 0 ) { - return mbedtls_mpi_lset( X, 0 ); + return( mbedtls_mpi_lset( X, 0 ) ); } /* Calculate A*b as A + A*(b-1) to take advantage of mpi_mul_hlp */ From 70c68dac45df992137ea48e87c9db473266ea1cb Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 20 Apr 2021 21:47:04 +0100 Subject: [PATCH 069/160] Remove unnecessary changelog Signed-off-by: Paul Elliott --- ChangeLog.d/fix_bignum_unchecked_return.txt | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 ChangeLog.d/fix_bignum_unchecked_return.txt diff --git a/ChangeLog.d/fix_bignum_unchecked_return.txt b/ChangeLog.d/fix_bignum_unchecked_return.txt deleted file mode 100644 index 1c32da888..000000000 --- a/ChangeLog.d/fix_bignum_unchecked_return.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Fix unchecked return in bignum module. From f5a1fe939288f730d97088fd28e145606b69674d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Wed, 21 Apr 2021 10:13:08 +0200 Subject: [PATCH 070/160] Explicitly check non-boolean values against zero MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/psa/crypto_sizes.h | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 12bbf6e61..bb254d757 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -139,7 +139,7 @@ * return 0. */ #define PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg) \ - (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ ((void) (key_bits), 0)) @@ -270,7 +270,7 @@ * return 0. */ #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext_length) \ - (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ 0) @@ -323,7 +323,7 @@ * return 0. */ #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \ - (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ 0) @@ -426,7 +426,7 @@ * capable of this. So for modes based on a block cipher, allow the * implementation to delay the output until it has a full block. */ #define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ - (PSA_AEAD_NONCE_LENGTH(key_type, alg) ? \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \ (input_length) : \ @@ -466,9 +466,10 @@ * recognized, or the parameters are incompatible, * return 0. */ -#define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \ - (PSA_AEAD_NONCE_LENGTH(key_type, alg) && PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ +#define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ 0) /** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the @@ -499,9 +500,10 @@ * recognized, or the parameters are incompatible, * return 0. */ -#define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \ - (PSA_AEAD_NONCE_LENGTH(key_type, alg) && PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ +#define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ 0) /** A sufficient plaintext buffer size for psa_aead_verify(), for any of the From b639d4353800ecbaebdf1a069ab4efce94a61d47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Wed, 21 Apr 2021 10:33:54 +0200 Subject: [PATCH 071/160] Move and rename PSA_ALG_AEAD_IS_BASE_EQUAL MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/psa/crypto_sizes.h | 6 +++--- include/psa/crypto_values.h | 37 +++++++++++++++++++++++-------------- 2 files changed, 26 insertions(+), 17 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index bb254d757..709ae6ec9 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -375,11 +375,11 @@ */ #define PSA_AEAD_NONCE_LENGTH(key_type, alg) \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \ - PSA_ALG_AEAD_IS_BASE_EQUAL(alg, PSA_ALG_CCM) ? 13 : \ - PSA_ALG_AEAD_IS_BASE_EQUAL(alg, PSA_ALG_GCM) ? 12 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \ 0 : \ (key_type) == PSA_KEY_TYPE_CHACHA20 && \ - PSA_ALG_AEAD_IS_BASE_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \ 0) /** The maximum default nonce size among all supported pairs of key types and diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 9e67cb4d5..9bfd5ab1c 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1175,20 +1175,6 @@ * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */ #define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000) -/** Macro to test whether two AEAD algorithms correspond to the same base algorithm. - * - * \param aead_alg_1 An AEAD algorithm identifier. - * \param aead_alg_2 An AEAD algorithm identifier. - * - * \return 1 if the base both arguments correspond to the same base - * algorithm, 0 otherwise. - * Unspecified if neither \p aead_alg_1 nor \p aead_alg_2 are - * a supported AEAD algorithm. - */ -#define PSA_ALG_AEAD_IS_BASE_EQUAL(aead_alg_1, aead_alg_2) \ - (!(((aead_alg_1) ^ (aead_alg_2)) & \ - ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG))) - /** Macro to build a shortened AEAD algorithm. * * A shortened AEAD algorithm is similar to the corresponding AEAD @@ -2151,4 +2137,27 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) /**@}*/ +/** \defgroup helper_macros Helper macros + * @{ + */ + +/* Helper macros */ + +/** Check if two AEAD algorithm identifiers refer to the same AEAD algorithm + * regardless of the tag length they encode. + * + * \param aead_alg_1 An AEAD algorithm identifier. + * \param aead_alg_2 An AEAD algorithm identifier. + * + * \return 1 if both identifiers refer to the same AEAD algorithm, + * 0 otherwise. + * Unspecified if neither \p aead_alg_1 nor \p aead_alg_2 are + * a supported AEAD algorithm. + */ +#define MBEDTLS_PSA_ALG_AEAD_EQUAL(aead_alg_1, aead_alg_2) \ + (!(((aead_alg_1) ^ (aead_alg_2)) & \ + ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG))) + +/**@}*/ + #endif /* PSA_CRYPTO_VALUES_H */ From 1dda21c4a45d5cb7613addd9b84bac46a6fd9de9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Wed, 21 Apr 2021 11:09:50 +0200 Subject: [PATCH 072/160] Make sure we don't underflow in the size macros MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/psa/crypto_compat.h | 9 +++++---- include/psa/crypto_sizes.h | 5 +++-- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 04a4f30c8..5dabbd25f 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -337,10 +337,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG( alg, ciphertext_length ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD( alg ) ? \ - (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG( alg, ciphertext_length ) \ + MBEDTLS_DEPRECATED_CONSTANT( size_t, \ + PSA_ALG_IS_AEAD( alg ) && \ + (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) ? \ + (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ 0 ) /** A sufficient output buffer size for psa_aead_update(). diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 709ae6ec9..b56b34645 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -323,8 +323,9 @@ * return 0. */ #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \ - (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ - (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ + (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ + (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \ + (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ 0) /** A sufficient output buffer size for psa_aead_decrypt(), for any of the From 1818d967fe8ada415ae51022bd44651da05edf04 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 22 Apr 2021 12:06:32 +0200 Subject: [PATCH 073/160] Four config.h defaults have been changed. Signed-off-by: TRodziewicz --- include/mbedtls/config.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 46941e27f..c34b6ba47 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2521,7 +2521,7 @@ * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 */ -//#define MBEDTLS_ARIA_C +#define MBEDTLS_ARIA_C /** * \def MBEDTLS_CCM_C @@ -2592,7 +2592,7 @@ * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C * */ -//#define MBEDTLS_CMAC_C +#define MBEDTLS_CMAC_C /** * \def MBEDTLS_CTR_DRBG_C @@ -2728,7 +2728,7 @@ * * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C */ -//#define MBEDTLS_ECJPAKE_C +#define MBEDTLS_ECJPAKE_C /** * \def MBEDTLS_ECP_C @@ -2824,7 +2824,7 @@ * * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C */ -//#define MBEDTLS_NIST_KW_C +#define MBEDTLS_NIST_KW_C /** * \def MBEDTLS_MD_C From 706279684482e35c092bdecad91125a4ba8b7c91 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 22 Apr 2021 14:11:10 +0200 Subject: [PATCH 074/160] Testing the failed ubuntu test Signed-off-by: TRodziewicz --- include/mbedtls/config.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index c34b6ba47..6b0cb7806 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2521,7 +2521,7 @@ * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 */ -#define MBEDTLS_ARIA_C +// #define MBEDTLS_ARIA_C /** * \def MBEDTLS_CCM_C @@ -2592,7 +2592,7 @@ * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C * */ -#define MBEDTLS_CMAC_C +// #define MBEDTLS_CMAC_C /** * \def MBEDTLS_CTR_DRBG_C @@ -2728,7 +2728,7 @@ * * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C */ -#define MBEDTLS_ECJPAKE_C +// #define MBEDTLS_ECJPAKE_C /** * \def MBEDTLS_ECP_C @@ -2824,7 +2824,7 @@ * * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C */ -#define MBEDTLS_NIST_KW_C +// #define MBEDTLS_NIST_KW_C /** * \def MBEDTLS_MD_C From b13360514c55a5de7848beb7acc6e1f86d759478 Mon Sep 17 00:00:00 2001 From: Tomasz Rodziewicz <40165497+TRodziewicz@users.noreply.github.com> Date: Thu, 22 Apr 2021 15:14:17 +0200 Subject: [PATCH 075/160] Test why the test_depends_curves_psa fails in CI --- include/mbedtls/config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 6b0cb7806..83f50dbdb 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2728,7 +2728,7 @@ * * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C */ -// #define MBEDTLS_ECJPAKE_C +#define MBEDTLS_ECJPAKE_C /** * \def MBEDTLS_ECP_C From e11e81413d46577503d20a93ce7e791bf4324d2b Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Thu, 22 Apr 2021 15:28:56 +0100 Subject: [PATCH 076/160] Improve documentation for error code checking Improve comments explaining error code checking, fix incorrect comments and make a small formatting fix. Signed-off-by: Chris Jones --- include/mbedtls/error.h | 2 +- library/ssl_cookie.c | 2 +- tests/src/helpers.c | 20 ++++++++++++++++---- 3 files changed, 18 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 3d8a5eac0..52b818808 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -122,7 +122,7 @@ extern "C" { /** * \brief Combines a high-level and low-level error code together. * - * Wrapper function for mbedtls_err_add_ext(). See that function for + * Wrapper macro for mbedtls_error_add_ext(). See that function for * more details. */ #define MBEDTLS_ERROR_ADD( high, low ) \ diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index b64c354e6..69d1b3287 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -220,7 +220,7 @@ int mbedtls_ssl_cookie_check( void *p_ctx, #if defined(MBEDTLS_THREADING_C) if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR , + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, MBEDTLS_ERR_THREADING_MUTEX_ERROR ) ); #endif diff --git a/tests/src/helpers.c b/tests/src/helpers.c index b54661195..4923e3c68 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -298,22 +298,34 @@ void mbedtls_test_err_add_check( int high, int low, * h = high level error code (includes high and module error codes). * l = low level error code. */ - if ( high > -0x1000 && high != 0 ) // high < 0001000000000000 + if ( high > -0x1000 && high != 0 ) + /* high < 0001000000000000 + * No high level error bits are set. + */ { mbedtls_test_fail( "'high' is not a high-level error code", line, file ); } - else if ( high < -0x7F80 ) // high > 0111111110000000 + else if ( high < -0x7F80 ) + /* high > 0111111110000000 + * Error code is larger than the greatest high + module level error. + */ { mbedtls_test_fail( "'high' error code is greater than 15 bits", line, file ); } - else if ( ( high & 0x7F ) != 0 ) // high & 0000000001111111 + else if ( ( high & 0x7F ) != 0 ) + /* high & 0000000001111111 + * Error code contains low level error code bits. + */ { mbedtls_test_fail( "'high' contains a low-level error code", line, file ); } - else if ( low < -0x007F ) // low > 0000000001111111 + else if ( low < -0x007F ) + /* low > 0000000001111111 + * Error code contains high or module level error code bits. + */ { mbedtls_test_fail( "'low' error code is greater than 7 bits", line, file ); From 894b9c46355ece4bcbd761a93fbc6528265a72ef Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Fri, 23 Apr 2021 08:19:43 +0200 Subject: [PATCH 077/160] Add documentation for change in CMAC self-test behaviour Signed-off-by: Steven Cooreman --- ChangeLog.d/allow_alt_cmac_without_des.txt | 3 +++ include/mbedtls/cmac.h | 7 +++++++ 2 files changed, 10 insertions(+) create mode 100644 ChangeLog.d/allow_alt_cmac_without_des.txt diff --git a/ChangeLog.d/allow_alt_cmac_without_des.txt b/ChangeLog.d/allow_alt_cmac_without_des.txt new file mode 100644 index 000000000..5193a9e61 --- /dev/null +++ b/ChangeLog.d/allow_alt_cmac_without_des.txt @@ -0,0 +1,3 @@ +Changes + * Alternative implementations of CMAC may now opt to not support 3DES as a + CMAC block cipher, and still pass the CMAC self test. diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index cb538d092..b67305ce5 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -198,6 +198,13 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len, /** * \brief The CMAC checkup routine. * + * \note In case the CMAC routines are provided by an alternative + * implementation (i.e. #MBEDTLS_CMAC_ALT is defined), the + * checkup routine will succeed even if the implementation does + * not support the less widely used AES-192 or 3DES primitives. + * The self-test requires at least AES-128 and AES-256 to be + * supported by the underlying implementation. + * * \return \c 0 on success. * \return \c 1 on failure. */ From 456d29c20b8e750c183a770bbba0addebebb4045 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Fri, 23 Apr 2021 09:24:05 +0100 Subject: [PATCH 078/160] Rename mbedtls_error_add_ext to mbedtls_error_add This function was previously called mbedtls_error_add_ext because there was a macro called mbedtls_error_add. That later got capitalised which allows the function to now be named mbedtls_error_add. Signed-off-by: Chris Jones --- include/mbedtls/error.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 52b818808..aabbe6c39 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -122,11 +122,11 @@ extern "C" { /** * \brief Combines a high-level and low-level error code together. * - * Wrapper macro for mbedtls_error_add_ext(). See that function for + * Wrapper macro for mbedtls_error_add(). See that function for * more details. */ #define MBEDTLS_ERROR_ADD( high, low ) \ - mbedtls_error_add_ext( high, low, __FILE__, __LINE__ ) + mbedtls_error_add( high, low, __FILE__, __LINE__ ) #if defined(MBEDTLS_TEST_HOOKS) /** @@ -154,7 +154,7 @@ extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); * \param file file where this error code addition occured. * \param line line where this error code addition occured. */ -static inline int mbedtls_error_add_ext( int high, int low, +static inline int mbedtls_error_add( int high, int low, const char *file, int line ) { #if defined(MBEDTLS_TEST_HOOKS) From 85aff9f07a9a406cae0edf6b1350c757c9d352e6 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 23 Apr 2021 10:47:26 +0200 Subject: [PATCH 079/160] Correction fixing the test_depends_curves_psa falure Signed-off-by: TRodziewicz --- include/mbedtls/config.h | 6 +++--- tests/scripts/curves.pl | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 83f50dbdb..c34b6ba47 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2521,7 +2521,7 @@ * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 */ -// #define MBEDTLS_ARIA_C +#define MBEDTLS_ARIA_C /** * \def MBEDTLS_CCM_C @@ -2592,7 +2592,7 @@ * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C * */ -// #define MBEDTLS_CMAC_C +#define MBEDTLS_CMAC_C /** * \def MBEDTLS_CTR_DRBG_C @@ -2824,7 +2824,7 @@ * * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C */ -// #define MBEDTLS_NIST_KW_C +#define MBEDTLS_NIST_KW_C /** * \def MBEDTLS_MD_C diff --git a/tests/scripts/curves.pl b/tests/scripts/curves.pl index 188bd29ac..2572e9330 100755 --- a/tests/scripts/curves.pl +++ b/tests/scripts/curves.pl @@ -84,6 +84,7 @@ for my $curve (@curves) { } # Depends on a specific curve. Also, ignore error if it wasn't enabled. system( "scripts/config.pl unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED" ); +system( "scripts/config.pl unset MBEDTLS_ECJPAKE_C" ); # Test with only $curve enabled, for each $curve. for my $curve (@curves) { From 4f91d8d7adacfd34cfa7223608f3268a2a4ce635 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Fri, 23 Apr 2021 12:07:25 +0100 Subject: [PATCH 080/160] Change "high level error" to "high level module ID" Signed-off-by: Chris Jones --- tests/src/helpers.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 4923e3c68..72b886de7 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -295,12 +295,13 @@ void mbedtls_test_err_add_check( int high, int low, * shhhhhhhhlllllll * * s = sign bit. - * h = high level error code (includes high and module error codes). + * h = high level error code (includes high level module ID (bits 12..14) + * and module-dependent error code (bits 7..11)). * l = low level error code. */ if ( high > -0x1000 && high != 0 ) /* high < 0001000000000000 - * No high level error bits are set. + * No high level module ID bits are set. */ { mbedtls_test_fail( "'high' is not a high-level error code", From 7c1d41da527f3ad0201438a8a1499655687e3606 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 23 Apr 2021 13:33:44 +0200 Subject: [PATCH 081/160] Correction fixing the test_everest_curve25519_only falure Signed-off-by: TRodziewicz --- tests/scripts/all.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5524f1d01..d0a0cca6c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1050,6 +1050,7 @@ component_test_everest_curve25519_only () { scripts/config.py unset MBEDTLS_ECDSA_C scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + scripts/config.py unset MBEDTLS_ECJPAKE_C # Disable all curves for c in $(sed -n 's/#define \(MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED\).*/\1/p' <"$CONFIG_H"); do scripts/config.py unset "$c" From 1f984245088be0cce3750e88916d6d8bca25d2bd Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 23 Apr 2021 14:57:39 +0200 Subject: [PATCH 082/160] Correction fixing the test_when_no_ciphersuites_have_mac falure Signed-off-by: TRodziewicz --- tests/scripts/all.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d0a0cca6c..ad1bd1109 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1964,6 +1964,7 @@ component_test_when_no_ciphersuites_have_mac () { scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER scripts/config.py unset MBEDTLS_ARC4_C scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + scripts/config.py unset MBEDTLS_ECJPAKE_C make msg "test: !MBEDTLS_SSL_SOME_MODES_USE_MAC" From 5ec69069640838754a9b4e87907f9fd613acdefc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 23 Apr 2021 15:12:56 +0100 Subject: [PATCH 083/160] Add sign-off for some older commits which are missing it. This sign-off applies to: c258a0fa6537c00b55b45363e96f979472148137 7bdbc452752bcddc04e957e342c961196208900e bfa03e3bc9e05515cb50b76111815d3cecb27480 Signed-off-by: Dave Rodgman From c338cef74b3876e38a2c4e2db9187bcb9e87ef39 Mon Sep 17 00:00:00 2001 From: Steven Cooreman Date: Mon, 26 Apr 2021 11:24:44 +0200 Subject: [PATCH 084/160] Add notes to the documentation about CMAC_ALT algorithm support Signed-off-by: Steven Cooreman --- include/mbedtls/cmac.h | 11 +++++++++++ include/mbedtls/config.h | 5 +++++ 2 files changed, 16 insertions(+) diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index b67305ce5..00aeaa8c3 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -77,6 +77,12 @@ struct mbedtls_cmac_context_t * the input data. * Must be called with an initialized cipher context. * + * \note When the CMAC implementation is supplied by an alternate + * implementation (through #MBEDTLS_CMAC_ALT), some ciphers + * may not be supported by that implementation, and thus + * return an error. Alternate implementations must support + * AES-128 and AES-256, and may support AES-192 and 3DES. + * * \param ctx The cipher context used for the CMAC operation, initialized * as one of the following types: MBEDTLS_CIPHER_AES_128_ECB, * MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB, @@ -154,6 +160,11 @@ int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); * The CMAC result is calculated as * output = generic CMAC(cmac key, input buffer). * + * \note When the CMAC implementation is supplied by an alternate + * implementation (through #MBEDTLS_CMAC_ALT), some ciphers + * may not be supported by that implementation, and thus + * return an error. Alternate implementations must support + * AES-128 and AES-256, and may support AES-192 and 3DES. * * \param cipher_info The cipher information. * \param key The CMAC key. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index c3132a5e1..fc35427d1 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2615,6 +2615,11 @@ * Enable the CMAC (Cipher-based Message Authentication Code) mode for block * ciphers. * + * \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying + * implementation of the CMAC algorithm is provided by an alternate + * implementation, that alternate implementation may opt to not support + * AES-192 or 3DES as underlying block ciphers for the CMAC operation. + * * Module: library/cmac.c * * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C From d7a21a1ec542f2f4e4ebd785ed7fba3da3b82301 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 26 Apr 2021 13:38:08 +0200 Subject: [PATCH 085/160] Fix failing test_when_no_ciphersuites_have_mac test. Signed-off-by: TRodziewicz --- tests/suites/test_suite_cmac.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_cmac.function b/tests/suites/test_suite_cmac.function index cabf1070c..859b2e025 100644 --- a/tests/suites/test_suite_cmac.function +++ b/tests/suites/test_suite_cmac.function @@ -98,7 +98,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ void mbedtls_cmac_setkey( int cipher_type, int key_size, int result ) { const mbedtls_cipher_info_t *cipher_info; From ede30855634c627327e1435817b074f3ad8c2691 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 26 Apr 2021 15:44:25 +0200 Subject: [PATCH 086/160] Add ChangeLog file and fix comment in config.h Signed-off-by: TRodziewicz --- ChangeLog.d/issue4036.txt | 5 +++++ include/mbedtls/config.h | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 ChangeLog.d/issue4036.txt diff --git a/ChangeLog.d/issue4036.txt b/ChangeLog.d/issue4036.txt new file mode 100644 index 000000000..9b348d330 --- /dev/null +++ b/ChangeLog.d/issue4036.txt @@ -0,0 +1,5 @@ +Default behavior changes + * Enable by default the functionalities which have no reason to be disabled. + They are: ARIA block cipher, CMAC mode, elliptic curve J-PAKE library and + Key Wrapping mode as defined in NIST SP 800-38F. Fixes #4036. + diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index c34b6ba47..623b59385 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2718,7 +2718,7 @@ * * \warning This is currently experimental. EC J-PAKE support is based on the * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. + * might still happen. * * Module: library/ecjpake.c * Caller: From a00e8502c9d027b8e121eed90e5a3780625cb214 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 23 Apr 2021 16:43:13 +0100 Subject: [PATCH 087/160] Documentation updates for Mbed TLS 3.0 Update documentation to reflect the branch changes. Signed-off-by: Dave Rodgman --- BRANCHES.md | 9 +++++++-- ChangeLog.d/mbedtls3.0.txt | 3 +++ README.md | 5 +++++ 3 files changed, 15 insertions(+), 2 deletions(-) create mode 100644 ChangeLog.d/mbedtls3.0.txt diff --git a/BRANCHES.md b/BRANCHES.md index d5144188e..8486ef063 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -6,8 +6,12 @@ At any point in time, we have a number of maintained branches consisting of: this always contains the latest release, including all publicly available security fixes. - The [`development`](https://github.com/ARMmbed/mbedtls/tree/development) branch: - this is where new features land, - as well as bug fixes and security fixes. + this is where the next major version of Mbed TLS (version 3.0) is being + prepared. It has API changes that make it incompatible with Mbed TLS 2.x, + as well as all the new features and bug fixes and security fixes. +- The [`development_2.x`](https://github.com/ARMmbed/mbedtls/tree/development_2.x) branch: + this branch retains the API of Mbed TLS 2.x, and has a subset of the + features added after Mbed TLS 2.26.0 and bug fixes and security fixes. - One or more long-time support (LTS) branches: these only get bug fixes and security fixes. @@ -48,6 +52,7 @@ The following branches are currently maintained: - [master](https://github.com/ARMmbed/mbedtls/tree/master) - [`development`](https://github.com/ARMmbed/mbedtls/) +- [`development_2.x`](https://github.com/ARMmbed/mbedtls/tree/development_2.x) - [`mbedtls-2.16`](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.16) maintained until at least the end of 2021, see diff --git a/ChangeLog.d/mbedtls3.0.txt b/ChangeLog.d/mbedtls3.0.txt new file mode 100644 index 000000000..73b7cc0f8 --- /dev/null +++ b/ChangeLog.d/mbedtls3.0.txt @@ -0,0 +1,3 @@ +Changes + * There is ongoing work for the next release (= Mbed TLS 3.0.0 branch to + be released 2021-xx-xx), including various API-breaking changes. diff --git a/README.md b/README.md index 759ffb57a..ee6ad52a3 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,11 @@ Mbed TLS is a C library that implements cryptographic primitives, X.509 certific Mbed TLS includes a reference implementation of the [PSA Cryptography API](#psa-cryptography-api). This is currently a preview for evaluation purposes only. +Stability +--------- + +**Warning: the [`development`](https://github.com/ARMmbed/mbedtls/tree/development) branch of Mbed TLS currently has an unstable API.** It is where work is happening on the next major release of Mbed TLS. Until Mbed TLS 3.0 is released, if you need a stable API, please use the branch [`development_2.x`](https://github.com/ARMmbed/mbedtls/tree/development_2.x) instead. + Configuration ------------- From ddb8ea6847d6e3c4280b17ad7f05cdb5e745a2cb Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 26 Apr 2021 14:56:20 +0100 Subject: [PATCH 088/160] Fix Changelog entry Rename a Changelog.d file, so that it gets picked up as expected by scripts/assemble_changelog.py. Signed-off-by: Dave Rodgman --- ...sha1_in_certificates => remove_allow_sha1_in_certificates.txt} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename ChangeLog.d/{remove_allow_sha1_in_certificates => remove_allow_sha1_in_certificates.txt} (100%) diff --git a/ChangeLog.d/remove_allow_sha1_in_certificates b/ChangeLog.d/remove_allow_sha1_in_certificates.txt similarity index 100% rename from ChangeLog.d/remove_allow_sha1_in_certificates rename to ChangeLog.d/remove_allow_sha1_in_certificates.txt From 10ba553c2e16e36c508cd263593c5b6099a37e08 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 26 Apr 2021 14:58:26 +0100 Subject: [PATCH 089/160] Update Changelog Signed-off-by: Dave Rodgman --- ChangeLog | 100 ++++++++++++++++++ ChangeLog.d/add_const_parameters.txt | 2 - ChangeLog.d/bugfix_PR3616.txt | 5 - ChangeLog.d/dtls_sample_use_read_timeout.txt | 2 - ChangeLog.d/fix-invalid-id-error-code.txt | 5 - ChangeLog.d/fix-printf-specifiers.txt | 10 -- ChangeLog.d/fix_memsan_build_clang11.txt | 2 - ...fix_return_type_for_invalid_crypto_key.txt | 4 - ChangeLog.d/issue1792.txt | 3 - ChangeLog.d/issue4280.txt | 2 - ChangeLog.d/issue4283.txt | 2 - ChangeLog.d/issue4284.txt | 2 - ChangeLog.d/mbedtls3.0.txt | 3 - ChangeLog.d/move_alt_helpers.txt | 7 -- ChangeLog.d/move_internal_headers.txt | 6 -- ChangeLog.d/mpi_read_negative_zero.txt | 3 - ChangeLog.d/pkcs1_v21_sign_ext.txt | 5 - .../remove_allow_sha1_in_certificates.txt | 14 --- ChangeLog.d/remove_certs.txt | 5 - ChangeLog.d/remove_havege.txt | 9 -- ChangeLog.d/remove_obsolete_tls_features.txt | 10 -- ChangeLog.d/remove_old_transition_helpers.txt | 3 - ChangeLog.d/remove_pkcs11.txt | 6 -- 23 files changed, 100 insertions(+), 110 deletions(-) delete mode 100644 ChangeLog.d/add_const_parameters.txt delete mode 100644 ChangeLog.d/bugfix_PR3616.txt delete mode 100644 ChangeLog.d/dtls_sample_use_read_timeout.txt delete mode 100644 ChangeLog.d/fix-invalid-id-error-code.txt delete mode 100644 ChangeLog.d/fix-printf-specifiers.txt delete mode 100644 ChangeLog.d/fix_memsan_build_clang11.txt delete mode 100644 ChangeLog.d/fix_return_type_for_invalid_crypto_key.txt delete mode 100644 ChangeLog.d/issue1792.txt delete mode 100644 ChangeLog.d/issue4280.txt delete mode 100644 ChangeLog.d/issue4283.txt delete mode 100644 ChangeLog.d/issue4284.txt delete mode 100644 ChangeLog.d/mbedtls3.0.txt delete mode 100644 ChangeLog.d/move_alt_helpers.txt delete mode 100644 ChangeLog.d/move_internal_headers.txt delete mode 100644 ChangeLog.d/mpi_read_negative_zero.txt delete mode 100644 ChangeLog.d/pkcs1_v21_sign_ext.txt delete mode 100644 ChangeLog.d/remove_allow_sha1_in_certificates.txt delete mode 100644 ChangeLog.d/remove_certs.txt delete mode 100644 ChangeLog.d/remove_havege.txt delete mode 100644 ChangeLog.d/remove_obsolete_tls_features.txt delete mode 100644 ChangeLog.d/remove_old_transition_helpers.txt delete mode 100644 ChangeLog.d/remove_pkcs11.txt diff --git a/ChangeLog b/ChangeLog index a6d4adfa1..6e3467f1d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,105 @@ mbed TLS ChangeLog (Sorted per branch, date) += mbed TLS x.x.x branch released xxxx-xx-xx + +API changes + * Remove HAVEGE module. + The design of HAVEGE makes it unsuitable for microcontrollers. Platforms + with a more complex CPU usually have an operating system interface that + provides better randomness. Instead of HAVEGE, declare OS or hardware RNG + interfaces with mbedtls_entropy_add_source() and/or use an entropy seed + file created securely during device provisioning. See + https://tls.mbed.org/kb/how-to/add-entropy-sources-to-entropy-pool for + more information. + * Add missing const attributes to API functions. + * Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0: the + header compat-1.3.h and the script rename.pl. + * Remove certs module from the API. + Transfer keys and certificates embedded in the library to the test + component. This contributes to minimizing library API and discourages + users from using unsafe keys in production. + * Move alt helpers and definitions. + Various helpers and definitions available for use in alt implementations + have been moved out of the include/ directory and into the library/ + directory. The files concerned are ecp_internal.h and rsa_internal.h + which have also been renamed to ecp_alt.h and rsa_alt_helpers.h + respectively. + * Move internal headers. + Header files that were only meant for the library's internal use and + were not meant to be used in application code have been moved out of + the include/ directory. The headers concerned are bn_mul.h, aesni.h, + padlock.h, entropy_poll.h and *_internal.h. + * Drop support for parsing SSLv2 ClientHello + (MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO). + * Drop support for SSLv3 (MBEDTLS_SSL_PROTO_SSL3). + * Drop support for compatibility with our own previous buggy + implementation of truncated HMAC (MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT). + * Drop support for TLS record-level compression (MBEDTLS_ZLIB_SUPPORT). + * Drop support for RC4 TLS ciphersuites. + * Drop support for single-DES ciphersuites. + * Drop support for MBEDTLS_SSL_HW_RECORD_ACCEL. + +Requirement changes + * The library now uses the %zu format specifier with the printf() family of + functions, so requires a toolchain that supports it. This change does not + affect the maintained LTS branches, so when contributing changes please + bear this in mind and do not add them to backported code. + +Removals + * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + compile-time option, which was off by default. Users should not trust + certificates signed with SHA-1 due to the known attacks against SHA-1. + If needed, SHA-1 cerificate can still be used by providing custom + verification profile to mbedtls_x509_crt_verify_with_profile function + in x509_crt.h, or mbedtls_ssl_conf_cert_profile function in ssl.h. + Example of custom verification profile, supporting SHA-1: + const mbedtls_x509_crt_profile mbedtls_x509_crt_custom = { + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ), + 0xFFFFFFF, /* Any PK alg */ + 0xFFFFFFF, /* Any curve */ + 2048 + }; + * Removed deprecated things in psa/crypto_compat.h. Fixes #4284 + * Removed deprecated functions from hashing modules. Fixes #4280. + * Remove PKCS#11 library wrapper. PKCS#11 has limited functionality, + lacks automated tests and has scarce documentation. Also, PSA Crypto + provides a more flexible private key management. + More details on PCKS#11 wrapper removal can be found in the mailing list + https://lists.trustedfirmware.org/pipermail/mbed-tls/2020-April/000024.html + * Remove deprecated error codes. Fix #4283 + +Features + * Add mbedtls_rsa_rsassa_pss_sign_ext() function allowing to generate a + signature with a specific salt length. This function allows to validate + test cases provided in the NIST's CAVP test suite. Contributed by Cédric + Meuter in PR #3183. + +Bugfix + * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may + lead to the seed file corruption in case if the path to the seed file is + equal to MBEDTLS_PLATFORM_STD_NV_SEED_FILE. Contributed by Victor + Krasnoshchok in #3616. + * PSA functions creating a key now return PSA_ERROR_INVALID_ARGUMENT rather + than PSA_ERROR_INVALID_HANDLE when the identifier specified for the key + to create is not valid, bringing them in line with version 1.0.0 of the + specification. Fix #4271. + * Add printf function attributes to mbedtls_debug_print_msg to ensure we + get printf format specifier warnings. + * PSA functions other than psa_open_key now return PSA_ERROR_INVALID_HANDLE + rather than PSA_ERROR_DOES_NOT_EXIST for an invalid handle, bringing them + in line with version 1.0.0 of the specification. Fix #4162. + * Fix a bug in ECDSA that would cause it to fail when the hash is all-bits + zero. Fixes #1792 + * mbedtls_mpi_read_string on "-0" produced an MPI object that was not treated + as equal to 0 in all cases. Fix it to produce the same object as "0". + +Changes + * Fix the setting of the read timeout in the DTLS sample programs. + * Add extra printf compiler warning flags to builds. + * Fix memsan build false positive in x509_crt.c with clang 11 + * There is ongoing work for the next release (= Mbed TLS 3.0.0 branch to + be released 2021-xx-xx), including various API-breaking changes. + = mbed TLS 2.26.0 branch released 2021-03-08 API changes diff --git a/ChangeLog.d/add_const_parameters.txt b/ChangeLog.d/add_const_parameters.txt deleted file mode 100644 index a55ca3660..000000000 --- a/ChangeLog.d/add_const_parameters.txt +++ /dev/null @@ -1,2 +0,0 @@ -API changes - * Add missing const attributes to API functions. diff --git a/ChangeLog.d/bugfix_PR3616.txt b/ChangeLog.d/bugfix_PR3616.txt deleted file mode 100644 index 47d104492..000000000 --- a/ChangeLog.d/bugfix_PR3616.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may - lead to the seed file corruption in case if the path to the seed file is - equal to MBEDTLS_PLATFORM_STD_NV_SEED_FILE. Contributed by Victor - Krasnoshchok in #3616. diff --git a/ChangeLog.d/dtls_sample_use_read_timeout.txt b/ChangeLog.d/dtls_sample_use_read_timeout.txt deleted file mode 100644 index e3150d6ef..000000000 --- a/ChangeLog.d/dtls_sample_use_read_timeout.txt +++ /dev/null @@ -1,2 +0,0 @@ -Changes - * Fix the setting of the read timeout in the DTLS sample programs. diff --git a/ChangeLog.d/fix-invalid-id-error-code.txt b/ChangeLog.d/fix-invalid-id-error-code.txt deleted file mode 100644 index 069a7678b..000000000 --- a/ChangeLog.d/fix-invalid-id-error-code.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * PSA functions creating a key now return PSA_ERROR_INVALID_ARGUMENT rather - than PSA_ERROR_INVALID_HANDLE when the identifier specified for the key - to create is not valid, bringing them in line with version 1.0.0 of the - specification. Fix #4271. diff --git a/ChangeLog.d/fix-printf-specifiers.txt b/ChangeLog.d/fix-printf-specifiers.txt deleted file mode 100644 index 4867721bf..000000000 --- a/ChangeLog.d/fix-printf-specifiers.txt +++ /dev/null @@ -1,10 +0,0 @@ -Bugfix - * Add printf function attributes to mbedtls_debug_print_msg to ensure we - get printf format specifier warnings. -Changes - * Add extra printf compiler warning flags to builds. -Requirement changes - * The library now uses the %zu format specifier with the printf() family of - functions, so requires a toolchain that supports it. This change does not - affect the maintained LTS branches, so when contributing changes please - bear this in mind and do not add them to backported code. diff --git a/ChangeLog.d/fix_memsan_build_clang11.txt b/ChangeLog.d/fix_memsan_build_clang11.txt deleted file mode 100644 index 3f5cc058f..000000000 --- a/ChangeLog.d/fix_memsan_build_clang11.txt +++ /dev/null @@ -1,2 +0,0 @@ -Changes - * Fix memsan build false positive in x509_crt.c with clang 11 diff --git a/ChangeLog.d/fix_return_type_for_invalid_crypto_key.txt b/ChangeLog.d/fix_return_type_for_invalid_crypto_key.txt deleted file mode 100644 index dc6996e02..000000000 --- a/ChangeLog.d/fix_return_type_for_invalid_crypto_key.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * PSA functions other than psa_open_key now return PSA_ERROR_INVALID_HANDLE - rather than PSA_ERROR_DOES_NOT_EXIST for an invalid handle, bringing them - in line with version 1.0.0 of the specification. Fix #4162. diff --git a/ChangeLog.d/issue1792.txt b/ChangeLog.d/issue1792.txt deleted file mode 100644 index 9949bf41d..000000000 --- a/ChangeLog.d/issue1792.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix a bug in ECDSA that would cause it to fail when the hash is all-bits - zero. Fixes #1792 diff --git a/ChangeLog.d/issue4280.txt b/ChangeLog.d/issue4280.txt deleted file mode 100644 index 38d9b2c5d..000000000 --- a/ChangeLog.d/issue4280.txt +++ /dev/null @@ -1,2 +0,0 @@ -Removals - * Removed deprecated functions from hashing modules. Fixes #4280. diff --git a/ChangeLog.d/issue4283.txt b/ChangeLog.d/issue4283.txt deleted file mode 100644 index 021ea7e1a..000000000 --- a/ChangeLog.d/issue4283.txt +++ /dev/null @@ -1,2 +0,0 @@ -Removals - * Remove deprecated error codes. Fix #4283 diff --git a/ChangeLog.d/issue4284.txt b/ChangeLog.d/issue4284.txt deleted file mode 100644 index 1429becb8..000000000 --- a/ChangeLog.d/issue4284.txt +++ /dev/null @@ -1,2 +0,0 @@ -Removals - * Removed deprecated things in psa/crypto_compat.h. Fixes #4284 diff --git a/ChangeLog.d/mbedtls3.0.txt b/ChangeLog.d/mbedtls3.0.txt deleted file mode 100644 index 73b7cc0f8..000000000 --- a/ChangeLog.d/mbedtls3.0.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * There is ongoing work for the next release (= Mbed TLS 3.0.0 branch to - be released 2021-xx-xx), including various API-breaking changes. diff --git a/ChangeLog.d/move_alt_helpers.txt b/ChangeLog.d/move_alt_helpers.txt deleted file mode 100644 index ba96c9d1a..000000000 --- a/ChangeLog.d/move_alt_helpers.txt +++ /dev/null @@ -1,7 +0,0 @@ -API changes - * Move alt helpers and definitions. - Various helpers and definitions available for use in alt implementations - have been moved out of the include/ directory and into the library/ - directory. The files concerned are ecp_internal.h and rsa_internal.h - which have also been renamed to ecp_alt.h and rsa_alt_helpers.h - respectively. diff --git a/ChangeLog.d/move_internal_headers.txt b/ChangeLog.d/move_internal_headers.txt deleted file mode 100644 index 8a38fe68d..000000000 --- a/ChangeLog.d/move_internal_headers.txt +++ /dev/null @@ -1,6 +0,0 @@ -API changes - * Move internal headers. - Header files that were only meant for the library's internal use and - were not meant to be used in application code have been moved out of - the include/ directory. The headers concerned are bn_mul.h, aesni.h, - padlock.h, entropy_poll.h and *_internal.h. diff --git a/ChangeLog.d/mpi_read_negative_zero.txt b/ChangeLog.d/mpi_read_negative_zero.txt deleted file mode 100644 index e338de70b..000000000 --- a/ChangeLog.d/mpi_read_negative_zero.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * mbedtls_mpi_read_string on "-0" produced an MPI object that was not treated - as equal to 0 in all cases. Fix it to produce the same object as "0". diff --git a/ChangeLog.d/pkcs1_v21_sign_ext.txt b/ChangeLog.d/pkcs1_v21_sign_ext.txt deleted file mode 100644 index 76dfaf960..000000000 --- a/ChangeLog.d/pkcs1_v21_sign_ext.txt +++ /dev/null @@ -1,5 +0,0 @@ -Features - * Add mbedtls_rsa_rsassa_pss_sign_ext() function allowing to generate a - signature with a specific salt length. This function allows to validate - test cases provided in the NIST's CAVP test suite. Contributed by Cédric - Meuter in PR #3183. diff --git a/ChangeLog.d/remove_allow_sha1_in_certificates.txt b/ChangeLog.d/remove_allow_sha1_in_certificates.txt deleted file mode 100644 index e3d16ef87..000000000 --- a/ChangeLog.d/remove_allow_sha1_in_certificates.txt +++ /dev/null @@ -1,14 +0,0 @@ -Removals - * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES - compile-time option, which was off by default. Users should not trust - certificates signed with SHA-1 due to the known attacks against SHA-1. - If needed, SHA-1 cerificate can still be used by providing custom - verification profile to mbedtls_x509_crt_verify_with_profile function - in x509_crt.h, or mbedtls_ssl_conf_cert_profile function in ssl.h. - Example of custom verification profile, supporting SHA-1: - const mbedtls_x509_crt_profile mbedtls_x509_crt_custom = { - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ), - 0xFFFFFFF, /* Any PK alg */ - 0xFFFFFFF, /* Any curve */ - 2048 - }; diff --git a/ChangeLog.d/remove_certs.txt b/ChangeLog.d/remove_certs.txt deleted file mode 100644 index 20fa0c691..000000000 --- a/ChangeLog.d/remove_certs.txt +++ /dev/null @@ -1,5 +0,0 @@ -API changes - * Remove certs module from the API. - Transfer keys and certificates embedded in the library to the test - component. This contributes to minimizing library API and discourages - users from using unsafe keys in production. diff --git a/ChangeLog.d/remove_havege.txt b/ChangeLog.d/remove_havege.txt deleted file mode 100644 index 9054010be..000000000 --- a/ChangeLog.d/remove_havege.txt +++ /dev/null @@ -1,9 +0,0 @@ -API changes - * Remove HAVEGE module. - The design of HAVEGE makes it unsuitable for microcontrollers. Platforms - with a more complex CPU usually have an operating system interface that - provides better randomness. Instead of HAVEGE, declare OS or hardware RNG - interfaces with mbedtls_entropy_add_source() and/or use an entropy seed - file created securely during device provisioning. See - https://tls.mbed.org/kb/how-to/add-entropy-sources-to-entropy-pool for - more information. diff --git a/ChangeLog.d/remove_obsolete_tls_features.txt b/ChangeLog.d/remove_obsolete_tls_features.txt deleted file mode 100644 index 87186bff8..000000000 --- a/ChangeLog.d/remove_obsolete_tls_features.txt +++ /dev/null @@ -1,10 +0,0 @@ -API changes - * Drop support for parsing SSLv2 ClientHello - (MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO). - * Drop support for SSLv3 (MBEDTLS_SSL_PROTO_SSL3). - * Drop support for compatibility with our own previous buggy - implementation of truncated HMAC (MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT). - * Drop support for TLS record-level compression (MBEDTLS_ZLIB_SUPPORT). - * Drop support for RC4 TLS ciphersuites. - * Drop support for single-DES ciphersuites. - * Drop support for MBEDTLS_SSL_HW_RECORD_ACCEL. diff --git a/ChangeLog.d/remove_old_transition_helpers.txt b/ChangeLog.d/remove_old_transition_helpers.txt deleted file mode 100644 index c23bbe91c..000000000 --- a/ChangeLog.d/remove_old_transition_helpers.txt +++ /dev/null @@ -1,3 +0,0 @@ -API changes - * Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0: the - header compat-1.3.h and the script rename.pl. diff --git a/ChangeLog.d/remove_pkcs11.txt b/ChangeLog.d/remove_pkcs11.txt deleted file mode 100644 index 5c8134cfc..000000000 --- a/ChangeLog.d/remove_pkcs11.txt +++ /dev/null @@ -1,6 +0,0 @@ -Removals - * Remove PKCS#11 library wrapper. PKCS#11 has limited functionality, - lacks automated tests and has scarce documentation. Also, PSA Crypto - provides a more flexible private key management. - More details on PCKS#11 wrapper removal can be found in the mailing list - https://lists.trustedfirmware.org/pipermail/mbed-tls/2020-April/000024.html From dca8509bb6cd59c2c486985f30f8822f23cf51e9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 26 Apr 2021 15:59:51 +0100 Subject: [PATCH 090/160] Update future Mbed TLS version in Changelog Signed-off-by: Dave Rodgman --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 6e3467f1d..3571910b6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,6 @@ mbed TLS ChangeLog (Sorted per branch, date) -= mbed TLS x.x.x branch released xxxx-xx-xx += Mbed TLS 3.0.0 branch released 2021-xx-xx API changes * Remove HAVEGE module. From 860f50942112cec90c8ad83fd92531008463b00b Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Mon, 26 Apr 2021 16:31:16 +0100 Subject: [PATCH 091/160] Clarify case when high level error code is incorrect Signed-off-by: Chris Jones --- tests/src/helpers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 72b886de7..b7c9867b0 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -309,7 +309,7 @@ void mbedtls_test_err_add_check( int high, int low, } else if ( high < -0x7F80 ) /* high > 0111111110000000 - * Error code is larger than the greatest high + module level error. + * Error code is greater than the largest allowed high level module ID. */ { mbedtls_test_fail( "'high' error code is greater than 15 bits", From 87bfa20f1cc3929991bebe747bddbc97e8b656df Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 26 Apr 2021 20:08:53 +0200 Subject: [PATCH 092/160] Removing trailing space from ChangeLog file Signed-off-by: TRodziewicz --- ChangeLog.d/issue4036.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/issue4036.txt b/ChangeLog.d/issue4036.txt index 9b348d330..700949623 100644 --- a/ChangeLog.d/issue4036.txt +++ b/ChangeLog.d/issue4036.txt @@ -1,5 +1,5 @@ Default behavior changes * Enable by default the functionalities which have no reason to be disabled. - They are: ARIA block cipher, CMAC mode, elliptic curve J-PAKE library and + They are: ARIA block cipher, CMAC mode, elliptic curve J-PAKE library and Key Wrapping mode as defined in NIST SP 800-38F. Fixes #4036. From bd98df7715d458acfc4c499edc1f8dd39360987f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Tue, 27 Apr 2021 04:37:18 +0200 Subject: [PATCH 093/160] Update documentation of AEAD output size macros MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- include/psa/crypto.h | 12 ++++++++++-- include/psa/crypto_sizes.h | 2 +- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 98de3359e..94b8f9916 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2136,7 +2136,11 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \p ciphertext_size is too small + * \p ciphertext_size is too small. + * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\c key_type, \p alg, + * \p plaintext_length) or + * #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p plaintext_length) can be used to + * determine the required buffer size. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED @@ -2205,7 +2209,11 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key, * \p alg is not supported or is not an AEAD algorithm. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \p plaintext_size or \p nonce_length is too small + * \p plaintext_size is too small. + * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\c key_type, \p alg, + * \p ciphertext_length) or + * #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p ciphertext_length) can be used + * to determine the required buffer size. * \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_CORRUPTION_DETECTED diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index b56b34645..79f96739b 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -130,7 +130,7 @@ * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_AEAD(\p alg) is true). * - * \return The tag size for the specified algorithm and key. + * \return The tag length for the specified algorithm and key. * If the AEAD algorithm does not have an identified * tag that can be distinguished from the rest of * the ciphertext, return 0. From 58d8518eb11cba706bbd76fea1c9d1db82ae3d33 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Tue, 27 Apr 2021 04:41:43 +0200 Subject: [PATCH 094/160] Update changelog MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- ChangeLog.d/psa-aead-output-size-macros-1.0.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/psa-aead-output-size-macros-1.0.txt b/ChangeLog.d/psa-aead-output-size-macros-1.0.txt index 77d88c76b..94a66a5f6 100644 --- a/ChangeLog.d/psa-aead-output-size-macros-1.0.txt +++ b/ChangeLog.d/psa-aead-output-size-macros-1.0.txt @@ -1,7 +1,7 @@ API changes * Update AEAD output size macros to bring them in line with the PSA Crypto API version 1.0 spec. This version of the spec parameterizes them on the - key type used, as well as the key bitsize in the case of + key type used, as well as the key bit-size in the case of PSA_AEAD_TAG_LENGTH. The old versions of these macros were renamed and deprecated as follows: - PSA_AEAD_TAG_LENGTH -> PSA_AEAD_TAG_LENGTH_1_ARG From cee427002beeb39a022dcf132d30567ece6d2a85 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 26 Apr 2021 11:34:44 +0200 Subject: [PATCH 095/160] Remove MBEDTLS_ENABLE_WEAK_CIPHERSUITES configuration option Fix 4416 Signed-off-by: Ronald Cron --- configs/config-psa-crypto.h | 17 +---------------- include/mbedtls/config.h | 17 +---------------- library/ssl_ciphersuites.c | 3 --- library/version_features.c | 3 --- programs/test/query_config.c | 8 -------- 5 files changed, 2 insertions(+), 46 deletions(-) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 29c6d145c..846900a30 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -612,8 +612,7 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable - * the following ciphersuites: + * To enable the following ciphersuites: * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA @@ -654,20 +653,6 @@ #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN #define MBEDTLS_CIPHER_PADDING_ZEROS -/** - * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS. - * Warning: Only do so when you know what you are doing. This allows for - * channels with virtually no security at all! - * - * Uncomment this macro to enable weak ciphersuites - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES - /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index dabbb2889..48d3052d2 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -659,8 +659,7 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable - * the following ciphersuites: + * To enable the following ciphersuites: * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA @@ -708,20 +707,6 @@ */ //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY -/** - * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS. - * Warning: Only do so when you know what you are doing. This allows for - * channels with virtually no security at all! - * - * Uncomment this macro to enable weak ciphersuites - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES - /** * \def MBEDTLS_REMOVE_3DES_CIPHERSUITES * diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 49e078407..f51f2026d 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -1534,7 +1534,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ -#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) #if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #if defined(MBEDTLS_MD5_C) @@ -1667,8 +1666,6 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ - #if defined(MBEDTLS_ARIA_C) #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) diff --git a/library/version_features.c b/library/version_features.c index 7af2474fe..11c5f0968 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -300,9 +300,6 @@ static const char * const features[] = { #if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", #endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ -#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) - "MBEDTLS_ENABLE_WEAK_CIPHERSUITES", -#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) "MBEDTLS_REMOVE_3DES_CIPHERSUITES", #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 05b3df824..ab9e2f7aa 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -851,14 +851,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ -#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) - if( strcmp( "MBEDTLS_ENABLE_WEAK_CIPHERSUITES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENABLE_WEAK_CIPHERSUITES ); - return( 0 ); - } -#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ - #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) if( strcmp( "MBEDTLS_REMOVE_3DES_CIPHERSUITES", config ) == 0 ) { From 0c37b4f82601e2c93ba75acbd75624bc03e4af66 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 27 Apr 2021 17:01:24 +0100 Subject: [PATCH 096/160] Improve changelog entry for #4217 Signed-off-by: Dave Rodgman --- ChangeLog.d/add-missing-parenthesis.txt | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/add-missing-parenthesis.txt b/ChangeLog.d/add-missing-parenthesis.txt index ec01985e9..9576ff379 100644 --- a/ChangeLog.d/add-missing-parenthesis.txt +++ b/ChangeLog.d/add-missing-parenthesis.txt @@ -1,4 +1,3 @@ Bugfix - * Add a parenthesis that was missing from ecp.c when - MBEDTLS_ECP_RANDOMIZE_MXZ_ALT is defined. Found and reported by - mbeniamino in #4217. + * Fix a compilation error when MBEDTLS_ECP_RANDOMIZE_MXZ_ALT is + defined. Fixes #4217. From 9a969b66c17dbf16bd97a20b932dbdd7e537c203 Mon Sep 17 00:00:00 2001 From: Peter Kolbus Date: Tue, 11 Dec 2018 13:55:56 -0600 Subject: [PATCH 097/160] Reduce code size when mbedtls_x509_*_info() unused Introduce MBEDTLS_X509_INFO to indicate the availability of the mbedtls_x509_*_info() function and closely related APIs. When this is not defined, also omit name and description from mbedtls_oid_descriptor_t, and omit OID arrays, macros, and types that are entirely unused. This saves several KB of code space. Signed-off-by: Hanno Becker Signed-off-by: Chris Jones --- include/mbedtls/config.h | 11 ++ include/mbedtls/debug.h | 8 +- include/mbedtls/oid.h | 4 + include/mbedtls/x509.h | 2 + include/mbedtls/x509_crl.h | 2 + include/mbedtls/x509_crt.h | 5 + include/mbedtls/x509_csr.h | 2 + library/debug.c | 4 +- library/oid.c | 201 +++++++++++---------- library/version_features.c | 3 + library/x509.c | 2 + library/x509_crl.c | 2 + library/x509_crt.c | 102 ++++++----- library/x509_csr.c | 2 + programs/ssl/dtls_client.c | 4 + programs/ssl/ssl_client1.c | 4 + programs/ssl/ssl_client2.c | 13 ++ programs/ssl/ssl_mail_client.c | 6 + programs/ssl/ssl_server2.c | 8 +- programs/test/query_config.c | 8 + programs/x509/cert_app.c | 4 +- programs/x509/crl_app.c | 6 +- programs/x509/req_app.c | 6 +- tests/suites/test_suite_debug.data | 4 +- tests/suites/test_suite_debug.function | 2 +- tests/suites/test_suite_oid.function | 2 +- tests/suites/test_suite_x509parse.data | 80 ++++---- tests/suites/test_suite_x509parse.function | 31 +++- 28 files changed, 322 insertions(+), 206 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index dabbb2889..f609435d7 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2143,6 +2143,17 @@ */ #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE +/** + * \def MBEDTLS_X509_INFO + * + * Enable mbedtls_x509_*_info() and related APIs. + * + * Comment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt() + * and other functions/constants only used by these functions, thus reducing + * the code footprint by several KB. + */ +#define MBEDTLS_X509_INFO + /** * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT * diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index dd20ba087..a4d6a7e81 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -59,9 +59,13 @@ #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_INFO) #define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \ mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ) -#endif +#else +#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) +#endif /* MBEDTLS_X509_INFO */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_ECDH_C) #define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) \ @@ -248,7 +252,7 @@ void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, const char *text, const mbedtls_ecp_point *X ); #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_X509_INFO) /** * \brief Print a X.509 certificate structure to the debug output. This * function is always used through the MBEDTLS_SSL_DEBUG_CRT() macro, diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index e4c697b2d..89b5fe87f 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -441,8 +441,10 @@ typedef struct mbedtls_oid_descriptor_t { const char *asn1; /*!< OID ASN.1 representation */ size_t asn1_len; /*!< length of asn1 */ +#if defined(MBEDTLS_X509_INFO) const char *name; /*!< official name (e.g. from RFC) */ const char *description; /*!< human friendly description */ +#endif } mbedtls_oid_descriptor_t; /** @@ -582,6 +584,7 @@ int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_a int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac ); #endif /* MBEDTLS_MD_C */ +#if defined(MBEDTLS_X509_INFO) /** * \brief Translate Extended Key Usage OID into description * @@ -591,6 +594,7 @@ int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_ * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc ); +#endif /** * \brief Translate certificate policies OID into description diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index e5e83d664..44f2ed02d 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -316,9 +316,11 @@ int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *serial ); int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *ext, int tag ); +#if defined(MBEDTLS_X509_INFO) int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, const void *sig_opts ); +#endif int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ); int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ); int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h index 7e9e8885f..fb1de79f1 100644 --- a/include/mbedtls/x509_crl.h +++ b/include/mbedtls/x509_crl.h @@ -134,6 +134,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); #endif /* MBEDTLS_FS_IO */ +#if defined(MBEDTLS_X509_INFO) /** * \brief Returns an informational string about the CRL. * @@ -147,6 +148,7 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); */ int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, const mbedtls_x509_crl *crl ); +#endif /** * \brief Initialize a CRL (chain) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 8e389f8c0..fc3ea8eb4 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -509,6 +509,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); */ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, mbedtls_x509_subject_alternative_name *san ); + +#if defined(MBEDTLS_X509_INFO) /** * \brief Returns an informational string about the * certificate. @@ -523,7 +525,9 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, */ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, const mbedtls_x509_crt *crt ); +#endif +#if defined(MBEDTLS_X509_INFO) /** * \brief Returns an informational string about the * verification status of a certificate. @@ -538,6 +542,7 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, */ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, uint32_t flags ); +#endif /** * \brief Verify a chain of certificates. diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index b1dfc21f1..b9e5b93fb 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -121,6 +121,7 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); #endif /* MBEDTLS_FS_IO */ +#if defined(MBEDTLS_X509_INFO) /** * \brief Returns an informational string about the * CSR. @@ -135,6 +136,7 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); */ int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, const mbedtls_x509_csr *csr ); +#endif /** * \brief Initialize a CSR diff --git a/library/debug.c b/library/debug.c index e91d1ad1d..fcd67dbe5 100644 --- a/library/debug.c +++ b/library/debug.c @@ -284,7 +284,7 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, } #endif /* MBEDTLS_BIGNUM_C */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_X509_INFO) static void debug_print_pk( const mbedtls_ssl_context *ssl, int level, const char *file, int line, const char *text, const mbedtls_pk_context *pk ) @@ -379,7 +379,7 @@ void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, crt = crt->next; } } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_INFO */ #if defined(MBEDTLS_ECDH_C) static void mbedtls_debug_printf_ecdh_internal( const mbedtls_ssl_context *ssl, diff --git a/library/oid.c b/library/oid.c index 19c8ac207..d8cbfb460 100644 --- a/library/oid.c +++ b/library/oid.c @@ -41,6 +41,17 @@ */ #define ADD_LEN(s) s, MBEDTLS_OID_SIZE(s) +/* + * Macro to generate mbedtls_oid_descriptor_t + */ +#if defined(MBEDTLS_X509_INFO) +#define OID_DESCRIPTOR(s, name, description) { ADD_LEN(s), name, description } +#define NULL_OID_DESCRIPTOR { NULL, 0, NULL, NULL } +#else +#define OID_DESCRIPTOR(s, name, description) { ADD_LEN(s) } +#define NULL_OID_DESCRIPTOR { NULL, 0 } +#endif + /* * Macro to generate an internal function for oid_XXX_from_asn1() (used by * the other functions) @@ -64,6 +75,7 @@ return( NULL ); \ } +#if defined(MBEDTLS_X509_INFO) /* * Macro to generate a function for retrieving a single attribute from the * descriptor of an mbedtls_oid_descriptor_t wrapper. @@ -76,6 +88,7 @@ int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) *ATTR1 = data->descriptor.ATTR1; \ return( 0 ); \ } +#endif /* MBEDTLS_X509_INFO */ /* * Macro to generate a function for retrieving a single attribute from an @@ -157,83 +170,83 @@ typedef struct { static const oid_x520_attr_t oid_x520_attr_type[] = { { - { ADD_LEN( MBEDTLS_OID_AT_CN ), "id-at-commonName", "Common Name" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_CN, "id-at-commonName", "Common Name" ), "CN", }, { - { ADD_LEN( MBEDTLS_OID_AT_COUNTRY ), "id-at-countryName", "Country" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_COUNTRY, "id-at-countryName", "Country" ), "C", }, { - { ADD_LEN( MBEDTLS_OID_AT_LOCALITY ), "id-at-locality", "Locality" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_LOCALITY, "id-at-locality", "Locality" ), "L", }, { - { ADD_LEN( MBEDTLS_OID_AT_STATE ), "id-at-state", "State" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_STATE, "id-at-state", "State" ), "ST", }, { - { ADD_LEN( MBEDTLS_OID_AT_ORGANIZATION ),"id-at-organizationName", "Organization" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_ORGANIZATION,"id-at-organizationName", "Organization" ), "O", }, { - { ADD_LEN( MBEDTLS_OID_AT_ORG_UNIT ), "id-at-organizationalUnitName", "Org Unit" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_ORG_UNIT, "id-at-organizationalUnitName", "Org Unit" ), "OU", }, { - { ADD_LEN( MBEDTLS_OID_PKCS9_EMAIL ), "emailAddress", "E-mail address" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS9_EMAIL, "emailAddress", "E-mail address" ), "emailAddress", }, { - { ADD_LEN( MBEDTLS_OID_AT_SERIAL_NUMBER ),"id-at-serialNumber", "Serial number" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_SERIAL_NUMBER,"id-at-serialNumber", "Serial number" ), "serialNumber", }, { - { ADD_LEN( MBEDTLS_OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress", "Postal address" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_POSTAL_ADDRESS,"id-at-postalAddress", "Postal address" ), "postalAddress", }, { - { ADD_LEN( MBEDTLS_OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_POSTAL_CODE, "id-at-postalCode", "Postal code" ), "postalCode", }, { - { ADD_LEN( MBEDTLS_OID_AT_SUR_NAME ), "id-at-surName", "Surname" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_SUR_NAME, "id-at-surName", "Surname" ), "SN", }, { - { ADD_LEN( MBEDTLS_OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_GIVEN_NAME, "id-at-givenName", "Given name" ), "GN", }, { - { ADD_LEN( MBEDTLS_OID_AT_INITIALS ), "id-at-initials", "Initials" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_INITIALS, "id-at-initials", "Initials" ), "initials", }, { - { ADD_LEN( MBEDTLS_OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_GENERATION_QUALIFIER, "id-at-generationQualifier", "Generation qualifier" ), "generationQualifier", }, { - { ADD_LEN( MBEDTLS_OID_AT_TITLE ), "id-at-title", "Title" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_TITLE, "id-at-title", "Title" ), "title", }, { - { ADD_LEN( MBEDTLS_OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_DN_QUALIFIER,"id-at-dnQualifier", "Distinguished Name qualifier" ), "dnQualifier", }, { - { ADD_LEN( MBEDTLS_OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_PSEUDONYM, "id-at-pseudonym", "Pseudonym" ), "pseudonym", }, { - { ADD_LEN( MBEDTLS_OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" }, + OID_DESCRIPTOR( MBEDTLS_OID_DOMAIN_COMPONENT, "id-domainComponent", "Domain component" ), "DC", }, { - { ADD_LEN( MBEDTLS_OID_AT_UNIQUE_IDENTIFIER ), "id-at-uniqueIdentifier", "Unique Identifier" }, + OID_DESCRIPTOR( MBEDTLS_OID_AT_UNIQUE_IDENTIFIER, "id-at-uniqueIdentifier", "Unique Identifier" ), "uniqueIdentifier", }, { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, NULL, } }; @@ -252,31 +265,31 @@ typedef struct { static const oid_x509_ext_t oid_x509_ext[] = { { - { ADD_LEN( MBEDTLS_OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" }, + OID_DESCRIPTOR( MBEDTLS_OID_BASIC_CONSTRAINTS, "id-ce-basicConstraints", "Basic Constraints" ), MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS, }, { - { ADD_LEN( MBEDTLS_OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" }, + OID_DESCRIPTOR( MBEDTLS_OID_KEY_USAGE, "id-ce-keyUsage", "Key Usage" ), MBEDTLS_OID_X509_EXT_KEY_USAGE, }, { - { ADD_LEN( MBEDTLS_OID_EXTENDED_KEY_USAGE ), "id-ce-extKeyUsage", "Extended Key Usage" }, + OID_DESCRIPTOR( MBEDTLS_OID_EXTENDED_KEY_USAGE, "id-ce-extKeyUsage", "Extended Key Usage" ), MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE, }, { - { ADD_LEN( MBEDTLS_OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" }, + OID_DESCRIPTOR( MBEDTLS_OID_SUBJECT_ALT_NAME, "id-ce-subjectAltName", "Subject Alt Name" ), MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME, }, { - { ADD_LEN( MBEDTLS_OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" }, + OID_DESCRIPTOR( MBEDTLS_OID_NS_CERT_TYPE, "id-netscape-certtype", "Netscape Certificate Type" ), MBEDTLS_OID_X509_EXT_NS_CERT_TYPE, }, { - { ADD_LEN( MBEDTLS_OID_CERTIFICATE_POLICIES ), "id-ce-certificatePolicies", "Certificate Policies" }, + OID_DESCRIPTOR( MBEDTLS_OID_CERTIFICATE_POLICIES, "id-ce-certificatePolicies", "Certificate Policies" ), MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES, }, { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, 0, }, }; @@ -284,16 +297,17 @@ static const oid_x509_ext_t oid_x509_ext[] = FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext) FN_OID_GET_ATTR1(mbedtls_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type) +#if defined(MBEDTLS_X509_INFO) static const mbedtls_oid_descriptor_t oid_ext_key_usage[] = { - { ADD_LEN( MBEDTLS_OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" }, - { ADD_LEN( MBEDTLS_OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" }, - { ADD_LEN( MBEDTLS_OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" }, - { ADD_LEN( MBEDTLS_OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" }, - { ADD_LEN( MBEDTLS_OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" }, - { ADD_LEN( MBEDTLS_OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" }, - { ADD_LEN( MBEDTLS_OID_WISUN_FAN ), "id-kp-wisun-fan-device", "Wi-SUN Alliance Field Area Network (FAN)" }, - { NULL, 0, NULL, NULL }, + OID_DESCRIPTOR( MBEDTLS_OID_SERVER_AUTH, "id-kp-serverAuth", "TLS Web Server Authentication" ), + OID_DESCRIPTOR( MBEDTLS_OID_CLIENT_AUTH, "id-kp-clientAuth", "TLS Web Client Authentication" ), + OID_DESCRIPTOR( MBEDTLS_OID_CODE_SIGNING, "id-kp-codeSigning", "Code Signing" ), + OID_DESCRIPTOR( MBEDTLS_OID_EMAIL_PROTECTION, "id-kp-emailProtection", "E-mail Protection" ), + OID_DESCRIPTOR( MBEDTLS_OID_TIME_STAMPING, "id-kp-timeStamping", "Time Stamping" ), + OID_DESCRIPTOR( MBEDTLS_OID_OCSP_SIGNING, "id-kp-OCSPSigning", "OCSP Signing" ), + OID_DESCRIPTOR( MBEDTLS_OID_WISUN_FAN, "id-kp-wisun-fan-device", "Wi-SUN Alliance Field Area Network (FAN)" ), + NULL_OID_DESCRIPTOR, }; FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, ext_key_usage, oid_ext_key_usage) @@ -301,12 +315,13 @@ FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage, mbedtls_oid_descriptor_t, e static const mbedtls_oid_descriptor_t oid_certificate_policies[] = { - { ADD_LEN( MBEDTLS_OID_ANY_POLICY ), "anyPolicy", "Any Policy" }, - { NULL, 0, NULL, NULL }, + OID_DESCRIPTOR( MBEDTLS_OID_ANY_POLICY, "anyPolicy", "Any Policy" ), + NULL_OID_DESCRIPTOR, }; FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, certificate_policies, oid_certificate_policies) FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies, mbedtls_oid_descriptor_t, certificate_policies, const char *, description) +#endif /* MBEDTLS_X509_INFO */ #if defined(MBEDTLS_MD_C) /* @@ -323,51 +338,51 @@ static const oid_sig_alg_t oid_sig_alg[] = #if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_MD2_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_MD2 ), "md2WithRSAEncryption", "RSA with MD2" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD2, "md2WithRSAEncryption", "RSA with MD2" ), MBEDTLS_MD_MD2, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_MD2_C */ #if defined(MBEDTLS_MD4_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_MD4 ), "md4WithRSAEncryption", "RSA with MD4" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD4, "md4WithRSAEncryption", "RSA with MD4" ), MBEDTLS_MD_MD4, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_MD4_C */ #if defined(MBEDTLS_MD5_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_MD5 ), "md5WithRSAEncryption", "RSA with MD5" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD5, "md5WithRSAEncryption", "RSA with MD5" ), MBEDTLS_MD_MD5, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_MD5_C */ #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA1 ), "sha-1WithRSAEncryption", "RSA with SHA1" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA1, "sha-1WithRSAEncryption", "RSA with SHA1" ), MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA224 ), "sha224WithRSAEncryption", "RSA with SHA-224" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA224, "sha224WithRSAEncryption", "RSA with SHA-224" ), MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA, }, { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA256 ), "sha256WithRSAEncryption", "RSA with SHA-256" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA256, "sha256WithRSAEncryption", "RSA with SHA-256" ), MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA384 ), "sha384WithRSAEncryption", "RSA with SHA-384" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA384, "sha384WithRSAEncryption", "RSA with SHA-384" ), MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA, }, { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA512 ), "sha512WithRSAEncryption", "RSA with SHA-512" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_SHA512, "sha512WithRSAEncryption", "RSA with SHA-512" ), MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA512_C */ #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_RSA_SHA_OBS ), "sha-1WithRSAEncryption", "RSA with SHA1" }, + OID_DESCRIPTOR( MBEDTLS_OID_RSA_SHA_OBS, "sha-1WithRSAEncryption", "RSA with SHA1" ), MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA1_C */ @@ -375,45 +390,49 @@ static const oid_sig_alg_t oid_sig_alg[] = #if defined(MBEDTLS_ECDSA_C) #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA1 ), "ecdsa-with-SHA1", "ECDSA with SHA1" }, + OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA1, "ecdsa-with-SHA1", "ECDSA with SHA1" ), MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA224 ), "ecdsa-with-SHA224", "ECDSA with SHA224" }, + OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA224, "ecdsa-with-SHA224", "ECDSA with SHA224" ), MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA, }, { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA256 ), "ecdsa-with-SHA256", "ECDSA with SHA256" }, + OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA256, "ecdsa-with-SHA256", "ECDSA with SHA256" ), MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA384 ), "ecdsa-with-SHA384", "ECDSA with SHA384" }, + OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA384, "ecdsa-with-SHA384", "ECDSA with SHA384" ), MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA, }, { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" }, + OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA512, "ecdsa-with-SHA512", "ECDSA with SHA512" ), MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_ECDSA_C */ #if defined(MBEDTLS_RSA_C) { - { ADD_LEN( MBEDTLS_OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" }, + OID_DESCRIPTOR( MBEDTLS_OID_RSASSA_PSS, "RSASSA-PSS", "RSASSA-PSS" ), MBEDTLS_MD_NONE, MBEDTLS_PK_RSASSA_PSS, }, #endif /* MBEDTLS_RSA_C */ { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_MD_NONE, MBEDTLS_PK_NONE, }, }; FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg) + +#if defined(MBEDTLS_X509_INFO) FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description) +#endif + FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg) FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg) #endif /* MBEDTLS_MD_C */ @@ -429,19 +448,19 @@ typedef struct { static const oid_pk_alg_t oid_pk_alg[] = { { - { ADD_LEN( MBEDTLS_OID_PKCS1_RSA ), "rsaEncryption", "RSA" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_RSA, "rsaEncryption", "RSA" ), MBEDTLS_PK_RSA, }, { - { ADD_LEN( MBEDTLS_OID_EC_ALG_UNRESTRICTED ), "id-ecPublicKey", "Generic EC key" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_ALG_UNRESTRICTED, "id-ecPublicKey", "Generic EC key" ), MBEDTLS_PK_ECKEY, }, { - { ADD_LEN( MBEDTLS_OID_EC_ALG_ECDH ), "id-ecDH", "EC key for ECDH" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_ALG_ECDH, "id-ecDH", "EC key for ECDH" ), MBEDTLS_PK_ECKEY_DH, }, { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_PK_NONE, }, }; @@ -463,72 +482,72 @@ static const oid_ecp_grp_t oid_ecp_grp[] = { #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192R1 ), "secp192r1", "secp192r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP192R1, "secp192r1", "secp192r1" ), MBEDTLS_ECP_DP_SECP192R1, }, #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224R1 ), "secp224r1", "secp224r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP224R1, "secp224r1", "secp224r1" ), MBEDTLS_ECP_DP_SECP224R1, }, #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256R1 ), "secp256r1", "secp256r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP256R1, "secp256r1", "secp256r1" ), MBEDTLS_ECP_DP_SECP256R1, }, #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP384R1 ), "secp384r1", "secp384r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP384R1, "secp384r1", "secp384r1" ), MBEDTLS_ECP_DP_SECP384R1, }, #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP521R1 ), "secp521r1", "secp521r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP521R1, "secp521r1", "secp521r1" ), MBEDTLS_ECP_DP_SECP521R1, }, #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192K1 ), "secp192k1", "secp192k1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP192K1, "secp192k1", "secp192k1" ), MBEDTLS_ECP_DP_SECP192K1, }, #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224K1 ), "secp224k1", "secp224k1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP224K1, "secp224k1", "secp224k1" ), MBEDTLS_ECP_DP_SECP224K1, }, #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256K1 ), "secp256k1", "secp256k1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_SECP256K1, "secp256k1", "secp256k1" ), MBEDTLS_ECP_DP_SECP256K1, }, #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_BP256R1 ), "brainpoolP256r1","brainpool256r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_BP256R1, "brainpoolP256r1","brainpool256r1" ), MBEDTLS_ECP_DP_BP256R1, }, #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_BP384R1 ), "brainpoolP384r1","brainpool384r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_BP384R1, "brainpoolP384r1","brainpool384r1" ), MBEDTLS_ECP_DP_BP384R1, }, #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_BP512R1 ), "brainpoolP512r1","brainpool512r1" }, + OID_DESCRIPTOR( MBEDTLS_OID_EC_GRP_BP512R1, "brainpoolP512r1","brainpool512r1" ), MBEDTLS_ECP_DP_BP512R1, }, #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_ECP_DP_NONE, }, }; @@ -550,15 +569,15 @@ typedef struct { static const oid_cipher_alg_t oid_cipher_alg[] = { { - { ADD_LEN( MBEDTLS_OID_DES_CBC ), "desCBC", "DES-CBC" }, + OID_DESCRIPTOR( MBEDTLS_OID_DES_CBC, "desCBC", "DES-CBC" ), MBEDTLS_CIPHER_DES_CBC, }, { - { ADD_LEN( MBEDTLS_OID_DES_EDE3_CBC ), "des-ede3-cbc", "DES-EDE3-CBC" }, + OID_DESCRIPTOR( MBEDTLS_OID_DES_EDE3_CBC, "des-ede3-cbc", "DES-EDE3-CBC" ), MBEDTLS_CIPHER_DES_EDE3_CBC, }, { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_CIPHER_NONE, }, }; @@ -580,56 +599,56 @@ static const oid_md_alg_t oid_md_alg[] = { #if defined(MBEDTLS_MD2_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD2 ), "id-md2", "MD2" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD2, "id-md2", "MD2" ), MBEDTLS_MD_MD2, }, #endif /* MBEDTLS_MD2_C */ #if defined(MBEDTLS_MD4_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD4 ), "id-md4", "MD4" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD4, "id-md4", "MD4" ), MBEDTLS_MD_MD4, }, #endif /* MBEDTLS_MD4_C */ #if defined(MBEDTLS_MD5_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD5 ), "id-md5", "MD5" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD5, "id-md5", "MD5" ), MBEDTLS_MD_MD5, }, #endif /* MBEDTLS_MD5_C */ #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA1 ), "id-sha1", "SHA-1" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA1, "id-sha1", "SHA-1" ), MBEDTLS_MD_SHA1, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA224 ), "id-sha224", "SHA-224" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA224, "id-sha224", "SHA-224" ), MBEDTLS_MD_SHA224, }, { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA256 ), "id-sha256", "SHA-256" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA256, "id-sha256", "SHA-256" ), MBEDTLS_MD_SHA256, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA384 ), "id-sha384", "SHA-384" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA384, "id-sha384", "SHA-384" ), MBEDTLS_MD_SHA384, }, { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA512 ), "id-sha512", "SHA-512" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA512, "id-sha512", "SHA-512" ), MBEDTLS_MD_SHA512, }, #endif /* MBEDTLS_SHA512_C */ #if defined(MBEDTLS_RIPEMD160_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_RIPEMD160 ), "id-ripemd160", "RIPEMD-160" }, + OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_RIPEMD160, "id-ripemd160", "RIPEMD-160" ), MBEDTLS_MD_RIPEMD160, }, #endif /* MBEDTLS_RIPEMD160_C */ { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_MD_NONE, }, }; @@ -650,32 +669,32 @@ static const oid_md_hmac_t oid_md_hmac[] = { #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA1 ), "hmacSHA1", "HMAC-SHA-1" }, + OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA1, "hmacSHA1", "HMAC-SHA-1" ), MBEDTLS_MD_SHA1, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA224 ), "hmacSHA224", "HMAC-SHA-224" }, + OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA224, "hmacSHA224", "HMAC-SHA-224" ), MBEDTLS_MD_SHA224, }, { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA256 ), "hmacSHA256", "HMAC-SHA-256" }, + OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA256, "hmacSHA256", "HMAC-SHA-256" ), MBEDTLS_MD_SHA256, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA384 ), "hmacSHA384", "HMAC-SHA-384" }, + OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA384, "hmacSHA384", "HMAC-SHA-384" ), MBEDTLS_MD_SHA384, }, { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA512 ), "hmacSHA512", "HMAC-SHA-512" }, + OID_DESCRIPTOR( MBEDTLS_OID_HMAC_SHA512, "hmacSHA512", "HMAC-SHA-512" ), MBEDTLS_MD_SHA512, }, #endif /* MBEDTLS_SHA512_C */ { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_MD_NONE, }, }; @@ -697,15 +716,15 @@ typedef struct { static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] = { { - { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC, "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" ), MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE3_CBC, }, { - { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" }, + OID_DESCRIPTOR( MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC, "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" ), MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE_CBC, }, { - { NULL, 0, NULL, NULL }, + NULL_OID_DESCRIPTOR, MBEDTLS_MD_NONE, MBEDTLS_CIPHER_NONE, }, }; diff --git a/library/version_features.c b/library/version_features.c index 7af2474fe..a937d1423 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -597,6 +597,9 @@ static const char * const features[] = { #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ +#if defined(MBEDTLS_X509_INFO) + "MBEDTLS_X509_INFO", +#endif /* MBEDTLS_X509_INFO */ #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) "MBEDTLS_X509_RSASSA_PSS_SUPPORT", #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ diff --git a/library/x509.c b/library/x509.c index f0a9101e5..0cfcc5357 100644 --- a/library/x509.c +++ b/library/x509.c @@ -831,6 +831,7 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se return( (int) ( size - n ) ); } +#if defined(MBEDTLS_X509_INFO) /* * Helper for writing signature algorithms */ @@ -875,6 +876,7 @@ int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *s return( (int)( size - n ) ); } +#endif /* MBEDTLS_X509_INFO */ /* * Helper for writing "RSA key size", "EC key size", etc diff --git a/library/x509_crl.c b/library/x509_crl.c index edeb39b02..4c898c931 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -614,6 +614,7 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ) } #endif /* MBEDTLS_FS_IO */ +#if defined(MBEDTLS_X509_INFO) /* * Return an informational string about the certificate. */ @@ -693,6 +694,7 @@ int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, return( (int) ( size - n ) ); } +#endif /* MBEDTLS_X509_INFO */ /* * Initialize a CRL chain diff --git a/library/x509_crt.c b/library/x509_crt.c index 783f3ba5c..51330e9d7 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1763,6 +1763,57 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, return( 0 ); } +int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, + mbedtls_x509_subject_alternative_name *san ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + switch( san_buf->tag & + ( MBEDTLS_ASN1_TAG_CLASS_MASK | + MBEDTLS_ASN1_TAG_VALUE_MASK ) ) + { + /* + * otherName + */ + case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME ): + { + mbedtls_x509_san_other_name other_name; + + ret = x509_get_other_name( san_buf, &other_name ); + if( ret != 0 ) + return( ret ); + + memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) ); + san->type = MBEDTLS_X509_SAN_OTHER_NAME; + memcpy( &san->san.other_name, + &other_name, sizeof( other_name ) ); + + } + break; + + /* + * dNSName + */ + case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DNS_NAME ): + { + memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) ); + san->type = MBEDTLS_X509_SAN_DNS_NAME; + + memcpy( &san->san.unstructured_name, + san_buf, sizeof( *san_buf ) ); + + } + break; + + /* + * Type not supported + */ + default: + return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + } + return( 0 ); +} + +#if !defined(MBEDTLS_X509_REMOVE_INFO) static int x509_info_subject_alt_name( char **buf, size_t *size, const mbedtls_x509_sequence *subject_alt_name, @@ -1876,56 +1927,6 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, return( 0 ); } -int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, - mbedtls_x509_subject_alternative_name *san ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - switch( san_buf->tag & - ( MBEDTLS_ASN1_TAG_CLASS_MASK | - MBEDTLS_ASN1_TAG_VALUE_MASK ) ) - { - /* - * otherName - */ - case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME ): - { - mbedtls_x509_san_other_name other_name; - - ret = x509_get_other_name( san_buf, &other_name ); - if( ret != 0 ) - return( ret ); - - memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) ); - san->type = MBEDTLS_X509_SAN_OTHER_NAME; - memcpy( &san->san.other_name, - &other_name, sizeof( other_name ) ); - - } - break; - - /* - * dNSName - */ - case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DNS_NAME ): - { - memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) ); - san->type = MBEDTLS_X509_SAN_DNS_NAME; - - memcpy( &san->san.unstructured_name, - san_buf, sizeof( *san_buf ) ); - - } - break; - - /* - * Type not supported - */ - default: - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); - } - return( 0 ); -} - #define PRINT_ITEM(i) \ { \ ret = mbedtls_snprintf( p, n, "%s" i, sep ); \ @@ -2250,6 +2251,7 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, return( (int) ( size - n ) ); } +#endif /* MBEDTLS_X509_INFO */ #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, diff --git a/library/x509_csr.c b/library/x509_csr.c index 5463f8a9e..0a5d2cb27 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -323,6 +323,7 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ) } #endif /* MBEDTLS_FS_IO */ +#if defined(MBEDTLS_X509_INFO) #define BEFORE_COLON 14 #define BC "14" /* @@ -367,6 +368,7 @@ int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, return( (int) ( size - n ) ); } +#endif /* MBEDTLS_X509_INFO */ /* * Initialize a CSR diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index acaae599f..d8353a98d 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -241,13 +241,17 @@ int main( int argc, char *argv[] ) * MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */ if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { +#if defined(MBEDTLS_X509_INFO) char vrfy_buf[512]; +#endif mbedtls_printf( " failed\n" ); +#if defined(MBEDTLS_X509_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); +#endif } else mbedtls_printf( " ok\n" ); diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 2c1688721..eea3c9bd9 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -216,13 +216,17 @@ int main( void ) /* In real life, we probably want to bail out when ret != 0 */ if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { +#if defined(MBEDTLS_X509_INFO) char vrfy_buf[512]; +#endif mbedtls_printf( " failed\n" ); +#if defined(MBEDTLS_X509_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); +#endif } else mbedtls_printf( " ok\n" ); diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 10fc332aa..bf260c38d 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -529,9 +529,12 @@ static unsigned char peer_crt_info[1024]; static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags ) { +#if defined(MBEDTLS_X509_INFO) char buf[1024]; +#endif ((void) data); +#if defined(MBEDTLS_X509_INFO) mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); if( depth == 0 ) memcpy( peer_crt_info, buf, sizeof( buf ) ); @@ -541,13 +544,19 @@ static int my_verify( void *data, mbedtls_x509_crt *crt, mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); mbedtls_printf( "%s", buf ); +#else + ((void) crt); + ((void) depth); +#endif if ( ( *flags ) == 0 ) mbedtls_printf( " This certificate has no flags\n" ); else { +#if defined(MBEDTLS_X509_INFO) mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); mbedtls_printf( "%s\n", buf ); +#endif } return( 0 ); @@ -2275,14 +2284,18 @@ int main( int argc, char *argv[] ) if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { +#if defined(MBEDTLS_X509_INFO) char vrfy_buf[512]; +#endif mbedtls_printf( " failed\n" ); +#if defined(MBEDTLS_X509_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); +#endif } else mbedtls_printf( " ok\n" ); diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 0392a4646..7990376d1 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -208,21 +208,27 @@ static int do_handshake( mbedtls_ssl_context *ssl ) /* In real life, we probably want to bail out when ret != 0 */ if( ( flags = mbedtls_ssl_get_verify_result( ssl ) ) != 0 ) { +#if defined(MBEDTLS_X509_INFO) char vrfy_buf[512]; +#endif mbedtls_printf( " failed\n" ); +#if defined(MBEDTLS_X509_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); +#endif } else mbedtls_printf( " ok\n" ); +#if defined(MBEDTLS_X509_INFO) mbedtls_printf( " . Peer certificate information ...\n" ); mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", mbedtls_ssl_get_peer_cert( ssl ) ); mbedtls_printf( "%s\n", buf ); +#endif return( 0 ); } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 2bb34334c..6d1ef6cb3 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -3134,7 +3134,7 @@ handshake: { mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret ); -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_X509_INFO) if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) { char vrfy_buf[512]; @@ -3188,17 +3188,22 @@ handshake: if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { +#if defined(MBEDTLS_X509_INFO) char vrfy_buf[512]; +#endif mbedtls_printf( " failed\n" ); +#if defined(MBEDTLS_X509_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); +#endif } else mbedtls_printf( " ok\n" ); +#if defined(MBEDTLS_X509_INFO) if( mbedtls_ssl_get_peer_cert( &ssl ) != NULL ) { char crt_buf[512]; @@ -3208,6 +3213,7 @@ handshake: mbedtls_ssl_get_peer_cert( &ssl ) ); mbedtls_printf( "%s\n", crt_buf ); } +#endif /* MBEDTLS_X509_INFO */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 05b3df824..98ea30e54 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1643,6 +1643,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ +#if defined(MBEDTLS_X509_INFO) + if( strcmp( "MBEDTLS_X509_INFO", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_INFO ); + return( 0 ); + } +#endif /* MBEDTLS_X509_INFO */ + #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 ) { diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 89b25a832..765a82e4f 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -41,14 +41,14 @@ !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_CTR_DRBG_C) + !defined(MBEDTLS_X509_INFO) || !defined(MBEDTLS_CTR_DRBG_C) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); + "MBEDTLS_X509_INFO and/or MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit( 0 ); } #else diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index ffb539fdb..8502812b5 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -35,11 +35,13 @@ #endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO) + !defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_X509_INFO) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_X509_INFO not defined.\n"); mbedtls_exit( 0 ); } #else diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index 0256a7636..df1dba80f 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -35,11 +35,13 @@ #endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO) + !defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_X509_INFO) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_X509_INFO not defined.\n"); mbedtls_exit( 0 ); } #else diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data index eb99b7911..bb34b2d72 100644 --- a/tests/suites/test_suite_debug.data +++ b/tests/suites/test_suite_debug.data @@ -38,11 +38,11 @@ Debug print buffer #5 mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................\nMyFile(0999)\: 0020\: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./\nMyFile(0999)\: 0030\: 30 0\n" Debug print certificate #1 (RSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_X509_INFO mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n" Debug print certificate #2 (EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n" Debug print mbedtls_mpi #1 diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index 377d630d9..c8fbd048a 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -131,7 +131,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_INFO */ void mbedtls_debug_print_crt( char * crt_file, char * file, int line, char * prefix, char * result_str ) { diff --git a/tests/suites/test_suite_oid.function b/tests/suites/test_suite_oid.function index 9e8d43739..8c42d70be 100644 --- a/tests/suites/test_suite_oid.function +++ b/tests/suites/test_suite_oid.function @@ -6,7 +6,7 @@ /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_OID_C + * depends_on:MBEDTLS_OID_C:MBEDTLS_X509_INFO * END_DEPENDENCIES */ diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 0cc1d3fd6..32d26c067 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -203,79 +203,79 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED: x509_parse_san:"data_files/server5-unsupported_othername.crt":"" X509 CRL information #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" X509 CRL Information MD2 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA with MD2\n" X509 CRL Information MD4 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD4\n" X509 CRL Information MD5 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n" X509 CRL Information SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" X509 CRL Information SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\n" X509 CRL Information SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl_sha256.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\n" X509 CRL Information SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl_sha384.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\n" X509 CRL Information SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n" X509 CRL information RSA-PSS, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n" X509 CRL information RSA-PSS, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n" X509 CRL information RSA-PSS, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n" X509 CRL information RSA-PSS, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n" X509 CRL information RSA-PSS, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n" X509 CRL Information EC, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n" X509 CRL Information EC, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA224\n" X509 CRL Information EC, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA256\n" X509 CRL Information EC, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA384\n" X509 CRL Information EC, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C:MBEDTLS_X509_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n" X509 CRL Malformed Input (trailing spaces at end of file) @@ -291,71 +291,71 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C mbedtls_x509_crl_parse:"data_files/crl-idpnc.pem":0 X509 CSR Information RSA with MD4 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with MD5 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA-256 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTS_X509_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA384 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA512 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n" X509 CSR Information EC with SHA1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA224 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA256 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA384 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA512 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n" X509 CSR Information RSA-PSS with SHA1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA256 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA384 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA512 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:MBEDTLS_X509_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA with SHA-256 - Microsoft header @@ -2131,7 +2131,7 @@ x509parse_crl:"305d3047020100300d06092a864886f70d01010e0500300f310d300b060355040 # 03020001 signatureValue BIT STRING # The subsequent TBSCertList negative tests remove or modify some elements. X509 CRL ASN1 (TBSCertList, sig present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nserial number\: AB\:CD revocation date\: 2008-12-31 23\:59\:59\nsigned using \: RSA with SHA-224\n":0 X509 CRL ASN1 (TBSCertList, signatureValue missing) @@ -2167,7 +2167,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128402abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL ASN1 (TBSCertList, no entries) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO x509parse_crl:"30463031020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nsigned using \: RSA with SHA-224\n":0 X509 CRL ASN1 (invalid version 2) @@ -2197,7 +2197,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0101ff041e301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRL ASN1 (extension not critical explicit, crl-idp.pem byte 129) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c010100041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2018-03-14 07\:31\:48\nnext update \: 2028-03-14 07\:31\:48\nRevoked certificates\:\nsigned using \: RSA with SHA-256\n":0 X509 CRT parse path #2 (one cert) @@ -2536,7 +2536,7 @@ X509 RSASSA-PSS parameters ASN1 (trailerField not 1) x509_parse_rsassa_pss_params:"a303020102":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG X509 CSR ASN.1 (OK) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_X509_INFO mbedtls_x509_csr_parse:"308201183081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010349003046022100b49fd8c8f77abfa871908dfbe684a08a793d0f490a43d86fcf2086e4f24bb0c2022100f829d5ccd3742369299e6294394717c4b723a0f68b44e831b6e6c3bcabf97243":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n":0 X509 CSR ASN.1 (bad first tag) diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 46d97240d..4006c9c7e 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -398,6 +398,7 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf * END_DEPENDENCIES */ + /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ void x509_parse_san( char * crt_file, char * result_str ) { @@ -438,7 +439,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_INFO:MBEDTLS_X509_CRT_PARSE_C */ void x509_cert_info( char * crt_file, char * result_str ) { mbedtls_x509_crt crt; @@ -461,7 +462,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_X509_INFO */ void mbedtls_x509_crl_info( char * crl_file, char * result_str ) { mbedtls_x509_crl crl; @@ -500,7 +501,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C:MBEDTLS_X509_INFO */ void mbedtls_x509_csr_info( char * csr_file, char * result_str ) { mbedtls_x509_csr csr; @@ -523,7 +524,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_INFO */ void x509_verify_info( int flags, char * prefix, char * result_str ) { char buf[2000]; @@ -738,7 +739,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_INFO */ void mbedtls_x509_dn_gets( char * crt_file, char * entity, char * result_str ) { mbedtls_x509_crt crt; @@ -826,30 +827,37 @@ exit: void x509parse_crt( data_t * buf, char * result_str, int result ) { mbedtls_x509_crt crt; +#if defined(MBEDTLS_X509_INFO) unsigned char output[2000]; int res; +#endif mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); TEST_ASSERT( mbedtls_x509_crt_parse_der( &crt, buf->x, buf->len ) == ( result ) ); +#if defined(MBEDTLS_X509_INFO) if( ( result ) == 0 ) { res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); - TEST_ASSERT( res != -1 ); TEST_ASSERT( res != -2 ); TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } +#endif mbedtls_x509_crt_free( &crt ); mbedtls_x509_crt_init( &crt ); +#if defined(MBEDTLS_X509_INFO) memset( output, 0, 2000 ); +#endif TEST_ASSERT( mbedtls_x509_crt_parse_der_nocopy( &crt, buf->x, buf->len ) == ( result ) ); +#if defined(MBEDTLS_X509_INFO) if( ( result ) == 0 ) { + memset( output, 0, 2000 ); + res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); TEST_ASSERT( res != -1 ); @@ -857,6 +865,9 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } +#else + ((void)result_str); +#endif mbedtls_x509_crt_free( &crt ); mbedtls_x509_crt_init( &crt ); @@ -939,7 +950,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_X509_INFO */ void x509parse_crl( data_t * buf, char * result_str, int result ) { mbedtls_x509_crl crl; @@ -966,7 +977,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C:MBEDTLS_X509_INFO */ void mbedtls_x509_csr_parse( data_t * csr_der, char * ref_out, int ref_ret ) { mbedtls_x509_csr csr; @@ -1099,7 +1110,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C:MBEDTLS_X509_INFO */ void x509_oid_desc( data_t * buf, char * ref_desc ) { mbedtls_x509_buf oid; From 612a2f1504d13c8a4a4a2fe199c77edc28126860 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Oct 2020 09:19:39 +0100 Subject: [PATCH 098/160] Rename MBEDTLS_X509_INFO to !MBEDTLS_X509_REMOVE_INFO The introduction of positive options to control the presence of pre-existing functionality breaks the build for users of handwritten configurations. Signed-off-by: Hanno Becker --- include/mbedtls/config.h | 4 +- include/mbedtls/debug.h | 6 +- include/mbedtls/oid.h | 4 +- include/mbedtls/x509.h | 2 +- include/mbedtls/x509_crl.h | 2 +- include/mbedtls/x509_crt.h | 4 +- include/mbedtls/x509_csr.h | 2 +- library/debug.c | 4 +- library/oid.c | 12 ++-- library/version_features.c | 6 +- library/x509.c | 4 +- library/x509_crl.c | 4 +- library/x509_crt.c | 2 +- library/x509_csr.c | 4 +- programs/ssl/dtls_client.c | 4 +- programs/ssl/ssl_client1.c | 4 +- programs/ssl/ssl_client2.c | 10 +-- programs/ssl/ssl_mail_client.c | 6 +- programs/ssl/ssl_server2.c | 10 +-- programs/test/query_config.c | 8 +-- programs/x509/cert_app.c | 4 +- programs/x509/crl_app.c | 4 +- programs/x509/req_app.c | 4 +- tests/suites/test_suite_debug.data | 4 +- tests/suites/test_suite_debug.function | 2 +- tests/suites/test_suite_oid.function | 2 +- tests/suites/test_suite_x509parse.data | 78 +++++++++++----------- tests/suites/test_suite_x509parse.function | 24 +++---- 28 files changed, 112 insertions(+), 112 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index f609435d7..462a0fa2d 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2144,7 +2144,7 @@ #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE /** - * \def MBEDTLS_X509_INFO + * \def MBEDTLS_X509_REMOVE_INFO * * Enable mbedtls_x509_*_info() and related APIs. * @@ -2152,7 +2152,7 @@ * and other functions/constants only used by these functions, thus reducing * the code footprint by several KB. */ -#define MBEDTLS_X509_INFO +//#define MBEDTLS_X509_REMOVE_INFO /** * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index a4d6a7e81..c8d4403d8 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -59,12 +59,12 @@ #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) #define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \ mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ) #else #define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) -#endif /* MBEDTLS_X509_INFO */ +#endif /* MBEDTLS_X509_REMOVE_INFO */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_ECDH_C) @@ -252,7 +252,7 @@ void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, const char *text, const mbedtls_ecp_point *X ); #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_X509_INFO) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Print a X.509 certificate structure to the debug output. This * function is always used through the MBEDTLS_SSL_DEBUG_CRT() macro, diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 89b5fe87f..4198eb107 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -441,7 +441,7 @@ typedef struct mbedtls_oid_descriptor_t { const char *asn1; /*!< OID ASN.1 representation */ size_t asn1_len; /*!< length of asn1 */ -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) const char *name; /*!< official name (e.g. from RFC) */ const char *description; /*!< human friendly description */ #endif @@ -584,7 +584,7 @@ int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_a int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac ); #endif /* MBEDTLS_MD_C */ -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Translate Extended Key Usage OID into description * diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index 44f2ed02d..3091de1d1 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -316,7 +316,7 @@ int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *serial ); int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *ext, int tag ); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, const void *sig_opts ); diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h index fb1de79f1..f89547c25 100644 --- a/include/mbedtls/x509_crl.h +++ b/include/mbedtls/x509_crl.h @@ -134,7 +134,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); #endif /* MBEDTLS_FS_IO */ -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Returns an informational string about the CRL. * diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index fc3ea8eb4..433c3b734 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -510,7 +510,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, mbedtls_x509_subject_alternative_name *san ); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Returns an informational string about the * certificate. @@ -527,7 +527,7 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, const mbedtls_x509_crt *crt ); #endif -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Returns an informational string about the * verification status of a certificate. diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index b9e5b93fb..9f3cae255 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -121,7 +121,7 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); #endif /* MBEDTLS_FS_IO */ -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Returns an informational string about the * CSR. diff --git a/library/debug.c b/library/debug.c index fcd67dbe5..4be2cba19 100644 --- a/library/debug.c +++ b/library/debug.c @@ -284,7 +284,7 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, } #endif /* MBEDTLS_BIGNUM_C */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_X509_INFO) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO) static void debug_print_pk( const mbedtls_ssl_context *ssl, int level, const char *file, int line, const char *text, const mbedtls_pk_context *pk ) @@ -379,7 +379,7 @@ void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, crt = crt->next; } } -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_INFO */ +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_REMOVE_INFO */ #if defined(MBEDTLS_ECDH_C) static void mbedtls_debug_printf_ecdh_internal( const mbedtls_ssl_context *ssl, diff --git a/library/oid.c b/library/oid.c index d8cbfb460..c03d0d5c6 100644 --- a/library/oid.c +++ b/library/oid.c @@ -44,7 +44,7 @@ /* * Macro to generate mbedtls_oid_descriptor_t */ -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) #define OID_DESCRIPTOR(s, name, description) { ADD_LEN(s), name, description } #define NULL_OID_DESCRIPTOR { NULL, 0, NULL, NULL } #else @@ -75,7 +75,7 @@ return( NULL ); \ } -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) /* * Macro to generate a function for retrieving a single attribute from the * descriptor of an mbedtls_oid_descriptor_t wrapper. @@ -88,7 +88,7 @@ int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) *ATTR1 = data->descriptor.ATTR1; \ return( 0 ); \ } -#endif /* MBEDTLS_X509_INFO */ +#endif /* MBEDTLS_X509_REMOVE_INFO */ /* * Macro to generate a function for retrieving a single attribute from an @@ -297,7 +297,7 @@ static const oid_x509_ext_t oid_x509_ext[] = FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext) FN_OID_GET_ATTR1(mbedtls_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type) -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) static const mbedtls_oid_descriptor_t oid_ext_key_usage[] = { OID_DESCRIPTOR( MBEDTLS_OID_SERVER_AUTH, "id-kp-serverAuth", "TLS Web Server Authentication" ), @@ -321,7 +321,7 @@ static const mbedtls_oid_descriptor_t oid_certificate_policies[] = FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, certificate_policies, oid_certificate_policies) FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies, mbedtls_oid_descriptor_t, certificate_policies, const char *, description) -#endif /* MBEDTLS_X509_INFO */ +#endif /* MBEDTLS_X509_REMOVE_INFO */ #if defined(MBEDTLS_MD_C) /* @@ -429,7 +429,7 @@ static const oid_sig_alg_t oid_sig_alg[] = FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg) -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description) #endif diff --git a/library/version_features.c b/library/version_features.c index a937d1423..5d114fbc4 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -597,9 +597,9 @@ static const char * const features[] = { #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ -#if defined(MBEDTLS_X509_INFO) - "MBEDTLS_X509_INFO", -#endif /* MBEDTLS_X509_INFO */ +#if defined(MBEDTLS_X509_REMOVE_INFO) + "MBEDTLS_X509_REMOVE_INFO", +#endif /* MBEDTLS_X509_REMOVE_INFO */ #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) "MBEDTLS_X509_RSASSA_PSS_SUPPORT", #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ diff --git a/library/x509.c b/library/x509.c index 0cfcc5357..d63a4305d 100644 --- a/library/x509.c +++ b/library/x509.c @@ -831,7 +831,7 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se return( (int) ( size - n ) ); } -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) /* * Helper for writing signature algorithms */ @@ -876,7 +876,7 @@ int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *s return( (int)( size - n ) ); } -#endif /* MBEDTLS_X509_INFO */ +#endif /* MBEDTLS_X509_REMOVE_INFO */ /* * Helper for writing "RSA key size", "EC key size", etc diff --git a/library/x509_crl.c b/library/x509_crl.c index 4c898c931..dbaad7d51 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -614,7 +614,7 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ) } #endif /* MBEDTLS_FS_IO */ -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) /* * Return an informational string about the certificate. */ @@ -694,7 +694,7 @@ int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, return( (int) ( size - n ) ); } -#endif /* MBEDTLS_X509_INFO */ +#endif /* MBEDTLS_X509_REMOVE_INFO */ /* * Initialize a CRL chain diff --git a/library/x509_crt.c b/library/x509_crt.c index 51330e9d7..19c4f40f5 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -2251,7 +2251,7 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, return( (int) ( size - n ) ); } -#endif /* MBEDTLS_X509_INFO */ +#endif /* MBEDTLS_X509_REMOVE_INFO */ #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, diff --git a/library/x509_csr.c b/library/x509_csr.c index 0a5d2cb27..b78c04277 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -323,7 +323,7 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ) } #endif /* MBEDTLS_FS_IO */ -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) #define BEFORE_COLON 14 #define BC "14" /* @@ -368,7 +368,7 @@ int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, return( (int) ( size - n ) ); } -#endif /* MBEDTLS_X509_INFO */ +#endif /* MBEDTLS_X509_REMOVE_INFO */ /* * Initialize a CSR diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index d8353a98d..1e9779533 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -241,13 +241,13 @@ int main( int argc, char *argv[] ) * MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */ if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) char vrfy_buf[512]; #endif mbedtls_printf( " failed\n" ); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index eea3c9bd9..6624224af 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -216,13 +216,13 @@ int main( void ) /* In real life, we probably want to bail out when ret != 0 */ if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) char vrfy_buf[512]; #endif mbedtls_printf( " failed\n" ); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index bf260c38d..6e957f50b 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -529,12 +529,12 @@ static unsigned char peer_crt_info[1024]; static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags ) { -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) char buf[1024]; #endif ((void) data); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); if( depth == 0 ) memcpy( peer_crt_info, buf, sizeof( buf ) ); @@ -553,7 +553,7 @@ static int my_verify( void *data, mbedtls_x509_crt *crt, mbedtls_printf( " This certificate has no flags\n" ); else { -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); mbedtls_printf( "%s\n", buf ); #endif @@ -2284,13 +2284,13 @@ int main( int argc, char *argv[] ) if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) char vrfy_buf[512]; #endif mbedtls_printf( " failed\n" ); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 7990376d1..428c64362 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -208,13 +208,13 @@ static int do_handshake( mbedtls_ssl_context *ssl ) /* In real life, we probably want to bail out when ret != 0 */ if( ( flags = mbedtls_ssl_get_verify_result( ssl ) ) != 0 ) { -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) char vrfy_buf[512]; #endif mbedtls_printf( " failed\n" ); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); @@ -223,7 +223,7 @@ static int do_handshake( mbedtls_ssl_context *ssl ) else mbedtls_printf( " ok\n" ); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_printf( " . Peer certificate information ...\n" ); mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", mbedtls_ssl_get_peer_cert( ssl ) ); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 6d1ef6cb3..d3a4ed340 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -3134,7 +3134,7 @@ handshake: { mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret ); -#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_X509_INFO) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO) if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) { char vrfy_buf[512]; @@ -3188,13 +3188,13 @@ handshake: if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) char vrfy_buf[512]; #endif mbedtls_printf( " failed\n" ); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); @@ -3203,7 +3203,7 @@ handshake: else mbedtls_printf( " ok\n" ); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( mbedtls_ssl_get_peer_cert( &ssl ) != NULL ) { char crt_buf[512]; @@ -3213,7 +3213,7 @@ handshake: mbedtls_ssl_get_peer_cert( &ssl ) ); mbedtls_printf( "%s\n", crt_buf ); } -#endif /* MBEDTLS_X509_INFO */ +#endif /* MBEDTLS_X509_REMOVE_INFO */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 98ea30e54..0cd3b819c 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1643,13 +1643,13 @@ int query_config( const char *config ) } #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ -#if defined(MBEDTLS_X509_INFO) - if( strcmp( "MBEDTLS_X509_INFO", config ) == 0 ) +#if defined(MBEDTLS_X509_REMOVE_INFO) + if( strcmp( "MBEDTLS_X509_REMOVE_INFO", config ) == 0 ) { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_INFO ); + MACRO_EXPANSION_TO_STR( MBEDTLS_X509_REMOVE_INFO ); return( 0 ); } -#endif /* MBEDTLS_X509_INFO */ +#endif /* MBEDTLS_X509_REMOVE_INFO */ #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 ) diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 765a82e4f..531947498 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -41,14 +41,14 @@ !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_X509_INFO) || !defined(MBEDTLS_CTR_DRBG_C) + !!defined(MBEDTLS_X509_REMOVE_INFO) || !defined(MBEDTLS_CTR_DRBG_C) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_X509_INFO and/or MBEDTLS_CTR_DRBG_C not defined.\n"); + "MBEDTLS_X509_REMOVE_INFO and/or MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit( 0 ); } #else diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index 8502812b5..029bdd361 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -36,12 +36,12 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_X509_INFO) + !!defined(MBEDTLS_X509_REMOVE_INFO) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_X509_INFO not defined.\n"); + "MBEDTLS_X509_REMOVE_INFO not defined.\n"); mbedtls_exit( 0 ); } #else diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index df1dba80f..351dd16ae 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -36,12 +36,12 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_X509_INFO) + !!defined(MBEDTLS_X509_REMOVE_INFO) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_X509_INFO not defined.\n"); + "MBEDTLS_X509_REMOVE_INFO not defined.\n"); mbedtls_exit( 0 ); } #else diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data index bb34b2d72..0935c1244 100644 --- a/tests/suites/test_suite_debug.data +++ b/tests/suites/test_suite_debug.data @@ -38,11 +38,11 @@ Debug print buffer #5 mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................\nMyFile(0999)\: 0020\: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./\nMyFile(0999)\: 0030\: 30 0\n" Debug print certificate #1 (RSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n" Debug print certificate #2 (EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n" Debug print mbedtls_mpi #1 diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index c8fbd048a..ad50e53fd 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -131,7 +131,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_INFO */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void mbedtls_debug_print_crt( char * crt_file, char * file, int line, char * prefix, char * result_str ) { diff --git a/tests/suites/test_suite_oid.function b/tests/suites/test_suite_oid.function index 8c42d70be..5c56ef498 100644 --- a/tests/suites/test_suite_oid.function +++ b/tests/suites/test_suite_oid.function @@ -6,7 +6,7 @@ /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_OID_C:MBEDTLS_X509_INFO + * depends_on:MBEDTLS_OID_C:!MBEDTLS_X509_REMOVE_INFO * END_DEPENDENCIES */ diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 32d26c067..0fc674fc3 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -203,79 +203,79 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED: x509_parse_san:"data_files/server5-unsupported_othername.crt":"" X509 CRL information #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" X509 CRL Information MD2 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA with MD2\n" X509 CRL Information MD4 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD4\n" X509 CRL Information MD5 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n" X509 CRL Information SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" X509 CRL Information SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\n" X509 CRL Information SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_sha256.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\n" X509 CRL Information SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_sha384.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\n" X509 CRL Information SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n" X509 CRL information RSA-PSS, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n" X509 CRL information RSA-PSS, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n" X509 CRL information RSA-PSS, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n" X509 CRL information RSA-PSS, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n" X509 CRL information RSA-PSS, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n" X509 CRL Information EC, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n" X509 CRL Information EC, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA224\n" X509 CRL Information EC, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA256\n" X509 CRL Information EC, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA384\n" X509 CRL Information EC, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n" X509 CRL Malformed Input (trailing spaces at end of file) @@ -291,19 +291,19 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C mbedtls_x509_crl_parse:"data_files/crl-idpnc.pem":0 X509 CSR Information RSA with MD4 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with MD5 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA-256 @@ -311,51 +311,51 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTS_X509_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA384 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA512 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server1.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n" X509 CSR Information EC with SHA1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA224 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA256 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA384 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_X509_INFO +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA512 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n" X509 CSR Information RSA-PSS with SHA1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA256 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA384 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA512 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA with SHA-256 - Microsoft header @@ -2131,7 +2131,7 @@ x509parse_crl:"305d3047020100300d06092a864886f70d01010e0500300f310d300b060355040 # 03020001 signatureValue BIT STRING # The subsequent TBSCertList negative tests remove or modify some elements. X509 CRL ASN1 (TBSCertList, sig present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nserial number\: AB\:CD revocation date\: 2008-12-31 23\:59\:59\nsigned using \: RSA with SHA-224\n":0 X509 CRL ASN1 (TBSCertList, signatureValue missing) @@ -2167,7 +2167,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128402abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL ASN1 (TBSCertList, no entries) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO x509parse_crl:"30463031020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nsigned using \: RSA with SHA-224\n":0 X509 CRL ASN1 (invalid version 2) @@ -2197,7 +2197,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0101ff041e301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRL ASN1 (extension not critical explicit, crl-idp.pem byte 129) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c010100041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2018-03-14 07\:31\:48\nnext update \: 2028-03-14 07\:31\:48\nRevoked certificates\:\nsigned using \: RSA with SHA-256\n":0 X509 CRT parse path #2 (one cert) @@ -2536,7 +2536,7 @@ X509 RSASSA-PSS parameters ASN1 (trailerField not 1) x509_parse_rsassa_pss_params:"a303020102":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG X509 CSR ASN.1 (OK) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_X509_INFO +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_parse:"308201183081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010349003046022100b49fd8c8f77abfa871908dfbe684a08a793d0f490a43d86fcf2086e4f24bb0c2022100f829d5ccd3742369299e6294394717c4b723a0f68b44e831b6e6c3bcabf97243":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n":0 X509 CSR ASN.1 (bad first tag) diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 4006c9c7e..8289cd2fb 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -439,7 +439,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_INFO:MBEDTLS_X509_CRT_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:!MBEDTLS_X509_REMOVE_INFO:MBEDTLS_X509_CRT_PARSE_C */ void x509_cert_info( char * crt_file, char * result_str ) { mbedtls_x509_crt crt; @@ -462,7 +462,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_X509_INFO */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void mbedtls_x509_crl_info( char * crl_file, char * result_str ) { mbedtls_x509_crl crl; @@ -501,7 +501,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C:MBEDTLS_X509_INFO */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void mbedtls_x509_csr_info( char * csr_file, char * result_str ) { mbedtls_x509_csr csr; @@ -524,7 +524,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_INFO */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void x509_verify_info( int flags, char * prefix, char * result_str ) { char buf[2000]; @@ -739,7 +739,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_INFO */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void mbedtls_x509_dn_gets( char * crt_file, char * entity, char * result_str ) { mbedtls_x509_crt crt; @@ -827,7 +827,7 @@ exit: void x509parse_crt( data_t * buf, char * result_str, int result ) { mbedtls_x509_crt crt; -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) unsigned char output[2000]; int res; #endif @@ -835,7 +835,7 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) mbedtls_x509_crt_init( &crt ); TEST_ASSERT( mbedtls_x509_crt_parse_der( &crt, buf->x, buf->len ) == ( result ) ); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) { res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); @@ -848,12 +848,12 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) mbedtls_x509_crt_free( &crt ); mbedtls_x509_crt_init( &crt ); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) memset( output, 0, 2000 ); #endif TEST_ASSERT( mbedtls_x509_crt_parse_der_nocopy( &crt, buf->x, buf->len ) == ( result ) ); -#if defined(MBEDTLS_X509_INFO) +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) { memset( output, 0, 2000 ); @@ -950,7 +950,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_X509_INFO */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void x509parse_crl( data_t * buf, char * result_str, int result ) { mbedtls_x509_crl crl; @@ -977,7 +977,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C:MBEDTLS_X509_INFO */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void mbedtls_x509_csr_parse( data_t * csr_der, char * ref_out, int ref_ret ) { mbedtls_x509_csr csr; @@ -1110,7 +1110,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C:MBEDTLS_X509_INFO */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C:!MBEDTLS_X509_REMOVE_INFO */ void x509_oid_desc( data_t * buf, char * ref_desc ) { mbedtls_x509_buf oid; From 5d4c4b1f95ce1878664fd3ca28787b4633ab3f25 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 11 Jun 2019 17:16:13 +0100 Subject: [PATCH 099/160] Add missing dependencies on !MBEDTLS_X509_REMOVE_INFO Signed-off-by: Chris Jones --- programs/ssl/ssl_client2.c | 2 ++ tests/suites/test_suite_x509parse.function | 2 ++ 2 files changed, 4 insertions(+) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 6e957f50b..963006069 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2300,8 +2300,10 @@ int main( int argc, char *argv[] ) else mbedtls_printf( " ok\n" ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_printf( " . Peer certificate information ...\n" ); mbedtls_printf( "%s\n", peer_crt_info ); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 8289cd2fb..82f7da54a 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -844,6 +844,8 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } +#else + ((void) result_str); #endif mbedtls_x509_crt_free( &crt ); From e111356194848812e59138c31b7a6ad62782c31f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 12 Jun 2019 13:59:14 +0100 Subject: [PATCH 100/160] Remove MBEDTLS_X509_REMOVE_INFO from `scripts/config.pl full` Signed-off-by: Chris Jones --- scripts/config.py | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/config.py b/scripts/config.py index 489760464..a77ead054 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -196,6 +196,7 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) 'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # influences the use of X.509 in TLS + 'MBEDTLS_X509_REMOVE_INFO', # removes a feature ]) def is_seamless_alt(name): From 7ac83f91bf0d7a56e26691bf81eb21026ef0f336 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Oct 2020 10:48:22 +0100 Subject: [PATCH 101/160] Print X.509 verify info strings even if MBEDTLS_X509_REMOVE_INFO The new compile-time option MBEDTLS_X509_REMOVE_INFO removes various X.509 debugging strings and functionality, including ``` mbedtls_x509_crt_verify_info() ``` which ssl_client2.c and ssl_server2.c use to print human readable descriptions of X.509 verification failure conditions. Those conditions are also grepped for in numerous ssl-opt.sh tests. Instead of disabling those tests if MBEDTLS_X509_REMOVE_INFO is set, this commit essentially moves mbedtls_x509_crt_verify_info() to ssl_client2.c and ssl_server2.c. However, instead of just copy-pasting the code from x509_crt.c, the following approach is used: A macro MBEDTLS_X509_CRT_ERROR_INFO_LIST is introduced which for each verification failure condition invokes a user-defined macro X509_CRT_ERROR_INFO with (a) the numerical error code, (b) the string presentation of the corresponding error macro, (c) the info string for the error condition. This macro can thus be used to generate code which somehow iterates over the verifiation failure conditions, but the list of error conditions and information strings is nowhere duplicated. This is then used to re-implement mbedtls_x509_crt_verify_info() in x509_crt.c and to provide a functionally equivalent (yet slightly different) version in ssl_client2.c and ssl_server2.c in case MBEDTLS_X509_REMOVE_INFO is set. This way, little changes to ssl-opt.sh will be necessary in case MBEDTLS_X509_REMOVE_INFO is set because the info strings for the verification failure conditions will be printed regardless of whether MBEDTLS_X509_REMOVE_INFO is set or not. Signed-off-by: Hanno Becker --- include/mbedtls/config.h | 2 +- include/mbedtls/x509_crt.h | 68 ++++++++++++++++++++++++++++++++++++++ library/x509_crt.c | 23 ++----------- programs/ssl/ssl_client2.c | 52 ++++++++++++++++++++++------- programs/ssl/ssl_server2.c | 47 +++++++++++++++++++++----- 5 files changed, 151 insertions(+), 41 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 462a0fa2d..6b6388689 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2152,7 +2152,7 @@ * and other functions/constants only used by these functions, thus reducing * the code footprint by several KB. */ -//#define MBEDTLS_X509_REMOVE_INFO +#define MBEDTLS_X509_REMOVE_INFO /** * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 433c3b734..6906585c0 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -176,6 +176,74 @@ mbedtls_x509_crt_profile; #define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 #endif +/* This macro unfolds to the concatenation of macro invocations + * X509_CRT_ERROR_INFO( error code, + * error code as string, + * human readable description ) + * where X509_CRT_ERROR_INFO is defined by the user. + * See x509_crt.c for an example of how to use this. */ +#define MBEDTLS_X509_CRT_ERROR_INFO_LIST \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_EXPIRED, \ + "MBEDTLS_X509_BADCERT_EXPIRED", \ + "The certificate validity has expired" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_REVOKED, \ + "MBEDTLS_X509_BADCERT_REVOKED", \ + "The certificate has been revoked (is on a CRL)" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_CN_MISMATCH, \ + "MBEDTLS_X509_BADCERT_CN_MISMATCH", \ + "The certificate Common Name (CN) does not match with the expected CN" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_NOT_TRUSTED, \ + "MBEDTLS_X509_BADCERT_NOT_TRUSTED", \ + "The certificate is not correctly signed by the trusted CA" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_NOT_TRUSTED, \ + "MBEDTLS_X509_BADCRL_NOT_TRUSTED", \ + "The CRL is not correctly signed by the trusted CA" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_EXPIRED, \ + "MBEDTLS_X509_BADCRL_EXPIRED", \ + "The CRL is expired" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_MISSING, \ + "MBEDTLS_X509_BADCERT_MISSING", \ + "Certificate was missing" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_SKIP_VERIFY, \ + "MBEDTLS_X509_BADCERT_SKIP_VERIFY", \ + "Certificate verification was skipped" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_OTHER, \ + "MBEDTLS_X509_BADCERT_OTHER", \ + "Other reason (can be used by verify callback)" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_FUTURE, \ + "MBEDTLS_X509_BADCERT_FUTURE", \ + "The certificate validity starts in the future" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_FUTURE, \ + "MBEDTLS_X509_BADCRL_FUTURE", \ + "The CRL is from the future" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_KEY_USAGE, \ + "MBEDTLS_X509_BADCERT_KEY_USAGE", \ + "Usage does not match the keyUsage extension" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, \ + "MBEDTLS_X509_BADCERT_EXT_KEY_USAGE", \ + "Usage does not match the extendedKeyUsage extension" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_NS_CERT_TYPE, \ + "MBEDTLS_X509_BADCERT_NS_CERT_TYPE", \ + "Usage does not match the nsCertType extension" ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_MD, \ + "MBEDTLS_X509_BADCERT_BAD_MD", \ + "The certificate is signed with an unacceptable hash." ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_PK, \ + "MBEDTLS_X509_BADCERT_BAD_PK", \ + "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_KEY, \ + "MBEDTLS_X509_BADCERT_BAD_KEY", \ + "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_MD, \ + "MBEDTLS_X509_BADCRL_BAD_MD", \ + "The CRL is signed with an unacceptable hash." ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_PK, \ + "MBEDTLS_X509_BADCRL_BAD_PK", \ + "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." ) \ + X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_KEY, \ + "MBEDTLS_X509_BADCRL_BAD_KEY", \ + "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." ) + /** * Container for writing a certificate (CRT) */ diff --git a/library/x509_crt.c b/library/x509_crt.c index 19c4f40f5..27e3e33b6 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -2200,29 +2200,12 @@ struct x509_crt_verify_string { const char *string; }; +#define X509_CRT_ERROR_INFO( err, err_str, info ) { err, info }, static const struct x509_crt_verify_string x509_crt_verify_strings[] = { - { MBEDTLS_X509_BADCERT_EXPIRED, "The certificate validity has expired" }, - { MBEDTLS_X509_BADCERT_REVOKED, "The certificate has been revoked (is on a CRL)" }, - { MBEDTLS_X509_BADCERT_CN_MISMATCH, "The certificate Common Name (CN) does not match with the expected CN" }, - { MBEDTLS_X509_BADCERT_NOT_TRUSTED, "The certificate is not correctly signed by the trusted CA" }, - { MBEDTLS_X509_BADCRL_NOT_TRUSTED, "The CRL is not correctly signed by the trusted CA" }, - { MBEDTLS_X509_BADCRL_EXPIRED, "The CRL is expired" }, - { MBEDTLS_X509_BADCERT_MISSING, "Certificate was missing" }, - { MBEDTLS_X509_BADCERT_SKIP_VERIFY, "Certificate verification was skipped" }, - { MBEDTLS_X509_BADCERT_OTHER, "Other reason (can be used by verify callback)" }, - { MBEDTLS_X509_BADCERT_FUTURE, "The certificate validity starts in the future" }, - { MBEDTLS_X509_BADCRL_FUTURE, "The CRL is from the future" }, - { MBEDTLS_X509_BADCERT_KEY_USAGE, "Usage does not match the keyUsage extension" }, - { MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" }, - { MBEDTLS_X509_BADCERT_NS_CERT_TYPE, "Usage does not match the nsCertType extension" }, - { MBEDTLS_X509_BADCERT_BAD_MD, "The certificate is signed with an unacceptable hash." }, - { MBEDTLS_X509_BADCERT_BAD_PK, "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, - { MBEDTLS_X509_BADCERT_BAD_KEY, "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." }, - { MBEDTLS_X509_BADCRL_BAD_MD, "The CRL is signed with an unacceptable hash." }, - { MBEDTLS_X509_BADCRL_BAD_PK, "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, - { MBEDTLS_X509_BADCRL_BAD_KEY, "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." }, + MBEDTLS_X509_CRT_ERROR_INFO_LIST { 0, NULL } }; +#undef X509_CRT_ERROR_INFO int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, uint32_t flags ) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 963006069..5be162f1e 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -523,17 +523,53 @@ struct options #if defined(MBEDTLS_X509_CRT_PARSE_C) static unsigned char peer_crt_info[1024]; +#if !defined(MBEDTLS_X509_REMOVE_INFO) +int x509_crt_verify_info( char *buf, size_t size, const char *prefix, + uint32_t flags ) +{ + return( mbedtls_x509_crt_verify_info( buf, size, prefix, flags ) ); +} +#else /* !MBEDTLS_X509_REMOVE_INFO */ +int x509_crt_verify_info( char *buf, size_t size, const char *prefix, + uint32_t flags ) +{ + int ret; + char *p = buf; + size_t n = size; + +#define X509_CRT_ERROR_INFO( err, err_str, info ) \ + if( ( flags & err ) != 0 ) \ + { \ + ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, info ); \ + MBEDTLS_X509_SAFE_SNPRINTF; \ + flags ^= err; \ + } + + MBEDTLS_X509_CRT_ERROR_INFO_LIST +#undef X509_CRT_ERROR_INFO + + if( flags != 0 ) + { + ret = mbedtls_snprintf( p, n, "%sUnknown reason " + "(this should not happen)\n", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + } + + return( (int) ( size - n ) ); +} +#endif /* MBEDTLS_X509_REMOVE_INFO */ + /* * Enabled if debug_level > 1 in code below */ static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags ) { -#if !defined(MBEDTLS_X509_REMOVE_INFO) char buf[1024]; -#endif ((void) data); + mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); + #if !defined(MBEDTLS_X509_REMOVE_INFO) mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); if( depth == 0 ) @@ -542,7 +578,6 @@ static int my_verify( void *data, mbedtls_x509_crt *crt, if( opt.debug_level == 0 ) return( 0 ); - mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); mbedtls_printf( "%s", buf ); #else ((void) crt); @@ -553,10 +588,8 @@ static int my_verify( void *data, mbedtls_x509_crt *crt, mbedtls_printf( " This certificate has no flags\n" ); else { -#if !defined(MBEDTLS_X509_REMOVE_INFO) - mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); + x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); mbedtls_printf( "%s\n", buf ); -#endif } return( 0 ); @@ -2284,18 +2317,13 @@ int main( int argc, char *argv[] ) if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { -#if !defined(MBEDTLS_X509_REMOVE_INFO) char vrfy_buf[512]; -#endif - mbedtls_printf( " failed\n" ); -#if !defined(MBEDTLS_X509_REMOVE_INFO) - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), + x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); -#endif } else mbedtls_printf( " ok\n" ); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index d3a4ed340..a8cc15045 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -623,6 +623,42 @@ struct options #include "ssl_test_common_source.c" +#if !defined(MBEDTLS_X509_REMOVE_INFO) +int x509_crt_verify_info( char *buf, size_t size, const char *prefix, + uint32_t flags ) +{ + return( mbedtls_x509_crt_verify_info( buf, size, prefix, flags ) ); +} +#else /* !MBEDTLS_X509_REMOVE_INFO */ +int x509_crt_verify_info( char *buf, size_t size, const char *prefix, + uint32_t flags ) +{ + int ret; + char *p = buf; + size_t n = size; + +#define X509_CRT_ERROR_INFO( err, err_str, info ) \ + if( ( flags & err ) != 0 ) \ + { \ + ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, info ); \ + MBEDTLS_X509_SAFE_SNPRINTF; \ + flags ^= err; \ + } + + MBEDTLS_X509_CRT_ERROR_INFO_LIST +#undef X509_CRT_ERROR_INFO + + if( flags != 0 ) + { + ret = mbedtls_snprintf( p, n, "%sUnknown reason " + "(this should not happen)\n", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + } + + return( (int) ( size - n ) ); +} +#endif /* MBEDTLS_X509_REMOVE_INFO */ + /* * Return authmode from string, or -1 on error */ @@ -3134,13 +3170,13 @@ handshake: { mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret ); -#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO) +#if defined(MBEDTLS_X509_CRT_PARSE_C) if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) { char vrfy_buf[512]; flags = mbedtls_ssl_get_verify_result( &ssl ); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); } @@ -3188,17 +3224,12 @@ handshake: if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) { -#if !defined(MBEDTLS_X509_REMOVE_INFO) char vrfy_buf[512]; -#endif mbedtls_printf( " failed\n" ); -#if !defined(MBEDTLS_X509_REMOVE_INFO) - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); - + x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); mbedtls_printf( "%s\n", vrfy_buf ); -#endif } else mbedtls_printf( " ok\n" ); From c5722d1fb1d95185ac1597c51da82c99e4d2d464 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Oct 2020 11:10:42 +0100 Subject: [PATCH 102/160] Add missing MBEDTLS_X509_REMOVE_INFO guards to ssl-opt.sh Signed-off-by: Hanno Becker Signed-off-by: Chris Jones --- tests/scripts/all.sh | 15 +++++++++++++++ tests/ssl-opt.sh | 13 +++++++++++++ 2 files changed, 28 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5862ff6c3..0bb9b0446 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2410,6 +2410,7 @@ component_test_no_64bit_multiplication () { make test } +<<<<<<< HEAD component_test_no_strings () { msg "build: no strings" # ~10s scripts/config.py full @@ -2424,6 +2425,20 @@ component_test_no_strings () { make test } +component_test_no_x509_info () { + msg "build: full + MBEDTLS_X509_REMOVE_INFO" # ~ 10s + scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + scripts/config.pl set MBEDTLS_X509_REMOVE_INFO + make CFLAGS='-Werror -O1' + + msg "test: full + MBEDTLS_X509_REMOVE_INFO" # ~ 10s + make test + + msg "test: ssl-opt.sh, full + MBEDTLS_X509_REMOVE_INFO" # ~ 1 min + if_build_succeeded tests/ssl-opt.sh +} + component_build_arm_none_eabi_gcc () { msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1" # ~ 10s scripts/config.py baremetal diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index db898cfa9..b91e87ac0 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4448,6 +4448,7 @@ run_test "Authentication, CA callback: client max_int chain, server required" # Tests for certificate selection based on SHA verson +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Certificate hash: client TLS 1.2 -> SHA-2" \ "$P_SRV crt_file=data_files/server5.crt \ key_file=data_files/server5.key \ @@ -4458,6 +4459,7 @@ run_test "Certificate hash: client TLS 1.2 -> SHA-2" \ -c "signed using.*ECDSA with SHA256" \ -C "signed using.*ECDSA with SHA1" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Certificate hash: client TLS 1.1 -> SHA-1" \ "$P_SRV crt_file=data_files/server5.crt \ key_file=data_files/server5.key \ @@ -4468,6 +4470,7 @@ run_test "Certificate hash: client TLS 1.1 -> SHA-1" \ -C "signed using.*ECDSA with SHA256" \ -c "signed using.*ECDSA with SHA1" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Certificate hash: client TLS 1.0 -> SHA-1" \ "$P_SRV crt_file=data_files/server5.crt \ key_file=data_files/server5.key \ @@ -4478,6 +4481,7 @@ run_test "Certificate hash: client TLS 1.0 -> SHA-1" \ -C "signed using.*ECDSA with SHA256" \ -c "signed using.*ECDSA with SHA1" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \ "$P_SRV crt_file=data_files/server5.crt \ key_file=data_files/server5.key \ @@ -4489,6 +4493,7 @@ run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \ -c "signed using.*ECDSA with SHA256" \ -C "signed using.*ECDSA with SHA1" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \ "$P_SRV crt_file=data_files/server6.crt \ key_file=data_files/server6.key \ @@ -4502,6 +4507,7 @@ run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \ # tests for SNI +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: no SNI callback" \ "$P_SRV debug_level=3 \ crt_file=data_files/server5.crt key_file=data_files/server5.key" \ @@ -4511,6 +4517,7 @@ run_test "SNI: no SNI callback" \ -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \ -c "subject name *: C=NL, O=PolarSSL, CN=localhost" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: matching cert 1" \ "$P_SRV debug_level=3 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ @@ -4521,6 +4528,7 @@ run_test "SNI: matching cert 1" \ -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ -c "subject name *: C=NL, O=PolarSSL, CN=localhost" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: matching cert 2" \ "$P_SRV debug_level=3 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ @@ -4531,6 +4539,7 @@ run_test "SNI: matching cert 2" \ -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: no matching cert" \ "$P_SRV debug_level=3 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ @@ -4638,6 +4647,7 @@ run_test "SNI: CA override with CRL" \ # Tests for SNI and DTLS +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: DTLS, no SNI callback" \ "$P_SRV debug_level=3 dtls=1 \ crt_file=data_files/server5.crt key_file=data_files/server5.key" \ @@ -4647,6 +4657,7 @@ run_test "SNI: DTLS, no SNI callback" \ -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \ -c "subject name *: C=NL, O=PolarSSL, CN=localhost" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: DTLS, matching cert 1" \ "$P_SRV debug_level=3 dtls=1 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ @@ -4657,6 +4668,7 @@ run_test "SNI: DTLS, matching cert 1" \ -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ -c "subject name *: C=NL, O=PolarSSL, CN=localhost" +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SNI: DTLS, matching cert 2" \ "$P_SRV debug_level=3 dtls=1 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ @@ -6671,6 +6683,7 @@ run_test "SSL async private: sign, RSA, TLS 1.1" \ -s "Async resume (slot [0-9]): sign done, status=0" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE +requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SSL async private: sign, SNI" \ "$P_SRV debug_level=3 \ async_operations=s async_private_delay1=0 async_private_delay2=0 \ From 88c2bf311a7bde3c0f9001511b48ddb540615607 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 Jun 2019 17:21:24 +0100 Subject: [PATCH 103/160] Minor style improvements Signed-off-by: Chris Jones --- include/mbedtls/x509_crl.h | 2 +- include/mbedtls/x509_crt.h | 4 +--- include/mbedtls/x509_csr.h | 2 +- library/oid.c | 18 +++++++++--------- 4 files changed, 12 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h index f89547c25..fcaa1495d 100644 --- a/include/mbedtls/x509_crl.h +++ b/include/mbedtls/x509_crl.h @@ -148,7 +148,7 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); */ int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, const mbedtls_x509_crl *crl ); -#endif +#endif /* !MBEDTLS_X509_REMOVE_INFO */ /** * \brief Initialize a CRL (chain) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 6906585c0..23a20d10b 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -593,9 +593,7 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, */ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, const mbedtls_x509_crt *crt ); -#endif -#if !defined(MBEDTLS_X509_REMOVE_INFO) /** * \brief Returns an informational string about the * verification status of a certificate. @@ -610,7 +608,7 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, */ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, uint32_t flags ); -#endif +#endif /* !MBEDTLS_X509_REMOVE_INFO */ /** * \brief Verify a chain of certificates. diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index 9f3cae255..07a371729 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -136,7 +136,7 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); */ int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, const mbedtls_x509_csr *csr ); -#endif +#endif /* !MBEDTLS_X509_REMOVE_INFO */ /** * \brief Initialize a CSR diff --git a/library/oid.c b/library/oid.c index c03d0d5c6..14a1a92fe 100644 --- a/library/oid.c +++ b/library/oid.c @@ -265,27 +265,27 @@ typedef struct { static const oid_x509_ext_t oid_x509_ext[] = { { - OID_DESCRIPTOR( MBEDTLS_OID_BASIC_CONSTRAINTS, "id-ce-basicConstraints", "Basic Constraints" ), + OID_DESCRIPTOR( MBEDTLS_OID_BASIC_CONSTRAINTS, "id-ce-basicConstraints", "Basic Constraints" ), MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS, }, { - OID_DESCRIPTOR( MBEDTLS_OID_KEY_USAGE, "id-ce-keyUsage", "Key Usage" ), + OID_DESCRIPTOR( MBEDTLS_OID_KEY_USAGE, "id-ce-keyUsage", "Key Usage" ), MBEDTLS_OID_X509_EXT_KEY_USAGE, }, { - OID_DESCRIPTOR( MBEDTLS_OID_EXTENDED_KEY_USAGE, "id-ce-extKeyUsage", "Extended Key Usage" ), + OID_DESCRIPTOR( MBEDTLS_OID_EXTENDED_KEY_USAGE, "id-ce-extKeyUsage", "Extended Key Usage" ), MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE, }, { - OID_DESCRIPTOR( MBEDTLS_OID_SUBJECT_ALT_NAME, "id-ce-subjectAltName", "Subject Alt Name" ), + OID_DESCRIPTOR( MBEDTLS_OID_SUBJECT_ALT_NAME, "id-ce-subjectAltName", "Subject Alt Name" ), MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME, }, { - OID_DESCRIPTOR( MBEDTLS_OID_NS_CERT_TYPE, "id-netscape-certtype", "Netscape Certificate Type" ), + OID_DESCRIPTOR( MBEDTLS_OID_NS_CERT_TYPE, "id-netscape-certtype", "Netscape Certificate Type" ), MBEDTLS_OID_X509_EXT_NS_CERT_TYPE, }, { - OID_DESCRIPTOR( MBEDTLS_OID_CERTIFICATE_POLICIES, "id-ce-certificatePolicies", "Certificate Policies" ), + OID_DESCRIPTOR( MBEDTLS_OID_CERTIFICATE_POLICIES, "id-ce-certificatePolicies", "Certificate Policies" ), MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES, }, { @@ -448,15 +448,15 @@ typedef struct { static const oid_pk_alg_t oid_pk_alg[] = { { - OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_RSA, "rsaEncryption", "RSA" ), + OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_RSA, "rsaEncryption", "RSA" ), MBEDTLS_PK_RSA, }, { - OID_DESCRIPTOR( MBEDTLS_OID_EC_ALG_UNRESTRICTED, "id-ecPublicKey", "Generic EC key" ), + OID_DESCRIPTOR( MBEDTLS_OID_EC_ALG_UNRESTRICTED, "id-ecPublicKey", "Generic EC key" ), MBEDTLS_PK_ECKEY, }, { - OID_DESCRIPTOR( MBEDTLS_OID_EC_ALG_ECDH, "id-ecDH", "EC key for ECDH" ), + OID_DESCRIPTOR( MBEDTLS_OID_EC_ALG_ECDH, "id-ecDH", "EC key for ECDH" ), MBEDTLS_PK_ECKEY_DH, }, { From b4e5ddce1b83170c6660a0b18d2951b9de6954f4 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Oct 2020 09:36:01 +0100 Subject: [PATCH 104/160] Fix X.509 CRT parsing test if MBEDTLS_X509_REMOVE_INFO is set Signed-off-by: Hanno Becker --- tests/suites/test_suite_x509parse.function | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 82f7da54a..54a39ff7c 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -830,6 +830,8 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) #if !defined(MBEDTLS_X509_REMOVE_INFO) unsigned char output[2000]; int res; +#else + ((void) result_str); #endif mbedtls_x509_crt_init( &crt ); @@ -844,15 +846,11 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } -#else - ((void) result_str); + memset( output, 0, 2000 ); #endif mbedtls_x509_crt_free( &crt ); mbedtls_x509_crt_init( &crt ); -#if !defined(MBEDTLS_X509_REMOVE_INFO) - memset( output, 0, 2000 ); -#endif TEST_ASSERT( mbedtls_x509_crt_parse_der_nocopy( &crt, buf->x, buf->len ) == ( result ) ); #if !defined(MBEDTLS_X509_REMOVE_INFO) @@ -867,15 +865,14 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } -#else - ((void)result_str); -#endif + memset( output, 0, 2000 ); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_crt_free( &crt ); mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 0, NULL, NULL ) == ( result ) ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) { res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); @@ -885,12 +882,14 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } + memset( output, 0, 2000 ); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_crt_free( &crt ); mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, NULL, NULL ) == ( result ) ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) { res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); @@ -900,6 +899,7 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } +#endif /* !MBEDTLS_X509_REMOVE_INFO */ exit: mbedtls_x509_crt_free( &crt ); From 2c2722d6374867545024d46ac7eadcd8f0250755 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Oct 2020 09:36:23 +0100 Subject: [PATCH 105/160] Add missing MBEDTLS_X509_REMOVE_INFO guards in ssl_context_info.c Signed-off-by: Hanno Becker --- programs/ssl/ssl_context_info.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 4a7c77340..ec24fa8e0 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -494,6 +494,7 @@ size_t read_next_b64_code( uint8_t **b64, size_t *max_len ) return 0; } +#if !defined(MBEDTLS_X509_REMOVE_INFO) /* * This function deserializes and prints to the stdout all obtained information * about the certificates from provided data. @@ -548,6 +549,7 @@ void print_deserialized_ssl_cert( const uint8_t *ssl, uint32_t len ) mbedtls_x509_crt_free( &crt ); } +#endif /* !MBEDTLS_X509_REMOVE_INFO */ /* * This function deserializes and prints to the stdout all obtained information @@ -680,7 +682,9 @@ void print_deserialized_ssl_session( const uint8_t *ssl, uint32_t len, if( cert_len > 0 ) { CHECK_SSL_END( cert_len ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) print_deserialized_ssl_cert( ssl, cert_len ); +#endif ssl += cert_len; } } From fff2d5711cc8098a3317a7df65565d93b722edcf Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Oct 2020 09:45:19 +0100 Subject: [PATCH 106/160] Fix X.509 parsing tests if MBEDTLS_X509_REMOVE_INFO is set Signed-off-by: Hanno Becker --- tests/suites/test_suite_x509parse.function | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 54a39ff7c..408f08b09 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -828,7 +828,7 @@ void x509parse_crt( data_t * buf, char * result_str, int result ) { mbedtls_x509_crt crt; #if !defined(MBEDTLS_X509_REMOVE_INFO) - unsigned char output[2000]; + unsigned char output[2000] = { 0 }; int res; #else ((void) result_str); @@ -911,17 +911,22 @@ void x509parse_crt_cb( data_t * buf, char * result_str, int result ) { mbedtls_x509_crt crt; mbedtls_x509_buf oid; - unsigned char output[2000]; + +#if !defined(MBEDTLS_X509_REMOVE_INFO) + unsigned char output[2000] = { 0 }; int res; +#else + ((void) result_str); +#endif oid.tag = MBEDTLS_ASN1_OID; oid.len = MBEDTLS_OID_SIZE(MBEDTLS_OID_PKIX "\x01\x1F"); oid.p = (unsigned char *)MBEDTLS_OID_PKIX "\x01\x1F"; mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 0, parse_crt_ext_cb, &oid ) == ( result ) ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) { res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); @@ -931,12 +936,15 @@ void x509parse_crt_cb( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } + memset( output, 0, 2000 ); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_crt_free( &crt ); mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, parse_crt_ext_cb, &oid ) == ( result ) ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) { res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); @@ -946,6 +954,7 @@ void x509parse_crt_cb( data_t * buf, char * result_str, int result ) TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); } +#endif /* !MBEDTLS_X509_REMOVE_INFO */ exit: mbedtls_x509_crt_free( &crt ); From 54ac185f334fca8461b39068fa2ca0a2ada4a254 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Oct 2020 09:45:29 +0100 Subject: [PATCH 107/160] Adapt X.509 fuzzing code to support MBEDTLS_X509_REMOVE_INFO Signed-off-by: Hanno Becker --- programs/fuzz/fuzz_x509crl.c | 4 ++++ programs/fuzz/fuzz_x509crt.c | 4 ++++ programs/fuzz/fuzz_x509csr.c | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/programs/fuzz/fuzz_x509crl.c b/programs/fuzz/fuzz_x509crl.c index 02f521cc8..fbfdfe821 100644 --- a/programs/fuzz/fuzz_x509crl.c +++ b/programs/fuzz/fuzz_x509crl.c @@ -9,9 +9,13 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { mbedtls_x509_crl_init( &crl ); ret = mbedtls_x509_crl_parse( &crl, Data, Size ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if (ret == 0) { ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl ); } +#else + ((void) ret); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_crl_free( &crl ); #else (void) Data; diff --git a/programs/fuzz/fuzz_x509crt.c b/programs/fuzz/fuzz_x509crt.c index 8f593a141..7d274a8be 100644 --- a/programs/fuzz/fuzz_x509crt.c +++ b/programs/fuzz/fuzz_x509crt.c @@ -9,9 +9,13 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { mbedtls_x509_crt_init( &crt ); ret = mbedtls_x509_crt_parse( &crt, Data, Size ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if (ret == 0) { ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", &crt ); } +#else + ((void) ret); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_crt_free( &crt ); #else (void) Data; diff --git a/programs/fuzz/fuzz_x509csr.c b/programs/fuzz/fuzz_x509csr.c index 3cf28a6fa..9c21412b0 100644 --- a/programs/fuzz/fuzz_x509csr.c +++ b/programs/fuzz/fuzz_x509csr.c @@ -9,9 +9,13 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { mbedtls_x509_csr_init( &csr ); ret = mbedtls_x509_csr_parse( &csr, Data, Size ); +#if !defined(MBEDTLS_X509_REMOVE_INFO) if (ret == 0) { ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr ); } +#else + ((void) ret); +#endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_csr_free( &csr ); #else (void) Data; From 54dcf5e6c99563cf35dae4a4779f032b9651fec2 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Oct 2020 10:59:23 +0100 Subject: [PATCH 108/160] Add ChangeLog entry Signed-off-by: Hanno Becker --- ChangeLog.d/x509_remove_info.txt | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ChangeLog.d/x509_remove_info.txt diff --git a/ChangeLog.d/x509_remove_info.txt b/ChangeLog.d/x509_remove_info.txt new file mode 100644 index 000000000..c103b1bd8 --- /dev/null +++ b/ChangeLog.d/x509_remove_info.txt @@ -0,0 +1,6 @@ +API changes + * Add configuration option MBEDTLS_X509_REMOVE_INFO which + removes the mbedtls_x509_*_info(), mbedtls_debug_print_crt() + as well as other functions and constants only used by + those functions. This reduces the code footprint by + several kB. From da121744da9b25ffbb6517bfe173dda7e40d7020 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 9 Oct 2020 12:52:43 +0100 Subject: [PATCH 109/160] Fix preprocessor guard in ssl_server2.c Signed-off-by: Hanno Becker --- programs/ssl/ssl_server2.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index a8cc15045..dc33381da 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -623,6 +623,7 @@ struct options #include "ssl_test_common_source.c" +#if defined(MBEDTLS_X509_CRT_PARSE_C) #if !defined(MBEDTLS_X509_REMOVE_INFO) int x509_crt_verify_info( char *buf, size_t size, const char *prefix, uint32_t flags ) @@ -658,6 +659,7 @@ int x509_crt_verify_info( char *buf, size_t size, const char *prefix, return( (int) ( size - n ) ); } #endif /* MBEDTLS_X509_REMOVE_INFO */ +#endif /* MBEDTLS_X509_CRT_PARSE_C */ /* * Return authmode from string, or -1 on error From eb2efb0de7867b4a0e3bd4a62c380feea441d96b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 16 Oct 2020 06:54:39 +0100 Subject: [PATCH 110/160] Avoid unused variable warning in X.509 CSR fuzzing Signed-off-by: Hanno Becker --- programs/fuzz/fuzz_x509crl.c | 1 + programs/fuzz/fuzz_x509crt.c | 1 + programs/fuzz/fuzz_x509csr.c | 1 + 3 files changed, 3 insertions(+) diff --git a/programs/fuzz/fuzz_x509crl.c b/programs/fuzz/fuzz_x509crl.c index fbfdfe821..15affb59b 100644 --- a/programs/fuzz/fuzz_x509crl.c +++ b/programs/fuzz/fuzz_x509crl.c @@ -15,6 +15,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } #else ((void) ret); + ((void) buf); #endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_crl_free( &crl ); #else diff --git a/programs/fuzz/fuzz_x509crt.c b/programs/fuzz/fuzz_x509crt.c index 7d274a8be..dbc153c49 100644 --- a/programs/fuzz/fuzz_x509crt.c +++ b/programs/fuzz/fuzz_x509crt.c @@ -15,6 +15,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } #else ((void) ret); + ((void) buf); #endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_crt_free( &crt ); #else diff --git a/programs/fuzz/fuzz_x509csr.c b/programs/fuzz/fuzz_x509csr.c index 9c21412b0..a270742a9 100644 --- a/programs/fuzz/fuzz_x509csr.c +++ b/programs/fuzz/fuzz_x509csr.c @@ -15,6 +15,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } #else ((void) ret); + ((void) buf); #endif /* !MBEDTLS_X509_REMOVE_INFO */ mbedtls_x509_csr_free( &csr ); #else From 2c7458677ac18188fc3744e55ba03a332d8e9cac Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Wed, 16 Dec 2020 11:41:06 +0000 Subject: [PATCH 111/160] Comment out MBEDTLS_X509_REMOVE_INFO in default config.h Fix an issue where `MBEDTLS_X509_REMOVE_INFO` was defined/enabled by default in `include/mbedtls/config.h`. This should also fix the `context-info.sh` test where it ran the default config and expected to see some output from the x509 info functions that were removed. Also updated relevant comments to more accurately explain how the configuration option works. Signed-off-by: Chris Jones --- include/mbedtls/config.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 6b6388689..0a386db56 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2146,13 +2146,13 @@ /** * \def MBEDTLS_X509_REMOVE_INFO * - * Enable mbedtls_x509_*_info() and related APIs. + * Disable mbedtls_x509_*_info() and related APIs. * - * Comment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt() + * Uncomment to omit mbedtls_x509_*_info(), as well as mbedtls_debug_print_crt() * and other functions/constants only used by these functions, thus reducing * the code footprint by several KB. */ -#define MBEDTLS_X509_REMOVE_INFO +//#define MBEDTLS_X509_REMOVE_INFO /** * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT From ee33c60fc28c4872fdabf3fab3ebb006f3fc07e3 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Wed, 16 Dec 2020 11:52:37 +0000 Subject: [PATCH 112/160] Fix minor styling issues Remove some accidental newlines that were added previously. Update some definition guards to make it clearer that `MBEDTLS_X509_REMOVE_INFO` is defined and not undefined. Signed-off-by: Chris Jones --- programs/x509/cert_app.c | 4 ++-- programs/x509/crl_app.c | 6 +++--- programs/x509/req_app.c | 6 +++--- tests/suites/test_suite_x509parse.function | 2 -- 4 files changed, 8 insertions(+), 10 deletions(-) diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 531947498..fb2484337 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -41,14 +41,14 @@ !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ - !!defined(MBEDTLS_X509_REMOVE_INFO) || !defined(MBEDTLS_CTR_DRBG_C) + !defined(MBEDTLS_CTR_DRBG_C) || defined(MBEDTLS_X509_REMOVE_INFO) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_X509_REMOVE_INFO and/or MBEDTLS_CTR_DRBG_C not defined.\n"); + "MBEDTLS_CTR_DRBG_C not defined and/or MBEDTLS_X509_REMOVE_INFO defined.\n"); mbedtls_exit( 0 ); } #else diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index 029bdd361..db43c54a1 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -36,12 +36,12 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ - !!defined(MBEDTLS_X509_REMOVE_INFO) + defined(MBEDTLS_X509_REMOVE_INFO) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_X509_REMOVE_INFO not defined.\n"); + "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined and/or " + "MBEDTLS_X509_REMOVE_INFO defined.\n"); mbedtls_exit( 0 ); } #else diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index 351dd16ae..e151734d2 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -36,12 +36,12 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ - !!defined(MBEDTLS_X509_REMOVE_INFO) + defined(MBEDTLS_X509_REMOVE_INFO) int main( void ) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_X509_REMOVE_INFO not defined.\n"); + "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined and/or " + "MBEDTLS_X509_REMOVE_INFO defined.\n"); mbedtls_exit( 0 ); } #else diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 408f08b09..f536488ce 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -398,7 +398,6 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf * END_DEPENDENCIES */ - /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ void x509_parse_san( char * crt_file, char * result_str ) { @@ -942,7 +941,6 @@ void x509parse_crt_cb( data_t * buf, char * result_str, int result ) mbedtls_x509_crt_free( &crt ); mbedtls_x509_crt_init( &crt ); - TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, parse_crt_ext_cb, &oid ) == ( result ) ); #if !defined(MBEDTLS_X509_REMOVE_INFO) if( ( result ) == 0 ) From 856db5f722048012dfc165d285a3c88a6bc79496 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Thu, 17 Dec 2020 12:09:14 +0000 Subject: [PATCH 113/160] Remove merge conflict marker Remove a merge conflict marker that was missed in `all.sh` and was causing building to fail. Signed-off-by: Chris Jones --- tests/scripts/all.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 0bb9b0446..b3f141531 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2410,7 +2410,6 @@ component_test_no_64bit_multiplication () { make test } -<<<<<<< HEAD component_test_no_strings () { msg "build: no strings" # ~10s scripts/config.py full From e383fa65d707168142a30859dad75ab15b6af76f Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Tue, 27 Apr 2021 14:50:43 +0100 Subject: [PATCH 114/160] Move x509_crt_verify_info to ssl_test_common_source.c This function was introduced before ssl_test_common_source.c and so the function is replicated in both ssl_client2.c and ssl_server2.c. Move the function to ssl_test_common_source.c to avoid duplication. Signed-off-by: Chris Jones --- programs/ssl/ssl_client2.c | 36 ------------------------- programs/ssl/ssl_server2.c | 38 --------------------------- programs/ssl/ssl_test_common_source.c | 38 +++++++++++++++++++++++++++ 3 files changed, 38 insertions(+), 74 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 5be162f1e..24c859e38 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -523,42 +523,6 @@ struct options #if defined(MBEDTLS_X509_CRT_PARSE_C) static unsigned char peer_crt_info[1024]; -#if !defined(MBEDTLS_X509_REMOVE_INFO) -int x509_crt_verify_info( char *buf, size_t size, const char *prefix, - uint32_t flags ) -{ - return( mbedtls_x509_crt_verify_info( buf, size, prefix, flags ) ); -} -#else /* !MBEDTLS_X509_REMOVE_INFO */ -int x509_crt_verify_info( char *buf, size_t size, const char *prefix, - uint32_t flags ) -{ - int ret; - char *p = buf; - size_t n = size; - -#define X509_CRT_ERROR_INFO( err, err_str, info ) \ - if( ( flags & err ) != 0 ) \ - { \ - ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, info ); \ - MBEDTLS_X509_SAFE_SNPRINTF; \ - flags ^= err; \ - } - - MBEDTLS_X509_CRT_ERROR_INFO_LIST -#undef X509_CRT_ERROR_INFO - - if( flags != 0 ) - { - ret = mbedtls_snprintf( p, n, "%sUnknown reason " - "(this should not happen)\n", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - } - - return( (int) ( size - n ) ); -} -#endif /* MBEDTLS_X509_REMOVE_INFO */ - /* * Enabled if debug_level > 1 in code below */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index dc33381da..8f97541af 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -623,44 +623,6 @@ struct options #include "ssl_test_common_source.c" -#if defined(MBEDTLS_X509_CRT_PARSE_C) -#if !defined(MBEDTLS_X509_REMOVE_INFO) -int x509_crt_verify_info( char *buf, size_t size, const char *prefix, - uint32_t flags ) -{ - return( mbedtls_x509_crt_verify_info( buf, size, prefix, flags ) ); -} -#else /* !MBEDTLS_X509_REMOVE_INFO */ -int x509_crt_verify_info( char *buf, size_t size, const char *prefix, - uint32_t flags ) -{ - int ret; - char *p = buf; - size_t n = size; - -#define X509_CRT_ERROR_INFO( err, err_str, info ) \ - if( ( flags & err ) != 0 ) \ - { \ - ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, info ); \ - MBEDTLS_X509_SAFE_SNPRINTF; \ - flags ^= err; \ - } - - MBEDTLS_X509_CRT_ERROR_INFO_LIST -#undef X509_CRT_ERROR_INFO - - if( flags != 0 ) - { - ret = mbedtls_snprintf( p, n, "%sUnknown reason " - "(this should not happen)\n", prefix ); - MBEDTLS_X509_SAFE_SNPRINTF; - } - - return( (int) ( size - n ) ); -} -#endif /* MBEDTLS_X509_REMOVE_INFO */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - /* * Return authmode from string, or -1 on error */ diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index d9e36078d..35dfa60c2 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -303,3 +303,41 @@ int ssl_sig_hashes_for_test[] = { MBEDTLS_MD_NONE }; #endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if !defined(MBEDTLS_X509_REMOVE_INFO) +/** Functionally equivalent to mbedtls_x509_crt_verify_info, see that function + * for more info. + */ +int x509_crt_verify_info( char *buf, size_t size, const char *prefix, + uint32_t flags ) +{ + return( mbedtls_x509_crt_verify_info( buf, size, prefix, flags ) ); + +#else /* !MBEDTLS_X509_REMOVE_INFO */ + int ret; + char *p = buf; + size_t n = size; + +#define X509_CRT_ERROR_INFO( err, err_str, info ) \ + if( ( flags & err ) != 0 ) \ + { \ + ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, info ); \ + MBEDTLS_X509_SAFE_SNPRINTF; \ + flags ^= err; \ + } + + MBEDTLS_X509_CRT_ERROR_INFO_LIST +#undef X509_CRT_ERROR_INFO + + if( flags != 0 ) + { + ret = mbedtls_snprintf( p, n, "%sUnknown reason " + "(this should not happen)\n", prefix ); + MBEDTLS_X509_SAFE_SNPRINTF; + } + + return( (int) ( size - n ) ); +#endif /* MBEDTLS_X509_REMOVE_INFO */ +} +#endif /* MBEDTLS_X509_CRT_PARSE_C */ From da95ef9ae049538e826ba1654957c95855756b22 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Wed, 28 Apr 2021 10:01:20 +0200 Subject: [PATCH 115/160] Remove PSA AEAD output size compatibility macros MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- .../psa-aead-output-size-macros-1.0.txt | 7 - include/psa/crypto_compat.h | 147 ------------------ 2 files changed, 154 deletions(-) diff --git a/ChangeLog.d/psa-aead-output-size-macros-1.0.txt b/ChangeLog.d/psa-aead-output-size-macros-1.0.txt index 94a66a5f6..22756f1a5 100644 --- a/ChangeLog.d/psa-aead-output-size-macros-1.0.txt +++ b/ChangeLog.d/psa-aead-output-size-macros-1.0.txt @@ -3,10 +3,3 @@ API changes API version 1.0 spec. This version of the spec parameterizes them on the key type used, as well as the key bit-size in the case of PSA_AEAD_TAG_LENGTH. - The old versions of these macros were renamed and deprecated as follows: - - PSA_AEAD_TAG_LENGTH -> PSA_AEAD_TAG_LENGTH_1_ARG - - PSA_AEAD_ENCRYPT_OUTPUT_SIZE -> PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG - - PSA_AEAD_DECRYPT_OUTPUT_SIZE -> PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG - - PSA_AEAD_UPDATE_OUTPUT_SIZE -> PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG - - PSA_AEAD_FINISH_OUTPUT_SIZE -> PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG - - PSA_AEAD_VERIFY_OUTPUT_SIZE -> PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 5dabbd25f..ae09a7012 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -269,153 +269,6 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key #define PSA_ALG_AEAD_WITH_TAG_LENGTH( aead_alg, tag_length ) \ MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_AEAD_WITH_SHORTENED_TAG( aead_alg, tag_length ) ) -/* - * Deprecated PSA AEAD output size macros (PSA Crypto API <= 1.0 beta3) - */ - -/** The tag size for an AEAD algorithm, in bytes. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * - * \return The tag size for the specified algorithm. - * If the AEAD algorithm does not have an identified - * tag that can be distinguished from the rest of - * the ciphertext, return 0. - * If the AEAD algorithm is not recognized, return 0. - */ -#define PSA_AEAD_TAG_LENGTH_1_ARG( alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD( alg ) ? \ - PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ - 0 ) - -/** The maximum size of the output of psa_aead_encrypt(), in bytes. - * - * If the size of the ciphertext buffer is at least this large, it is - * guaranteed that psa_aead_encrypt() will not fail due to an - * insufficient buffer size. Depending on the algorithm, the actual size of - * the ciphertext may be smaller. - * - * \warning This macro may evaluate its arguments multiple times or - * zero times, so you should not pass arguments that contain - * side effects. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param plaintext_length Size of the plaintext in bytes. - * - * \return The AEAD ciphertext size for the specified - * algorithm. - * If the AEAD algorithm is not recognized, return 0. - */ -#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG( alg, plaintext_length ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD( alg ) ? \ - (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ - 0 ) - -/** The maximum size of the output of psa_aead_decrypt(), in bytes. - * - * If the size of the plaintext buffer is at least this large, it is - * guaranteed that psa_aead_decrypt() will not fail due to an - * insufficient buffer size. Depending on the algorithm, the actual size of - * the plaintext may be smaller. - * - * \warning This macro may evaluate its arguments multiple times or - * zero times, so you should not pass arguments that contain - * side effects. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param ciphertext_length Size of the plaintext in bytes. - * - * \return The AEAD ciphertext size for the specified - * algorithm. - * If the AEAD algorithm is not recognized, return 0. - */ -#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG( alg, ciphertext_length ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD( alg ) && \ - (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) ? \ - (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ - 0 ) - -/** A sufficient output buffer size for psa_aead_update(). - * - * If the size of the output buffer is at least this large, it is - * guaranteed that psa_aead_update() will not fail due to an - * insufficient buffer size. The actual size of the output may be smaller - * in any given call. - * - * \warning This macro may evaluate its arguments multiple times or - * zero times, so you should not pass arguments that contain - * side effects. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * \param input_length Size of the input in bytes. - * - * \return A sufficient output buffer size for the specified - * algorithm. - * If the AEAD algorithm is not recognized, return 0. - */ -/* For all the AEAD modes defined in this specification, it is possible - * to emit output without delay. However, hardware may not always be - * capable of this. So for modes based on a block cipher, allow the - * implementation to delay the output until it has a full block. */ -#define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG( alg, input_length ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \ - PSA_ROUND_UP_TO_MULTIPLE( PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length) ) : \ - (input_length) ) - -/** A sufficient ciphertext buffer size for psa_aead_finish(). - * - * If the size of the ciphertext buffer is at least this large, it is - * guaranteed that psa_aead_finish() will not fail due to an - * insufficient ciphertext buffer size. The actual size of the output may - * be smaller in any given call. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * - * \return A sufficient ciphertext buffer size for the - * specified algorithm. - * If the AEAD algorithm is not recognized, return 0. - */ -#define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG( alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \ - PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ - 0 ) - -/** A sufficient plaintext buffer size for psa_aead_verify(). - * - * If the size of the plaintext buffer is at least this large, it is - * guaranteed that psa_aead_verify() will not fail due to an - * insufficient plaintext buffer size. The actual size of the output may - * be smaller in any given call. - * - * \param alg An AEAD algorithm - * (\c PSA_ALG_XXX value such that - * #PSA_ALG_IS_AEAD(\p alg) is true). - * - * \return A sufficient plaintext buffer size for the - * specified algorithm. - * If the AEAD algorithm is not recognized, return 0. - */ -#define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG( alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \ - PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ - 0 ) - #endif /* MBEDTLS_DEPRECATED_REMOVED */ /** Open a handle to an existing persistent key. From fa1f9049902980b5ba9244a99103117ec82cfc79 Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Wed, 28 Apr 2021 10:04:05 +0100 Subject: [PATCH 116/160] Fix an error when copy-pasting x509_crt_verify_info Made a mistake when copy-pasting and put the guard in the wrong place. Fix that by moving the compile time guard. Signed-off-by: Chris Jones --- programs/ssl/ssl_test_common_source.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index 35dfa60c2..73457a139 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -305,13 +305,13 @@ int ssl_sig_hashes_for_test[] = { #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -#if !defined(MBEDTLS_X509_REMOVE_INFO) /** Functionally equivalent to mbedtls_x509_crt_verify_info, see that function * for more info. */ int x509_crt_verify_info( char *buf, size_t size, const char *prefix, uint32_t flags ) { +#if !defined(MBEDTLS_X509_REMOVE_INFO) return( mbedtls_x509_crt_verify_info( buf, size, prefix, flags ) ); #else /* !MBEDTLS_X509_REMOVE_INFO */ From 4d01c5b5c3770ad8c76b30ec415f857c6d454e9a Mon Sep 17 00:00:00 2001 From: Chris Jones Date: Wed, 28 Apr 2021 14:12:07 +0100 Subject: [PATCH 117/160] Remove dead code from pk_parse_key_pkcs8_unencrypted_der pk_get_pk_alg will either return 0 or a pk error code. This means that the error code will always be a high level module ID and so we just return ret. Signed-off-by: Chris Jones --- library/pkparse.c | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 31339c1cc..3222ca20f 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1041,14 +1041,7 @@ static int pk_parse_key_pkcs8_unencrypted_der( if( ( ret = pk_get_pk_alg( &p, end, &pk_alg, ¶ms ) ) != 0 ) { - if( ret >= -0x007F ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); - } - else - { - return ret; - } + return( ret ); } if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) From 98b3cd6b23066ac36e93879e76a529bc831069ab Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 26 Feb 2019 21:47:14 +0100 Subject: [PATCH 118/160] Remove the sample program aescrypt2 The sample program aescrypt2 shows bad practice: hand-rolled CBC implementation, CBC+HMAC for AEAD, hand-rolled iterated SHA-2 for key stretching, no algorithm agility. The new sample program pbcrypt does the same thing, but better. So remove aescrypt2. Fix #1906 Signed-off-by: Gilles Peskine --- ChangeLog.d/aescrypt2.txt | 3 + programs/.gitignore | 1 - programs/Makefile | 5 - programs/README.md | 3 - programs/aes/CMakeLists.txt | 1 - programs/aes/aescrypt2.c | 468 ------------------------------- visualc/VS2010/aescrypt2.vcxproj | 167 ----------- visualc/VS2010/mbedTLS.sln | 13 - 8 files changed, 3 insertions(+), 658 deletions(-) create mode 100644 ChangeLog.d/aescrypt2.txt delete mode 100644 programs/aes/aescrypt2.c delete mode 100644 visualc/VS2010/aescrypt2.vcxproj diff --git a/ChangeLog.d/aescrypt2.txt b/ChangeLog.d/aescrypt2.txt new file mode 100644 index 000000000..7ffa49eaa --- /dev/null +++ b/ChangeLog.d/aescrypt2.txt @@ -0,0 +1,3 @@ +Changes + * Remove the AES sample application programs/aes/aescrypt2 which shows + bad cryptographic practice. Fix #1906. diff --git a/programs/.gitignore b/programs/.gitignore index 33593e0e8..9816c341d 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -8,7 +8,6 @@ *.o *.exe -aes/aescrypt2 aes/crypt_and_hash hash/generic_sum hash/hello diff --git a/programs/Makefile b/programs/Makefile index 47409c3d4..8cd27ea2a 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -56,7 +56,6 @@ LOCAL_LDFLAGS += -lz endif APPS = \ - aes/aescrypt2$(EXEXT) \ aes/crypt_and_hash$(EXEXT) \ hash/generic_sum$(EXEXT) \ hash/hello$(EXEXT) \ @@ -139,10 +138,6 @@ $(MBEDLIBS): ${MBEDTLS_TEST_OBJS}: $(MAKE) -C ../tests mbedtls_test -aes/aescrypt2$(EXEXT): aes/aescrypt2.c $(DEP) - echo " CC aes/aescrypt2.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/aescrypt2.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - aes/crypt_and_hash$(EXEXT): aes/crypt_and_hash.c $(DEP) echo " CC aes/crypt_and_hash.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/crypt_and_hash.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/programs/README.md b/programs/README.md index d26349d0f..e9e9f5773 100644 --- a/programs/README.md +++ b/programs/README.md @@ -5,9 +5,6 @@ This subdirectory mostly contains sample programs that illustrate specific featu ## Symmetric cryptography (AES) examples -* [`aes/aescrypt2.c`](aes/aescrypt2.c): file encryption and authentication with a key derived from a low-entropy secret, demonstrating the low-level AES interface, the digest interface and HMAC. - Warning: this program illustrates how to use low-level functions in the library. It should not be taken as an example of how to build a secure encryption mechanism. To derive a key from a low-entropy secret such as a password, use a standard key stretching mechanism such as PBKDF2 (provided by the `pkcs5` module). To encrypt and authenticate data, use a standard mode such as GCM or CCM (both available as library module). - * [`aes/crypt_and_hash.c`](aes/crypt_and_hash.c): file encryption and authentication, demonstrating the generic cipher interface and the generic hash interface. ## Hash (digest) examples diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt index 6b8ce2ab4..62a54c768 100644 --- a/programs/aes/CMakeLists.txt +++ b/programs/aes/CMakeLists.txt @@ -1,5 +1,4 @@ set(executables - aescrypt2 crypt_and_hash ) diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c deleted file mode 100644 index 95d64d911..000000000 --- a/programs/aes/aescrypt2.c +++ /dev/null @@ -1,468 +0,0 @@ -/* - * AES-256 file encryption program - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* Enable definition of fileno() even when compiling with -std=c99. Must be - * set before config.h, which pulls in glibc's features.h indirectly. - * Harmless on other platforms. */ -#define _POSIX_C_SOURCE 200112L - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#include "mbedtls/aes.h" -#include "mbedtls/md.h" -#include "mbedtls/platform_util.h" - -#include -#include -#include - -#if defined(_WIN32) -#include -#if !defined(_WIN32_WCE) -#include -#endif -#else -#include -#include -#endif - -#define MODE_ENCRYPT 0 -#define MODE_DECRYPT 1 - -#define USAGE \ - "\n aescrypt2 \n" \ - "\n : 0 = encrypt, 1 = decrypt\n" \ - "\n example: aescrypt2 0 file file.aes hex:E76B2413958B00E193\n" \ - "\n" - -#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_SHA256_C) || \ - !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_MD_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_SHA256_C " - "and/or MBEDTLS_FS_IO and/or MBEDTLS_MD_C " - "not defined.\n"); - mbedtls_exit( 0 ); -} -#else - - -int main( int argc, char *argv[] ) -{ - int ret = 0; - int exit_code = MBEDTLS_EXIT_FAILURE; - - unsigned int i, n; - int mode, lastn; - size_t keylen; - FILE *fkey, *fin = NULL, *fout = NULL; - - char *p; - - unsigned char IV[16]; - unsigned char tmp[16]; - unsigned char key[512]; - unsigned char digest[64]; - unsigned char buffer[1024]; - unsigned char diff; - - mbedtls_aes_context aes_ctx; - mbedtls_md_context_t sha_ctx; - -#if defined(_WIN32_WCE) - long filesize, offset; -#elif defined(_WIN32) - LARGE_INTEGER li_size; - __int64 filesize, offset; -#else - off_t filesize, offset; -#endif - - mbedtls_aes_init( &aes_ctx ); - mbedtls_md_init( &sha_ctx ); - - ret = mbedtls_md_setup( &sha_ctx, mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), 1 ); - if( ret != 0 ) - { - mbedtls_printf( " ! mbedtls_md_setup() returned -0x%04x\n", (unsigned int) -ret ); - goto exit; - } - - /* - * Parse the command-line arguments. - */ - if( argc != 5 ) - { - mbedtls_printf( USAGE ); - -#if defined(_WIN32) - mbedtls_printf( "\n Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - goto exit; - } - - mode = atoi( argv[1] ); - memset( IV, 0, sizeof( IV ) ); - memset( key, 0, sizeof( key ) ); - memset( digest, 0, sizeof( digest ) ); - memset( buffer, 0, sizeof( buffer ) ); - - if( mode != MODE_ENCRYPT && mode != MODE_DECRYPT ) - { - mbedtls_fprintf( stderr, "invalide operation mode\n" ); - goto exit; - } - - if( strcmp( argv[2], argv[3] ) == 0 ) - { - mbedtls_fprintf( stderr, "input and output filenames must differ\n" ); - goto exit; - } - - if( ( fin = fopen( argv[2], "rb" ) ) == NULL ) - { - mbedtls_fprintf( stderr, "fopen(%s,rb) failed\n", argv[2] ); - goto exit; - } - - if( ( fout = fopen( argv[3], "wb+" ) ) == NULL ) - { - mbedtls_fprintf( stderr, "fopen(%s,wb+) failed\n", argv[3] ); - goto exit; - } - - /* - * Read the secret key from file or command line - */ - if( ( fkey = fopen( argv[4], "rb" ) ) != NULL ) - { - keylen = fread( key, 1, sizeof( key ), fkey ); - fclose( fkey ); - } - else - { - if( memcmp( argv[4], "hex:", 4 ) == 0 ) - { - p = &argv[4][4]; - keylen = 0; - - while( sscanf( p, "%02X", &n ) > 0 && - keylen < (int) sizeof( key ) ) - { - key[keylen++] = (unsigned char) n; - p += 2; - } - } - else - { - keylen = strlen( argv[4] ); - - if( keylen > (int) sizeof( key ) ) - keylen = (int) sizeof( key ); - - memcpy( key, argv[4], keylen ); - } - } - -#if defined(_WIN32_WCE) - filesize = fseek( fin, 0L, SEEK_END ); -#else -#if defined(_WIN32) - /* - * Support large files (> 2Gb) on Win32 - */ - li_size.QuadPart = 0; - li_size.LowPart = - SetFilePointer( (HANDLE) _get_osfhandle( _fileno( fin ) ), - li_size.LowPart, &li_size.HighPart, FILE_END ); - - if( li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR ) - { - mbedtls_fprintf( stderr, "SetFilePointer(0,FILE_END) failed\n" ); - goto exit; - } - - filesize = li_size.QuadPart; -#else - if( ( filesize = lseek( fileno( fin ), 0, SEEK_END ) ) < 0 ) - { - perror( "lseek" ); - goto exit; - } -#endif -#endif - - if( fseek( fin, 0, SEEK_SET ) < 0 ) - { - mbedtls_fprintf( stderr, "fseek(0,SEEK_SET) failed\n" ); - goto exit; - } - - if( mode == MODE_ENCRYPT ) - { - /* - * Generate the initialization vector as: - * IV = SHA-256( filesize || filename )[0..15] - */ - for( i = 0; i < 8; i++ ) - buffer[i] = (unsigned char)( filesize >> ( i << 3 ) ); - - p = argv[2]; - - mbedtls_md_starts( &sha_ctx ); - mbedtls_md_update( &sha_ctx, buffer, 8 ); - mbedtls_md_update( &sha_ctx, (unsigned char *) p, strlen( p ) ); - mbedtls_md_finish( &sha_ctx, digest ); - - memcpy( IV, digest, 16 ); - - /* - * The last four bits in the IV are actually used - * to store the file size modulo the AES block size. - */ - lastn = (int)( filesize & 0x0F ); - - IV[15] = (unsigned char) - ( ( IV[15] & 0xF0 ) | lastn ); - - /* - * Append the IV at the beginning of the output. - */ - if( fwrite( IV, 1, 16, fout ) != 16 ) - { - mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 ); - goto exit; - } - - /* - * Hash the IV and the secret key together 8192 times - * using the result to setup the AES context and HMAC. - */ - memset( digest, 0, 32 ); - memcpy( digest, IV, 16 ); - - for( i = 0; i < 8192; i++ ) - { - mbedtls_md_starts( &sha_ctx ); - mbedtls_md_update( &sha_ctx, digest, 32 ); - mbedtls_md_update( &sha_ctx, key, keylen ); - mbedtls_md_finish( &sha_ctx, digest ); - } - - mbedtls_aes_setkey_enc( &aes_ctx, digest, 256 ); - mbedtls_md_hmac_starts( &sha_ctx, digest, 32 ); - - /* - * Encrypt and write the ciphertext. - */ - for( offset = 0; offset < filesize; offset += 16 ) - { - n = ( filesize - offset > 16 ) ? 16 : (int) - ( filesize - offset ); - - if( fread( buffer, 1, n, fin ) != (size_t) n ) - { - mbedtls_fprintf( stderr, "fread(%u bytes) failed\n", n ); - goto exit; - } - - for( i = 0; i < 16; i++ ) - buffer[i] = (unsigned char)( buffer[i] ^ IV[i] ); - - mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, buffer, buffer ); - mbedtls_md_hmac_update( &sha_ctx, buffer, 16 ); - - if( fwrite( buffer, 1, 16, fout ) != 16 ) - { - mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 ); - goto exit; - } - - memcpy( IV, buffer, 16 ); - } - - /* - * Finally write the HMAC. - */ - mbedtls_md_hmac_finish( &sha_ctx, digest ); - - if( fwrite( digest, 1, 32, fout ) != 32 ) - { - mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 ); - goto exit; - } - } - - if( mode == MODE_DECRYPT ) - { - /* - * The encrypted file must be structured as follows: - * - * 00 .. 15 Initialization Vector - * 16 .. 31 AES Encrypted Block #1 - * .. - * N*16 .. (N+1)*16 - 1 AES Encrypted Block #N - * (N+1)*16 .. (N+1)*16 + 32 HMAC-SHA-256(ciphertext) - */ - if( filesize < 48 ) - { - mbedtls_fprintf( stderr, "File too short to be encrypted.\n" ); - goto exit; - } - - if( ( filesize & 0x0F ) != 0 ) - { - mbedtls_fprintf( stderr, "File size not a multiple of 16.\n" ); - goto exit; - } - - /* - * Subtract the IV + HMAC length. - */ - filesize -= ( 16 + 32 ); - - /* - * Read the IV and original filesize modulo 16. - */ - if( fread( buffer, 1, 16, fin ) != 16 ) - { - mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 ); - goto exit; - } - - memcpy( IV, buffer, 16 ); - lastn = IV[15] & 0x0F; - - /* - * Hash the IV and the secret key together 8192 times - * using the result to setup the AES context and HMAC. - */ - memset( digest, 0, 32 ); - memcpy( digest, IV, 16 ); - - for( i = 0; i < 8192; i++ ) - { - mbedtls_md_starts( &sha_ctx ); - mbedtls_md_update( &sha_ctx, digest, 32 ); - mbedtls_md_update( &sha_ctx, key, keylen ); - mbedtls_md_finish( &sha_ctx, digest ); - } - - mbedtls_aes_setkey_dec( &aes_ctx, digest, 256 ); - mbedtls_md_hmac_starts( &sha_ctx, digest, 32 ); - - /* - * Decrypt and write the plaintext. - */ - for( offset = 0; offset < filesize; offset += 16 ) - { - if( fread( buffer, 1, 16, fin ) != 16 ) - { - mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 ); - goto exit; - } - - memcpy( tmp, buffer, 16 ); - - mbedtls_md_hmac_update( &sha_ctx, buffer, 16 ); - mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_DECRYPT, buffer, buffer ); - - for( i = 0; i < 16; i++ ) - buffer[i] = (unsigned char)( buffer[i] ^ IV[i] ); - - memcpy( IV, tmp, 16 ); - - n = ( lastn > 0 && offset == filesize - 16 ) - ? lastn : 16; - - if( fwrite( buffer, 1, n, fout ) != (size_t) n ) - { - mbedtls_fprintf( stderr, "fwrite(%u bytes) failed\n", n ); - goto exit; - } - } - - /* - * Verify the message authentication code. - */ - mbedtls_md_hmac_finish( &sha_ctx, digest ); - - if( fread( buffer, 1, 32, fin ) != 32 ) - { - mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 32 ); - goto exit; - } - - /* Use constant-time buffer comparison */ - diff = 0; - for( i = 0; i < 32; i++ ) - diff |= digest[i] ^ buffer[i]; - - if( diff != 0 ) - { - mbedtls_fprintf( stderr, "HMAC check failed: wrong key, " - "or file corrupted.\n" ); - goto exit; - } - } - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - if( fin ) - fclose( fin ); - if( fout ) - fclose( fout ); - - /* Zeroize all command line arguments to also cover - the case when the user has missed or reordered some, - in which case the key might not be in argv[4]. */ - for( i = 0; i < (unsigned int) argc; i++ ) - mbedtls_platform_zeroize( argv[i], strlen( argv[i] ) ); - - mbedtls_platform_zeroize( IV, sizeof( IV ) ); - mbedtls_platform_zeroize( key, sizeof( key ) ); - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - mbedtls_platform_zeroize( buffer, sizeof( buffer ) ); - mbedtls_platform_zeroize( digest, sizeof( digest ) ); - - mbedtls_aes_free( &aes_ctx ); - mbedtls_md_free( &sha_ctx ); - - mbedtls_exit( exit_code ); -} -#endif /* MBEDTLS_AES_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */ diff --git a/visualc/VS2010/aescrypt2.vcxproj b/visualc/VS2010/aescrypt2.vcxproj deleted file mode 100644 index 0707e1245..000000000 --- a/visualc/VS2010/aescrypt2.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8} - Win32Proj - aescrypt2 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln index 26219dd7c..d1e884e26 100644 --- a/visualc/VS2010/mbedTLS.sln +++ b/visualc/VS2010/mbedTLS.sln @@ -3,11 +3,6 @@ Microsoft Visual Studio Solution File, Format Version 11.00 # Visual C++ Express 2010 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mbedTLS", "mbedTLS.vcxproj", "{46CF2D25-6A36-4189-B59C-E4815388E554}" EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "aescrypt2", "aescrypt2.vcxproj", "{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypt_and_hash", "crypt_and_hash.vcxproj", "{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}" ProjectSection(ProjectDependencies) = postProject {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} @@ -279,14 +274,6 @@ Global {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|Win32.Build.0 = Release|Win32 {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.ActiveCfg = Release|x64 {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.Build.0 = Release|x64 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|Win32.ActiveCfg = Debug|Win32 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|Win32.Build.0 = Debug|Win32 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|x64.ActiveCfg = Debug|x64 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|x64.Build.0 = Debug|x64 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|Win32.ActiveCfg = Release|Win32 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|Win32.Build.0 = Release|Win32 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|x64.ActiveCfg = Release|x64 - {7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|x64.Build.0 = Release|x64 {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.ActiveCfg = Debug|Win32 {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.Build.0 = Debug|Win32 {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|x64.ActiveCfg = Debug|x64 From 9876a85f223e020b841cadb10604ddd6102090a8 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 28 Apr 2021 16:29:28 +0200 Subject: [PATCH 119/160] Change the place where the _CIPHER_MODE_CBC is defined from test to check_config.h Signed-off-by: TRodziewicz --- tests/suites/test_suite_cmac.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_cmac.function b/tests/suites/test_suite_cmac.function index 859b2e025..cabf1070c 100644 --- a/tests/suites/test_suite_cmac.function +++ b/tests/suites/test_suite_cmac.function @@ -98,7 +98,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ +/* BEGIN_CASE */ void mbedtls_cmac_setkey( int cipher_type, int key_size, int result ) { const mbedtls_cipher_info_t *cipher_info; From 92b1febbf63243801c94e11c0c0046aa87d68aea Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 28 Apr 2021 16:34:13 +0200 Subject: [PATCH 120/160] addind check_config.h to the commit Signed-off-by: TRodziewicz --- include/mbedtls/check_config.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 6bf16da83..028f60489 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -85,6 +85,10 @@ #error "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT defined, but not all prerequisites" #endif +#if defined(MBEDTLS_CMAC_C) +#define MBEDTLS_CIPHER_MODE_CBC +#endif + #if defined(MBEDTLS_CMAC_C) && \ !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C) #error "MBEDTLS_CMAC_C defined, but not all prerequisites" From 2add5c13ea504f255c62e6c566ca650af2e3e2ef Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 28 Apr 2021 16:50:20 +0200 Subject: [PATCH 121/160] On second thought changing the way the test is run Signed-off-by: TRodziewicz --- include/mbedtls/check_config.h | 4 ---- tests/scripts/all.sh | 1 + 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 98a554df6..47b5de04d 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -81,10 +81,6 @@ #error "MBEDTLS_DHM_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_CMAC_C) -#define MBEDTLS_CIPHER_MODE_CBC -#endif - #if defined(MBEDTLS_CMAC_C) && \ !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C) #error "MBEDTLS_CMAC_C defined, but not all prerequisites" diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a60b66bf4..2b0122c19 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2063,6 +2063,7 @@ component_test_when_no_ciphersuites_have_mac () { scripts/config.py unset MBEDTLS_ARC4_C scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_ECJPAKE_C + scripts/config.py unset MBEDTLS_CMAC_C make msg "test: !MBEDTLS_SSL_SOME_MODES_USE_MAC" From 89f98c2556a2148b8ee693a71106247108f2d124 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 29 Apr 2021 14:08:09 +0200 Subject: [PATCH 122/160] Removal of wrongly placed unset Signed-off-by: TRodziewicz --- tests/scripts/all.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2b0122c19..9c2bcc1d7 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2062,7 +2062,6 @@ component_test_when_no_ciphersuites_have_mac () { scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER scripts/config.py unset MBEDTLS_ARC4_C scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC - scripts/config.py unset MBEDTLS_ECJPAKE_C scripts/config.py unset MBEDTLS_CMAC_C make From 18efb73743cd44d822034c29f8d12beb55e03eec Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 29 Apr 2021 23:12:19 +0200 Subject: [PATCH 123/160] Remove deprecated functions and constants. Signed-off-by: TRodziewicz --- ChangeLog.d/issue4282.txt | 2 + configs/config-psa-crypto.h | 4 +- include/mbedtls/aes.h | 38 ---- include/mbedtls/bignum.h | 31 --- include/mbedtls/cipher.h | 127 +----------- include/mbedtls/compat-1.3.h | 14 -- include/mbedtls/config.h | 8 +- include/mbedtls/ctr_drbg.h | 29 --- include/mbedtls/dhm.h | 155 -------------- include/mbedtls/ecdsa.h | 121 +---------- include/mbedtls/hmac_drbg.h | 24 --- include/mbedtls/net.h | 35 ---- include/mbedtls/ssl.h | 54 ----- library/aes.c | 18 -- library/bignum.c | 20 -- library/cipher.c | 56 +----- library/ctr_drbg.c | 15 +- library/ecdsa.c | 114 ++--------- library/hmac_drbg.c | 9 - library/psa_crypto.c | 2 +- library/ssl_msg.c | 6 +- library/ssl_tls.c | 25 --- programs/test/cpp_dummy_build.cpp | 1 - scripts/data_files/rename-1.3-2.0.txt | 13 -- tests/src/drivers/signature.c | 2 +- tests/suites/test_suite_cipher.function | 255 ------------------------ visualc/VS2010/mbedTLS.vcxproj | 1 - 27 files changed, 33 insertions(+), 1146 deletions(-) create mode 100644 ChangeLog.d/issue4282.txt delete mode 100644 include/mbedtls/net.h diff --git a/ChangeLog.d/issue4282.txt b/ChangeLog.d/issue4282.txt new file mode 100644 index 000000000..27d9a281a --- /dev/null +++ b/ChangeLog.d/issue4282.txt @@ -0,0 +1,2 @@ +Removals + * Remove deprecated functions and constants. Fix #4282 diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 5635e9891..91fee9779 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -400,8 +400,8 @@ * \note Because of a signature change, the core AES encryption and decryption routines are * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, * respectively. When setting up alternative implementations, these functions should - * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt - * must stay untouched. + * be overridden, but the wrapper functions mbedtls_internal_aes_decrypt and + * mbedtls_internal_aes_encrypt must stay untouched. * * \note If you use the AES_xxx_ALT macros, then is is recommended to also set * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 052f47c9d..183367c71 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -617,44 +617,6 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ); -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif -/** - * \brief Deprecated internal AES block encryption function - * without return value. - * - * \deprecated Superseded by mbedtls_internal_aes_encrypt() - * - * \param ctx The AES context to use for encryption. - * \param input Plaintext block. - * \param output Output (ciphertext) block. - */ -MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ); - -/** - * \brief Deprecated internal AES block decryption function - * without return value. - * - * \deprecated Superseded by mbedtls_internal_aes_decrypt() - * - * \param ctx The AES context to use for decryption. - * \param input Ciphertext block. - * \param output Output (plaintext) block. - */ -MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ); - -#undef MBEDTLS_DEPRECATED -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - - #if defined(MBEDTLS_SELF_TEST) /** * \brief Checkup routine. diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 637360e30..073b4a40c 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -904,37 +904,6 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N ); -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif -/** - * \brief Perform a Miller-Rabin primality test with error - * probability of 2-80. - * - * \deprecated Superseded by mbedtls_mpi_is_prime_ext() which allows - * specifying the number of Miller-Rabin rounds. - * - * \param X The MPI to check for primality. - * This must point to an initialized MPI. - * \param f_rng The RNG function to use. This must not be \c NULL. - * \param p_rng The RNG parameter to be passed to \p f_rng. - * This may be \c NULL if \p f_rng doesn't use a - * context parameter. - * - * \return \c 0 if successful, i.e. \p X is probably prime. - * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. - * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime. - * \return Another negative error code on other kinds of failure. - */ -MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); -#undef MBEDTLS_DEPRECATED -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - /** * \brief Miller-Rabin primality test. * diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 1cafa6ec2..82e8c4158 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -470,8 +470,8 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, * \param cipher_info The cipher to use. * \param taglen For AEAD ciphers, the length in bytes of the * authentication tag to use. Subsequent uses of - * mbedtls_cipher_auth_encrypt() or - * mbedtls_cipher_auth_decrypt() must provide + * mbedtls_cipher_auth_encrypt_ext() or + * mbedtls_cipher_auth_decrypt_ext() must provide * the same tag length. * For non-AEAD ciphers, the value must be \c 0. * @@ -856,129 +856,6 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen ); -#if defined(MBEDTLS_CIPHER_MODE_AEAD) -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif /* MBEDTLS_DEPRECATED_WARNING */ -/** - * \brief The generic authenticated encryption (AEAD) function. - * - * \deprecated Superseded by mbedtls_cipher_auth_encrypt_ext(). - * - * \note This function only supports AEAD algorithms, not key - * wrapping algorithms such as NIST_KW; for this, see - * mbedtls_cipher_auth_encrypt_ext(). - * - * \param ctx The generic cipher context. This must be initialized and - * bound to a key associated with an AEAD algorithm. - * \param iv The nonce to use. This must be a readable buffer of - * at least \p iv_len Bytes and must not be \c NULL. - * \param iv_len The length of the nonce. This must satisfy the - * constraints imposed by the AEAD cipher used. - * \param ad The additional data to authenticate. This must be a - * readable buffer of at least \p ad_len Bytes, and may - * be \c NULL is \p ad_len is \c 0. - * \param ad_len The length of \p ad. - * \param input The buffer holding the input data. This must be a - * readable buffer of at least \p ilen Bytes, and may be - * \c NULL if \p ilen is \c 0. - * \param ilen The length of the input data. - * \param output The buffer for the output data. This must be a - * writable buffer of at least \p ilen Bytes, and must - * not be \c NULL. - * \param olen This will be filled with the actual number of Bytes - * written to the \p output buffer. This must point to a - * writable object of type \c size_t. - * \param tag The buffer for the authentication tag. This must be a - * writable buffer of at least \p tag_len Bytes. See note - * below regarding restrictions with PSA-based contexts. - * \param tag_len The desired length of the authentication tag. This - * must match the constraints imposed by the AEAD cipher - * used, and in particular must not be \c 0. - * - * \note If the context is based on PSA (that is, it was set up - * with mbedtls_cipher_setup_psa()), then it is required - * that \c tag == output + ilen. That is, the tag must be - * appended to the ciphertext as recommended by RFC 5116. - * - * \return \c 0 on success. - * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on - * parameter-verification failure. - * \return A cipher-specific error code on failure. - */ -int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - unsigned char *tag, size_t tag_len ) - MBEDTLS_DEPRECATED; - -/** - * \brief The generic authenticated decryption (AEAD) function. - * - * \deprecated Superseded by mbedtls_cipher_auth_decrypt_ext(). - * - * \note This function only supports AEAD algorithms, not key - * wrapping algorithms such as NIST_KW; for this, see - * mbedtls_cipher_auth_decrypt_ext(). - * - * \note If the data is not authentic, then the output buffer - * is zeroed out to prevent the unauthentic plaintext being - * used, making this interface safer. - * - * \param ctx The generic cipher context. This must be initialized and - * bound to a key associated with an AEAD algorithm. - * \param iv The nonce to use. This must be a readable buffer of - * at least \p iv_len Bytes and must not be \c NULL. - * \param iv_len The length of the nonce. This must satisfy the - * constraints imposed by the AEAD cipher used. - * \param ad The additional data to authenticate. This must be a - * readable buffer of at least \p ad_len Bytes, and may - * be \c NULL is \p ad_len is \c 0. - * \param ad_len The length of \p ad. - * \param input The buffer holding the input data. This must be a - * readable buffer of at least \p ilen Bytes, and may be - * \c NULL if \p ilen is \c 0. - * \param ilen The length of the input data. - * \param output The buffer for the output data. This must be a - * writable buffer of at least \p ilen Bytes, and must - * not be \c NULL. - * \param olen This will be filled with the actual number of Bytes - * written to the \p output buffer. This must point to a - * writable object of type \c size_t. - * \param tag The buffer for the authentication tag. This must be a - * readable buffer of at least \p tag_len Bytes. See note - * below regarding restrictions with PSA-based contexts. - * \param tag_len The length of the authentication tag. This must match - * the constraints imposed by the AEAD cipher used, and in - * particular must not be \c 0. - * - * \note If the context is based on PSA (that is, it was set up - * with mbedtls_cipher_setup_psa()), then it is required - * that \c tag == input + len. That is, the tag must be - * appended to the ciphertext as recommended by RFC 5116. - * - * \return \c 0 on success. - * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on - * parameter-verification failure. - * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic. - * \return A cipher-specific error code on failure. - */ -int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - const unsigned char *tag, size_t tag_len ) - MBEDTLS_DEPRECATED; -#undef MBEDTLS_DEPRECATED -#endif /* MBEDTLS_DEPRECATED_REMOVED */ -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ - #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) /** * \brief The authenticated encryption (AEAD/NIST_KW) function. diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h index c42381210..00597f2cf 100644 --- a/include/mbedtls/compat-1.3.h +++ b/include/mbedtls/compat-1.3.h @@ -998,12 +998,6 @@ #define POLARSSL_DECRYPT MBEDTLS_DECRYPT #define POLARSSL_DES_H MBEDTLS_DES_H #define POLARSSL_DHM_H MBEDTLS_DHM_H -#define POLARSSL_DHM_RFC3526_MODP_2048_G MBEDTLS_DHM_RFC3526_MODP_2048_G -#define POLARSSL_DHM_RFC3526_MODP_2048_P MBEDTLS_DHM_RFC3526_MODP_2048_P -#define POLARSSL_DHM_RFC3526_MODP_3072_G MBEDTLS_DHM_RFC3526_MODP_3072_G -#define POLARSSL_DHM_RFC3526_MODP_3072_P MBEDTLS_DHM_RFC3526_MODP_3072_P -#define POLARSSL_DHM_RFC5114_MODP_2048_G MBEDTLS_DHM_RFC5114_MODP_2048_G -#define POLARSSL_DHM_RFC5114_MODP_2048_P MBEDTLS_DHM_RFC5114_MODP_2048_P #define POLARSSL_ECDH_H MBEDTLS_ECDH_H #define POLARSSL_ECDH_OURS MBEDTLS_ECDH_OURS #define POLARSSL_ECDH_THEIRS MBEDTLS_ECDH_THEIRS @@ -1786,8 +1780,6 @@ #define ccm_free mbedtls_ccm_free #define ccm_init mbedtls_ccm_init #define ccm_self_test mbedtls_ccm_self_test -#define cipher_auth_decrypt mbedtls_cipher_auth_decrypt -#define cipher_auth_encrypt mbedtls_cipher_auth_encrypt #define cipher_base_t mbedtls_cipher_base_t #define cipher_check_tag mbedtls_cipher_check_tag #define cipher_context_t mbedtls_cipher_context_t @@ -1831,7 +1823,6 @@ #define ctr_drbg_set_entropy_len mbedtls_ctr_drbg_set_entropy_len #define ctr_drbg_set_prediction_resistance mbedtls_ctr_drbg_set_prediction_resistance #define ctr_drbg_set_reseed_interval mbedtls_ctr_drbg_set_reseed_interval -#define ctr_drbg_update mbedtls_ctr_drbg_update #define ctr_drbg_update_seed_file mbedtls_ctr_drbg_update_seed_file #define ctr_drbg_write_seed_file mbedtls_ctr_drbg_write_seed_file #define debug_print_buf mbedtls_debug_print_buf @@ -1892,10 +1883,8 @@ #define ecdsa_init mbedtls_ecdsa_init #define ecdsa_read_signature mbedtls_ecdsa_read_signature #define ecdsa_sign mbedtls_ecdsa_sign -#define ecdsa_sign_det mbedtls_ecdsa_sign_det #define ecdsa_verify mbedtls_ecdsa_verify #define ecdsa_write_signature mbedtls_ecdsa_write_signature -#define ecdsa_write_signature_det mbedtls_ecdsa_write_signature_det #define eckey_info mbedtls_eckey_info #define eckeydh_info mbedtls_eckeydh_info #define ecp_check_privkey mbedtls_ecp_check_privkey @@ -1967,7 +1956,6 @@ #define hmac_drbg_set_entropy_len mbedtls_hmac_drbg_set_entropy_len #define hmac_drbg_set_prediction_resistance mbedtls_hmac_drbg_set_prediction_resistance #define hmac_drbg_set_reseed_interval mbedtls_hmac_drbg_set_reseed_interval -#define hmac_drbg_update mbedtls_hmac_drbg_update #define hmac_drbg_update_seed_file mbedtls_hmac_drbg_update_seed_file #define hmac_drbg_write_seed_file mbedtls_hmac_drbg_write_seed_file #define hr_time mbedtls_timing_hr_time @@ -2053,7 +2041,6 @@ #define mpi_grow mbedtls_mpi_grow #define mpi_init mbedtls_mpi_init #define mpi_inv_mod mbedtls_mpi_inv_mod -#define mpi_is_prime mbedtls_mpi_is_prime #define mpi_lsb mbedtls_mpi_lsb #define mpi_lset mbedtls_mpi_lset #define mpi_mod_int mbedtls_mpi_mod_int @@ -2352,7 +2339,6 @@ #define ssl_set_client_transport_id mbedtls_ssl_set_client_transport_id #define ssl_set_curves mbedtls_ssl_conf_curves #define ssl_set_dbg mbedtls_ssl_conf_dbg -#define ssl_set_dh_param mbedtls_ssl_conf_dh_param #define ssl_set_dh_param_ctx mbedtls_ssl_conf_dh_param_ctx #define ssl_set_dtls_anti_replay mbedtls_ssl_conf_dtls_anti_replay #define ssl_set_dtls_badmac_limit mbedtls_ssl_conf_dtls_badmac_limit diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 46941e27f..e2a65e8b3 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -424,8 +424,8 @@ * \note Because of a signature change, the core AES encryption and decryption routines are * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, * respectively. When setting up alternative implementations, these functions should - * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt - * must stay untouched. + * be overridden, but the wrapper functions mbedtls_internal_aes_decrypt and + * mbedtls_internal_aes_encrypt must stay untouched. * * \note If you use the AES_xxx_ALT macros, then is is recommended to also set * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES @@ -446,8 +446,8 @@ * the ephemeral key and nothing else. If this is not possible, then * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative * implementation should be provided for mbedtls_ecdsa_sign_det_ext() - * (and for mbedtls_ecdsa_sign_det() too if backward compatibility is - * desirable). + * (and for mbedtls_ecdsa_sign_det_ext() too if backward compatibility + * is desirable). * */ //#define MBEDTLS_MD2_PROCESS_ALT diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 7f1d23253..b84ab83a5 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -487,35 +487,6 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len ); - -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif -/** - * \brief This function updates the state of the CTR_DRBG context. - * - * \deprecated Superseded by mbedtls_ctr_drbg_update_ret() - * in 2.16.0. - * - * \note If \p add_len is greater than - * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT, only the first - * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT Bytes are used. - * The remaining Bytes are silently discarded. - * - * \param ctx The CTR_DRBG context. - * \param additional The data to update the state with. - * \param add_len Length of \p additional data. - */ -MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update( - mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ); -#undef MBEDTLS_DEPRECATED -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - #if defined(MBEDTLS_FS_IO) /** * \brief This function writes a seed file. diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index c7830b9ee..16dd1656e 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -386,161 +386,6 @@ int mbedtls_dhm_self_test( int verbose ); * */ -#if !defined(MBEDTLS_DEPRECATED_REMOVED) - -/** - * \warning The origin of the primes in RFC 5114 is not documented and - * their use therefore constitutes a security risk! - * - * \deprecated The hex-encoded primes from RFC 5114 are deprecated and are - * likely to be removed in a future version of the library without - * replacement. - */ - -/** - * The hexadecimal presentation of the prime underlying the - * 2048-bit MODP Group with 224-bit Prime Order Subgroup, as defined - * in RFC-5114: Additional Diffie-Hellman Groups for Use with - * IETF Standards. - */ -#define MBEDTLS_DHM_RFC5114_MODP_2048_P \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( \ - "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \ - "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \ - "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212" \ - "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207" \ - "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708" \ - "B3BF8A317091883681286130BC8985DB1602E714415D9330" \ - "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D" \ - "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" \ - "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763" \ - "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \ - "CF9DE5384E71B81C0AC4DFFE0C10E64F" ) - -/** - * The hexadecimal presentation of the chosen generator of the 2048-bit MODP - * Group with 224-bit Prime Order Subgroup, as defined in RFC-5114: - * Additional Diffie-Hellman Groups for Use with IETF Standards. - */ -#define MBEDTLS_DHM_RFC5114_MODP_2048_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( \ - "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF" \ - "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA" \ - "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7" \ - "C17669101999024AF4D027275AC1348BB8A762D0521BC98A" \ - "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE" \ - "F180EB34118E98D119529A45D6F834566E3025E316A330EF" \ - "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB" \ - "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381" \ - "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269" \ - "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179" \ - "81BC087F2A7065B384B890D3191F2BFA" ) - -/** - * The hexadecimal presentation of the prime underlying the 2048-bit MODP - * Group, as defined in RFC-3526: More Modular Exponential (MODP) - * Diffie-Hellman groups for Internet Key Exchange (IKE). - * - * \deprecated The hex-encoded primes from RFC 3625 are deprecated and - * superseded by the corresponding macros providing them as - * binary constants. Their hex-encoded constants are likely - * to be removed in a future version of the library. - * - */ -#define MBEDTLS_DHM_RFC3526_MODP_2048_P \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( \ - "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ - "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ - "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ - "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ - "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ - "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ - "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ - "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ - "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ - "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ - "15728E5A8AACAA68FFFFFFFFFFFFFFFF" ) - -/** - * The hexadecimal presentation of the chosen generator of the 2048-bit MODP - * Group, as defined in RFC-3526: More Modular Exponential (MODP) - * Diffie-Hellman groups for Internet Key Exchange (IKE). - */ -#define MBEDTLS_DHM_RFC3526_MODP_2048_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" ) - -/** - * The hexadecimal presentation of the prime underlying the 3072-bit MODP - * Group, as defined in RFC-3072: More Modular Exponential (MODP) - * Diffie-Hellman groups for Internet Key Exchange (IKE). - */ -#define MBEDTLS_DHM_RFC3526_MODP_3072_P \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( \ - "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ - "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ - "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ - "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ - "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ - "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ - "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ - "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ - "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ - "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ - "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \ - "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \ - "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ - "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ - "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ - "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" ) - -/** - * The hexadecimal presentation of the chosen generator of the 3072-bit MODP - * Group, as defined in RFC-3526: More Modular Exponential (MODP) - * Diffie-Hellman groups for Internet Key Exchange (IKE). - */ -#define MBEDTLS_DHM_RFC3526_MODP_3072_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" ) - -/** - * The hexadecimal presentation of the prime underlying the 4096-bit MODP - * Group, as defined in RFC-3526: More Modular Exponential (MODP) - * Diffie-Hellman groups for Internet Key Exchange (IKE). - */ -#define MBEDTLS_DHM_RFC3526_MODP_4096_P \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( \ - "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ - "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ - "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ - "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ - "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ - "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ - "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ - "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ - "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ - "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ - "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \ - "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \ - "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ - "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ - "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ - "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" \ - "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" \ - "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" \ - "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" \ - "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" \ - "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" \ - "FFFFFFFFFFFFFFFF" ) - -/** - * The hexadecimal presentation of the chosen generator of the 4096-bit MODP - * Group, as defined in RFC-3526: More Modular Exponential (MODP) - * Diffie-Hellman groups for Internet Key Exchange (IKE). - */ -#define MBEDTLS_DHM_RFC3526_MODP_4096_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" ) - -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - /* * Trustworthy DHM parameters in binary form */ diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 264a638bb..525de5da1 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -138,7 +138,7 @@ int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ); * previously-hashed message. * * \note The deterministic version implemented in - * mbedtls_ecdsa_sign_det() is usually preferred. + * mbedtls_ecdsa_sign_det_ext() is usually preferred. * * \note If the bitlength of the message hash is larger than the * bitlength of the group order, then the hash is truncated @@ -174,67 +174,6 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif -/** - * \brief This function computes the ECDSA signature of a - * previously-hashed message, deterministic version. - * - * For more information, see RFC-6979: Deterministic - * Usage of the Digital Signature Algorithm (DSA) and Elliptic - * Curve Digital Signature Algorithm (ECDSA). - * - * \note If the bitlength of the message hash is larger than the - * bitlength of the group order, then the hash is truncated as - * defined in Standards for Efficient Cryptography Group - * (SECG): SEC1 Elliptic Curve Cryptography, section - * 4.1.3, step 5. - * - * \warning Since the output of the internal RNG is always the same for - * the same key and message, this limits the efficiency of - * blinding and leaks information through side channels. For - * secure behavior use mbedtls_ecdsa_sign_det_ext() instead. - * - * (Optimally the blinding is a random value that is different - * on every execution. In this case the blinding is still - * random from the attackers perspective, but is the same on - * each execution. This means that this blinding does not - * prevent attackers from recovering secrets by combining - * several measurement traces, but may prevent some attacks - * that exploit relationships between secret data.) - * - * \see ecp.h - * - * \param grp The context for the elliptic curve to use. - * This must be initialized and have group parameters - * set, for example through mbedtls_ecp_group_load(). - * \param r The MPI context in which to store the first part - * the signature. This must be initialized. - * \param s The MPI context in which to store the second part - * the signature. This must be initialized. - * \param d The private signing key. This must be initialized - * and setup, for example through mbedtls_ecp_gen_privkey(). - * \param buf The hashed content to be signed. This must be a readable - * buffer of length \p blen Bytes. It may be \c NULL if - * \p blen is zero. - * \param blen The length of \p buf in Bytes. - * \param md_alg The hash algorithm used to hash the original data. - * - * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX - * error code on failure. - */ -int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED; -#undef MBEDTLS_DEPRECATED -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - /** * \brief This function computes the ECDSA signature of a * previously-hashed message, deterministic version. @@ -421,64 +360,6 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, void *p_rng, mbedtls_ecdsa_restart_ctx *rs_ctx ); -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif -/** - * \brief This function computes an ECDSA signature and writes - * it to a buffer, serialized as defined in RFC-4492: - * Elliptic Curve Cryptography (ECC) Cipher Suites for - * Transport Layer Security (TLS). - * - * The deterministic version is defined in RFC-6979: - * Deterministic Usage of the Digital Signature Algorithm (DSA) - * and Elliptic Curve Digital Signature Algorithm (ECDSA). - * - * \warning It is not thread-safe to use the same context in - * multiple threads. - * - * \note If the bitlength of the message hash is larger than the - * bitlength of the group order, then the hash is truncated as - * defined in Standards for Efficient Cryptography Group - * (SECG): SEC1 Elliptic Curve Cryptography, section - * 4.1.3, step 5. - * - * \see ecp.h - * - * \deprecated Superseded by mbedtls_ecdsa_write_signature() in - * Mbed TLS version 2.0 and later. - * - * \param ctx The ECDSA context to use. This must be initialized - * and have a group and private key bound to it, for example - * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). - * \param hash The message hash to be signed. This must be a readable - * buffer of length \p blen Bytes. - * \param hlen The length of the hash \p hash in Bytes. - * \param sig The buffer to which to write the signature. This must be a - * writable buffer of length at least twice as large as the - * size of the curve used, plus 9. For example, 73 Bytes if - * a 256-bit curve is used. A buffer length of - * #MBEDTLS_ECDSA_MAX_LEN is always safe. - * \param slen The address at which to store the actual length of - * the signature written. Must not be \c NULL. - * \param md_alg The message digest that was used to hash the message. - * - * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or - * \c MBEDTLS_ERR_ASN1_XXX error code on failure. - */ -int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED; -#undef MBEDTLS_DEPRECATED -#endif /* MBEDTLS_DEPRECATED_REMOVED */ -#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - /** * \brief This function reads and verifies an ECDSA signature. * diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 91165415f..f8536e74e 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -345,30 +345,6 @@ int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len */ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif -/** - * \brief This function updates the state of the HMAC_DRBG context. - * - * \deprecated Superseded by mbedtls_hmac_drbg_update_ret() - * in 2.16.0. - * - * \param ctx The HMAC_DRBG context. - * \param additional The data to update the state with. - * If this is \c NULL, there is no additional data. - * \param add_len Length of \p additional in bytes. - * Unused if \p additional is \c NULL. - */ -MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update( - mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t add_len ); -#undef MBEDTLS_DEPRECATED -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - #if defined(MBEDTLS_FS_IO) /** * \brief This function writes a seed file. diff --git a/include/mbedtls/net.h b/include/mbedtls/net.h deleted file mode 100644 index 66921887d..000000000 --- a/include/mbedtls/net.h +++ /dev/null @@ -1,35 +0,0 @@ -/** - * \file net.h - * - * \brief Deprecated header file that includes net_sockets.h - * - * \deprecated Superseded by mbedtls/net_sockets.h - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#include "mbedtls/net_sockets.h" -#if defined(MBEDTLS_DEPRECATED_WARNING) -#warning "Deprecated header file: Superseded by mbedtls/net_sockets.h" -#endif /* MBEDTLS_DEPRECATED_WARNING */ -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 7815ad9d0..0413196fa 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2914,34 +2914,6 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) - -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif - -/** - * \brief Set the Diffie-Hellman public P and G values, - * read as hexadecimal strings (server-side only) - * (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG]) - * - * \param conf SSL configuration - * \param dhm_P Diffie-Hellman-Merkle modulus - * \param dhm_G Diffie-Hellman-Merkle generator - * - * \deprecated Superseded by \c mbedtls_ssl_conf_dh_param_bin. - * - * \return 0 if successful - */ -MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, - const char *dhm_P, - const char *dhm_G ); - -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - /** * \brief Set the Diffie-Hellman public P and G values * from big-endian binary presentations. @@ -3741,32 +3713,6 @@ size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ); * \return Current maximum fragment length for the output buffer. */ size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl ); - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) - -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -#else -#define MBEDTLS_DEPRECATED -#endif - -/** - * \brief This function is a deprecated approach to getting the max - * fragment length. Its an alias for - * \c mbedtls_ssl_get_output_max_frag_len(), as the behaviour - * is the same. See \c mbedtls_ssl_get_output_max_frag_len() for - * more detail. - * - * \sa mbedtls_ssl_get_input_max_frag_len() - * \sa mbedtls_ssl_get_output_max_frag_len() - * - * \param ssl SSL context - * - * \return Current maximum fragment length for the output buffer. - */ -MBEDTLS_DEPRECATED size_t mbedtls_ssl_get_max_frag_len( - const mbedtls_ssl_context *ssl ); -#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ /** diff --git a/library/aes.c b/library/aes.c index 3f616427a..165b9e731 100644 --- a/library/aes.c +++ b/library/aes.c @@ -921,15 +921,6 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, } #endif /* !MBEDTLS_AES_ENCRYPT_ALT */ -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) -{ - mbedtls_internal_aes_encrypt( ctx, input, output ); -} -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - /* * AES-ECB block decryption */ @@ -994,15 +985,6 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, } #endif /* !MBEDTLS_AES_DECRYPT_ALT */ -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) -{ - mbedtls_internal_aes_decrypt( ctx, input, output ); -} -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - /* * AES-ECB block encryption/decryption */ diff --git a/library/bignum.c b/library/bignum.c index 9cc5d66e3..aa9f0b1ee 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2691,26 +2691,6 @@ int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds, return( mpi_miller_rabin( &XX, rounds, f_rng, p_rng ) ); } -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -/* - * Pseudo-primality test, error probability 2^-80 - */ -int mbedtls_mpi_is_prime( const mbedtls_mpi *X, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) -{ - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( f_rng != NULL ); - - /* - * In the past our key generation aimed for an error rate of at most - * 2^-80. Since this function is deprecated, aim for the same certainty - * here as well. - */ - return( mbedtls_mpi_is_prime_ext( X, 40, f_rng, p_rng ) ); -} -#endif - /* * Prime number generation * diff --git a/library/cipher.c b/library/cipher.c index 457f8f660..eab48b85f 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1288,8 +1288,8 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_CIPHER_MODE_AEAD) /* - * Packet-oriented encryption for AEAD modes: internal function shared by - * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext(). + * Packet-oriented encryption for AEAD modes: internal function used by + * mbedtls_cipher_auth_encrypt_ext(). */ static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, @@ -1368,8 +1368,8 @@ static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx, } /* - * Packet-oriented encryption for AEAD modes: internal function shared by - * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext(). + * Packet-oriented encryption for AEAD modes: internal function used by + * mbedtls_cipher_auth_encrypt_ext(). */ static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, @@ -1468,54 +1468,6 @@ static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx, return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); } - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -/* - * Packet-oriented encryption for AEAD modes: public legacy function. - */ -int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - unsigned char *tag, size_t tag_len ) -{ - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); - CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - return( mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len, - input, ilen, output, olen, - tag, tag_len ) ); -} - -/* - * Packet-oriented decryption for AEAD modes: public legacy function. - */ -int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - const unsigned char *tag, size_t tag_len ) -{ - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); - CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len, - input, ilen, output, olen, - tag, tag_len ) ); -} -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_CIPHER_MODE_AEAD */ #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 3815dc7ca..f7998dbc7 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -309,7 +309,7 @@ exit: } /* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) - * mbedtls_ctr_drbg_update(ctx, additional, add_len) + * mbedtls_ctr_drbg_update_ret(ctx, additional, add_len) * implements * CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string, * security_strength) -> initial_working_state @@ -340,19 +340,6 @@ exit: return( ret ); } -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ) -{ - /* MAX_INPUT would be more logical here, but we have to match - * block_cipher_df()'s limits since we can't propagate errors */ - if( add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) - add_len = MBEDTLS_CTR_DRBG_MAX_SEED_INPUT; - (void) mbedtls_ctr_drbg_update_ret( ctx, additional, add_len ); -} -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - /* CTR_DRBG_Reseed with derivation function (SP 800-90A §10.2.1.4.2) * mbedtls_ctr_drbg_reseed(ctx, additional, len, nonce_len) * implements diff --git a/library/ecdsa.c b/library/ecdsa.c index 22fb5e38d..dfdd0b46b 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -416,6 +416,9 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, #if defined(MBEDTLS_ECDSA_DETERMINISTIC) /* * Deterministic signature wrapper + * + * \note The f_rng_blind parameter must not be \c NULL. + * */ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, @@ -469,69 +472,9 @@ sign: ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen, mbedtls_hmac_drbg_random, p_rng ); #else - if( f_rng_blind != NULL ) - ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng, - f_rng_blind, p_rng_blind, rs_ctx ); - else - { - mbedtls_hmac_drbg_context *p_rng_blind_det; - -#if !defined(MBEDTLS_ECP_RESTARTABLE) - /* - * To avoid reusing rng_ctx and risking incorrect behavior we seed a - * second HMAC-DRBG with the same seed. We also apply a label to avoid - * reusing the bits of the ephemeral key for blinding and eliminate the - * risk that they leak this way. - */ - const char* blind_label = "BLINDING CONTEXT"; - mbedtls_hmac_drbg_context rng_ctx_blind; - - mbedtls_hmac_drbg_init( &rng_ctx_blind ); - p_rng_blind_det = &rng_ctx_blind; - mbedtls_hmac_drbg_seed_buf( p_rng_blind_det, md_info, - data, 2 * grp_len ); - ret = mbedtls_hmac_drbg_update_ret( p_rng_blind_det, - (const unsigned char*) blind_label, - strlen( blind_label ) ); - if( ret != 0 ) - { - mbedtls_hmac_drbg_free( &rng_ctx_blind ); - goto cleanup; - } -#else - /* - * In the case of restartable computations we would either need to store - * the second RNG in the restart context too or set it up at every - * restart. The first option would penalize the correct application of - * the function and the second would defeat the purpose of the - * restartable feature. - * - * Therefore in this case we reuse the original RNG. This comes with the - * price that the resulting signature might not be a valid deterministic - * ECDSA signature with a very low probability (same magnitude as - * successfully guessing the private key). However even then it is still - * a valid ECDSA signature. - */ - p_rng_blind_det = p_rng; -#endif /* MBEDTLS_ECP_RESTARTABLE */ - - /* - * Since the output of the RNGs is always the same for the same key and - * message, this limits the efficiency of blinding and leaks information - * through side channels. After mbedtls_ecdsa_sign_det() is removed NULL - * won't be a valid value for f_rng_blind anymore. Therefore it should - * be checked by the caller and this branch and check can be removed. - */ - ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng, - mbedtls_hmac_drbg_random, p_rng_blind_det, - rs_ctx ); - -#if !defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_hmac_drbg_free( &rng_ctx_blind ); -#endif - } + ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng, + f_rng_blind, p_rng_blind, rs_ctx ); #endif /* MBEDTLS_ECDSA_SIGN_ALT */ cleanup: @@ -544,26 +487,8 @@ cleanup: } /* - * Deterministic signature wrappers + * Deterministic signature wrapper */ - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg ) -{ - ECDSA_VALIDATE_RET( grp != NULL ); - ECDSA_VALIDATE_RET( r != NULL ); - ECDSA_VALIDATE_RET( s != NULL ); - ECDSA_VALIDATE_RET( d != NULL ); - ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); - - return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg, - NULL, NULL, NULL ) ); -} -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, @@ -750,10 +675,11 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi r, s; - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); - ECDSA_VALIDATE_RET( slen != NULL ); + ECDSA_VALIDATE_RET( ctx != NULL ); + ECDSA_VALIDATE_RET( hash != NULL ); + ECDSA_VALIDATE_RET( sig != NULL ); + ECDSA_VALIDATE_RET( slen != NULL ); + ECDSA_VALIDATE_RET( f_rng != NULL ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); @@ -803,22 +729,6 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, ctx, md_alg, hash, hlen, sig, slen, f_rng, p_rng, NULL ) ); } -#if !defined(MBEDTLS_DEPRECATED_REMOVED) && \ - defined(MBEDTLS_ECDSA_DETERMINISTIC) -int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - mbedtls_md_type_t md_alg ) -{ - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); - ECDSA_VALIDATE_RET( slen != NULL ); - return( mbedtls_ecdsa_write_signature( ctx, md_alg, hash, hlen, sig, slen, - NULL, NULL ) ); -} -#endif - /* * Read and check signature */ diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index 25a022583..bd14b3cce 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -108,15 +108,6 @@ exit: return( ret ); } -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ) -{ - (void) mbedtls_hmac_drbg_update_ret( ctx, additional, add_len ); -} -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - /* * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA) */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b7c459166..111fd59cc 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3809,7 +3809,7 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa, #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) /* `ecp` cannot be const because `ecp->grp` needs to be non-const - * for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det() + * for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det_ext() * (even though these functions don't modify it). */ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp, psa_algorithm_t alg, diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 72f09bb42..4a694f1f4 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -858,7 +858,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, &rec->data_len, transform->taglen ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt_ext", ret ); return( ret ); } MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag", @@ -1414,7 +1414,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * explicit_iv_len Bytes preceeding data, and taglen * bytes following data + data_len. This justifies * the debug message and the invocation of - * mbedtls_cipher_auth_decrypt() below. */ + * mbedtls_cipher_auth_decrypt_ext() below. */ MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", iv, transform->ivlen ); MBEDTLS_SSL_DEBUG_BUF( 4, "TAG used", data + rec->data_len, @@ -1430,7 +1430,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, data, rec->buf_len - (data - rec->buf), &olen, /* dst */ transform->taglen ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt_ext", ret ); if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) return( MBEDTLS_ERR_SSL_INVALID_MAC ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 336cbea37..ecdbe8e81 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4532,24 +4532,6 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - - if( ( ret = mbedtls_mpi_read_string( &conf->dhm_P, 16, dhm_P ) ) != 0 || - ( ret = mbedtls_mpi_read_string( &conf->dhm_G, 16, dhm_G ) ) != 0 ) - { - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); - return( ret ); - } - - return( 0 ); -} -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf, const unsigned char *dhm_P, size_t P_len, const unsigned char *dhm_G, size_t G_len ) @@ -5084,13 +5066,6 @@ size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ) return( max_len ); } - -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl ) -{ - return mbedtls_ssl_get_output_max_frag_len( ssl ); -} -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_PROTO_DTLS) diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp index db756a156..9e32a0ee9 100644 --- a/programs/test/cpp_dummy_build.cpp +++ b/programs/test/cpp_dummy_build.cpp @@ -64,7 +64,6 @@ #include "mbedtls/md4.h" #include "mbedtls/md5.h" #include "mbedtls/md_internal.h" -#include "mbedtls/net.h" #include "mbedtls/net_sockets.h" #include "mbedtls/nist_kw.h" #include "mbedtls/oid.h" diff --git a/scripts/data_files/rename-1.3-2.0.txt b/scripts/data_files/rename-1.3-2.0.txt index 8fab36397..c5f673870 100644 --- a/scripts/data_files/rename-1.3-2.0.txt +++ b/scripts/data_files/rename-1.3-2.0.txt @@ -397,14 +397,8 @@ POLARSSL_DHM_C MBEDTLS_DHM_C POLARSSL_DHM_H MBEDTLS_DHM_H POLARSSL_DHM_RFC2409_MODP_1024_G MBEDTLS_DHM_RFC2409_MODP_1024_G POLARSSL_DHM_RFC2409_MODP_1024_P MBEDTLS_DHM_RFC2409_MODP_1024_P -POLARSSL_DHM_RFC3526_MODP_2048_G MBEDTLS_DHM_RFC3526_MODP_2048_G -POLARSSL_DHM_RFC3526_MODP_2048_P MBEDTLS_DHM_RFC3526_MODP_2048_P -POLARSSL_DHM_RFC3526_MODP_3072_G MBEDTLS_DHM_RFC3526_MODP_3072_G -POLARSSL_DHM_RFC3526_MODP_3072_P MBEDTLS_DHM_RFC3526_MODP_3072_P POLARSSL_DHM_RFC5114_MODP_1024_G MBEDTLS_DHM_RFC5114_MODP_1024_G POLARSSL_DHM_RFC5114_MODP_1024_P MBEDTLS_DHM_RFC5114_MODP_1024_P -POLARSSL_DHM_RFC5114_MODP_2048_G MBEDTLS_DHM_RFC5114_MODP_2048_G -POLARSSL_DHM_RFC5114_MODP_2048_P MBEDTLS_DHM_RFC5114_MODP_2048_P POLARSSL_ECDH_C MBEDTLS_ECDH_C POLARSSL_ECDH_H MBEDTLS_ECDH_H POLARSSL_ECDH_OURS MBEDTLS_ECDH_OURS @@ -1366,8 +1360,6 @@ ccm_encrypt_and_tag mbedtls_ccm_encrypt_and_tag ccm_free mbedtls_ccm_free ccm_init mbedtls_ccm_init ccm_self_test mbedtls_ccm_self_test -cipher_auth_decrypt mbedtls_cipher_auth_decrypt -cipher_auth_encrypt mbedtls_cipher_auth_encrypt cipher_base_t mbedtls_cipher_base_t cipher_check_tag mbedtls_cipher_check_tag cipher_context_t mbedtls_cipher_context_t @@ -1414,7 +1406,6 @@ ctr_drbg_self_test mbedtls_ctr_drbg_self_test ctr_drbg_set_entropy_len mbedtls_ctr_drbg_set_entropy_len ctr_drbg_set_prediction_resistance mbedtls_ctr_drbg_set_prediction_resistance ctr_drbg_set_reseed_interval mbedtls_ctr_drbg_set_reseed_interval -ctr_drbg_update mbedtls_ctr_drbg_update ctr_drbg_update_seed_file mbedtls_ctr_drbg_update_seed_file ctr_drbg_write_seed_file mbedtls_ctr_drbg_write_seed_file debug_fmt mbedtls_debug_fmt @@ -1479,10 +1470,8 @@ ecdsa_init mbedtls_ecdsa_init ecdsa_read_signature mbedtls_ecdsa_read_signature ecdsa_self_test mbedtls_ecdsa_self_test ecdsa_sign mbedtls_ecdsa_sign -ecdsa_sign_det mbedtls_ecdsa_sign_det ecdsa_verify mbedtls_ecdsa_verify ecdsa_write_signature mbedtls_ecdsa_write_signature -ecdsa_write_signature_det mbedtls_ecdsa_write_signature_det eckey_info mbedtls_eckey_info eckeydh_info mbedtls_eckeydh_info ecp_add mbedtls_ecp_add @@ -1558,7 +1547,6 @@ hmac_drbg_self_test mbedtls_hmac_drbg_self_test hmac_drbg_set_entropy_len mbedtls_hmac_drbg_set_entropy_len hmac_drbg_set_prediction_resistance mbedtls_hmac_drbg_set_prediction_resistance hmac_drbg_set_reseed_interval mbedtls_hmac_drbg_set_reseed_interval -hmac_drbg_update mbedtls_hmac_drbg_update hmac_drbg_update_seed_file mbedtls_hmac_drbg_update_seed_file hmac_drbg_write_seed_file mbedtls_hmac_drbg_write_seed_file hr_time mbedtls_timing_hr_time @@ -1994,7 +1982,6 @@ ssl_set_ciphersuites_for_version mbedtls_ssl_conf_ciphersuites_for_version ssl_set_client_transport_id mbedtls_ssl_set_client_transport_id ssl_set_curves mbedtls_ssl_conf_curves ssl_set_dbg mbedtls_ssl_conf_dbg -ssl_set_dh_param mbedtls_ssl_conf_dh_param ssl_set_dh_param_ctx mbedtls_ssl_conf_dh_param_ctx ssl_set_dtls_anti_replay mbedtls_ssl_conf_dtls_anti_replay ssl_set_dtls_badmac_limit mbedtls_ssl_conf_dtls_badmac_limit diff --git a/tests/src/drivers/signature.c b/tests/src/drivers/signature.c index cea035190..0185acc91 100644 --- a/tests/src/drivers/signature.c +++ b/tests/src/drivers/signature.c @@ -117,7 +117,7 @@ psa_status_t test_transparent_signature_sign_hash( goto cleanup; } MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ecp.grp, &r, &s, &ecp.d, - hash, hash_length, md_alg ) ); + hash, hash_length, md_alg, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r, signature, curve_bytes ) ); diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 76e474f21..463f58dc7 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -422,124 +422,6 @@ void cipher_invalid_param_conditional( ) valid_buffer, valid_size, valid_buffer, NULL ) ); -#if defined(MBEDTLS_CIPHER_MODE_AEAD) - /* mbedtls_cipher_auth_encrypt() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, NULL, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - NULL, valid_size ) ); - - /* mbedtls_cipher_auth_decrypt() */ - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, &size_t_var, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, NULL, - valid_buffer, valid_size ) ); - TEST_INVALID_PARAM_RET( - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - NULL, valid_size ) ); -#endif /* defined(MBEDTLS_CIPHER_MODE_AEAD) */ - #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) /* mbedtls_cipher_auth_encrypt_ext */ TEST_INVALID_PARAM_RET( @@ -1146,13 +1028,6 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, unsigned char *encrypt_buf = NULL; size_t encrypt_buf_len = 0; -#if !defined(MBEDTLS_DEPRECATED_WARNING) && \ - !defined(MBEDTLS_DEPRECATED_REMOVED) - unsigned char *tmp_tag = NULL; - unsigned char *tmp_cipher = NULL; - unsigned char *tag_buf = NULL; -#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */ - /* Null pointers are documented as valid for inputs of length 0. * The test framework passes non-null pointers, so set them to NULL. * key, cipher and tag can't be empty. */ @@ -1184,12 +1059,6 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, cipher_id == MBEDTLS_CIPHER_AES_256_KW || using_nist_kw_padding; - /**************************************************************** - * * - * Part 1: non-deprecated API * - * * - ****************************************************************/ - /* * Prepare context for decryption */ @@ -1253,7 +1122,6 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len ); } - /* Free this, but keep cipher_plus_tag for deprecated function with PSA */ mbedtls_free( decrypt_buf ); decrypt_buf = NULL; @@ -1315,135 +1183,12 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, encrypt_buf = NULL; } - /**************************************************************** - * * - * Part 2: deprecated API * - * * - ****************************************************************/ - -#if !defined(MBEDTLS_DEPRECATED_WARNING) && \ - !defined(MBEDTLS_DEPRECATED_REMOVED) - - /* - * Prepare context for decryption - */ - if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, - MBEDTLS_DECRYPT ) ) - goto exit; - - /* - * Prepare pointers for decryption - */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( use_psa == 1 ) - { - /* PSA requires that the tag immediately follows the ciphertext. - * Fortunately, we already have that from testing the new API. */ - tmp_cipher = cipher_plus_tag; - tmp_tag = tmp_cipher + cipher->len; - } - else -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - { - tmp_cipher = cipher->x; - tmp_tag = tag->x; - } - - /* - * Authenticate and decrypt, and check result - */ - - ASSERT_ALLOC( decrypt_buf, cipher->len ); - outlen = 0; - ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len, - tmp_cipher, cipher->len, decrypt_buf, &outlen, - tmp_tag, tag->len ); - - if( using_nist_kw ) - { - /* NIST_KW with legacy API */ - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - } - else if( strcmp( result, "FAIL" ) == 0 ) - { - /* unauthentic message */ - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ); - TEST_ASSERT( buffer_is_all_zero( decrypt_buf, cipher->len ) ); - } - else - { - /* authentic message: is the plaintext correct? */ - TEST_ASSERT( ret == 0 ); - ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len ); - } - - mbedtls_free( decrypt_buf ); - decrypt_buf = NULL; - mbedtls_free( cipher_plus_tag ); - cipher_plus_tag = NULL; - - /* - * Encrypt back if test data was authentic - */ - if( strcmp( result, "FAIL" ) != 0 ) - { - /* prepare context for encryption */ - if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, - MBEDTLS_ENCRYPT ) ) - goto exit; - - /* prepare buffers for encryption */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( use_psa ) - { - ASSERT_ALLOC( cipher_plus_tag, cipher->len + tag->len ); - tmp_cipher = cipher_plus_tag; - tmp_tag = cipher_plus_tag + cipher->len; - } - else -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - { - ASSERT_ALLOC( encrypt_buf, cipher->len ); - ASSERT_ALLOC( tag_buf, tag->len ); - tmp_cipher = encrypt_buf; - tmp_tag = tag_buf; - } - - /* - * Encrypt and check the result - */ - outlen = 0; - ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len, - clear->x, clear->len, tmp_cipher, &outlen, - tmp_tag, tag->len ); - - if( using_nist_kw ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - } - else - { - TEST_ASSERT( ret == 0 ); - - TEST_ASSERT( outlen == cipher->len ); - if( cipher->len != 0 ) - TEST_ASSERT( memcmp( tmp_cipher, cipher->x, cipher->len ) == 0 ); - TEST_ASSERT( memcmp( tmp_tag, tag->x, tag->len ) == 0 ); - } - } - -#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */ - exit: mbedtls_cipher_free( &ctx ); mbedtls_free( decrypt_buf ); mbedtls_free( encrypt_buf ); mbedtls_free( cipher_plus_tag ); -#if !defined(MBEDTLS_DEPRECATED_WARNING) && \ - !defined(MBEDTLS_DEPRECATED_REMOVED) - mbedtls_free( tag_buf ); -#endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) if( use_psa == 1 ) diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 280c528f7..84a14641c 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -184,7 +184,6 @@ - From 7e9422db95d6cb78a350a75256ad88b3a7e27705 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 30 Apr 2021 10:32:58 +0200 Subject: [PATCH 124/160] Removing tabs and fixing doxygen formatting Signed-off-by: TRodziewicz --- library/ecdsa.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ecdsa.c b/library/ecdsa.c index 93430b878..630d5bdf3 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -421,7 +421,7 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, /* * Deterministic signature wrapper * - * \note The f_rng_blind parameter must not be \c NULL. + * note: The f_rng_blind parameter must not be NULL. * */ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, @@ -478,9 +478,9 @@ sign: ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen, mbedtls_hmac_drbg_random, p_rng ); #else - ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng, - f_rng_blind, p_rng_blind, rs_ctx ); + ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng, + f_rng_blind, p_rng_blind, rs_ctx ); #endif /* MBEDTLS_ECDSA_SIGN_ALT */ cleanup: From 8223ccee6b9e2f145b88f8129cd19aacabc144a3 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 30 Apr 2021 13:32:15 +0200 Subject: [PATCH 125/160] Correction of failing ecdsa & pk tests Signed-off-by: TRodziewicz --- tests/suites/test_suite_ecdsa.function | 6 ++++-- tests/suites/test_suite_pk.function | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 8157234f8..41beb52d4 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -599,7 +599,8 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, cnt_restart = 0; do { ret = mbedtls_ecdsa_write_signature_restartable( &ctx, - md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx ); + md_alg, hash, hlen, sig, &slen, mbedtls_test_rnd_std_rand, NULL, + &rs_ctx ); } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); TEST_ASSERT( ret == 0 ); @@ -614,7 +615,8 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, if( min_restart > 0 ) { ret = mbedtls_ecdsa_write_signature_restartable( &ctx, - md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx ); + md_alg, hash, hlen, sig, &slen, mbedtls_test_rnd_std_rand, NULL, + &rs_ctx ); TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); } diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index bc469b68d..612796b82 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -821,7 +821,8 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, cnt_restart = 0; do { ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen, - sig, &slen, NULL, NULL, &rs_ctx ); + sig, &slen, mbedtls_test_rnd_std_rand, + NULL, &rs_ctx ); } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); TEST_ASSERT( ret == 0 ); @@ -868,7 +869,8 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, slen = sizeof( sig ); ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen, - sig, &slen, NULL, NULL, &rs_ctx ); + sig, &slen, mbedtls_test_rnd_std_rand, + NULL, &rs_ctx ); TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); } From 0bc3938551c187e5a27f4b165d1c8ceb4fe8cce0 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 30 Apr 2021 14:18:06 +0200 Subject: [PATCH 126/160] Removing trailing spaces Signed-off-by: TRodziewicz --- tests/suites/test_suite_ecdsa.function | 4 ++-- tests/suites/test_suite_pk.function | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 41beb52d4..58cedc13c 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -599,7 +599,7 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, cnt_restart = 0; do { ret = mbedtls_ecdsa_write_signature_restartable( &ctx, - md_alg, hash, hlen, sig, &slen, mbedtls_test_rnd_std_rand, NULL, + md_alg, hash, hlen, sig, &slen, mbedtls_test_rnd_std_rand, NULL, &rs_ctx ); } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); @@ -615,7 +615,7 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, if( min_restart > 0 ) { ret = mbedtls_ecdsa_write_signature_restartable( &ctx, - md_alg, hash, hlen, sig, &slen, mbedtls_test_rnd_std_rand, NULL, + md_alg, hash, hlen, sig, &slen, mbedtls_test_rnd_std_rand, NULL, &rs_ctx ); TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); } diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 612796b82..9454fe7c7 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -821,7 +821,7 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, cnt_restart = 0; do { ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen, - sig, &slen, mbedtls_test_rnd_std_rand, + sig, &slen, mbedtls_test_rnd_std_rand, NULL, &rs_ctx ); } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); @@ -869,7 +869,7 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, slen = sizeof( sig ); ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen, - sig, &slen, mbedtls_test_rnd_std_rand, + sig, &slen, mbedtls_test_rnd_std_rand, NULL, &rs_ctx ); TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); } From b03f88f06ce03875464a244388e7d8ad980b8be3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 24 Nov 2020 06:41:37 +0000 Subject: [PATCH 127/160] Introduce helper for handling of post-handshake handshake messages Handling the receipt of a handshake record after the initial handshake requires non-trivial logic depending on the protocol version and the endpoint. This logic is currently embedded in mbedtls_ssl_read(). With the introduction of support for [D]TLS 1.3, the logic will become even more complex, since [D]TLS 1.3 drops support for renegotiation -- which in [D]TLS 1.2 is the main purpose of post-handshake handshake messages -- but instead introduces numerous other post-handshake handshake messages. In order to pave the way for those changes, this commit improves readability and maintainability of mbedtls_ssl_read() by moving the TLS <=1.2 logic for handling post-handshake handshake messages into a separate helper function ssl_handle_hs_message_post_handshake(). The logic of the code is entirely unchanged. Signed-off-by: Hanno Becker --- library/ssl_msg.c | 235 +++++++++++++++++++++++----------------------- 1 file changed, 120 insertions(+), 115 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 51a0ac205..247dd1a96 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5112,6 +5112,120 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_RENEGOTIATION */ +/* This function is called from mbedtls_ssl_read() when a handshake message is + * received after the initial handshake. In this context, handshake messages + * may only be sent for the purpose of initiating renegotiations. + * + * This function is introduced as a separate helper since the handling + * of post-handshake handshake messages changes significantly in TLS 1.3, + * and having a helper function allows to distinguish between TLS <= 1.2 and + * TLS 1.3 in the future without bloating the logic of mbedtls_ssl_read(). + */ +int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl ) +{ + int ret; + + /* + * - For client-side, expect SERVER_HELLO_REQUEST. + * - For server-side, expect CLIENT_HELLO. + * - Fail (TLS) or silently drop record (DTLS) in other cases. + */ + +#if defined(MBEDTLS_SSL_CLI_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + ( ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) ); + + /* With DTLS, drop the packet (probably from last handshake) */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + return( 0 ); + } +#endif + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } +#endif /* MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not ClientHello)" ) ); + + /* With DTLS, drop the packet (probably from last handshake) */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + return( 0 ); + } +#endif + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } +#endif /* MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + /* Determine whether renegotiation attempt should be accepted */ + if( ! ( ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || + ( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == + MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) ) ) + { + /* + * Accept renegotiation request + */ + + /* DTLS clients need to know renego is server-initiated */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + { + ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; + } +#endif + ret = mbedtls_ssl_start_renegotiation( ssl ); + if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && + ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_start_renegotiation", + ret ); + return( ret ); + } + } + else +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + { + /* + * Refuse renegotiation + */ + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); + +#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) + { + if( ( ret = mbedtls_ssl_send_alert_message( ssl, + MBEDTLS_SSL_ALERT_LEVEL_WARNING, + MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) + { + return( ret ); + } + } + else +#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || + MBEDTLS_SSL_PROTO_TLS1_2 */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + } + + return( 0 ); +} + /* * Receive application data decrypted from the SSL layer */ @@ -5210,124 +5324,15 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received handshake message" ) ); - - /* - * - For client-side, expect SERVER_HELLO_REQUEST. - * - For server-side, expect CLIENT_HELLO. - * - Fail (TLS) or silently drop record (DTLS) in other cases. - */ - -#if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ( ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) ) + ret = ssl_handle_hs_message_post_handshake( ssl ); + if( ret != 0) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) ); - - /* With DTLS, drop the packet (probably from last handshake) */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - continue; - } -#endif - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } -#endif /* MBEDTLS_SSL_CLI_C */ - -#if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not ClientHello)" ) ); - - /* With DTLS, drop the packet (probably from last handshake) */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - continue; - } -#endif - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } -#endif /* MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - /* Determine whether renegotiation attempt should be accepted */ - if( ! ( ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || - ( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == - MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) ) ) - { - /* - * Accept renegotiation request - */ - - /* DTLS clients need to know renego is server-initiated */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - { - ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; - } -#endif - ret = mbedtls_ssl_start_renegotiation( ssl ); - if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && - ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_start_renegotiation", - ret ); - return( ret ); - } - } - else -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - { - /* - * Refuse renegotiation - */ - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) - { - if( ( ret = mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_WARNING, - MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) - { - return( ret ); - } - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || - MBEDTLS_SSL_PROTO_TLS1_2 */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_handle_hs_message_post_handshake", + ret ); + return( ret ); } - /* At this point, we don't know whether the renegotiation has been - * completed or not. The cases to consider are the following: - * 1) The renegotiation is complete. In this case, no new record - * has been read yet. - * 2) The renegotiation is incomplete because the client received - * an application data record while awaiting the ServerHello. - * 3) The renegotiation is incomplete because the client received - * a non-handshake, non-application data message while awaiting - * the ServerHello. - * In each of these case, looping will be the proper action: - * - For 1), the next iteration will read a new record and check - * if it's application data. - * - For 2), the loop condition isn't satisfied as application data - * is present, hence continue is the same as break - * - For 3), the loop condition is satisfied and read_record - * will re-deliver the message that was held back by the client - * when expecting the ServerHello. - */ + /* Post-handshake handshake messages are not passed to the user. */ continue; } #if defined(MBEDTLS_SSL_RENEGOTIATION) From cad3dbaf458b58702a6724204a02782df15877b7 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 24 Nov 2020 06:57:13 +0000 Subject: [PATCH 128/160] Add missing static qualification for post-HS HS message handler Signed-off-by: Hanno Becker --- library/ssl_msg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 247dd1a96..33751c72a 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5121,7 +5121,7 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) * and having a helper function allows to distinguish between TLS <= 1.2 and * TLS 1.3 in the future without bloating the logic of mbedtls_ssl_read(). */ -int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl ) +static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl ) { int ret; From fae12cf1ef9b18e9ec10e711bc2d48c74c09dce1 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 21 Apr 2021 07:20:20 +0100 Subject: [PATCH 129/160] Use error corruption detection as initial return value Signed-off-by: Hanno Becker --- library/ssl_msg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 33751c72a..826c53239 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5123,7 +5123,7 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) */ static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl ) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* * - For client-side, expect SERVER_HELLO_REQUEST. From f26cc72e7b164c50fbcbe0e4dbb6cf056930b1df Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 21 Apr 2021 07:30:13 +0100 Subject: [PATCH 130/160] Reintroduce comment on state of renegotiation after post HS message Signed-off-by: Hanno Becker --- library/ssl_msg.c | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 826c53239..a2d19f64d 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5113,7 +5113,7 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_RENEGOTIATION */ /* This function is called from mbedtls_ssl_read() when a handshake message is - * received after the initial handshake. In this context, handshake messages + * received after the initial handshake. In this context, handshake messages * may only be sent for the purpose of initiating renegotiations. * * This function is introduced as a separate helper since the handling @@ -5332,7 +5332,27 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) return( ret ); } - /* Post-handshake handshake messages are not passed to the user. */ + /* At this point, we don't know whether the renegotiation triggered + * by the post-handshake message has been completed or not. The cases + * to consider are the following: + * 1) The renegotiation is complete. In this case, no new record + * has been read yet. + * 2) The renegotiation is incomplete because the client received + * an application data record while awaiting the ServerHello. + * 3) The renegotiation is incomplete because the client received + * a non-handshake, non-application data message while awaiting + * the ServerHello. + * + * In each of these cases, looping will be the proper action: + * - For 1), the next iteration will read a new record and check + * if it's application data. + * - For 2), the loop condition isn't satisfied as application data + * is present, hence continue is the same as break + * - For 3), the loop condition is satisfied and read_record + * will re-deliver the message that was held back by the client + * when expecting the ServerHello. + */ + continue; } #if defined(MBEDTLS_SSL_RENEGOTIATION) From fa036c802432665c950b80a9e43c973661513018 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 23 Mar 2021 09:33:25 +0100 Subject: [PATCH 131/160] tests: Add hash transparent test driver hooks Signed-off-by: Ronald Cron --- library/psa_crypto_driver_wrappers.c | 12 +- tests/include/test/drivers/hash.h | 79 +++++++++++ tests/include/test/drivers/test_driver.h | 5 +- tests/src/drivers/hash.c | 160 +++++++++++++++++++++++ visualc/VS2010/mbedTLS.vcxproj | 1 + 5 files changed, 249 insertions(+), 8 deletions(-) create mode 100644 tests/include/test/drivers/hash.h create mode 100644 tests/src/drivers/hash.c diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 11160d82d..aeea16d7b 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -1059,7 +1059,7 @@ psa_status_t psa_driver_wrapper_hash_compute( /* Try accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_transparent_test_driver_hash_compute( + status = test_transparent_hash_compute( alg, input, input_length, hash, hash_size, hash_length ); if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -1091,7 +1091,7 @@ psa_status_t psa_driver_wrapper_hash_setup( /* Try setup on accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_transparent_test_driver_hash_setup( + status = test_transparent_hash_setup( &operation->ctx.test_driver_ctx, alg ); if( status == PSA_SUCCESS ) operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; @@ -1131,7 +1131,7 @@ psa_status_t psa_driver_wrapper_hash_clone( #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; - return( mbedtls_transparent_test_driver_hash_clone( + return( test_transparent_hash_clone( &source_operation->ctx.test_driver_ctx, &target_operation->ctx.test_driver_ctx ) ); #endif @@ -1155,7 +1155,7 @@ psa_status_t psa_driver_wrapper_hash_update( #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_transparent_test_driver_hash_update( + return( test_transparent_hash_update( &operation->ctx.test_driver_ctx, input, input_length ) ); #endif @@ -1181,7 +1181,7 @@ psa_status_t psa_driver_wrapper_hash_finish( #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_transparent_test_driver_hash_finish( + return( test_transparent_hash_finish( &operation->ctx.test_driver_ctx, hash, hash_size, hash_length ) ); #endif @@ -1204,7 +1204,7 @@ psa_status_t psa_driver_wrapper_hash_abort( #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_transparent_test_driver_hash_abort( + return( test_transparent_hash_abort( &operation->ctx.test_driver_ctx ) ); #endif default: diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h new file mode 100644 index 000000000..7be368982 --- /dev/null +++ b/tests/include/test/drivers/hash.h @@ -0,0 +1,79 @@ +/* + * Test driver for hash driver entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H +#define PSA_CRYPTO_TEST_DRIVERS_HASH_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include + +typedef struct { + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + /* Count the amount of times hash driver entry points are called. */ + unsigned long hits; + /* Status returned by the last hash driver entry point call. */ + psa_status_t driver_status; +} test_driver_hash_hooks_t; + +#define TEST_DRIVER_HASH_INIT { 0, 0, 0 } +static inline test_driver_hash_hooks_t test_driver_hash_hooks_init( void ) +{ + const test_driver_hash_hooks_t v = TEST_DRIVER_HASH_INIT; + return( v ); +} + +extern test_driver_hash_hooks_t test_driver_hash_hooks; + +psa_status_t test_transparent_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + uint8_t *hash, size_t hash_size, size_t *hash_length ); + +psa_status_t test_transparent_hash_setup( + mbedtls_transparent_test_driver_hash_operation_t *operation, + psa_algorithm_t alg ); + +psa_status_t test_transparent_hash_clone( + const mbedtls_transparent_test_driver_hash_operation_t *source_operation, + mbedtls_transparent_test_driver_hash_operation_t *target_operation ); + +psa_status_t test_transparent_hash_update( + mbedtls_transparent_test_driver_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ); + +psa_status_t test_transparent_hash_finish( + mbedtls_transparent_test_driver_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ); + +psa_status_t test_transparent_hash_abort( + mbedtls_psa_hash_operation_t *operation ); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h index 84d0caa5e..dc2136a6a 100644 --- a/tests/include/test/drivers/test_driver.h +++ b/tests/include/test/drivers/test_driver.h @@ -23,9 +23,10 @@ #define PSA_CRYPTO_TEST_DRIVER_LOCATION 0x7fffff #include "test/drivers/aead.h" -#include "test/drivers/signature.h" -#include "test/drivers/key_management.h" #include "test/drivers/cipher.h" +#include "test/drivers/hash.h" +#include "test/drivers/key_management.h" +#include "test/drivers/signature.h" #include "test/drivers/size.h" #endif /* PSA_CRYPTO_TEST_DRIVER_H */ diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c new file mode 100644 index 000000000..d69a1276c --- /dev/null +++ b/tests/src/drivers/hash.c @@ -0,0 +1,160 @@ +/* + * Test driver for hash entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa_crypto_hash.h" + +#include "test/drivers/hash.h" + +test_driver_hash_hooks_t test_driver_hash_hooks = TEST_DRIVER_HASH_INIT; + +psa_status_t test_transparent_hash_compute( + psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + uint8_t *hash, size_t hash_size, size_t *hash_length ) +{ + test_driver_hash_hooks.hits++; + + if( test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + { + test_driver_hash_hooks.driver_status = + test_driver_hash_hooks.forced_status; + } + else + { + test_driver_hash_hooks.driver_status = + mbedtls_transparent_test_driver_hash_compute( + alg, input, input_length, + hash, hash_size, hash_length ); + } + + return( test_driver_hash_hooks.driver_status ); +} + +psa_status_t test_transparent_hash_setup( + mbedtls_transparent_test_driver_hash_operation_t *operation, + psa_algorithm_t alg ) +{ + test_driver_hash_hooks.hits++; + + if( test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + { + test_driver_hash_hooks.driver_status = + test_driver_hash_hooks.forced_status; + } + else + { + test_driver_hash_hooks.driver_status = + mbedtls_transparent_test_driver_hash_setup( operation, alg ); + } + + return( test_driver_hash_hooks.driver_status ); +} + +psa_status_t test_transparent_hash_clone( + const mbedtls_transparent_test_driver_hash_operation_t *source_operation, + mbedtls_transparent_test_driver_hash_operation_t *target_operation ) +{ + test_driver_hash_hooks.hits++; + + if( test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + { + test_driver_hash_hooks.driver_status = + test_driver_hash_hooks.forced_status; + } + else + { + test_driver_hash_hooks.driver_status = + mbedtls_transparent_test_driver_hash_clone( source_operation, + target_operation ); + } + + return( test_driver_hash_hooks.driver_status ); +} + +psa_status_t test_transparent_hash_update( + mbedtls_transparent_test_driver_hash_operation_t *operation, + const uint8_t *input, + size_t input_length ) +{ + test_driver_hash_hooks.hits++; + + if( test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + { + test_driver_hash_hooks.driver_status = + test_driver_hash_hooks.forced_status; + } + else + { + test_driver_hash_hooks.driver_status = + mbedtls_transparent_test_driver_hash_update( + operation, input, input_length ); + } + + return( test_driver_hash_hooks.driver_status ); +} + +psa_status_t test_transparent_hash_finish( + mbedtls_transparent_test_driver_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length ) +{ + test_driver_hash_hooks.hits++; + + if( test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + { + test_driver_hash_hooks.driver_status = + test_driver_hash_hooks.forced_status; + } + else + { + test_driver_hash_hooks.driver_status = + mbedtls_transparent_test_driver_hash_finish( + operation, hash, hash_size, hash_length ); + } + + return( test_driver_hash_hooks.driver_status ); +} + +psa_status_t test_transparent_hash_abort( + mbedtls_transparent_test_driver_hash_operation_t *operation ) +{ + test_driver_hash_hooks.hits++; + + if( test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + { + test_driver_hash_hooks.driver_status = + test_driver_hash_hooks.forced_status; + } + else + { + test_driver_hash_hooks.driver_status = + mbedtls_transparent_test_driver_hash_abort( operation ); + } + + return( test_driver_hash_hooks.driver_status ); +} +#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index eda1caef8..dd36da7ec 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -232,6 +232,7 @@ + From 140043a6b9b6e64318acdcf218d17e606ec6ef2d Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 6 Apr 2021 18:20:29 +0200 Subject: [PATCH 132/160] tests: driver wrapper: Add hash dispatch testing Signed-off-by: Ronald Cron --- ...test_suite_psa_crypto_driver_wrappers.data | 40 ++++ ..._suite_psa_crypto_driver_wrappers.function | 198 ++++++++++++++++++ 2 files changed, 238 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 251388378..64e6023cb 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -267,3 +267,43 @@ builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PA PSA opaque driver builtin pubkey export: not a public key builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_ERROR_INVALID_ARGUMENT + +Hash compute: SHA-256, computed by the driver +depends_on:PSA_WANT_ALG_SHA_256 +hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS + +Hash compute: SHA-256, fallback +depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256 +hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS + +Hash compute: SHA-256, no fallback +depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256 +hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED + +Hash compute: SHA-256, INSUFFICIENT_MEMORY +depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256 +hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY::PSA_ERROR_INSUFFICIENT_MEMORY + +Hash multi-part: SHA-256, computed by the driver +depends_on:PSA_WANT_ALG_SHA_256 +hash_multipart:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS + +Hash multi-part: SHA-256, fallback +depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256 +hash_multipart:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS + +Hash multi-part: SHA-256, no fallback +depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256 +hash_multipart:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED + +Hash multi-part: SHA-256, INSUFFICIENT_MEMORY +depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256 +hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY::PSA_ERROR_INSUFFICIENT_MEMORY + +Hash clone: SHA-256, clone successful +depends_on:PSA_WANT_ALG_SHA_256 +hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS + +Hash clone: SHA-256, clone failure +depends_on:PSA_WANT_ALG_SHA_256 +hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index f16d1d52e..5bd5ba8d3 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1046,3 +1046,201 @@ exit: PSA_DONE( ); } /* END_CASE */ + +/* BEGIN_CASE */ +void hash_compute( int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg, + int expected_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_status_t forced_status = forced_status_arg; + psa_status_t expected_status = expected_status_arg; + unsigned char *output = NULL; + size_t output_length; + + test_driver_hash_hooks = test_driver_hash_hooks_init(); + test_driver_hash_hooks.forced_status = forced_status; + + PSA_ASSERT( psa_crypto_init( ) ); + ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + + TEST_EQUAL( psa_hash_compute( alg, input->x, input->len, + output, PSA_HASH_LENGTH( alg ), + &output_length ), expected_status ); + TEST_EQUAL( test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + + if( expected_status == PSA_SUCCESS ) + { + ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + } + +exit: + mbedtls_free( output ); + PSA_DONE( ); + test_driver_hash_hooks = test_driver_hash_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_multipart( int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg, + int expected_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_status_t forced_status = forced_status_arg; + psa_status_t expected_status = expected_status_arg; + unsigned char *output = NULL; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + size_t output_length; + + test_driver_hash_hooks = test_driver_hash_hooks_init(); + ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* + * Case 1: Force the driver return status for setup. + */ + test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL( psa_hash_setup( &operation, alg ), expected_status ); + TEST_EQUAL( test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + + if( expected_status == PSA_SUCCESS ) + { + PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); + TEST_EQUAL( test_driver_hash_hooks.hits, + forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 2 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + + PSA_ASSERT( psa_hash_finish( &operation, + output, PSA_HASH_LENGTH( alg ), + &output_length ) ); + TEST_EQUAL( test_driver_hash_hooks.hits, + forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 4 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + + ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + } + + /* + * Case 2: Force the driver return status for update. + */ + test_driver_hash_hooks = test_driver_hash_hooks_init(); + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + TEST_EQUAL( test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), + forced_status ); + TEST_EQUAL( test_driver_hash_hooks.hits, + forced_status != PSA_SUCCESS ? 3 : 2 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + + if( forced_status == PSA_SUCCESS ) + { + PSA_ASSERT( psa_hash_finish( &operation, + output, PSA_HASH_LENGTH( alg ), + &output_length ) ); + TEST_EQUAL( test_driver_hash_hooks.hits, 4 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + + ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + } + + /* + * Case 3: Force the driver return status for finish. + */ + test_driver_hash_hooks = test_driver_hash_hooks_init(); + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + TEST_EQUAL( test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); + TEST_EQUAL( test_driver_hash_hooks.hits, 2 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL( psa_hash_finish( &operation, + output, PSA_HASH_LENGTH( alg ), + &output_length ), forced_status ); + TEST_EQUAL( test_driver_hash_hooks.hits, 4 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + + if( forced_status == PSA_SUCCESS ) + { + ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + } + +exit: + psa_hash_abort( &operation ); + mbedtls_free( output ); + PSA_DONE( ); + test_driver_hash_hooks = test_driver_hash_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_clone( int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_status_t forced_status = forced_status_arg; + unsigned char *output = NULL; + psa_hash_operation_t source_operation = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t target_operation = PSA_HASH_OPERATION_INIT; + size_t output_length; + + test_driver_hash_hooks = test_driver_hash_hooks_init(); + ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* + * Clone none active operation, the driver shouldn't be called. + */ + TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( test_driver_hash_hooks.hits, 0 ); + + PSA_ASSERT( psa_hash_setup( &source_operation, alg ) ); + TEST_EQUAL( test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), + forced_status ); + TEST_EQUAL( test_driver_hash_hooks.hits, + forced_status == PSA_SUCCESS ? 2 : 3 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + + if( forced_status == PSA_SUCCESS ) + { + test_driver_hash_hooks = test_driver_hash_hooks_init(); + PSA_ASSERT( psa_hash_update( &target_operation, + input->x, input->len ) ); + TEST_EQUAL( test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + PSA_ASSERT( psa_hash_finish( &target_operation, + output, PSA_HASH_LENGTH( alg ), + &output_length ) ); + TEST_EQUAL( test_driver_hash_hooks.hits, 3 ); + TEST_EQUAL( test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + } + +exit: + psa_hash_abort( &source_operation ); + psa_hash_abort( &target_operation ); + mbedtls_free( output ); + PSA_DONE( ); + test_driver_hash_hooks = test_driver_hash_hooks_init(); +} +/* END_CASE */ From b5d59a05b2d833a8d6481a5351e0dcc1354f478e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 14 Apr 2021 09:07:03 +0200 Subject: [PATCH 133/160] tests: psa: cipher: Remove out-dated comment Signed-off-by: Ronald Cron --- tests/src/drivers/test_driver_cipher.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 4dc46789b..e241ba446 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -36,11 +36,6 @@ #include -/* Test driver implements AES-CTR only. Its default behaviour (when its return - * status is not overridden through the hooks) is to take care of all AES-CTR - * operations, and return PSA_ERROR_NOT_SUPPORTED for all others. - * Set test_driver_cipher_hooks.forced_status to PSA_ERROR_NOT_SUPPORTED to use - * fallback even for AES-CTR. */ test_driver_cipher_hooks_t test_driver_cipher_hooks = TEST_DRIVER_CIPHER_INIT; static psa_status_t test_transparent_cipher_oneshot( From 7f13fa2454282b21930045a3f4f9a2835d80425e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 13 Apr 2021 12:41:34 +0200 Subject: [PATCH 134/160] tests: psa: Add mbedtls/MBEDTLS prefix to test driver symbols Signed-off-by: Ronald Cron --- library/psa_crypto_driver_wrappers.c | 247 +++++------ tests/include/test/drivers/aead.h | 15 +- tests/include/test/drivers/cipher.h | 43 +- tests/include/test/drivers/hash.h | 23 +- tests/include/test/drivers/key_management.h | 27 +- .../{test_driver.h => mbedtls_test_driver.h} | 0 tests/include/test/drivers/signature.h | 24 +- tests/include/test/drivers/size.h | 35 +- tests/scripts/list-macros.sh | 2 +- tests/src/drivers/hash.c | 87 ++-- tests/src/drivers/platform_builtin_keys.c | 2 +- tests/src/drivers/test_driver_aead.c | 31 +- tests/src/drivers/test_driver_cipher.c | 117 ++--- .../src/drivers/test_driver_key_management.c | 88 ++-- tests/src/drivers/test_driver_signature.c | 38 +- tests/src/drivers/test_driver_size.c | 6 +- ..._suite_psa_crypto_driver_wrappers.function | 412 +++++++++--------- visualc/VS2010/mbedTLS.vcxproj | 4 +- 18 files changed, 623 insertions(+), 578 deletions(-) rename tests/include/test/drivers/{test_driver.h => mbedtls_test_driver.h} (100%) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index aeea16d7b..d1ec001e6 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -37,7 +37,7 @@ #ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT #define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT #endif -#include "test/drivers/test_driver.h" +#include "test/drivers/mbedtls_test_driver.h" #endif /* PSA_CRYPTO_DRIVER_TEST */ /* Repeat above block for each JSON-declared driver during autogeneration */ @@ -101,7 +101,7 @@ psa_status_t psa_driver_wrapper_sign_hash( * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_signature_sign_hash( attributes, + status = mbedtls_test_transparent_signature_sign_hash( attributes, key_buffer, key_buffer_size, alg, @@ -130,15 +130,15 @@ psa_status_t psa_driver_wrapper_sign_hash( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( test_opaque_signature_sign_hash( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_size, - signature_length ) ); + return( mbedtls_test_opaque_signature_sign_hash( attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_size, + signature_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -185,14 +185,15 @@ psa_status_t psa_driver_wrapper_verify_hash( * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_signature_verify_hash( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_length ); + status = mbedtls_test_transparent_signature_verify_hash( + attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_length ); /* Declared with fallback == true */ if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -212,14 +213,14 @@ psa_status_t psa_driver_wrapper_verify_hash( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( test_opaque_signature_verify_hash( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_length ) ); + return( mbedtls_test_opaque_signature_verify_hash( attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -267,37 +268,37 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size( return( PSA_SUCCESS ); } #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ -#ifdef TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION - *key_buffer_size = test_size_function( key_type, key_bits ); +#ifdef MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION + *key_buffer_size = mbedtls_test_size_function( key_type, key_bits ); return( PSA_SUCCESS ); -#else /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */ +#else /* MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */ if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) ) { int public_key_overhead = - ( ( TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) ? - PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) : 0 ); - *key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE - + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE - + public_key_overhead; + ( ( MBEDTLS_TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) + ? PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) : 0 ); + *key_buffer_size = MBEDTLS_TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + + MBEDTLS_TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE + + public_key_overhead; } else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( key_type ) ) { - *key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE - + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE; + *key_buffer_size = MBEDTLS_TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + + MBEDTLS_TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE; } else if ( !PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) && !PSA_KEY_TYPE_IS_PUBLIC_KEY ( key_type ) ) { - *key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE - + TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR - * ( ( key_bits + 7 ) / 8 ); + *key_buffer_size = MBEDTLS_TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + + ( MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR * + ( ( key_bits + 7 ) / 8 ) ); } else { return( PSA_ERROR_NOT_SUPPORTED ); } return( PSA_SUCCESS ); -#endif /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */ +#endif /* MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */ #endif /* PSA_CRYPTO_DRIVER_TEST */ default: @@ -345,7 +346,7 @@ psa_status_t psa_driver_wrapper_generate_key( { /* Cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_generate_key( + status = mbedtls_test_transparent_generate_key( attributes, key_buffer, key_buffer_size, key_buffer_length ); /* Declared with fallback == true */ @@ -364,7 +365,7 @@ psa_status_t psa_driver_wrapper_generate_key( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - status = test_opaque_generate_key( + status = mbedtls_test_opaque_generate_key( attributes, key_buffer, key_buffer_size, key_buffer_length ); break; #endif /* PSA_CRYPTO_DRIVER_TEST */ @@ -428,10 +429,11 @@ psa_status_t psa_driver_wrapper_import_key( * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_import_key( attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ); + status = mbedtls_test_transparent_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits ); /* Declared with fallback == true */ if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -496,12 +498,12 @@ psa_status_t psa_driver_wrapper_export_key( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( test_opaque_export_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + return( mbedtls_test_opaque_export_key( attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -547,12 +549,13 @@ psa_status_t psa_driver_wrapper_export_public_key( * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_export_public_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ); + status = mbedtls_test_transparent_export_public_key( + attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length ); /* Declared with fallback == true */ if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -570,12 +573,12 @@ psa_status_t psa_driver_wrapper_export_public_key( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( test_opaque_export_public_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + return( mbedtls_test_opaque_export_public_key( attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -594,7 +597,7 @@ psa_status_t psa_driver_wrapper_get_builtin_key( { #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( test_opaque_get_builtin_key( + return( mbedtls_test_opaque_get_builtin_key( slot_number, attributes, key_buffer, key_buffer_size, key_buffer_length ) ); @@ -633,15 +636,15 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_cipher_encrypt( &attributes, - slot->key.data, - slot->key.bytes, - alg, - input, - input_length, - output, - output_size, - output_length ); + status = mbedtls_test_transparent_cipher_encrypt( &attributes, + slot->key.data, + slot->key.bytes, + alg, + input, + input_length, + output, + output_size, + output_length ); /* Declared with fallback == true */ if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -651,15 +654,15 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( test_opaque_cipher_encrypt( &attributes, - slot->key.data, - slot->key.bytes, - alg, - input, - input_length, - output, - output_size, - output_length ) ); + return( mbedtls_test_opaque_cipher_encrypt( &attributes, + slot->key.data, + slot->key.bytes, + alg, + input, + input_length, + output, + output_size, + output_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ default: /* Key is declared with a lifetime not known to us */ @@ -700,15 +703,15 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_cipher_decrypt( &attributes, - slot->key.data, - slot->key.bytes, - alg, - input, - input_length, - output, - output_size, - output_length ); + status = mbedtls_test_transparent_cipher_decrypt( &attributes, + slot->key.data, + slot->key.bytes, + alg, + input, + input_length, + output, + output_size, + output_length ); /* Declared with fallback == true */ if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -718,15 +721,15 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( test_opaque_cipher_decrypt( &attributes, - slot->key.data, - slot->key.bytes, - alg, - input, - input_length, - output, - output_size, - output_length ) ); + return( mbedtls_test_opaque_cipher_decrypt( &attributes, + slot->key.data, + slot->key.bytes, + alg, + input, + input_length, + output, + output_size, + output_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ default: /* Key is declared with a lifetime not known to us */ @@ -762,7 +765,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_cipher_encrypt_setup( + status = mbedtls_test_transparent_cipher_encrypt_setup( &operation->ctx.transparent_test_driver_ctx, attributes, key_buffer, @@ -795,7 +798,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - status = test_opaque_cipher_encrypt_setup( + status = mbedtls_test_opaque_cipher_encrypt_setup( &operation->ctx.opaque_test_driver_ctx, attributes, key_buffer, key_buffer_size, @@ -834,7 +837,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_cipher_decrypt_setup( + status = mbedtls_test_transparent_cipher_decrypt_setup( &operation->ctx.transparent_test_driver_ctx, attributes, key_buffer, @@ -866,7 +869,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - status = test_opaque_cipher_decrypt_setup( + status = mbedtls_test_opaque_cipher_decrypt_setup( &operation->ctx.opaque_test_driver_ctx, attributes, key_buffer, key_buffer_size, @@ -905,12 +908,12 @@ psa_status_t psa_driver_wrapper_cipher_set_iv( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( test_transparent_cipher_set_iv( + return( mbedtls_test_transparent_cipher_set_iv( &operation->ctx.transparent_test_driver_ctx, iv, iv_length ) ); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( test_opaque_cipher_set_iv( + return( mbedtls_test_opaque_cipher_set_iv( &operation->ctx.opaque_test_driver_ctx, iv, iv_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ @@ -946,13 +949,13 @@ psa_status_t psa_driver_wrapper_cipher_update( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( test_transparent_cipher_update( + return( mbedtls_test_transparent_cipher_update( &operation->ctx.transparent_test_driver_ctx, input, input_length, output, output_size, output_length ) ); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( test_opaque_cipher_update( + return( mbedtls_test_opaque_cipher_update( &operation->ctx.opaque_test_driver_ctx, input, input_length, output, output_size, output_length ) ); @@ -988,12 +991,12 @@ psa_status_t psa_driver_wrapper_cipher_finish( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( test_transparent_cipher_finish( + return( mbedtls_test_transparent_cipher_finish( &operation->ctx.transparent_test_driver_ctx, output, output_size, output_length ) ); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( test_opaque_cipher_finish( + return( mbedtls_test_opaque_cipher_finish( &operation->ctx.opaque_test_driver_ctx, output, output_size, output_length ) ); #endif /* PSA_CRYPTO_DRIVER_TEST */ @@ -1022,7 +1025,7 @@ psa_status_t psa_driver_wrapper_cipher_abort( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - status = test_transparent_cipher_abort( + status = mbedtls_test_transparent_cipher_abort( &operation->ctx.transparent_test_driver_ctx ); mbedtls_platform_zeroize( &operation->ctx.transparent_test_driver_ctx, @@ -1030,7 +1033,7 @@ psa_status_t psa_driver_wrapper_cipher_abort( return( status ); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - status = test_opaque_cipher_abort( + status = mbedtls_test_opaque_cipher_abort( &operation->ctx.opaque_test_driver_ctx ); mbedtls_platform_zeroize( &operation->ctx.opaque_test_driver_ctx, @@ -1059,7 +1062,7 @@ psa_status_t psa_driver_wrapper_hash_compute( /* Try accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_hash_compute( + status = mbedtls_test_transparent_hash_compute( alg, input, input_length, hash, hash_size, hash_length ); if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); @@ -1091,7 +1094,7 @@ psa_status_t psa_driver_wrapper_hash_setup( /* Try setup on accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_hash_setup( + status = mbedtls_test_transparent_hash_setup( &operation->ctx.test_driver_ctx, alg ); if( status == PSA_SUCCESS ) operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; @@ -1131,7 +1134,7 @@ psa_status_t psa_driver_wrapper_hash_clone( #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; - return( test_transparent_hash_clone( + return( mbedtls_test_transparent_hash_clone( &source_operation->ctx.test_driver_ctx, &target_operation->ctx.test_driver_ctx ) ); #endif @@ -1155,7 +1158,7 @@ psa_status_t psa_driver_wrapper_hash_update( #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( test_transparent_hash_update( + return( mbedtls_test_transparent_hash_update( &operation->ctx.test_driver_ctx, input, input_length ) ); #endif @@ -1181,7 +1184,7 @@ psa_status_t psa_driver_wrapper_hash_finish( #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( test_transparent_hash_finish( + return( mbedtls_test_transparent_hash_finish( &operation->ctx.test_driver_ctx, hash, hash_size, hash_length ) ); #endif @@ -1204,7 +1207,7 @@ psa_status_t psa_driver_wrapper_hash_abort( #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( test_transparent_hash_abort( + return( mbedtls_test_transparent_hash_abort( &operation->ctx.test_driver_ctx ) ); #endif default: @@ -1233,7 +1236,7 @@ psa_status_t psa_driver_wrapper_aead_encrypt( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_aead_encrypt( + status = mbedtls_test_transparent_aead_encrypt( attributes, key_buffer, key_buffer_size, alg, nonce, nonce_length, @@ -1285,7 +1288,7 @@ psa_status_t psa_driver_wrapper_aead_decrypt( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = test_transparent_aead_decrypt( + status = mbedtls_test_transparent_aead_decrypt( attributes, key_buffer, key_buffer_size, alg, nonce, nonce_length, diff --git a/tests/include/test/drivers/aead.h b/tests/include/test/drivers/aead.h index 1be8910a3..2207cb36f 100644 --- a/tests/include/test/drivers/aead.h +++ b/tests/include/test/drivers/aead.h @@ -37,18 +37,19 @@ typedef struct { unsigned long hits; /* Status returned by the last AEAD driver function call. */ psa_status_t driver_status; -} test_driver_aead_hooks_t; +} mbedtls_test_driver_aead_hooks_t; -#define TEST_DRIVER_AEAD_INIT { 0, 0, 0 } -static inline test_driver_aead_hooks_t test_driver_aead_hooks_init( void ) +#define MBEDTLS_TEST_DRIVER_AEAD_INIT { 0, 0, 0 } +static inline mbedtls_test_driver_aead_hooks_t + mbedtls_test_driver_aead_hooks_init( void ) { - const test_driver_aead_hooks_t v = TEST_DRIVER_AEAD_INIT; + const mbedtls_test_driver_aead_hooks_t v = MBEDTLS_TEST_DRIVER_AEAD_INIT; return( v ); } -extern test_driver_aead_hooks_t test_driver_aead_hooks; +extern mbedtls_test_driver_aead_hooks_t mbedtls_test_driver_aead_hooks; -psa_status_t test_transparent_aead_encrypt( +psa_status_t mbedtls_test_transparent_aead_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, @@ -57,7 +58,7 @@ psa_status_t test_transparent_aead_encrypt( const uint8_t *plaintext, size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ); -psa_status_t test_transparent_aead_decrypt( +psa_status_t mbedtls_test_transparent_aead_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 6d6a6af42..4fe559618 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -41,101 +41,102 @@ typedef struct { psa_status_t forced_status; /* Count the amount of times one of the cipher driver functions is called. */ unsigned long hits; -} test_driver_cipher_hooks_t; +} mbedtls_test_driver_cipher_hooks_t; -#define TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0 } -static inline test_driver_cipher_hooks_t test_driver_cipher_hooks_init( void ) +#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0 } +static inline mbedtls_test_driver_cipher_hooks_t + mbedtls_test_driver_cipher_hooks_init( void ) { - const test_driver_cipher_hooks_t v = TEST_DRIVER_CIPHER_INIT; + const mbedtls_test_driver_cipher_hooks_t v = MBEDTLS_TEST_DRIVER_CIPHER_INIT; return( v ); } -extern test_driver_cipher_hooks_t test_driver_cipher_hooks; +extern mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks; -psa_status_t test_transparent_cipher_encrypt( +psa_status_t mbedtls_test_transparent_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length); -psa_status_t test_transparent_cipher_decrypt( +psa_status_t mbedtls_test_transparent_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length); -psa_status_t test_transparent_cipher_encrypt_setup( +psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( mbedtls_transparent_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg); -psa_status_t test_transparent_cipher_decrypt_setup( +psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( mbedtls_transparent_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg); -psa_status_t test_transparent_cipher_abort( +psa_status_t mbedtls_test_transparent_cipher_abort( mbedtls_transparent_test_driver_cipher_operation_t *operation ); -psa_status_t test_transparent_cipher_set_iv( +psa_status_t mbedtls_test_transparent_cipher_set_iv( mbedtls_transparent_test_driver_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length); -psa_status_t test_transparent_cipher_update( +psa_status_t mbedtls_test_transparent_cipher_update( mbedtls_transparent_test_driver_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length); -psa_status_t test_transparent_cipher_finish( +psa_status_t mbedtls_test_transparent_cipher_finish( mbedtls_transparent_test_driver_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length); /* * opaque versions */ -psa_status_t test_opaque_cipher_encrypt( +psa_status_t mbedtls_test_opaque_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length); -psa_status_t test_opaque_cipher_decrypt( +psa_status_t mbedtls_test_opaque_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length); -psa_status_t test_opaque_cipher_encrypt_setup( +psa_status_t mbedtls_test_opaque_cipher_encrypt_setup( mbedtls_opaque_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg); -psa_status_t test_opaque_cipher_decrypt_setup( +psa_status_t mbedtls_test_opaque_cipher_decrypt_setup( mbedtls_opaque_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg); -psa_status_t test_opaque_cipher_abort( +psa_status_t mbedtls_test_opaque_cipher_abort( mbedtls_opaque_test_driver_cipher_operation_t *operation); -psa_status_t test_opaque_cipher_set_iv( +psa_status_t mbedtls_test_opaque_cipher_set_iv( mbedtls_opaque_test_driver_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length); -psa_status_t test_opaque_cipher_update( +psa_status_t mbedtls_test_opaque_cipher_update( mbedtls_opaque_test_driver_cipher_operation_t *operation, const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length); -psa_status_t test_opaque_cipher_finish( +psa_status_t mbedtls_test_opaque_cipher_finish( mbedtls_opaque_test_driver_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length); diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index 7be368982..ebe83dee4 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -37,42 +37,43 @@ typedef struct { unsigned long hits; /* Status returned by the last hash driver entry point call. */ psa_status_t driver_status; -} test_driver_hash_hooks_t; +} mbedtls_test_driver_hash_hooks_t; -#define TEST_DRIVER_HASH_INIT { 0, 0, 0 } -static inline test_driver_hash_hooks_t test_driver_hash_hooks_init( void ) +#define MBEDTLS_TEST_DRIVER_HASH_INIT { 0, 0, 0 } +static inline mbedtls_test_driver_hash_hooks_t + mbedtls_test_driver_hash_hooks_init( void ) { - const test_driver_hash_hooks_t v = TEST_DRIVER_HASH_INIT; + const mbedtls_test_driver_hash_hooks_t v = MBEDTLS_TEST_DRIVER_HASH_INIT; return( v ); } -extern test_driver_hash_hooks_t test_driver_hash_hooks; +extern mbedtls_test_driver_hash_hooks_t mbedtls_test_driver_hash_hooks; -psa_status_t test_transparent_hash_compute( +psa_status_t mbedtls_test_transparent_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *hash, size_t hash_size, size_t *hash_length ); -psa_status_t test_transparent_hash_setup( +psa_status_t mbedtls_test_transparent_hash_setup( mbedtls_transparent_test_driver_hash_operation_t *operation, psa_algorithm_t alg ); -psa_status_t test_transparent_hash_clone( +psa_status_t mbedtls_test_transparent_hash_clone( const mbedtls_transparent_test_driver_hash_operation_t *source_operation, mbedtls_transparent_test_driver_hash_operation_t *target_operation ); -psa_status_t test_transparent_hash_update( +psa_status_t mbedtls_test_transparent_hash_update( mbedtls_transparent_test_driver_hash_operation_t *operation, const uint8_t *input, size_t input_length ); -psa_status_t test_transparent_hash_finish( +psa_status_t mbedtls_test_transparent_hash_finish( mbedtls_transparent_test_driver_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length ); -psa_status_t test_transparent_hash_abort( +psa_status_t mbedtls_test_transparent_hash_abort( mbedtls_psa_hash_operation_t *operation ); #endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 100fc18d3..45814fd03 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -42,41 +42,44 @@ typedef struct { /* Count the amount of times one of the key management driver functions * is called. */ unsigned long hits; -} test_driver_key_management_hooks_t; +} mbedtls_test_driver_key_management_hooks_t; -#define TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0 } -static inline test_driver_key_management_hooks_t test_driver_key_management_hooks_init( void ) +#define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0 } +static inline mbedtls_test_driver_key_management_hooks_t + mbedtls_test_driver_key_management_hooks_init( void ) { - const test_driver_key_management_hooks_t v = TEST_DRIVER_KEY_MANAGEMENT_INIT; + const mbedtls_test_driver_key_management_hooks_t + v = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT; return( v ); } -extern test_driver_key_management_hooks_t test_driver_key_management_hooks; +extern mbedtls_test_driver_key_management_hooks_t + mbedtls_test_driver_key_management_hooks; -psa_status_t test_transparent_generate_key( +psa_status_t mbedtls_test_transparent_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ); -psa_status_t test_opaque_generate_key( +psa_status_t mbedtls_test_opaque_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ); -psa_status_t test_opaque_export_key( +psa_status_t mbedtls_test_opaque_export_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ); -psa_status_t test_transparent_export_public_key( +psa_status_t mbedtls_test_transparent_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ); -psa_status_t test_opaque_export_public_key( +psa_status_t mbedtls_test_opaque_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ); -psa_status_t test_transparent_import_key( +psa_status_t mbedtls_test_transparent_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, @@ -85,7 +88,7 @@ psa_status_t test_transparent_import_key( size_t *key_buffer_length, size_t *bits); -psa_status_t test_opaque_get_builtin_key( +psa_status_t mbedtls_test_opaque_get_builtin_key( psa_drv_slot_number_t slot_number, psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/mbedtls_test_driver.h similarity index 100% rename from tests/include/test/drivers/test_driver.h rename to tests/include/test/drivers/mbedtls_test_driver.h diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index e78515125..1586ce9bc 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -38,40 +38,44 @@ typedef struct { psa_status_t forced_status; /* Count the amount of times one of the signature driver functions is called. */ unsigned long hits; -} test_driver_signature_hooks_t; +} mbedtls_test_driver_signature_hooks_t; -#define TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_SUCCESS, 0 } -static inline test_driver_signature_hooks_t test_driver_signature_hooks_init( void ) +#define MBEDTLS_TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_SUCCESS, 0 } +static inline mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_hooks_init( void ) { - const test_driver_signature_hooks_t v = TEST_DRIVER_SIGNATURE_INIT; + const mbedtls_test_driver_signature_hooks_t + v = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; return( v ); } -extern test_driver_signature_hooks_t test_driver_signature_sign_hooks; -extern test_driver_signature_hooks_t test_driver_signature_verify_hooks; +extern mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_sign_hooks; +extern mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_verify_hooks; -psa_status_t test_transparent_signature_sign_hash( +psa_status_t mbedtls_test_transparent_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length ); -psa_status_t test_opaque_signature_sign_hash( +psa_status_t mbedtls_test_opaque_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length ); -psa_status_t test_transparent_signature_verify_hash( +psa_status_t mbedtls_test_transparent_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ); -psa_status_t test_opaque_signature_verify_hash( +psa_status_t mbedtls_test_opaque_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, diff --git a/tests/include/test/drivers/size.h b/tests/include/test/drivers/size.h index 4bfe986a2..577e17b8d 100644 --- a/tests/include/test/drivers/size.h +++ b/tests/include/test/drivers/size.h @@ -31,16 +31,17 @@ typedef struct { unsigned int context; -} test_driver_key_context_t; +} mbedtls_test_driver_key_context_t; -/** \def TEST_DRIVER_KEY_CONTEXT_BASE_SIZE +/** \def MBEDTLS_TEST_DRIVER_KEY_CONTEXT_BASE_SIZE * * This macro returns the base size for the key context. It is the size of the * driver specific information stored in each key context. */ -#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE sizeof( test_driver_key_context_t ) +#define MBEDTLS_TEST_DRIVER_KEY_CONTEXT_BASE_SIZE \ + sizeof( mbedtls_test_driver_key_context_t ) -/** \def TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE +/** \def MBEDTLS_TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE * * Number of bytes included in every key context for a key pair. * @@ -49,47 +50,47 @@ typedef struct { * subtracting the public key size below from this one. */ -#define TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE 65 +#define MBEDTLS_TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE 65 -/** \def TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE +/** \def MBEDTLS_TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE * * Number of bytes included in every key context for a public key. * * For ECC public keys, it needs 257 bits so 33 bytes. */ -#define TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE 33 +#define MBEDTLS_TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE 33 -/** \def TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR +/** \def MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR * * Every key context for a symmetric key includes this many times the key size. */ -#define TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR 0 +#define MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR 0 -/** \def TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY +/** \def MBEDTLS_TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY * * If this is true for a key pair, the key context includes space for the public key. * If this is false, no additional space is added for the public key. * * For this instance, store the public key with the private one. */ -#define TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY 1 +#define MBEDTLS_TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY 1 -/** \def TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION +/** \def MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION * - * If TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION is defined, the test driver + * If MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION is defined, the test driver * provides a size_function entry point, otherwise, it does not. * * Some opaque drivers have the need to support a custom size for the storage * of key and context information. The size_function provides the ability to * provide that customization. */ -//#define TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION +//#define MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION -#ifdef TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION -size_t test_size_function( +#ifdef MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION +size_t mbedtls_test_size_function( const psa_key_type_t key_type, const size_t key_bits ); -#endif /* TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */ +#endif /* MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */ #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_SIZE_H */ diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh index 2727ff9d5..fd19c471b 100755 --- a/tests/scripts/list-macros.sh +++ b/tests/scripts/list-macros.sh @@ -22,7 +22,7 @@ if [ -d include/mbedtls ]; then :; else exit 1 fi -HEADERS=$( ls include/mbedtls/*.h include/psa/*.h ) +HEADERS=$( ls include/mbedtls/*.h include/psa/*.h tests/include/test/drivers/*.h ) HEADERS="$HEADERS library/*.h" HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h" diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index d69a1276c..f95aa6b61 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -28,133 +28,134 @@ #include "test/drivers/hash.h" -test_driver_hash_hooks_t test_driver_hash_hooks = TEST_DRIVER_HASH_INIT; +mbedtls_test_driver_hash_hooks_t + mbedtls_test_driver_hash_hooks = MBEDTLS_TEST_DRIVER_HASH_INIT; -psa_status_t test_transparent_hash_compute( +psa_status_t mbedtls_test_transparent_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, uint8_t *hash, size_t hash_size, size_t *hash_length ) { - test_driver_hash_hooks.hits++; + mbedtls_test_driver_hash_hooks.hits++; - if( test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) { - test_driver_hash_hooks.driver_status = - test_driver_hash_hooks.forced_status; + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; } else { - test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_compute( alg, input, input_length, hash, hash_size, hash_length ); } - return( test_driver_hash_hooks.driver_status ); + return( mbedtls_test_driver_hash_hooks.driver_status ); } -psa_status_t test_transparent_hash_setup( +psa_status_t mbedtls_test_transparent_hash_setup( mbedtls_transparent_test_driver_hash_operation_t *operation, psa_algorithm_t alg ) { - test_driver_hash_hooks.hits++; + mbedtls_test_driver_hash_hooks.hits++; - if( test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) { - test_driver_hash_hooks.driver_status = - test_driver_hash_hooks.forced_status; + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; } else { - test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_setup( operation, alg ); } - return( test_driver_hash_hooks.driver_status ); + return( mbedtls_test_driver_hash_hooks.driver_status ); } -psa_status_t test_transparent_hash_clone( +psa_status_t mbedtls_test_transparent_hash_clone( const mbedtls_transparent_test_driver_hash_operation_t *source_operation, mbedtls_transparent_test_driver_hash_operation_t *target_operation ) { - test_driver_hash_hooks.hits++; + mbedtls_test_driver_hash_hooks.hits++; - if( test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) { - test_driver_hash_hooks.driver_status = - test_driver_hash_hooks.forced_status; + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; } else { - test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_clone( source_operation, target_operation ); } - return( test_driver_hash_hooks.driver_status ); + return( mbedtls_test_driver_hash_hooks.driver_status ); } -psa_status_t test_transparent_hash_update( +psa_status_t mbedtls_test_transparent_hash_update( mbedtls_transparent_test_driver_hash_operation_t *operation, const uint8_t *input, size_t input_length ) { - test_driver_hash_hooks.hits++; + mbedtls_test_driver_hash_hooks.hits++; - if( test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) { - test_driver_hash_hooks.driver_status = - test_driver_hash_hooks.forced_status; + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; } else { - test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_update( operation, input, input_length ); } - return( test_driver_hash_hooks.driver_status ); + return( mbedtls_test_driver_hash_hooks.driver_status ); } -psa_status_t test_transparent_hash_finish( +psa_status_t mbedtls_test_transparent_hash_finish( mbedtls_transparent_test_driver_hash_operation_t *operation, uint8_t *hash, size_t hash_size, size_t *hash_length ) { - test_driver_hash_hooks.hits++; + mbedtls_test_driver_hash_hooks.hits++; - if( test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) { - test_driver_hash_hooks.driver_status = - test_driver_hash_hooks.forced_status; + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; } else { - test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_finish( operation, hash, hash_size, hash_length ); } - return( test_driver_hash_hooks.driver_status ); + return( mbedtls_test_driver_hash_hooks.driver_status ); } -psa_status_t test_transparent_hash_abort( +psa_status_t mbedtls_test_transparent_hash_abort( mbedtls_transparent_test_driver_hash_operation_t *operation ) { - test_driver_hash_hooks.hits++; + mbedtls_test_driver_hash_hooks.hits++; - if( test_driver_hash_hooks.forced_status != PSA_SUCCESS ) + if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) { - test_driver_hash_hooks.driver_status = - test_driver_hash_hooks.forced_status; + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; } else { - test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.driver_status = mbedtls_transparent_test_driver_hash_abort( operation ); } - return( test_driver_hash_hooks.driver_status ); + return( mbedtls_test_driver_hash_hooks.driver_status ); } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c index 759fa7830..57d040a78 100644 --- a/tests/src/drivers/platform_builtin_keys.c +++ b/tests/src/drivers/platform_builtin_keys.c @@ -24,7 +24,7 @@ #include #if defined(PSA_CRYPTO_DRIVER_TEST) -#include +#include #endif typedef struct diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c index c87752502..25396c92f 100644 --- a/tests/src/drivers/test_driver_aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -28,9 +28,10 @@ #include "test/drivers/aead.h" -test_driver_aead_hooks_t test_driver_aead_hooks = TEST_DRIVER_AEAD_INIT; +mbedtls_test_driver_aead_hooks_t + mbedtls_test_driver_aead_hooks = MBEDTLS_TEST_DRIVER_AEAD_INIT; -psa_status_t test_transparent_aead_encrypt( +psa_status_t mbedtls_test_transparent_aead_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, @@ -39,16 +40,16 @@ psa_status_t test_transparent_aead_encrypt( const uint8_t *plaintext, size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ) { - test_driver_aead_hooks.hits++; + mbedtls_test_driver_aead_hooks.hits++; - if( test_driver_aead_hooks.forced_status != PSA_SUCCESS ) + if( mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS ) { - test_driver_aead_hooks.driver_status = - test_driver_aead_hooks.forced_status; + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; } else { - test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_encrypt( attributes, key_buffer, key_buffer_size, alg, @@ -58,10 +59,10 @@ psa_status_t test_transparent_aead_encrypt( ciphertext, ciphertext_size, ciphertext_length ); } - return( test_driver_aead_hooks.driver_status ); + return( mbedtls_test_driver_aead_hooks.driver_status ); } -psa_status_t test_transparent_aead_decrypt( +psa_status_t mbedtls_test_transparent_aead_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, @@ -70,16 +71,16 @@ psa_status_t test_transparent_aead_decrypt( const uint8_t *ciphertext, size_t ciphertext_length, uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ) { - test_driver_aead_hooks.hits++; + mbedtls_test_driver_aead_hooks.hits++; - if( test_driver_aead_hooks.forced_status != PSA_SUCCESS ) + if( mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS ) { - test_driver_aead_hooks.driver_status = - test_driver_aead_hooks.forced_status; + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; } else { - test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_decrypt( attributes, key_buffer, key_buffer_size, alg, @@ -89,7 +90,7 @@ psa_status_t test_transparent_aead_decrypt( plaintext, plaintext_size, plaintext_length ); } - return( test_driver_aead_hooks.driver_status ); + return( mbedtls_test_driver_aead_hooks.driver_status ); } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index e241ba446..a415dd812 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -36,9 +36,10 @@ #include -test_driver_cipher_hooks_t test_driver_cipher_hooks = TEST_DRIVER_CIPHER_INIT; +mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks = + MBEDTLS_TEST_DRIVER_CIPHER_INIT; -static psa_status_t test_transparent_cipher_oneshot( +static psa_status_t mbedtls_test_transparent_cipher_oneshot( mbedtls_operation_t direction, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, @@ -46,7 +47,7 @@ static psa_status_t test_transparent_cipher_oneshot( const uint8_t *input, size_t input_length, uint8_t *output, size_t output_size, size_t *output_length) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; /* Test driver supports AES-CTR only, to verify operation calls. */ if( alg != PSA_ALG_CTR || @@ -54,21 +55,21 @@ static psa_status_t test_transparent_cipher_oneshot( return( PSA_ERROR_NOT_SUPPORTED ); /* If test driver response code is not SUCCESS, we can return early */ - if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_cipher_hooks.forced_status ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); /* If test driver output is overridden, we don't need to do actual crypto */ - if( test_driver_cipher_hooks.forced_output != NULL ) + if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) { - if( output_size < test_driver_cipher_hooks.forced_output_length ) + if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) return( PSA_ERROR_BUFFER_TOO_SMALL ); memcpy( output, - test_driver_cipher_hooks.forced_output, - test_driver_cipher_hooks.forced_output_length ); - *output_length = test_driver_cipher_hooks.forced_output_length; + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length ); + *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( test_driver_cipher_hooks.forced_status ); + return( mbedtls_test_driver_cipher_hooks.forced_status ); } /* Run AES-CTR using the cipher module */ @@ -166,7 +167,7 @@ exit: } } -psa_status_t test_transparent_cipher_encrypt( +psa_status_t mbedtls_test_transparent_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, @@ -174,7 +175,7 @@ psa_status_t test_transparent_cipher_encrypt( uint8_t *output, size_t output_size, size_t *output_length) { return ( - test_transparent_cipher_oneshot( + mbedtls_test_transparent_cipher_oneshot( MBEDTLS_ENCRYPT, attributes, key, key_length, @@ -183,7 +184,7 @@ psa_status_t test_transparent_cipher_encrypt( output, output_size, output_length) ); } -psa_status_t test_transparent_cipher_decrypt( +psa_status_t mbedtls_test_transparent_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, @@ -191,7 +192,7 @@ psa_status_t test_transparent_cipher_decrypt( uint8_t *output, size_t output_size, size_t *output_length) { return ( - test_transparent_cipher_oneshot( + mbedtls_test_transparent_cipher_oneshot( MBEDTLS_DECRYPT, attributes, key, key_length, @@ -200,13 +201,13 @@ psa_status_t test_transparent_cipher_decrypt( output, output_size, output_length) ); } -psa_status_t test_transparent_cipher_encrypt_setup( +psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( mbedtls_transparent_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; /* Wiping the entire struct here, instead of member-by-member. This is * useful for the test suite, since it gives a chance of catching memory @@ -214,32 +215,32 @@ psa_status_t test_transparent_cipher_encrypt_setup( * our context struct. */ memset( operation, 0, sizeof( *operation ) ); - if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_cipher_hooks.forced_status ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); return ( mbedtls_transparent_test_driver_cipher_encrypt_setup( operation, attributes, key, key_length, alg ) ); } -psa_status_t test_transparent_cipher_decrypt_setup( +psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( mbedtls_transparent_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; - if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_cipher_hooks.forced_status ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); return ( mbedtls_transparent_test_driver_cipher_decrypt_setup( operation, attributes, key, key_length, alg ) ); } -psa_status_t test_transparent_cipher_abort( +psa_status_t mbedtls_test_transparent_cipher_abort( mbedtls_transparent_test_driver_cipher_operation_t *operation) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; if( operation->alg == 0 ) return( PSA_SUCCESS ); @@ -252,24 +253,24 @@ psa_status_t test_transparent_cipher_abort( * our context struct. */ memset( operation, 0, sizeof( *operation ) ); - return( test_driver_cipher_hooks.forced_status ); + return( mbedtls_test_driver_cipher_hooks.forced_status ); } -psa_status_t test_transparent_cipher_set_iv( +psa_status_t mbedtls_test_transparent_cipher_set_iv( mbedtls_transparent_test_driver_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; - if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_cipher_hooks.forced_status ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); return( mbedtls_transparent_test_driver_cipher_set_iv( operation, iv, iv_length ) ); } -psa_status_t test_transparent_cipher_update( +psa_status_t mbedtls_test_transparent_cipher_update( mbedtls_transparent_test_driver_cipher_operation_t *operation, const uint8_t *input, size_t input_length, @@ -277,52 +278,52 @@ psa_status_t test_transparent_cipher_update( size_t output_size, size_t *output_length) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; - if( test_driver_cipher_hooks.forced_output != NULL ) + if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) { - if( output_size < test_driver_cipher_hooks.forced_output_length ) + if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) return PSA_ERROR_BUFFER_TOO_SMALL; memcpy( output, - test_driver_cipher_hooks.forced_output, - test_driver_cipher_hooks.forced_output_length ); - *output_length = test_driver_cipher_hooks.forced_output_length; + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length ); + *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( test_driver_cipher_hooks.forced_status ); + return( mbedtls_test_driver_cipher_hooks.forced_status ); } - if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_cipher_hooks.forced_status ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); return( mbedtls_transparent_test_driver_cipher_update( operation, input, input_length, output, output_size, output_length ) ); } -psa_status_t test_transparent_cipher_finish( +psa_status_t mbedtls_test_transparent_cipher_finish( mbedtls_transparent_test_driver_cipher_operation_t *operation, uint8_t *output, size_t output_size, size_t *output_length) { - test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; - if( test_driver_cipher_hooks.forced_output != NULL ) + if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) { - if( output_size < test_driver_cipher_hooks.forced_output_length ) + if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) return PSA_ERROR_BUFFER_TOO_SMALL; memcpy( output, - test_driver_cipher_hooks.forced_output, - test_driver_cipher_hooks.forced_output_length ); - *output_length = test_driver_cipher_hooks.forced_output_length; + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length ); + *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( test_driver_cipher_hooks.forced_status ); + return( mbedtls_test_driver_cipher_hooks.forced_status ); } - if( test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_cipher_hooks.forced_status ); + if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_cipher_hooks.forced_status ); return( mbedtls_transparent_test_driver_cipher_finish( operation, output, output_size, output_length ) ); @@ -331,7 +332,7 @@ psa_status_t test_transparent_cipher_finish( /* * opaque versions, to do */ -psa_status_t test_opaque_cipher_encrypt( +psa_status_t mbedtls_test_opaque_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, @@ -350,7 +351,7 @@ psa_status_t test_opaque_cipher_encrypt( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_decrypt( +psa_status_t mbedtls_test_opaque_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, @@ -369,7 +370,7 @@ psa_status_t test_opaque_cipher_decrypt( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_encrypt_setup( +psa_status_t mbedtls_test_opaque_cipher_encrypt_setup( mbedtls_opaque_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, @@ -383,7 +384,7 @@ psa_status_t test_opaque_cipher_encrypt_setup( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_decrypt_setup( +psa_status_t mbedtls_test_opaque_cipher_decrypt_setup( mbedtls_opaque_test_driver_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, @@ -397,14 +398,14 @@ psa_status_t test_opaque_cipher_decrypt_setup( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_abort( +psa_status_t mbedtls_test_opaque_cipher_abort( mbedtls_opaque_test_driver_cipher_operation_t *operation ) { (void) operation; return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_set_iv( +psa_status_t mbedtls_test_opaque_cipher_set_iv( mbedtls_opaque_test_driver_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length) @@ -415,7 +416,7 @@ psa_status_t test_opaque_cipher_set_iv( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_update( +psa_status_t mbedtls_test_opaque_cipher_update( mbedtls_opaque_test_driver_cipher_operation_t *operation, const uint8_t *input, size_t input_length, @@ -432,7 +433,7 @@ psa_status_t test_opaque_cipher_update( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_opaque_cipher_finish( +psa_status_t mbedtls_test_opaque_cipher_finish( mbedtls_opaque_test_driver_cipher_operation_t *operation, uint8_t *output, size_t output_size, diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index a0626fbf4..19e103331 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -38,18 +38,18 @@ #include -test_driver_key_management_hooks_t test_driver_key_management_hooks = - TEST_DRIVER_KEY_MANAGEMENT_INIT; +mbedtls_test_driver_key_management_hooks_t + mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT; -const uint8_t test_driver_aes_key[16] = +const uint8_t mbedtls_test_driver_aes_key[16] = { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46, 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 }; -const uint8_t test_driver_ecdsa_key[32] = +const uint8_t mbedtls_test_driver_ecdsa_key[32] = { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63, 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18, 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7, 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a }; -const uint8_t test_driver_ecdsa_pubkey[65] = +const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] = { 0x04, 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c, 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44, @@ -60,22 +60,23 @@ const uint8_t test_driver_ecdsa_pubkey[65] = 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; -psa_status_t test_transparent_generate_key( +psa_status_t mbedtls_test_transparent_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ) { - ++test_driver_key_management_hooks.hits; + ++mbedtls_test_driver_key_management_hooks.hits; - if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_key_management_hooks.forced_status ); + if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_key_management_hooks.forced_status ); - if( test_driver_key_management_hooks.forced_output != NULL ) + if( mbedtls_test_driver_key_management_hooks.forced_output != NULL ) { - if( test_driver_key_management_hooks.forced_output_length > key_size ) + if( mbedtls_test_driver_key_management_hooks.forced_output_length > + key_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( key, test_driver_key_management_hooks.forced_output, - test_driver_key_management_hooks.forced_output_length ); - *key_length = test_driver_key_management_hooks.forced_output_length; + memcpy( key, mbedtls_test_driver_key_management_hooks.forced_output, + mbedtls_test_driver_key_management_hooks.forced_output_length ); + *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length; return( PSA_SUCCESS ); } @@ -102,7 +103,7 @@ psa_status_t test_transparent_generate_key( } } -psa_status_t test_opaque_generate_key( +psa_status_t mbedtls_test_opaque_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length ) { @@ -113,7 +114,7 @@ psa_status_t test_opaque_generate_key( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_transparent_import_key( +psa_status_t mbedtls_test_transparent_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, @@ -122,10 +123,10 @@ psa_status_t test_transparent_import_key( size_t *key_buffer_length, size_t *bits) { - ++test_driver_key_management_hooks.hits; + ++mbedtls_test_driver_key_management_hooks.hits; - if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_key_management_hooks.forced_status ); + if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_key_management_hooks.forced_status ); psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t type = psa_get_key_type( attributes ); @@ -168,7 +169,7 @@ psa_status_t test_transparent_import_key( return( status ); } -psa_status_t test_opaque_export_key( +psa_status_t mbedtls_test_opaque_export_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ) @@ -199,12 +200,12 @@ psa_status_t test_opaque_export_key( PSA_KEY_USAGE_EXPORT ) == 0 ) return( PSA_ERROR_CORRUPTION_DETECTED ); - if( data_size < sizeof( test_driver_ecdsa_key ) ) + if( data_size < sizeof( mbedtls_test_driver_ecdsa_key ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, test_driver_ecdsa_key, - sizeof( test_driver_ecdsa_key ) ); - *data_length = sizeof( test_driver_ecdsa_key ); + memcpy( data, mbedtls_test_driver_ecdsa_key, + sizeof( mbedtls_test_driver_ecdsa_key ) ); + *data_length = sizeof( mbedtls_test_driver_ecdsa_key ); return( PSA_SUCCESS ); case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: @@ -220,12 +221,12 @@ psa_status_t test_opaque_export_key( PSA_KEY_USAGE_EXPORT ) == 0 ) return( PSA_ERROR_CORRUPTION_DETECTED ); - if( data_size < sizeof( test_driver_aes_key ) ) + if( data_size < sizeof( mbedtls_test_driver_aes_key ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, test_driver_aes_key, - sizeof( test_driver_aes_key ) ); - *data_length = sizeof( test_driver_aes_key ); + memcpy( data, mbedtls_test_driver_aes_key, + sizeof( mbedtls_test_driver_aes_key ) ); + *data_length = sizeof( mbedtls_test_driver_aes_key ); return( PSA_SUCCESS ); default: @@ -233,23 +234,24 @@ psa_status_t test_opaque_export_key( } } -psa_status_t test_transparent_export_public_key( +psa_status_t mbedtls_test_transparent_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ) { - ++test_driver_key_management_hooks.hits; + ++mbedtls_test_driver_key_management_hooks.hits; - if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_key_management_hooks.forced_status ); + if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_key_management_hooks.forced_status ); - if( test_driver_key_management_hooks.forced_output != NULL ) + if( mbedtls_test_driver_key_management_hooks.forced_output != NULL ) { - if( test_driver_key_management_hooks.forced_output_length > data_size ) + if( mbedtls_test_driver_key_management_hooks.forced_output_length > + data_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, test_driver_key_management_hooks.forced_output, - test_driver_key_management_hooks.forced_output_length ); - *data_length = test_driver_key_management_hooks.forced_output_length; + memcpy( data, mbedtls_test_driver_key_management_hooks.forced_output, + mbedtls_test_driver_key_management_hooks.forced_output_length ); + *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length; return( PSA_SUCCESS ); } @@ -288,7 +290,7 @@ psa_status_t test_transparent_export_public_key( return( status ); } -psa_status_t test_opaque_export_public_key( +psa_status_t mbedtls_test_opaque_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, uint8_t *data, size_t data_size, size_t *data_length ) @@ -315,12 +317,12 @@ psa_status_t test_opaque_export_public_key( PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) return( PSA_ERROR_CORRUPTION_DETECTED ); - if( data_size < sizeof( test_driver_ecdsa_pubkey ) ) + if( data_size < sizeof( mbedtls_test_driver_ecdsa_pubkey ) ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, test_driver_ecdsa_pubkey, - sizeof( test_driver_ecdsa_pubkey ) ); - *data_length = sizeof( test_driver_ecdsa_pubkey ); + memcpy( data, mbedtls_test_driver_ecdsa_pubkey, + sizeof( mbedtls_test_driver_ecdsa_pubkey ) ); + *data_length = sizeof( mbedtls_test_driver_ecdsa_pubkey ); return( PSA_SUCCESS ); default: @@ -338,7 +340,7 @@ psa_status_t test_opaque_export_public_key( * (i.e. for an actual driver this would mean 'builtin_key_size' = * sizeof(psa_drv_slot_number_t)). */ -psa_status_t test_opaque_get_builtin_key( +psa_status_t mbedtls_test_opaque_get_builtin_key( psa_drv_slot_number_t slot_number, psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 47c6debc5..be8c1792b 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -41,28 +41,32 @@ #include -test_driver_signature_hooks_t test_driver_signature_sign_hooks = TEST_DRIVER_SIGNATURE_INIT; -test_driver_signature_hooks_t test_driver_signature_verify_hooks = TEST_DRIVER_SIGNATURE_INIT; +mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_sign_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; +mbedtls_test_driver_signature_hooks_t + mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; -psa_status_t test_transparent_signature_sign_hash( +psa_status_t mbedtls_test_transparent_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, uint8_t *signature, size_t signature_size, size_t *signature_length ) { - ++test_driver_signature_sign_hooks.hits; + ++mbedtls_test_driver_signature_sign_hooks.hits; - if( test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_signature_sign_hooks.forced_status ); + if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_signature_sign_hooks.forced_status ); - if( test_driver_signature_sign_hooks.forced_output != NULL ) + if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL ) { - if( test_driver_signature_sign_hooks.forced_output_length > signature_size ) + if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > + signature_size ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( signature, test_driver_signature_sign_hooks.forced_output, - test_driver_signature_sign_hooks.forced_output_length ); - *signature_length = test_driver_signature_sign_hooks.forced_output_length; + memcpy( signature, + mbedtls_test_driver_signature_sign_hooks.forced_output, + mbedtls_test_driver_signature_sign_hooks.forced_output_length ); + *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; return( PSA_SUCCESS ); } @@ -120,7 +124,7 @@ psa_status_t test_transparent_signature_sign_hash( } } -psa_status_t test_opaque_signature_sign_hash( +psa_status_t mbedtls_test_opaque_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, @@ -140,17 +144,17 @@ psa_status_t test_opaque_signature_sign_hash( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t test_transparent_signature_verify_hash( +psa_status_t mbedtls_test_transparent_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, const uint8_t *signature, size_t signature_length ) { - ++test_driver_signature_verify_hooks.hits; + ++mbedtls_test_driver_signature_verify_hooks.hits; - if( test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) - return( test_driver_signature_verify_hooks.forced_status ); + if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_signature_verify_hooks.forced_status ); #if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) @@ -200,7 +204,7 @@ psa_status_t test_transparent_signature_verify_hash( } } -psa_status_t test_opaque_signature_verify_hash( +psa_status_t mbedtls_test_opaque_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, diff --git a/tests/src/drivers/test_driver_size.c b/tests/src/drivers/test_driver_size.c index 16a86922a..fd10209d2 100644 --- a/tests/src/drivers/test_driver_size.c +++ b/tests/src/drivers/test_driver_size.c @@ -28,8 +28,8 @@ #include "test/drivers/size.h" -#ifdef TEST_KEY_CONTEXT_SIZE_FUNCTION -size_t test_size_function( +#ifdef MBEDTLS_TEST_KEY_CONTEXT_SIZE_FUNCTION +size_t mbedtls_test_size_function( const psa_key_type_t key_type, const size_t key_bits ) { @@ -37,6 +37,6 @@ size_t test_size_function( (void) key_bits; return 0; } -#endif /*TEST_KEY_CONTEXT_SIZE_FUNCTION */ +#endif /*MBEDTLS_TEST_KEY_CONTEXT_SIZE_FUNCTION */ #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 5bd5ba8d3..3c48b06ac 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include "test/drivers/test_driver.h" +#include "test/drivers/mbedtls_test_driver.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -23,7 +23,8 @@ void ecdsa_sign( int force_status_arg, uint8_t signature[64]; size_t signature_length = 0xdeadbeef; psa_status_t actual_status; - test_driver_signature_sign_hooks = test_driver_signature_hooks_init(); + mbedtls_test_driver_signature_sign_hooks = + mbedtls_test_driver_signature_hooks_init(); PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_type( &attributes, @@ -34,11 +35,13 @@ void ecdsa_sign( int force_status_arg, key_input->x, key_input->len, &key ); - test_driver_signature_sign_hooks.forced_status = force_status; + mbedtls_test_driver_signature_sign_hooks.forced_status = force_status; if( fake_output == 1 ) { - test_driver_signature_sign_hooks.forced_output = expected_output->x; - test_driver_signature_sign_hooks.forced_output_length = expected_output->len; + mbedtls_test_driver_signature_sign_hooks.forced_output = + expected_output->x; + mbedtls_test_driver_signature_sign_hooks.forced_output_length = + expected_output->len; } actual_status = psa_sign_hash( key, alg, @@ -51,13 +54,14 @@ void ecdsa_sign( int force_status_arg, ASSERT_COMPARE( signature, signature_length, expected_output->x, expected_output->len ); } - TEST_EQUAL( test_driver_signature_sign_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, 1 ); exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_signature_sign_hooks = test_driver_signature_hooks_init(); + mbedtls_test_driver_signature_sign_hooks = + mbedtls_test_driver_signature_hooks_init(); } /* END_CASE */ @@ -75,7 +79,8 @@ void ecdsa_verify( int force_status_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ); psa_status_t actual_status; - test_driver_signature_verify_hooks = test_driver_signature_hooks_init(); + mbedtls_test_driver_signature_verify_hooks = + mbedtls_test_driver_signature_hooks_init(); PSA_ASSERT( psa_crypto_init( ) ); if( register_public_key ) @@ -99,19 +104,20 @@ void ecdsa_verify( int force_status_arg, &key ); } - test_driver_signature_verify_hooks.forced_status = force_status; + mbedtls_test_driver_signature_verify_hooks.forced_status = force_status; actual_status = psa_verify_hash( key, alg, data_input->x, data_input->len, signature_input->x, signature_input->len ); TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( test_driver_signature_verify_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, 1 ); exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_signature_verify_hooks = test_driver_signature_hooks_init(); + mbedtls_test_driver_signature_verify_hooks = + mbedtls_test_driver_signature_hooks_init(); } /* END_CASE */ @@ -130,7 +136,8 @@ void generate_key( int force_status_arg, psa_status_t actual_status; uint8_t actual_output[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(256)] = {0}; size_t actual_output_length; - test_driver_key_management_hooks = test_driver_key_management_hooks_init(); + mbedtls_test_driver_key_management_hooks = + mbedtls_test_driver_key_management_hooks_init(); psa_set_key_type( &attributes, PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); @@ -140,18 +147,22 @@ void generate_key( int force_status_arg, if( fake_output->len > 0 ) { - expected_output = test_driver_key_management_hooks.forced_output = fake_output->x; - expected_output_length = test_driver_key_management_hooks.forced_output_length = + expected_output = + mbedtls_test_driver_key_management_hooks.forced_output = + fake_output->x; + + expected_output_length = + mbedtls_test_driver_key_management_hooks.forced_output_length = fake_output->len; } - test_driver_key_management_hooks.hits = 0; - test_driver_key_management_hooks.forced_status = force_status; + mbedtls_test_driver_key_management_hooks.hits = 0; + mbedtls_test_driver_key_management_hooks.forced_status = force_status; PSA_ASSERT( psa_crypto_init( ) ); actual_status = psa_generate_key( &attributes, &key ); - TEST_EQUAL( test_driver_key_management_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); TEST_EQUAL( actual_status, expected_status ); if( actual_status == PSA_SUCCESS ) @@ -178,7 +189,8 @@ exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_key_management_hooks = test_driver_key_management_hooks_init(); + mbedtls_test_driver_key_management_hooks = + mbedtls_test_driver_key_management_hooks_init(); } /* END_CASE */ @@ -194,25 +206,27 @@ void validate_key( int force_status_arg, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t actual_status; - test_driver_key_management_hooks = test_driver_key_management_hooks_init(); + mbedtls_test_driver_key_management_hooks = + mbedtls_test_driver_key_management_hooks_init(); psa_set_key_type( &attributes, key_type ); psa_set_key_bits( &attributes, 0 ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - test_driver_key_management_hooks.forced_status = force_status; + mbedtls_test_driver_key_management_hooks.forced_status = force_status; PSA_ASSERT( psa_crypto_init( ) ); actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &key ); - TEST_EQUAL( test_driver_key_management_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); TEST_EQUAL( actual_status, expected_status ); exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_key_management_hooks = test_driver_key_management_hooks_init(); + mbedtls_test_driver_key_management_hooks = + mbedtls_test_driver_key_management_hooks_init(); } /* END_CASE */ @@ -236,7 +250,8 @@ void export_key( int force_status_arg, psa_status_t actual_status; uint8_t actual_output[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(256)] = {0}; size_t actual_output_length; - test_driver_key_management_hooks = test_driver_key_management_hooks_init(); + mbedtls_test_driver_key_management_hooks = + mbedtls_test_driver_key_management_hooks_init(); psa_set_key_type( &attributes, input_key_type ); psa_set_key_bits( &attributes, 256 ); @@ -247,8 +262,12 @@ void export_key( int force_status_arg, if( fake_output->len > 0 ) { - expected_output_ptr = test_driver_key_management_hooks.forced_output = fake_output->x; - expected_output_length = test_driver_key_management_hooks.forced_output_length = + expected_output_ptr = + mbedtls_test_driver_key_management_hooks.forced_output = + fake_output->x; + + expected_output_length = + mbedtls_test_driver_key_management_hooks.forced_output_length = fake_output->len; } else @@ -257,8 +276,8 @@ void export_key( int force_status_arg, expected_output_length = expected_output->len; } - test_driver_key_management_hooks.hits = 0; - test_driver_key_management_hooks.forced_status = force_status; + mbedtls_test_driver_key_management_hooks.hits = 0; + mbedtls_test_driver_key_management_hooks.forced_status = force_status; if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) ) actual_status = psa_export_public_key( handle, actual_output, sizeof(actual_output), &actual_output_length ); @@ -268,7 +287,7 @@ void export_key( int force_status_arg, if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) && !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( input_key_type ) ) - TEST_EQUAL( test_driver_key_management_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); if( actual_status == PSA_SUCCESS ) { @@ -279,7 +298,8 @@ exit: psa_reset_key_attributes( &attributes ); psa_destroy_key( handle ); PSA_DONE( ); - test_driver_key_management_hooks = test_driver_key_management_hooks_init(); + mbedtls_test_driver_key_management_hooks = + mbedtls_test_driver_key_management_hooks_init(); } /* END_CASE */ @@ -303,8 +323,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); - test_driver_cipher_hooks.forced_status = force_status; + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks.forced_status = force_status; PSA_ASSERT( psa_crypto_init( ) ); @@ -316,12 +336,12 @@ void cipher_encrypt( int alg_arg, int key_type_arg, &key ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); @@ -329,21 +349,21 @@ void cipher_encrypt( int alg_arg, int key_type_arg, if( mock_output_arg ) { - test_driver_cipher_hooks.forced_output = expected_output->x; - test_driver_cipher_hooks.forced_output_length = expected_output->len; + mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; + mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } PSA_ASSERT( psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; if( mock_output_arg ) { - test_driver_cipher_hooks.forced_output = NULL; - test_driver_cipher_hooks.forced_output_length = 0; + mbedtls_test_driver_cipher_hooks.forced_output = NULL; + mbedtls_test_driver_cipher_hooks.forced_output_length = 0; } total_output_length += function_output_length; @@ -352,8 +372,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg, output_buffer_size - total_output_length, &function_output_length ); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; total_output_length += function_output_length; @@ -362,7 +382,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg, { PSA_ASSERT( psa_cipher_abort( &operation ) ); // driver function should've been called as part of the finish() core routine - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); } @@ -372,7 +392,7 @@ exit: mbedtls_free( output ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ @@ -396,7 +416,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); PSA_ASSERT( psa_crypto_init( ) ); @@ -408,12 +428,12 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, &key ) ); PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); @@ -423,8 +443,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, output, output_buffer_size, &function_output_length ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; TEST_ASSERT( function_output_length == output1_length ); total_output_length += function_output_length; @@ -434,8 +454,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, output + total_output_length, output_buffer_size - total_output_length, &function_output_length ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; TEST_ASSERT( function_output_length == output2_length ); total_output_length += function_output_length; PSA_ASSERT( psa_cipher_finish( &operation, @@ -443,11 +463,11 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, output_buffer_size - total_output_length, &function_output_length ) ); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 2 ); - test_driver_cipher_hooks.hits = 0 ; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + mbedtls_test_driver_cipher_hooks.hits = 0 ; total_output_length += function_output_length; PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); @@ -457,7 +477,7 @@ exit: mbedtls_free( output ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ @@ -481,7 +501,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); PSA_ASSERT( psa_crypto_init( ) ); @@ -493,12 +513,12 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, &key ) ); PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); @@ -509,8 +529,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, input->x, first_part_size, output, output_buffer_size, &function_output_length ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; TEST_ASSERT( function_output_length == output1_length ); total_output_length += function_output_length; @@ -520,8 +540,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, output + total_output_length, output_buffer_size - total_output_length, &function_output_length ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; TEST_ASSERT( function_output_length == output2_length ); total_output_length += function_output_length; @@ -530,11 +550,11 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, output_buffer_size - total_output_length, &function_output_length ) ); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 2 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + mbedtls_test_driver_cipher_hooks.hits = 0; total_output_length += function_output_length; PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); @@ -544,7 +564,7 @@ exit: mbedtls_free( output ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ @@ -568,8 +588,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, size_t total_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); - test_driver_cipher_hooks.forced_status = force_status; + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks.forced_status = force_status; PSA_ASSERT( psa_crypto_init( ) ); @@ -581,12 +601,12 @@ void cipher_decrypt( int alg_arg, int key_type_arg, &key ) ); PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; output_buffer_size = ( (size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); @@ -594,21 +614,21 @@ void cipher_decrypt( int alg_arg, int key_type_arg, if( mock_output_arg ) { - test_driver_cipher_hooks.forced_output = expected_output->x; - test_driver_cipher_hooks.forced_output_length = expected_output->len; + mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; + mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } PSA_ASSERT( psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; if( mock_output_arg ) { - test_driver_cipher_hooks.forced_output = NULL; - test_driver_cipher_hooks.forced_output_length = 0; + mbedtls_test_driver_cipher_hooks.forced_output = NULL; + mbedtls_test_driver_cipher_hooks.forced_output_length = 0; } total_output_length += function_output_length; @@ -617,8 +637,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg, output_buffer_size - total_output_length, &function_output_length ); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); + mbedtls_test_driver_cipher_hooks.hits = 0; total_output_length += function_output_length; TEST_EQUAL( status, expected_status ); @@ -626,7 +646,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg, if( expected_status == PSA_SUCCESS ) { PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); ASSERT_COMPARE( expected_output->x, expected_output->len, output, total_output_length ); } @@ -636,7 +656,7 @@ exit: mbedtls_free( output ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ @@ -654,7 +674,7 @@ void cipher_entry_points( int alg_arg, int key_type_arg, size_t function_output_length = 0; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); ASSERT_ALLOC( output, input->len + 16 ); output_buffer_size = input->len + 16; @@ -669,136 +689,136 @@ void cipher_entry_points( int alg_arg, int key_type_arg, &key ) ); /* Test setup call, encrypt */ - test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; status = psa_cipher_encrypt_setup( &operation, key, alg ); /* When setup fails, it shouldn't call any further entry points */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_set_iv( &operation, iv->x, iv->len ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); /* Test setup call failure, decrypt */ status = psa_cipher_decrypt_setup( &operation, key, alg ); /* When setup fails, it shouldn't call any further entry points */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_set_iv( &operation, iv->x, iv->len ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); /* Test IV setting failure */ - test_driver_cipher_hooks.forced_status = PSA_SUCCESS; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; - test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; status = psa_cipher_set_iv( &operation, iv->x, iv->len ); /* When setting the IV fails, it should call abort too */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); /* Failure should prevent further operations from executing on the driver */ - test_driver_cipher_hooks.hits = 0; + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); psa_cipher_abort( &operation ); /* Test IV generation failure */ - test_driver_cipher_hooks.forced_status = PSA_SUCCESS; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; - test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; status = psa_cipher_generate_iv( &operation, output, 16, &function_output_length ); /* When generating the IV fails, it should call abort too */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); /* Failure should prevent further operations from executing on the driver */ - test_driver_cipher_hooks.hits = 0; + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); psa_cipher_abort( &operation ); /* Test update failure */ - test_driver_cipher_hooks.forced_status = PSA_SUCCESS; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_set_iv( &operation, iv->x, iv->len ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; - test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; status = psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ); /* When the update call fails, it should call abort too */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); /* Failure should prevent further operations from executing on the driver */ - test_driver_cipher_hooks.hits = 0; + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); psa_cipher_abort( &operation ); /* Test finish failure */ - test_driver_cipher_hooks.forced_status = PSA_SUCCESS; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_set_iv( &operation, iv->x, iv->len ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); - test_driver_cipher_hooks.hits = 0; + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + mbedtls_test_driver_cipher_hooks.hits = 0; - test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; status = psa_cipher_finish( &operation, output + function_output_length, output_buffer_size - function_output_length, &function_output_length ); /* When the finish call fails, it should call abort too */ - TEST_EQUAL( test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, test_driver_cipher_hooks.forced_status ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); /* Failure should prevent further operations from executing on the driver */ - test_driver_cipher_hooks.hits = 0; + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_update( &operation, input->x, input->len, output, output_buffer_size, &function_output_length ); TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_cipher_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); psa_cipher_abort( &operation ); exit: @@ -806,7 +826,7 @@ exit: mbedtls_free( output ); psa_destroy_key( key ); PSA_DONE( ); - test_driver_cipher_hooks = test_driver_cipher_hooks_init(); + mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ @@ -829,7 +849,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data, size_t output_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; - test_driver_aead_hooks = test_driver_aead_hooks_init(); + mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); PSA_ASSERT( psa_crypto_init( ) ); @@ -852,15 +872,15 @@ void aead_encrypt( int key_type_arg, data_t *key_data, PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); ASSERT_ALLOC( output_data, output_size ); - test_driver_aead_hooks.forced_status = forced_status; + mbedtls_test_driver_aead_hooks.forced_status = forced_status; status = psa_aead_encrypt( key, alg, nonce->x, nonce->len, additional_data->x, additional_data->len, input_data->x, input_data->len, output_data, output_size, &output_length ); - TEST_EQUAL( test_driver_aead_hooks.hits, 1 ); - TEST_EQUAL( test_driver_aead_hooks.driver_status, forced_status ); + TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status ); TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ? PSA_SUCCESS : forced_status ); @@ -875,7 +895,7 @@ exit: psa_destroy_key( key ); mbedtls_free( output_data ); PSA_DONE( ); - test_driver_aead_hooks = test_driver_aead_hooks_init(); + mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); } /* END_CASE */ @@ -898,7 +918,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, size_t output_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; - test_driver_aead_hooks = test_driver_aead_hooks_init(); + mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); PSA_ASSERT( psa_crypto_init( ) ); @@ -915,7 +935,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data, alg ); ASSERT_ALLOC( output_data, output_size ); - test_driver_aead_hooks.forced_status = forced_status; + mbedtls_test_driver_aead_hooks.forced_status = forced_status; status = psa_aead_decrypt( key, alg, nonce->x, nonce->len, additional_data->x, @@ -923,8 +943,8 @@ void aead_decrypt( int key_type_arg, data_t *key_data, input_data->x, input_data->len, output_data, output_size, &output_length ); - TEST_EQUAL( test_driver_aead_hooks.hits, 1 ); - TEST_EQUAL( test_driver_aead_hooks.driver_status, forced_status ); + TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status ); TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ? PSA_SUCCESS : forced_status ); @@ -939,7 +959,7 @@ exit: psa_destroy_key( key ); mbedtls_free( output_data ); PSA_DONE( ); - test_driver_aead_hooks = test_driver_aead_hooks_init(); + mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); } /* END_CASE */ @@ -1059,8 +1079,8 @@ void hash_compute( int alg_arg, unsigned char *output = NULL; size_t output_length; - test_driver_hash_hooks = test_driver_hash_hooks_init(); - test_driver_hash_hooks.forced_status = forced_status; + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + mbedtls_test_driver_hash_hooks.forced_status = forced_status; PSA_ASSERT( psa_crypto_init( ) ); ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); @@ -1068,8 +1088,8 @@ void hash_compute( int alg_arg, TEST_EQUAL( psa_hash_compute( alg, input->x, input->len, output, PSA_HASH_LENGTH( alg ), &output_length ), expected_status ); - TEST_EQUAL( test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); if( expected_status == PSA_SUCCESS ) { @@ -1079,7 +1099,7 @@ void hash_compute( int alg_arg, exit: mbedtls_free( output ); PSA_DONE( ); - test_driver_hash_hooks = test_driver_hash_hooks_init(); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ @@ -1096,7 +1116,7 @@ void hash_multipart( int alg_arg, psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; size_t output_length; - test_driver_hash_hooks = test_driver_hash_hooks_init(); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -1104,24 +1124,24 @@ void hash_multipart( int alg_arg, /* * Case 1: Force the driver return status for setup. */ - test_driver_hash_hooks.forced_status = forced_status; + mbedtls_test_driver_hash_hooks.forced_status = forced_status; TEST_EQUAL( psa_hash_setup( &operation, alg ), expected_status ); - TEST_EQUAL( test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); if( expected_status == PSA_SUCCESS ) { PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); - TEST_EQUAL( test_driver_hash_hooks.hits, + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 2 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); PSA_ASSERT( psa_hash_finish( &operation, output, PSA_HASH_LENGTH( alg ), &output_length ) ); - TEST_EQUAL( test_driver_hash_hooks.hits, + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 4 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); ASSERT_COMPARE( output, output_length, hash->x, hash->len ); } @@ -1129,25 +1149,25 @@ void hash_multipart( int alg_arg, /* * Case 2: Force the driver return status for update. */ - test_driver_hash_hooks = test_driver_hash_hooks_init(); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); - test_driver_hash_hooks.forced_status = forced_status; + mbedtls_test_driver_hash_hooks.forced_status = forced_status; TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), forced_status ); - TEST_EQUAL( test_driver_hash_hooks.hits, + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, forced_status != PSA_SUCCESS ? 3 : 2 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); if( forced_status == PSA_SUCCESS ) { PSA_ASSERT( psa_hash_finish( &operation, output, PSA_HASH_LENGTH( alg ), &output_length ) ); - TEST_EQUAL( test_driver_hash_hooks.hits, 4 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 4 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); ASSERT_COMPARE( output, output_length, hash->x, hash->len ); } @@ -1155,21 +1175,21 @@ void hash_multipart( int alg_arg, /* * Case 3: Force the driver return status for finish. */ - test_driver_hash_hooks = test_driver_hash_hooks_init(); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); - TEST_EQUAL( test_driver_hash_hooks.hits, 2 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); - test_driver_hash_hooks.forced_status = forced_status; + mbedtls_test_driver_hash_hooks.forced_status = forced_status; TEST_EQUAL( psa_hash_finish( &operation, output, PSA_HASH_LENGTH( alg ), &output_length ), forced_status ); - TEST_EQUAL( test_driver_hash_hooks.hits, 4 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 4 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); if( forced_status == PSA_SUCCESS ) { @@ -1180,7 +1200,7 @@ exit: psa_hash_abort( &operation ); mbedtls_free( output ); PSA_DONE( ); - test_driver_hash_hooks = test_driver_hash_hooks_init(); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ @@ -1196,7 +1216,7 @@ void hash_clone( int alg_arg, psa_hash_operation_t target_operation = PSA_HASH_OPERATION_INIT; size_t output_length; - test_driver_hash_hooks = test_driver_hash_hooks_init(); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); PSA_ASSERT( psa_crypto_init( ) ); @@ -1206,32 +1226,32 @@ void hash_clone( int alg_arg, */ TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), PSA_ERROR_BAD_STATE ); - TEST_EQUAL( test_driver_hash_hooks.hits, 0 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); PSA_ASSERT( psa_hash_setup( &source_operation, alg ) ); - TEST_EQUAL( test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); - test_driver_hash_hooks.forced_status = forced_status; + mbedtls_test_driver_hash_hooks.forced_status = forced_status; TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), forced_status ); - TEST_EQUAL( test_driver_hash_hooks.hits, + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, forced_status == PSA_SUCCESS ? 2 : 3 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); if( forced_status == PSA_SUCCESS ) { - test_driver_hash_hooks = test_driver_hash_hooks_init(); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); PSA_ASSERT( psa_hash_update( &target_operation, input->x, input->len ) ); - TEST_EQUAL( test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); PSA_ASSERT( psa_hash_finish( &target_operation, output, PSA_HASH_LENGTH( alg ), &output_length ) ); - TEST_EQUAL( test_driver_hash_hooks.hits, 3 ); - TEST_EQUAL( test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 3 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); ASSERT_COMPARE( output, output_length, hash->x, hash->len ); } @@ -1241,6 +1261,6 @@ exit: psa_hash_abort( &target_operation ); mbedtls_free( output ); PSA_DONE( ); - test_driver_hash_hooks = test_driver_hash_hooks_init(); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index dd36da7ec..8cc1dbf44 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -234,9 +234,9 @@ + - @@ -375,6 +375,8 @@ + + From 4607c829d00de9b1135b3758b09b2c467cd18ac3 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 14 Apr 2021 10:55:34 +0200 Subject: [PATCH 135/160] tests: psa: Simplify key buffer size calculation Move the key buffer size calculation code under tests to avoid check-names.sh to complain about "likely macros with typos". This removes the calculation of key buffer sizes for the test driver from the wrapper based on static size data. But the code is still there in test code to be used when we go back to work on the generation of the driver wrapper. Signed-off-by: Ronald Cron --- library/psa_crypto_driver_wrappers.c | 32 +------------ tests/include/test/drivers/size.h | 59 ----------------------- tests/src/drivers/test_driver_size.c | 71 +++++++++++++++++++++++++--- 3 files changed, 67 insertions(+), 95 deletions(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index d1ec001e6..d6e9e148f 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -268,37 +268,9 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size( return( PSA_SUCCESS ); } #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ -#ifdef MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION *key_buffer_size = mbedtls_test_size_function( key_type, key_bits ); - return( PSA_SUCCESS ); -#else /* MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */ - if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) ) - { - int public_key_overhead = - ( ( MBEDTLS_TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) - ? PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) : 0 ); - *key_buffer_size = MBEDTLS_TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + - MBEDTLS_TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE + - public_key_overhead; - } - else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( key_type ) ) - { - *key_buffer_size = MBEDTLS_TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + - MBEDTLS_TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE; - } - else if ( !PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) && - !PSA_KEY_TYPE_IS_PUBLIC_KEY ( key_type ) ) - { - *key_buffer_size = MBEDTLS_TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + - ( MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR * - ( ( key_bits + 7 ) / 8 ) ); - } - else - { - return( PSA_ERROR_NOT_SUPPORTED ); - } - return( PSA_SUCCESS ); -#endif /* MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */ + return( ( *key_buffer_size != 0 ) ? + PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED ); #endif /* PSA_CRYPTO_DRIVER_TEST */ default: diff --git a/tests/include/test/drivers/size.h b/tests/include/test/drivers/size.h index 577e17b8d..b2665bdda 100644 --- a/tests/include/test/drivers/size.h +++ b/tests/include/test/drivers/size.h @@ -29,68 +29,9 @@ #if defined(PSA_CRYPTO_DRIVER_TEST) #include -typedef struct { - unsigned int context; -} mbedtls_test_driver_key_context_t; - -/** \def MBEDTLS_TEST_DRIVER_KEY_CONTEXT_BASE_SIZE - * - * This macro returns the base size for the key context. It is the size of the - * driver specific information stored in each key context. - */ -#define MBEDTLS_TEST_DRIVER_KEY_CONTEXT_BASE_SIZE \ - sizeof( mbedtls_test_driver_key_context_t ) - -/** \def MBEDTLS_TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE - * - * Number of bytes included in every key context for a key pair. - * - * This pair size is for an ECC 256-bit private/public key pair. - * Based on this value, the size of the private key can be derived by - * subtracting the public key size below from this one. - */ - -#define MBEDTLS_TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE 65 - -/** \def MBEDTLS_TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE - * - * Number of bytes included in every key context for a public key. - * - * For ECC public keys, it needs 257 bits so 33 bytes. - */ -#define MBEDTLS_TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE 33 - -/** \def MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR - * - * Every key context for a symmetric key includes this many times the key size. - */ -#define MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR 0 - -/** \def MBEDTLS_TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY - * - * If this is true for a key pair, the key context includes space for the public key. - * If this is false, no additional space is added for the public key. - * - * For this instance, store the public key with the private one. - */ -#define MBEDTLS_TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY 1 - -/** \def MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION - * - * If MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION is defined, the test driver - * provides a size_function entry point, otherwise, it does not. - * - * Some opaque drivers have the need to support a custom size for the storage - * of key and context information. The size_function provides the ability to - * provide that customization. - */ -//#define MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION - -#ifdef MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION size_t mbedtls_test_size_function( const psa_key_type_t key_type, const size_t key_bits ); -#endif /* MBEDTLS_TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION */ #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_SIZE_H */ diff --git a/tests/src/drivers/test_driver_size.c b/tests/src/drivers/test_driver_size.c index fd10209d2..d8bcaee38 100644 --- a/tests/src/drivers/test_driver_size.c +++ b/tests/src/drivers/test_driver_size.c @@ -27,16 +27,75 @@ #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) #include "test/drivers/size.h" +#include "psa/crypto.h" + +typedef struct { + unsigned int context; +} test_driver_key_context_t; + +/* + * This macro returns the base size for the key context. It is the size of the + * driver specific information stored in each key context. + */ +#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE sizeof( test_driver_key_context_t ) + +/* + * Number of bytes included in every key context for a key pair. + * + * This pair size is for an ECC 256-bit private/public key pair. + * Based on this value, the size of the private key can be derived by + * subtracting the public key size below from this one. + */ +#define TEST_DRIVER_KEY_CONTEXT_KEY_PAIR_SIZE 65 + +/* + * Number of bytes included in every key context for a public key. + * + * For ECC public keys, it needs 257 bits so 33 bytes. + */ +#define TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE 33 + +/* + * Every key context for a symmetric key includes this many times the key size. + */ +#define TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR 0 + +/* + * If this is true for a key pair, the key context includes space for the public key. + * If this is false, no additional space is added for the public key. + * + * For this instance, store the public key with the private one. + */ +#define TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY 1 -#ifdef MBEDTLS_TEST_KEY_CONTEXT_SIZE_FUNCTION size_t mbedtls_test_size_function( const psa_key_type_t key_type, const size_t key_bits ) { - (void) key_type; - (void) key_bits; - return 0; -} -#endif /*MBEDTLS_TEST_KEY_CONTEXT_SIZE_FUNCTION */ + size_t key_buffer_size = 0; + if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) ) + { + int public_key_overhead = + ( ( TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) + ? PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) : 0 ); + key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE + + public_key_overhead; + } + else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( key_type ) ) + { + key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE; + } + else if ( !PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) && + !PSA_KEY_TYPE_IS_PUBLIC_KEY ( key_type ) ) + { + key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + + ( TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR * + ( ( key_bits + 7 ) / 8 ) ); + } + + return( key_buffer_size ); +} #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ From 63281332b0084e30b654ba2ce445831ee4fd69a9 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 30 Apr 2021 16:56:51 +0200 Subject: [PATCH 136/160] tests: Fix test arguments separator Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto_driver_wrappers.data | 4 ++-- tests/suites/test_suite_ssl.data | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 64e6023cb..20b4af8ff 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -282,7 +282,7 @@ hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e994148 Hash compute: SHA-256, INSUFFICIENT_MEMORY depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256 -hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY::PSA_ERROR_INSUFFICIENT_MEMORY +hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY Hash multi-part: SHA-256, computed by the driver depends_on:PSA_WANT_ALG_SHA_256 @@ -298,7 +298,7 @@ hash_multipart:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e9941 Hash multi-part: SHA-256, INSUFFICIENT_MEMORY depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256 -hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY::PSA_ERROR_INSUFFICIENT_MEMORY +hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY Hash clone: SHA-256, clone successful depends_on:PSA_WANT_ALG_SHA_256 diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index e59c9055f..44279d9be 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -9219,7 +9219,7 @@ ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb4191 SSL TLS 1.3 Key schedule: Derive-Secret( ., "c hs traffic", hash) # Vector from RFC 8448 -ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03"::32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f" +ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f" SSL TLS 1.3 Key schedule: Derive-Secret( ., "s hs traffic", hash) # Vector from RFC 8448 From ce1d8d2c4ed4e5f11384374b5bd49327a590583e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 30 Apr 2021 17:00:34 +0200 Subject: [PATCH 137/160] tests: Revert test_driver.h name change Signed-off-by: Ronald Cron --- library/psa_crypto_driver_wrappers.c | 2 +- .../test/drivers/{mbedtls_test_driver.h => test_driver.h} | 0 tests/src/drivers/platform_builtin_keys.c | 2 +- tests/suites/test_suite_psa_crypto_driver_wrappers.function | 2 +- visualc/VS2010/mbedTLS.vcxproj | 3 +-- 5 files changed, 4 insertions(+), 5 deletions(-) rename tests/include/test/drivers/{mbedtls_test_driver.h => test_driver.h} (100%) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index d6e9e148f..9bef02cd0 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -37,7 +37,7 @@ #ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT #define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT #endif -#include "test/drivers/mbedtls_test_driver.h" +#include "test/drivers/test_driver.h" #endif /* PSA_CRYPTO_DRIVER_TEST */ /* Repeat above block for each JSON-declared driver during autogeneration */ diff --git a/tests/include/test/drivers/mbedtls_test_driver.h b/tests/include/test/drivers/test_driver.h similarity index 100% rename from tests/include/test/drivers/mbedtls_test_driver.h rename to tests/include/test/drivers/test_driver.h diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c index 57d040a78..759fa7830 100644 --- a/tests/src/drivers/platform_builtin_keys.c +++ b/tests/src/drivers/platform_builtin_keys.c @@ -24,7 +24,7 @@ #include #if defined(PSA_CRYPTO_DRIVER_TEST) -#include +#include #endif typedef struct diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 3c48b06ac..ce27a8b0e 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include "test/drivers/mbedtls_test_driver.h" +#include "test/drivers/test_driver.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 8cc1dbf44..c3e1d026a 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -234,9 +234,9 @@ - + @@ -376,7 +376,6 @@ - From eba3c871001bdc74be95f2b9f5fa9f25f853652c Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 26 Apr 2021 16:11:37 +0200 Subject: [PATCH 138/160] tests: driver wrappers: Fix hash tests dependencies Take into account that the test driver may not support hash operations. Signed-off-by: Ronald Cron --- .../suites/test_suite_psa_crypto_driver_wrappers.data | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 20b4af8ff..0e62d18b4 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -269,7 +269,7 @@ PSA opaque driver builtin pubkey export: not a public key builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_ERROR_INVALID_ARGUMENT Hash compute: SHA-256, computed by the driver -depends_on:PSA_WANT_ALG_SHA_256 +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS Hash compute: SHA-256, fallback @@ -281,11 +281,10 @@ depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256 hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED Hash compute: SHA-256, INSUFFICIENT_MEMORY -depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256 hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY Hash multi-part: SHA-256, computed by the driver -depends_on:PSA_WANT_ALG_SHA_256 +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 hash_multipart:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS Hash multi-part: SHA-256, fallback @@ -297,13 +296,12 @@ depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256 hash_multipart:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED Hash multi-part: SHA-256, INSUFFICIENT_MEMORY -depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256 hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY Hash clone: SHA-256, clone successful -depends_on:PSA_WANT_ALG_SHA_256 +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS Hash clone: SHA-256, clone failure -depends_on:PSA_WANT_ALG_SHA_256 +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED From 6e12b7b50c23e9bdd7eee236997ed3a01535b330 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 1 May 2021 14:38:42 +0200 Subject: [PATCH 139/160] tests: driver wrappers: Specialize hash multi-part test on setup only Signed-off-by: Ronald Cron --- ...test_suite_psa_crypto_driver_wrappers.data | 16 ++--- ..._suite_psa_crypto_driver_wrappers.function | 61 ++----------------- 2 files changed, 12 insertions(+), 65 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 0e62d18b4..cc892de82 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -283,20 +283,20 @@ hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e994148 Hash compute: SHA-256, INSUFFICIENT_MEMORY hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY -Hash multi-part: SHA-256, computed by the driver +Hash multi-part setup: SHA-256, computed by the driver depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 -hash_multipart:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS +hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS:PSA_SUCCESS -Hash multi-part: SHA-256, fallback +Hash multi-part setup: SHA-256, fallback depends_on:MBEDTLS_PSA_BUILTIN_ALG_SHA_256 -hash_multipart:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS +hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS -Hash multi-part: SHA-256, no fallback +Hash multi-part setup: SHA-256, no fallback depends_on:!MBEDTLS_PSA_BUILTIN_ALG_SHA_256 -hash_multipart:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED +hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED -Hash multi-part: SHA-256, INSUFFICIENT_MEMORY -hash_compute:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY +Hash multi-part setup: SHA-256, INSUFFICIENT_MEMORY +hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY Hash clone: SHA-256, clone successful depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index ce27a8b0e..735fcbbfd 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1104,10 +1104,10 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void hash_multipart( int alg_arg, - data_t *input, data_t *hash, - int forced_status_arg, - int expected_status_arg ) +void hash_multipart_setup( int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg, + int expected_status_arg ) { psa_algorithm_t alg = alg_arg; psa_status_t forced_status = forced_status_arg; @@ -1121,9 +1121,6 @@ void hash_multipart( int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); - /* - * Case 1: Force the driver return status for setup. - */ mbedtls_test_driver_hash_hooks.forced_status = forced_status; TEST_EQUAL( psa_hash_setup( &operation, alg ), expected_status ); TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); @@ -1146,56 +1143,6 @@ void hash_multipart( int alg_arg, ASSERT_COMPARE( output, output_length, hash->x, hash->len ); } - /* - * Case 2: Force the driver return status for update. - */ - mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); - - mbedtls_test_driver_hash_hooks.forced_status = forced_status; - TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), - forced_status ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, - forced_status != PSA_SUCCESS ? 3 : 2 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); - - if( forced_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_hash_finish( &operation, - output, PSA_HASH_LENGTH( alg ), - &output_length ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 4 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); - - ASSERT_COMPARE( output, output_length, hash->x, hash->len ); - } - - /* - * Case 3: Force the driver return status for finish. - */ - mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); - - PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); - - mbedtls_test_driver_hash_hooks.forced_status = forced_status; - TEST_EQUAL( psa_hash_finish( &operation, - output, PSA_HASH_LENGTH( alg ), - &output_length ), forced_status ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 4 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); - - if( forced_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( output, output_length, hash->x, hash->len ); - } - exit: psa_hash_abort( &operation ); mbedtls_free( output ); From 1fb49e6ee720bf1b5a56e300a72fd6b11be66865 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 1 May 2021 14:52:54 +0200 Subject: [PATCH 140/160] tests: driver wrappers: Add hash update tests Signed-off-by: Ronald Cron --- ...test_suite_psa_crypto_driver_wrappers.data | 8 +++ ..._suite_psa_crypto_driver_wrappers.function | 56 +++++++++++++++++++ 2 files changed, 64 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index cc892de82..17e7b03c1 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -298,6 +298,14 @@ hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e Hash multi-part setup: SHA-256, INSUFFICIENT_MEMORY hash_multipart_setup:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY +Hash multi-part update: SHA-256, update successful +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 +hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS + +Hash multi-part update: SHA-256, update failure +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 +hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED + Hash clone: SHA-256, clone successful depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 735fcbbfd..d96078ded 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1151,6 +1151,62 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hash_multipart_update( int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_status_t forced_status = forced_status_arg; + unsigned char *output = NULL; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + size_t output_length; + + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* + * Update none active operation, the driver shouldn't be called. + */ + TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); + + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + mbedtls_test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), + forced_status ); + /* One or two more calls to the driver interface: update or update + abort */ + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_SUCCESS ? 2 : 3 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + + if( forced_status == PSA_SUCCESS ) + { + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + PSA_ASSERT( psa_hash_finish( &operation, + output, PSA_HASH_LENGTH( alg ), + &output_length ) ); + /* Two calls to the driver interface: update + abort */ + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + } + +exit: + psa_hash_abort( &operation ); + mbedtls_free( output ); + PSA_DONE( ); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_clone( int alg_arg, data_t *input, data_t *hash, From 3e4d190b4a7dec4738389829b28200bc5fd32dd6 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Sat, 1 May 2021 15:02:51 +0200 Subject: [PATCH 141/160] tests: driver wrappers: Add hash finish tests Signed-off-by: Ronald Cron --- ...test_suite_psa_crypto_driver_wrappers.data | 8 +++ ..._suite_psa_crypto_driver_wrappers.function | 52 +++++++++++++++++++ 2 files changed, 60 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 17e7b03c1..5fbfac66a 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -306,6 +306,14 @@ Hash multi-part update: SHA-256, update failure depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED +Hash multi-part finish: SHA-256, finish successful +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 +hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS + +Hash multi-part finish: SHA-256, finish failure +depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 +hash_multipart_update:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_ERROR_NOT_SUPPORTED + Hash clone: SHA-256, clone successful depends_on:MBEDTLS_PSA_ACCEL_ALG_SHA_256 hash_clone:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803":PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index d96078ded..ec489b481 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1207,6 +1207,58 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hash_multipart_finish( int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg ) +{ + psa_algorithm_t alg = alg_arg; + psa_status_t forced_status = forced_status_arg; + unsigned char *output = NULL; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + size_t output_length; + + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + + PSA_ASSERT( psa_crypto_init( ) ); + + /* + * Finish none active operation, the driver shouldn't be called. + */ + TEST_EQUAL( psa_hash_finish( &operation, output, PSA_HASH_LENGTH( alg ), + &output_length ), + PSA_ERROR_BAD_STATE ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); + + PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + + mbedtls_test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL( psa_hash_finish( &operation, + output, PSA_HASH_LENGTH( alg ), + &output_length ), + forced_status ); + /* Two more calls to the driver interface: finish + abort */ + TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 4 ); + TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + + if( forced_status == PSA_SUCCESS ) + ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + +exit: + psa_hash_abort( &operation ); + mbedtls_free( output ); + PSA_DONE( ); + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_clone( int alg_arg, data_t *input, data_t *hash, From 759f551010986f70474785e0c3816eee387a494c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 23 Apr 2021 11:50:24 +0200 Subject: [PATCH 142/160] Add a missing ChangeLog entry MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Was missed in https://github.com/ARMmbed/mbedtls/pull/4324 Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/rm-ticket-lifetime-option | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 ChangeLog.d/rm-ticket-lifetime-option diff --git a/ChangeLog.d/rm-ticket-lifetime-option b/ChangeLog.d/rm-ticket-lifetime-option new file mode 100644 index 000000000..4851512f8 --- /dev/null +++ b/ChangeLog.d/rm-ticket-lifetime-option @@ -0,0 +1,5 @@ +Removals + * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES + compile-time option. This option has been inactive for a long time. + Please use the `lifetime` parameter of `mbedtls_ssl_ticket_setup()` + instead. From 89d4ab0999cbbc2c875dc63100fdd35a113d4394 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 23 Apr 2021 11:54:27 +0200 Subject: [PATCH 143/160] Add a "3.0 migration guide document" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For now the entries are in no particular order. Before the release we should have a final pass over this document and order them from most impactful to least impactful. We might even create sections, a table of contents, etc. In the meantime, each PR should add an entry about it changes. Signed-off-by: Manuel Pégourié-Gonnard --- docs/3.0-migration-guide.md | 210 ++++++++++++++++++++++++++++++++++++ 1 file changed, 210 insertions(+) create mode 100644 docs/3.0-migration-guide.md diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md new file mode 100644 index 000000000..ca4f57ed3 --- /dev/null +++ b/docs/3.0-migration-guide.md @@ -0,0 +1,210 @@ +Migrating from Mbed TLS 2.x to Mbed TLS 3.0 +=========================================== + +This guide details the steps required to migrate from Mbed TLS version 2.x to +Mbed TLS version 3.0 or greater. Unlike normal releases, Mbed TLS 3.0 breaks +compatibility with previous versions, so users (and alt implementors) might +need to change their own code in order to make it work with Mbed TLS 3.0. + +Here's the list of breaking changes; each entry should help you answer these +two questions: (1) am I affected? (2) if yes, what's my migration path? + +Some function parameters were made const +---------------------------------------- + +Various functions in the PK and ASN.1 modules had a `const` qualifier added to +some of their parameters. + +This normally doesn't affect your code, unless you use pointers to reference +those functions. In this case, you'll need to update the type of your pointers +in order to match the new signature. + +Deprecated functions were removed from hashing modules +------------------------------------------------------ + +Modules: MD2, MD4, MD5, SHA1, SHA256, SHA512, MD. + +- The functions `mbedtls_xxx_starts()`, `mbedtls_xxx_update()`, + `mbedtls_xxx_finish()` and `mbedtls_xxx()` were removed. Please use the +function with the same name with `_ret` appended and check the return value. +- The function `mbedtls_md_init_ctx()` was removed; please use + `mbedtls_md_setup()` instead. +- The functions `mbedtls_xxx_process()` were removed. You normally don't need + to call that from application code. However it you do (or it you want to +provide your own version of that function), please use +`mbedtls_internal_xxx_process()` instead, and check the return value. + +Deprecated error codes for hardware failures were removed +--------------------------------------------------------- + +- The macros `MBEDTLS_ERR_xxx_FEATURE_UNSUPPORTED` from various crypto modules + were removed; `MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED` is now used +instead. +- The macros `MBEDTLS_ERR_xxx_HW_ACCEL_FAILED` from various crypto modules + were removed; `MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED` is now used instead. + +Deprecated names for PSA constants and types were removed +--------------------------------------------------------- + +Some constants and types that were present in beta version of the PSA Crypto +API were removed from in version 1.0 of specification. Please switch to the new +names provided by the 1.0 specification instead. + +Internal / alt-focused headers were moved to a private location +---------------------------------------------------------------- + +This shouldn't affect users who took care not to include headers that +were documented as internal, despite being in the public include directory. + +If you're providing alt implementations of ECP or RSA, you'll need to add our +`library` directory to your include path when building your alt +implementations, and note that `ecp_internal.h` and `rsa_internal.h` have been +renamed to `ecp_alt.h` and `rsa_alt_helpers.h` respectively. + +If you're a library user and used to rely on having access to a structure or +function that's now in a private header, please reach out on the mailing list +and explain your need; we'll consider adding a new API in a future version. + +Remove the option to allow SHA-1 by default in certificates +----------------------------------------------------------- + +This does not affect users who use the default `config.h`, as this option was +already off by default. + +If you used to enable `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` in your +`config.h`, first please take a moment to consider whether you really still +want to accept certificates signed with SHA-1 as those are considered insecure +and no CA has issued them for a while. If you really need to allow SHA-1 in +certificates, please set up a custom profile as explained in the ChangeLog. + +Remove the certs module from the library +---------------------------------------- + +This should not affect production use of the library, as the certificates and +keys included there were never suitable for production use. + +However it might affect you if you relied on them for testing purposes. In +that case, please embed your own test certificates in your test code; now that +`certs.c` is out of the library there is no longer any stability guaranteed +and it may change in incompatible ways at any time. + +Remove the HAVEGE module +------------------------ + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects users who called the HAVEGE modules directly (not +recommended), or users who used it though the entropy module but had it as the +only source of entropy. If you're in that case, please declare OS or hardware +RNG interfaces with `mbedtls_entropy_add_source()` and/or use an entropy seed +file created securely during device provisioning. See + for more +information. + +Remove support for parsing SSLv2 ClientHello +-------------------------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects TLS servers that have clients who send a SSLv2 ClientHello. +These days clients are very unlikely to do that. If you have a client that +does, please try contacting them and encouraging them to upgrade their +software. + +Remove support for SSL 3.0 +-------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects TLS users who explicitly enabled `MBEDTLS_SSL_PROTO_SSL3` +and relied on that version in order to communicate with peers that are not up +to date. If one of your peers in in that case, please try contacting them and +encouraging them to upgrade their software. + +Remove support for compatibility with old Mbed TLS's truncated HMAC +------------------------------------------------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects TLS users enabled `MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT` and +used the Truncated HMAC extension to communicate with peers using old version +of Mbed TLS. Please consider using a CCM-8 ciphersuite instead of the +Truncated HMAC extension, or convicing your peer to upgrade their version of +Mbed TLS. + +Remove support for TLS record-level compression +----------------------------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This only affects TLS users who enabled `MBEDTLS_ZLIB_SUPPORT`. This will not +cause any failures however if you used to enable TLS record-level compression +you may find that your bandwidth usage increases without compression. There's +no general solution to this problem; application protocols might have their +own compression mechanisms and are in a better position than the TLS stack to +avoid variants of the CRIME and BREACH attacks. + +Remove support for TLS RC4-based ciphersuites +--------------------------------------------- + +This does not affect people who used the default `config.h` and the default +list of ciphersuites, as RC4-based ciehrsuites were already not negociated in +that case. + +Please switch to any of the modern, recommended ciphersuites (based on +AES-GCM, AES-CCM or ChachaPoly for example) and if your peer doesn't support +any, encourage them to upgrade their software. + +Remove support for TLS single-DES ciphersuites +---------------------------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +Please switch to any of the modern, recommended ciphersuites (based on +AES-GCM, AES-CCM or ChachaPoly for example) and if your peer doesn't support +any, encourage them to upgrade their software. + +Remove support for TLS record-level hardware acceleration +--------------------------------------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +This feature had been broken for a while so we doubt anyone still used it. +However if you did, please reach out on the mailing list and let us know about +your use case. + +Remove wrapper for libpkcs11-helper +----------------------------------- + +This doesn't affect people using the default configuration as it was already +disabled by default. + +If you used to rely on this module in order to store your private keys +securely, please have a look at the key management facilities provided by the +PSA crypto API. If you have a use case that's not covered yet by this API, +please reach out on the mailing list. + +Remove config option `MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME` +---------------------------------------------------------- + +This doesn't affect people using the default configuration. + +This option has been inactive for a long time. Please use the `lifetime` +parameter of `mbedtls_ssl_ticket_setup()` instead. + +Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0 +------------------------------------------------------------------- + +This only affects people who've been using Mbed TLS since before version 2.0 +and still relied on `compat-1.3.h` in their code. + +Please use the new names directly in your code; `scripts/rename.pl` (from any +of the 2.x releases - no longer included in 3.0) might help you do that. + From b2a1043a4c766a76149cf874a025c2e93d4be00f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 23 Apr 2021 11:59:00 +0200 Subject: [PATCH 144/160] Add a directory for 3.0 migration guide entries MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Similarly to ChangeLog.d, we want to avoid endless merge conflicts. Signed-off-by: Manuel Pégourié-Gonnard --- docs/3.0-migration-guide.d/00README | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 docs/3.0-migration-guide.d/00README diff --git a/docs/3.0-migration-guide.d/00README b/docs/3.0-migration-guide.d/00README new file mode 100644 index 000000000..0578eaa13 --- /dev/null +++ b/docs/3.0-migration-guide.d/00README @@ -0,0 +1,7 @@ +Please add your migration guide entries here. (This works similarly to +ChangeLog.d except merging will be done manually.) + +Each entry should help a user answer these questions: + +- am I affected? +- what's my migration path? From 2960b2e88cff4c1bf404768560c6934964c68dd3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 26 Apr 2021 09:57:36 +0200 Subject: [PATCH 145/160] Fix a few typos MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Gilles Peskine Signed-off-by: Manuel Pégourié-Gonnard --- docs/3.0-migration-guide.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index ca4f57ed3..ad5a0eef7 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -46,7 +46,7 @@ instead. Deprecated names for PSA constants and types were removed --------------------------------------------------------- -Some constants and types that were present in beta version of the PSA Crypto +Some constants and types that were present in beta versions of the PSA Crypto API were removed from in version 1.0 of specification. Please switch to the new names provided by the 1.0 specification instead. @@ -153,7 +153,7 @@ Remove support for TLS RC4-based ciphersuites --------------------------------------------- This does not affect people who used the default `config.h` and the default -list of ciphersuites, as RC4-based ciehrsuites were already not negociated in +list of ciphersuites, as RC4-based ciphersuites were already not negotiated in that case. Please switch to any of the modern, recommended ciphersuites (based on @@ -207,4 +207,3 @@ and still relied on `compat-1.3.h` in their code. Please use the new names directly in your code; `scripts/rename.pl` (from any of the 2.x releases - no longer included in 3.0) might help you do that. - From f5acfbac9987e62ecb775d782a7695ba03b2de55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 26 Apr 2021 09:57:40 +0200 Subject: [PATCH 146/160] Improve description of migration guide entries MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- docs/3.0-migration-guide.d/00README | 33 ++++++++++++++++++++++++----- 1 file changed, 28 insertions(+), 5 deletions(-) diff --git a/docs/3.0-migration-guide.d/00README b/docs/3.0-migration-guide.d/00README index 0578eaa13..dfcf248fa 100644 --- a/docs/3.0-migration-guide.d/00README +++ b/docs/3.0-migration-guide.d/00README @@ -1,7 +1,30 @@ -Please add your migration guide entries here. (This works similarly to -ChangeLog.d except merging will be done manually.) +Please add your migration guide entries here. Until 3.0 is released, each PR +that makes backwards-incompatible changes should add a file here, with the +extension .md, a descriptive name and the following format: -Each entry should help a user answer these questions: +---%<------%<------%<------%<------%<------%<------%<------%<--- -- am I affected? -- what's my migration path? +The Change That Was Made +------------------------ + +Who exactly is affected: does this affect users of the default config, of a +particular feature? Remember to contextualise. + +If I'm affected, what's my migration path? How should I change my code if this +is and API change; if a feature was removed what are my alternatives? + +Optional: Another Change That Was Made in the Same Pr +----------------------------------------------------- + +Who is affected? + +What's the migration path? + +---%<------%<------%<------%<------%<------%<------%<------%<--- + +For examples, have a look a docs/3.0-migration-guide.md (which includes the +top-level header and an intro before the list of entries). + +As part of release preparation, the entries in this directory will be appended +to docs/3.0-migration-guide.md and then re-ordered and reviewed one last time. +The file is then going to be moved to the version-independant docs repo. From 57e93e5296d890bdfe4ef8c2ff873fef6625c3d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 26 Apr 2021 09:59:47 +0200 Subject: [PATCH 147/160] Clarify a sentence MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- docs/3.0-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index ad5a0eef7..9bcaa0de0 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -196,7 +196,7 @@ Remove config option `MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME` This doesn't affect people using the default configuration. -This option has been inactive for a long time. Please use the `lifetime` +This option has not had any effect for a long time. Please use the `lifetime` parameter of `mbedtls_ssl_ticket_setup()` instead. Remove helpers for the transition from Mbed TLS 1.3 to Mbed TLS 2.0 From e756306dd663e7fa29cfbf4672b9779cc1ea4bb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 26 Apr 2021 10:08:29 +0200 Subject: [PATCH 148/160] Move some details from ChangeLog to migration guide MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog | 13 +++---------- docs/3.0-migration-guide.md | 15 ++++++++++++++- 2 files changed, 17 insertions(+), 11 deletions(-) diff --git a/ChangeLog b/ChangeLog index 3571910b6..8f952b76f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -49,16 +49,9 @@ Removals * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES compile-time option, which was off by default. Users should not trust certificates signed with SHA-1 due to the known attacks against SHA-1. - If needed, SHA-1 cerificate can still be used by providing custom - verification profile to mbedtls_x509_crt_verify_with_profile function - in x509_crt.h, or mbedtls_ssl_conf_cert_profile function in ssl.h. - Example of custom verification profile, supporting SHA-1: - const mbedtls_x509_crt_profile mbedtls_x509_crt_custom = { - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ), - 0xFFFFFFF, /* Any PK alg */ - 0xFFFFFFF, /* Any curve */ - 2048 - }; + If needed, SHA-1 cerificates can still be verified by using a custom + verification profile. + * Removed deprecated things in psa/crypto_compat.h. Fixes #4284 * Removed deprecated functions from hashing modules. Fixes #4280. * Remove PKCS#11 library wrapper. PKCS#11 has limited functionality, diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index 9bcaa0de0..b48754165 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -75,7 +75,20 @@ If you used to enable `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` in your `config.h`, first please take a moment to consider whether you really still want to accept certificates signed with SHA-1 as those are considered insecure and no CA has issued them for a while. If you really need to allow SHA-1 in -certificates, please set up a custom profile as explained in the ChangeLog. +certificates, please set up a custom profile as follows: + +``` +const mbedtls_x509_crt_profile mbedtls_x509_crt_custom = { + MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | + MBEDTLS_X509_ID_FLAG( /* other hash */ ) /* | etc */, + 0xFFFFFFF, /* Or specific PK algs */ + 0xFFFFFFF, /* Or specific curves */ + 2048 /* Or another RSA min bitlen */ +}; +``` +Then pass it to `mbedtls_x509_crt_verify_with_profile()` if you're verifying +a certificate chain directly, or to `mbedtls_ssl_conf_cert_profile()` if the +verification happens during a TLS handshake. Remove the certs module from the library ---------------------------------------- From 72f762b1daad25602818923470bb049f9576655c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 4 May 2021 11:24:49 +0200 Subject: [PATCH 149/160] Clarify 3.0-migration-guide.d/00README MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- docs/3.0-migration-guide.d/00README | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/docs/3.0-migration-guide.d/00README b/docs/3.0-migration-guide.d/00README index dfcf248fa..031259485 100644 --- a/docs/3.0-migration-guide.d/00README +++ b/docs/3.0-migration-guide.d/00README @@ -11,20 +11,17 @@ Who exactly is affected: does this affect users of the default config, of a particular feature? Remember to contextualise. If I'm affected, what's my migration path? How should I change my code if this -is and API change; if a feature was removed what are my alternatives? - -Optional: Another Change That Was Made in the Same Pr ------------------------------------------------------ - -Who is affected? - -What's the migration path? +is an API change; if a feature was removed what are my alternatives? ---%<------%<------%<------%<------%<------%<------%<------%<--- +PRs that make multiple independent changes should include one entry for each +changes or logical groups of changes. You can either add multiple files or put +multiple entries in the same file. + For examples, have a look a docs/3.0-migration-guide.md (which includes the top-level header and an intro before the list of entries). As part of release preparation, the entries in this directory will be appended to docs/3.0-migration-guide.md and then re-ordered and reviewed one last time. -The file is then going to be moved to the version-independant docs repo. +The file is then going to be moved to the version-independent docs repo. From 438ac27059682a05cb022ed632c311adbee35dad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 4 May 2021 13:06:34 +0200 Subject: [PATCH 150/160] Quit using title case for entry titles MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- docs/3.0-migration-guide.d/00README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.d/00README b/docs/3.0-migration-guide.d/00README index 031259485..a41733e47 100644 --- a/docs/3.0-migration-guide.d/00README +++ b/docs/3.0-migration-guide.d/00README @@ -4,7 +4,7 @@ extension .md, a descriptive name and the following format: ---%<------%<------%<------%<------%<------%<------%<------%<--- -The Change That Was Made +The change that was made ------------------------ Who exactly is affected: does this affect users of the default config, of a From d5d04962ef23b5df2fe08c3adb486f6f7902084f Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 30 Apr 2021 16:42:35 +0200 Subject: [PATCH 151/160] Add change log and migration guide Signed-off-by: Ronald Cron --- ChangeLog.d/remove-enable-weak-ciphersuites.txt | 2 ++ .../remove-enable-weak-ciphersuites.md | 12 ++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 ChangeLog.d/remove-enable-weak-ciphersuites.txt create mode 100644 docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md diff --git a/ChangeLog.d/remove-enable-weak-ciphersuites.txt b/ChangeLog.d/remove-enable-weak-ciphersuites.txt new file mode 100644 index 000000000..97f63ebb8 --- /dev/null +++ b/ChangeLog.d/remove-enable-weak-ciphersuites.txt @@ -0,0 +1,2 @@ +Removals + * Remove MBEDTLS_ENABLE_WEAK_CIPHERSUITES configuration option. Fixes #4416. diff --git a/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md b/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md new file mode 100644 index 000000000..c3c330623 --- /dev/null +++ b/docs/3.0-migration-guide.d/remove-enable-weak-ciphersuites.md @@ -0,0 +1,12 @@ +Remove the configuration to enable weak ciphersuites in SSL / TLS +----------------------------------------------------------------- + +This does not affect users who use the default `config.h`, as this option was +already off by default. + +If you were using a weak cipher, please switch to any of the modern, +recommended ciphersuites (based on AES-GCM, AES-CCM or ChachaPoly for example) +and if your peer doesn't support any, encourage them to upgrade their software. + +If you were using a ciphersuite without encryption, you just have to +enable MBEDTLS_CIPHER_NULL_CIPHER now. From 1153c3d4f3c5caafb2e3f72cab7c10c8abf54b6a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 4 May 2021 16:11:06 +0200 Subject: [PATCH 152/160] tests: driver wrappers: Improve test comments Signed-off-by: Ronald Cron --- tests/suites/test_suite_psa_crypto_driver_wrappers.function | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index ec489b481..a0b719ef6 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1168,7 +1168,7 @@ void hash_multipart_update( int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); /* - * Update none active operation, the driver shouldn't be called. + * Update inactive operation, the driver shouldn't be called. */ TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), PSA_ERROR_BAD_STATE ); @@ -1224,7 +1224,7 @@ void hash_multipart_finish( int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); /* - * Finish none active operation, the driver shouldn't be called. + * Finish inactive operation, the driver shouldn't be called. */ TEST_EQUAL( psa_hash_finish( &operation, output, PSA_HASH_LENGTH( alg ), &output_length ), @@ -1277,7 +1277,7 @@ void hash_clone( int alg_arg, PSA_ASSERT( psa_crypto_init( ) ); /* - * Clone none active operation, the driver shouldn't be called. + * Clone inactive operation, the driver shouldn't be called. */ TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), PSA_ERROR_BAD_STATE ); From 143b1e387bcfb109db60ded8c95103a0334ddc8f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 5 May 2021 09:46:01 +0200 Subject: [PATCH 153/160] Fix a number of typos MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard Co-authored-by: Ronald Cron --- ChangeLog | 2 +- docs/3.0-migration-guide.md | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8f952b76f..dc6e4515d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -49,7 +49,7 @@ Removals * Remove the MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES compile-time option, which was off by default. Users should not trust certificates signed with SHA-1 due to the known attacks against SHA-1. - If needed, SHA-1 cerificates can still be verified by using a custom + If needed, SHA-1 certificates can still be verified by using a custom verification profile. * Removed deprecated things in psa/crypto_compat.h. Fixes #4284 diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md index b48754165..2d031c6a4 100644 --- a/docs/3.0-migration-guide.md +++ b/docs/3.0-migration-guide.md @@ -30,7 +30,7 @@ function with the same name with `_ret` appended and check the return value. - The function `mbedtls_md_init_ctx()` was removed; please use `mbedtls_md_setup()` instead. - The functions `mbedtls_xxx_process()` were removed. You normally don't need - to call that from application code. However it you do (or it you want to + to call that from application code. However if you do (or if you want to provide your own version of that function), please use `mbedtls_internal_xxx_process()` instead, and check the return value. @@ -47,7 +47,7 @@ Deprecated names for PSA constants and types were removed --------------------------------------------------------- Some constants and types that were present in beta versions of the PSA Crypto -API were removed from in version 1.0 of specification. Please switch to the new +API were removed from version 1.0 of specification. Please switch to the new names provided by the 1.0 specification instead. Internal / alt-focused headers were moved to a private location @@ -108,7 +108,7 @@ This doesn't affect people using the default configuration as it was already disabled by default. This only affects users who called the HAVEGE modules directly (not -recommended), or users who used it though the entropy module but had it as the +recommended), or users who used it through the entropy module but had it as the only source of entropy. If you're in that case, please declare OS or hardware RNG interfaces with `mbedtls_entropy_add_source()` and/or use an entropy seed file created securely during device provisioning. See @@ -121,7 +121,7 @@ Remove support for parsing SSLv2 ClientHello This doesn't affect people using the default configuration as it was already disabled by default. -This only affects TLS servers that have clients who send a SSLv2 ClientHello. +This only affects TLS servers that have clients who send an SSLv2 ClientHello. These days clients are very unlikely to do that. If you have a client that does, please try contacting them and encouraging them to upgrade their software. @@ -134,7 +134,7 @@ disabled by default. This only affects TLS users who explicitly enabled `MBEDTLS_SSL_PROTO_SSL3` and relied on that version in order to communicate with peers that are not up -to date. If one of your peers in in that case, please try contacting them and +to date. If one of your peers is in that case, please try contacting them and encouraging them to upgrade their software. Remove support for compatibility with old Mbed TLS's truncated HMAC @@ -143,10 +143,10 @@ Remove support for compatibility with old Mbed TLS's truncated HMAC This doesn't affect people using the default configuration as it was already disabled by default. -This only affects TLS users enabled `MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT` and +This only affects TLS users who enabled `MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT` and used the Truncated HMAC extension to communicate with peers using old version of Mbed TLS. Please consider using a CCM-8 ciphersuite instead of the -Truncated HMAC extension, or convicing your peer to upgrade their version of +Truncated HMAC extension, or convincing your peer to upgrade their version of Mbed TLS. Remove support for TLS record-level compression From c1c479fbe9f0e7aac39e9b2d821e24580405156a Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 6 May 2021 00:53:22 +0200 Subject: [PATCH 154/160] Fllow-up of the review: ChangeLog expansion, mmigration guides added and comments fixed Signed-off-by: TRodziewicz --- ChangeLog.d/issue4282.txt | 13 +++- configs/config-psa-crypto.h | 6 -- ...move_deprecated_functions_and_constants.md | 64 +++++++++++++++++++ include/mbedtls/config.h | 10 +-- library/ecdsa.c | 4 +- tests/suites/test_suite_cipher.function | 5 -- 6 files changed, 80 insertions(+), 22 deletions(-) create mode 100644 docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md diff --git a/ChangeLog.d/issue4282.txt b/ChangeLog.d/issue4282.txt index 27d9a281a..685f64df4 100644 --- a/ChangeLog.d/issue4282.txt +++ b/ChangeLog.d/issue4282.txt @@ -1,2 +1,13 @@ Removals - * Remove deprecated functions and constants. Fix #4282 + * Remove the following deprecated functions and constants of hex-encoded + primes based on RFC 5114 and RFC 3526 from library code and tests: + mbedtls_aes_encrypt(), mbedtls_aes_decrypt(), mbedtls_mpi_is_prime(), + mbedtls_cipher_auth_encrypt(), mbedtls_cipher_auth_decrypt(), + mbedtls_ctr_drbg_update(), mbedtls_hmac_drbg_update(), + mbedtls_ecdsa_write_signature_det(), mbedtls_ecdsa_sign_det(), + mbedtls_ssl_conf_dh_param(), mbedtls_ssl_get_max_frag_len(), + MBEDTLS_DHM_RFC5114_MODP_2048_P, MBEDTLS_DHM_RFC5114_MODP_2048_G, + MBEDTLS_DHM_RFC3526_MODP_2048_P, MBEDTLS_DHM_RFC3526_MODP_2048_G, + MBEDTLS_DHM_RFC3526_MODP_3072_P, MBEDTLS_DHM_RFC3526_MODP_3072_G, + MBEDTLS_DHM_RFC3526_MODP_4096_P, MBEDTLS_DHM_RFC3526_MODP_4096_G. + Remove the deprecated file: include/mbedtls/net.h. Fixes #4282. diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 28292d42b..f6314ae1a 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -397,12 +397,6 @@ * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible * with this definition. * - * \note Because of a signature change, the core AES encryption and decryption routines are - * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, - * respectively. When setting up alternative implementations, these functions should - * be overridden, but the wrapper functions mbedtls_internal_aes_decrypt and - * mbedtls_internal_aes_encrypt must stay untouched. - * * \note If you use the AES_xxx_ALT macros, then is is recommended to also set * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES * tables. diff --git a/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md b/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md new file mode 100644 index 000000000..8791649de --- /dev/null +++ b/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md @@ -0,0 +1,64 @@ +Deprecated functions were removed from AES +------------------------------------------ + +The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were removed. +Please use `mbedtls_internal_aes_encrypt()` and `mbedtls_internal_aes_decrypt()` +respectively. + +Deprecated functions were removed from bignum +--------------------------------------------- + +The function `mbedtls_mpi_is_prime()` was removed. Please use +`mbedtls_mpi_is_prime_ext()` instead which additionally allows specifying the +number of Miller-Rabin rounds. + +Deprecated functions were removed from cipher +--------------------------------------------- + +The functions `mbedtls_cipher_auth_encrypt()` and +`mbedtls_cipher_auth_decrypt()` were removed. They were superseded by +`mbedtls_cipher_auth_encrypt_ext()` and `mbedtls_cipher_auth_decrypt_ext()` +respectively which additionally support key wrapping algorithms such as +NIST_KW. + +Deprecated functions were removed from DRBGs +-------------------------------------------- + +The functions `mbedtls_ctr_drbg_update()` and `mbedtls_hmac_drbg_update()` +were removed. They were superseded by `mbedtls_ctr_drbg_update_ret()` and +`mbedtls_hmac_drbg_update_ret()` respectively. + +Deprecated functions were removed from ECDSA +-------------------------------------------- + +The functions `mbedtls_ecdsa_write_signature_det()` and +`mbedtls_ecdsa_sign_det()` were removed. They were superseded by +`mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()` +respectively. + +Deprecated functions were removed from SSL +------------------------------------------ + +The functions `mbedtls_ssl_conf_dh_param()` and +`mbedtls_ssl_get_max_frag_len()` were removed. Please use +`mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` and +`mbedtls_ssl_get_output_max_frag_len()` instead. + + +Deprecated hex-encoded primes were removed from DHM +--------------------------------------------------- + +The macros `MBEDTLS_DHM_RFC5114_MODP_2048_P`, `MBEDTLS_DHM_RFC5114_MODP_2048_G`, +`MBEDTLS_DHM_RFC3526_MODP_2048_P`, `MBEDTLS_DHM_RFC3526_MODP_2048_G`, +`MBEDTLS_DHM_RFC3526_MODP_3072_P`, `MBEDTLS_DHM_RFC3526_MODP_3072_G`, +`MBEDTLS_DHM_RFC3526_MODP_4096_P `and `MBEDTLS_DHM_RFC3526_MODP_4096_G` were +removed. The hex-encoded primes from RFC 5114 are deprecated because their +derivation is not documented and therefore their usage constitutes a security +risk. They are removed from the library without replacement. + +Deprecated net.h file was removed +--------------------------------- + +The file `include/mbedtls/net.h` was removed because its only function was to +include `mbedtls/net_sockets.h` which now should be included directly. + diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 53497b31a..e2b6b70da 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -421,12 +421,6 @@ * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible * with this definition. * - * \note Because of a signature change, the core AES encryption and decryption routines are - * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, - * respectively. When setting up alternative implementations, these functions should - * be overridden, but the wrapper functions mbedtls_internal_aes_decrypt and - * mbedtls_internal_aes_encrypt must stay untouched. - * * \note If you use the AES_xxx_ALT macros, then is is recommended to also set * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES * tables. @@ -445,9 +439,7 @@ * alternative implementations should use the RNG only for generating * the ephemeral key and nothing else. If this is not possible, then * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative - * implementation should be provided for mbedtls_ecdsa_sign_det_ext() - * (and for mbedtls_ecdsa_sign_det_ext() too if backward compatibility - * is desirable). + * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). * */ //#define MBEDTLS_MD2_PROCESS_ALT diff --git a/library/ecdsa.c b/library/ecdsa.c index 630d5bdf3..18f4379c5 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -685,7 +685,9 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, ECDSA_VALIDATE_RET( hash != NULL ); ECDSA_VALIDATE_RET( sig != NULL ); ECDSA_VALIDATE_RET( slen != NULL ); - ECDSA_VALIDATE_RET( f_rng != NULL ); + + if( f_rng == NULL ) + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 463f58dc7..3d3f6a329 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -1008,11 +1008,6 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, * of AEAD decryption and AEAD encryption. Check that * this results in the expected plaintext, and that * decryption and encryption are inverse to one another. - * - * Do that twice: - * - once with legacy functions auth_decrypt/auth_encrypt - * - once with new functions auth_decrypt_ext/auth_encrypt_ext - * This allows testing both without duplicating test cases. */ int ret; From d9d035a5b5210d508fae487d1609207318e9714a Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 6 May 2021 11:53:06 +0200 Subject: [PATCH 155/160] Corrections of the migration guide from the code review. Signed-off-by: TRodziewicz --- ...move_deprecated_functions_and_constants.md | 32 ++++++++++++------- 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md b/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md index 8791649de..b18b3109d 100644 --- a/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md +++ b/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md @@ -1,9 +1,16 @@ Deprecated functions were removed from AES ------------------------------------------ -The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were removed. -Please use `mbedtls_internal_aes_encrypt()` and `mbedtls_internal_aes_decrypt()` -respectively. +The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were +removed. + +If you're simply using the AES module, you should be calling the higher-level +functions `mbedtls_aes_crypt_xxx()`. + +If you're providing an alternative implementation using +`MBEDTLS_AES_ENCRYPT_ALT` or `MBEDTLS_AES_DECRYPT_ALT`, you should be +replacing the removed functions with `mbedtls_internal_aes_encrypt()` and +`mbedtls_internal_aes_decrypt()` respectively. Deprecated functions were removed from bignum --------------------------------------------- @@ -20,7 +27,7 @@ The functions `mbedtls_cipher_auth_encrypt()` and `mbedtls_cipher_auth_encrypt_ext()` and `mbedtls_cipher_auth_decrypt_ext()` respectively which additionally support key wrapping algorithms such as NIST_KW. - + Deprecated functions were removed from DRBGs -------------------------------------------- @@ -39,11 +46,11 @@ respectively. Deprecated functions were removed from SSL ------------------------------------------ -The functions `mbedtls_ssl_conf_dh_param()` and -`mbedtls_ssl_get_max_frag_len()` were removed. Please use -`mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` and -`mbedtls_ssl_get_output_max_frag_len()` instead. +The function `mbedtls_ssl_conf_dh_param()` was removed. Please use +`mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` instead. +The function `mbedtls_ssl_get_max_frag_len()` was removed. Please use +`mbedtls_ssl_get_output_max_frag_len()` instead. Deprecated hex-encoded primes were removed from DHM --------------------------------------------------- @@ -52,13 +59,14 @@ The macros `MBEDTLS_DHM_RFC5114_MODP_2048_P`, `MBEDTLS_DHM_RFC5114_MODP_2048_G`, `MBEDTLS_DHM_RFC3526_MODP_2048_P`, `MBEDTLS_DHM_RFC3526_MODP_2048_G`, `MBEDTLS_DHM_RFC3526_MODP_3072_P`, `MBEDTLS_DHM_RFC3526_MODP_3072_G`, `MBEDTLS_DHM_RFC3526_MODP_4096_P `and `MBEDTLS_DHM_RFC3526_MODP_4096_G` were -removed. The hex-encoded primes from RFC 5114 are deprecated because their -derivation is not documented and therefore their usage constitutes a security -risk. They are removed from the library without replacement. +removed. The primes from RFC 5114 are deprecated because their derivation is not +documented and therefore their usage constitutes a security risk; they are fully +removed from the library. Please use parameters from RFC3526 (still in the +library, only in binary form) or RFC 7919 (also available in the library) or +other trusted sources instead. Deprecated net.h file was removed --------------------------------- The file `include/mbedtls/net.h` was removed because its only function was to include `mbedtls/net_sockets.h` which now should be included directly. - From 6c3fe31f6c41e6682b77833de4a29fa2a0265f5d Mon Sep 17 00:00:00 2001 From: Tomasz Rodziewicz <40165497+TRodziewicz@users.noreply.github.com> Date: Fri, 7 May 2021 09:46:32 +0200 Subject: [PATCH 156/160] Update config.h Warning for ECJPAKE_C was removed from config.h. --- include/mbedtls/config.h | 4 ---- 1 file changed, 4 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 650f862bf..1b0295e13 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2606,10 +2606,6 @@ * * Enable the elliptic curve J-PAKE library. * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. - * * Module: library/ecjpake.c * Caller: * From 1fc7c4c95e38356f61168803470d3e3b6ea356f6 Mon Sep 17 00:00:00 2001 From: Tomasz Rodziewicz <40165497+TRodziewicz@users.noreply.github.com> Date: Fri, 7 May 2021 10:13:31 +0200 Subject: [PATCH 157/160] Update config.h Correction to the ECJPAKE_C note in config.h --- include/mbedtls/config.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 1b0295e13..7656028e0 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2606,6 +2606,10 @@ * * Enable the elliptic curve J-PAKE library. * + * \note EC J-PAKE support is based on the Thread v1.0.0 specification. + * It has not been reviewed for compliance with newer standards such as + * Thread v1.1 or RFC 8236. + * * Module: library/ecjpake.c * Caller: * From 532ca93246e4bbf1a2c4fcabb35a91ada74e10a3 Mon Sep 17 00:00:00 2001 From: Tomasz Rodziewicz <40165497+TRodziewicz@users.noreply.github.com> Date: Fri, 7 May 2021 11:01:24 +0200 Subject: [PATCH 158/160] Trailing spaces removed from comments in config.h --- include/mbedtls/config.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 7656028e0..20c524c84 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -2606,8 +2606,8 @@ * * Enable the elliptic curve J-PAKE library. * - * \note EC J-PAKE support is based on the Thread v1.0.0 specification. - * It has not been reviewed for compliance with newer standards such as + * \note EC J-PAKE support is based on the Thread v1.0.0 specification. + * It has not been reviewed for compliance with newer standards such as * Thread v1.1 or RFC 8236. * * Module: library/ecjpake.c From 31017d318ffbdfe411e0bae64137ac33989cdb41 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 4 May 2021 13:07:17 +0200 Subject: [PATCH 159/160] Remove config-psa-crypto.h This configuration file was useful in the early days of PSA crypto development. It stopped becoming relevant when MBEDTLS_PSA_CRYPTO_C entered the default configuration. Remove it: better late than never. Signed-off-by: Gilles Peskine --- configs/config-psa-crypto.h | 3164 ----------------------------- tests/scripts/test-ref-configs.pl | 2 - 2 files changed, 3166 deletions(-) delete mode 100644 configs/config-psa-crypto.h diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h deleted file mode 100644 index 74772111b..000000000 --- a/configs/config-psa-crypto.h +++ /dev/null @@ -1,3164 +0,0 @@ -/** - * \file config.h - * - * \brief Configuration options (set of defines) - * - * This set of compile-time options may be used to enable - * or disable features selectively, and reduce the global - * memory footprint. - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - -#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) -#define _CRT_SECURE_NO_DEPRECATE 1 -#endif - -/** - * \name SECTION: System support - * - * This section sets system specific settings. - * \{ - */ - -/** - * \def MBEDTLS_HAVE_ASM - * - * The compiler has support for asm(). - * - * Requires support for asm() in compiler. - * - * Used in: - * library/aria.c - * library/timing.c - * library/bn_mul.h - * - * Required by: - * MBEDTLS_AESNI_C - * MBEDTLS_PADLOCK_C - * - * Comment to disable the use of assembly code. - */ -#define MBEDTLS_HAVE_ASM - -/** - * \def MBEDTLS_NO_UDBL_DIVISION - * - * The platform lacks support for double-width integer division (64-bit - * division on a 32-bit platform, 128-bit division on a 64-bit platform). - * - * Used in: - * include/mbedtls/bignum.h - * library/bignum.c - * - * The bignum code uses double-width division to speed up some operations. - * Double-width division is often implemented in software that needs to - * be linked with the program. The presence of a double-width integer - * type is usually detected automatically through preprocessor macros, - * but the automatic detection cannot know whether the code needs to - * and can be linked with an implementation of division for that type. - * By default division is assumed to be usable if the type is present. - * Uncomment this option to prevent the use of double-width division. - * - * Note that division for the native integer type is always required. - * Furthermore, a 64-bit type is always required even on a 32-bit - * platform, but it need not support multiplication or division. In some - * cases it is also desirable to disable some double-width operations. For - * example, if double-width division is implemented in software, disabling - * it can reduce code size in some embedded targets. - */ -//#define MBEDTLS_NO_UDBL_DIVISION - -/** - * \def MBEDTLS_NO_64BIT_MULTIPLICATION - * - * The platform lacks support for 32x32 -> 64-bit multiplication. - * - * Used in: - * library/poly1305.c - * - * Some parts of the library may use multiplication of two unsigned 32-bit - * operands with a 64-bit result in order to speed up computations. On some - * platforms, this is not available in hardware and has to be implemented in - * software, usually in a library provided by the toolchain. - * - * Sometimes it is not desirable to have to link to that library. This option - * removes the dependency of that library on platforms that lack a hardware - * 64-bit multiplier by embedding a software implementation in Mbed TLS. - * - * Note that depending on the compiler, this may decrease performance compared - * to using the library function provided by the toolchain. - */ -//#define MBEDTLS_NO_64BIT_MULTIPLICATION - -/** - * \def MBEDTLS_HAVE_SSE2 - * - * CPU supports SSE2 instruction set. - * - * Uncomment if the CPU supports SSE2 (IA-32 specific). - */ -//#define MBEDTLS_HAVE_SSE2 - -/** - * \def MBEDTLS_HAVE_TIME - * - * System has time.h and time(). - * The time does not need to be correct, only time differences are used, - * by contrast with MBEDTLS_HAVE_TIME_DATE - * - * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT, - * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and - * MBEDTLS_PLATFORM_STD_TIME. - * - * Comment if your system does not support time functions - */ -#define MBEDTLS_HAVE_TIME - -/** - * \def MBEDTLS_HAVE_TIME_DATE - * - * System has time.h, time(), and an implementation for - * mbedtls_platform_gmtime_r() (see below). - * The time needs to be correct (not necessarily very accurate, but at least - * the date should be correct). This is used to verify the validity period of - * X.509 certificates. - * - * Comment if your system does not have a correct clock. - * - * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that - * behaves similarly to the gmtime_r() function from the C standard. Refer to - * the documentation for mbedtls_platform_gmtime_r() for more information. - * - * \note It is possible to configure an implementation for - * mbedtls_platform_gmtime_r() at compile-time by using the macro - * MBEDTLS_PLATFORM_GMTIME_R_ALT. - */ -#define MBEDTLS_HAVE_TIME_DATE - -/** - * \def MBEDTLS_PLATFORM_MEMORY - * - * Enable the memory allocation layer. - * - * By default mbed TLS uses the system-provided calloc() and free(). - * This allows different allocators (self-implemented or provided) to be - * provided to the platform abstraction layer. - * - * Enabling MBEDTLS_PLATFORM_MEMORY without the - * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide - * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and - * free() function pointer at runtime. - * - * Enabling MBEDTLS_PLATFORM_MEMORY and specifying - * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the - * alternate function at compile time. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Enable this layer to allow use of alternative memory allocators. - */ -//#define MBEDTLS_PLATFORM_MEMORY - -/** - * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - * - * Do not assign standard functions in the platform layer (e.g. calloc() to - * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF) - * - * This makes sure there are no linking errors on platforms that do not support - * these functions. You will HAVE to provide alternatives, either at runtime - * via the platform_set_xxx() functions or at compile time by setting - * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a - * MBEDTLS_PLATFORM_XXX_MACRO. - * - * Requires: MBEDTLS_PLATFORM_C - * - * Uncomment to prevent default assignment of standard functions in the - * platform layer. - */ -//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS - -/** - * \def MBEDTLS_PLATFORM_EXIT_ALT - * - * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the - * function in the platform abstraction layer. - * - * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will - * provide a function "mbedtls_platform_set_printf()" that allows you to set an - * alternative printf function pointer. - * - * All these define require MBEDTLS_PLATFORM_C to be defined! - * - * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows; - * it will be enabled automatically by check_config.h - * - * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as - * MBEDTLS_PLATFORM_XXX_MACRO! - * - * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME - * - * Uncomment a macro to enable alternate implementation of specific base - * platform function - */ -//#define MBEDTLS_PLATFORM_EXIT_ALT -//#define MBEDTLS_PLATFORM_TIME_ALT -//#define MBEDTLS_PLATFORM_FPRINTF_ALT -//#define MBEDTLS_PLATFORM_PRINTF_ALT -//#define MBEDTLS_PLATFORM_SNPRINTF_ALT -//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT -//#define MBEDTLS_PLATFORM_NV_SEED_ALT -//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT - -/** - * \def MBEDTLS_DEPRECATED_WARNING - * - * Mark deprecated functions so that they generate a warning if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * This only works with GCC and Clang. With other compilers, you may want to - * use MBEDTLS_DEPRECATED_REMOVED - * - * Uncomment to get warnings on using deprecated functions. - */ -//#define MBEDTLS_DEPRECATED_WARNING - -/** - * \def MBEDTLS_DEPRECATED_REMOVED - * - * Remove deprecated functions so that they generate an error if used. - * Functions deprecated in one version will usually be removed in the next - * version. You can enable this to help you prepare the transition to a new - * major version by making sure your code is not using these functions. - * - * Uncomment to get errors on using deprecated functions. - */ -//#define MBEDTLS_DEPRECATED_REMOVED - -/** - * \def MBEDTLS_CHECK_PARAMS - * - * This configuration option controls whether the library validates more of - * the parameters passed to it. - * - * When this flag is not defined, the library only attempts to validate an - * input parameter if: (1) they may come from the outside world (such as the - * network, the filesystem, etc.) or (2) not validating them could result in - * internal memory errors such as overflowing a buffer controlled by the - * library. On the other hand, it doesn't attempt to validate parameters whose - * values are fully controlled by the application (such as pointers). - * - * When this flag is defined, the library additionally attempts to validate - * parameters that are fully controlled by the application, and should always - * be valid if the application code is fully correct and trusted. - * - * For example, when a function accepts as input a pointer to a buffer that may - * contain untrusted data, and its documentation mentions that this pointer - * must not be NULL: - * - the pointer is checked to be non-NULL only if this option is enabled - * - the content of the buffer is always validated - * - * When this flag is defined, if a library function receives a parameter that - * is invalid, it will: - * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a - * call to the function mbedtls_param_failed() - * - immediately return (with a specific error code unless the function - * returns void and can't communicate an error). - * - * When defining this flag, you also need to: - * - either provide a definition of the function mbedtls_param_failed() in - * your application (see platform_util.h for its prototype) as the library - * calls that function, but does not provide a default definition for it, - * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED() - * below if the above mechanism is not flexible enough to suit your needs. - * See the documentation of this macro later in this file. - * - * Uncomment to enable validation of application-controlled parameters. - */ -//#define MBEDTLS_CHECK_PARAMS - -/* \} name SECTION: System support */ - -/** - * \name SECTION: mbed TLS feature support - * - * This section sets support for features that are or are not needed - * within the modules that are enabled. - * \{ - */ - -/** - * \def MBEDTLS_TIMING_ALT - * - * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(), - * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay() - * - * Only works if you have MBEDTLS_TIMING_C enabled. - * - * You will need to provide a header "timing_alt.h" and an implementation at - * compile time. - */ -//#define MBEDTLS_TIMING_ALT - -/** - * \def MBEDTLS_AES_ALT - * - * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your - * alternate core implementation of a symmetric crypto, an arithmetic or hash - * module (e.g. platform specific assembly optimized implementations). Keep - * in mind that the function prototypes should remain the same. - * - * This replaces the whole module. If you only want to replace one of the - * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer - * provide the "struct mbedtls_aes_context" definition and omit the base - * function declarations and implementations. "aes_alt.h" will be included from - * "aes.h" to include the new function definitions. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * module. - * - * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their - * use constitutes a security risk. If possible, we recommend - * avoiding dependencies on them, and considering stronger message - * digests and ciphers instead. - * - */ -//#define MBEDTLS_AES_ALT -//#define MBEDTLS_ARC4_ALT -//#define MBEDTLS_ARIA_ALT -//#define MBEDTLS_BLOWFISH_ALT -//#define MBEDTLS_CAMELLIA_ALT -//#define MBEDTLS_CCM_ALT -//#define MBEDTLS_CHACHA20_ALT -//#define MBEDTLS_CHACHAPOLY_ALT -//#define MBEDTLS_CMAC_ALT -//#define MBEDTLS_DES_ALT -//#define MBEDTLS_DHM_ALT -//#define MBEDTLS_ECJPAKE_ALT -//#define MBEDTLS_GCM_ALT -//#define MBEDTLS_NIST_KW_ALT -//#define MBEDTLS_MD2_ALT -//#define MBEDTLS_MD4_ALT -//#define MBEDTLS_MD5_ALT -//#define MBEDTLS_POLY1305_ALT -//#define MBEDTLS_RIPEMD160_ALT -//#define MBEDTLS_RSA_ALT -//#define MBEDTLS_SHA1_ALT -//#define MBEDTLS_SHA256_ALT -//#define MBEDTLS_SHA512_ALT -//#define MBEDTLS_XTEA_ALT - -/* - * When replacing the elliptic curve module, pleace consider, that it is - * implemented with two .c files: - * - ecp.c - * - ecp_curves.c - * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT - * macros as described above. The only difference is that you have to make sure - * that you provide functionality for both .c files. - */ -//#define MBEDTLS_ECP_ALT - -/** - * \def MBEDTLS_MD2_PROCESS_ALT - * - * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you - * alternate core implementation of symmetric crypto or hash function. Keep in - * mind that function prototypes should remain the same. - * - * This replaces only one function. The header file from mbed TLS is still - * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will - * no longer provide the mbedtls_sha1_process() function, but it will still provide - * the other function (using your mbedtls_sha1_process() function) and the definition - * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible - * with this definition. - * - * \note If you use the AES_xxx_ALT macros, then is is recommended to also set - * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES - * tables. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - * - * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use - * constitutes a security risk. If possible, we recommend avoiding - * dependencies on them, and considering stronger message digests - * and ciphers instead. - * - */ -//#define MBEDTLS_MD2_PROCESS_ALT -//#define MBEDTLS_MD4_PROCESS_ALT -//#define MBEDTLS_MD5_PROCESS_ALT -//#define MBEDTLS_RIPEMD160_PROCESS_ALT -//#define MBEDTLS_SHA1_PROCESS_ALT -//#define MBEDTLS_SHA256_PROCESS_ALT -//#define MBEDTLS_SHA512_PROCESS_ALT -//#define MBEDTLS_DES_SETKEY_ALT -//#define MBEDTLS_DES_CRYPT_ECB_ALT -//#define MBEDTLS_DES3_CRYPT_ECB_ALT -//#define MBEDTLS_AES_SETKEY_ENC_ALT -//#define MBEDTLS_AES_SETKEY_DEC_ALT -//#define MBEDTLS_AES_ENCRYPT_ALT -//#define MBEDTLS_AES_DECRYPT_ALT -//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT -//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT -//#define MBEDTLS_ECDSA_VERIFY_ALT -//#define MBEDTLS_ECDSA_SIGN_ALT -//#define MBEDTLS_ECDSA_GENKEY_ALT - -/** - * \def MBEDTLS_ECP_INTERNAL_ALT - * - * Expose a part of the internal interface of the Elliptic Curve Point module. - * - * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your - * alternative core implementation of elliptic curve arithmetic. Keep in mind - * that function prototypes should remain the same. - * - * This partially replaces one function. The header file from mbed TLS is still - * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation - * is still present and it is used for group structures not supported by the - * alternative. - * - * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT - * and implementing the following functions: - * unsigned char mbedtls_internal_ecp_grp_capable( - * const mbedtls_ecp_group *grp ) - * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) - * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) - * The mbedtls_internal_ecp_grp_capable function should return 1 if the - * replacement functions implement arithmetic for the given group and 0 - * otherwise. - * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are - * called before and after each point operation and provide an opportunity to - * implement optimized set up and tear down instructions. - * - * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and - * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac - * function, but will use your mbedtls_internal_ecp_double_jac if the group is - * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when - * receives it as an argument). If the group is not supported then the original - * implementation is used. The other functions and the definition of - * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your - * implementation of mbedtls_internal_ecp_double_jac and - * mbedtls_internal_ecp_grp_capable must be compatible with this definition. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - */ -/* Required for all the functions in this section */ -//#define MBEDTLS_ECP_INTERNAL_ALT -/* Support for Weierstrass curves with Jacobi representation */ -//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT -//#define MBEDTLS_ECP_ADD_MIXED_ALT -//#define MBEDTLS_ECP_DOUBLE_JAC_ALT -//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT -//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT -/* Support for curves with Montgomery arithmetic */ -//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT -//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT -//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT - -/** - * \def MBEDTLS_TEST_NULL_ENTROPY - * - * Enables testing and use of mbed TLS without any configured entropy sources. - * This permits use of the library on platforms before an entropy source has - * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the - * MBEDTLS_ENTROPY_NV_SEED switches). - * - * WARNING! This switch MUST be disabled in production builds, and is suitable - * only for development. - * Enabling the switch negates any security provided by the library. - * - * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - */ -//#define MBEDTLS_TEST_NULL_ENTROPY - -/** - * \def MBEDTLS_ENTROPY_HARDWARE_ALT - * - * Uncomment this macro to let mbed TLS use your own implementation of a - * hardware entropy collector. - * - * Your function must be called \c mbedtls_hardware_poll(), have the same - * prototype as declared in entropy_poll.h, and accept NULL as first argument. - * - * Uncomment to use your own hardware entropy collector. - */ -//#define MBEDTLS_ENTROPY_HARDWARE_ALT - -/** - * \def MBEDTLS_AES_ROM_TABLES - * - * Use precomputed AES tables stored in ROM. - * - * Uncomment this macro to use precomputed AES tables stored in ROM. - * Comment this macro to generate AES tables in RAM at runtime. - * - * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb - * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the - * initialization time before the first AES operation can be performed. - * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c - * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded - * performance if ROM access is slower than RAM access. - * - * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. - * - */ -//#define MBEDTLS_AES_ROM_TABLES - -/** - * \def MBEDTLS_AES_FEWER_TABLES - * - * Use less ROM/RAM for AES tables. - * - * Uncommenting this macro omits 75% of the AES tables from - * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) - * by computing their values on the fly during operations - * (the tables are entry-wise rotations of one another). - * - * Tradeoff: Uncommenting this reduces the RAM / ROM footprint - * by ~6kb but at the cost of more arithmetic operations during - * runtime. Specifically, one has to compare 4 accesses within - * different tables to 4 accesses with additional arithmetic - * operations within the same table. The performance gain/loss - * depends on the system and memory details. - * - * This option is independent of \c MBEDTLS_AES_ROM_TABLES. - * - */ -//#define MBEDTLS_AES_FEWER_TABLES - -/** - * \def MBEDTLS_CAMELLIA_SMALL_MEMORY - * - * Use less ROM for the Camellia implementation (saves about 768 bytes). - * - * Uncomment this macro to use less memory for Camellia. - */ -//#define MBEDTLS_CAMELLIA_SMALL_MEMORY - -/** - * \def MBEDTLS_CIPHER_MODE_CBC - * - * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CBC - -/** - * \def MBEDTLS_CIPHER_MODE_CFB - * - * Enable Cipher Feedback mode (CFB) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CFB - -/** - * \def MBEDTLS_CIPHER_MODE_CTR - * - * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_CTR - -/** - * \def MBEDTLS_CIPHER_MODE_OFB - * - * Enable Output Feedback mode (OFB) for symmetric ciphers. - */ -#define MBEDTLS_CIPHER_MODE_OFB - -/** - * \def MBEDTLS_CIPHER_MODE_XTS - * - * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES. - */ -#define MBEDTLS_CIPHER_MODE_XTS - -/** - * \def MBEDTLS_CIPHER_NULL_CIPHER - * - * Enable NULL cipher. - * Warning: Only do so when you know what you are doing. This allows for - * encryption or channels without any security! - * - * To enable the following ciphersuites: - * MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_WITH_NULL_SHA - * MBEDTLS_TLS_RSA_WITH_NULL_MD5 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA - * MBEDTLS_TLS_PSK_WITH_NULL_SHA384 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA256 - * MBEDTLS_TLS_PSK_WITH_NULL_SHA - * - * Uncomment this macro to enable the NULL cipher and ciphersuites - */ -//#define MBEDTLS_CIPHER_NULL_CIPHER - -/** - * \def MBEDTLS_CIPHER_PADDING_PKCS7 - * - * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for - * specific padding modes in the cipher layer with cipher modes that support - * padding (e.g. CBC) - * - * If you disable all padding modes, only full blocks can be used with CBC. - * - * Enable padding modes in the cipher layer. - */ -#define MBEDTLS_CIPHER_PADDING_PKCS7 -#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS -#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN -#define MBEDTLS_CIPHER_PADDING_ZEROS - -/** - * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED - * - * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve - * module. By default all supported curves are enabled. - * - * Comment macros to disable the curve and functions for it - */ -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED -#define MBEDTLS_ECP_DP_SECP521R1_ENABLED -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED -#define MBEDTLS_ECP_DP_SECP256K1_ENABLED -#define MBEDTLS_ECP_DP_BP256R1_ENABLED -#define MBEDTLS_ECP_DP_BP384R1_ENABLED -#define MBEDTLS_ECP_DP_BP512R1_ENABLED -#define MBEDTLS_ECP_DP_CURVE25519_ENABLED -#define MBEDTLS_ECP_DP_CURVE448_ENABLED - -/** - * \def MBEDTLS_ECP_NIST_OPTIM - * - * Enable specific 'modulo p' routines for each NIST prime. - * Depending on the prime and architecture, makes operations 4 to 8 times - * faster on the corresponding curve. - * - * Comment this macro to disable NIST curves optimisation. - */ -#define MBEDTLS_ECP_NIST_OPTIM - -/** - * \def MBEDTLS_ECP_RESTARTABLE - * - * Enable "non-blocking" ECC operations that can return early and be resumed. - * - * This allows various functions to pause by returning - * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in - * order to further progress and eventually complete their operation. This is - * controlled through mbedtls_ecp_set_max_ops() which limits the maximum - * number of ECC operations a function may perform before pausing; see - * mbedtls_ecp_set_max_ops() for more information. - * - * This is useful in non-threaded environments if you want to avoid blocking - * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. - * - * Uncomment this macro to enable restartable ECC computations. - * - * \note This option only works with the default software implementation of - * elliptic curve functionality. It is incompatible with - * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT. - */ -//#define MBEDTLS_ECP_RESTARTABLE - -/** - * \def MBEDTLS_ECDSA_DETERMINISTIC - * - * Enable deterministic ECDSA (RFC 6979). - * Standard ECDSA is "fragile" in the sense that lack of entropy when signing - * may result in a compromise of the long-term signing key. This is avoided by - * the deterministic variant. - * - * Requires: MBEDTLS_HMAC_DRBG_C - * - * Comment this macro to disable deterministic ECDSA. - */ -#define MBEDTLS_ECDSA_DETERMINISTIC - -/** - * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - * - * Enable the PSK based ciphersuite modes in SSL / TLS. - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - * - * Enable the DHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - * - * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - * - * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - * - * Enable the RSA-only based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - * - * Enable the DHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - * - * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, - * MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - * - * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - */ -#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - * - * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - * - * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. - * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - */ -#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - -/** - * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - * - * Enable the ECJPAKE based ciphersuite modes in SSL / TLS. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Requires: MBEDTLS_ECJPAKE_C - * MBEDTLS_SHA256_C - * MBEDTLS_ECP_DP_SECP256R1_ENABLED - * - * This enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 - */ -//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED - -/** - * \def MBEDTLS_PK_PARSE_EC_EXTENDED - * - * Enhance support for reading EC keys using variants of SEC1 not allowed by - * RFC 5915 and RFC 5480. - * - * Currently this means parsing the SpecifiedECDomain choice of EC - * parameters (only known groups are supported, not arbitrary domains, to - * avoid validation issues). - * - * Disable if you only need to support RFC 5915 + 5480 key formats. - */ -#define MBEDTLS_PK_PARSE_EC_EXTENDED - -/** - * \def MBEDTLS_ERROR_STRERROR_DUMMY - * - * Enable a dummy error function to make use of mbedtls_strerror() in - * third party libraries easier when MBEDTLS_ERROR_C is disabled - * (no effect when MBEDTLS_ERROR_C is enabled). - * - * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're - * not using mbedtls_strerror() or error_strerror() in your application. - * - * Disable if you run into name conflicts and want to really remove the - * mbedtls_strerror() - */ -#define MBEDTLS_ERROR_STRERROR_DUMMY - -/** - * \def MBEDTLS_GENPRIME - * - * Enable the prime-number generation code. - * - * Requires: MBEDTLS_BIGNUM_C - */ -#define MBEDTLS_GENPRIME - -/** - * \def MBEDTLS_FS_IO - * - * Enable functions that use the filesystem. - */ -#define MBEDTLS_FS_IO - -/** - * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - * Do not add default entropy sources. These are the platform specific - * or mbedtls_timing_hardclock poll function. - * - * This is useful to have more control over the added entropy sources in an - * application. - * - * Uncomment this macro to prevent loading of default entropy functions. - */ -//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - -/** - * \def MBEDTLS_NO_PLATFORM_ENTROPY - * - * Do not use built-in platform entropy functions. - * This is useful if your platform does not support - * standards like the /dev/urandom or Windows CryptoAPI. - * - * Uncomment this macro to disable the built-in platform entropy functions. - */ -//#define MBEDTLS_NO_PLATFORM_ENTROPY - -/** - * \def MBEDTLS_ENTROPY_FORCE_SHA256 - * - * Force the entropy accumulator to use a SHA-256 accumulator instead of the - * default SHA-512 based one (if both are available). - * - * Requires: MBEDTLS_SHA256_C - * - * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option - * if you have performance concerns. - * - * This option is only useful if both MBEDTLS_SHA256_C and - * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. - */ -//#define MBEDTLS_ENTROPY_FORCE_SHA256 - -/** - * \def MBEDTLS_ENTROPY_NV_SEED - * - * Enable the non-volatile (NV) seed file-based entropy source. - * (Also enables the NV seed read/write functions in the platform layer) - * - * This is crucial (if not required) on systems that do not have a - * cryptographic entropy source (in hardware or kernel) available. - * - * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C - * - * \note The read/write functions that are used by the entropy source are - * determined in the platform layer, and can be modified at runtime and/or - * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. - * - * \note If you use the default implementation functions that read a seedfile - * with regular fopen(), please make sure you make a seedfile with the - * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at - * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from - * and written to or you will get an entropy source error! The default - * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE - * bytes from the file. - * - * \note The entropy collector will write to the seed file before entropy is - * given to an external source, to update it. - */ -//#define MBEDTLS_ENTROPY_NV_SEED - -/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER - * - * Enable key identifiers that encode a key owner identifier. - * - * This is only meaningful when building the library as part of a - * multi-client service. When you activate this option, you must provide an - * implementation of the type mbedtls_key_owner_id_t and a translation from - * mbedtls_svc_key_id_t to file name in all the storage backends that you - * you wish to support. - * - * Note that this option is meant for internal use only and may be removed - * without notice. - */ -//#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER - -/** - * \def MBEDTLS_MEMORY_DEBUG - * - * Enable debugging of buffer allocator memory issues. Automatically prints - * (to stderr) all (fatal) messages on memory allocation issues. Enables - * function for 'debug output' of allocated memory. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Uncomment this macro to let the buffer allocator print out error messages. - */ -//#define MBEDTLS_MEMORY_DEBUG - -/** - * \def MBEDTLS_MEMORY_BACKTRACE - * - * Include backtrace information with each allocated block. - * - * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * GLIBC-compatible backtrace() an backtrace_symbols() support - * - * Uncomment this macro to include backtrace information - */ -//#define MBEDTLS_MEMORY_BACKTRACE - -/** - * \def MBEDTLS_PK_RSA_ALT_SUPPORT - * - * Support external private RSA keys (eg from a HSM) in the PK layer. - * - * Comment this macro to disable support for external private RSA keys. - */ -#define MBEDTLS_PK_RSA_ALT_SUPPORT - -/** - * \def MBEDTLS_PKCS1_V15 - * - * Enable support for PKCS#1 v1.5 encoding. - * - * Requires: MBEDTLS_RSA_C - * - * This enables support for PKCS#1 v1.5 operations. - */ -#define MBEDTLS_PKCS1_V15 - -/** - * \def MBEDTLS_PKCS1_V21 - * - * Enable support for PKCS#1 v2.1 encoding. - * - * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C - * - * This enables support for RSAES-OAEP and RSASSA-PSS operations. - */ -#define MBEDTLS_PKCS1_V21 - -/** - * \def MBEDTLS_PSA_CRYPTO_SPM - * - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure - * Partition Manager) integration which separates the code into two parts: a - * NSPE (Non-Secure Process Environment) and an SPE (Secure Process - * Environment). - * - * Module: library/psa_crypto.c - * Requires: MBEDTLS_PSA_CRYPTO_C - * - */ -//#define MBEDTLS_PSA_CRYPTO_SPM - -/** - * \def MBEDTLS_PSA_INJECT_ENTROPY - * - * Enable support for entropy injection at first boot. This feature is - * required on systems that do not have a built-in entropy source (TRNG). - * This feature is currently not supported on systems that have a built-in - * entropy source. - * - * Requires: MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_ENTROPY_NV_SEED - * - */ -//#define MBEDTLS_PSA_INJECT_ENTROPY - -/** - * \def MBEDTLS_RSA_NO_CRT - * - * Do not use the Chinese Remainder Theorem - * for the RSA private operation. - * - * Uncomment this macro to disable the use of CRT in RSA. - * - */ -//#define MBEDTLS_RSA_NO_CRT - -/** - * \def MBEDTLS_SELF_TEST - * - * Enable the checkup functions (*_self_test). - */ -#define MBEDTLS_SELF_TEST - -/** - * \def MBEDTLS_SHA256_SMALLER - * - * Enable an implementation of SHA-256 that has lower ROM footprint but also - * lower performance. - * - * The default implementation is meant to be a reasonnable compromise between - * performance and size. This version optimizes more aggressively for size at - * the expense of performance. Eg on Cortex-M4 it reduces the size of - * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about - * 30%. - * - * Uncomment to enable the smaller implementation of SHA256. - */ -//#define MBEDTLS_SHA256_SMALLER - -/** - * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES - * - * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate - * with other servers, only debugging of failures is harder. - * - * The advantage of not sending alert messages, is that no information is given - * about reasons for failures thus preventing adversaries of gaining intel. - * - * Enable sending of all alert messages - */ -#define MBEDTLS_SSL_ALL_ALERT_MESSAGES - -/** - * \def MBEDTLS_SSL_ASYNC_PRIVATE - * - * Enable asynchronous external private key operations in SSL. This allows - * you to configure an SSL connection to call an external cryptographic - * module to perform private key operations instead of performing the - * operation inside the library. - * - */ -//#define MBEDTLS_SSL_ASYNC_PRIVATE - -/** - * \def MBEDTLS_SSL_DEBUG_ALL - * - * Enable the debug messages in SSL module for all issues. - * Debug messages have been disabled in some places to prevent timing - * attacks due to (unbalanced) debugging function calls. - * - * If you need all error reporting you should enable this during debugging, - * but remove this for production servers that should log as well. - * - * Uncomment this macro to report all debug messages on errors introducing - * a timing side-channel. - * - */ -//#define MBEDTLS_SSL_DEBUG_ALL - -/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC - * - * Enable support for Encrypt-then-MAC, RFC 7366. - * - * This allows peers that both support it to use a more robust protection for - * ciphersuites using CBC, providing deep resistance against timing attacks - * on the padding or underlying cipher. - * - * This only affects CBC ciphersuites, and is useless if none is defined. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Encrypt-then-MAC - */ -#define MBEDTLS_SSL_ENCRYPT_THEN_MAC - -/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET - * - * Enable support for Extended Master Secret, aka Session Hash - * (draft-ietf-tls-session-hash-02). - * - * This was introduced as "the proper fix" to the Triple Handshake familiy of - * attacks, but it is recommended to always use it (even if you disable - * renegotiation), since it actually fixes a more fundamental issue in the - * original SSL/TLS design, and has implications beyond Triple Handshake. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for Extended Master Secret. - */ -#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET - -/** - * \def MBEDTLS_SSL_FALLBACK_SCSV - * - * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00). - * - * For servers, it is recommended to always enable this, unless you support - * only one version of TLS, or know for sure that none of your clients - * implements a fallback strategy. - * - * For clients, you only need this if you're using a fallback strategy, which - * is not recommended in the first place, unless you absolutely need it to - * interoperate with buggy (version-intolerant) servers. - * - * Comment this macro to disable support for FALLBACK_SCSV - */ -#define MBEDTLS_SSL_FALLBACK_SCSV - -/** - * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING - * - * Enable 1/n-1 record splitting for CBC mode in TLS 1.0. - * - * This is a countermeasure to the BEAST attack, which also minimizes the risk - * of interoperability issues compared to sending 0-length records. - * - * Comment this macro to disable 1/n-1 record splitting. - */ -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING - -/** - * \def MBEDTLS_SSL_RENEGOTIATION - * - * Enable support for TLS renegotiation. - * - * The two main uses of renegotiation are (1) refresh keys on long-lived - * connections and (2) client authentication after the initial handshake. - * If you don't need renegotiation, it's probably better to disable it, since - * it has been associated with security issues in the past and is easy to - * misuse/misunderstand. - * - * Comment this to disable support for renegotiation. - * - * \note Even if this option is disabled, both client and server are aware - * of the Renegotiation Indication Extension (RFC 5746) used to - * prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). - * (See \c mbedtls_ssl_conf_legacy_renegotiation for the - * configuration of this extension). - * - */ -#define MBEDTLS_SSL_RENEGOTIATION - -/** - * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - * - * Pick the ciphersuite according to the client's preferences rather than ours - * in the SSL Server module (MBEDTLS_SSL_SRV_C). - * - * Uncomment this macro to respect client's ciphersuite order - */ -//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE - -/** - * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - * - * Enable support for RFC 6066 max_fragment_length extension in SSL. - * - * Comment this macro to disable support for the max_fragment_length extension - */ -#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - -/** - * \def MBEDTLS_SSL_PROTO_TLS1 - * - * Enable support for TLS 1.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_1 - * - * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1_1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_2 - * - * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). - * - * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C - * (Depends on ciphersuites) - * - * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 - */ -#define MBEDTLS_SSL_PROTO_TLS1_2 - -/** - * \def MBEDTLS_SSL_PROTO_DTLS - * - * Enable support for DTLS (all available versions). - * - * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, - * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. - * - * Requires: MBEDTLS_SSL_PROTO_TLS1_1 - * or MBEDTLS_SSL_PROTO_TLS1_2 - * - * Comment this macro to disable support for DTLS - */ -#define MBEDTLS_SSL_PROTO_DTLS - -/** - * \def MBEDTLS_SSL_ALPN - * - * Enable support for RFC 7301 Application Layer Protocol Negotiation. - * - * Comment this macro to disable support for ALPN. - */ -#define MBEDTLS_SSL_ALPN - -/** - * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY - * - * Enable support for the anti-replay mechanism in DTLS. - * - * Requires: MBEDTLS_SSL_TLS_C - * MBEDTLS_SSL_PROTO_DTLS - * - * \warning Disabling this is often a security risk! - * See mbedtls_ssl_conf_dtls_anti_replay() for details. - * - * Comment this to disable anti-replay in DTLS. - */ -#define MBEDTLS_SSL_DTLS_ANTI_REPLAY - -/** - * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Enable support for HelloVerifyRequest on DTLS servers. - * - * This feature is highly recommended to prevent DTLS servers being used as - * amplifiers in DoS attacks against other hosts. It should always be enabled - * unless you know for sure amplification cannot be a problem in the - * environment in which your server operates. - * - * \warning Disabling this can ba a security risk! (see above) - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - * - * Comment this to disable support for HelloVerifyRequest. - */ -#define MBEDTLS_SSL_DTLS_HELLO_VERIFY - -/** - * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - * - * Enable server-side support for clients that reconnect from the same port. - * - * Some clients unexpectedly close the connection and try to reconnect using the - * same source port. This needs special support from the server to handle the - * new connection securely, as described in section 4.2.8 of RFC 6347. This - * flag enables that support. - * - * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY - * - * Comment this to disable support for clients reusing the source port. - */ -#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE - -/** - * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT - * - * Enable support for a limit of records with bad MAC. - * - * See mbedtls_ssl_conf_dtls_badmac_limit(). - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - */ -#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT - -/** - * \def MBEDTLS_SSL_SESSION_TICKETS - * - * Enable support for RFC 5077 session tickets in SSL. - * Client-side, provides full support for session tickets (maintenance of a - * session store remains the responsibility of the application, though). - * Server-side, you also need to provide callbacks for writing and parsing - * tickets, including authenticated encryption and key management. Example - * callbacks are provided by MBEDTLS_SSL_TICKET_C. - * - * Comment this macro to disable support for SSL session tickets - */ -#define MBEDTLS_SSL_SESSION_TICKETS - -/** - * \def MBEDTLS_SSL_EXPORT_KEYS - * - * Enable support for exporting key block and master secret. - * This is required for certain users of TLS, e.g. EAP-TLS. - * - * Comment this macro to disable support for key export - */ -#define MBEDTLS_SSL_EXPORT_KEYS - -/** - * \def MBEDTLS_SSL_SERVER_NAME_INDICATION - * - * Enable support for RFC 6066 server name indication (SNI) in SSL. - * - * Requires: MBEDTLS_X509_CRT_PARSE_C - * - * Comment this macro to disable support for server name indication in SSL - */ -#define MBEDTLS_SSL_SERVER_NAME_INDICATION - -/** - * \def MBEDTLS_SSL_TRUNCATED_HMAC - * - * Enable support for RFC 6066 truncated HMAC in SSL. - * - * Comment this macro to disable support for truncated HMAC in SSL - */ -#define MBEDTLS_SSL_TRUNCATED_HMAC - -/** - * \def MBEDTLS_THREADING_ALT - * - * Provide your own alternate threading implementation. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to allow your own alternate threading implementation. - */ -//#define MBEDTLS_THREADING_ALT - -/** - * \def MBEDTLS_THREADING_PTHREAD - * - * Enable the pthread wrapper layer for the threading layer. - * - * Requires: MBEDTLS_THREADING_C - * - * Uncomment this to enable pthread mutexes. - */ -//#define MBEDTLS_THREADING_PTHREAD - -/** - * \def MBEDTLS_USE_PSA_CRYPTO - * - * Make the X.509 and TLS library use PSA for cryptographic operations, see - * #MBEDTLS_PSA_CRYPTO_C. - * - * Note: this option is still in progress, the full X.509 and TLS modules are - * not covered yet, but parts that are not ported to PSA yet will still work - * as usual, so enabling this option should not break backwards compatibility. - * - * \warning Support for PSA is still an experimental feature. - * Any public API that depends on this option may change - * at any time until this warning is removed. - * - * Requires: MBEDTLS_PSA_CRYPTO_C. - */ -//#define MBEDTLS_USE_PSA_CRYPTO - -/** - * \def MBEDTLS_VERSION_FEATURES - * - * Allow run-time checking of compile-time enabled features. Thus allowing users - * to check at run-time if the library is for instance compiled with threading - * support via mbedtls_version_check_feature(). - * - * Requires: MBEDTLS_VERSION_C - * - * Comment this to disable run-time checking and save ROM space - */ -#define MBEDTLS_VERSION_FEATURES - -/** - * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an extension in a v1 or v2 certificate. - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 - -/** - * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an unknown critical extension. - * - * \warning Depending on your PKI use, enabling this can be a security risk! - * - * Uncomment to prevent an error. - */ -//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - -/** - * \def MBEDTLS_X509_CHECK_KEY_USAGE - * - * Enable verification of the keyUsage extension (CA and leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused - * (intermediate) CA and leaf certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip keyUsage checking for both CA and leaf certificates. - */ -#define MBEDTLS_X509_CHECK_KEY_USAGE - -/** - * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - * - * Enable verification of the extendedKeyUsage extension (leaf certificates). - * - * Disabling this avoids problems with mis-issued and/or misused certificates. - * - * \warning Depending on your PKI use, disabling this can be a security risk! - * - * Comment to skip extendedKeyUsage checking for certificates. - */ -#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE - -/** - * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT - * - * Enable parsing and verification of X.509 certificates, CRLs and CSRS - * signed with RSASSA-PSS (aka PKCS#1 v2.1). - * - * Comment this macro to disallow using RSASSA-PSS in certificates. - */ -#define MBEDTLS_X509_RSASSA_PSS_SUPPORT -/* \} name SECTION: mbed TLS feature support */ - -/** - * \name SECTION: mbed TLS modules - * - * This section enables or disables entire modules in mbed TLS - * \{ - */ - -/** - * \def MBEDTLS_AESNI_C - * - * Enable AES-NI support on x86-64. - * - * Module: library/aesni.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the AES-NI instructions on x86-64 - */ -#define MBEDTLS_AESNI_C - -/** - * \def MBEDTLS_AES_C - * - * Enable the AES block cipher. - * - * Module: library/aes.c - * Caller: library/cipher.c - * library/pem.c - * library/ctr_drbg.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA - * - * PEM_PARSE uses AES for decrypting encrypted keys. - */ -#define MBEDTLS_AES_C - -/** - * \def MBEDTLS_ARC4_C - * - * Enable the ARCFOUR stream cipher. - * - * Module: library/arc4.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * - * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. If possible, we recommend avoidng dependencies on - * it, and considering stronger ciphers instead. - * - */ -#define MBEDTLS_ARC4_C - -/** - * \def MBEDTLS_ASN1_PARSE_C - * - * Enable the generic ASN1 parser. - * - * Module: library/asn1.c - * Caller: library/x509.c - * library/dhm.c - * library/pkcs12.c - * library/pkcs5.c - * library/pkparse.c - */ -#define MBEDTLS_ASN1_PARSE_C - -/** - * \def MBEDTLS_ASN1_WRITE_C - * - * Enable the generic ASN1 writer. - * - * Module: library/asn1write.c - * Caller: library/ecdsa.c - * library/pkwrite.c - * library/x509_create.c - * library/x509write_crt.c - * library/x509write_csr.c - */ -#define MBEDTLS_ASN1_WRITE_C - -/** - * \def MBEDTLS_BASE64_C - * - * Enable the Base64 module. - * - * Module: library/base64.c - * Caller: library/pem.c - * - * This module is required for PEM support (required by X.509). - */ -#define MBEDTLS_BASE64_C - -/** - * \def MBEDTLS_BIGNUM_C - * - * Enable the multi-precision integer library. - * - * Module: library/bignum.c - * Caller: library/dhm.c - * library/ecp.c - * library/ecdsa.c - * library/rsa.c - * library/rsa_alt_helpers.h - * library/ssl_tls.c - * - * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support. - */ -#define MBEDTLS_BIGNUM_C - -/** - * \def MBEDTLS_BLOWFISH_C - * - * Enable the Blowfish block cipher. - * - * Module: library/blowfish.c - */ -#define MBEDTLS_BLOWFISH_C - -/** - * \def MBEDTLS_CAMELLIA_C - * - * Enable the Camellia block cipher. - * - * Module: library/camellia.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 - */ -#define MBEDTLS_CAMELLIA_C - -/** - * \def MBEDTLS_ARIA_C - * - * Enable the ARIA block cipher. - * - * Module: library/aria.c - * Caller: library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * - * MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 - */ -//#define MBEDTLS_ARIA_C - -/** - * \def MBEDTLS_CCM_C - * - * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher. - * - * Module: library/ccm.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C - * - * This module enables the AES-CCM ciphersuites, if other requisites are - * enabled as well. - */ -#define MBEDTLS_CCM_C - -/** - * \def MBEDTLS_CHACHA20_C - * - * Enable the ChaCha20 stream cipher. - * - * Module: library/chacha20.c - */ -#define MBEDTLS_CHACHA20_C - -/** - * \def MBEDTLS_CHACHAPOLY_C - * - * Enable the ChaCha20-Poly1305 AEAD algorithm. - * - * Module: library/chachapoly.c - * - * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C - */ -#define MBEDTLS_CHACHAPOLY_C - -/** - * \def MBEDTLS_CIPHER_C - * - * Enable the generic cipher layer. - * - * Module: library/cipher.c - * Caller: library/ssl_tls.c - * - * Uncomment to enable generic cipher wrappers. - */ -#define MBEDTLS_CIPHER_C - -/** - * \def MBEDTLS_CMAC_C - * - * Enable the CMAC (Cipher-based Message Authentication Code) mode for block - * ciphers. - * - * Module: library/cmac.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C - * - */ -#define MBEDTLS_CMAC_C - -/** - * \def MBEDTLS_CTR_DRBG_C - * - * Enable the CTR_DRBG AES-based random generator. - * The CTR_DRBG generator uses AES-256 by default. - * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below. - * - * Module: library/ctr_drbg.c - * Caller: - * - * Requires: MBEDTLS_AES_C - * - * This module provides the CTR_DRBG AES random number generator. - */ -#define MBEDTLS_CTR_DRBG_C - -/** - * \def MBEDTLS_DEBUG_C - * - * Enable the debug functions. - * - * Module: library/debug.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module provides debugging functions. - */ -#define MBEDTLS_DEBUG_C - -/** - * \def MBEDTLS_DES_C - * - * Enable the DES block cipher. - * - * Module: library/des.c - * Caller: library/pem.c - * library/cipher.c - * - * This module enables the following ciphersuites (if other requisites are - * enabled as well): - * MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA - * - * PEM_PARSE uses DES/3DES for decrypting encrypted keys. - * - * \warning DES is considered a weak cipher and its use constitutes a - * security risk. We recommend considering stronger ciphers instead. - */ -#define MBEDTLS_DES_C - -/** - * \def MBEDTLS_DHM_C - * - * Enable the Diffie-Hellman-Merkle module. - * - * Module: library/dhm.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * DHE-RSA, DHE-PSK - * - * \warning Using DHE constitutes a security risk as it - * is not possible to validate custom DH parameters. - * If possible, it is recommended users should consider - * preferring other methods of key exchange. - * See dhm.h for more details. - * - */ -#define MBEDTLS_DHM_C - -/** - * \def MBEDTLS_ECDH_C - * - * Enable the elliptic curve Diffie-Hellman library. - * - * Module: library/ecdh.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA, ECDHE-RSA, DHE-PSK - * - * Requires: MBEDTLS_ECP_C - */ -#define MBEDTLS_ECDH_C - -/** - * \def MBEDTLS_ECDSA_C - * - * Enable the elliptic curve DSA library. - * - * Module: library/ecdsa.c - * Caller: - * - * This module is used by the following key exchanges: - * ECDHE-ECDSA - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C - */ -#define MBEDTLS_ECDSA_C - -/** - * \def MBEDTLS_ECJPAKE_C - * - * Enable the elliptic curve J-PAKE library. - * - * \warning This is currently experimental. EC J-PAKE support is based on the - * Thread v1.0.0 specification; incompatible changes to the specification - * might still happen. For this reason, this is disabled by default. - * - * Module: library/ecjpake.c - * Caller: - * - * This module is used by the following key exchanges: - * ECJPAKE - * - * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C - */ -//#define MBEDTLS_ECJPAKE_C - -/** - * \def MBEDTLS_ECP_C - * - * Enable the elliptic curve over GF(p) library. - * - * Module: library/ecp.c - * Caller: library/ecdh.c - * library/ecdsa.c - * library/ecjpake.c - * - * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED - */ -#define MBEDTLS_ECP_C - -/** - * \def MBEDTLS_ENTROPY_C - * - * Enable the platform-specific entropy code. - * - * Module: library/entropy.c - * Caller: - * - * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C - * - * This module provides a generic entropy pool - */ -#define MBEDTLS_ENTROPY_C - -/** - * \def MBEDTLS_ERROR_C - * - * Enable error code to error string conversion. - * - * Module: library/error.c - * Caller: - * - * This module enables mbedtls_strerror(). - */ -#define MBEDTLS_ERROR_C - -/** - * \def MBEDTLS_GCM_C - * - * Enable the Galois/Counter Mode (GCM) for AES. - * - * Module: library/gcm.c - * - * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C - * - * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other - * requisites are enabled as well. - */ -#define MBEDTLS_GCM_C - -/** - * \def MBEDTLS_HKDF_C - * - * Enable the HKDF algorithm (RFC 5869). - * - * Module: library/hkdf.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * This module adds support for the Hashed Message Authentication Code - * (HMAC)-based key derivation function (HKDF). - */ -#define MBEDTLS_HKDF_C - -/** - * \def MBEDTLS_HMAC_DRBG_C - * - * Enable the HMAC_DRBG random generator. - * - * Module: library/hmac_drbg.c - * Caller: - * - * Requires: MBEDTLS_MD_C - * - * Uncomment to enable the HMAC_DRBG random number geerator. - */ -#define MBEDTLS_HMAC_DRBG_C - -/** - * \def MBEDTLS_NIST_KW_C - * - * Enable the Key Wrapping mode for 128-bit block ciphers, - * as defined in NIST SP 800-38F. Only KW and KWP modes - * are supported. At the moment, only AES is approved by NIST. - * - * Module: library/nist_kw.c - * - * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C - */ -//#define MBEDTLS_NIST_KW_C - -/** - * \def MBEDTLS_MD_C - * - * Enable the generic message digest layer. - * - * Module: library/md.c - * Caller: - * - * Uncomment to enable generic message digest wrappers. - */ -#define MBEDTLS_MD_C - -/** - * \def MBEDTLS_MD2_C - * - * Enable the MD2 hash algorithm. - * - * Module: library/md2.c - * Caller: - * - * Uncomment to enable support for (rare) MD2-signed X.509 certs. - * - * \warning MD2 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_MD2_C - -/** - * \def MBEDTLS_MD4_C - * - * Enable the MD4 hash algorithm. - * - * Module: library/md4.c - * Caller: - * - * Uncomment to enable support for (rare) MD4-signed X.509 certs. - * - * \warning MD4 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_MD4_C - -/** - * \def MBEDTLS_MD5_C - * - * Enable the MD5 hash algorithm. - * - * Module: library/md5.c - * Caller: library/md.c - * library/pem.c - * library/ssl_tls.c - * - * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 - * depending on the handshake parameters. Further, it is used for checking - * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded - * encrypted keys. - * - * \warning MD5 is considered a weak message digest and its use constitutes a - * security risk. If possible, we recommend avoiding dependencies on - * it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_MD5_C - -/** - * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C - * - * Enable the buffer allocator implementation that makes use of a (stack) - * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() - * calls) - * - * Module: library/memory_buffer_alloc.c - * - * Requires: MBEDTLS_PLATFORM_C - * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) - * - * Enable this module to enable the buffer memory allocator. - */ -//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C - -/** - * \def MBEDTLS_NET_C - * - * Enable the TCP and UDP over IPv6/IPv4 networking routines. - * - * \note This module only works on POSIX/Unix (including Linux, BSD and OS X) - * and Windows. For other platforms, you'll want to disable it, and write your - * own networking callbacks to be passed to \c mbedtls_ssl_set_bio(). - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/net_sockets.c - * - * This module provides networking routines. - */ -#define MBEDTLS_NET_C - -/** - * \def MBEDTLS_OID_C - * - * Enable the OID database. - * - * Module: library/oid.c - * Caller: library/asn1write.c - * library/pkcs5.c - * library/pkparse.c - * library/pkwrite.c - * library/rsa.c - * library/x509.c - * library/x509_create.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * This modules translates between OIDs and internal values. - */ -#define MBEDTLS_OID_C - -/** - * \def MBEDTLS_PADLOCK_C - * - * Enable VIA Padlock support on x86. - * - * Module: library/padlock.c - * Caller: library/aes.c - * - * Requires: MBEDTLS_HAVE_ASM - * - * This modules adds support for the VIA PadLock on x86. - */ -#define MBEDTLS_PADLOCK_C - -/** - * \def MBEDTLS_PEM_PARSE_C - * - * Enable PEM decoding / parsing. - * - * Module: library/pem.c - * Caller: library/dhm.c - * library/pkparse.c - * library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for decoding / parsing PEM files. - */ -#define MBEDTLS_PEM_PARSE_C - -/** - * \def MBEDTLS_PEM_WRITE_C - * - * Enable PEM encoding / writing. - * - * Module: library/pem.c - * Caller: library/pkwrite.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * Requires: MBEDTLS_BASE64_C - * - * This modules adds support for encoding / writing PEM files. - */ -#define MBEDTLS_PEM_WRITE_C - -/** - * \def MBEDTLS_PK_C - * - * Enable the generic public (asymetric) key layer. - * - * Module: library/pk.c - * Caller: library/ssl_tls.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C - * - * Uncomment to enable generic public key wrappers. - */ -#define MBEDTLS_PK_C - -/** - * \def MBEDTLS_PK_PARSE_C - * - * Enable the generic public (asymetric) key parser. - * - * Module: library/pkparse.c - * Caller: library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_PK_C - * - * Uncomment to enable generic public key parse functions. - */ -#define MBEDTLS_PK_PARSE_C - -/** - * \def MBEDTLS_PK_WRITE_C - * - * Enable the generic public (asymetric) key writer. - * - * Module: library/pkwrite.c - * Caller: library/x509write.c - * - * Requires: MBEDTLS_PK_C - * - * Uncomment to enable generic public key write functions. - */ -#define MBEDTLS_PK_WRITE_C - -/** - * \def MBEDTLS_PKCS5_C - * - * Enable PKCS#5 functions. - * - * Module: library/pkcs5.c - * - * Requires: MBEDTLS_MD_C - * - * This module adds support for the PKCS#5 functions. - */ -#define MBEDTLS_PKCS5_C - -/** - * \def MBEDTLS_PKCS12_C - * - * Enable PKCS#12 PBE functions. - * Adds algorithms for parsing PKCS#8 encrypted private keys - * - * Module: library/pkcs12.c - * Caller: library/pkparse.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * Can use: MBEDTLS_ARC4_C - * - * This module enables PKCS#12 functions. - */ -#define MBEDTLS_PKCS12_C - -/** - * \def MBEDTLS_PLATFORM_C - * - * Enable the platform abstraction layer that allows you to re-assign - * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). - * - * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT - * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned - * above to be specified at runtime or compile time respectively. - * - * \note This abstraction layer must be enabled on Windows (including MSYS2) - * as other module rely on it for a fixed snprintf implementation. - * - * Module: library/platform.c - * Caller: Most other .c files - * - * This module enables abstraction of common (libc) functions. - */ -#define MBEDTLS_PLATFORM_C - -/** - * \def MBEDTLS_POLY1305_C - * - * Enable the Poly1305 MAC algorithm. - * - * Module: library/poly1305.c - * Caller: library/chachapoly.c - */ -#define MBEDTLS_POLY1305_C - -/** - * \def MBEDTLS_PSA_CRYPTO_C - * - * Enable the Platform Security Architecture cryptography API. - * - * Module: library/psa_crypto.c - * - * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C - * - */ -#define MBEDTLS_PSA_CRYPTO_C - -/** - * \def MBEDTLS_PSA_CRYPTO_STORAGE_C - * - * Enable the Platform Security Architecture persistent key storage. - * - * Module: library/psa_crypto_storage.c - * - * Requires: MBEDTLS_PSA_CRYPTO_C, - * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of - * the PSA ITS interface - */ -#define MBEDTLS_PSA_CRYPTO_STORAGE_C - -/** - * \def MBEDTLS_PSA_ITS_FILE_C - * - * Enable the emulation of the Platform Security Architecture - * Internal Trusted Storage (PSA ITS) over files. - * - * Module: library/psa_its_file.c - * - * Requires: MBEDTLS_FS_IO - */ -#define MBEDTLS_PSA_ITS_FILE_C - -/** - * \def MBEDTLS_RIPEMD160_C - * - * Enable the RIPEMD-160 hash algorithm. - * - * Module: library/ripemd160.c - * Caller: library/md.c - * - */ -#define MBEDTLS_RIPEMD160_C - -/** - * \def MBEDTLS_RSA_C - * - * Enable the RSA public-key cryptosystem. - * - * Module: library/rsa.c - * library/rsa_alt_helpers.h - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509.c - * - * This module is used by the following key exchanges: - * RSA, DHE-RSA, ECDHE-RSA, RSA-PSK - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C - */ -#define MBEDTLS_RSA_C - -/** - * \def MBEDTLS_SHA1_C - * - * Enable the SHA1 cryptographic hash algorithm. - * - * Module: library/sha1.c - * Caller: library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509write_crt.c - * - * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 - * depending on the handshake parameters, and for SHA1-signed certificates. - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_SHA1_C - -/** - * \def MBEDTLS_SHA256_C - * - * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. - * - * Module: library/sha256.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module adds support for SHA-224 and SHA-256. - * This module is required for the SSL/TLS 1.2 PRF function. - */ -#define MBEDTLS_SHA256_C - -/** - * \def MBEDTLS_SHA512_C - * - * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. - * - * Module: library/sha512.c - * Caller: library/entropy.c - * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c - * - * This module adds support for SHA-384 and SHA-512. - */ -#define MBEDTLS_SHA512_C - -/** - * \def MBEDTLS_SSL_CACHE_C - * - * Enable simple SSL cache implementation. - * - * Module: library/ssl_cache.c - * Caller: - * - * Requires: MBEDTLS_SSL_CACHE_C - */ -#define MBEDTLS_SSL_CACHE_C - -/** - * \def MBEDTLS_SSL_COOKIE_C - * - * Enable basic implementation of DTLS cookies for hello verification. - * - * Module: library/ssl_cookie.c - * Caller: - */ -#define MBEDTLS_SSL_COOKIE_C - -/** - * \def MBEDTLS_SSL_TICKET_C - * - * Enable an implementation of TLS server-side callbacks for session tickets. - * - * Module: library/ssl_ticket.c - * Caller: - * - * Requires: MBEDTLS_CIPHER_C - */ -#define MBEDTLS_SSL_TICKET_C - -/** - * \def MBEDTLS_SSL_CLI_C - * - * Enable the SSL/TLS client code. - * - * Module: library/ssl_cli.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS client support. - */ -#define MBEDTLS_SSL_CLI_C - -/** - * \def MBEDTLS_SSL_SRV_C - * - * Enable the SSL/TLS server code. - * - * Module: library/ssl_srv.c - * Caller: - * - * Requires: MBEDTLS_SSL_TLS_C - * - * This module is required for SSL/TLS server support. - */ -#define MBEDTLS_SSL_SRV_C - -/** - * \def MBEDTLS_SSL_TLS_C - * - * Enable the generic SSL/TLS code. - * - * Module: library/ssl_tls.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C - * and at least one of the MBEDTLS_SSL_PROTO_XXX defines - * - * This module is required for SSL/TLS. - */ -#define MBEDTLS_SSL_TLS_C - -/** - * \def MBEDTLS_THREADING_C - * - * Enable the threading abstraction layer. - * By default mbed TLS assumes it is used in a non-threaded environment or that - * contexts are not shared between threads. If you do intend to use contexts - * between threads, you will need to enable this layer to prevent race - * conditions. See also our Knowledge Base article about threading: - * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading - * - * Module: library/threading.c - * - * This allows different threading implementations (self-implemented or - * provided). - * - * You will have to enable either MBEDTLS_THREADING_ALT or - * MBEDTLS_THREADING_PTHREAD. - * - * Enable this layer to allow use of mutexes within mbed TLS - */ -//#define MBEDTLS_THREADING_C - -/** - * \def MBEDTLS_TIMING_C - * - * Enable the semi-portable timing interface. - * - * \note The provided implementation only works on POSIX/Unix (including Linux, - * BSD and OS X) and Windows. On other platforms, you can either disable that - * module and provide your own implementations of the callbacks needed by - * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide - * your own implementation of the whole module by setting - * \c MBEDTLS_TIMING_ALT in the current file. - * - * \note See also our Knowledge Base article about porting to a new - * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS - * - * Module: library/timing.c - */ -#define MBEDTLS_TIMING_C - -/** - * \def MBEDTLS_VERSION_C - * - * Enable run-time version information. - * - * Module: library/version.c - * - * This module provides run-time version information. - */ -#define MBEDTLS_VERSION_C - -/** - * \def MBEDTLS_X509_USE_C - * - * Enable X.509 core for using certificates. - * - * Module: library/x509.c - * Caller: library/x509_crl.c - * library/x509_crt.c - * library/x509_csr.c - * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, - * MBEDTLS_PK_PARSE_C - * - * This module is required for the X.509 parsing modules. - */ -#define MBEDTLS_X509_USE_C - -/** - * \def MBEDTLS_X509_CRT_PARSE_C - * - * Enable X.509 certificate parsing. - * - * Module: library/x509_crt.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 certificate parsing. - */ -#define MBEDTLS_X509_CRT_PARSE_C - -/** - * \def MBEDTLS_X509_CRL_PARSE_C - * - * Enable X.509 CRL parsing. - * - * Module: library/x509_crl.c - * Caller: library/x509_crt.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is required for X.509 CRL parsing. - */ -#define MBEDTLS_X509_CRL_PARSE_C - -/** - * \def MBEDTLS_X509_CSR_PARSE_C - * - * Enable X.509 Certificate Signing Request (CSR) parsing. - * - * Module: library/x509_csr.c - * Caller: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_USE_C - * - * This module is used for reading X.509 certificate request. - */ -#define MBEDTLS_X509_CSR_PARSE_C - -/** - * \def MBEDTLS_X509_CREATE_C - * - * Enable X.509 core for creating certificates. - * - * Module: library/x509_create.c - * - * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C - * - * This module is the basis for creating X.509 certificates and CSRs. - */ -#define MBEDTLS_X509_CREATE_C - -/** - * \def MBEDTLS_X509_CRT_WRITE_C - * - * Enable creating X.509 certificates. - * - * Module: library/x509_crt_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate creation. - */ -#define MBEDTLS_X509_CRT_WRITE_C - -/** - * \def MBEDTLS_X509_CSR_WRITE_C - * - * Enable creating X.509 Certificate Signing Requests (CSR). - * - * Module: library/x509_csr_write.c - * - * Requires: MBEDTLS_X509_CREATE_C - * - * This module is required for X.509 certificate request writing. - */ -#define MBEDTLS_X509_CSR_WRITE_C - -/** - * \def MBEDTLS_XTEA_C - * - * Enable the XTEA block cipher. - * - * Module: library/xtea.c - * Caller: - */ -#define MBEDTLS_XTEA_C - -/* \} name SECTION: mbed TLS modules */ - -/** - * \name SECTION: Module configuration options - * - * This section allows for the setting of module specific sizes and - * configuration options. The default values are already present in the - * relevant header files and should suffice for the regular use cases. - * - * Our advice is to enable options and change their values here - * only if you have a good reason and know the consequences. - * - * Please check the respective header file for documentation on these - * parameters (to prevent duplicate documentation). - * \{ - */ - -/* MPI / BIGNUM options */ -//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ -//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ - -/* CTR_DRBG options */ -//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ -//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ -//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */ - -/* HMAC_DRBG options */ -//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -//#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ - -/* ECP options */ -//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ -//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ -//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ - -/* Entropy options */ -//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ -//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ -//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */ - -/* Memory buffer allocator options */ -//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ - -/* Platform options */ -//#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */ -/* Note: your snprintf must correctly zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ - -/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ -/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ -//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ -//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */ -/* Note: your snprintf must correctly zero-terminate the buffer! */ -//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ -//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ - -/** - * \brief This macro is invoked by the library when an invalid parameter - * is detected that is only checked with MBEDTLS_CHECK_PARAMS - * (see the documentation of that option for context). - * - * When you leave this undefined here, a default definition is - * provided that invokes the function mbedtls_param_failed(), - * which is declared in platform_util.h for the benefit of the - * library, but that you need to define in your application. - * - * When you define this here, this replaces the default - * definition in platform_util.h (which no longer declares the - * function mbedtls_param_failed()) and it is your responsibility - * to make sure this macro expands to something suitable (in - * particular, that all the necessary declarations are visible - * from within the library - you can ensure that by providing - * them in this file next to the macro definition). - * - * Note that you may define this macro to expand to nothing, in - * which case you don't have to worry about declarations or - * definitions. However, you will then be notified about invalid - * parameters only in non-void functions, and void function will - * just silently return early on invalid parameters, which - * partially negates the benefits of enabling - * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. - * - * \param cond The expression that should evaluate to true, but doesn't. - */ -//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) - -/* SSL Cache options */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ -//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ - -/* SSL options */ - -/** \def MBEDTLS_SSL_MAX_CONTENT_LEN - * - * Maximum length (in bytes) of incoming and outgoing plaintext fragments. - * - * This determines the size of both the incoming and outgoing TLS I/O buffers - * in such a way that both are capable of holding the specified amount of - * plaintext data, regardless of the protection mechanism used. - * - * To configure incoming and outgoing I/O buffers separately, use - * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, - * which overwrite the value set by this option. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of both - * incoming and outgoing I/O buffers. - */ -//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_IN_CONTENT_LEN - * - * Maximum length (in bytes) of incoming plaintext fragments. - * - * This determines the size of the incoming TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option is undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of the incoming I/O buffer - * independently of the outgoing I/O buffer. - */ -//#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_OUT_CONTENT_LEN - * - * Maximum length (in bytes) of outgoing plaintext fragments. - * - * This determines the size of the outgoing TLS I/O buffer in such a way - * that it is capable of holding the specified amount of plaintext data, - * regardless of the protection mechanism used. - * - * If this option undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * - * It is possible to save RAM by setting a smaller outward buffer, while keeping - * the default inward 16384 byte buffer to conform to the TLS specification. - * - * The minimum required outward buffer size is determined by the handshake - * protocol's usage. Handshaking will fail if the outward buffer is too small. - * The specific size requirement depends on the configured ciphers and any - * certificate data which is sent during the handshake. - * - * Uncomment to set the maximum plaintext size of the outgoing I/O buffer - * independently of the incoming I/O buffer. - */ -//#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 - -/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING - * - * Maximum number of heap-allocated bytes for the purpose of - * DTLS handshake message reassembly and future message buffering. - * - * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN - * to account for a reassembled handshake message of maximum size, - * together with its reassembly bitmap. - * - * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) - * should be sufficient for all practical situations as it allows - * to reassembly a large handshake message (such as a certificate) - * while buffering multiple smaller handshake messages. - * - */ -//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 - -//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ -//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ - -/** - * Complete list of ciphersuites to use, in order of preference. - * - * \warning No dependency checking is done on that field! This option can only - * be used to restrict the set of available ciphersuites. It is your - * responsibility to make sure the needed modules are active. - * - * Use this to save a few hundred bytes of ROM (default ordering of all - * available ciphersuites) and a few to a few hundred bytes of RAM. - * - * The value below is only an example, not the default. - */ -//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - -/* X509 options */ -//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ -//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ - -/** - * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake - * signature and ciphersuite selection. Without this build-time option, SHA-1 - * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. - * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by - * default. At the time of writing, there is no practical attack on the use - * of SHA-1 in handshake signatures, hence this option is turned on by default - * to preserve compatibility with existing peers, but the general - * warning applies nonetheless: - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE - -/** - * Uncomment the macro to let mbed TLS use your alternate implementation of - * mbedtls_platform_zeroize(). This replaces the default implementation in - * platform_util.c. - * - * mbedtls_platform_zeroize() is a widely used function across the library to - * zero a block of memory. The implementation is expected to be secure in the - * sense that it has been written to prevent the compiler from removing calls - * to mbedtls_platform_zeroize() as part of redundant code elimination - * optimizations. However, it is difficult to guarantee that calls to - * mbedtls_platform_zeroize() will not be optimized by the compiler as older - * versions of the C language standards do not provide a secure implementation - * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to - * configure their own implementation of mbedtls_platform_zeroize(), for - * example by using directives specific to their compiler, features from newer - * C standards (e.g using memset_s() in C11) or calling a secure memset() from - * their system (e.g explicit_bzero() in BSD). - */ -//#define MBEDTLS_PLATFORM_ZEROIZE_ALT - -/** - * Uncomment the macro to let Mbed TLS use your alternate implementation of - * mbedtls_platform_gmtime_r(). This replaces the default implementation in - * platform_util.c. - * - * gmtime() is not a thread-safe function as defined in the C standard. The - * library will try to use safer implementations of this function, such as - * gmtime_r() when available. However, if Mbed TLS cannot identify the target - * system, the implementation of mbedtls_platform_gmtime_r() will default to - * using the standard gmtime(). In this case, calls from the library to - * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex - * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the - * library are also guarded with this mutex to avoid race conditions. However, - * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will - * unconditionally use the implementation for mbedtls_platform_gmtime_r() - * supplied at compile time. - */ -//#define MBEDTLS_PLATFORM_GMTIME_R_ALT - -/* \} name SECTION: Customisation configuration options */ - -/* Target and application specific configurations - * - * Allow user to override any previous default. - * - */ -#if defined(MBEDTLS_USER_CONFIG_FILE) -#include MBEDTLS_USER_CONFIG_FILE -#endif - -#include "mbedtls/check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index cf4175af2..57263a334 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -36,8 +36,6 @@ my %configs = ( }, 'config-no-entropy.h' => { }, - 'config-psa-crypto.h' => { - }, 'config-suite-b.h' => { 'compat' => "-m tls1_2 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS", }, From 015109b0663a70826c9ea146255100f02cd16e64 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 5 May 2021 17:52:22 +0200 Subject: [PATCH 160/160] Changelog entry for the removal of config-psa-crypto.h in 3.0 Signed-off-by: Gilles Peskine --- ChangeLog.d/remove-config-psa-crypto.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/remove-config-psa-crypto.txt diff --git a/ChangeLog.d/remove-config-psa-crypto.txt b/ChangeLog.d/remove-config-psa-crypto.txt new file mode 100644 index 000000000..eb7cc504c --- /dev/null +++ b/ChangeLog.d/remove-config-psa-crypto.txt @@ -0,0 +1,3 @@ +Changes + * Remove configs/config-psa-crypto.h, which no longer had any intended + differences from the default configuration, but had accidentally diverged.