ext: lib: mbedtls: Upgrading mbedTLS library
Upgrading mbedTLS to version 2.4.2 from 2.4 Origin: https://tls.mbed.org/download/start/mbedtls-2.4.2-apache.tgz Jira: ZEP-1800 Change-Id: I16a7eaeb4c2e47d11f0594fe1bd865be3eef37b6 Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This commit is contained in:
parent
8e1dffd192
commit
a20b249549
|
@ -1,9 +1,9 @@
|
|||
The mbed TLS library in Zephyr is a downstream of an externally maintained
|
||||
open source project. The original upstream code can be found at:
|
||||
|
||||
https://tls.mbed.org/download/start/mbedtls-2.4.0-apache.tgz
|
||||
https://tls.mbed.org/download/start/mbedtls-2.4.2-apache.tgz
|
||||
|
||||
At version 2.4.0
|
||||
At version 2.4.2
|
||||
|
||||
The following is the license information for this code:
|
||||
|
||||
|
|
|
@ -58,9 +58,13 @@ struct mbedtls_cmac_context_t
|
|||
/**
|
||||
* \brief Set the CMAC key and prepare to authenticate the input
|
||||
* data.
|
||||
* Should be called with an initialised cipher context.
|
||||
* Should be called with an initialized cipher context.
|
||||
*
|
||||
* \param ctx Cipher context
|
||||
* \param ctx Cipher context. This should be a cipher context,
|
||||
* initialized to be one of the following types:
|
||||
* MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_CIPHER_AES_192_ECB,
|
||||
* MBEDTLS_CIPHER_AES_256_ECB or
|
||||
* MBEDTLS_CIPHER_DES_EDE3_ECB.
|
||||
* \param key CMAC key
|
||||
* \param keybits length of the CMAC key in bits
|
||||
* (must be acceptable by the cipher)
|
||||
|
@ -115,7 +119,7 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
|
|||
int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
|
||||
|
||||
/**
|
||||
* \brief Output = Generic_CMAC( hmac key, input buffer )
|
||||
* \brief Output = Generic_CMAC( cmac key, input buffer )
|
||||
*
|
||||
* \param cipher_info message digest info
|
||||
* \param key CMAC key
|
||||
|
|
|
@ -2453,7 +2453,6 @@
|
|||
#define ssl_set_arc4_support mbedtls_ssl_conf_arc4_support
|
||||
#define ssl_set_authmode mbedtls_ssl_conf_authmode
|
||||
#define ssl_set_bio mbedtls_ssl_set_bio
|
||||
#define ssl_set_bio mbedtls_ssl_set_bio_timeout
|
||||
#define ssl_set_ca_chain mbedtls_ssl_conf_ca_chain
|
||||
#define ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting
|
||||
#define ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites
|
||||
|
|
|
@ -1525,7 +1525,7 @@
|
|||
* library/pkwrite.c
|
||||
* library/x509_create.c
|
||||
* library/x509write_crt.c
|
||||
* library/mbedtls_x509write_csr.c
|
||||
* library/x509write_csr.c
|
||||
*/
|
||||
#define MBEDTLS_ASN1_WRITE_C
|
||||
|
||||
|
@ -1886,7 +1886,7 @@
|
|||
*
|
||||
* Enable the generic message digest layer.
|
||||
*
|
||||
* Module: library/mbedtls_md.c
|
||||
* Module: library/md.c
|
||||
* Caller:
|
||||
*
|
||||
* Uncomment to enable generic message digest wrappers.
|
||||
|
@ -1898,7 +1898,7 @@
|
|||
*
|
||||
* Enable the MD2 hash algorithm.
|
||||
*
|
||||
* Module: library/mbedtls_md2.c
|
||||
* Module: library/md2.c
|
||||
* Caller:
|
||||
*
|
||||
* Uncomment to enable support for (rare) MD2-signed X.509 certs.
|
||||
|
@ -1910,7 +1910,7 @@
|
|||
*
|
||||
* Enable the MD4 hash algorithm.
|
||||
*
|
||||
* Module: library/mbedtls_md4.c
|
||||
* Module: library/md4.c
|
||||
* Caller:
|
||||
*
|
||||
* Uncomment to enable support for (rare) MD4-signed X.509 certs.
|
||||
|
@ -1922,8 +1922,8 @@
|
|||
*
|
||||
* Enable the MD5 hash algorithm.
|
||||
*
|
||||
* Module: library/mbedtls_md5.c
|
||||
* Caller: library/mbedtls_md.c
|
||||
* Module: library/md5.c
|
||||
* Caller: library/md.c
|
||||
* library/pem.c
|
||||
* library/ssl_tls.c
|
||||
*
|
||||
|
@ -1980,11 +1980,11 @@
|
|||
* library/rsa.c
|
||||
* library/x509.c
|
||||
* library/x509_create.c
|
||||
* library/mbedtls_x509_crl.c
|
||||
* library/mbedtls_x509_crt.c
|
||||
* library/mbedtls_x509_csr.c
|
||||
* library/x509_crl.c
|
||||
* library/x509_crt.c
|
||||
* library/x509_csr.c
|
||||
* library/x509write_crt.c
|
||||
* library/mbedtls_x509write_csr.c
|
||||
* library/x509write_csr.c
|
||||
*
|
||||
* This modules translates between OIDs and internal values.
|
||||
*/
|
||||
|
@ -2012,9 +2012,9 @@
|
|||
* Module: library/pem.c
|
||||
* Caller: library/dhm.c
|
||||
* library/pkparse.c
|
||||
* library/mbedtls_x509_crl.c
|
||||
* library/mbedtls_x509_crt.c
|
||||
* library/mbedtls_x509_csr.c
|
||||
* library/x509_crl.c
|
||||
* library/x509_crt.c
|
||||
* library/x509_csr.c
|
||||
*
|
||||
* Requires: MBEDTLS_BASE64_C
|
||||
*
|
||||
|
@ -2030,7 +2030,7 @@
|
|||
* Module: library/pem.c
|
||||
* Caller: library/pkwrite.c
|
||||
* library/x509write_crt.c
|
||||
* library/mbedtls_x509write_csr.c
|
||||
* library/x509write_csr.c
|
||||
*
|
||||
* Requires: MBEDTLS_BASE64_C
|
||||
*
|
||||
|
@ -2060,8 +2060,8 @@
|
|||
* Enable the generic public (asymetric) key parser.
|
||||
*
|
||||
* Module: library/pkparse.c
|
||||
* Caller: library/mbedtls_x509_crt.c
|
||||
* library/mbedtls_x509_csr.c
|
||||
* Caller: library/x509_crt.c
|
||||
* library/x509_csr.c
|
||||
*
|
||||
* Requires: MBEDTLS_PK_C
|
||||
*
|
||||
|
@ -2152,8 +2152,8 @@
|
|||
*
|
||||
* Enable the RIPEMD-160 hash algorithm.
|
||||
*
|
||||
* Module: library/mbedtls_ripemd160.c
|
||||
* Caller: library/mbedtls_md.c
|
||||
* Module: library/ripemd160.c
|
||||
* Caller: library/md.c
|
||||
*
|
||||
*/
|
||||
#define MBEDTLS_RIPEMD160_C
|
||||
|
@ -2181,8 +2181,8 @@
|
|||
*
|
||||
* Enable the SHA1 cryptographic hash algorithm.
|
||||
*
|
||||
* Module: library/mbedtls_sha1.c
|
||||
* Caller: library/mbedtls_md.c
|
||||
* Module: library/sha1.c
|
||||
* Caller: library/md.c
|
||||
* library/ssl_cli.c
|
||||
* library/ssl_srv.c
|
||||
* library/ssl_tls.c
|
||||
|
@ -2197,9 +2197,9 @@
|
|||
*
|
||||
* Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
|
||||
*
|
||||
* Module: library/mbedtls_sha256.c
|
||||
* Module: library/sha256.c
|
||||
* Caller: library/entropy.c
|
||||
* library/mbedtls_md.c
|
||||
* library/md.c
|
||||
* library/ssl_cli.c
|
||||
* library/ssl_srv.c
|
||||
* library/ssl_tls.c
|
||||
|
@ -2214,9 +2214,9 @@
|
|||
*
|
||||
* Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
|
||||
*
|
||||
* Module: library/mbedtls_sha512.c
|
||||
* Module: library/sha512.c
|
||||
* Caller: library/entropy.c
|
||||
* library/mbedtls_md.c
|
||||
* library/md.c
|
||||
* library/ssl_cli.c
|
||||
* library/ssl_srv.c
|
||||
*
|
||||
|
@ -2364,9 +2364,9 @@
|
|||
* Enable X.509 core for using certificates.
|
||||
*
|
||||
* Module: library/x509.c
|
||||
* Caller: library/mbedtls_x509_crl.c
|
||||
* library/mbedtls_x509_crt.c
|
||||
* library/mbedtls_x509_csr.c
|
||||
* Caller: library/x509_crl.c
|
||||
* library/x509_crt.c
|
||||
* library/x509_csr.c
|
||||
*
|
||||
* Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
|
||||
* MBEDTLS_PK_PARSE_C
|
||||
|
@ -2380,7 +2380,7 @@
|
|||
*
|
||||
* Enable X.509 certificate parsing.
|
||||
*
|
||||
* Module: library/mbedtls_x509_crt.c
|
||||
* Module: library/x509_crt.c
|
||||
* Caller: library/ssl_cli.c
|
||||
* library/ssl_srv.c
|
||||
* library/ssl_tls.c
|
||||
|
@ -2396,8 +2396,8 @@
|
|||
*
|
||||
* Enable X.509 CRL parsing.
|
||||
*
|
||||
* Module: library/mbedtls_x509_crl.c
|
||||
* Caller: library/mbedtls_x509_crt.c
|
||||
* Module: library/x509_crl.c
|
||||
* Caller: library/x509_crt.c
|
||||
*
|
||||
* Requires: MBEDTLS_X509_USE_C
|
||||
*
|
||||
|
@ -2410,7 +2410,7 @@
|
|||
*
|
||||
* Enable X.509 Certificate Signing Request (CSR) parsing.
|
||||
*
|
||||
* Module: library/mbedtls_x509_csr.c
|
||||
* Module: library/x509_csr.c
|
||||
* Caller: library/x509_crt_write.c
|
||||
*
|
||||
* Requires: MBEDTLS_X509_USE_C
|
||||
|
|
|
@ -206,7 +206,7 @@ int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, const mbedtls_rs
|
|||
* \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
|
||||
*
|
||||
* \note This function does NOT take care of message
|
||||
* padding. Also, be sure to set input[0] = 0 or assure that
|
||||
* padding. Also, be sure to set input[0] = 0 or ensure that
|
||||
* input is smaller than N.
|
||||
*
|
||||
* \note The input and output buffers must be large
|
||||
|
|
|
@ -1146,7 +1146,7 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
|
|||
*
|
||||
* \note See the documentation of \c mbedtls_ssl_set_timer_t and
|
||||
* \c mbedtls_ssl_get_timer_t for the conventions this pair of
|
||||
* callbacks must fallow.
|
||||
* callbacks must follow.
|
||||
*
|
||||
* \note On some platforms, timing.c provides
|
||||
* \c mbedtls_timing_set_delay() and
|
||||
|
@ -2183,7 +2183,7 @@ void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_
|
|||
|
||||
/**
|
||||
* \brief Set record counter threshold for periodic renegotiation.
|
||||
* (Default: 2^64 - 256.)
|
||||
* (Default: 2^48 - 1)
|
||||
*
|
||||
* Renegotiation is automatically triggered when a record
|
||||
* counter (outgoing or ingoing) crosses the defined
|
||||
|
@ -2194,9 +2194,17 @@ void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_
|
|||
* Lower values can be used to enforce policies such as "keys
|
||||
* must be refreshed every N packets with cipher X".
|
||||
*
|
||||
* The renegotiation period can be disabled by setting
|
||||
* conf->disable_renegotiation to
|
||||
* MBEDTLS_SSL_RENEGOTIATION_DISABLED.
|
||||
*
|
||||
* \note When the configured transport is
|
||||
* MBEDTLS_SSL_TRANSPORT_DATAGRAM the maximum renegotiation
|
||||
* period is 2^48 - 1, and for MBEDTLS_SSL_TRANSPORT_STREAM,
|
||||
* the maximum renegotiation period is 2^64 - 1.
|
||||
*
|
||||
* \param conf SSL configuration
|
||||
* \param period The threshold value: a big-endian 64-bit number.
|
||||
* Set to 2^64 - 1 to disable periodic renegotiation
|
||||
*/
|
||||
void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
|
||||
const unsigned char period[8] );
|
||||
|
@ -2428,7 +2436,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
|
|||
* \param len how many bytes must be written
|
||||
*
|
||||
* \return the number of bytes actually written (may be less than len),
|
||||
* or MBEDTLS_ERR_SSL_WANT_WRITE of MBEDTLS_ERR_SSL_WANT_READ,
|
||||
* or MBEDTLS_ERR_SSL_WANT_WRITE or MBEDTLS_ERR_SSL_WANT_READ,
|
||||
* or another negative error code.
|
||||
*
|
||||
* \note If this function returns something other than a positive
|
||||
|
@ -2513,7 +2521,6 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf );
|
|||
* \param transport MBEDTLS_SSL_TRANSPORT_STREAM for TLS, or
|
||||
* MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS
|
||||
* \param preset a MBEDTLS_SSL_PRESET_XXX value
|
||||
* (currently unused).
|
||||
*
|
||||
* \note See \c mbedtls_ssl_conf_transport() for notes on DTLS.
|
||||
*
|
||||
|
|
|
@ -39,16 +39,16 @@
|
|||
*/
|
||||
#define MBEDTLS_VERSION_MAJOR 2
|
||||
#define MBEDTLS_VERSION_MINOR 4
|
||||
#define MBEDTLS_VERSION_PATCH 0
|
||||
#define MBEDTLS_VERSION_PATCH 2
|
||||
|
||||
/**
|
||||
* The single version number has the following structure:
|
||||
* MMNNPP00
|
||||
* Major version | Minor version | Patch version
|
||||
*/
|
||||
#define MBEDTLS_VERSION_NUMBER 0x02040000
|
||||
#define MBEDTLS_VERSION_STRING "2.4.0"
|
||||
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.4.0"
|
||||
#define MBEDTLS_VERSION_NUMBER 0x02040200
|
||||
#define MBEDTLS_VERSION_STRING "2.4.2"
|
||||
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.4.2"
|
||||
|
||||
#if defined(MBEDTLS_VERSION_C)
|
||||
|
||||
|
|
|
@ -157,7 +157,7 @@
|
|||
#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY (1 << 13)
|
||||
#define MBEDTLS_X509_EXT_FRESHEST_CRL (1 << 14)
|
||||
|
||||
#define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16) /* Parsed (and then ?) */
|
||||
#define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16)
|
||||
|
||||
/*
|
||||
* Storage format identifiers
|
||||
|
|
|
@ -192,7 +192,11 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
n = ( ( n * 6 ) + 7 ) >> 3;
|
||||
/* The following expression is to calculate the following formula without
|
||||
* risk of integer overflow in n:
|
||||
* n = ( ( n * 6 ) + 7 ) >> 3;
|
||||
*/
|
||||
n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 );
|
||||
n -= j;
|
||||
|
||||
if( dst == NULL || dlen < n )
|
||||
|
|
|
@ -534,7 +534,12 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
|
|||
n = mbedtls_mpi_bitlen( X );
|
||||
if( radix >= 4 ) n >>= 1;
|
||||
if( radix >= 16 ) n >>= 1;
|
||||
n += 3;
|
||||
/*
|
||||
* Round up the buffer length to an even value to ensure that there is
|
||||
* enough room for hexadecimal values that can be represented in an odd
|
||||
* number of digits.
|
||||
*/
|
||||
n += 3 + ( ( n + 1 ) & 1 );
|
||||
|
||||
if( buflen < n )
|
||||
{
|
||||
|
|
|
@ -326,9 +326,9 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
|
|||
* If there is not enough data for a full block, cache it.
|
||||
*/
|
||||
if( ( ctx->operation == MBEDTLS_DECRYPT &&
|
||||
ilen + ctx->unprocessed_len <= block_size ) ||
|
||||
ilen <= block_size - ctx->unprocessed_len ) ||
|
||||
( ctx->operation == MBEDTLS_ENCRYPT &&
|
||||
ilen + ctx->unprocessed_len < block_size ) )
|
||||
ilen < block_size - ctx->unprocessed_len ) )
|
||||
{
|
||||
memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
|
||||
ilen );
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
*
|
||||
* - NIST SP 800-38B Recommendation for Block Cipher Modes of Operation: The
|
||||
* CMAC Mode for Authentication
|
||||
* http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38b.pdf
|
||||
* http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38b.pdf
|
||||
*
|
||||
* - RFC 4493 - The AES-CMAC Algorithm
|
||||
* https://tools.ietf.org/html/rfc4493
|
||||
|
@ -62,7 +62,7 @@
|
|||
#if defined(MBEDTLS_SELF_TEST)
|
||||
#include <stdio.h>
|
||||
#define mbedtls_printf printf
|
||||
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C || MBEDTLS_DES_C */
|
||||
#endif /* MBEDTLS_SELF_TEST */
|
||||
#endif /* MBEDTLS_PLATFORM_C */
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
|
@ -80,7 +80,7 @@ static void mbedtls_zeroize( void *v, size_t n ) {
|
|||
* with R_64 = 0x1B and R_128 = 0x87
|
||||
*
|
||||
* Input and output MUST NOT point to the same buffer
|
||||
* Block size must be 8 byes or 16 bytes - the block sizes for DES and AES.
|
||||
* Block size must be 8 bytes or 16 bytes - the block sizes for DES and AES.
|
||||
*/
|
||||
static int cmac_multiply_by_u( unsigned char *output,
|
||||
const unsigned char *input,
|
||||
|
@ -105,7 +105,7 @@ static int cmac_multiply_by_u( unsigned char *output,
|
|||
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
for( i = blocksize - 1; i >= 0; i-- )
|
||||
for( i = (int)blocksize - 1; i >= 0; i-- )
|
||||
{
|
||||
output[i] = input[i] << 1 | overflow;
|
||||
overflow = input[i] >> 7;
|
||||
|
@ -209,7 +209,7 @@ int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
|
|||
if( ctx == NULL || ctx->cipher_info == NULL || key == NULL )
|
||||
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
||||
|
||||
if( ( retval = mbedtls_cipher_setkey( ctx, key, keybits,
|
||||
if( ( retval = mbedtls_cipher_setkey( ctx, key, (int)keybits,
|
||||
MBEDTLS_ENCRYPT ) ) != 0 )
|
||||
return( retval );
|
||||
|
||||
|
@ -244,8 +244,8 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
|
|||
{
|
||||
mbedtls_cmac_context_t* cmac_ctx;
|
||||
unsigned char *state;
|
||||
int n, j, ret = 0;
|
||||
size_t olen, block_size;
|
||||
int ret = 0;
|
||||
size_t n, j, olen, block_size;
|
||||
|
||||
if( ctx == NULL || ctx->cipher_info == NULL || input == NULL ||
|
||||
ctx->cmac_ctx == NULL )
|
||||
|
@ -280,8 +280,9 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
|
|||
/* n is the number of blocks including any final partial block */
|
||||
n = ( ilen + block_size - 1 ) / block_size;
|
||||
|
||||
/* Iterate across the input data in block sized chunks */
|
||||
for( j = 0; j < n - 1; j++ )
|
||||
/* Iterate across the input data in block sized chunks, excluding any
|
||||
* final partial or complete block */
|
||||
for( j = 1; j < n; j++ )
|
||||
{
|
||||
cmac_xor_block( state, input, state, block_size );
|
||||
|
||||
|
@ -469,8 +470,9 @@ exit:
|
|||
|
||||
#if defined(MBEDTLS_SELF_TEST)
|
||||
/*
|
||||
* CMAC test data from SP800-38B Appendix D.1 (corrected)
|
||||
* http://csrc.nist.gov/publications/nistpubs/800-38B/Updated_CMAC_Examples.pdf
|
||||
* CMAC test data for SP800-38B
|
||||
* http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_CMAC.pdf
|
||||
* http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/TDES_CMAC.pdf
|
||||
*
|
||||
* AES-CMAC-PRF-128 test data from RFC 4615
|
||||
* https://tools.ietf.org/html/rfc4615#page-4
|
||||
|
@ -482,128 +484,148 @@ exit:
|
|||
#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C)
|
||||
/* All CMAC test inputs are truncated from the same 64 byte buffer. */
|
||||
static const unsigned char test_message[] = {
|
||||
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
|
||||
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
|
||||
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
|
||||
0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
|
||||
0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
|
||||
0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
|
||||
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
|
||||
0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
|
||||
/* PT */
|
||||
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
|
||||
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
|
||||
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
|
||||
0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
|
||||
0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
|
||||
0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
|
||||
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
|
||||
0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
|
||||
};
|
||||
#endif /* MBEDTLS_AES_C || MBEDTLS_DES_C */
|
||||
|
||||
#if defined(MBEDTLS_AES_C)
|
||||
/* Truncation point of message for AES CMAC tests */
|
||||
static const unsigned int aes_message_lengths[NB_CMAC_TESTS_PER_KEY] = {
|
||||
/* Mlen */
|
||||
0,
|
||||
16,
|
||||
40,
|
||||
20,
|
||||
64
|
||||
};
|
||||
|
||||
/* AES 128 CMAC Test Data */
|
||||
/* CMAC-AES128 Test Data */
|
||||
static const unsigned char aes_128_key[16] = {
|
||||
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
|
||||
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
|
||||
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
|
||||
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
|
||||
};
|
||||
static const unsigned char aes_128_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
|
||||
{
|
||||
0xfb, 0xee, 0xd6, 0x18, 0x35, 0x71, 0x33, 0x66,
|
||||
0x7c, 0x85, 0xe0, 0x8f, 0x72, 0x36, 0xa8, 0xde
|
||||
/* K1 */
|
||||
0xfb, 0xee, 0xd6, 0x18, 0x35, 0x71, 0x33, 0x66,
|
||||
0x7c, 0x85, 0xe0, 0x8f, 0x72, 0x36, 0xa8, 0xde
|
||||
},
|
||||
{
|
||||
0xf7, 0xdd, 0xac, 0x30, 0x6a, 0xe2, 0x66, 0xcc,
|
||||
0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b
|
||||
/* K2 */
|
||||
0xf7, 0xdd, 0xac, 0x30, 0x6a, 0xe2, 0x66, 0xcc,
|
||||
0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b
|
||||
}
|
||||
};
|
||||
static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
|
||||
{
|
||||
0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
|
||||
0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
|
||||
/* Example #1 */
|
||||
0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
|
||||
0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
|
||||
},
|
||||
{
|
||||
0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
|
||||
0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
|
||||
/* Example #2 */
|
||||
0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
|
||||
0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
|
||||
},
|
||||
{
|
||||
0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
|
||||
0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27
|
||||
/* Example #3 */
|
||||
0x7d, 0x85, 0x44, 0x9e, 0xa6, 0xea, 0x19, 0xc8,
|
||||
0x23, 0xa7, 0xbf, 0x78, 0x83, 0x7d, 0xfa, 0xde
|
||||
},
|
||||
{
|
||||
0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
|
||||
0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
|
||||
/* Example #4 */
|
||||
0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
|
||||
0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
|
||||
}
|
||||
};
|
||||
|
||||
/* AES 192 CMAC Test Data */
|
||||
/* CMAC-AES192 Test Data */
|
||||
static const unsigned char aes_192_key[24] = {
|
||||
0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
|
||||
0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
|
||||
0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
|
||||
0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
|
||||
0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
|
||||
0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
|
||||
};
|
||||
static const unsigned char aes_192_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
|
||||
{
|
||||
0x44, 0x8a, 0x5b, 0x1c, 0x93, 0x51, 0x4b, 0x27,
|
||||
0x3e, 0xe6, 0x43, 0x9d, 0xd4, 0xda, 0xa2, 0x96
|
||||
/* K1 */
|
||||
0x44, 0x8a, 0x5b, 0x1c, 0x93, 0x51, 0x4b, 0x27,
|
||||
0x3e, 0xe6, 0x43, 0x9d, 0xd4, 0xda, 0xa2, 0x96
|
||||
},
|
||||
{
|
||||
0x89, 0x14, 0xb6, 0x39, 0x26, 0xa2, 0x96, 0x4e,
|
||||
0x7d, 0xcc, 0x87, 0x3b, 0xa9, 0xb5, 0x45, 0x2c
|
||||
/* K2 */
|
||||
0x89, 0x14, 0xb6, 0x39, 0x26, 0xa2, 0x96, 0x4e,
|
||||
0x7d, 0xcc, 0x87, 0x3b, 0xa9, 0xb5, 0x45, 0x2c
|
||||
}
|
||||
};
|
||||
static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
|
||||
{
|
||||
0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
|
||||
0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
|
||||
/* Example #1 */
|
||||
0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
|
||||
0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
|
||||
},
|
||||
{
|
||||
0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
|
||||
0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
|
||||
/* Example #2 */
|
||||
0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
|
||||
0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
|
||||
},
|
||||
{
|
||||
0x8a, 0x1d, 0xe5, 0xbe, 0x2e, 0xb3, 0x1a, 0xad,
|
||||
0x08, 0x9a, 0x82, 0xe6, 0xee, 0x90, 0x8b, 0x0e
|
||||
/* Example #3 */
|
||||
0x3d, 0x75, 0xc1, 0x94, 0xed, 0x96, 0x07, 0x04,
|
||||
0x44, 0xa9, 0xfa, 0x7e, 0xc7, 0x40, 0xec, 0xf8
|
||||
},
|
||||
{
|
||||
0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
|
||||
0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
|
||||
/* Example #4 */
|
||||
0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
|
||||
0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
|
||||
}
|
||||
};
|
||||
|
||||
/* AES 256 CMAC Test Data */
|
||||
/* CMAC-AES256 Test Data */
|
||||
static const unsigned char aes_256_key[32] = {
|
||||
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
|
||||
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
|
||||
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
|
||||
0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
|
||||
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
|
||||
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
|
||||
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
|
||||
0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
|
||||
};
|
||||
static const unsigned char aes_256_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
|
||||
{
|
||||
0xca, 0xd1, 0xed, 0x03, 0x29, 0x9e, 0xed, 0xac,
|
||||
0x2e, 0x9a, 0x99, 0x80, 0x86, 0x21, 0x50, 0x2f
|
||||
/* K1 */
|
||||
0xca, 0xd1, 0xed, 0x03, 0x29, 0x9e, 0xed, 0xac,
|
||||
0x2e, 0x9a, 0x99, 0x80, 0x86, 0x21, 0x50, 0x2f
|
||||
},
|
||||
{
|
||||
0x95, 0xa3, 0xda, 0x06, 0x53, 0x3d, 0xdb, 0x58,
|
||||
0x5d, 0x35, 0x33, 0x01, 0x0c, 0x42, 0xa0, 0xd9
|
||||
/* K2 */
|
||||
0x95, 0xa3, 0xda, 0x06, 0x53, 0x3d, 0xdb, 0x58,
|
||||
0x5d, 0x35, 0x33, 0x01, 0x0c, 0x42, 0xa0, 0xd9
|
||||
}
|
||||
};
|
||||
static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
|
||||
{
|
||||
0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
|
||||
0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
|
||||
/* Example #1 */
|
||||
0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
|
||||
0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
|
||||
},
|
||||
{
|
||||
0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
|
||||
0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
|
||||
/* Example #2 */
|
||||
0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
|
||||
0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
|
||||
},
|
||||
{
|
||||
0xaa, 0xf3, 0xd8, 0xf1, 0xde, 0x56, 0x40, 0xc2,
|
||||
0x32, 0xf5, 0xb1, 0x69, 0xb9, 0xc9, 0x11, 0xe6
|
||||
/* Example #3 */
|
||||
0x15, 0x67, 0x27, 0xdc, 0x08, 0x78, 0x94, 0x4a,
|
||||
0x02, 0x3c, 0x1f, 0xe0, 0x3b, 0xad, 0x6d, 0x93
|
||||
},
|
||||
{
|
||||
0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
|
||||
0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
|
||||
/* Example #4 */
|
||||
0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
|
||||
0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
|
||||
}
|
||||
};
|
||||
#endif /* MBEDTLS_AES_C */
|
||||
|
@ -612,66 +634,84 @@ static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTL
|
|||
/* Truncation point of message for 3DES CMAC tests */
|
||||
static const unsigned int des3_message_lengths[NB_CMAC_TESTS_PER_KEY] = {
|
||||
0,
|
||||
8,
|
||||
16,
|
||||
20,
|
||||
32
|
||||
};
|
||||
|
||||
/* 3DES 2 Key CMAC Test Data */
|
||||
/* CMAC-TDES (Generation) - 2 Key Test Data */
|
||||
static const unsigned char des3_2key_key[24] = {
|
||||
0x4c, 0xf1, 0x51, 0x34, 0xa2, 0x85, 0x0d, 0xd5,
|
||||
0x8a, 0x3d, 0x10, 0xba, 0x80, 0x57, 0x0d, 0x38,
|
||||
0x4c, 0xf1, 0x51, 0x34, 0xa2, 0x85, 0x0d, 0xd5
|
||||
/* Key1 */
|
||||
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
|
||||
/* Key2 */
|
||||
0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xEF, 0x01,
|
||||
/* Key3 */
|
||||
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
|
||||
};
|
||||
static const unsigned char des3_2key_subkeys[2][8] = {
|
||||
{
|
||||
0x8e, 0xcf, 0x37, 0x3e, 0xd7, 0x1a, 0xfa, 0xef
|
||||
/* K1 */
|
||||
0x0d, 0xd2, 0xcb, 0x7a, 0x3d, 0x88, 0x88, 0xd9
|
||||
},
|
||||
{
|
||||
0x1d, 0x9e, 0x6e, 0x7d, 0xae, 0x35, 0xf5, 0xc5
|
||||
/* K2 */
|
||||
0x1b, 0xa5, 0x96, 0xf4, 0x7b, 0x11, 0x11, 0xb2
|
||||
}
|
||||
};
|
||||
static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = {
|
||||
{
|
||||
0xbd, 0x2e, 0xbf, 0x9a, 0x3b, 0xa0, 0x03, 0x61
|
||||
/* Sample #1 */
|
||||
0x79, 0xce, 0x52, 0xa7, 0xf7, 0x86, 0xa9, 0x60
|
||||
},
|
||||
{
|
||||
0x4f, 0xf2, 0xab, 0x81, 0x3c, 0x53, 0xce, 0x83
|
||||
/* Sample #2 */
|
||||
0xcc, 0x18, 0xa0, 0xb7, 0x9a, 0xf2, 0x41, 0x3b
|
||||
},
|
||||
{
|
||||
0x62, 0xdd, 0x1b, 0x47, 0x19, 0x02, 0xbd, 0x4e
|
||||
/* Sample #3 */
|
||||
0xc0, 0x6d, 0x37, 0x7e, 0xcd, 0x10, 0x19, 0x69
|
||||
},
|
||||
{
|
||||
0x31, 0xb1, 0xe4, 0x31, 0xda, 0xbc, 0x4e, 0xb8
|
||||
/* Sample #4 */
|
||||
0x9c, 0xd3, 0x35, 0x80, 0xf9, 0xb6, 0x4d, 0xfb
|
||||
}
|
||||
};
|
||||
|
||||
/* 3DES 3 Key CMAC Test Data */
|
||||
/* CMAC-TDES (Generation) - 3 Key Test Data */
|
||||
static const unsigned char des3_3key_key[24] = {
|
||||
0x8a, 0xa8, 0x3b, 0xf8, 0xcb, 0xda, 0x10, 0x62,
|
||||
0x0b, 0xc1, 0xbf, 0x19, 0xfb, 0xb6, 0xcd, 0x58,
|
||||
0xbc, 0x31, 0x3d, 0x4a, 0x37, 0x1c, 0xa8, 0xb5
|
||||
/* Key1 */
|
||||
0x01, 0x23, 0x45, 0x67, 0x89, 0xaa, 0xcd, 0xef,
|
||||
/* Key2 */
|
||||
0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01,
|
||||
/* Key3 */
|
||||
0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01, 0x23
|
||||
};
|
||||
static const unsigned char des3_3key_subkeys[2][8] = {
|
||||
{
|
||||
0x91, 0x98, 0xe9, 0xd3, 0x14, 0xe6, 0x53, 0x5f
|
||||
/* K1 */
|
||||
0x9d, 0x74, 0xe7, 0x39, 0x33, 0x17, 0x96, 0xc0
|
||||
},
|
||||
{
|
||||
0x23, 0x31, 0xd3, 0xa6, 0x29, 0xcc, 0xa6, 0xa5
|
||||
/* K2 */
|
||||
0x3a, 0xe9, 0xce, 0x72, 0x66, 0x2f, 0x2d, 0x9b
|
||||
}
|
||||
};
|
||||
static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = {
|
||||
{
|
||||
0xb7, 0xa6, 0x88, 0xe1, 0x22, 0xff, 0xaf, 0x95
|
||||
/* Sample #1 */
|
||||
0x7d, 0xb0, 0xd3, 0x7d, 0xf9, 0x36, 0xc5, 0x50
|
||||
},
|
||||
{
|
||||
0x8e, 0x8f, 0x29, 0x31, 0x36, 0x28, 0x37, 0x97
|
||||
/* Sample #2 */
|
||||
0x30, 0x23, 0x9c, 0xf1, 0xf5, 0x2e, 0x66, 0x09
|
||||
},
|
||||
{
|
||||
0x74, 0x3d, 0xdb, 0xe0, 0xce, 0x2d, 0xc2, 0xed
|
||||
/* Sample #3 */
|
||||
0x6c, 0x9f, 0x3e, 0xe4, 0x92, 0x3f, 0x6b, 0xe2
|
||||
},
|
||||
{
|
||||
0x33, 0xe6, 0xb1, 0x09, 0x24, 0x00, 0xea, 0xe5
|
||||
/* Sample #4 */
|
||||
0x99, 0x42, 0x9b, 0xd0, 0xbF, 0x79, 0x04, 0xe5
|
||||
}
|
||||
};
|
||||
|
||||
|
@ -680,8 +720,9 @@ static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBED
|
|||
#if defined(MBEDTLS_AES_C)
|
||||
/* AES AES-CMAC-PRF-128 Test Data */
|
||||
static const unsigned char PRFK[] = {
|
||||
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
|
||||
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
|
||||
/* Key */
|
||||
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
|
||||
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
|
||||
0xed, 0xcb
|
||||
};
|
||||
|
||||
|
@ -692,25 +733,25 @@ static const size_t PRFKlen[NB_PRF_TESTS] = {
|
|||
10
|
||||
};
|
||||
|
||||
/* PRF M */
|
||||
/* Message */
|
||||
static const unsigned char PRFM[] = {
|
||||
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
|
||||
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
|
||||
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
|
||||
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
|
||||
0x10, 0x11, 0x12, 0x13
|
||||
};
|
||||
|
||||
static const unsigned char PRFT[NB_PRF_TESTS][16] = {
|
||||
{
|
||||
0x84, 0xa3, 0x48, 0xa4, 0xa4, 0x5d, 0x23, 0x5b,
|
||||
0xab, 0xff, 0xfc, 0x0d, 0x2b, 0x4d, 0xa0, 0x9a
|
||||
0x84, 0xa3, 0x48, 0xa4, 0xa4, 0x5d, 0x23, 0x5b,
|
||||
0xab, 0xff, 0xfc, 0x0d, 0x2b, 0x4d, 0xa0, 0x9a
|
||||
},
|
||||
{
|
||||
0x98, 0x0a, 0xe8, 0x7b, 0x5f, 0x4c, 0x9c, 0x52,
|
||||
0x14, 0xf5, 0xb6, 0xa8, 0x45, 0x5e, 0x4c, 0x2d
|
||||
0x98, 0x0a, 0xe8, 0x7b, 0x5f, 0x4c, 0x9c, 0x52,
|
||||
0x14, 0xf5, 0xb6, 0xa8, 0x45, 0x5e, 0x4c, 0x2d
|
||||
},
|
||||
{
|
||||
0x29, 0x0d, 0x9e, 0x11, 0x2e, 0xdb, 0x09, 0xee,
|
||||
0x14, 0x1f, 0xcf, 0x64, 0xc0, 0xb7, 0x2f, 0x3d
|
||||
0x29, 0x0d, 0x9e, 0x11, 0x2e, 0xdb, 0x09, 0xee,
|
||||
0x14, 0x1f, 0xcf, 0x64, 0xc0, 0xb7, 0x2f, 0x3d
|
||||
}
|
||||
};
|
||||
#endif /* MBEDTLS_AES_C */
|
||||
|
|
|
@ -290,7 +290,8 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
|
|||
unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT];
|
||||
size_t seedlen = 0;
|
||||
|
||||
if( ctx->entropy_len + len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
|
||||
if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ||
|
||||
len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len )
|
||||
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
|
||||
|
||||
memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT );
|
||||
|
|
|
@ -71,7 +71,7 @@ static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level,
|
|||
*/
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */
|
||||
mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", ssl, str );
|
||||
mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", (void*)ssl, str );
|
||||
ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, idstr );
|
||||
#else
|
||||
ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str );
|
||||
|
|
|
@ -1213,7 +1213,7 @@ static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t
|
|||
int ret;
|
||||
size_t i;
|
||||
mbedtls_mpi M, R;
|
||||
mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R];
|
||||
mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1];
|
||||
|
||||
if( N->n < p_limbs )
|
||||
return( 0 );
|
||||
|
@ -1235,7 +1235,7 @@ static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t
|
|||
memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) );
|
||||
if( shift != 0 )
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) );
|
||||
M.n += R.n - adjust; /* Make room for multiplication by R */
|
||||
M.n += R.n; /* Make room for multiplication by R */
|
||||
|
||||
/* N = A0 */
|
||||
if( mask != 0 )
|
||||
|
@ -1257,7 +1257,7 @@ static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t
|
|||
memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) );
|
||||
if( shift != 0 )
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) );
|
||||
M.n += R.n - adjust; /* Make room for multiplication by R */
|
||||
M.n += R.n; /* Make room for multiplication by R */
|
||||
|
||||
/* N = A0 */
|
||||
if( mask != 0 )
|
||||
|
|
|
@ -158,7 +158,7 @@ void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, s
|
|||
|
||||
while( ilen > 0 )
|
||||
{
|
||||
if( ctx->left + ilen > 16 )
|
||||
if( ilen > 16 - ctx->left )
|
||||
fill = 16 - ctx->left;
|
||||
else
|
||||
fill = ilen;
|
||||
|
|
|
@ -133,7 +133,8 @@ void mbedtls_net_init( mbedtls_net_context *ctx )
|
|||
/*
|
||||
* Initiate a TCP connection with host:port and the given protocol
|
||||
*/
|
||||
int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto )
|
||||
int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host,
|
||||
const char *port, int proto )
|
||||
{
|
||||
int ret;
|
||||
struct addrinfo hints, *addr_list, *cur;
|
||||
|
@ -238,7 +239,7 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char
|
|||
}
|
||||
}
|
||||
|
||||
/* I we ever get there, it's a success */
|
||||
/* Bind was successful */
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
|
@ -322,7 +323,7 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
|
|||
{
|
||||
/* TCP: actual accept() */
|
||||
ret = client_ctx->fd = (int) accept( bind_ctx->fd,
|
||||
(struct sockaddr *) &client_addr, &n );
|
||||
(struct sockaddr *) &client_addr, &n );
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
|
@ -44,12 +44,12 @@
|
|||
#define mbedtls_free free
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void mbedtls_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
void mbedtls_pem_init( mbedtls_pem_context *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( mbedtls_pem_context ) );
|
||||
|
@ -249,7 +249,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
|||
|
||||
enc = 0;
|
||||
|
||||
if( memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
|
||||
if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
|
||||
{
|
||||
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
|
||||
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
|
||||
|
@ -262,22 +262,22 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
|||
|
||||
|
||||
#if defined(MBEDTLS_DES_C)
|
||||
if( memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
|
||||
if( s2 - s1 >= 23 && memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
|
||||
{
|
||||
enc_alg = MBEDTLS_CIPHER_DES_EDE3_CBC;
|
||||
|
||||
s1 += 23;
|
||||
if( pem_get_iv( s1, pem_iv, 8 ) != 0 )
|
||||
if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8 ) != 0 )
|
||||
return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
|
||||
|
||||
s1 += 16;
|
||||
}
|
||||
else if( memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
|
||||
else if( s2 - s1 >= 18 && memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
|
||||
{
|
||||
enc_alg = MBEDTLS_CIPHER_DES_CBC;
|
||||
|
||||
s1 += 18;
|
||||
if( pem_get_iv( s1, pem_iv, 8) != 0 )
|
||||
if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8) != 0 )
|
||||
return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
|
||||
|
||||
s1 += 16;
|
||||
|
@ -285,9 +285,11 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
|||
#endif /* MBEDTLS_DES_C */
|
||||
|
||||
#if defined(MBEDTLS_AES_C)
|
||||
if( memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
|
||||
if( s2 - s1 >= 14 && memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
|
||||
{
|
||||
if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
|
||||
if( s2 - s1 < 22 )
|
||||
return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG );
|
||||
else if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
|
||||
enc_alg = MBEDTLS_CIPHER_AES_128_CBC;
|
||||
else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 )
|
||||
enc_alg = MBEDTLS_CIPHER_AES_192_CBC;
|
||||
|
@ -297,7 +299,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
|||
return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG );
|
||||
|
||||
s1 += 22;
|
||||
if( pem_get_iv( s1, pem_iv, 16 ) != 0 )
|
||||
if( s2 - s1 < 32 || pem_get_iv( s1, pem_iv, 16 ) != 0 )
|
||||
return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
|
||||
|
||||
s1 += 32;
|
||||
|
@ -316,7 +318,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
|
|||
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
|
||||
}
|
||||
|
||||
if( s1 == s2 )
|
||||
if( s1 >= s2 )
|
||||
return( MBEDTLS_ERR_PEM_INVALID_DATA );
|
||||
|
||||
ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 );
|
||||
|
|
|
@ -29,6 +29,8 @@
|
|||
#include "mbedtls/pk.h"
|
||||
#include "mbedtls/pk_internal.h"
|
||||
|
||||
#include "mbedtls/bignum.h"
|
||||
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
#include "mbedtls/rsa.h"
|
||||
#endif
|
||||
|
@ -39,6 +41,8 @@
|
|||
#include "mbedtls/ecdsa.h"
|
||||
#endif
|
||||
|
||||
#include <limits.h>
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void mbedtls_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
|
@ -209,6 +213,11 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
|
|||
int ret;
|
||||
const mbedtls_pk_rsassa_pss_options *pss_opts;
|
||||
|
||||
#if defined(MBEDTLS_HAVE_INT64)
|
||||
if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
|
||||
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
|
||||
#endif /* MBEDTLS_HAVE_INT64 */
|
||||
|
||||
if( options == NULL )
|
||||
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
|
@ -232,7 +241,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
|
|||
return( 0 );
|
||||
#else
|
||||
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
|
||||
#endif
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
|
||||
}
|
||||
|
||||
/* General case: no options */
|
||||
|
|
|
@ -30,6 +30,7 @@
|
|||
|
||||
/* Even if RSA not activated, for the sake of RSA-alt */
|
||||
#include "mbedtls/rsa.h"
|
||||
#include "mbedtls/bignum.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
|
@ -49,6 +50,8 @@
|
|||
#define mbedtls_free free
|
||||
#endif
|
||||
|
||||
#include <limits.h>
|
||||
|
||||
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void mbedtls_zeroize( void *v, size_t n ) {
|
||||
|
@ -74,6 +77,11 @@ static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
|
|||
{
|
||||
int ret;
|
||||
|
||||
#if defined(MBEDTLS_HAVE_INT64)
|
||||
if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
|
||||
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
|
||||
#endif /* MBEDTLS_HAVE_INT64 */
|
||||
|
||||
if( sig_len < ((mbedtls_rsa_context *) ctx)->len )
|
||||
return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
|
||||
|
||||
|
@ -93,6 +101,11 @@ static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
|
|||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
#if defined(MBEDTLS_HAVE_INT64)
|
||||
if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
|
||||
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
|
||||
#endif /* MBEDTLS_HAVE_INT64 */
|
||||
|
||||
*sig_len = ((mbedtls_rsa_context *) ctx)->len;
|
||||
|
||||
return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
|
||||
|
@ -402,6 +415,11 @@ static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
|
|||
{
|
||||
mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
|
||||
|
||||
#if defined(MBEDTLS_HAVE_INT64)
|
||||
if( UINT_MAX < hash_len )
|
||||
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
|
||||
#endif /* MBEDTLS_HAVE_INT64 */
|
||||
|
||||
*sig_len = rsa_alt->key_len_func( rsa_alt->key );
|
||||
|
||||
return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
|
||||
|
|
|
@ -1187,12 +1187,12 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
|
|||
#endif /* MBEDTLS_PEM_PARSE_C */
|
||||
|
||||
/*
|
||||
* At this point we only know it's not a PEM formatted key. Could be any
|
||||
* of the known DER encoded private key formats
|
||||
*
|
||||
* We try the different DER format parsers to see if one passes without
|
||||
* error
|
||||
*/
|
||||
* At this point we only know it's not a PEM formatted key. Could be any
|
||||
* of the known DER encoded private key formats
|
||||
*
|
||||
* We try the different DER format parsers to see if one passes without
|
||||
* error
|
||||
*/
|
||||
#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
|
||||
if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, key, keylen,
|
||||
pwd, pwdlen ) ) == 0 )
|
||||
|
|
|
@ -237,7 +237,7 @@ int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len )
|
|||
}
|
||||
|
||||
fclose( file );
|
||||
return( n );
|
||||
return( (int)n );
|
||||
}
|
||||
|
||||
int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len )
|
||||
|
@ -255,7 +255,7 @@ int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len )
|
|||
}
|
||||
|
||||
fclose( file );
|
||||
return( n );
|
||||
return( (int)n );
|
||||
}
|
||||
#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
|
||||
|
||||
|
|
|
@ -98,7 +98,7 @@ void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx )
|
|||
mbedtls_md_free( &ctx->hmac_ctx );
|
||||
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
mbedtls_mutex_init( &ctx->mutex );
|
||||
mbedtls_mutex_free( &ctx->mutex );
|
||||
#endif
|
||||
|
||||
mbedtls_zeroize( ctx, sizeof( mbedtls_ssl_cookie_ctx ) );
|
||||
|
|
|
@ -3428,7 +3428,7 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
|
|||
|
||||
if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED )
|
||||
{
|
||||
/* Dont check write errors as we can't do anything here.
|
||||
/* Don't check write errors as we can't do anything here.
|
||||
* If the error is permanent we'll catch it later,
|
||||
* if it's not, then hopefully it'll work next time. */
|
||||
(void) ssl->f_send( ssl->p_bio, ssl->out_buf, len );
|
||||
|
@ -6006,8 +6006,9 @@ int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **prot
|
|||
const char **p;
|
||||
|
||||
/*
|
||||
* "Empty strings MUST NOT be included and byte strings MUST NOT be
|
||||
* truncated". Check lengths now rather than later.
|
||||
* RFC 7301 3.1: "Empty strings MUST NOT be included and byte strings
|
||||
* MUST NOT be truncated."
|
||||
* We check lengths now rather than later.
|
||||
*/
|
||||
tot_len = 0;
|
||||
for( p = protos; *p != NULL; p++ )
|
||||
|
@ -6481,6 +6482,10 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl )
|
|||
*/
|
||||
static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
size_t ep_len = ssl_ep_len( ssl );
|
||||
int in_ctr_cmp;
|
||||
int out_ctr_cmp;
|
||||
|
||||
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ||
|
||||
ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ||
|
||||
ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED )
|
||||
|
@ -6488,8 +6493,12 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
if( memcmp( ssl->in_ctr, ssl->conf->renego_period, 8 ) <= 0 &&
|
||||
memcmp( ssl->out_ctr, ssl->conf->renego_period, 8 ) <= 0 )
|
||||
in_ctr_cmp = memcmp( ssl->in_ctr + ep_len,
|
||||
ssl->conf->renego_period + ep_len, 8 - ep_len );
|
||||
out_ctr_cmp = memcmp( ssl->out_ctr + ep_len,
|
||||
ssl->conf->renego_period + ep_len, 8 - ep_len );
|
||||
|
||||
if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 )
|
||||
{
|
||||
return( 0 );
|
||||
}
|
||||
|
@ -7230,8 +7239,8 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
|
|||
|
||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||
conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT;
|
||||
memset( conf->renego_period, 0xFF, 7 );
|
||||
conf->renego_period[7] = 0x00;
|
||||
memset( conf->renego_period, 0x00, 2 );
|
||||
memset( conf->renego_period + 2, 0xFF, 6 );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
|
||||
|
@ -7585,7 +7594,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
|
|||
* and, for DTLS, to/from TLS equivalent.
|
||||
*
|
||||
* For TLS this is the identity.
|
||||
* For DTLS, use one complement (v -> 255 - v, and then map as follows:
|
||||
* For DTLS, use 1's complement (v -> 255 - v, and then map as follows:
|
||||
* 1.0 <-> 3.2 (DTLS 1.0 is based on TLS 1.1)
|
||||
* 1.x <-> 3.x+1 for x != 0 (DTLS 1.2 based on TLS 1.2)
|
||||
*/
|
||||
|
@ -7644,8 +7653,7 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md )
|
|||
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
|
||||
#if defined(MBEDTLS_MD5_C)
|
||||
case MBEDTLS_SSL_HASH_MD5:
|
||||
ssl->handshake->calc_verify = ssl_calc_verify_tls;
|
||||
break;
|
||||
return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA1_C)
|
||||
case MBEDTLS_SSL_HASH_SHA1:
|
||||
|
|
|
@ -480,14 +480,20 @@ int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end,
|
|||
}
|
||||
}
|
||||
|
||||
static int x509_parse_int(unsigned char **p, unsigned n, int *res){
|
||||
static int x509_parse_int( unsigned char **p, size_t n, int *res )
|
||||
{
|
||||
*res = 0;
|
||||
for( ; n > 0; --n ){
|
||||
if( ( **p < '0') || ( **p > '9' ) ) return MBEDTLS_ERR_X509_INVALID_DATE;
|
||||
|
||||
for( ; n > 0; --n )
|
||||
{
|
||||
if( ( **p < '0') || ( **p > '9' ) )
|
||||
return ( MBEDTLS_ERR_X509_INVALID_DATE );
|
||||
|
||||
*res *= 10;
|
||||
*res += (*(*p)++ - '0');
|
||||
*res += ( *(*p)++ - '0' );
|
||||
}
|
||||
return 0;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
static int x509_date_is_valid(const mbedtls_x509_time *time)
|
||||
|
@ -517,6 +523,70 @@ static int x509_date_is_valid(const mbedtls_x509_time *time)
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Parse an ASN1_UTC_TIME (yearlen=2) or ASN1_GENERALIZED_TIME (yearlen=4)
|
||||
* field.
|
||||
*/
|
||||
static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen,
|
||||
mbedtls_x509_time *time )
|
||||
{
|
||||
int ret;
|
||||
|
||||
/*
|
||||
* Minimum length is 10 or 12 depending on yearlen
|
||||
*/
|
||||
if ( len < yearlen + 8 )
|
||||
return ( MBEDTLS_ERR_X509_INVALID_DATE );
|
||||
len -= yearlen + 8;
|
||||
|
||||
/*
|
||||
* Parse year, month, day, hour, minute
|
||||
*/
|
||||
CHECK( x509_parse_int( p, yearlen, &time->year ) );
|
||||
if ( 2 == yearlen )
|
||||
{
|
||||
if ( time->year < 50 )
|
||||
time->year += 100;
|
||||
|
||||
time->year += 1900;
|
||||
}
|
||||
|
||||
CHECK( x509_parse_int( p, 2, &time->mon ) );
|
||||
CHECK( x509_parse_int( p, 2, &time->day ) );
|
||||
CHECK( x509_parse_int( p, 2, &time->hour ) );
|
||||
CHECK( x509_parse_int( p, 2, &time->min ) );
|
||||
|
||||
/*
|
||||
* Parse seconds if present
|
||||
*/
|
||||
if ( len >= 2 )
|
||||
{
|
||||
CHECK( x509_parse_int( p, 2, &time->sec ) );
|
||||
len -= 2;
|
||||
}
|
||||
else
|
||||
return ( MBEDTLS_ERR_X509_INVALID_DATE );
|
||||
|
||||
/*
|
||||
* Parse trailing 'Z' if present
|
||||
*/
|
||||
if ( 1 == len && 'Z' == **p )
|
||||
{
|
||||
(*p)++;
|
||||
len--;
|
||||
}
|
||||
|
||||
/*
|
||||
* We should have parsed all characters at this point
|
||||
*/
|
||||
if ( 0 != len )
|
||||
return ( MBEDTLS_ERR_X509_INVALID_DATE );
|
||||
|
||||
CHECK( x509_date_is_valid( time ) );
|
||||
|
||||
return ( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Time ::= CHOICE {
|
||||
* utcTime UTCTime,
|
||||
|
@ -526,7 +596,7 @@ int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
|
|||
mbedtls_x509_time *time )
|
||||
{
|
||||
int ret;
|
||||
size_t len;
|
||||
size_t len, year_len;
|
||||
unsigned char tag;
|
||||
|
||||
if( ( end - *p ) < 1 )
|
||||
|
@ -536,55 +606,20 @@ int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
|
|||
tag = **p;
|
||||
|
||||
if( tag == MBEDTLS_ASN1_UTC_TIME )
|
||||
{
|
||||
(*p)++;
|
||||
ret = mbedtls_asn1_get_len( p, end, &len );
|
||||
|
||||
if( ret != 0 )
|
||||
return( MBEDTLS_ERR_X509_INVALID_DATE + ret );
|
||||
|
||||
CHECK( x509_parse_int( p, 2, &time->year ) );
|
||||
CHECK( x509_parse_int( p, 2, &time->mon ) );
|
||||
CHECK( x509_parse_int( p, 2, &time->day ) );
|
||||
CHECK( x509_parse_int( p, 2, &time->hour ) );
|
||||
CHECK( x509_parse_int( p, 2, &time->min ) );
|
||||
if( len > 10 )
|
||||
CHECK( x509_parse_int( p, 2, &time->sec ) );
|
||||
if( len > 12 && *(*p)++ != 'Z' )
|
||||
return( MBEDTLS_ERR_X509_INVALID_DATE );
|
||||
|
||||
time->year += 100 * ( time->year < 50 );
|
||||
time->year += 1900;
|
||||
|
||||
CHECK( x509_date_is_valid( time ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
year_len = 2;
|
||||
else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME )
|
||||
{
|
||||
(*p)++;
|
||||
ret = mbedtls_asn1_get_len( p, end, &len );
|
||||
|
||||
if( ret != 0 )
|
||||
return( MBEDTLS_ERR_X509_INVALID_DATE + ret );
|
||||
|
||||
CHECK( x509_parse_int( p, 4, &time->year ) );
|
||||
CHECK( x509_parse_int( p, 2, &time->mon ) );
|
||||
CHECK( x509_parse_int( p, 2, &time->day ) );
|
||||
CHECK( x509_parse_int( p, 2, &time->hour ) );
|
||||
CHECK( x509_parse_int( p, 2, &time->min ) );
|
||||
if( len > 12 )
|
||||
CHECK( x509_parse_int( p, 2, &time->sec ) );
|
||||
if( len > 14 && *(*p)++ != 'Z' )
|
||||
return( MBEDTLS_ERR_X509_INVALID_DATE );
|
||||
|
||||
CHECK( x509_date_is_valid( time ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
year_len = 4;
|
||||
else
|
||||
return( MBEDTLS_ERR_X509_INVALID_DATE +
|
||||
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
|
||||
|
||||
(*p)++;
|
||||
ret = mbedtls_asn1_get_len( p, end, &len );
|
||||
|
||||
if( ret != 0 )
|
||||
return( MBEDTLS_ERR_X509_INVALID_DATE + ret );
|
||||
|
||||
return x509_parse_time( p, len, year_len, time );
|
||||
}
|
||||
|
||||
int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig )
|
||||
|
@ -661,7 +696,7 @@ int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x50
|
|||
|
||||
/*
|
||||
* X.509 Extensions (No parsing of extensions, pointer should
|
||||
* be either manually updated or extensions should be parsed!
|
||||
* be either manually updated or extensions should be parsed!)
|
||||
*/
|
||||
int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
|
||||
mbedtls_x509_buf *ext, int tag )
|
||||
|
|
|
@ -525,16 +525,17 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s
|
|||
if( ( ret = mbedtls_x509_crl_parse_der( chain,
|
||||
pem.buf, pem.buflen ) ) != 0 )
|
||||
{
|
||||
mbedtls_pem_free( &pem );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
mbedtls_pem_free( &pem );
|
||||
}
|
||||
else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
|
||||
else if( is_pem )
|
||||
{
|
||||
mbedtls_pem_free( &pem );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
mbedtls_pem_free( &pem );
|
||||
}
|
||||
/* In the PEM case, buflen is 1 at the end, for the terminated NULL byte.
|
||||
* And a valid CRL cannot be less than 1 byte anyway. */
|
||||
|
|
|
@ -969,8 +969,8 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *bu
|
|||
*/
|
||||
int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen )
|
||||
{
|
||||
int success = 0, first_error = 0, total_failed = 0;
|
||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
int success = 0, first_error = 0, total_failed = 0;
|
||||
int buf_format = MBEDTLS_X509_FORMAT_DER;
|
||||
#endif
|
||||
|
||||
|
@ -1122,7 +1122,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
|
|||
p = filename + len;
|
||||
filename[len++] = '*';
|
||||
|
||||
w_ret = MultiByteToWideChar( CP_ACP, 0, filename, len, szDir,
|
||||
w_ret = MultiByteToWideChar( CP_ACP, 0, filename, (int)len, szDir,
|
||||
MAX_PATH - 3 );
|
||||
if( w_ret == 0 )
|
||||
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
|
||||
|
@ -1904,6 +1904,7 @@ static int x509_crt_verify_top(
|
|||
int check_path_cnt;
|
||||
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
|
||||
const mbedtls_md_info_t *md_info;
|
||||
mbedtls_x509_crt *future_past_ca = NULL;
|
||||
|
||||
if( mbedtls_x509_time_is_past( &child->valid_to ) )
|
||||
*flags |= MBEDTLS_X509_BADCERT_EXPIRED;
|
||||
|
@ -1958,16 +1959,6 @@ static int x509_crt_verify_top(
|
|||
continue;
|
||||
}
|
||||
|
||||
if( mbedtls_x509_time_is_past( &trust_ca->valid_to ) )
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
if( mbedtls_x509_time_is_future( &trust_ca->valid_from ) )
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
if( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &trust_ca->pk,
|
||||
child->sig_md, hash, mbedtls_md_get_size( md_info ),
|
||||
child->sig.p, child->sig.len ) != 0 )
|
||||
|
@ -1975,6 +1966,20 @@ static int x509_crt_verify_top(
|
|||
continue;
|
||||
}
|
||||
|
||||
if( mbedtls_x509_time_is_past( &trust_ca->valid_to ) ||
|
||||
mbedtls_x509_time_is_future( &trust_ca->valid_from ) )
|
||||
{
|
||||
if ( future_past_ca == NULL )
|
||||
future_past_ca = trust_ca;
|
||||
|
||||
continue;
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
if( trust_ca != NULL || ( trust_ca = future_past_ca ) != NULL )
|
||||
{
|
||||
/*
|
||||
* Top of chain is signed by a trusted CA
|
||||
*/
|
||||
|
@ -1982,8 +1987,6 @@ static int x509_crt_verify_top(
|
|||
|
||||
if( x509_profile_check_key( profile, child->sig_pk, &trust_ca->pk ) != 0 )
|
||||
*flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -2003,6 +2006,12 @@ static int x509_crt_verify_top(
|
|||
((void) ca_crl);
|
||||
#endif
|
||||
|
||||
if( mbedtls_x509_time_is_past( &trust_ca->valid_to ) )
|
||||
ca_flags |= MBEDTLS_X509_BADCERT_EXPIRED;
|
||||
|
||||
if( mbedtls_x509_time_is_future( &trust_ca->valid_from ) )
|
||||
ca_flags |= MBEDTLS_X509_BADCERT_FUTURE;
|
||||
|
||||
if( NULL != f_vrfy )
|
||||
{
|
||||
if( ( ret = f_vrfy( p_vrfy, trust_ca, path_cnt + 1,
|
||||
|
|
|
@ -265,8 +265,8 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
|
|||
*/
|
||||
int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen )
|
||||
{
|
||||
int ret;
|
||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||
int ret;
|
||||
size_t use_len;
|
||||
mbedtls_pem_context pem;
|
||||
#endif
|
||||
|
|
Loading…
Reference in a new issue