Merge development commit f352f7 into development-psa
This commit is contained in:
commit
de5a007316
@ -50,7 +50,7 @@ When backporting to these branches please observe the following rules:
|
||||
|
||||
2. All bug fixes that correct a defect that is also present in an LTS branch must be backported to that LTS branch. If a bug fix introduces a change to the API such as a new function, the fix should be reworked to avoid the API change. API changes without very strong justification are unlikely to be accepted.
|
||||
|
||||
3. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be addtional test cases or quality improvements such as changes to build or test scripts.
|
||||
3. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be additional test cases or quality improvements such as changes to build or test scripts.
|
||||
|
||||
It would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/ARMmbed/mbedtls/tree/development) by contributors.
|
||||
|
||||
|
24
ChangeLog
24
ChangeLog
@ -15,6 +15,10 @@ Bugfix
|
||||
* Remove a duplicate #include in a sample program. Fixed by Masashi Honma #2326.
|
||||
* Remove the mbedtls namespacing from the header file, to fix a "file not found"
|
||||
build error. Fixed by Haijun Gu #2319.
|
||||
* Fix signed-to-unsigned integer conversion warning
|
||||
in X.509 module. Fixes #2212.
|
||||
* Reduce stack usage of `mpi_write_hlp()` by eliminating recursion.
|
||||
Fixes #2190.
|
||||
|
||||
Changes
|
||||
* Include configuration file in all header files that use configuration,
|
||||
@ -32,6 +36,15 @@ Features
|
||||
* Add an experimental configuration option, MBEDTLS_PSA_CRYPTO_C, to enable
|
||||
the PSA Crypto API from Mbed Crypto when additionally used with the
|
||||
USE_CRYPTO_SUBMODULE build option.
|
||||
* Correct many misspellings. Fixed by MisterDA #2371.
|
||||
* Provide an abstraction of vsnprintf to allow alternative implementations
|
||||
for platforms that don't provide it. Based on contributions by Joris Aerts
|
||||
and Nathaniel Wesley Filardo.
|
||||
* Fix clobber list in MIPS assembly for large integer multiplication.
|
||||
Previously, this could lead to functionally incorrect assembly being
|
||||
produced by some optimizing compilers, showing up as failures in
|
||||
e.g. RSA or ECC signature operations. Reported in #1722, fix suggested
|
||||
by Aurelien Jarno and submitted by Jeffrey Martin.
|
||||
|
||||
= mbed TLS 2.16.0 branch released 2018-12-21
|
||||
|
||||
@ -118,7 +131,6 @@ API Changes
|
||||
and mbedtls_hmac_drbg_update() respectively, but the new functions
|
||||
report errors whereas the old functions return void. We recommend that
|
||||
applications use the new functions.
|
||||
>>>>>>> development
|
||||
|
||||
= mbed TLS 2.14.0 branch released 2018-11-19
|
||||
|
||||
@ -343,7 +355,7 @@ Security
|
||||
1.2, that allowed a local attacker, able to execute code on the local
|
||||
machine as well as manipulate network packets, to partially recover the
|
||||
plaintext of messages under some conditions by using a cache attack
|
||||
targetting an internal MD/SHA buffer. With TLS or if
|
||||
targeting an internal MD/SHA buffer. With TLS or if
|
||||
mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only worked if
|
||||
the same secret (for example a HTTP Cookie) has been repeatedly sent over
|
||||
connections manipulated by the attacker. Connections using GCM or CCM
|
||||
@ -1229,7 +1241,7 @@ Bugfix
|
||||
* Fix potential build failures related to the 'apidoc' target, introduced
|
||||
in the previous patch release. Found by Robert Scheck. #390 #391
|
||||
* Fix issue in Makefile that prevented building using armar. #386
|
||||
* Fix memory leak that occured only when ECJPAKE was enabled and ECDHE and
|
||||
* Fix memory leak that occurred only when ECJPAKE was enabled and ECDHE and
|
||||
ECDSA was disabled in config.h . The leak didn't occur by default.
|
||||
* Fix an issue that caused valid certificates to be rejected whenever an
|
||||
expired or not yet valid certificate was parsed before a valid certificate
|
||||
@ -1471,7 +1483,7 @@ API Changes
|
||||
You now need to link to all of them if you use TLS for example.
|
||||
* All public identifiers moved to the mbedtls_* or MBEDTLS_* namespace.
|
||||
Some names have been further changed to make them more consistent.
|
||||
Migration helpers scripts/rename.pl and include/mbedlts/compat-1.3.h are
|
||||
Migration helpers scripts/rename.pl and include/mbedtls/compat-1.3.h are
|
||||
provided. Full list of renamings in scripts/data_files/rename-1.3-2.0.txt
|
||||
* Renamings of fields inside structures, not covered by the previous list:
|
||||
mbedtls_cipher_info_t.key_length -> key_bitlen
|
||||
@ -1526,7 +1538,7 @@ API Changes
|
||||
* net_accept() gained new arguments for the size of the client_ip buffer.
|
||||
* In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
|
||||
return void.
|
||||
* ecdsa_write_signature() gained an addtional md_alg argument and
|
||||
* ecdsa_write_signature() gained an additional md_alg argument and
|
||||
ecdsa_write_signature_det() was deprecated.
|
||||
* pk_sign() no longer accepts md_alg == POLARSSL_MD_NONE with ECDSA.
|
||||
* Last argument of x509_crt_check_key_usage() and
|
||||
@ -3061,7 +3073,7 @@ XySSL ChangeLog
|
||||
not swapped on PadLock; also fixed compilation on older versions
|
||||
of gcc (bug reported by David Barrett)
|
||||
* Correctly handle the case in padlock_xcryptcbc() when input or
|
||||
ouput data is non-aligned by falling back to the software
|
||||
output data is non-aligned by falling back to the software
|
||||
implementation, as VIA Nehemiah cannot handle non-aligned buffers
|
||||
* Fixed a memory leak in x509parse_crt() which was reported by Greg
|
||||
Robson-Garth; some x509write.c fixes by Pascal Vizeli, thanks to
|
||||
|
@ -47,7 +47,7 @@ In order to build for a Windows platform, you should use `WINDOWS_BUILD=1` if th
|
||||
|
||||
Setting the variable `SHARED` in your environment will build shared libraries in addition to the static libraries. Setting `DEBUG` gives you a debug build. You can override `CFLAGS` and `LDFLAGS` by setting them in your environment or on the make command line; compiler warning options may be overridden separately using `WARNING_CFLAGS`. Some directory-specific options (for example, `-I` directives) are still preserved.
|
||||
|
||||
Please note that setting `CFLAGS` overrides its default value of `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -W`), so if you just want to add some warning options to the default ones, you can do so by setting `CFLAGS=-O2 -Werror` for example. Setting `WARNING_CFLAGS` is useful when you want to get rid of its default content (for example because your compiler doesn't accept `-Wall` as an option). Directory-specific options cannot be overriden from the command line.
|
||||
Please note that setting `CFLAGS` overrides its default value of `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -W`), so if you just want to add some warning options to the default ones, you can do so by setting `CFLAGS=-O2 -Werror` for example. Setting `WARNING_CFLAGS` is useful when you want to get rid of its default content (for example because your compiler doesn't accept `-Wall` as an option). Directory-specific options cannot be overridden from the command line.
|
||||
|
||||
Depending on your platform, you might run into some issues. Please check the Makefiles in `library/`, `programs/` and `tests/` for options to manually add or remove for specific platforms. You can also check [the Mbed TLS Knowledge Base](https://tls.mbed.org/kb) for articles on your platform or issue.
|
||||
|
||||
|
@ -756,7 +756,7 @@
|
||||
"sw $10, %2 \n\t" \
|
||||
: "=m" (c), "=m" (d), "=m" (s) \
|
||||
: "m" (s), "m" (d), "m" (c), "m" (b) \
|
||||
: "$9", "$10", "$11", "$12", "$13", "$14", "$15" \
|
||||
: "$9", "$10", "$11", "$12", "$13", "$14", "$15", "lo", "hi" \
|
||||
);
|
||||
|
||||
#endif /* MIPS */
|
||||
|
@ -50,6 +50,11 @@
|
||||
!defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
|
||||
#define MBEDTLS_PLATFORM_SNPRINTF_ALT
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) && \
|
||||
!defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
|
||||
#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
|
||||
#endif
|
||||
#endif /* _WIN32 */
|
||||
|
||||
#if defined(TARGET_LIKE_MBED) && \
|
||||
@ -701,7 +706,7 @@
|
||||
/*
|
||||
* Avoid warning from -pedantic. This is a convenient place for this
|
||||
* workaround since this is included by every single file before the
|
||||
* #if defined(MBEDTLS_xxx_C) that results in emtpy translation units.
|
||||
* #if defined(MBEDTLS_xxx_C) that results in empty translation units.
|
||||
*/
|
||||
typedef int mbedtls_iso_c_forbids_empty_translation_units;
|
||||
|
||||
|
@ -139,7 +139,7 @@
|
||||
*
|
||||
* System has time.h, time(), and an implementation for
|
||||
* mbedtls_platform_gmtime_r() (see below).
|
||||
* The time needs to be correct (not necesarily very accurate, but at least
|
||||
* The time needs to be correct (not necessarily very accurate, but at least
|
||||
* the date should be correct). This is used to verify the validity period of
|
||||
* X.509 certificates.
|
||||
*
|
||||
@ -226,6 +226,7 @@
|
||||
//#define MBEDTLS_PLATFORM_FPRINTF_ALT
|
||||
//#define MBEDTLS_PLATFORM_PRINTF_ALT
|
||||
//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
|
||||
//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
|
||||
//#define MBEDTLS_PLATFORM_NV_SEED_ALT
|
||||
//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
|
||||
|
||||
@ -401,7 +402,7 @@
|
||||
* \note Because of a signature change, the core AES encryption and decryption routines are
|
||||
* currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
|
||||
* respectively. When setting up alternative implementations, these functions should
|
||||
* be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
|
||||
* be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
|
||||
* must stay untouched.
|
||||
*
|
||||
* \note If you use the AES_xxx_ALT macros, then is is recommended to also set
|
||||
@ -1538,7 +1539,7 @@
|
||||
* \def MBEDTLS_SSL_SESSION_TICKETS
|
||||
*
|
||||
* Enable support for RFC 5077 session tickets in SSL.
|
||||
* Client-side, provides full support for session tickets (maintainance of a
|
||||
* Client-side, provides full support for session tickets (maintenance of a
|
||||
* session store remains the responsibility of the application, though).
|
||||
* Server-side, you also need to provide callbacks for writing and parsing
|
||||
* tickets, including authenticated encryption and key management. Example
|
||||
@ -1722,7 +1723,7 @@
|
||||
*
|
||||
* \warning TLS-level compression MAY REDUCE SECURITY! See for example the
|
||||
* CRIME attack. Before enabling this option, you should examine with care if
|
||||
* CRIME or similar exploits may be a applicable to your use case.
|
||||
* CRIME or similar exploits may be applicable to your use case.
|
||||
*
|
||||
* \note Currently compression can't be used with DTLS.
|
||||
*
|
||||
@ -3053,7 +3054,7 @@
|
||||
//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
|
||||
//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
|
||||
/* Note: your snprintf must correclty zero-terminate the buffer! */
|
||||
/* Note: your snprintf must correctly zero-terminate the buffer! */
|
||||
//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
|
||||
@ -3070,8 +3071,9 @@
|
||||
//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
|
||||
//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
|
||||
/* Note: your snprintf must correclty zero-terminate the buffer! */
|
||||
/* Note: your snprintf must correctly zero-terminate the buffer! */
|
||||
//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
|
||||
|
||||
|
@ -82,7 +82,7 @@ extern "C" {
|
||||
*/
|
||||
typedef struct mbedtls_hmac_drbg_context
|
||||
{
|
||||
/* Working state: the key K is not stored explicitely,
|
||||
/* Working state: the key K is not stored explicitly,
|
||||
* but is implied by the HMAC context */
|
||||
mbedtls_md_context_t md_ctx; /*!< HMAC context (inc. K) */
|
||||
unsigned char V[MBEDTLS_MD_MAX_SIZE]; /*!< V in the spec */
|
||||
|
@ -58,17 +58,33 @@ extern "C" {
|
||||
* \{
|
||||
*/
|
||||
|
||||
/* The older Microsoft Windows common runtime provides non-conforming
|
||||
* implementations of some standard library functions, including snprintf
|
||||
* and vsnprintf. This affects MSVC and MinGW builds.
|
||||
*/
|
||||
#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER <= 1900)
|
||||
#define MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF
|
||||
#define MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <time.h>
|
||||
#if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
|
||||
#if defined(_WIN32)
|
||||
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
|
||||
#define MBEDTLS_PLATFORM_STD_SNPRINTF mbedtls_platform_win32_snprintf /**< The default \c snprintf function to use. */
|
||||
#else
|
||||
#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< The default \c snprintf function to use. */
|
||||
#endif
|
||||
#endif
|
||||
#if !defined(MBEDTLS_PLATFORM_STD_VSNPRINTF)
|
||||
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
|
||||
#define MBEDTLS_PLATFORM_STD_VSNPRINTF mbedtls_platform_win32_vsnprintf /**< The default \c vsnprintf function to use. */
|
||||
#else
|
||||
#define MBEDTLS_PLATFORM_STD_VSNPRINTF vsnprintf /**< The default \c vsnprintf function to use. */
|
||||
#endif
|
||||
#endif
|
||||
#if !defined(MBEDTLS_PLATFORM_STD_PRINTF)
|
||||
#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< The default \c printf function to use. */
|
||||
#endif
|
||||
@ -204,7 +220,7 @@ int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) );
|
||||
* - however it is acceptable to return -1 instead of the required length when
|
||||
* the destination buffer is too short.
|
||||
*/
|
||||
#if defined(_WIN32)
|
||||
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
|
||||
/* For Windows (inc. MSYS2), we provide our own fixed implementation */
|
||||
int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... );
|
||||
#endif
|
||||
@ -230,6 +246,41 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
|
||||
#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */
|
||||
#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
|
||||
|
||||
/*
|
||||
* The function pointers for vsnprintf
|
||||
*
|
||||
* The vsnprintf implementation should conform to C99:
|
||||
* - it *must* always correctly zero-terminate the buffer
|
||||
* (except when n == 0, then it must leave the buffer untouched)
|
||||
* - however it is acceptable to return -1 instead of the required length when
|
||||
* the destination buffer is too short.
|
||||
*/
|
||||
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
|
||||
/* For Older Windows (inc. MSYS2), we provide our own fixed implementation */
|
||||
int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
|
||||
#include <stdarg.h>
|
||||
extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_list arg );
|
||||
|
||||
/**
|
||||
* \brief Set your own snprintf function pointer
|
||||
*
|
||||
* \param vsnprintf_func The \c vsnprintf function implementation
|
||||
*
|
||||
* \return \c 0
|
||||
*/
|
||||
int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
|
||||
const char * format, va_list arg ) );
|
||||
#else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
|
||||
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
|
||||
#define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO
|
||||
#else
|
||||
#define mbedtls_vsnprintf vsnprintf
|
||||
#endif /* MBEDTLS_PLATFORM_VSNPRINTF_MACRO */
|
||||
#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
|
||||
|
||||
/*
|
||||
* The function pointers for exit
|
||||
*/
|
||||
|
@ -150,13 +150,13 @@ mbedtls_rsa_context;
|
||||
* \note The choice of padding mode is strictly enforced for private key
|
||||
* operations, since there might be security concerns in
|
||||
* mixing padding modes. For public key operations it is
|
||||
* a default value, which can be overriden by calling specific
|
||||
* a default value, which can be overridden by calling specific
|
||||
* \c rsa_rsaes_xxx or \c rsa_rsassa_xxx functions.
|
||||
*
|
||||
* \note The hash selected in \p hash_id is always used for OEAP
|
||||
* encryption. For PSS signatures, it is always used for
|
||||
* making signatures, but can be overriden for verifying them.
|
||||
* If set to #MBEDTLS_MD_NONE, it is always overriden.
|
||||
* making signatures, but can be overridden for verifying them.
|
||||
* If set to #MBEDTLS_MD_NONE, it is always overridden.
|
||||
*
|
||||
* \param ctx The RSA context to initialize. This must not be \c NULL.
|
||||
* \param padding The padding mode to use. This must be either
|
||||
|
@ -2055,7 +2055,7 @@ void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
|
||||
* provision more than one cert/key pair (eg one ECDSA, one
|
||||
* RSA with SHA-256, one RSA with SHA-1). An adequate
|
||||
* certificate will be selected according to the client's
|
||||
* advertised capabilities. In case mutliple certificates are
|
||||
* advertised capabilities. In case multiple certificates are
|
||||
* adequate, preference is given to the one set by the first
|
||||
* call to this function, then second, etc.
|
||||
*
|
||||
@ -3300,7 +3300,7 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl );
|
||||
* mbedtls_ssl_config_defaults() or mbedtls_ssl_config_free().
|
||||
*
|
||||
* \note You need to call mbedtls_ssl_config_defaults() unless you
|
||||
* manually set all of the relevent fields yourself.
|
||||
* manually set all of the relevant fields yourself.
|
||||
*
|
||||
* \param conf SSL configuration context
|
||||
*/
|
||||
|
@ -117,14 +117,14 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
|
||||
/**
|
||||
* \brief Implementation of the ticket write callback
|
||||
*
|
||||
* \note See \c mbedlts_ssl_ticket_write_t for description
|
||||
* \note See \c mbedtls_ssl_ticket_write_t for description
|
||||
*/
|
||||
mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write;
|
||||
|
||||
/**
|
||||
* \brief Implementation of the ticket parse callback
|
||||
*
|
||||
* \note See \c mbedlts_ssl_ticket_parse_t for description
|
||||
* \note See \c mbedtls_ssl_ticket_parse_t for description
|
||||
*/
|
||||
mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
|
||||
|
||||
|
@ -77,7 +77,7 @@
|
||||
#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 /**< Allocation of memory failed. */
|
||||
#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */
|
||||
#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 /**< Destination buffer is too small. */
|
||||
#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /**< A fatal error occured, eg the chain is too long or the vrfy callback failed. */
|
||||
#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /**< A fatal error occurred, eg the chain is too long or the vrfy callback failed. */
|
||||
/* \} name */
|
||||
|
||||
/**
|
||||
@ -250,7 +250,7 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se
|
||||
*
|
||||
* \param to mbedtls_x509_time to check
|
||||
*
|
||||
* \return 1 if the given time is in the past or an error occured,
|
||||
* \return 1 if the given time is in the past or an error occurred,
|
||||
* 0 otherwise.
|
||||
*/
|
||||
int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
|
||||
@ -264,7 +264,7 @@ int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
|
||||
*
|
||||
* \param from mbedtls_x509_time to check
|
||||
*
|
||||
* \return 1 if the given time is in the future or an error occured,
|
||||
* \return 1 if the given time is in the future or an error occurred,
|
||||
* 0 otherwise.
|
||||
*/
|
||||
int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
|
||||
|
@ -111,7 +111,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
|
||||
/**
|
||||
* \brief Parse one or more CRLs and append them to the chained list
|
||||
*
|
||||
* \note Mutliple CRLs are accepted only if using PEM format
|
||||
* \note Multiple CRLs are accepted only if using PEM format
|
||||
*
|
||||
* \param chain points to the start of the chain
|
||||
* \param buf buffer holding the CRL data in PEM or DER format
|
||||
@ -126,7 +126,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s
|
||||
/**
|
||||
* \brief Load one or more CRLs and append them to the chained list
|
||||
*
|
||||
* \note Mutliple CRLs are accepted only if using PEM format
|
||||
* \note Multiple CRLs are accepted only if using PEM format
|
||||
*
|
||||
* \param chain points to the start of the chain
|
||||
* \param path filename to read the CRLs from (in PEM or DER encoding)
|
||||
|
@ -98,6 +98,12 @@ if(CMAKE_COMPILER_IS_CLANG)
|
||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code")
|
||||
endif(CMAKE_COMPILER_IS_CLANG)
|
||||
|
||||
if(UNSAFE_BUILD)
|
||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error")
|
||||
set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error")
|
||||
set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error")
|
||||
endif(UNSAFE_BUILD)
|
||||
|
||||
if(WIN32)
|
||||
set(libs ${libs} ws2_32)
|
||||
endif(WIN32)
|
||||
|
@ -39,7 +39,7 @@ SOEXT_TLS=so.12
|
||||
SOEXT_X509=so.0
|
||||
SOEXT_CRYPTO=so.3
|
||||
|
||||
# Set AR_DASH= (empty string) to use an ar implentation that does not accept
|
||||
# Set AR_DASH= (empty string) to use an ar implementation that does not accept
|
||||
# the - prefix for command line options (e.g. llvm-ar)
|
||||
AR_DASH ?= -
|
||||
|
||||
|
@ -527,26 +527,38 @@ cleanup:
|
||||
}
|
||||
|
||||
/*
|
||||
* Helper to write the digits high-order first
|
||||
* Helper to write the digits high-order first.
|
||||
*/
|
||||
static int mpi_write_hlp( mbedtls_mpi *X, int radix, char **p )
|
||||
static int mpi_write_hlp( mbedtls_mpi *X, int radix,
|
||||
char **p, const size_t buflen )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_mpi_uint r;
|
||||
size_t length = 0;
|
||||
char *p_end = *p + buflen;
|
||||
|
||||
if( radix < 2 || radix > 16 )
|
||||
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
|
||||
do
|
||||
{
|
||||
if( length >= buflen )
|
||||
{
|
||||
return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
|
||||
}
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, radix ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_div_int( X, NULL, X, radix ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, radix ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_div_int( X, NULL, X, radix ) );
|
||||
/*
|
||||
* Write the residue in the current position, as an ASCII character.
|
||||
*/
|
||||
if( r < 0xA )
|
||||
*(--p_end) = (char)( '0' + r );
|
||||
else
|
||||
*(--p_end) = (char)( 'A' + ( r - 0xA ) );
|
||||
|
||||
if( mbedtls_mpi_cmp_int( X, 0 ) != 0 )
|
||||
MBEDTLS_MPI_CHK( mpi_write_hlp( X, radix, p ) );
|
||||
length++;
|
||||
} while( mbedtls_mpi_cmp_int( X, 0 ) != 0 );
|
||||
|
||||
if( r < 10 )
|
||||
*(*p)++ = (char)( r + 0x30 );
|
||||
else
|
||||
*(*p)++ = (char)( r + 0x37 );
|
||||
memmove( *p, p_end, length );
|
||||
*p += length;
|
||||
|
||||
cleanup:
|
||||
|
||||
@ -619,7 +631,7 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
|
||||
if( T.s == -1 )
|
||||
T.s = 1;
|
||||
|
||||
MBEDTLS_MPI_CHK( mpi_write_hlp( &T, radix, &p ) );
|
||||
MBEDTLS_MPI_CHK( mpi_write_hlp( &T, radix, &p, buflen ) );
|
||||
}
|
||||
|
||||
*p++ = '\0';
|
||||
|
@ -279,7 +279,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
|
||||
CIPHER_VALIDATE_RET( ctx != NULL );
|
||||
CIPHER_VALIDATE_RET( key != NULL );
|
||||
CIPHER_VALIDATE_RET( operation == MBEDTLS_ENCRYPT ||
|
||||
operation == MBEDTLS_DECRYPT );
|
||||
operation == MBEDTLS_DECRYPT );
|
||||
if( ctx->cipher_info == NULL )
|
||||
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
|
||||
|
||||
@ -1414,7 +1414,7 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
|
||||
CIPHER_VALIDATE_RET( output != NULL );
|
||||
CIPHER_VALIDATE_RET( olen != NULL );
|
||||
CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
|
||||
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
if( ctx->psa_enabled == 1 )
|
||||
{
|
||||
|
@ -102,7 +102,8 @@ int mbedtls_ctr_drbg_seed_entropy_len(
|
||||
/*
|
||||
* Initialize with an empty key
|
||||
*/
|
||||
if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
|
||||
if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key,
|
||||
MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
@ -120,8 +121,9 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
|
||||
const unsigned char *custom,
|
||||
size_t len )
|
||||
{
|
||||
return( mbedtls_ctr_drbg_seed_entropy_len( ctx, f_entropy, p_entropy, custom, len,
|
||||
MBEDTLS_CTR_DRBG_ENTROPY_LEN ) );
|
||||
return( mbedtls_ctr_drbg_seed_entropy_len( ctx, f_entropy, p_entropy,
|
||||
custom, len,
|
||||
MBEDTLS_CTR_DRBG_ENTROPY_LEN ) );
|
||||
}
|
||||
|
||||
void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx )
|
||||
@ -136,17 +138,20 @@ void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx )
|
||||
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) );
|
||||
}
|
||||
|
||||
void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, int resistance )
|
||||
void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
|
||||
int resistance )
|
||||
{
|
||||
ctx->prediction_resistance = resistance;
|
||||
}
|
||||
|
||||
void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, size_t len )
|
||||
void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
|
||||
size_t len )
|
||||
{
|
||||
ctx->entropy_len = len;
|
||||
}
|
||||
|
||||
void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, int interval )
|
||||
void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
|
||||
int interval )
|
||||
{
|
||||
ctx->reseed_interval = interval;
|
||||
}
|
||||
@ -154,7 +159,8 @@ void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, int in
|
||||
static int block_cipher_df( unsigned char *output,
|
||||
const unsigned char *data, size_t data_len )
|
||||
{
|
||||
unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16];
|
||||
unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT +
|
||||
MBEDTLS_CTR_DRBG_BLOCKSIZE + 16];
|
||||
unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
|
||||
unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
|
||||
unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE];
|
||||
@ -168,7 +174,8 @@ static int block_cipher_df( unsigned char *output,
|
||||
if( data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
|
||||
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
|
||||
|
||||
memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 );
|
||||
memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT +
|
||||
MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 );
|
||||
mbedtls_aes_init( &aes_ctx );
|
||||
|
||||
/*
|
||||
@ -193,7 +200,8 @@ static int block_cipher_df( unsigned char *output,
|
||||
for( i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++ )
|
||||
key[i] = i;
|
||||
|
||||
if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
|
||||
if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, key,
|
||||
MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
|
||||
{
|
||||
goto exit;
|
||||
}
|
||||
@ -215,7 +223,8 @@ static int block_cipher_df( unsigned char *output,
|
||||
use_len -= ( use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE ) ?
|
||||
MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len;
|
||||
|
||||
if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, chain, chain ) ) != 0 )
|
||||
if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT,
|
||||
chain, chain ) ) != 0 )
|
||||
{
|
||||
goto exit;
|
||||
}
|
||||
@ -232,7 +241,8 @@ static int block_cipher_df( unsigned char *output,
|
||||
/*
|
||||
* Do final encryption with reduced data
|
||||
*/
|
||||
if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
|
||||
if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, tmp,
|
||||
MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
|
||||
{
|
||||
goto exit;
|
||||
}
|
||||
@ -241,7 +251,8 @@ static int block_cipher_df( unsigned char *output,
|
||||
|
||||
for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
|
||||
{
|
||||
if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, iv, iv ) ) != 0 )
|
||||
if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT,
|
||||
iv, iv ) ) != 0 )
|
||||
{
|
||||
goto exit;
|
||||
}
|
||||
@ -277,7 +288,7 @@ exit:
|
||||
* ctx->counter = V
|
||||
*/
|
||||
static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
|
||||
const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] )
|
||||
const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] )
|
||||
{
|
||||
unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
|
||||
unsigned char *p = tmp;
|
||||
@ -298,8 +309,11 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
|
||||
/*
|
||||
* Crypt counter block
|
||||
*/
|
||||
if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p ) ) != 0 )
|
||||
if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT,
|
||||
ctx->counter, p ) ) != 0 )
|
||||
{
|
||||
goto exit;
|
||||
}
|
||||
|
||||
p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
|
||||
}
|
||||
@ -310,9 +324,13 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
|
||||
/*
|
||||
* Update key and counter
|
||||
*/
|
||||
if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
|
||||
if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp,
|
||||
MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
|
||||
{
|
||||
goto exit;
|
||||
memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE );
|
||||
}
|
||||
memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE,
|
||||
MBEDTLS_CTR_DRBG_BLOCKSIZE );
|
||||
|
||||
exit:
|
||||
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
|
||||
@ -496,11 +514,14 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
|
||||
/*
|
||||
* Crypt counter block
|
||||
*/
|
||||
if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp ) ) != 0 )
|
||||
if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT,
|
||||
ctx->counter, tmp ) ) != 0 )
|
||||
{
|
||||
goto exit;
|
||||
}
|
||||
|
||||
use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? MBEDTLS_CTR_DRBG_BLOCKSIZE :
|
||||
output_len;
|
||||
use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE )
|
||||
? MBEDTLS_CTR_DRBG_BLOCKSIZE : output_len;
|
||||
/*
|
||||
* Copy random block to destination
|
||||
*/
|
||||
@ -520,7 +541,8 @@ exit:
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len )
|
||||
int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output,
|
||||
size_t output_len )
|
||||
{
|
||||
int ret;
|
||||
mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng;
|
||||
@ -541,7 +563,8 @@ int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_l
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_FS_IO)
|
||||
int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
|
||||
int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx,
|
||||
const char *path )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
|
||||
FILE *f;
|
||||
@ -550,13 +573,19 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char
|
||||
if( ( f = fopen( path, "wb" ) ) == NULL )
|
||||
return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
|
||||
|
||||
if( ( ret = mbedtls_ctr_drbg_random( ctx, buf, MBEDTLS_CTR_DRBG_MAX_INPUT ) ) != 0 )
|
||||
if( ( ret = mbedtls_ctr_drbg_random( ctx, buf,
|
||||
MBEDTLS_CTR_DRBG_MAX_INPUT ) ) != 0 )
|
||||
goto exit;
|
||||
|
||||
if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != MBEDTLS_CTR_DRBG_MAX_INPUT )
|
||||
if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) !=
|
||||
MBEDTLS_CTR_DRBG_MAX_INPUT )
|
||||
{
|
||||
ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
|
||||
}
|
||||
else
|
||||
{
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_platform_zeroize( buf, sizeof( buf ) );
|
||||
@ -565,7 +594,8 @@ exit:
|
||||
return( ret );
|
||||
}
|
||||
|
||||
int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
|
||||
int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx,
|
||||
const char *path )
|
||||
{
|
||||
int ret = 0;
|
||||
FILE *f = NULL;
|
||||
@ -679,7 +709,7 @@ int mbedtls_ctr_drbg_self_test( int verbose )
|
||||
|
||||
test_offset = 0;
|
||||
CHK( mbedtls_ctr_drbg_seed_entropy_len( &ctx, ctr_drbg_self_test_entropy,
|
||||
(void *) entropy_source_pr, nonce_pers_pr, 16, 32 ) );
|
||||
(void *) entropy_source_pr, nonce_pers_pr, 16, 32 ) );
|
||||
mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON );
|
||||
CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
|
||||
CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
|
||||
@ -700,7 +730,7 @@ int mbedtls_ctr_drbg_self_test( int verbose )
|
||||
|
||||
test_offset = 0;
|
||||
CHK( mbedtls_ctr_drbg_seed_entropy_len( &ctx, ctr_drbg_self_test_entropy,
|
||||
(void *) entropy_source_nopr, nonce_pers_nopr, 16, 32 ) );
|
||||
(void *) entropy_source_nopr, nonce_pers_nopr, 16, 32 ) );
|
||||
CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
|
||||
CHK( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) );
|
||||
CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
|
||||
|
@ -35,6 +35,7 @@
|
||||
#define mbedtls_free free
|
||||
#define mbedtls_time_t time_t
|
||||
#define mbedtls_snprintf snprintf
|
||||
#define mbedtls_vsnprintf vsnprintf
|
||||
#endif
|
||||
|
||||
#include "mbedtls/debug.h"
|
||||
@ -90,20 +91,7 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
|
||||
return;
|
||||
|
||||
va_start( argp, format );
|
||||
#if defined(_WIN32)
|
||||
#if defined(_TRUNCATE) && !defined(__MINGW32__)
|
||||
ret = _vsnprintf_s( str, DEBUG_BUF_SIZE, _TRUNCATE, format, argp );
|
||||
#else
|
||||
ret = _vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
|
||||
if( ret < 0 || (size_t) ret == DEBUG_BUF_SIZE )
|
||||
{
|
||||
str[DEBUG_BUF_SIZE-1] = '\0';
|
||||
ret = -1;
|
||||
}
|
||||
#endif
|
||||
#else
|
||||
ret = vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
|
||||
#endif
|
||||
ret = mbedtls_vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
|
||||
va_end( argp );
|
||||
|
||||
if( ret >= 0 && ret < DEBUG_BUF_SIZE - 1 )
|
||||
|
@ -951,7 +951,7 @@ static const unsigned char ecjpake_test_pms[] = {
|
||||
0xb4, 0x38, 0xf7, 0x19, 0xd3, 0xc4, 0xf3, 0x51
|
||||
};
|
||||
|
||||
/* Load my private keys and generate the correponding public keys */
|
||||
/* Load my private keys and generate the corresponding public keys */
|
||||
static int ecjpake_test_load( mbedtls_ecjpake_context *ctx,
|
||||
const unsigned char *xm1, size_t len1,
|
||||
const unsigned char *xm2, size_t len2 )
|
||||
|
@ -567,7 +567,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
||||
if( use_ret == -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL) )
|
||||
mbedtls_snprintf( buf, buflen, "X509 - Destination buffer is too small" );
|
||||
if( use_ret == -(MBEDTLS_ERR_X509_FATAL_ERROR) )
|
||||
mbedtls_snprintf( buf, buflen, "X509 - A fatal error occured, eg the chain is too long or the vrfy callback failed" );
|
||||
mbedtls_snprintf( buf, buflen, "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed" );
|
||||
#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */
|
||||
// END generated code
|
||||
|
||||
|
@ -82,28 +82,15 @@ int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ),
|
||||
!( defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&
|
||||
defined(MBEDTLS_PLATFORM_FREE_MACRO) ) */
|
||||
|
||||
#if defined(_WIN32)
|
||||
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
|
||||
#include <stdarg.h>
|
||||
int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... )
|
||||
{
|
||||
int ret;
|
||||
va_list argp;
|
||||
|
||||
/* Avoid calling the invalid parameter handler by checking ourselves */
|
||||
if( s == NULL || n == 0 || fmt == NULL )
|
||||
return( -1 );
|
||||
|
||||
va_start( argp, fmt );
|
||||
#if defined(_TRUNCATE) && !defined(__MINGW32__)
|
||||
ret = _vsnprintf_s( s, n, _TRUNCATE, fmt, argp );
|
||||
#else
|
||||
ret = _vsnprintf( s, n, fmt, argp );
|
||||
if( ret < 0 || (size_t) ret == n )
|
||||
{
|
||||
s[n-1] = '\0';
|
||||
ret = -1;
|
||||
}
|
||||
#endif
|
||||
ret = mbedtls_vsnprintf( s, n, fmt, argp );
|
||||
va_end( argp );
|
||||
|
||||
return( ret );
|
||||
@ -140,6 +127,62 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
|
||||
}
|
||||
#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
|
||||
#include <stdarg.h>
|
||||
int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg )
|
||||
{
|
||||
int ret;
|
||||
|
||||
/* Avoid calling the invalid parameter handler by checking ourselves */
|
||||
if( s == NULL || n == 0 || fmt == NULL )
|
||||
return( -1 );
|
||||
|
||||
#if defined(_TRUNCATE)
|
||||
ret = vsnprintf_s( s, n, _TRUNCATE, fmt, arg );
|
||||
#else
|
||||
ret = vsnprintf( s, n, fmt, arg );
|
||||
if( ret < 0 || (size_t) ret == n )
|
||||
{
|
||||
s[n-1] = '\0';
|
||||
ret = -1;
|
||||
}
|
||||
#endif
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
|
||||
#if !defined(MBEDTLS_PLATFORM_STD_VSNPRINTF)
|
||||
/*
|
||||
* Make dummy function to prevent NULL pointer dereferences
|
||||
*/
|
||||
static int platform_vsnprintf_uninit( char * s, size_t n,
|
||||
const char * format, va_list arg )
|
||||
{
|
||||
((void) s);
|
||||
((void) n);
|
||||
((void) format);
|
||||
((void) arg);
|
||||
return( -1 );
|
||||
}
|
||||
|
||||
#define MBEDTLS_PLATFORM_STD_VSNPRINTF platform_vsnprintf_uninit
|
||||
#endif /* !MBEDTLS_PLATFORM_STD_VSNPRINTF */
|
||||
|
||||
int (*mbedtls_vsnprintf)( char * s, size_t n,
|
||||
const char * format,
|
||||
va_list arg ) = MBEDTLS_PLATFORM_STD_VSNPRINTF;
|
||||
|
||||
int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
|
||||
const char * format,
|
||||
va_list arg ) )
|
||||
{
|
||||
mbedtls_vsnprintf = vsnprintf_func;
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
|
||||
|
||||
#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
|
||||
#if !defined(MBEDTLS_PLATFORM_STD_PRINTF)
|
||||
/*
|
||||
|
@ -1489,7 +1489,7 @@ read_record_header:
|
||||
*/
|
||||
|
||||
/*
|
||||
* Minimal length (with everything empty and extensions ommitted) is
|
||||
* Minimal length (with everything empty and extensions omitted) is
|
||||
* 2 + 32 + 1 + 2 + 1 = 38 bytes. Check that first, so that we can
|
||||
* read at least up to session id length without worrying.
|
||||
*/
|
||||
|
@ -2772,7 +2772,7 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
|
||||
}
|
||||
|
||||
/*
|
||||
* A record can't be split accross datagrams. If we need to read but
|
||||
* A record can't be split across datagrams. If we need to read but
|
||||
* are not at the beginning of a new record, the caller did something
|
||||
* wrong.
|
||||
*/
|
||||
|
@ -72,6 +72,9 @@ static const char *features[] = {
|
||||
#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
|
||||
"MBEDTLS_PLATFORM_SNPRINTF_ALT",
|
||||
#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
|
||||
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
|
||||
"MBEDTLS_PLATFORM_VSNPRINTF_ALT",
|
||||
#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
|
||||
#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
|
||||
"MBEDTLS_PLATFORM_NV_SEED_ALT",
|
||||
#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */
|
||||
|
@ -116,7 +116,7 @@ int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
|
||||
}
|
||||
|
||||
/*
|
||||
* Parse an algorithm identifier with (optional) paramaters
|
||||
* Parse an algorithm identifier with (optional) parameters
|
||||
*/
|
||||
int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
|
||||
mbedtls_x509_buf *alg, mbedtls_x509_buf *params )
|
||||
|
@ -373,7 +373,7 @@ static void x509_crt_verify_chain_reset(
|
||||
for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ )
|
||||
{
|
||||
ver_chain->items[i].crt = NULL;
|
||||
ver_chain->items[i].flags = -1;
|
||||
ver_chain->items[i].flags = (uint32_t) -1;
|
||||
}
|
||||
|
||||
ver_chain->len = 0;
|
||||
@ -2261,7 +2261,7 @@ static int x509_crt_check_ee_locally_trusted(
|
||||
* Tests for (aspects of) this function should include at least:
|
||||
* - trusted EE
|
||||
* - EE -> trusted root
|
||||
* - EE -> intermedate CA -> trusted root
|
||||
* - EE -> intermediate CA -> trusted root
|
||||
* - if relevant: EE untrusted
|
||||
* - if relevant: EE -> intermediate, untrusted
|
||||
* with the aspect under test checked at each relevant level (EE, int, root).
|
||||
|
@ -21,7 +21,7 @@ FAILED=0
|
||||
SKIPPED=0
|
||||
SRVMEM=0
|
||||
|
||||
# default commands, can be overriden by the environment
|
||||
# default commands, can be overridden by the environment
|
||||
: ${M_SRV:=../programs/ssl/ssl_server2}
|
||||
: ${M_CLI:=../programs/ssl/ssl_client2}
|
||||
: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
|
||||
|
1788
tests/scripts/all.sh
1788
tests/scripts/all.sh
File diff suppressed because it is too large
Load Diff
@ -75,11 +75,10 @@ class TestDataParser(object):
|
||||
:param split_char: Split character
|
||||
:return: List of splits
|
||||
"""
|
||||
split_colon_fn = lambda x: re.sub(r'\\' + split_char, split_char, x)
|
||||
if len(split_char) > 1:
|
||||
raise ValueError('Expected split character. Found string!')
|
||||
out = re.sub(r'(\\.)|' + split_char,
|
||||
lambda m: m.group(1) or '\n', inp_str,
|
||||
len(inp_str)).split('\n')
|
||||
out = map(split_colon_fn, re.split(r'(?<!\\)' + split_char, inp_str))
|
||||
out = [x for x in out if x]
|
||||
return out
|
||||
|
||||
@ -112,8 +111,8 @@ class TestDataParser(object):
|
||||
args = parts[1:]
|
||||
args_count = len(args)
|
||||
if args_count % 2 != 0:
|
||||
raise TestDataParserError("Number of test arguments should "
|
||||
"be even: %s" % line)
|
||||
err_str_fmt = "Number of test arguments({}) should be even: {}"
|
||||
raise TestDataParserError(err_str_fmt.format(args_count, line))
|
||||
grouped_args = [(args[i * 2], args[(i * 2) + 1])
|
||||
for i in range(len(args)/2)]
|
||||
self.tests.append((name, function_name, dependencies,
|
||||
@ -163,6 +162,7 @@ class MbedTlsTest(BaseHostTest):
|
||||
self.tests = []
|
||||
self.test_index = -1
|
||||
self.dep_index = 0
|
||||
self.suite_passed = True
|
||||
self.error_str = dict()
|
||||
self.error_str[self.DEPENDENCY_SUPPORTED] = \
|
||||
'DEPENDENCY_SUPPORTED'
|
||||
@ -293,7 +293,7 @@ class MbedTlsTest(BaseHostTest):
|
||||
name, function_id, dependencies, args = self.tests[self.test_index]
|
||||
self.run_test(name, function_id, dependencies, args)
|
||||
else:
|
||||
self.notify_complete(True)
|
||||
self.notify_complete(self.suite_passed)
|
||||
|
||||
def run_test(self, name, function_id, dependencies, args):
|
||||
"""
|
||||
@ -353,6 +353,8 @@ class MbedTlsTest(BaseHostTest):
|
||||
self.log('{{__testcase_start;%s}}' % name)
|
||||
self.log('{{__testcase_finish;%s;%d;%d}}' % (name, int_val == 0,
|
||||
int_val != 0))
|
||||
if int_val != 0:
|
||||
self.suite_passed = False
|
||||
self.run_next_test()
|
||||
|
||||
@event_callback("F")
|
||||
|
@ -17,7 +17,7 @@
|
||||
# seem to be a mechanism to reliably check whether the zeroize calls are being
|
||||
# eliminated by compiler optimizations from within the compiled program. The
|
||||
# problem is that a compiler would typically remove what it considers to be
|
||||
# "unecessary" assignments as part of redundant code elimination. To identify
|
||||
# "unnecessary" assignments as part of redundant code elimination. To identify
|
||||
# such code, the compilar will create some form dependency graph between
|
||||
# reads and writes to variables (among other situations). It will then use this
|
||||
# data structure to remove redundant code that does not have an impact on the
|
||||
@ -41,8 +41,6 @@
|
||||
# number does not need to be updated often.
|
||||
|
||||
set confirm off
|
||||
# We don't need to turn off ASLR, so don't try.
|
||||
set disable-randomization off
|
||||
|
||||
file ./programs/test/zeroize
|
||||
break zeroize.c:100
|
||||
|
@ -26,7 +26,7 @@ if cd $( dirname $0 ); then :; else
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# default values, can be overriden by the environment
|
||||
# default values, can be overridden by the environment
|
||||
: ${P_SRV:=../programs/ssl/ssl_server2}
|
||||
: ${P_CLI:=../programs/ssl/ssl_client2}
|
||||
: ${P_PXY:=../programs/test/udp_proxy}
|
||||
@ -167,7 +167,7 @@ requires_config_disabled() {
|
||||
get_config_value_or_default() {
|
||||
NAME="$1"
|
||||
DEF_VAL=$( grep ".*#define.*${NAME}" ../include/mbedtls/config.h |
|
||||
sed 's/^.*\s\([0-9]*\)$/\1/' )
|
||||
sed 's/^.* \([0-9]*\)$/\1/' )
|
||||
../scripts/config.pl get $NAME || echo "$DEF_VAL"
|
||||
}
|
||||
|
||||
@ -689,7 +689,7 @@ run_test() {
|
||||
|
||||
# The filtering in the following two options (-u and -U) do the following
|
||||
# - ignore valgrind output
|
||||
# - filter out everything but lines right after the pattern occurances
|
||||
# - filter out everything but lines right after the pattern occurrences
|
||||
# - keep one of each non-unique line
|
||||
# - count how many lines remain
|
||||
# A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1
|
||||
@ -2802,7 +2802,7 @@ run_test "Authentication: server max_int chain, client default" \
|
||||
key_file=data_files/dir-maxpath/09.key" \
|
||||
"$P_CLI server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
|
||||
0 \
|
||||
-C "X509 - A fatal error occured"
|
||||
-C "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: server max_int+1 chain, client default" \
|
||||
@ -2810,7 +2810,7 @@ run_test "Authentication: server max_int+1 chain, client default" \
|
||||
key_file=data_files/dir-maxpath/10.key" \
|
||||
"$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
|
||||
1 \
|
||||
-c "X509 - A fatal error occured"
|
||||
-c "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: server max_int+1 chain, client optional" \
|
||||
@ -2819,7 +2819,7 @@ run_test "Authentication: server max_int+1 chain, client optional" \
|
||||
"$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
|
||||
auth_mode=optional" \
|
||||
1 \
|
||||
-c "X509 - A fatal error occured"
|
||||
-c "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: server max_int+1 chain, client none" \
|
||||
@ -2828,7 +2828,7 @@ run_test "Authentication: server max_int+1 chain, client none" \
|
||||
"$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
|
||||
auth_mode=none" \
|
||||
0 \
|
||||
-C "X509 - A fatal error occured"
|
||||
-C "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: client max_int+1 chain, server default" \
|
||||
@ -2836,7 +2836,7 @@ run_test "Authentication: client max_int+1 chain, server default" \
|
||||
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
||||
key_file=data_files/dir-maxpath/10.key" \
|
||||
0 \
|
||||
-S "X509 - A fatal error occured"
|
||||
-S "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: client max_int+1 chain, server optional" \
|
||||
@ -2844,7 +2844,7 @@ run_test "Authentication: client max_int+1 chain, server optional" \
|
||||
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
||||
key_file=data_files/dir-maxpath/10.key" \
|
||||
1 \
|
||||
-s "X509 - A fatal error occured"
|
||||
-s "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: client max_int+1 chain, server required" \
|
||||
@ -2852,7 +2852,7 @@ run_test "Authentication: client max_int+1 chain, server required" \
|
||||
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
||||
key_file=data_files/dir-maxpath/10.key" \
|
||||
1 \
|
||||
-s "X509 - A fatal error occured"
|
||||
-s "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: client max_int chain, server required" \
|
||||
@ -2860,7 +2860,7 @@ run_test "Authentication: client max_int chain, server required" \
|
||||
"$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
|
||||
key_file=data_files/dir-maxpath/09.key" \
|
||||
0 \
|
||||
-S "X509 - A fatal error occured"
|
||||
-S "X509 - A fatal error occurred"
|
||||
|
||||
# Tests for CA list in CertificateRequest messages
|
||||
|
||||
|
@ -41,7 +41,7 @@ ccm_lengths:5:10:5:18:MBEDTLS_ERR_CCM_BAD_INPUT
|
||||
CCM lengths #6 tag length not even
|
||||
ccm_lengths:5:10:5:7:MBEDTLS_ERR_CCM_BAD_INPUT
|
||||
|
||||
CCM lenghts #7 AD too long (2^16 - 2^8 + 1)
|
||||
CCM lengths #7 AD too long (2^16 - 2^8 + 1)
|
||||
depends_on:!MBEDTLS_CCM_ALT
|
||||
ccm_lengths:5:10:65281:8:MBEDTLS_ERR_CCM_BAD_INPUT
|
||||
|
||||
|
@ -278,7 +278,7 @@ void ecdh_exchange( int id )
|
||||
mbedtls_ecdh_init( &cli );
|
||||
memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
|
||||
|
||||
TEST_ASSERT( mbedtls_ecdh_setup( &srv, id ) == 0 );
|
||||
TEST_ASSERT( mbedtls_ecdh_setup( &srv, id ) == 0 );
|
||||
|
||||
memset( buf, 0x00, sizeof( buf ) ); vbuf = buf;
|
||||
TEST_ASSERT( mbedtls_ecdh_make_params( &srv, &len, buf, 1000,
|
||||
@ -351,7 +351,7 @@ void ecdh_restart( int id, char *dA_str, char *dB_str, char *z_str,
|
||||
mbedtls_ecdh_enable_restart( &cli );
|
||||
}
|
||||
|
||||
/* server writes its paramaters */
|
||||
/* server writes its parameters */
|
||||
memset( buf, 0x00, sizeof( buf ) );
|
||||
len = 0;
|
||||
|
||||
|
@ -30,7 +30,7 @@ void mbedtls_nist_kw_mix_contexts( )
|
||||
memset( key, 0, sizeof( key ) );
|
||||
|
||||
/*
|
||||
* 1. Check wrap and unwrap with two seperate contexts
|
||||
* 1. Check wrap and unwrap with two separate contexts
|
||||
*/
|
||||
mbedtls_nist_kw_init( &ctx1 );
|
||||
mbedtls_nist_kw_init( &ctx2 );
|
||||
|
@ -478,7 +478,7 @@ mbedtls_rsa_import:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bb
|
||||
RSA Import (N,-,-,D,E)
|
||||
mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:1:0:0
|
||||
|
||||
RSA Import (N,-,-,D,E), succesive
|
||||
RSA Import (N,-,-,D,E), successive
|
||||
mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1:0:0
|
||||
|
||||
RSA Import (N,P,Q,-,E)
|
||||
@ -565,7 +565,7 @@ mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7
|
||||
RSA Export (N,-,-,D,E)
|
||||
mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:0
|
||||
|
||||
RSA Export (N,-,-,D,E), succesive
|
||||
RSA Export (N,-,-,D,E), successive
|
||||
mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1
|
||||
|
||||
RSA Export (N,P,Q,-,E)
|
||||
@ -586,7 +586,7 @@ mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f
|
||||
RSA Export Raw (N,-,-,D,E)
|
||||
mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:0
|
||||
|
||||
RSA Export Raw (N,-,-,D,E), succesive
|
||||
RSA Export Raw (N,-,-,D,E), successive
|
||||
mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1
|
||||
|
||||
RSA Export Raw (N,P,Q,-,E)
|
||||
|
Loading…
Reference in New Issue
Block a user