Merge branch 'gcc-compiler-warnings'
diff --git a/ChangeLog b/ChangeLog
index f96786d..0a857ba 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,12 @@
mbed TLS ChangeLog (Sorted per branch, date)
+= mbed TLS 2.4.1 branch released 2016-12-13
+
+Changes
+ * Update to CMAC test data, taken from - NIST Special Publication 800-38B -
+ Recommendation for Block Cipher Modes of Operation: The CMAC Mode for
+ Authentication – October 2016
+
= mbed TLS 2.4.0 branch released 2016-10-17
Security
diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h
index f2fcc8b..0794167 100644
--- a/doxygen/input/doc_mainpage.h
+++ b/doxygen/input/doc_mainpage.h
@@ -21,7 +21,7 @@
*/
/**
- * @mainpage mbed TLS v2.4.0 source code documentation
+ * @mainpage mbed TLS v2.4.1 source code documentation
*
* This documentation describes the internal structure of mbed TLS. It was
* automatically generated from specially formatted comment blocks in
diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index 344be8c..e58794e 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -28,7 +28,7 @@
# identify the project. Note that if you do not use Doxywizard you need
# to put quotes around the project name if it contains spaces.
-PROJECT_NAME = "mbed TLS v2.4.0"
+PROJECT_NAME = "mbed TLS v2.4.1"
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
# This could be handy for archiving the generated documentation or
diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index 75e0b97..9a2b96b 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -58,9 +58,13 @@
/**
* \brief Set the CMAC key and prepare to authenticate the input
* data.
- * Should be called with an initialised cipher context.
+ * Should be called with an initialized cipher context.
*
- * \param ctx Cipher context
+ * \param ctx Cipher context. This should be a cipher context,
+ * initialized to be one of the following types:
+ * MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_CIPHER_AES_192_ECB,
+ * MBEDTLS_CIPHER_AES_256_ECB or
+ * MBEDTLS_CIPHER_DES_EDE3_ECB.
* \param key CMAC key
* \param keybits length of the CMAC key in bits
* (must be acceptable by the cipher)
@@ -115,7 +119,7 @@
int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
/**
- * \brief Output = Generic_CMAC( hmac key, input buffer )
+ * \brief Output = Generic_CMAC( cmac key, input buffer )
*
* \param cipher_info message digest info
* \param key CMAC key
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index ba499d2..2c02190 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -2513,7 +2513,6 @@
* \param transport MBEDTLS_SSL_TRANSPORT_STREAM for TLS, or
* MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS
* \param preset a MBEDTLS_SSL_PRESET_XXX value
- * (currently unused).
*
* \note See \c mbedtls_ssl_conf_transport() for notes on DTLS.
*
diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h
index 6c0cc9b..3270346 100644
--- a/include/mbedtls/version.h
+++ b/include/mbedtls/version.h
@@ -39,16 +39,16 @@
*/
#define MBEDTLS_VERSION_MAJOR 2
#define MBEDTLS_VERSION_MINOR 4
-#define MBEDTLS_VERSION_PATCH 0
+#define MBEDTLS_VERSION_PATCH 1
/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
-#define MBEDTLS_VERSION_NUMBER 0x02040000
-#define MBEDTLS_VERSION_STRING "2.4.0"
-#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.4.0"
+#define MBEDTLS_VERSION_NUMBER 0x02040100
+#define MBEDTLS_VERSION_STRING "2.4.1"
+#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.4.1"
#if defined(MBEDTLS_VERSION_C)
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 6eb11f2..8882ddf 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -140,15 +140,15 @@
if(USE_SHARED_MBEDTLS_LIBRARY)
add_library(mbedcrypto SHARED ${src_crypto})
- set_target_properties(mbedcrypto PROPERTIES VERSION 2.4.0 SOVERSION 0)
+ set_target_properties(mbedcrypto PROPERTIES VERSION 2.4.1 SOVERSION 0)
target_link_libraries(mbedcrypto ${libs})
add_library(mbedx509 SHARED ${src_x509})
- set_target_properties(mbedx509 PROPERTIES VERSION 2.4.0 SOVERSION 0)
+ set_target_properties(mbedx509 PROPERTIES VERSION 2.4.1 SOVERSION 0)
target_link_libraries(mbedx509 ${libs} mbedcrypto)
add_library(mbedtls SHARED ${src_tls})
- set_target_properties(mbedtls PROPERTIES VERSION 2.4.0 SOVERSION 10)
+ set_target_properties(mbedtls PROPERTIES VERSION 2.4.1 SOVERSION 10)
target_link_libraries(mbedtls ${libs} mbedx509)
install(TARGETS mbedtls mbedx509 mbedcrypto
diff --git a/library/cmac.c b/library/cmac.c
index 0fa5b58..b2fe713 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -26,7 +26,7 @@
*
* - NIST SP 800-38B Recommendation for Block Cipher Modes of Operation: The
* CMAC Mode for Authentication
- * http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38b.pdf
+ * http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38b.pdf
*
* - RFC 4493 - The AES-CMAC Algorithm
* https://tools.ietf.org/html/rfc4493
@@ -470,8 +470,9 @@
#if defined(MBEDTLS_SELF_TEST)
/*
- * CMAC test data from SP800-38B Appendix D.1 (corrected)
- * http://csrc.nist.gov/publications/nistpubs/800-38B/Updated_CMAC_Examples.pdf
+ * CMAC test data for SP800-38B
+ * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_CMAC.pdf
+ * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/TDES_CMAC.pdf
*
* AES-CMAC-PRF-128 test data from RFC 4615
* https://tools.ietf.org/html/rfc4615#page-4
@@ -483,128 +484,148 @@
#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C)
/* All CMAC test inputs are truncated from the same 64 byte buffer. */
static const unsigned char test_message[] = {
- 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
- 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
- 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
- 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
- 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
- 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
- 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
- 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
+ /* PT */
+ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
+ 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
+ 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
+ 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
+ 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
+ 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
+ 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
};
#endif /* MBEDTLS_AES_C || MBEDTLS_DES_C */
#if defined(MBEDTLS_AES_C)
/* Truncation point of message for AES CMAC tests */
static const unsigned int aes_message_lengths[NB_CMAC_TESTS_PER_KEY] = {
+ /* Mlen */
0,
16,
- 40,
+ 20,
64
};
-/* AES 128 CMAC Test Data */
+/* CMAC-AES128 Test Data */
static const unsigned char aes_128_key[16] = {
- 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
- 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
+ 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
+ 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
};
static const unsigned char aes_128_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
{
- 0xfb, 0xee, 0xd6, 0x18, 0x35, 0x71, 0x33, 0x66,
- 0x7c, 0x85, 0xe0, 0x8f, 0x72, 0x36, 0xa8, 0xde
+ /* K1 */
+ 0xfb, 0xee, 0xd6, 0x18, 0x35, 0x71, 0x33, 0x66,
+ 0x7c, 0x85, 0xe0, 0x8f, 0x72, 0x36, 0xa8, 0xde
},
{
- 0xf7, 0xdd, 0xac, 0x30, 0x6a, 0xe2, 0x66, 0xcc,
- 0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b
+ /* K2 */
+ 0xf7, 0xdd, 0xac, 0x30, 0x6a, 0xe2, 0x66, 0xcc,
+ 0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b
}
};
static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
{
- 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
- 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
+ /* Example #1 */
+ 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
+ 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
},
{
- 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
- 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
+ /* Example #2 */
+ 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
+ 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
},
{
- 0xdf, 0xa6, 0x67, 0x47, 0xde, 0x9a, 0xe6, 0x30,
- 0x30, 0xca, 0x32, 0x61, 0x14, 0x97, 0xc8, 0x27
+ /* Example #3 */
+ 0x7d, 0x85, 0x44, 0x9e, 0xa6, 0xea, 0x19, 0xc8,
+ 0x23, 0xa7, 0xbf, 0x78, 0x83, 0x7d, 0xfa, 0xde
},
{
- 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
- 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
+ /* Example #4 */
+ 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
+ 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
}
};
-/* AES 192 CMAC Test Data */
+/* CMAC-AES192 Test Data */
static const unsigned char aes_192_key[24] = {
- 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
- 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
- 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
+ 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
+ 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
+ 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
};
static const unsigned char aes_192_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
{
- 0x44, 0x8a, 0x5b, 0x1c, 0x93, 0x51, 0x4b, 0x27,
- 0x3e, 0xe6, 0x43, 0x9d, 0xd4, 0xda, 0xa2, 0x96
+ /* K1 */
+ 0x44, 0x8a, 0x5b, 0x1c, 0x93, 0x51, 0x4b, 0x27,
+ 0x3e, 0xe6, 0x43, 0x9d, 0xd4, 0xda, 0xa2, 0x96
},
{
- 0x89, 0x14, 0xb6, 0x39, 0x26, 0xa2, 0x96, 0x4e,
- 0x7d, 0xcc, 0x87, 0x3b, 0xa9, 0xb5, 0x45, 0x2c
+ /* K2 */
+ 0x89, 0x14, 0xb6, 0x39, 0x26, 0xa2, 0x96, 0x4e,
+ 0x7d, 0xcc, 0x87, 0x3b, 0xa9, 0xb5, 0x45, 0x2c
}
};
static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
{
- 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
- 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
+ /* Example #1 */
+ 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
+ 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
},
{
- 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
- 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
+ /* Example #2 */
+ 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
+ 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
},
{
- 0x8a, 0x1d, 0xe5, 0xbe, 0x2e, 0xb3, 0x1a, 0xad,
- 0x08, 0x9a, 0x82, 0xe6, 0xee, 0x90, 0x8b, 0x0e
+ /* Example #3 */
+ 0x3d, 0x75, 0xc1, 0x94, 0xed, 0x96, 0x07, 0x04,
+ 0x44, 0xa9, 0xfa, 0x7e, 0xc7, 0x40, 0xec, 0xf8
},
{
- 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
- 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
+ /* Example #4 */
+ 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
+ 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
}
};
-/* AES 256 CMAC Test Data */
+/* CMAC-AES256 Test Data */
static const unsigned char aes_256_key[32] = {
- 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
- 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
- 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
- 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
+ 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
+ 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
+ 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
+ 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
};
static const unsigned char aes_256_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
{
- 0xca, 0xd1, 0xed, 0x03, 0x29, 0x9e, 0xed, 0xac,
- 0x2e, 0x9a, 0x99, 0x80, 0x86, 0x21, 0x50, 0x2f
+ /* K1 */
+ 0xca, 0xd1, 0xed, 0x03, 0x29, 0x9e, 0xed, 0xac,
+ 0x2e, 0x9a, 0x99, 0x80, 0x86, 0x21, 0x50, 0x2f
},
{
- 0x95, 0xa3, 0xda, 0x06, 0x53, 0x3d, 0xdb, 0x58,
- 0x5d, 0x35, 0x33, 0x01, 0x0c, 0x42, 0xa0, 0xd9
+ /* K2 */
+ 0x95, 0xa3, 0xda, 0x06, 0x53, 0x3d, 0xdb, 0x58,
+ 0x5d, 0x35, 0x33, 0x01, 0x0c, 0x42, 0xa0, 0xd9
}
};
static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
{
- 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
- 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
+ /* Example #1 */
+ 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
+ 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
},
{
- 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
- 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
+ /* Example #2 */
+ 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
+ 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
},
{
- 0xaa, 0xf3, 0xd8, 0xf1, 0xde, 0x56, 0x40, 0xc2,
- 0x32, 0xf5, 0xb1, 0x69, 0xb9, 0xc9, 0x11, 0xe6
+ /* Example #3 */
+ 0x15, 0x67, 0x27, 0xdc, 0x08, 0x78, 0x94, 0x4a,
+ 0x02, 0x3c, 0x1f, 0xe0, 0x3b, 0xad, 0x6d, 0x93
},
{
- 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
- 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
+ /* Example #4 */
+ 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
+ 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
}
};
#endif /* MBEDTLS_AES_C */
@@ -613,66 +634,84 @@
/* Truncation point of message for 3DES CMAC tests */
static const unsigned int des3_message_lengths[NB_CMAC_TESTS_PER_KEY] = {
0,
- 8,
+ 16,
20,
32
};
-/* 3DES 2 Key CMAC Test Data */
+/* CMAC-TDES (Generation) - 2 Key Test Data */
static const unsigned char des3_2key_key[24] = {
- 0x4c, 0xf1, 0x51, 0x34, 0xa2, 0x85, 0x0d, 0xd5,
- 0x8a, 0x3d, 0x10, 0xba, 0x80, 0x57, 0x0d, 0x38,
- 0x4c, 0xf1, 0x51, 0x34, 0xa2, 0x85, 0x0d, 0xd5
+ /* Key1 */
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+ /* Key2 */
+ 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xEF, 0x01,
+ /* Key3 */
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
};
static const unsigned char des3_2key_subkeys[2][8] = {
{
- 0x8e, 0xcf, 0x37, 0x3e, 0xd7, 0x1a, 0xfa, 0xef
+ /* K1 */
+ 0x0d, 0xd2, 0xcb, 0x7a, 0x3d, 0x88, 0x88, 0xd9
},
{
- 0x1d, 0x9e, 0x6e, 0x7d, 0xae, 0x35, 0xf5, 0xc5
+ /* K2 */
+ 0x1b, 0xa5, 0x96, 0xf4, 0x7b, 0x11, 0x11, 0xb2
}
};
static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = {
{
- 0xbd, 0x2e, 0xbf, 0x9a, 0x3b, 0xa0, 0x03, 0x61
+ /* Sample #1 */
+ 0x79, 0xce, 0x52, 0xa7, 0xf7, 0x86, 0xa9, 0x60
},
{
- 0x4f, 0xf2, 0xab, 0x81, 0x3c, 0x53, 0xce, 0x83
+ /* Sample #2 */
+ 0xcc, 0x18, 0xa0, 0xb7, 0x9a, 0xf2, 0x41, 0x3b
},
{
- 0x62, 0xdd, 0x1b, 0x47, 0x19, 0x02, 0xbd, 0x4e
+ /* Sample #3 */
+ 0xc0, 0x6d, 0x37, 0x7e, 0xcd, 0x10, 0x19, 0x69
},
{
- 0x31, 0xb1, 0xe4, 0x31, 0xda, 0xbc, 0x4e, 0xb8
+ /* Sample #4 */
+ 0x9c, 0xd3, 0x35, 0x80, 0xf9, 0xb6, 0x4d, 0xfb
}
};
-/* 3DES 3 Key CMAC Test Data */
+/* CMAC-TDES (Generation) - 3 Key Test Data */
static const unsigned char des3_3key_key[24] = {
- 0x8a, 0xa8, 0x3b, 0xf8, 0xcb, 0xda, 0x10, 0x62,
- 0x0b, 0xc1, 0xbf, 0x19, 0xfb, 0xb6, 0xcd, 0x58,
- 0xbc, 0x31, 0x3d, 0x4a, 0x37, 0x1c, 0xa8, 0xb5
+ /* Key1 */
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xaa, 0xcd, 0xef,
+ /* Key2 */
+ 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01,
+ /* Key3 */
+ 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01, 0x23
};
static const unsigned char des3_3key_subkeys[2][8] = {
{
- 0x91, 0x98, 0xe9, 0xd3, 0x14, 0xe6, 0x53, 0x5f
+ /* K1 */
+ 0x9d, 0x74, 0xe7, 0x39, 0x33, 0x17, 0x96, 0xc0
},
{
- 0x23, 0x31, 0xd3, 0xa6, 0x29, 0xcc, 0xa6, 0xa5
+ /* K2 */
+ 0x3a, 0xe9, 0xce, 0x72, 0x66, 0x2f, 0x2d, 0x9b
}
};
static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = {
{
- 0xb7, 0xa6, 0x88, 0xe1, 0x22, 0xff, 0xaf, 0x95
+ /* Sample #1 */
+ 0x7d, 0xb0, 0xd3, 0x7d, 0xf9, 0x36, 0xc5, 0x50
},
{
- 0x8e, 0x8f, 0x29, 0x31, 0x36, 0x28, 0x37, 0x97
+ /* Sample #2 */
+ 0x30, 0x23, 0x9c, 0xf1, 0xf5, 0x2e, 0x66, 0x09
},
{
- 0x74, 0x3d, 0xdb, 0xe0, 0xce, 0x2d, 0xc2, 0xed
+ /* Sample #3 */
+ 0x6c, 0x9f, 0x3e, 0xe4, 0x92, 0x3f, 0x6b, 0xe2
},
{
- 0x33, 0xe6, 0xb1, 0x09, 0x24, 0x00, 0xea, 0xe5
+ /* Sample #4 */
+ 0x99, 0x42, 0x9b, 0xd0, 0xbF, 0x79, 0x04, 0xe5
}
};
@@ -681,8 +720,9 @@
#if defined(MBEDTLS_AES_C)
/* AES AES-CMAC-PRF-128 Test Data */
static const unsigned char PRFK[] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ /* Key */
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0xed, 0xcb
};
@@ -693,25 +733,25 @@
10
};
-/* PRF M */
+/* Message */
static const unsigned char PRFM[] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13
};
static const unsigned char PRFT[NB_PRF_TESTS][16] = {
{
- 0x84, 0xa3, 0x48, 0xa4, 0xa4, 0x5d, 0x23, 0x5b,
- 0xab, 0xff, 0xfc, 0x0d, 0x2b, 0x4d, 0xa0, 0x9a
+ 0x84, 0xa3, 0x48, 0xa4, 0xa4, 0x5d, 0x23, 0x5b,
+ 0xab, 0xff, 0xfc, 0x0d, 0x2b, 0x4d, 0xa0, 0x9a
},
{
- 0x98, 0x0a, 0xe8, 0x7b, 0x5f, 0x4c, 0x9c, 0x52,
- 0x14, 0xf5, 0xb6, 0xa8, 0x45, 0x5e, 0x4c, 0x2d
+ 0x98, 0x0a, 0xe8, 0x7b, 0x5f, 0x4c, 0x9c, 0x52,
+ 0x14, 0xf5, 0xb6, 0xa8, 0x45, 0x5e, 0x4c, 0x2d
},
{
- 0x29, 0x0d, 0x9e, 0x11, 0x2e, 0xdb, 0x09, 0xee,
- 0x14, 0x1f, 0xcf, 0x64, 0xc0, 0xb7, 0x2f, 0x3d
+ 0x29, 0x0d, 0x9e, 0x11, 0x2e, 0xdb, 0x09, 0xee,
+ 0x14, 0x1f, 0xcf, 0x64, 0xc0, 0xb7, 0x2f, 0x3d
}
};
#endif /* MBEDTLS_AES_C */
diff --git a/scripts/output_env.sh b/scripts/output_env.sh
index 441fe18..1afaac3 100755
--- a/scripts/output_env.sh
+++ b/scripts/output_env.sh
@@ -1,5 +1,5 @@
-#!/bin/sh
-#
+#! /usr/bin/env sh
+
# output_env.sh
#
# This file is part of mbed TLS (https://tls.mbed.org)
@@ -17,144 +17,92 @@
# - version of libc, clang, asan and valgrind if installed
# - version of gnuTLS and OpenSSL
-echo
-echo "* Operating system and architecture:"
-uname -a
+print_version()
+{
+ BIN="$1"
+ shift
+ ARGS="$1"
+ shift
+ FAIL_MSG="$1"
+ shift
-echo
-if `hash armcc > /dev/null 2>&1`; then
- echo "* armcc:"
- armcc --vsn | head -n 2
-else
- echo "* armcc not found!"
-fi
-
-echo
-if `hash arm-none-eabi-gcc > /dev/null 2>&1`; then
- echo "* gcc-arm:"
- arm-none-eabi-gcc --version | head -n 1
-else
- echo "* gcc-arm not found!"
-fi
-
-echo
-if `hash gcc > /dev/null 2>&1`; then
- echo "* gcc:"
- gcc --version | head -n 1
-else
- echo "* gcc not found!"
-fi
-
-echo
-if `hash clang > /dev/null 2>&1`; then
- echo "* clang:"
- clang --version | head -n 2
- clang -v 2>&1 | grep Selected
-else
- echo "* clang not found!"
-fi
-
-echo
-if `hash ldd > /dev/null 2>&1`; then
- echo "* libc:"
- ldd --version | head -n 1
-else
- echo "* No ldd present: can't determine libc version!"
-fi
-
-echo
-if `hash valgrind > /dev/null 2>&1`; then
- echo "* valgrind:"
- valgrind --version
-else
- echo "* valgrind not found!"
-fi
-
-echo
-if `hash openssl > /dev/null 2>&1`; then
- echo "* openssl:"
- openssl version
-else
- echo "* openssl not found!"
-fi
-
-if [ -n "${OPENSSL+set}" ]; then
- echo
- if `hash "$OPENSSL" > /dev/null 2>&1`; then
- echo "* $OPENSSL at environment variable 'OPENSSL':"
- $OPENSSL version
- else
- echo "* $OPENSSL at environment variable 'OPENSSL' not found!"
+ if ! `type "$BIN" > /dev/null 2>&1`; then
+ echo "* $FAIL_MSG"
+ return 0
fi
-fi
+
+ BIN=`which "$BIN"`
+ VERSION_STR=`$BIN $ARGS 2>&1`
+
+ # Apply all filters
+ while [ $# -gt 0 ]; do
+ FILTER="$1"
+ shift
+ VERSION_STR=`echo "$VERSION_STR" | $FILTER`
+ done
+
+ echo "* ${BIN##*/}: $BIN: $VERSION_STR"
+}
+
+print_version "uname" "-a" ""
+echo
+
+: ${ARMC5_CC:=armcc}
+print_version "$ARMC5_CC" "--vsn" "armcc not found!" "head -n 2"
+echo
+
+: ${ARMC6_CC:=armclang}
+print_version "$ARMC6_CC" "--vsn" "armclang not found!" "head -n 2"
+echo
+
+print_version "arm-none-eabi-gcc" "--version" "gcc-arm not found!" "head -n 1"
+echo
+
+print_version "gcc" "--version" "gcc not found!" "head -n 1"
+echo
+
+print_version "clang" "--version" "clang not found" "head -n 2"
+echo
+
+print_version "ldd" "--version" \
+ "No ldd present: can't determine libc version!" \
+ "head -n 1"
+echo
+
+print_version "valgrind" "--version" "valgrind not found!"
+echo
+
+: ${OPENSSL:=openssl}
+print_version "$OPENSSL" "version" "openssl not found!"
+echo
if [ -n "${OPENSSL_LEGACY+set}" ]; then
+ print_version "$OPENSSL_LEGACY" "version" "openssl legacy version not found!"
echo
- if `hash "$OPENSSL_LEGACY" > /dev/null 2>&1`; then
- echo "* $OPENSSL_LEGACY at environment variable 'OPENSSL_LEGACY':"
- $OPENSSL_LEGACY version
- else
- echo "* $OPENSSL_LEGACY at environment variable 'OPENSSL_LEGACY' not found!"
- fi
fi
+: ${GNUTLS_CLI:=gnutls-cli}
+print_version "$GNUTLS_CLI" "--version" "gnuTLS client not found!" "head -n 1"
echo
-if `hash gnutls-cli > /dev/null 2>&1`; then
- echo "* gnuTLS client:"
- gnutls-cli --version | head -n 1
-else
- echo "* gnuTLS client not found!"
-fi
+: ${GNUTLS_SERV:=gnutls-serv}
+print_version "$GNUTLS_SERV" "--version" "gnuTLS server not found!" "head -n 1"
echo
-if `hash gnutls-serv > /dev/null 2>&1`; then
- echo "* gnuTLS server:"
- gnutls-serv --version | head -n 1
-else
- echo "* gnuTLS server not found!"
-fi
-
-if [ -n "${GNUTLS_CLI+set}" ]; then
- echo
- if `hash "$GNUTLS_CLI" > /dev/null 2>&1`; then
- echo "* $GNUTLS_CLI at environment variable 'GNUTLS_CLI':"
- $GNUTLS_CLI --version | head -n 1
- else
- echo "* $GNUTLS_CLI at environment variable 'GNUTLS_CLI' not found!"
- fi
-fi
-
-if [ -n "${GNUTLS_SERV+set}" ]; then
- echo
- if `hash "$GNUTLS_SERV" > /dev/null 2>&1`; then
- echo "* $GNUTLS_SERV at environment variable 'GNUTLS_SERV':"
- $GNUTLS_SERV --version | head -n 1
- else
- echo "* $GNUTLS_SERV at environment variable 'GNUTLS_SERV' not found!"
- fi
-fi
if [ -n "${GNUTLS_LEGACY_CLI+set}" ]; then
+ print_version "$GNUTLS_LEGACY_CLI" "--version" \
+ "gnuTLS client legacy version not found!" \
+ "head -n 1"
echo
- if `hash "$GNUTLS_LEGACY_CLI" > /dev/null 2>&1`; then
- echo "* $GNUTLS_LEGACY_CLI at environment variable 'GNUTLS_LEGACY_CLI':"
- $GNUTLS_LEGACY_CLI --version | head -n 1
- else
- echo "* $GNUTLS_LEGACY_CLI at environment variable 'GNUTLS_LEGACY_CLI' not found!"
- fi
fi
if [ -n "${GNUTLS_LEGACY_SERV+set}" ]; then
+ print_version "$GNUTLS_LEGACY_SERV" "--version" \
+ "gnuTLS server legacy version not found!" \
+ "head -n 1"
echo
- if `hash "$GNUTLS_LEGACY_SERV" > /dev/null 2>&1`; then
- echo "* $GNUTLS_LEGACY_SERV at environment variable 'GNUTLS_LEGACY_SERV':"
- $GNUTLS_LEGACY_SERV --version | head -n 1
- else
- echo "* $GNUTLS_LEGACY_SERV at environment variable 'GNUTLS_LEGACY_SERV' not found!"
- fi
fi
-echo
if `hash dpkg > /dev/null 2>&1`; then
echo "* asan:"
dpkg -s libasan2 2> /dev/null | grep -i version
@@ -163,6 +111,4 @@
else
echo "* No dpkg present: can't determine asan version!"
fi
-
echo
-
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index bedf21b..dc27979 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -115,7 +115,7 @@
if (CMAKE_HOST_UNIX)
set(command ln -s ${target} ${link})
else()
- set(command cmd.exe /c mklink /d ${link} ${target})
+ set(command cmd.exe /c mklink /j ${link} ${target})
endif()
execute_process(COMMAND ${command}
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 6e24909..32f79fe 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1,4 +1,4 @@
-#!/bin/sh
+#! /usr/bin/env sh
# all.sh
#
@@ -22,8 +22,11 @@
# Abort on errors (and uninitialised variables)
set -eu
-if [ -d library -a -d include -a -d tests ]; then :; else
- err_msg "Must be run from mbed TLS root"
+if [ "$( uname )" != "Linux" ]; then
+ echo "This script only works in Linux" >&2
+ exit 1
+elif [ -d library -a -d include -a -d tests ]; then :; else
+ echo "Must be run from mbed TLS root" >&2
exit 1
fi
@@ -42,6 +45,13 @@
: ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"}
: ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"}
: ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build}
+: ${ARMC5_BIN_DIR:=/usr/bin}
+: ${ARMC6_BIN_DIR:=/usr/bin}
+
+# if MAKEFLAGS is not set add the -j option to speed up invocations of make
+if [ -n "${MAKEFLAGS+set}" ]; then
+ export MAKEFLAGS="-j"
+fi
usage()
{
@@ -58,6 +68,8 @@
printf " --gnutls-serv=<GnuTLS_serv_path>\t\tPath to GnuTLS server executable to use for most tests.\n"
printf " --gnutls-legacy-cli=<GnuTLS_cli_path>\t\tPath to GnuTLS client executable to use for legacy tests.\n"
printf " --gnutls-legacy-serv=<GnuTLS_serv_path>\t\tPath to GnuTLS server executable to use for legacy tests.\n"
+ printf " --armc5-bin-dir=<ARMC5_bin_dir_path>\t\tPath to the ARM Compiler 5 bin directory.\n"
+ printf " --armc6-bin-dir=<ARMC6_bin_dir_path>\t\tPath to the ARM Compiler 6 bin directory.\n"
}
# remove built files as well as the cmake cache/config
@@ -86,6 +98,16 @@
echo "******************************************************************"
}
+armc6_build_test()
+{
+ FLAGS="$1"
+
+ msg "build: ARM Compiler 6 ($FLAGS), make"
+ ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \
+ WARNING_CFLAGS='--strict --c99' make lib
+ make clean
+}
+
err_msg()
{
echo "$1" >&2
@@ -144,6 +166,14 @@
shift
GNUTLS_LEGACY_SERV="$1"
;;
+ --armc5-bin-dir)
+ shift
+ ARMC5_BIN_DIR="$1"
+ ;;
+ --armc6-bin-dir)
+ shift
+ ARMC6_BIN_DIR="$1"
+ ;;
--help|-h|*)
usage
exit 1
@@ -196,6 +226,13 @@
echo "GNUTLS_SERV: $GNUTLS_SERV"
echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI"
echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV"
+echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR"
+echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR"
+
+ARMC5_CC="$ARMC5_BIN_DIR/armcc"
+ARMC5_AR="$ARMC5_BIN_DIR/armar"
+ARMC6_CC="$ARMC6_BIN_DIR/armclang"
+ARMC6_AR="$ARMC6_BIN_DIR/armar"
# To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh
# we just export the variables they require
@@ -209,7 +246,8 @@
# Make sure the tools we need are available.
check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$GNUTLS_CLI" "$GNUTLS_SERV" \
"$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" "doxygen" "dot" \
- "arm-none-eabi-gcc" "armcc" "i686-w64-mingw32-gcc"
+ "arm-none-eabi-gcc" "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR" \
+ "i686-w64-mingw32-gcc"
#
# Test Suites to be executed
@@ -225,7 +263,8 @@
msg "info: output_env.sh"
OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_CLI" \
GNUTLS_SERV="$GNUTLS_SERV" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" \
- GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" scripts/output_env.sh
+ GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" ARMC5_CC="$ARMC5_CC" \
+ ARMC6_CC="$ARMC6_CC" scripts/output_env.sh
msg "test: recursion.pl" # < 1s
tests/scripts/recursion.pl library/*.c
@@ -244,6 +283,8 @@
cleanup
tests/scripts/doxygen.sh
+# Note - use of yotta is deprecated, and yotta also requires armcc to be on the
+# path, and uses whatever version of armcc it finds there.
msg "build: create and build yotta module" # ~ 30s
cleanup
tests/scripts/yotta-build.sh
@@ -414,7 +455,7 @@
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' make lib
-msg "build: armcc, make"
+msg "build: ARM Compiler 5, make"
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl full
@@ -433,7 +474,15 @@
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT # depends on MBEDTLS_HAVE_TIME
-CC=armcc AR=armar WARNING_CFLAGS='--strict --c99' make lib
+
+CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' make lib
+make clean
+
+armc6_build_test "--target=arm-arm-none-eabi -march=armv7-a"
+armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m"
+armc6_build_test "--target=arm-arm-none-eabi -march=armv8.2-a"
+armc6_build_test "--target=arm-arm-none-eabi -march=armv8-m.main"
+armc6_build_test "--target=aarch64-arm-none-eabi"
msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s
cleanup
diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data
index 52f09ed..22e608f 100644
--- a/tests/suites/test_suite_version.data
+++ b/tests/suites/test_suite_version.data
@@ -1,8 +1,8 @@
Check compiletime library version
-check_compiletime_version:"2.4.0"
+check_compiletime_version:"2.4.1"
Check runtime library version
-check_runtime_version:"2.4.0"
+check_runtime_version:"2.4.1"
Check for MBEDTLS_VERSION_C
check_feature:"MBEDTLS_VERSION_C":0