Merged RSA-PSK key-exchange and ciphersuites
diff --git a/ChangeLog b/ChangeLog
index 79484cb..939d4f5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,27 @@
PolarSSL ChangeLog (Sorted per branch, date)
+= Branch 1.3
+Features
+ * Support for Brainpool curves and TLS ciphersuites (RFC 7027)
+ * Support for ECDHE-PSK key-exchange and ciphersuites
+ * Support for RSA-PSK key-exchange and ciphersuites
+
+Changes
+ * RSA blinding locks for a smaller amount of time
+ * TLS compression only allocates working buffer once
+ * Introduced POLARSSL_HAVE_READDIR_R for systems without it
+ * config.h is more script-friendly
+
+Bugfix
+ * Missing MSVC defines added
+ * Compile errors with POLARSSL_RSA_NO_CRT
+ * Header files with 'polarssl/'
+ * Const correctness
+ * Possible naming collision in dhm_context
+ * Better support for MSVC
+ * threading_set_alt() name
+ * Added missing x509write_crt_set_version()
+
= PolarSSL-1.3.0 released on 2013-10-01
Features
* Elliptic Curve Cryptography module added
@@ -62,6 +84,15 @@
* RSA blinding on CRT operations to counter timing attacks
(found by Cyril Arnaud and Pierre-Alain Fouque)
+= Version 1.2.10 released 2013-10-07
+Changes
+ * Changed RSA blinding to a slower but thread-safe version
+
+Bugfix
+ * Fixed memory leak in RSA as a result of introduction of blinding
+ * Fixed ssl_pkcs11_decrypt() prototype
+ * Fixed MSVC project files
+
= Version 1.2.9 released 2013-10-01
Changes
* x509_verify() now case insensitive for cn (RFC 6125 6.4)
diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index 853c7e6..5ae25c1 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -379,7 +379,7 @@
return 0;
if( ctx->iv_size != 0 )
- return ctx->iv_size;
+ return (int) ctx->iv_size;
return ctx->cipher_info->iv_size;
}
diff --git a/include/polarssl/compat-1.2.h b/include/polarssl/compat-1.2.h
index b60c932..ce4566c 100644
--- a/include/polarssl/compat-1.2.h
+++ b/include/polarssl/compat-1.2.h
@@ -32,6 +32,11 @@
// Comment out to disable prototype change warnings
#define SHOW_PROTOTYPE_CHANGE_WARNINGS
+#if defined _MSC_VER
+// MSVC does not support #warning
+#undef SHOW_PROTOTYPE_CHANGE_WARNINGS
+#endif
+
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "You can disable these warnings by commenting SHOW_PROTOTYPE_CHANGE_WARNINGS in compat-1.2.h"
#endif
@@ -53,14 +58,14 @@
sha256_update( ctx, input, ilen );
}
inline void sha2_finish( sha256_context *ctx, unsigned char output[32] ) {
- return sha256_finish( ctx, output );
+ sha256_finish( ctx, output );
}
inline int sha2_file( const char *path, unsigned char output[32], int is224 ) {
return sha256_file( path, output, is224 );
}
inline void sha2( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 ) {
- return sha256( input, ilen, output, is224 );
+ sha256( input, ilen, output, is224 );
}
inline void sha2_hmac_starts( sha256_context *ctx, const unsigned char *key,
size_t keylen, int is224 ) {
@@ -102,14 +107,14 @@
sha512_update( ctx, input, ilen );
}
inline void sha4_finish( sha512_context *ctx, unsigned char output[64] ) {
- return sha512_finish( ctx, output );
+ sha512_finish( ctx, output );
}
inline int sha4_file( const char *path, unsigned char output[64], int is384 ) {
return sha512_file( path, output, is384 );
}
inline void sha4( const unsigned char *input, size_t ilen,
unsigned char output[32], int is384 ) {
- return sha512( input, ilen, output, is384 );
+ sha512( input, ilen, output, is384 );
}
inline void sha4_hmac_starts( sha512_context *ctx, const unsigned char *key,
size_t keylen, int is384 ) {
@@ -232,7 +237,7 @@
return x509_crt_revoked( crt, crl );
}
inline void x509_free( x509_cert *crt ) {
- return x509_crt_free( crt );
+ x509_crt_free( crt );
}
#endif /* POLARSSL_X509_CRT_PARSE_C */
@@ -354,7 +359,7 @@
int ret;
pk_context ctx;
if( ( ret = pk_init_ctx( &ctx, pk_info_from_type( POLARSSL_PK_RSA ) ) ) != 0 ) return( ret );
- if( ( ret = rsa_copy( ctx.pk_ctx, rsa ) ) != 0 ) return( ret );
+ if( ( ret = rsa_copy( pk_rsa( ctx ), rsa ) ) != 0 ) return( ret );
ret = pk_write_pubkey_der( &ctx, buf, len );
pk_free( &ctx );
return( ret );
@@ -363,7 +368,7 @@
int ret;
pk_context ctx;
if( ( ret = pk_init_ctx( &ctx, pk_info_from_type( POLARSSL_PK_RSA ) ) ) != 0 ) return( ret );
- if( ( ret = rsa_copy( ctx.pk_ctx, rsa ) ) != 0 ) return( ret );
+ if( ( ret = rsa_copy( pk_rsa( ctx ), rsa ) ) != 0 ) return( ret );
ret = pk_write_key_der( &ctx, buf, len );
pk_free( &ctx );
return( ret );
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index 3a173b3..4973ea4 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -48,8 +48,8 @@
* The system uses 8-bit wide native integers.
*
* Uncomment if native integers are 8-bit wide.
-#define POLARSSL_HAVE_INT8
*/
+//#define POLARSSL_HAVE_INT8
/**
* \def POLARSSL_HAVE_INT16
@@ -57,8 +57,8 @@
* The system uses 16-bit wide native integers.
*
* Uncomment if native integers are 16-bit wide.
-#define POLARSSL_HAVE_INT16
*/
+//#define POLARSSL_HAVE_INT16
/**
* \def POLARSSL_HAVE_LONGLONG
@@ -90,8 +90,19 @@
* CPU supports SSE2 instruction set.
*
* Uncomment if the CPU supports SSE2 (IA-32 specific).
-#define POLARSSL_HAVE_SSE2
*/
+//#define POLARSSL_HAVE_SSE2
+
+/**
+ * \def POLARSSL_HAVE_READDIR_R
+ *
+ * (Non Windows) System has readdir_r().
+ *
+ * Required for x509_crt_parse_path() in non-Windows systems.
+ *
+ * Comment if your system does not have support.
+ */
+#define POLARSSL_HAVE_READDIR_R
/**
* \def POLARSSL_HAVE_TIME
@@ -126,19 +137,19 @@
*
* Uncomment a macro to enable alternate implementation for core algorithm
* functions
-#define POLARSSL_AES_ALT
-#define POLARSSL_ARC4_ALT
-#define POLARSSL_BLOWFISH_ALT
-#define POLARSSL_CAMELLIA_ALT
-#define POLARSSL_DES_ALT
-#define POLARSSL_XTEA_ALT
-#define POLARSSL_MD2_ALT
-#define POLARSSL_MD4_ALT
-#define POLARSSL_MD5_ALT
-#define POLARSSL_SHA1_ALT
-#define POLARSSL_SHA256_ALT
-#define POLARSSL_SHA512_ALT
*/
+//#define POLARSSL_AES_ALT
+//#define POLARSSL_ARC4_ALT
+//#define POLARSSL_BLOWFISH_ALT
+//#define POLARSSL_CAMELLIA_ALT
+//#define POLARSSL_DES_ALT
+//#define POLARSSL_XTEA_ALT
+//#define POLARSSL_MD2_ALT
+//#define POLARSSL_MD4_ALT
+//#define POLARSSL_MD5_ALT
+//#define POLARSSL_SHA1_ALT
+//#define POLARSSL_SHA256_ALT
+//#define POLARSSL_SHA512_ALT
/**
* \def POLARSSL_AES_ROM_TABLES
@@ -147,8 +158,8 @@
*
* Uncomment this macro to store the AES tables in ROM.
*
-#define POLARSSL_AES_ROM_TABLES
*/
+//#define POLARSSL_AES_ROM_TABLES
/**
* \def POLARSSL_CIPHER_MODE_CBC
@@ -198,8 +209,8 @@
* TLS_ECDHE_PSK_WITH_NULL_SHA384
*
* Uncomment this macro to enable the NULL cipher and ciphersuites
-#define POLARSSL_CIPHER_NULL_CIPHER
*/
+//#define POLARSSL_CIPHER_NULL_CIPHER
/**
* \def POLARSSL_CIPHER_PADDING_XXX
@@ -228,8 +239,8 @@
* TLS_DHE_RSA_WITH_DES_CBC_SHA
*
* Uncomment this macro to enable weak ciphersuites
-#define POLARSSL_ENABLE_WEAK_CIPHERSUITES
*/
+//#define POLARSSL_ENABLE_WEAK_CIPHERSUITES
/**
* \def POLARSSL_ECP_XXXX_ENABLED
@@ -244,6 +255,9 @@
#define POLARSSL_ECP_DP_SECP256R1_ENABLED
#define POLARSSL_ECP_DP_SECP384R1_ENABLED
#define POLARSSL_ECP_DP_SECP521R1_ENABLED
+#define POLARSSL_ECP_DP_BP256R1_ENABLED
+#define POLARSSL_ECP_DP_BP384R1_ENABLED
+#define POLARSSL_ECP_DP_BP512R1_ENABLED
/**
* \def POLARSSL_KEY_EXCHANGE_PSK_ENABLED
@@ -465,8 +479,8 @@
* application.
*
* Uncomment this macro to prevent loading of default entropy functions.
-#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
*/
+//#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
/**
* \def POLARSSL_NO_PLATFORM_ENTROPY
@@ -476,8 +490,8 @@
* standards like the /dev/urandom or Windows CryptoAPI.
*
* Uncomment this macro to disable the built-in platform entropy functions.
-#define POLARSSL_NO_PLATFORM_ENTROPY
*/
+//#define POLARSSL_NO_PLATFORM_ENTROPY
/**
* \def POLARSSL_MEMORY_DEBUG
@@ -490,8 +504,8 @@
* fprintf()
*
* Uncomment this macro to let the buffer allocator print out error messages.
-#define POLARSSL_MEMORY_DEBUG
-*/
+ */
+//#define POLARSSL_MEMORY_DEBUG
/**
* \def POLARSSL_MEMORY_BACKTRACE
@@ -502,8 +516,8 @@
* GLIBC-compatible backtrace() an backtrace_symbols() support
*
* Uncomment this macro to include backtrace information
-#define POLARSSL_MEMORY_BACKTRACE
*/
+//#define POLARSSL_MEMORY_BACKTRACE
/**
* \def POLARSSL_PKCS1_V15
@@ -534,8 +548,8 @@
*
* Uncomment this macro to disable the use of CRT in RSA.
*
-#define POLARSSL_RSA_NO_CRT
*/
+//#define POLARSSL_RSA_NO_CRT
/**
* \def POLARSSL_SELF_TEST
@@ -571,8 +585,8 @@
* Uncomment this macro to report all debug messages on errors introducing
* a timing side-channel.
*
-#define POLARSSL_SSL_DEBUG_ALL
*/
+//#define POLARSSL_SSL_DEBUG_ALL
/**
* \def POLARSSL_SSL_HW_RECORD_ACCEL
@@ -581,8 +595,8 @@
* individual records.
*
* Uncomment this macro to enable hooking functions.
-#define POLARSSL_SSL_HW_RECORD_ACCEL
*/
+//#define POLARSSL_SSL_HW_RECORD_ACCEL
/**
* \def POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
@@ -690,8 +704,8 @@
* Requires: POLARSSL_THREADING_C
*
* Uncomment this to allow your own alternate threading implementation.
-#define POLARSSL_THREADING_ALT
*/
+//#define POLARSSL_THREADING_ALT
/**
* \def POLARSSL_THREADING_DUMMY
@@ -703,8 +717,8 @@
* Requires: POLARSSL_THREADING_C
*
* Uncomment this to enable code to compile like with threading enabled
-#define POLARSSL_THREADING_DUMMY
*/
+//#define POLARSSL_THREADING_DUMMY
/**
* \def POLARSSL_THREADING_PTHREAD
@@ -714,8 +728,8 @@
* Requires: POLARSSL_THREADING_C
*
* Uncomment this to enable pthread mutexes.
-#define POLARSSL_THREADING_PTHREAD
*/
+//#define POLARSSL_THREADING_PTHREAD
/**
* \def POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
@@ -724,9 +738,8 @@
* and encountering an extension in a v1 or v2 certificate.
*
* Uncomment to prevent an error.
- *
-#define POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
*/
+//#define POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
/**
* \def POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
@@ -735,9 +748,8 @@
* and encountering an unknown critical extension.
*
* Uncomment to prevent an error.
- *
-#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
*/
+//#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
/**
* \def POLARSSL_ZLIB_SUPPORT
@@ -752,8 +764,8 @@
* This feature requires zlib library and headers to be present.
*
* Uncomment to enable use of ZLIB
-#define POLARSSL_ZLIB_SUPPORT
*/
+//#define POLARSSL_ZLIB_SUPPORT
/* \} name SECTION: PolarSSL feature support */
/**
@@ -1036,7 +1048,7 @@
* Caller: library/ecdh.c
* library/ecdsa.c
*
- * Requires: POLARSSL_BIGNUM_C
+ * Requires: POLARSSL_BIGNUM_C and at least one POLARSSL_ECP_DP_XXX_ENABLED
*/
#define POLARSSL_ECP_C
@@ -1102,8 +1114,8 @@
* Requires: POLARSSL_TIMING_C
*
* Uncomment to enable the HAVEGE random generator.
-#define POLARSSL_HAVEGE_C
*/
+//#define POLARSSL_HAVEGE_C
/**
* \def POLARSSL_MD_C
@@ -1126,9 +1138,8 @@
* Caller:
*
* Uncomment to enable support for (rare) MD2-signed X.509 certs.
- *
-#define POLARSSL_MD2_C
*/
+//#define POLARSSL_MD2_C
/**
* \def POLARSSL_MD4_C
@@ -1139,9 +1150,8 @@
* Caller:
*
* Uncomment to enable support for (rare) MD4-signed X.509 certs.
- *
-#define POLARSSL_MD4_C
*/
+//#define POLARSSL_MD4_C
/**
* \def POLARSSL_MD5_C
@@ -1169,8 +1179,8 @@
* This allows different allocators (self-implemented or provided)
*
* Enable this layer to allow use of alternative memory allocators.
-#define POLARSSL_MEMORY_C
*/
+//#define POLARSSL_MEMORY_C
/**
* \def POLARSSL_MEMORY_BUFFER_ALLOC_C
@@ -1184,8 +1194,8 @@
* Requires: POLARSSL_MEMORY_C
*
* Enable this module to enable the buffer memory allocator.
-#define POLARSSL_MEMORY_BUFFER_ALLOC_C
*/
+//#define POLARSSL_MEMORY_BUFFER_ALLOC_C
/**
* \def POLARSSL_NET_C
@@ -1351,8 +1361,8 @@
*
* This module enables SSL/TLS PKCS #11 smartcard support.
* Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
-#define POLARSSL_PKCS11_C
*/
+//#define POLARSSL_PKCS11_C
/**
* \def POLARSSL_PKCS12_C
@@ -1511,8 +1521,8 @@
* POLARSSL_THREADING_PTHREAD or POLARSSL_THREADING_DUMMY.
*
* Enable this layer to allow use of mutexes within PolarSSL
-#define POLARSSL_THREADING_C
*/
+//#define POLARSSL_THREADING_C
/**
* \def POLARSSL_TIMING_C
@@ -1730,7 +1740,15 @@
#error "POLARSSL_ECDSA_C defined, but not all prerequisites"
#endif
-#if defined(POLARSSL_ECP_C) && !defined(POLARSSL_BIGNUM_C)
+#if defined(POLARSSL_ECP_C) && !defined(POLARSSL_BIGNUM_C) || ( \
+ !defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_BP256R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_BP384R1_ENABLED) && \
+ !defined(POLARSSL_ECP_DP_BP512R1_ENABLED) )
#error "POLARSSL_ECP_C defined, but not all prerequisites"
#endif
diff --git a/include/polarssl/dhm.h b/include/polarssl/dhm.h
index 75dff19..4665ff9 100644
--- a/include/polarssl/dhm.h
+++ b/include/polarssl/dhm.h
@@ -152,7 +152,7 @@
mpi RP; /*!< cached R^2 mod P */
mpi Vi; /*!< blinding value */
mpi Vf; /*!< un-blinding value */
- mpi _X; /*!< previous X */
+ mpi pX; /*!< previous X */
}
dhm_context;
diff --git a/include/polarssl/ecdh.h b/include/polarssl/ecdh.h
index 81c8f93..4c82f25 100644
--- a/include/polarssl/ecdh.h
+++ b/include/polarssl/ecdh.h
@@ -27,7 +27,7 @@
#ifndef POLARSSL_ECDH_H
#define POLARSSL_ECDH_H
-#include "polarssl/ecp.h"
+#include "ecp.h"
#ifdef __cplusplus
extern "C" {
diff --git a/include/polarssl/ecdsa.h b/include/polarssl/ecdsa.h
index 4a29ac6..ee60d26 100644
--- a/include/polarssl/ecdsa.h
+++ b/include/polarssl/ecdsa.h
@@ -27,7 +27,7 @@
#ifndef POLARSSL_ECDSA_H
#define POLARSSL_ECDSA_H
-#include "polarssl/ecp.h"
+#include "ecp.h"
/**
* \brief ECDSA context structure
diff --git a/include/polarssl/ecp.h b/include/polarssl/ecp.h
index 3a9a7b6..7940b32 100644
--- a/include/polarssl/ecp.h
+++ b/include/polarssl/ecp.h
@@ -27,7 +27,7 @@
#ifndef POLARSSL_ECP_H
#define POLARSSL_ECP_H
-#include "polarssl/bignum.h"
+#include "bignum.h"
/*
* ECP error codes
@@ -61,12 +61,15 @@
POLARSSL_ECP_DP_SECP256R1, /*!< 256-bits NIST curve */
POLARSSL_ECP_DP_SECP384R1, /*!< 384-bits NIST curve */
POLARSSL_ECP_DP_SECP521R1, /*!< 521-bits NIST curve */
+ POLARSSL_ECP_DP_BP256R1, /*!< 256-bits Brainpool curve */
+ POLARSSL_ECP_DP_BP384R1, /*!< 384-bits Brainpool curve */
+ POLARSSL_ECP_DP_BP512R1, /*!< 512-bits Brainpool curve */
} ecp_group_id;
/**
* Number of supported curves (plus one for NONE)
*/
-#define POLARSSL_ECP_DP_MAX 6
+#define POLARSSL_ECP_DP_MAX 9
/**
* Curve information for use by other modules
@@ -113,21 +116,21 @@
*/
typedef struct
{
- ecp_group_id id; /*!< RFC 4492 group ID */
- mpi P; /*!< prime modulus of the base field */
- mpi A; /*!< currently unused (-3 assumed) */
- mpi B; /*!< constant term in the equation */
- ecp_point G; /*!< generator of the subgroup used */
- mpi N; /*!< the order of G */
- size_t pbits; /*!< number of bits in P */
- size_t nbits; /*!< number of bits in N */
- unsigned int h; /*!< cofactor (unused now: assume 1) */
- int (*modp)(mpi *); /*!< function for fast reduction mod P */
- int (*t_pre)(ecp_point *, void *); /*!< currently unused */
- int (*t_post)(ecp_point *, void *); /*!< currently unused */
- void *t_data; /*!< currently unused */
- ecp_point *T; /*!< pre-computed points (unused now) */
- size_t T_size; /*!< number for pre-computed points */
+ ecp_group_id id; /*!< internal group identifier */
+ mpi P; /*!< prime modulus of the base field */
+ mpi A; /*!< linear term in the equation */
+ mpi B; /*!< constant term in the equation */
+ ecp_point G; /*!< generator of the subgroup used */
+ mpi N; /*!< the order of G */
+ size_t pbits; /*!< number of bits in P */
+ size_t nbits; /*!< number of bits in N */
+ unsigned int h; /*!< cofactor (unused now: assume 1) */
+ int (*modp)(mpi *); /*!< function for fast reduction mod P */
+ int (*t_pre)(ecp_point *, void *); /*!< currently unused */
+ int (*t_post)(ecp_point *, void *); /*!< currently unused */
+ void *t_data; /*!< currently unused */
+ ecp_point *T; /*!< pre-computed points for ecp_mul() */
+ size_t T_size; /*!< number for pre-computed points */
}
ecp_group;
diff --git a/include/polarssl/oid.h b/include/polarssl/oid.h
index 20bacae..85ab04c 100644
--- a/include/polarssl/oid.h
+++ b/include/polarssl/oid.h
@@ -74,6 +74,8 @@
#define OID_OIW_SECSIG_SHA1 OID_OIW_SECSIG_ALG "\x1a"
#define OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */
#define OID_CERTICOM OID_ISO_IDENTIFIED_ORG OID_ORG_CERTICOM
+#define OID_ORG_TELETRUST "\x24" /* teletrust(36) */
+#define OID_TELETRUST OID_ISO_IDENTIFIED_ORG OID_ORG_TELETRUST
/*
* ISO ITU OID parts
@@ -258,7 +260,7 @@
#define OID_EC_ALG_ECDH OID_CERTICOM "\x01\x0c"
/*
- * ECParameters namedCurve identifiers, from RFC 5480
+ * ECParameters namedCurve identifiers, from RFC 5480 and RFC 5639
*/
/* secp192r1 OBJECT IDENTIFIER ::= {
@@ -281,6 +283,23 @@
* iso(1) identified-organization(3) certicom(132) curve(0) 35 } */
#define OID_EC_GRP_SECP521R1 OID_CERTICOM "\x00\x23"
+/* RFC 5639 4.1
+ * ecStdCurvesAndGeneration OBJECT IDENTIFIER::= {iso(1)
+ * identified-organization(3) teletrust(36) algorithm(3) signature-
+ * algorithm(3) ecSign(2) 8}
+ * ellipticCurve OBJECT IDENTIFIER ::= {ecStdCurvesAndGeneration 1}
+ * versionOne OBJECT IDENTIFIER ::= {ellipticCurve 1} */
+#define OID_EC_BRAINPOOL_V1 OID_TELETRUST "\x03\x03\x02\x08\x01\x01"
+
+/* brainpoolP256r1 OBJECT IDENTIFIER ::= {versionOne 7} */
+#define OID_EC_GRP_BP256R1 OID_EC_BRAINPOOL_V1 "\x07"
+
+/* brainpoolP384r1 OBJECT IDENTIFIER ::= {versionOne 11} */
+#define OID_EC_GRP_BP384R1 OID_EC_BRAINPOOL_V1 "\x0B"
+
+/* brainpoolP512r1 OBJECT IDENTIFIER ::= {versionOne 13} */
+#define OID_EC_GRP_BP512R1 OID_EC_BRAINPOOL_V1 "\x0D"
+
/*
* ECDSA signature identifers, from RFC 5480
*/
diff --git a/include/polarssl/pk.h b/include/polarssl/pk.h
index b08f5e3..251c690 100644
--- a/include/polarssl/pk.h
+++ b/include/polarssl/pk.h
@@ -112,7 +112,7 @@
typedef struct
{
pk_debug_type type;
- char *name;
+ const char *name;
void *value;
} pk_debug_item;
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 94c996c..c682c0a 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -675,6 +675,9 @@
size_t out_msglen; /*!< record header: message length */
size_t out_left; /*!< amount of data not yet written */
+#if defined(POLARSSL_ZLIB_SUPPORT)
+ unsigned char *compress_buf; /*!< zlib data buffer */
+#endif
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
unsigned char mfl_code; /*!< MaxFragmentLength chosen by us */
#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
diff --git a/library/asn1write.c b/library/asn1write.c
index d4c1d8d..32d1c73 100644
--- a/library/asn1write.c
+++ b/library/asn1write.c
@@ -44,7 +44,7 @@
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
- *--(*p) = len;
+ *--(*p) = (unsigned char) len;
return( 1 );
}
@@ -53,7 +53,7 @@
if( *p - start < 2 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
- *--(*p) = len;
+ *--(*p) = (unsigned char) len;
*--(*p) = 0x81;
return( 2 );
}
@@ -92,7 +92,7 @@
(*p) -= len;
memcpy( *p, buf, len );
- return( len );
+ return( (int) len );
}
#if defined(POLARSSL_BIGNUM_C)
@@ -126,7 +126,7 @@
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) );
- return( len );
+ return( (int) len );
}
#endif /* POLARSSL_BIGNUM_C */
@@ -140,7 +140,7 @@
ASN1_CHK_ADD( len, asn1_write_len( p, start, 0) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_NULL ) );
- return( len );
+ return( (int) len );
}
int asn1_write_oid( unsigned char **p, unsigned char *start,
@@ -154,7 +154,7 @@
ASN1_CHK_ADD( len , asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len , asn1_write_tag( p, start, ASN1_OID ) );
- return( len );
+ return( (int) len );
}
int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
@@ -175,7 +175,7 @@
ASN1_CHK_ADD( len, asn1_write_tag( p, start,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
- return( len );
+ return( (int) len );
}
int asn1_write_bool( unsigned char **p, unsigned char *start, int boolean )
@@ -192,7 +192,7 @@
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BOOLEAN ) );
- return( len );
+ return( (int) len );
}
int asn1_write_int( unsigned char **p, unsigned char *start, int val )
@@ -222,7 +222,7 @@
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) );
- return( len );
+ return( (int) len );
}
int asn1_write_printable_string( unsigned char **p, unsigned char *start,
@@ -237,7 +237,7 @@
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_PRINTABLE_STRING ) );
- return( len );
+ return( (int) len );
}
int asn1_write_ia5_string( unsigned char **p, unsigned char *start,
@@ -252,7 +252,7 @@
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_IA5_STRING ) );
- return( len );
+ return( (int) len );
}
int asn1_write_bitstring( unsigned char **p, unsigned char *start,
@@ -274,12 +274,12 @@
// Write unused bits
//
- *--(*p) = size * 8 - bits;
+ *--(*p) = (unsigned char) (size * 8 - bits);
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BIT_STRING ) );
- return( len );
+ return( (int) len );
}
int asn1_write_octet_string( unsigned char **p, unsigned char *start,
@@ -293,7 +293,7 @@
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_OCTET_STRING ) );
- return( len );
+ return( (int) len );
}
asn1_named_data *asn1_store_named_data( asn1_named_data **head,
diff --git a/library/base64.c b/library/base64.c
index 4b823b2..e9527db 100644
--- a/library/base64.c
+++ b/library/base64.c
@@ -137,7 +137,7 @@
uint32_t j, x;
unsigned char *p;
- for( i = j = n = 0; i < slen; i++ )
+ for( i = n = j = 0; i < slen; i++ )
{
if( ( slen - i ) >= 2 &&
src[i] == '\r' && src[i + 1] == '\n' )
diff --git a/library/cipher.c b/library/cipher.c
index d14781b..5edc39a 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -216,7 +216,7 @@
#if defined(POLARSSL_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
{
- return gcm_starts( ctx->cipher_ctx, ctx->operation,
+ return gcm_starts( (gcm_context *) ctx->cipher_ctx, ctx->operation,
ctx->iv, ctx->iv_size, ad, ad_len );
}
#endif
@@ -257,7 +257,8 @@
if( ctx->cipher_info->mode == POLARSSL_MODE_GCM )
{
*olen = ilen;
- return gcm_update( ctx->cipher_ctx, ilen, input, output );
+ return gcm_update( (gcm_context *) ctx->cipher_ctx, ilen, input,
+ output );
}
#endif
@@ -414,7 +415,7 @@
static int get_pkcs_padding( unsigned char *input, size_t input_len,
size_t *data_len )
{
- unsigned int i, padding_len = 0;
+ size_t i, padding_len = 0;
if( NULL == input || NULL == data_len )
return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
@@ -487,7 +488,7 @@
static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
size_t *data_len )
{
- unsigned int i, padding_len = 0;
+ size_t i, padding_len = 0;
if( NULL == input || NULL == data_len )
return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
@@ -514,7 +515,7 @@
static void add_zeros_padding( unsigned char *output,
size_t output_len, size_t data_len )
{
- unsigned char i;
+ size_t i;
for( i = data_len; i < output_len; i++ )
output[i] = 0x00;
@@ -693,7 +694,7 @@
#if defined(POLARSSL_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
- return gcm_finish( ctx->cipher_ctx, tag, tag_len );
+ return gcm_finish( (gcm_context *) ctx->cipher_ctx, tag, tag_len );
#endif
return 0;
@@ -720,8 +721,11 @@
if( tag_len > sizeof( check_tag ) )
return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
- if( 0 != ( ret = gcm_finish( ctx->cipher_ctx, check_tag, tag_len ) ) )
+ if( 0 != ( ret = gcm_finish( (gcm_context *) ctx->cipher_ctx,
+ check_tag, tag_len ) ) )
+ {
return( ret );
+ }
/* Check the tag in "constant-time" */
for( diff = 0, i = 0; i < tag_len; i++ )
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 54fb791..53b8b54 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -108,7 +108,8 @@
unsigned char *p = buf, *iv;
aes_context aes_ctx;
- int i, j, buf_len, use_len;
+ int i, j;
+ size_t buf_len, use_len;
memset( buf, 0, CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16 );
@@ -150,11 +151,12 @@
for( i = 0; i < CTR_DRBG_BLOCKSIZE; i++ )
chain[i] ^= p[i];
p += CTR_DRBG_BLOCKSIZE;
- use_len -= CTR_DRBG_BLOCKSIZE;
+ use_len -= ( use_len >= CTR_DRBG_BLOCKSIZE ) ?
+ CTR_DRBG_BLOCKSIZE : use_len;
aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, chain, chain );
}
-
+
memcpy( tmp + j, chain, CTR_DRBG_BLOCKSIZE );
/*
diff --git a/library/dhm.c b/library/dhm.c
index dc815d9..e8aa819 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -276,9 +276,9 @@
* Don't use any blinding the first time a particular X is used,
* but remember it to use blinding next time.
*/
- if( mpi_cmp_mpi( &ctx->X, &ctx->_X ) != 0 )
+ if( mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 )
{
- MPI_CHK( mpi_copy( &ctx->_X, &ctx->X ) );
+ MPI_CHK( mpi_copy( &ctx->pX, &ctx->X ) );
MPI_CHK( mpi_lset( &ctx->Vi, 1 ) );
MPI_CHK( mpi_lset( &ctx->Vf, 1 ) );
@@ -384,7 +384,7 @@
*/
void dhm_free( dhm_context *ctx )
{
- mpi_free( &ctx->_X); mpi_free( &ctx->Vf ); mpi_free( &ctx->Vi );
+ mpi_free( &ctx->pX); mpi_free( &ctx->Vf ); mpi_free( &ctx->Vi );
mpi_free( &ctx->RP ); mpi_free( &ctx->K ); mpi_free( &ctx->GY );
mpi_free( &ctx->GX ); mpi_free( &ctx->X ); mpi_free( &ctx->G );
mpi_free( &ctx->P );
diff --git a/library/ecp.c b/library/ecp.c
index c8ee3a7..d3880be 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -70,28 +70,37 @@
/*
* List of supported curves:
* - internal ID
- * - TLS NamedCurve ID (RFC 4492 section 5.1.1)
+ * - TLS NamedCurve ID (RFC 4492 sec. 5.1.1, RFC 7071 sec. 2)
* - size in bits
- * - readeble name
+ * - readable name
*/
const ecp_curve_info ecp_supported_curves[] =
{
+#if defined(POLARSSL_ECP_DP_BP512R1_ENABLED)
+ { POLARSSL_ECP_DP_BP512R1, 28, 512, "brainpool512r1" },
+#endif
+#if defined(POLARSSL_ECP_DP_BP384R1_ENABLED)
+ { POLARSSL_ECP_DP_BP384R1, 27, 384, "brainpool384r1" },
+#endif
+#if defined(POLARSSL_ECP_DP_BP256R1_ENABLED)
+ { POLARSSL_ECP_DP_BP256R1, 26, 256, "brainpool256r1" },
+#endif
#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
- { POLARSSL_ECP_DP_SECP521R1, 25, 521, "secp521r1" },
+ { POLARSSL_ECP_DP_SECP521R1, 25, 521, "secp521r1" },
#endif
#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
- { POLARSSL_ECP_DP_SECP384R1, 24, 384, "secp384r1" },
+ { POLARSSL_ECP_DP_SECP384R1, 24, 384, "secp384r1" },
#endif
#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
- { POLARSSL_ECP_DP_SECP256R1, 23, 256, "secp256r1" },
+ { POLARSSL_ECP_DP_SECP256R1, 23, 256, "secp256r1" },
#endif
#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
- { POLARSSL_ECP_DP_SECP224R1, 21, 224, "secp224r1" },
+ { POLARSSL_ECP_DP_SECP224R1, 21, 224, "secp224r1" },
#endif
#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
- { POLARSSL_ECP_DP_SECP192R1, 19, 192, "secp192r1" },
+ { POLARSSL_ECP_DP_SECP192R1, 19, 192, "secp192r1" },
#endif
- { POLARSSL_ECP_DP_NONE, 0, 0, NULL },
+ { POLARSSL_ECP_DP_NONE, 0, 0, NULL },
};
/*
@@ -163,6 +172,7 @@
return;
mpi_free( &grp->P );
+ mpi_free( &grp->A );
mpi_free( &grp->B );
ecp_point_free( &grp->G );
mpi_free( &grp->N );
@@ -253,15 +263,16 @@
}
/*
- * Import an ECP group from ASCII strings
+ * Import an ECP group from ASCII strings, general case (A used)
*/
-int ecp_group_read_string( ecp_group *grp, int radix,
- const char *p, const char *b,
+static int ecp_group_read_string_gen( ecp_group *grp, int radix,
+ const char *p, const char *a, const char *b,
const char *gx, const char *gy, const char *n)
{
int ret;
MPI_CHK( mpi_read_string( &grp->P, radix, p ) );
+ MPI_CHK( mpi_read_string( &grp->A, radix, a ) );
MPI_CHK( mpi_read_string( &grp->B, radix, b ) );
MPI_CHK( ecp_point_read_string( &grp->G, radix, gx, gy ) );
MPI_CHK( mpi_read_string( &grp->N, radix, n ) );
@@ -270,6 +281,28 @@
grp->nbits = mpi_msb( &grp->N );
cleanup:
+ if( ret != 0 )
+ ecp_group_free( grp );
+
+ return( ret );
+}
+
+/*
+ * Import an ECP group from ASCII strings, case A == -3
+ */
+int ecp_group_read_string( ecp_group *grp, int radix,
+ const char *p, const char *b,
+ const char *gx, const char *gy, const char *n)
+{
+ int ret;
+
+ MPI_CHK( ecp_group_read_string_gen( grp, radix, p, "00", b, gx, gy, n ) );
+ MPI_CHK( mpi_add_int( &grp->A, &grp->P, -3 ) );
+
+cleanup:
+ if( ret != 0 )
+ ecp_group_free( grp );
+
return( ret );
}
@@ -409,7 +442,7 @@
/*
* write length to the first byte and update total length
*/
- buf[0] = *olen;
+ buf[0] = (unsigned char) *olen;
++*olen;
return 0;
@@ -647,6 +680,66 @@
"F709A5D03BB5C9B8899C47AEBB6FB71E91386409"
/*
+ * Domain parameters for brainpoolP256r1 (RFC 5639 3.4)
+ */
+#define BP256R1_P \
+ "A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377"
+#define BP256R1_A \
+ "7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9"
+#define BP256R1_B \
+ "26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6"
+#define BP256R1_GX \
+ "8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262"
+#define BP256R1_GY \
+ "547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997"
+#define BP256R1_N \
+ "A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7"
+
+/*
+ * Domain parameters for brainpoolP384r1 (RFC 5639 3.6)
+ */
+#define BP384R1_P \
+ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB711" \
+ "23ACD3A729901D1A71874700133107EC53"
+#define BP384R1_A \
+ "7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F9" \
+ "0F8AA5814A503AD4EB04A8C7DD22CE2826"
+#define BP384R1_B \
+ "04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62" \
+ "D57CB4390295DBC9943AB78696FA504C11"
+#define BP384R1_GX \
+ "1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10" \
+ "E8E826E03436D646AAEF87B2E247D4AF1E"
+#define BP384R1_GY \
+ "8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129" \
+ "280E4646217791811142820341263C5315"
+#define BP384R1_N \
+ "8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425" \
+ "A7CF3AB6AF6B7FC3103B883202E9046565"
+
+/*
+ * Domain parameters for brainpoolP512r1 (RFC 5639 3.7)
+ */
+#define BP512R1_P \
+ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308" \
+ "717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3"
+#define BP512R1_A \
+ "7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863" \
+ "BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA"
+#define BP512R1_B \
+ "3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117" \
+ "A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723"
+#define BP512R1_GX \
+ "81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D009" \
+ "8EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822"
+#define BP512R1_GY \
+ "7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F81" \
+ "11B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892"
+#define BP512R1_N \
+ "AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308" \
+ "70553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069"
+
+/*
* Set a group using well-known domain parameters
*/
int ecp_use_known_dp( ecp_group *grp, ecp_group_id id )
@@ -692,8 +785,29 @@
SECP521R1_GX, SECP521R1_GY, SECP521R1_N ) );
#endif /* POLARSSL_ECP_DP_SECP521R1_ENABLED */
+#if defined(POLARSSL_ECP_DP_BP256R1_ENABLED)
+ case POLARSSL_ECP_DP_BP256R1:
+ return( ecp_group_read_string_gen( grp, 16,
+ BP256R1_P, BP256R1_A, BP256R1_B,
+ BP256R1_GX, BP256R1_GY, BP256R1_N ) );
+#endif /* POLARSSL_ECP_DP_BP256R1_ENABLED */
+
+#if defined(POLARSSL_ECP_DP_BP384R1_ENABLED)
+ case POLARSSL_ECP_DP_BP384R1:
+ return( ecp_group_read_string_gen( grp, 16,
+ BP384R1_P, BP384R1_A, BP384R1_B,
+ BP384R1_GX, BP384R1_GY, BP384R1_N ) );
+#endif /* POLARSSL_ECP_DP_BP384R1_ENABLED */
+
+#if defined(POLARSSL_ECP_DP_BP512R1_ENABLED)
+ case POLARSSL_ECP_DP_BP512R1:
+ return( ecp_group_read_string_gen( grp, 16,
+ BP512R1_P, BP512R1_A, BP512R1_B,
+ BP512R1_GX, BP512R1_GY, BP512R1_N ) );
+#endif /* POLARSSL_ECP_DP_BP512R1_ENABLED */
+
default:
- grp->id = POLARSSL_ECP_DP_NONE;
+ ecp_group_free( grp );
return( POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE );
}
}
@@ -945,60 +1059,59 @@
return( ret );
}
-
/*
- * Point doubling R = 2 P, Jacobian coordinates (GECC 3.21)
+ * Point doubling R = 2 P, Jacobian coordinates
+ *
+ * http://www.hyperelliptic.org/EFD/g1p/auto-code/shortw/jacobian/doubling/dbl-2007-bl.op3
+ * with heavy variable renaming, some reordering and one minor modification
+ * (a = 2 * b, c = d - 2a replaced with c = d, c = c - b, c = c - b)
+ * in order to use a lot less intermediate variables (6 vs 25).
*/
static int ecp_double_jac( const ecp_group *grp, ecp_point *R,
const ecp_point *P )
{
int ret;
- mpi T1, T2, T3, X, Y, Z;
+ mpi T1, T2, T3, X3, Y3, Z3;
#if defined(POLARSSL_SELF_TEST)
dbl_count++;
#endif
- if( mpi_cmp_int( &P->Z, 0 ) == 0 )
- return( ecp_set_zero( R ) );
-
mpi_init( &T1 ); mpi_init( &T2 ); mpi_init( &T3 );
- mpi_init( &X ); mpi_init( &Y ); mpi_init( &Z );
+ mpi_init( &X3 ); mpi_init( &Y3 ); mpi_init( &Z3 );
- MPI_CHK( mpi_mul_mpi( &T1, &P->Z, &P->Z ) ); MOD_MUL( T1 );
- MPI_CHK( mpi_sub_mpi( &T2, &P->X, &T1 ) ); MOD_SUB( T2 );
- MPI_CHK( mpi_add_mpi( &T1, &P->X, &T1 ) ); MOD_ADD( T1 );
- MPI_CHK( mpi_mul_mpi( &T2, &T2, &T1 ) ); MOD_MUL( T2 );
- MPI_CHK( mpi_mul_int( &T2, &T2, 3 ) ); MOD_ADD( T2 );
- MPI_CHK( mpi_mul_int( &Y, &P->Y, 2 ) ); MOD_ADD( Y );
- MPI_CHK( mpi_mul_mpi( &Z, &Y, &P->Z ) ); MOD_MUL( Z );
- MPI_CHK( mpi_mul_mpi( &Y, &Y, &Y ) ); MOD_MUL( Y );
- MPI_CHK( mpi_mul_mpi( &T3, &Y, &P->X ) ); MOD_MUL( T3 );
- MPI_CHK( mpi_mul_mpi( &Y, &Y, &Y ) ); MOD_MUL( Y );
+ MPI_CHK( mpi_mul_mpi( &T3, &P->X, &P->X ) ); MOD_MUL( T3 );
+ MPI_CHK( mpi_mul_mpi( &T2, &P->Y, &P->Y ) ); MOD_MUL( T2 );
+ MPI_CHK( mpi_mul_mpi( &Y3, &T2, &T2 ) ); MOD_MUL( Y3 );
+ MPI_CHK( mpi_add_mpi( &X3, &P->X, &T2 ) ); MOD_ADD( X3 );
+ MPI_CHK( mpi_mul_mpi( &X3, &X3, &X3 ) ); MOD_MUL( X3 );
+ MPI_CHK( mpi_sub_mpi( &X3, &X3, &Y3 ) ); MOD_SUB( X3 );
+ MPI_CHK( mpi_sub_mpi( &X3, &X3, &T3 ) ); MOD_SUB( X3 );
+ MPI_CHK( mpi_mul_int( &T1, &X3, 2 ) ); MOD_ADD( T1 );
+ MPI_CHK( mpi_mul_mpi( &Z3, &P->Z, &P->Z ) ); MOD_MUL( Z3 );
+ MPI_CHK( mpi_mul_mpi( &X3, &Z3, &Z3 ) ); MOD_MUL( X3 );
+ MPI_CHK( mpi_mul_int( &T3, &T3, 3 ) ); MOD_ADD( T3 );
+ MPI_CHK( mpi_mul_mpi( &X3, &X3, &grp->A ) ); MOD_MUL( X3 );
+ MPI_CHK( mpi_add_mpi( &T3, &T3, &X3 ) ); MOD_ADD( T3 );
+ MPI_CHK( mpi_mul_mpi( &X3, &T3, &T3 ) ); MOD_MUL( X3 );
+ MPI_CHK( mpi_sub_mpi( &X3, &X3, &T1 ) ); MOD_SUB( X3 );
+ MPI_CHK( mpi_sub_mpi( &X3, &X3, &T1 ) ); MOD_SUB( X3 );
+ MPI_CHK( mpi_sub_mpi( &T1, &T1, &X3 ) ); MOD_SUB( T1 );
+ MPI_CHK( mpi_mul_mpi( &T1, &T3, &T1 ) ); MOD_MUL( T1 );
+ MPI_CHK( mpi_mul_int( &T3, &Y3, 8 ) ); MOD_ADD( T3 );
+ MPI_CHK( mpi_sub_mpi( &Y3, &T1, &T3 ) ); MOD_SUB( Y3 );
+ MPI_CHK( mpi_add_mpi( &T1, &P->Y, &P->Z ) ); MOD_ADD( T1 );
+ MPI_CHK( mpi_mul_mpi( &T1, &T1, &T1 ) ); MOD_MUL( T1 );
+ MPI_CHK( mpi_sub_mpi( &T1, &T1, &T2 ) ); MOD_SUB( T1 );
+ MPI_CHK( mpi_sub_mpi( &Z3, &T1, &Z3 ) ); MOD_SUB( Z3 );
- /*
- * For Y = Y / 2 mod p, we must make sure that Y is even before
- * using right-shift. No need to reduce mod p afterwards.
- */
- if( mpi_get_bit( &Y, 0 ) == 1 )
- MPI_CHK( mpi_add_mpi( &Y, &Y, &grp->P ) );
- MPI_CHK( mpi_shift_r( &Y, 1 ) );
-
- MPI_CHK( mpi_mul_mpi( &X, &T2, &T2 ) ); MOD_MUL( X );
- MPI_CHK( mpi_mul_int( &T1, &T3, 2 ) ); MOD_ADD( T1 );
- MPI_CHK( mpi_sub_mpi( &X, &X, &T1 ) ); MOD_SUB( X );
- MPI_CHK( mpi_sub_mpi( &T1, &T3, &X ) ); MOD_SUB( T1 );
- MPI_CHK( mpi_mul_mpi( &T1, &T1, &T2 ) ); MOD_MUL( T1 );
- MPI_CHK( mpi_sub_mpi( &Y, &T1, &Y ) ); MOD_SUB( Y );
-
- MPI_CHK( mpi_copy( &R->X, &X ) );
- MPI_CHK( mpi_copy( &R->Y, &Y ) );
- MPI_CHK( mpi_copy( &R->Z, &Z ) );
+ MPI_CHK( mpi_copy( &R->X, &X3 ) );
+ MPI_CHK( mpi_copy( &R->Y, &Y3 ) );
+ MPI_CHK( mpi_copy( &R->Z, &Z3 ) );
cleanup:
-
mpi_free( &T1 ); mpi_free( &T2 ); mpi_free( &T3 );
- mpi_free( &X ); mpi_free( &Y ); mpi_free( &Z );
+ mpi_free( &X3 ); mpi_free( &Y3 ); mpi_free( &Z3 );
return( ret );
}
@@ -1314,7 +1427,7 @@
{
int ret;
unsigned char w, m_is_odd, p_eq_g;
- size_t pre_len, naf_len, i, j;
+ size_t pre_len = 1, naf_len, i, j;
signed char naf[ MAX_NAF_LEN ];
ecp_point Q, *T = NULL, S[2];
mpi M;
@@ -1356,7 +1469,7 @@
if( w < 2 || w >= grp->nbits )
w = 2;
- pre_len = 1 << ( w - 1 );
+ pre_len <<= ( w - 1 );
naf_len = grp->nbits / w + 1;
/*
@@ -1365,7 +1478,8 @@
*/
if( ! p_eq_g || grp->T == NULL )
{
- if( ( T = polarssl_malloc( pre_len * sizeof( ecp_point ) ) ) == NULL )
+ T = (ecp_point *) polarssl_malloc( pre_len * sizeof( ecp_point ) );
+ if( T == NULL )
{
ret = POLARSSL_ERR_ECP_MALLOC_FAILED;
goto cleanup;
@@ -1495,13 +1609,13 @@
/*
* YY = Y^2
- * RHS = X (X^2 - 3) + B = X^3 - 3X + B
+ * RHS = X (X^2 + A) + B = X^3 + A X + B
*/
- MPI_CHK( mpi_mul_mpi( &YY, &pt->Y, &pt->Y ) ); MOD_MUL( YY );
- MPI_CHK( mpi_mul_mpi( &RHS, &pt->X, &pt->X ) ); MOD_MUL( RHS );
- MPI_CHK( mpi_sub_int( &RHS, &RHS, 3 ) ); MOD_SUB( RHS );
- MPI_CHK( mpi_mul_mpi( &RHS, &RHS, &pt->X ) ); MOD_MUL( RHS );
- MPI_CHK( mpi_add_mpi( &RHS, &RHS, &grp->B ) ); MOD_ADD( RHS );
+ MPI_CHK( mpi_mul_mpi( &YY, &pt->Y, &pt->Y ) ); MOD_MUL( YY );
+ MPI_CHK( mpi_mul_mpi( &RHS, &pt->X, &pt->X ) ); MOD_MUL( RHS );
+ MPI_CHK( mpi_add_mpi( &RHS, &RHS, &grp->A ) ); MOD_ADD( RHS );
+ MPI_CHK( mpi_mul_mpi( &RHS, &RHS, &pt->X ) ); MOD_MUL( RHS );
+ MPI_CHK( mpi_add_mpi( &RHS, &RHS, &grp->B ) ); MOD_ADD( RHS );
if( mpi_cmp_mpi( &YY, &RHS ) != 0 )
ret = POLARSSL_ERR_ECP_INVALID_KEY;
@@ -1566,6 +1680,7 @@
ecp_point R, P;
mpi m;
unsigned long add_c_prev, dbl_c_prev;
+ /* exponents especially adapted for secp192r1 */
const char *exponents[] =
{
"000000000000000000000000000000000000000000000000", /* zero */
@@ -1582,27 +1697,12 @@
ecp_point_init( &P );
mpi_init( &m );
+ /* Use secp192r1 if available, or any available curve */
#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP192R1 ) );
#else
-#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
- MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP224R1 ) );
-#else
-#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
- MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP256R1 ) );
-#else
-#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
- MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP384R1 ) );
-#else
-#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
- MPI_CHK( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_SECP521R1 ) );
-#else
-#error No curves defines
-#endif /* POLARSSL_ECP_DP_SECP512R1_ENABLED */
-#endif /* POLARSSL_ECP_DP_SECP384R1_ENABLED */
-#endif /* POLARSSL_ECP_DP_SECP256R1_ENABLED */
-#endif /* POLARSSL_ECP_DP_SECP224R1_ENABLED */
-#endif /* POLARSSL_ECP_DP_SECP192R1_ENABLED */
+ MPI_CHK( ecp_use_known_dp( &grp, ecp_curve_list()->grp_id ) );
+#endif
if( verbose != 0 )
printf( " ECP test #1 (constant op_count, base point G): " );
diff --git a/library/entropy_poll.c b/library/entropy_poll.c
index b5d9f78..eec8ec4 100644
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -59,7 +59,7 @@
return POLARSSL_ERR_ENTROPY_SOURCE_FAILED;
}
- if( CryptGenRandom( provider, len, output ) == FALSE )
+ if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
return POLARSSL_ERR_ENTROPY_SOURCE_FAILED;
CryptReleaseContext( provider, 0 );
diff --git a/library/error.c b/library/error.c
index a7e1467..ff6fb07 100644
--- a/library/error.c
+++ b/library/error.c
@@ -169,8 +169,13 @@
size_t len;
int use_ret;
+ if( buflen == 0 )
+ return;
+
memset( buf, 0x00, buflen );
-
+ /* Reduce buflen to make sure MSVC _snprintf() ends with \0 as well */
+ buflen -= 1;
+
if( ret < 0 )
ret = -ret;
@@ -674,7 +679,7 @@
#if defined(POLARSSL_ERROR_STRERROR_BC)
void error_strerror( int ret, char *buf, size_t buflen )
{
- return polarssl_strerror( ret, buf, buflen );
+ polarssl_strerror( ret, buf, buflen );
}
#endif /* POLARSSL_ERROR_STRERROR_BC */
@@ -698,7 +703,7 @@
#if defined(POLARSSL_ERROR_STRERROR_BC)
void error_strerror( int ret, char *buf, size_t buflen )
{
- return polarssl_strerror( ret, buf, buflen );
+ polarssl_strerror( ret, buf, buflen );
}
#endif /* POLARSSL_ERROR_STRERROR_BC */
#endif /* POLARSSL_ERROR_STRERROR_DUMMY */
diff --git a/library/net.c b/library/net.c
index 2b21c57..8eeabb9 100644
--- a/library/net.c
+++ b/library/net.c
@@ -137,7 +137,7 @@
if( ( server_host = gethostbyname( host ) ) == NULL )
return( POLARSSL_ERR_NET_UNKNOWN_HOST );
- if( ( *fd = socket( AF_INET, SOCK_STREAM, IPPROTO_IP ) ) < 0 )
+ if( ( *fd = (int) socket( AF_INET, SOCK_STREAM, IPPROTO_IP ) ) < 0 )
return( POLARSSL_ERR_NET_SOCKET_FAILED );
memcpy( (void *) &server_addr.sin_addr,
@@ -179,7 +179,7 @@
signal( SIGPIPE, SIG_IGN );
#endif
- if( ( *fd = socket( AF_INET, SOCK_STREAM, IPPROTO_IP ) ) < 0 )
+ if( ( *fd = (int) socket( AF_INET, SOCK_STREAM, IPPROTO_IP ) ) < 0 )
return( POLARSSL_ERR_NET_SOCKET_FAILED );
n = 1;
@@ -259,8 +259,8 @@
int n = (int) sizeof( client_addr );
#endif
- *client_fd = accept( bind_fd, (struct sockaddr *)
- &client_addr, &n );
+ *client_fd = (int) accept( bind_fd, (struct sockaddr *)
+ &client_addr, &n );
if( *client_fd < 0 )
{
diff --git a/library/oid.c b/library/oid.c
index 485fd4c..c9cfe48 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -406,6 +406,18 @@
POLARSSL_ECP_DP_SECP521R1,
},
{
+ { ADD_LEN( OID_EC_GRP_BP256R1 ), "brainpoolP256r1","brainpool256r1" },
+ POLARSSL_ECP_DP_BP256R1,
+ },
+ {
+ { ADD_LEN( OID_EC_GRP_BP384R1 ), "brainpoolP384r1","brainpool384r1" },
+ POLARSSL_ECP_DP_BP384R1,
+ },
+ {
+ { ADD_LEN( OID_EC_GRP_BP512R1 ), "brainpoolP512r1","brainpool512r1" },
+ POLARSSL_ECP_DP_BP512R1,
+ },
+ {
{ NULL, 0, NULL, NULL },
0,
},
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index a26bc08..6f22b09 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -68,7 +68,7 @@
return( POLARSSL_ERR_RSA_VERIFY_FAILED );
return( rsa_pkcs1_verify( (rsa_context *) ctx, NULL, NULL,
- RSA_PUBLIC, md_alg, hash_len, hash, sig ) );
+ RSA_PUBLIC, md_alg, (unsigned int) hash_len, hash, sig ) );
}
static int rsa_sign_wrap( void *ctx, md_type_t md_alg,
@@ -79,7 +79,7 @@
*sig_len = ((rsa_context *) ctx)->len;
return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, RSA_PRIVATE,
- md_alg, hash_len, hash, sig ) );
+ md_alg, (unsigned int) hash_len, hash, sig ) );
}
static int rsa_decrypt_wrap( void *ctx,
@@ -361,7 +361,7 @@
*sig_len = rsa_alt->key_len_func( rsa_alt->key );
return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, RSA_PRIVATE,
- md_alg, hash_len, hash, sig ) );
+ md_alg, (unsigned int) hash_len, hash, sig ) );
}
static int rsa_alt_decrypt_wrap( void *ctx,
diff --git a/library/pkcs12.c b/library/pkcs12.c
index 9ef557c..16821b0 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -225,7 +225,7 @@
const unsigned char *salt, size_t saltlen,
md_type_t md_type, int id, int iterations )
{
- int ret, i;
+ int ret;
unsigned int j;
unsigned char diversifier[128];
@@ -234,7 +234,7 @@
unsigned char *p;
unsigned char c;
- size_t hlen, use_len, v;
+ size_t hlen, use_len, v, i;
const md_info_t *md_info;
md_context_t md_ctx;
@@ -281,7 +281,7 @@
goto exit;
// Perform remaining ( iterations - 1 ) recursive hash calculations
- for( i = 1; i < iterations; i++ )
+ for( i = 1; i < (size_t) iterations; i++ )
{
if( ( ret = md( md_info, hash_output, hlen, hash_output ) ) != 0 )
goto exit;
diff --git a/library/pkcs5.c b/library/pkcs5.c
index c2aa06d..39aa5b9 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -269,7 +269,7 @@
use_len = ( key_length < md_size ) ? key_length : md_size;
memcpy( out_p, work, use_len );
- key_length -= use_len;
+ key_length -= (uint32_t) use_len;
out_p += use_len;
for( i = 4; i > 0; i-- )
diff --git a/library/pkwrite.c b/library/pkwrite.c
index a3e9c57..8b6d735 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -71,7 +71,7 @@
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
- return( len );
+ return( (int) len );
}
#endif /* POLARSSL_RSA_C */
@@ -99,7 +99,7 @@
*p -= len;
memcpy( *p, buf, len );
- return( len );
+ return( (int) len );
}
/*
@@ -120,7 +120,7 @@
ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
- return( len );
+ return( (int) len );
}
#endif /* POLARSSL_ECP_C */
@@ -142,7 +142,7 @@
#endif
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
- return( len );
+ return( (int) len );
}
int pk_write_pubkey_der( pk_context *key, unsigned char *buf, size_t size )
@@ -189,7 +189,7 @@
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
- return( len );
+ return( (int) len );
}
int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size )
@@ -273,7 +273,7 @@
#endif
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
- return( len );
+ return( (int) len );
}
#if defined(POLARSSL_PEM_WRITE_C)
@@ -312,7 +312,7 @@
{
int ret;
unsigned char output_buf[4096];
- char *begin, *end;
+ const char *begin, *end;
size_t olen = 0;
if( ( ret = pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 )
diff --git a/library/rsa.c b/library/rsa.c
index 1784379..210ea46 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -264,10 +264,14 @@
* DSS, and other systems. In : Advances in Cryptology—CRYPTO’96. Springer
* Berlin Heidelberg, 1996. p. 104-113.
*/
-static int rsa_prepare_blinding( rsa_context *ctx,
+static int rsa_prepare_blinding( rsa_context *ctx, mpi *Vi, mpi *Vf,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
- int ret;
+ int ret, count = 0;
+
+#if defined(POLARSSL_THREADING_C)
+ polarssl_mutex_lock( &ctx->mutex );
+#endif
if( ctx->Vf.p != NULL )
{
@@ -277,17 +281,34 @@
MPI_CHK( mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) );
MPI_CHK( mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->N ) );
- return( 0 );
+ goto done;
}
- /* Unblinding value: Vf = random number */
- MPI_CHK( mpi_fill_random( &ctx->Vf, ctx->len - 1, f_rng, p_rng ) );
+ /* Unblinding value: Vf = random number, invertible mod N */
+ do {
+ if( count++ > 10 )
+ return( POLARSSL_ERR_RSA_RNG_FAILED );
+
+ MPI_CHK( mpi_fill_random( &ctx->Vf, ctx->len - 1, f_rng, p_rng ) );
+ MPI_CHK( mpi_gcd( &ctx->Vi, &ctx->Vf, &ctx->N ) );
+ } while( mpi_cmp_int( &ctx->Vi, 1 ) != 0 );
/* Blinding value: Vi = Vf^(-e) mod N */
MPI_CHK( mpi_inv_mod( &ctx->Vi, &ctx->Vf, &ctx->N ) );
MPI_CHK( mpi_exp_mod( &ctx->Vi, &ctx->Vi, &ctx->E, &ctx->N, &ctx->RN ) );
+done:
+ if( Vi != &ctx->Vi )
+ {
+ MPI_CHK( mpi_copy( Vi, &ctx->Vi ) );
+ MPI_CHK( mpi_copy( Vf, &ctx->Vf ) );
+ }
+
cleanup:
+#if defined(POLARSSL_THREADING_C)
+ polarssl_mutex_unlock( &ctx->mutex );
+#endif
+
return( ret );
}
#endif
@@ -302,11 +323,27 @@
unsigned char *output )
{
int ret;
-#if defined(POLARSSL_THREADING_C)
- int locked = 0;
-#endif
size_t olen;
mpi T, T1, T2;
+#if !defined(POLARSSL_RSA_NO_CRT)
+ mpi *Vi, *Vf;
+
+ /*
+ * When using the Chinese Remainder Theorem, we use blinding values.
+ * Without threading, we just read them directly from the context,
+ * otherwise we make a local copy in order to reduce locking contention.
+ */
+#if defined(POLARSSL_THREADING_C)
+ mpi Vi_copy, Vf_copy;
+
+ mpi_init( &Vi_copy ); mpi_init( &Vf_copy );
+ Vi = &Vi_copy;
+ Vf = &Vf_copy;
+#else
+ Vi = &ctx->Vi;
+ Vf = &ctx->Vf;
+#endif
+#endif
mpi_init( &T ); mpi_init( &T1 ); mpi_init( &T2 );
@@ -318,20 +355,18 @@
}
#if defined(POLARSSL_RSA_NO_CRT)
+ ((void) f_rng);
+ ((void) p_rng);
MPI_CHK( mpi_exp_mod( &T, &T, &ctx->D, &ctx->N, &ctx->RN ) );
#else
if( f_rng != NULL )
{
-#if defined(POLARSSL_THREADING_C)
- polarssl_mutex_lock( &ctx->mutex );
- locked = 1;
-#endif
/*
* Blinding
* T = T * Vi mod N
*/
- MPI_CHK( rsa_prepare_blinding( ctx, f_rng, p_rng ) );
- MPI_CHK( mpi_mul_mpi( &T, &T, &ctx->Vi ) );
+ MPI_CHK( rsa_prepare_blinding( ctx, Vi, Vf, f_rng, p_rng ) );
+ MPI_CHK( mpi_mul_mpi( &T, &T, Vi ) );
MPI_CHK( mpi_mod_mpi( &T, &T, &ctx->N ) );
}
@@ -363,7 +398,7 @@
* Unblind
* T = T * Vf mod N
*/
- MPI_CHK( mpi_mul_mpi( &T, &T, &ctx->Vf ) );
+ MPI_CHK( mpi_mul_mpi( &T, &T, Vf ) );
MPI_CHK( mpi_mod_mpi( &T, &T, &ctx->N ) );
}
#endif
@@ -372,11 +407,10 @@
MPI_CHK( mpi_write_binary( &T, output, olen ) );
cleanup:
-#if defined(POLARSSL_THREADING_C)
- if( locked )
- polarssl_mutex_unlock( &ctx->mutex );
-#endif
mpi_free( &T ); mpi_free( &T1 ); mpi_free( &T2 );
+#if !defined(POLARSSL_RSA_NO_CRT) && defined(POLARSSL_THREADING_C)
+ mpi_free( &Vi_copy ); mpi_free( &Vf_copy );
+#endif
if( ret != 0 )
return( POLARSSL_ERR_RSA_PRIVATE_FAILED + ret );
@@ -984,11 +1018,11 @@
* Digest ::= OCTET STRING
*/
*p++ = ASN1_SEQUENCE | ASN1_CONSTRUCTED;
- *p++ = 0x08 + oid_size + hashlen;
+ *p++ = (unsigned char) ( 0x08 + oid_size + hashlen );
*p++ = ASN1_SEQUENCE | ASN1_CONSTRUCTED;
- *p++ = 0x04 + oid_size;
+ *p++ = (unsigned char) ( 0x04 + oid_size );
*p++ = ASN1_OID;
- *p++ = oid_size;
+ *p++ = oid_size & 0xFF;
memcpy( p, oid, oid_size );
p += oid_size;
*p++ = ASN1_NULL;
@@ -1321,8 +1355,10 @@
MPI_CHK( mpi_copy( &dst->RP, &src->RP ) );
MPI_CHK( mpi_copy( &dst->RQ, &src->RQ ) );
+#if !defined(POLARSSL_RSA_NO_CRT)
MPI_CHK( mpi_copy( &dst->Vi, &src->Vi ) );
MPI_CHK( mpi_copy( &dst->Vf, &src->Vf ) );
+#endif
dst->padding = src->padding;
dst->hash_id = src->padding;
@@ -1339,7 +1375,9 @@
*/
void rsa_free( rsa_context *ctx )
{
+#if !defined(POLARSSL_RSA_NO_CRT)
mpi_free( &ctx->Vi ); mpi_free( &ctx->Vf );
+#endif
mpi_free( &ctx->RQ ); mpi_free( &ctx->RP ); mpi_free( &ctx->RN );
mpi_free( &ctx->QP ); mpi_free( &ctx->DQ ); mpi_free( &ctx->DP );
mpi_free( &ctx->Q ); mpi_free( &ctx->P ); mpi_free( &ctx->D );
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index 7f532ec..781edb2 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -34,6 +34,10 @@
#include <stdlib.h>
+#if defined _MSC_VER && !defined strcasecmp
+#define strcasecmp _stricmp
+#endif
+
/*
* Ordered from most preferred to least preferred in terms of security.
*/
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 8032a68..b3521d3 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1776,7 +1776,7 @@
i = 6;
ret = dhm_make_public( &ssl->handshake->dhm_ctx,
- mpi_size( &ssl->handshake->dhm_ctx.P ),
+ (int) mpi_size( &ssl->handshake->dhm_ctx.P ),
&ssl->out_msg[i], n,
ssl->f_rng, ssl->p_rng );
if( ret != 0 )
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 0c491b4..5b35b94 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -541,7 +541,8 @@
if( ( curves = polarssl_malloc( our_size * sizeof( *curves ) ) ) == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
- memset( curves, 0, our_size * sizeof( *curves ) );
+ /* explicit void pointer cast for buggy MS compiler */
+ memset( (void *) curves, 0, our_size * sizeof( *curves ) );
ssl->handshake->curves = curves;
p = buf + 2;
@@ -1567,8 +1568,8 @@
#if defined(POLARSSL_HAVE_TIME)
time_t t;
#endif
- int ret, n;
- size_t olen, ext_len = 0;
+ int ret;
+ size_t olen, ext_len = 0, n;
unsigned char *buf, *p;
SSL_DEBUG_MSG( 2, ( "=> write server hello" ) );
@@ -1814,7 +1815,7 @@
p[1 + ct_len++] = SSL_CERT_TYPE_ECDSA_SIGN;
#endif
- p[0] = ct_len++;
+ p[0] = (unsigned char) ct_len++;
p += ct_len;
sa_len = 0;
@@ -1972,7 +1973,7 @@
}
if( ( ret = dhm_make_params( &ssl->handshake->dhm_ctx,
- mpi_size( &ssl->handshake->dhm_ctx.P ),
+ (int) mpi_size( &ssl->handshake->dhm_ctx.P ),
p,
&len, ssl->f_rng, ssl->p_rng ) ) != 0 )
{
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 7450d34..70c0836 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -80,7 +80,8 @@
{
int ret;
- if( ( dst->peer_cert = polarssl_malloc( sizeof(x509_crt) ) ) == NULL )
+ dst->peer_cert = (x509_crt *) polarssl_malloc( sizeof(x509_crt) );
+ if( dst->peer_cert == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
x509_crt_init( dst->peer_cert );
@@ -98,7 +99,8 @@
#if defined(POLARSSL_SSL_SESSION_TICKETS)
if( src->ticket != NULL )
{
- if( ( dst->ticket = polarssl_malloc( src->ticket_len ) ) == NULL )
+ dst->ticket = (unsigned char *) polarssl_malloc( src->ticket_len );
+ if( dst->ticket == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
memcpy( dst->ticket, src->ticket, src->ticket_len );
@@ -149,7 +151,7 @@
*/
for( i = 0; i < dlen / 16; i++ )
{
- memset( padding, 'A' + i, 1 + i );
+ memset( padding, (unsigned char) ('A' + i), 1 + i );
sha1_starts( &sha1 );
sha1_update( &sha1, padding, 1 + i );
@@ -362,7 +364,7 @@
unsigned char *key2;
unsigned char *mac_enc;
unsigned char *mac_dec;
- unsigned int iv_copy_len;
+ size_t iv_copy_len;
const cipher_info_t *cipher_info;
const md_info_t *md_info;
@@ -706,6 +708,18 @@
//
if( session->compression == SSL_COMPRESS_DEFLATE )
{
+ if( ssl->compress_buf == NULL )
+ {
+ SSL_DEBUG_MSG( 3, ( "Allocating compression buffer" ) );
+ ssl->compress_buf = polarssl_malloc( SSL_BUFFER_LEN );
+ if( ssl->compress_buf == NULL )
+ {
+ SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed",
+ SSL_BUFFER_LEN ) );
+ return( POLARSSL_ERR_SSL_MALLOC_FAILED );
+ }
+ }
+
SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) );
memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) );
@@ -1683,7 +1697,7 @@
* correctly. (We round down instead of up, so -56 is the correct
* value for our calculations instead of -55)
*/
- int j, extra_run = 0;
+ size_t j, extra_run = 0;
extra_run = ( 13 + ssl->in_msglen + padlen + 8 ) / 64 -
( 13 + ssl->in_msglen + 8 ) / 64;
@@ -1762,20 +1776,13 @@
int ret;
unsigned char *msg_post = ssl->out_msg;
size_t len_pre = ssl->out_msglen;
- unsigned char *msg_pre;
+ unsigned char *msg_pre = ssl->compress_buf;
SSL_DEBUG_MSG( 2, ( "=> compress buf" ) );
if( len_pre == 0 )
return( 0 );
- msg_pre = (unsigned char*) polarssl_malloc( len_pre );
- if( msg_pre == NULL )
- {
- SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len_pre ) );
- return( POLARSSL_ERR_SSL_MALLOC_FAILED );
- }
-
memcpy( msg_pre, ssl->out_msg, len_pre );
SSL_DEBUG_MSG( 3, ( "before compression: msglen = %d, ",
@@ -1798,8 +1805,6 @@
ssl->out_msglen = SSL_BUFFER_LEN - ssl->transform_out->ctx_deflate.avail_out;
- polarssl_free( msg_pre );
-
SSL_DEBUG_MSG( 3, ( "after compression: msglen = %d, ",
ssl->out_msglen ) );
@@ -1816,20 +1821,13 @@
int ret;
unsigned char *msg_post = ssl->in_msg;
size_t len_pre = ssl->in_msglen;
- unsigned char *msg_pre;
+ unsigned char *msg_pre = ssl->compress_buf;
SSL_DEBUG_MSG( 2, ( "=> decompress buf" ) );
if( len_pre == 0 )
return( 0 );
- msg_pre = (unsigned char*) polarssl_malloc( len_pre );
- if( msg_pre == NULL )
- {
- SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len_pre ) );
- return( POLARSSL_ERR_SSL_MALLOC_FAILED );
- }
-
memcpy( msg_pre, ssl->in_msg, len_pre );
SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %d, ",
@@ -1852,8 +1850,6 @@
ssl->in_msglen = SSL_MAX_CONTENT_LEN - ssl->transform_in->ctx_inflate.avail_out;
- polarssl_free( msg_pre );
-
SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %d, ",
ssl->in_msglen ) );
@@ -3238,17 +3234,26 @@
if( ssl->transform_negotiate )
ssl_transform_free( ssl->transform_negotiate );
else
- ssl->transform_negotiate = polarssl_malloc( sizeof(ssl_transform) );
+ {
+ ssl->transform_negotiate =
+ (ssl_transform *) polarssl_malloc( sizeof(ssl_transform) );
+ }
if( ssl->session_negotiate )
ssl_session_free( ssl->session_negotiate );
else
- ssl->session_negotiate = polarssl_malloc( sizeof(ssl_session) );
+ {
+ ssl->session_negotiate =
+ (ssl_session *) polarssl_malloc( sizeof(ssl_session) );
+ }
if( ssl->handshake )
ssl_handshake_free( ssl->handshake );
else
- ssl->handshake = polarssl_malloc( sizeof(ssl_handshake_params) );
+ {
+ ssl->handshake = (ssl_handshake_params *)
+ polarssl_malloc( sizeof(ssl_handshake_params) );
+ }
if( ssl->handshake == NULL ||
ssl->transform_negotiate == NULL ||
@@ -3439,7 +3444,8 @@
if( ssl->ticket_keys != NULL )
return( 0 );
- if( ( tkeys = polarssl_malloc( sizeof( ssl_ticket_keys ) ) ) == NULL )
+ tkeys = (ssl_ticket_keys *) polarssl_malloc( sizeof(ssl_ticket_keys) );
+ if( tkeys == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->key_name, 16 ) ) != 0 )
@@ -3571,7 +3577,8 @@
{
ssl_key_cert *key_cert, *last;
- if( ( key_cert = polarssl_malloc( sizeof( ssl_key_cert ) ) ) == NULL )
+ key_cert = (ssl_key_cert *) polarssl_malloc( sizeof(ssl_key_cert) );
+ if( key_cert == NULL )
return( NULL );
memset( key_cert, 0, sizeof( ssl_key_cert ) );
@@ -3622,7 +3629,8 @@
if( key_cert == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
- if( ( key_cert->key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL )
+ key_cert->key = (pk_context *) polarssl_malloc( sizeof(pk_context) );
+ if( key_cert->key == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
pk_init( key_cert->key );
@@ -3631,7 +3639,7 @@
if( ret != 0 )
return( ret );
- if( ( ret = rsa_copy( key_cert->key->pk_ctx, rsa_key ) ) != 0 )
+ if( ( ret = rsa_copy( pk_rsa( *key_cert->key ), rsa_key ) ) != 0 )
return( ret );
key_cert->cert = own_cert;
@@ -3653,7 +3661,8 @@
if( key_cert == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
- if( ( key_cert->key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL )
+ key_cert->key = (pk_context *) polarssl_malloc( sizeof(pk_context) );
+ if( key_cert->key == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
pk_init( key_cert->key );
@@ -3685,8 +3694,8 @@
ssl->psk_len = psk_len;
ssl->psk_identity_len = psk_identity_len;
- ssl->psk = polarssl_malloc( ssl->psk_len );
- ssl->psk_identity = polarssl_malloc( ssl->psk_identity_len );
+ ssl->psk = (unsigned char *) polarssl_malloc( ssl->psk_len );
+ ssl->psk_identity = (unsigned char *) polarssl_malloc( ssl->psk_identity_len );
if( ssl->psk == NULL || ssl->psk_identity == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
@@ -4271,7 +4280,8 @@
#endif
#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
- polarssl_free( handshake->curves );
+ /* explicit void pointer cast for buggy MS compiler */
+ polarssl_free( (void *) handshake->curves );
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C) && \
@@ -4332,6 +4342,14 @@
polarssl_free( ssl->in_ctr );
}
+#if defined(POLARSSL_ZLIB_SUPPORT)
+ if( ssl->compress_buf != NULL )
+ {
+ memset( ssl->compress_buf, 0, SSL_BUFFER_LEN );
+ polarssl_free( ssl->compress_buf );
+ }
+#endif
+
#if defined(POLARSSL_DHM_C)
mpi_free( &ssl->dhm_P );
mpi_free( &ssl->dhm_G );
diff --git a/library/threading.c b/library/threading.c
index e79348a..659aa7e 100644
--- a/library/threading.c
+++ b/library/threading.c
@@ -117,7 +117,7 @@
int (*polarssl_mutex_lock)( threading_mutex_t * ) = NULL;
int (*polarssl_mutex_unlock)( threading_mutex_t * ) = NULL;
-int threading_set_own( int (*mutex_init)( threading_mutex_t * ),
+int threading_set_alt( int (*mutex_init)( threading_mutex_t * ),
int (*mutex_free)( threading_mutex_t * ),
int (*mutex_lock)( threading_mutex_t * ),
int (*mutex_unlock)( threading_mutex_t * ) )
diff --git a/library/x509_create.c b/library/x509_create.c
index d7a1fee..4a15e7d 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c
@@ -36,7 +36,7 @@
int ret = 0;
char *s = name, *c = s;
char *end = s + strlen( s );
- char *oid = NULL;
+ const char *oid = NULL;
int in_tag = 1;
asn1_named_data *cur;
@@ -159,7 +159,7 @@
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | ASN1_SET ) );
- return( len );
+ return( (int) len );
}
int x509_write_names( unsigned char **p, unsigned char *start,
@@ -180,7 +180,7 @@
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
- return( len );
+ return( (int) len );
}
int x509_write_sig( unsigned char **p, unsigned char *start,
@@ -208,7 +208,7 @@
ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( p, start, oid,
oid_len, 0 ) );
- return( len );
+ return( (int) len );
}
static int x509_write_extension( unsigned char **p, unsigned char *start,
@@ -235,7 +235,7 @@
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
- return( len );
+ return( (int) len );
}
/*
@@ -261,7 +261,7 @@
cur_ext = cur_ext->next;
}
- return( len );
+ return( (int) len );
}
#endif /* POLARSSL_X509_CREATE_C */
diff --git a/library/x509_crt.c b/library/x509_crt.c
index e6c840c..0a22b87 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -940,7 +940,7 @@
WCHAR szDir[MAX_PATH];
char filename[MAX_PATH];
char *p;
- int len = strlen( path );
+ int len = (int) strlen( path );
WIN32_FIND_DATAW file_data;
HANDLE hFind;
@@ -958,7 +958,7 @@
w_ret = MultiByteToWideChar( CP_ACP, 0, path, len, szDir, MAX_PATH - 3 );
hFind = FindFirstFileW( szDir, &file_data );
- if (hFind == INVALID_HANDLE_VALUE)
+ if (hFind == INVALID_HANDLE_VALUE)
return( POLARSSL_ERR_X509_FILE_IO_ERROR );
len = MAX_PATH - len;
@@ -982,12 +982,12 @@
}
while( FindNextFileW( hFind, &file_data ) != 0 );
- if (GetLastError() != ERROR_NO_MORE_FILES)
+ if (GetLastError() != ERROR_NO_MORE_FILES)
ret = POLARSSL_ERR_X509_FILE_IO_ERROR;
-cleanup:
FindClose( hFind );
-#else
+#else /* _WIN32 */
+#if defined(POLARSSL_HAVE_READDIR_R)
int t_ret, i;
struct stat sb;
struct dirent entry, *result = NULL;
@@ -1024,7 +1024,12 @@
ret += t_ret;
}
closedir( dir );
-#endif
+#else /* POLARSSL_HAVE_READDIR_R */
+ ((void) chain);
+ ((void) path);
+ ret = POLARSSL_ERR_X509_FEATURE_UNAVAILABLE;
+#endif /* POLARSSL_HAVE_READDIR_R */
+#endif /* _WIN32 */
return( ret );
}
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 1761c1f..c3db3c4 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -61,6 +61,11 @@
memset( ctx, 0, sizeof(x509write_cert) );
}
+void x509write_crt_set_version( x509write_cert *ctx, int version )
+{
+ ctx->version = version;
+}
+
void x509write_crt_set_md_alg( x509write_cert *ctx, md_type_t md_alg )
{
ctx->md_alg = md_alg;
@@ -265,7 +270,7 @@
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_GENERALIZED_TIME ) );
}
- return( len );
+ return( (int) len );
}
int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
@@ -391,7 +396,7 @@
ASN1_CHK_ADD( len, asn1_write_len( &c2, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c2, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
- return( len );
+ return( (int) len );
}
#define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n"
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index 1eb2afb..febed67 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -209,7 +209,7 @@
ASN1_CHK_ADD( len, asn1_write_len( &c2, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c2, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
- return( len );
+ return( (int) len );
}
#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n"
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index c7f7f82..4d5a06b 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -49,9 +49,13 @@
#include "polarssl/ecdsa.h"
#include "polarssl/ecdh.h"
+#if defined _MSC_VER && !defined snprintf
+#define snprintf _snprintf
+#endif
+
#define BUFSIZE 1024
-#define HEADER_FORMAT " %-16s : "
-#define TITLE_LEN 17
+#define HEADER_FORMAT " %-18s : "
+#define TITLE_LEN 19
#if !defined(POLARSSL_TIMING_C)
int main( int argc, char *argv[] )
diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt
index 9a3e7e6..61f63cf 100644
--- a/scripts/data_files/error.fmt
+++ b/scripts/data_files/error.fmt
@@ -42,8 +42,13 @@
size_t len;
int use_ret;
+ if( buflen == 0 )
+ return;
+
memset( buf, 0x00, buflen );
-
+ /* Reduce buflen to make sure MSVC _snprintf() ends with \0 as well */
+ buflen -= 1;
+
if( ret < 0 )
ret = -ret;
@@ -91,7 +96,7 @@
#if defined(POLARSSL_ERROR_STRERROR_BC)
void error_strerror( int ret, char *buf, size_t buflen )
{
- return polarssl_strerror( ret, buf, buflen );
+ polarssl_strerror( ret, buf, buflen );
}
#endif /* POLARSSL_ERROR_STRERROR_BC */
@@ -115,7 +120,7 @@
#if defined(POLARSSL_ERROR_STRERROR_BC)
void error_strerror( int ret, char *buf, size_t buflen )
{
- return polarssl_strerror( ret, buf, buflen );
+ polarssl_strerror( ret, buf, buflen );
}
#endif /* POLARSSL_ERROR_STRERROR_BC */
#endif /* POLARSSL_ERROR_STRERROR_DUMMY */
diff --git a/tests/data_files/ec_bp256_prv.pem b/tests/data_files/ec_bp256_prv.pem
new file mode 100644
index 0000000..9d6a867
--- /dev/null
+++ b/tests/data_files/ec_bp256_prv.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHgCAQEEICFh1vLbdlJvpiwW81aoDwHzL3dnhLNqqZeZqLdmIID/oAsGCSskAwMC
+CAEBB6FEA0IABHaMjK5KvKYwbbDtgbDEpiFcN4Bm7G1hbBRuE/HH34CblqtpEcJ9
+igIznwkmhA5VI209HvviZp0JDkxMZg+tqR0=
+-----END EC PRIVATE KEY-----
diff --git a/tests/data_files/ec_bp256_pub.pem b/tests/data_files/ec_bp256_pub.pem
new file mode 100644
index 0000000..f738623
--- /dev/null
+++ b/tests/data_files/ec_bp256_pub.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABHaMjK5KvKYwbbDtgbDEpiFcN4Bm
+7G1hbBRuE/HH34CblqtpEcJ9igIznwkmhA5VI209HvviZp0JDkxMZg+tqR0=
+-----END PUBLIC KEY-----
diff --git a/tests/data_files/ec_bp384_prv.pem b/tests/data_files/ec_bp384_prv.pem
new file mode 100644
index 0000000..34e82db
--- /dev/null
+++ b/tests/data_files/ec_bp384_prv.pem
@@ -0,0 +1,6 @@
+-----BEGIN EC PRIVATE KEY-----
+MIGoAgEBBDA92S51DZDX05/BiFzYrRLqlEHyK5M0tNllICrbFEjOJMWAioXdmvwi
+mvCjEk91W8ugCwYJKyQDAwIIAQELoWQDYgAEcZ+dCTpifg01A4XGYc6/AMYZI1Zv
+6QBqMQevHYcbxrtomF/XIuoyvjFvjng7fNGVd4X2bPwMsZXdXJmo56uqhIVTpYTf
+0rSOdtRF/gDdi+WQlth31GltI7S8jbFHJOZq
+-----END EC PRIVATE KEY-----
diff --git a/tests/data_files/ec_bp384_pub.pem b/tests/data_files/ec_bp384_pub.pem
new file mode 100644
index 0000000..eb202e2
--- /dev/null
+++ b/tests/data_files/ec_bp384_pub.pem
@@ -0,0 +1,5 @@
+-----BEGIN PUBLIC KEY-----
+MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABHGfnQk6Yn4NNQOFxmHOvwDGGSNW
+b+kAajEHrx2HG8a7aJhf1yLqMr4xb454O3zRlXeF9mz8DLGV3VyZqOerqoSFU6WE
+39K0jnbURf4A3YvlkJbYd9RpbSO0vI2xRyTmag==
+-----END PUBLIC KEY-----
diff --git a/tests/data_files/ec_bp512_prv.pem b/tests/data_files/ec_bp512_prv.pem
new file mode 100644
index 0000000..a30c622
--- /dev/null
+++ b/tests/data_files/ec_bp512_prv.pem
@@ -0,0 +1,7 @@
+-----BEGIN EC PRIVATE KEY-----
+MIHaAgEBBEA3LJd49p9ybLyj9KJo8WtNYX0QKA15pqApzVGHn+EBKTTf5TlUVTN9
+9pBtx9bS7qTbsgZcAij3Oz7XFkgOfXHSoAsGCSskAwMCCAEBDaGBhQOBggAEOLfs
+krYcXGx/vCik7HWdSPzU4uN03v1cSWilTb73UQ5ReIb7/DjqOapSk1nXCnFWw108
+usfOd2vbJR3WS85xI0Qk7nBJ7tBy8NvE15mW4XXVV+JjdjrpcJXAgec+fbLjitw9
+TJoEh7Ht6HbcH8phyQLpodhyK4YSko8YokhFWRo=
+-----END EC PRIVATE KEY-----
diff --git a/tests/data_files/ec_bp512_pub.pem b/tests/data_files/ec_bp512_pub.pem
new file mode 100644
index 0000000..ff5d072
--- /dev/null
+++ b/tests/data_files/ec_bp512_pub.pem
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGbMBQGByqGSM49AgEGCSskAwMCCAEBDQOBggAEOLfskrYcXGx/vCik7HWdSPzU
+4uN03v1cSWilTb73UQ5ReIb7/DjqOapSk1nXCnFWw108usfOd2vbJR3WS85xI0Qk
+7nBJ7tBy8NvE15mW4XXVV+JjdjrpcJXAgec+fbLjitw9TJoEh7Ht6HbcH8phyQLp
+odhyK4YSko8YokhFWRo=
+-----END PUBLIC KEY-----
diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index 051264e..e5386bd 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -197,7 +197,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void aes_selftest()
{
TEST_ASSERT( aes_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_arc4.function b/tests/suites/test_suite_arc4.function
index 759b0c2..73df59e 100644
--- a/tests/suites/test_suite_arc4.function
+++ b/tests/suites/test_suite_arc4.function
@@ -34,7 +34,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void arc4_selftest()
{
TEST_ASSERT( arc4_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function
index 6ac2f31..27b6c13 100644
--- a/tests/suites/test_suite_base64.function
+++ b/tests/suites/test_suite_base64.function
@@ -47,7 +47,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void base64_selftest()
{
TEST_ASSERT( base64_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_camellia.function b/tests/suites/test_suite_camellia.function
index 55f6e7a..59785d2 100644
--- a/tests/suites/test_suite_camellia.function
+++ b/tests/suites/test_suite_camellia.function
@@ -197,7 +197,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void camellia_selftest()
{
TEST_ASSERT( camellia_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 81188ae..b8f1df3 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -487,7 +487,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void cipher_selftest()
{
TEST_ASSERT( cipher_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_des.function b/tests/suites/test_suite_des.function
index 5c5c1c9..ee327c9 100644
--- a/tests/suites/test_suite_des.function
+++ b/tests/suites/test_suite_des.function
@@ -314,7 +314,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void des_selftest()
{
TEST_ASSERT( des_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function
index 6161b4c..d66998f 100644
--- a/tests/suites/test_suite_dhm.function
+++ b/tests/suites/test_suite_dhm.function
@@ -97,7 +97,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void dhm_selftest()
{
TEST_ASSERT( dhm_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data
index 1b4d14a..9eb302b 100644
--- a/tests/suites/test_suite_ecp.data
+++ b/tests/suites/test_suite_ecp.data
@@ -281,5 +281,17 @@
depends_on:POLARSSL_ECP_DP_SECP521R1_ENABLED
ecp_test_vect:POLARSSL_ECP_DP_SECP521R1:"0113F82DA825735E3D97276683B2B74277BAD27335EA71664AF2430CC4F33459B9669EE78B3FFB9B8683015D344DCBFEF6FB9AF4C6C470BE254516CD3C1A1FB47362":"01EBB34DD75721ABF8ADC9DBED17889CBB9765D90A7C60F2CEF007BB0F2B26E14881FD4442E689D61CB2DD046EE30E3FFD20F9A45BBDF6413D583A2DBF59924FD35C":"00F6B632D194C0388E22D8437E558C552AE195ADFD153F92D74908351B2F8C4EDA94EDB0916D1B53C020B5EECAED1A5FC38A233E4830587BB2EE3489B3B42A5A86A4":"00CEE3480D8645A17D249F2776D28BAE616952D1791FDB4B70F7C3378732AA1B22928448BCD1DC2496D435B01048066EBE4F72903C361B1A9DC1193DC2C9D0891B96":"010EBFAFC6E85E08D24BFFFCC1A4511DB0E634BEEB1B6DEC8C5939AE44766201AF6200430BA97C8AC6A0E9F08B33CE7E9FEEB5BA4EE5E0D81510C24295B8A08D0235":"00A4A6EC300DF9E257B0372B5E7ABFEF093436719A77887EBB0B18CF8099B9F4212B6E30A1419C18E029D36863CC9D448F4DBA4D2A0E60711BE572915FBD4FEF2695":"00CDEA89621CFA46B132F9E4CFE2261CDE2D4368EB5656634C7CC98C7A00CDE54ED1866A0DD3E6126C9D2F845DAFF82CEB1DA08F5D87521BB0EBECA77911169C20CC":"00F9A71641029B7FC1A808AD07CD4861E868614B865AFBECAB1F2BD4D8B55EBCB5E3A53143CEB2C511B1AE0AF5AC827F60F2FD872565AC5CA0A164038FE980A7E4BD"
+ECP test vectors brainpoolP256r1 rfc 7027
+depends_on:POLARSSL_ECP_DP_BP256R1_ENABLED
+ecp_test_vect:POLARSSL_ECP_DP_BP256R1:"81DB1EE100150FF2EA338D708271BE38300CB54241D79950F77B063039804F1D":"44106E913F92BC02A1705D9953A8414DB95E1AAA49E81D9E85F929A8E3100BE5":"8AB4846F11CACCB73CE49CBDD120F5A900A69FD32C272223F789EF10EB089BDC":"55E40BC41E37E3E2AD25C3C6654511FFA8474A91A0032087593852D3E7D76BD3":"8D2D688C6CF93E1160AD04CC4429117DC2C41825E1E9FCA0ADDD34E6F1B39F7B":"990C57520812BE512641E47034832106BC7D3E8DD0E4C7F1136D7006547CEC6A":"89AFC39D41D3B327814B80940B042590F96556EC91E6AE7939BCE31F3A18BF2B":"49C27868F4ECA2179BFD7D59B1E3BF34C1DBDE61AE12931648F43E59632504DE"
+
+ECP test vectors brainpoolP384r1 rfc 7027
+depends_on:POLARSSL_ECP_DP_BP384R1_ENABLED
+ecp_test_vect:POLARSSL_ECP_DP_BP384R1:"1E20F5E048A5886F1F157C74E91BDE2B98C8B52D58E5003D57053FC4B0BD65D6F15EB5D1EE1610DF870795143627D042":"68B665DD91C195800650CDD363C625F4E742E8134667B767B1B476793588F885AB698C852D4A6E77A252D6380FCAF068":"55BC91A39C9EC01DEE36017B7D673A931236D2F1F5C83942D049E3FA20607493E0D038FF2FD30C2AB67D15C85F7FAA59":"032640BC6003C59260F7250C3DB58CE647F98E1260ACCE4ACDA3DD869F74E01F8BA5E0324309DB6A9831497ABAC96670":"4D44326F269A597A5B58BBA565DA5556ED7FD9A8A9EB76C25F46DB69D19DC8CE6AD18E404B15738B2086DF37E71D1EB4":"62D692136DE56CBE93BF5FA3188EF58BC8A3A0EC6C1E151A21038A42E9185329B5B275903D192F8D4E1F32FE9CC78C48":"0BD9D3A7EA0B3D519D09D8E48D0785FB744A6B355E6304BC51C229FBBCE239BBADF6403715C35D4FB2A5444F575D4F42":"0DF213417EBE4D8E40A5F76F66C56470C489A3478D146DECF6DF0D94BAE9E598157290F8756066975F1DB34B2324B7BD"
+
+ECP test vectors brainpoolP512r1 rfc 7027
+depends_on:POLARSSL_ECP_DP_BP512R1_ENABLED
+ecp_test_vect:POLARSSL_ECP_DP_BP512R1:"16302FF0DBBB5A8D733DAB7141C1B45ACBC8715939677F6A56850A38BD87BD59B09E80279609FF333EB9D4C061231FB26F92EEB04982A5F1D1764CAD57665422":"0A420517E406AAC0ACDCE90FCD71487718D3B953EFD7FBEC5F7F27E28C6149999397E91E029E06457DB2D3E640668B392C2A7E737A7F0BF04436D11640FD09FD":"72E6882E8DB28AAD36237CD25D580DB23783961C8DC52DFA2EC138AD472A0FCEF3887CF62B623B2A87DE5C588301EA3E5FC269B373B60724F5E82A6AD147FDE7":"230E18E1BCC88A362FA54E4EA3902009292F7F8033624FD471B5D8ACE49D12CFABBC19963DAB8E2F1EBA00BFFB29E4D72D13F2224562F405CB80503666B25429":"9D45F66DE5D67E2E6DB6E93A59CE0BB48106097FF78A081DE781CDB31FCE8CCBAAEA8DD4320C4119F1E9CD437A2EAB3731FA9668AB268D871DEDA55A5473199F":"2FDC313095BCDD5FB3A91636F07A959C8E86B5636A1E930E8396049CB481961D365CC11453A06C719835475B12CB52FC3C383BCE35E27EF194512B71876285FA":"A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F":"7DB71C3DEF63212841C463E881BDCF055523BD368240E6C3143BD8DEF8B3B3223B95E0F53082FF5E412F4222537A43DF1C6D25729DDB51620A832BE6A26680A2"
+
ECP selftest
ecp_selftest:
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index 11221a1..6981f47 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -515,7 +515,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void ecp_selftest()
{
TEST_ASSERT( ecp_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function
index 349945a..b131e7a 100644
--- a/tests/suites/test_suite_gcm.function
+++ b/tests/suites/test_suite_gcm.function
@@ -108,7 +108,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void gcm_selftest()
{
TEST_ASSERT( gcm_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_mdx.function b/tests/suites/test_suite_mdx.function
index 649a711..e9a8347 100644
--- a/tests/suites/test_suite_mdx.function
+++ b/tests/suites/test_suite_mdx.function
@@ -187,21 +187,21 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_MD2_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_MD2_C:POLARSSL_SELF_TEST */
void md2_selftest()
{
TEST_ASSERT( md2_self_test( 0 ) == 0 );
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_MD4_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_MD4_C:POLARSSL_SELF_TEST */
void md4_selftest()
{
TEST_ASSERT( md4_self_test( 0 ) == 0 );
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_MD5_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_MD5_C:POLARSSL_SELF_TEST */
void md5_selftest()
{
TEST_ASSERT( md5_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function
index 7285749..e08b48d 100644
--- a/tests/suites/test_suite_mpi.function
+++ b/tests/suites/test_suite_mpi.function
@@ -681,7 +681,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void mpi_selftest()
{
TEST_ASSERT( mpi_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data
index 8434efb..dc13fdb 100644
--- a/tests/suites/test_suite_pkparse.data
+++ b/tests/suites/test_suite_pkparse.data
@@ -130,6 +130,18 @@
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP521R1_ENABLED
pk_parse_public_keyfile_ec:"data_files/ec_521_pub.pem":0
+Parse Public EC Key #7 (RFC 5480, brainpoolP256r1)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_BP256R1_ENABLED
+pk_parse_public_keyfile_ec:"data_files/ec_bp256_pub.pem":0
+
+Parse Public EC Key #8 (RFC 5480, brainpoolP384r1)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_BP384R1_ENABLED
+pk_parse_public_keyfile_ec:"data_files/ec_bp384_pub.pem":0
+
+Parse Public EC Key #9 (RFC 5480, brainpoolP512r1)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_BP512R1_ENABLED
+pk_parse_public_keyfile_ec:"data_files/ec_bp512_pub.pem":0
+
Parse EC Key #1 (SEC1 DER)
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP192R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_prv.sec1.der":"NULL":0
@@ -174,6 +186,18 @@
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP521R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_521_prv.pem":"NULL":0
+Parse EC Key #12 (SEC1 PEM, bp256r1)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_BP256R1_ENABLED
+pk_parse_keyfile_ec:"data_files/ec_bp256_prv.pem":"NULL":0
+
+Parse EC Key #13 (SEC1 PEM, bp384r1)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_BP384R1_ENABLED
+pk_parse_keyfile_ec:"data_files/ec_bp384_prv.pem":"NULL":0
+
+Parse EC Key #14 (SEC1 PEM, bp512r1)
+depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_BP512R1_ENABLED
+pk_parse_keyfile_ec:"data_files/ec_bp512_prv.pem":"NULL":0
+
Key ASN1 (Incorrect first tag)
pk_parse_key_rsa:"":"":POLARSSL_ERR_PK_KEY_INVALID_FORMAT
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index 9bc8a24..29651cc 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -532,7 +532,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void rsa_selftest()
{
TEST_ASSERT( rsa_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function
index 6449881..73190dc 100644
--- a/tests/suites/test_suite_shax.function
+++ b/tests/suites/test_suite_shax.function
@@ -189,21 +189,21 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SHA1_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SHA1_C:POLARSSL_SELF_TEST */
void sha1_selftest()
{
TEST_ASSERT( sha1_self_test( 0 ) == 0 );
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SHA256_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SHA256_C:POLARSSL_SELF_TEST */
void sha256_selftest()
{
TEST_ASSERT( sha256_self_test( 0 ) == 0 );
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SHA512_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SHA512_C:POLARSSL_SELF_TEST */
void sha512_selftest()
{
TEST_ASSERT( sha512_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 2add9e3..ff57058 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -224,7 +224,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C:POLARSSL_SELF_TEST */
void x509_selftest()
{
TEST_ASSERT( x509_self_test( 0 ) == 0 );
diff --git a/tests/suites/test_suite_xtea.function b/tests/suites/test_suite_xtea.function
index fd6189c..091752f 100644
--- a/tests/suites/test_suite_xtea.function
+++ b/tests/suites/test_suite_xtea.function
@@ -59,7 +59,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:POLARSSL_SELFTEST_C */
+/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
void xtea_selftest()
{
TEST_ASSERT( xtea_self_test( 0 ) == 0 );