Merge remote-tracking branch 'upstream-public/pr/1294' into development
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 3e47224..ca4cba2 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -126,8 +126,8 @@
endif()
ADD_CUSTOM_TARGET(apidoc
- COMMAND doxygen doxygen/mbedtls.doxyfile
- WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
+ COMMAND doxygen mbedtls.doxyfile
+ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/doxygen)
if(ENABLE_TESTING)
enable_testing()
diff --git a/ChangeLog b/ChangeLog
index e60ca14..a5776c0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,23 +28,14 @@
The following functions from the ECDSA module can be replaced
with alternative implementation:
mbedtls_ecdsa_sign(), mbedtls_ecdsa_verify() and mbedtls_ecdsa_genkey().
- * Add support for alternative implementation for ECDH, controlled by new
- configuration flags MBEDTLS_ECDH_COMPUTE_SHARED_ALT and
+ * Add support for alternative implementation of ECDH, controlled by the
+ new configuration flags MBEDTLS_ECDH_COMPUTE_SHARED_ALT and
MBEDTLS_ECDH_GEN_PUBLIC_ALT in config.h.
The following functions from the ECDH module can be replaced
with an alternative implementation:
mbedtls_ecdh_gen_public() and mbedtls_ecdh_compute_shared().
-
-New deprecations
- * Deprecate usage of RSA primitives with non-matching key-type
- (e.g., signing with a public key).
- * Direct manipulation of structure fields of RSA contexts is deprecated.
- Users are advised to use the extended RSA API instead.
- * Deprecate usage of message digest functions that return void
- (mbedtls_<MODULE>_starts, mbedtls_<MODULE>_update,
- mbedtls_<MODULE>_finish and mbedtls_<MODULE>_process where <MODULE> is
- any of MD2, MD4, MD5, SHA1, SHA256, SHA512) in favor of functions
- that can return an error code.
+ * Add support for alternative implementation of ECJPAKE, controlled by
+ the new configuration flag MBEDTLS_ECJPAKE_ALT.
API Changes
* Extend RSA interface by multiple functions allowing structure-
@@ -65,6 +56,17 @@
mbedtls_<MODULE>_finish() -> mbedtls_<MODULE>_finish_ret()
mbedtls_<MODULE>_process() -> mbedtls_internal_<MODULE>_process()
+New deprecations
+ * Deprecate usage of RSA primitives with non-matching key-type
+ (e.g., signing with a public key).
+ * Direct manipulation of structure fields of RSA contexts is deprecated.
+ Users are advised to use the extended RSA API instead.
+ * Deprecate usage of message digest functions that return void
+ (mbedtls_<MODULE>_starts, mbedtls_<MODULE>_update,
+ mbedtls_<MODULE>_finish and mbedtls_<MODULE>_process where <MODULE> is
+ any of MD2, MD4, MD5, SHA1, SHA256, SHA512) in favor of functions
+ that can return an error code.
+
Bugfix
* Fix ssl_parse_record_header() to silently discard invalid DTLS records
as recommended in RFC 6347 Section 4.1.2.7.
@@ -114,6 +116,12 @@
RSA test suite where the failure of CTR DRBG initialization lead to
freeing an RSA context and several MPI's without proper initialization
beforehand.
+ * Fix error message in programs/pkey/gen_key.c. Found and fixed by Chris Xue.
+ * Fix programs/pkey/dh_server.c so that it actually works with dh_client.c.
+ Found and fixed by Martijn de Milliano.
+ * Fix bug in cipher decryption with MBEDTLS_PADDING_ONE_AND_ZEROS that
+ sometimes accepted invalid padding. (Not used in TLS.) Found and fixed
+ by Micha Kraus.
* Fix the entropy.c module to not call mbedtls_sha256_starts() or
mbedtls_sha512_starts() in the mbedtls_entropy_init() function.
* Fix the entropy.c module to ensure that mbedtls_sha256_init() or
@@ -133,6 +141,7 @@
* Only run AES-192 self-test if AES-192 is available. Fixes #963.
* Tighten the RSA PKCS#1 v1.5 signature verification code and remove the
undeclared dependency of the RSA module on the ASN.1 module.
+ * Add mechanism to provide alternative implementation of the DHM module.
* Update all internal usage of deprecated message digest functions to the
new ones with return codes. In particular, this modifies the
mbedtls_md_info_t structure. Propagate errors from these functions
diff --git a/Makefile b/Makefile
index d475868..c18b99b 100644
--- a/Makefile
+++ b/Makefile
@@ -103,7 +103,7 @@
apidoc:
mkdir -p apidoc
- doxygen doxygen/mbedtls.doxyfile
+ cd doxygen && doxygen mbedtls.doxyfile
apidoc_clean:
rm -rf apidoc
diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h
index aee10b8..a783e6b 100644
--- a/configs/config-ccm-psk-tls1_2.h
+++ b/configs/config-ccm-psk-tls1_2.h
@@ -1,6 +1,9 @@
-/*
- * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites
+/**
+ * \file config-ccm-psk-tls1_2.h
*
+ * \brief Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/configs/config-mini-tls1_1.h b/configs/config-mini-tls1_1.h
index e22363d..013bc03 100644
--- a/configs/config-mini-tls1_1.h
+++ b/configs/config-mini-tls1_1.h
@@ -1,6 +1,9 @@
-/*
- * Minimal configuration for TLS 1.1 (RFC 4346)
+/**
+ * \file config-mini-tls1_1.h
*
+ * \brief Minimal configuration for TLS 1.1 (RFC 4346)
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h
index 7375860..b4a0930 100644
--- a/configs/config-no-entropy.h
+++ b/configs/config-no-entropy.h
@@ -1,6 +1,9 @@
/**
- * Minimal configuration of features that do not require an entropy source
+ * \file config-no-entropy.h
*
+ * \brief Minimal configuration of features that do not require an entropy source
+ */
+/*
* Copyright (C) 2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/configs/config-picocoin.h b/configs/config-picocoin.h
index 26b24a9..5d41f28 100644
--- a/configs/config-picocoin.h
+++ b/configs/config-picocoin.h
@@ -1,6 +1,9 @@
-/*
- * Reduced configuration used by Picocoin.
+/**
+ * \file config-picocoin.h
*
+ * \brief Reduced configuration used by Picocoin.
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h
index 3c4804c..18e2c40 100644
--- a/configs/config-suite-b.h
+++ b/configs/config-suite-b.h
@@ -1,6 +1,9 @@
-/*
- * Minimal configuration for TLS NSA Suite B Profile (RFC 6460)
+/**
+ * \file config-suite-b.h
*
+ * \brief Minimal configuration for TLS NSA Suite B Profile (RFC 6460)
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/configs/config-thread.h b/configs/config-thread.h
index 990fe08..25db16b 100644
--- a/configs/config-thread.h
+++ b/configs/config-thread.h
@@ -1,6 +1,9 @@
-/*
- * Minimal configuration for using TLS as part of Thread
+/**
+ * \file config-thread.h
*
+ * \brief Minimal configuration for using TLS as part of Thread
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/doxygen/input/doc_encdec.h b/doxygen/input/doc_encdec.h
index 9538ed2..b1281cb 100644
--- a/doxygen/input/doc_encdec.h
+++ b/doxygen/input/doc_encdec.h
@@ -1,6 +1,9 @@
/**
- * @file
- * Encryption/decryption module documentation file.
+ * \file doc_encdec.h
+ *
+ * \brief Encryption/decryption module documentation file.
+ */
+/*
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
diff --git a/doxygen/input/doc_hashing.h b/doxygen/input/doc_hashing.h
index 49f15ea..e54b28e 100644
--- a/doxygen/input/doc_hashing.h
+++ b/doxygen/input/doc_hashing.h
@@ -1,6 +1,9 @@
/**
- * @file
- * Hashing module documentation file.
+ * \file doc_hashing.h
+ *
+ * \brief Hashing module documentation file.
+ */
+/*
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h
index 87b5041..add75f7 100644
--- a/doxygen/input/doc_mainpage.h
+++ b/doxygen/input/doc_mainpage.h
@@ -1,6 +1,9 @@
/**
- * @file
- * Main page documentation file.
+ * \file doc_mainpage.h
+ *
+ * \brief Main page documentation file.
+ */
+/*
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
diff --git a/doxygen/input/doc_rng.h b/doxygen/input/doc_rng.h
index 0159ef3..0f212e0 100644
--- a/doxygen/input/doc_rng.h
+++ b/doxygen/input/doc_rng.h
@@ -1,6 +1,9 @@
/**
- * @file
- * Random number generator (RNG) module documentation file.
+ * \file doc_rng.h
+ *
+ * \brief Random number generator (RNG) module documentation file.
+ */
+/*
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
diff --git a/doxygen/input/doc_ssltls.h b/doxygen/input/doc_ssltls.h
index 7f104bd..4addfb3 100644
--- a/doxygen/input/doc_ssltls.h
+++ b/doxygen/input/doc_ssltls.h
@@ -1,6 +1,9 @@
/**
- * @file
- * SSL/TLS communication module documentation file.
+ * \file doc_ssltls.h
+ *
+ * \brief SSL/TLS communication module documentation file.
+ */
+/*
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
diff --git a/doxygen/input/doc_tcpip.h b/doxygen/input/doc_tcpip.h
index 34d3ca1..95f4586 100644
--- a/doxygen/input/doc_tcpip.h
+++ b/doxygen/input/doc_tcpip.h
@@ -1,6 +1,9 @@
/**
- * @file
- * TCP/IP communication module documentation file.
+ * \file doc_tcpip.h
+ *
+ * \brief TCP/IP communication module documentation file.
+ */
+/*
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
diff --git a/doxygen/input/doc_x509.h b/doxygen/input/doc_x509.h
index 315f0e3..9b52569 100644
--- a/doxygen/input/doc_x509.h
+++ b/doxygen/input/doc_x509.h
@@ -1,6 +1,9 @@
/**
- * @file
- * X.509 module documentation file.
+ * \file doc_x509.h
+ *
+ * \brief X.509 module documentation file.
+ */
+/*
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index 5df1c93..d5b3abe 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -54,7 +54,7 @@
# If a relative path is entered, it will be relative to the location
# where doxygen was started. If left blank the current directory will be used.
-OUTPUT_DIRECTORY = apidoc/
+OUTPUT_DIRECTORY = ../apidoc/
# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create
# 4096 sub-directories (in 2 levels) under the output directory of each output
@@ -664,7 +664,7 @@
# directories like "/usr/src/myproject". Separate the files or directories
# with spaces.
-INPUT = .
+INPUT = ..
# This tag can be used to specify the character encoding of the source files
# that doxygen parses. Internally doxygen uses the UTF-8 encoding, which is
@@ -696,7 +696,7 @@
# Note that relative paths are relative to the directory from which doxygen is
# run.
-EXCLUDE = configs yotta/module
+EXCLUDE = ../configs ../yotta/module
# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or
# directories that are symbolic links (a Unix file system feature) are excluded
diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index c8dd0f3..71dcea9 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -2,7 +2,8 @@
* \file aes.h
*
* \brief AES block cipher
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/aesni.h b/include/mbedtls/aesni.h
index b1b7f1c..746baa0 100644
--- a/include/mbedtls/aesni.h
+++ b/include/mbedtls/aesni.h
@@ -2,7 +2,8 @@
* \file aesni.h
*
* \brief AES-NI for hardware AES acceleration on some Intel processors
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/arc4.h b/include/mbedtls/arc4.h
index 5fc5395..26de33f 100644
--- a/include/mbedtls/arc4.h
+++ b/include/mbedtls/arc4.h
@@ -2,7 +2,8 @@
* \file arc4.h
*
* \brief The ARCFOUR stream cipher
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h
index e159e57..fde328a 100644
--- a/include/mbedtls/asn1.h
+++ b/include/mbedtls/asn1.h
@@ -2,7 +2,8 @@
* \file asn1.h
*
* \brief Generic ASN.1 parsing
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h
index 73ff32b..f76fc80 100644
--- a/include/mbedtls/asn1write.h
+++ b/include/mbedtls/asn1write.h
@@ -2,7 +2,8 @@
* \file asn1write.h
*
* \brief ASN.1 buffer writing functionality
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h
index 352c652..7a64f52 100644
--- a/include/mbedtls/base64.h
+++ b/include/mbedtls/base64.h
@@ -2,7 +2,8 @@
* \file base64.h
*
* \brief RFC 1521 base64 encoding/decoding
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index 0b40015..c20b367 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@@ -1,8 +1,9 @@
/**
* \file bignum.h
*
- * \brief Multi-precision integer library
- *
+ * \brief Multi-precision integer library
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/blowfish.h b/include/mbedtls/blowfish.h
index 34626ee..6593730 100644
--- a/include/mbedtls/blowfish.h
+++ b/include/mbedtls/blowfish.h
@@ -2,7 +2,8 @@
* \file blowfish.h
*
* \brief Blowfish block cipher
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h
index cac3f14..354c1cc 100644
--- a/include/mbedtls/bn_mul.h
+++ b/include/mbedtls/bn_mul.h
@@ -1,8 +1,9 @@
/**
* \file bn_mul.h
*
- * \brief Multi-precision integer library
- *
+ * \brief Multi-precision integer library
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h
index 0424d62..107056f 100644
--- a/include/mbedtls/camellia.h
+++ b/include/mbedtls/camellia.h
@@ -2,7 +2,8 @@
* \file camellia.h
*
* \brief Camellia block cipher
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h
index 579402f..acd94ad 100644
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@@ -2,7 +2,8 @@
* \file ccm.h
*
* \brief Counter with CBC-MAC (CCM) for 128-bit block ciphers
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/certs.h b/include/mbedtls/certs.h
index ca49086..8dab7b5 100644
--- a/include/mbedtls/certs.h
+++ b/include/mbedtls/certs.h
@@ -2,7 +2,8 @@
* \file certs.h
*
* \brief Sample certificates and DHM parameters for testing
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index fa72454..1143aa2 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -2,7 +2,8 @@
* \file check_config.h
*
* \brief Consistency checks for configuration options
- *
+ */
+/*
* Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index b12e388..b92a8db 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -4,7 +4,8 @@
* \brief Generic cipher wrapper.
*
* \author Adriaan de Jong <dejong@fox-it.com>
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h
index 6c58bcc..969ff9c 100644
--- a/include/mbedtls/cipher_internal.h
+++ b/include/mbedtls/cipher_internal.h
@@ -4,7 +4,8 @@
* \brief Cipher wrappers.
*
* \author Adriaan de Jong <dejong@fox-it.com>
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index 4d3f2d2..a7f7f45 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -3,7 +3,8 @@
*
* \brief Cipher-based Message Authentication Code (CMAC) Mode for
* Authentication
- *
+ */
+/*
* Copyright (C) 2015-2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h
index bba1d2c..600a0f1 100644
--- a/include/mbedtls/compat-1.3.h
+++ b/include/mbedtls/compat-1.3.h
@@ -5,7 +5,8 @@
* for the PolarSSL naming conventions.
*
* \deprecated Use the new names directly instead
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 4933108..6f62a87 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -6,7 +6,8 @@
* This set of compile-time options may be used to enable
* or disable features selectively, and reduce the global
* memory footprint.
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
@@ -269,6 +270,8 @@
//#define MBEDTLS_CCM_ALT
//#define MBEDTLS_CMAC_ALT
//#define MBEDTLS_DES_ALT
+//#define MBEDTLS_DHM_ALT
+//#define MBEDTLS_ECJPAKE_ALT
//#define MBEDTLS_GCM_ALT
//#define MBEDTLS_MD2_ALT
//#define MBEDTLS_MD4_ALT
diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h
index 059d3c5..01cd826 100644
--- a/include/mbedtls/ctr_drbg.h
+++ b/include/mbedtls/ctr_drbg.h
@@ -2,7 +2,8 @@
* \file ctr_drbg.h
*
* \brief CTR_DRBG based on AES-256 (NIST SP 800-90)
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h
index 2957996..ef8db67 100644
--- a/include/mbedtls/debug.h
+++ b/include/mbedtls/debug.h
@@ -2,7 +2,8 @@
* \file debug.h
*
* \brief Functions for controlling and providing debug output from the library.
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h
index 5ca2ecf..7f8f27e 100644
--- a/include/mbedtls/des.h
+++ b/include/mbedtls/des.h
@@ -2,7 +2,8 @@
* \file des.h
*
* \brief DES block cipher
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
index d7ab152..d017b38 100644
--- a/include/mbedtls/dhm.h
+++ b/include/mbedtls/dhm.h
@@ -2,7 +2,8 @@
* \file dhm.h
*
* \brief Diffie-Hellman-Merkle key exchange
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
@@ -23,7 +24,13 @@
#ifndef MBEDTLS_DHM_H
#define MBEDTLS_DHM_H
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
#include "bignum.h"
+#if !defined(MBEDTLS_DHM_ALT)
/*
* DHM Error codes
@@ -291,6 +298,18 @@
#endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_ASN1_PARSE_C */
+#ifdef __cplusplus
+}
+#endif
+
+#else /* MBEDTLS_DHM_ALT */
+#include "dhm_alt.h"
+#endif /* MBEDTLS_DHM_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
/**
* \brief Checkup routine
*
diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h
index 625a281..14a362b 100644
--- a/include/mbedtls/ecdh.h
+++ b/include/mbedtls/ecdh.h
@@ -2,7 +2,8 @@
* \file ecdh.h
*
* \brief Elliptic curve Diffie-Hellman
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h
index a277715..6c6ae29 100644
--- a/include/mbedtls/ecdsa.h
+++ b/include/mbedtls/ecdsa.h
@@ -2,7 +2,8 @@
* \file ecdsa.h
*
* \brief Elliptic curve DSA
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h
index 161a5b2..d86e820 100644
--- a/include/mbedtls/ecjpake.h
+++ b/include/mbedtls/ecjpake.h
@@ -2,7 +2,8 @@
* \file ecjpake.h
*
* \brief Elliptic curve J-PAKE
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
@@ -43,6 +44,8 @@
#include "ecp.h"
#include "md.h"
+#if !defined(MBEDTLS_ECJPAKE_ALT)
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -222,17 +225,31 @@
*/
void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx );
+#ifdef __cplusplus
+}
+#endif
+
+#else /* MBEDTLS_ECJPAKE_ALT */
+#include "ecjpake_alt.h"
+#endif /* MBEDTLS_ECJPAKE_ALT */
+
#if defined(MBEDTLS_SELF_TEST)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if a test failed
*/
int mbedtls_ecjpake_self_test( int verbose );
-#endif
#ifdef __cplusplus
}
#endif
+#endif /* MBEDTLS_SELF_TEST */
+
#endif /* ecjpake.h */
diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h
index dad9aef..9771340 100644
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@@ -2,7 +2,8 @@
* \file ecp.h
*
* \brief Elliptic curves over GF(p)
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/ecp_internal.h b/include/mbedtls/ecp_internal.h
index 2991e26..8a6d517 100644
--- a/include/mbedtls/ecp_internal.h
+++ b/include/mbedtls/ecp_internal.h
@@ -3,7 +3,8 @@
*
* \brief Function declarations for alternative implementation of elliptic curve
* point arithmetic.
- *
+ */
+/*
* Copyright (C) 2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index addb961..fcb4d02 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h
@@ -2,7 +2,8 @@
* \file entropy.h
*
* \brief Entropy accumulator implementation
- *
+ */
+/*
* Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/entropy_poll.h b/include/mbedtls/entropy_poll.h
index 81258d5..94dd657 100644
--- a/include/mbedtls/entropy_poll.h
+++ b/include/mbedtls/entropy_poll.h
@@ -2,7 +2,8 @@
* \file entropy_poll.h
*
* \brief Platform-specific and custom entropy polling functions
- *
+ */
+/*
* Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 16bc8dc..2c41247 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -2,7 +2,8 @@
* \file error.h
*
* \brief Error to string translation
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index 8f3b565..f101986 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@@ -2,7 +2,8 @@
* \file gcm.h
*
* \brief Galois/Counter mode for 128-bit block ciphers
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/havege.h b/include/mbedtls/havege.h
index dac5d31..d4cb3ed 100644
--- a/include/mbedtls/havege.h
+++ b/include/mbedtls/havege.h
@@ -2,7 +2,8 @@
* \file havege.h
*
* \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
index e010558..e0821cf 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/include/mbedtls/hmac_drbg.h
@@ -2,7 +2,8 @@
* \file hmac_drbg.h
*
* \brief HMAC_DRBG (NIST SP 800-90A)
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index 89be847..f23bad4 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -4,7 +4,8 @@
* \brief Generic message digest wrapper
*
* \author Adriaan de Jong <dejong@fox-it.com>
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/md2.h b/include/mbedtls/md2.h
index 1a9940b..b245b5b 100644
--- a/include/mbedtls/md2.h
+++ b/include/mbedtls/md2.h
@@ -2,7 +2,8 @@
* \file md2.h
*
* \brief MD2 message digest algorithm (hash function)
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/md4.h b/include/mbedtls/md4.h
index ed20370..886a669 100644
--- a/include/mbedtls/md4.h
+++ b/include/mbedtls/md4.h
@@ -2,7 +2,8 @@
* \file md4.h
*
* \brief MD4 message digest algorithm (hash function)
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h
index dfd704c..5734b40 100644
--- a/include/mbedtls/md5.h
+++ b/include/mbedtls/md5.h
@@ -2,7 +2,8 @@
* \file md5.h
*
* \brief MD5 message digest algorithm (hash function)
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/md_internal.h b/include/mbedtls/md_internal.h
index c202598..04de482 100644
--- a/include/mbedtls/md_internal.h
+++ b/include/mbedtls/md_internal.h
@@ -6,7 +6,8 @@
* \warning This in an internal header. Do not include directly.
*
* \author Adriaan de Jong <dejong@fox-it.com>
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/memory_buffer_alloc.h b/include/mbedtls/memory_buffer_alloc.h
index d5df316..705f9a6 100644
--- a/include/mbedtls/memory_buffer_alloc.h
+++ b/include/mbedtls/memory_buffer_alloc.h
@@ -2,7 +2,8 @@
* \file memory_buffer_alloc.h
*
* \brief Buffer-based memory allocator
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/net.h b/include/mbedtls/net.h
index 774559b..28ae821 100644
--- a/include/mbedtls/net.h
+++ b/include/mbedtls/net.h
@@ -3,6 +3,9 @@
*
* \brief Deprecated header file that includes mbedtls/net_sockets.h
*
+ * \deprecated Superseded by mbedtls/net_sockets.h
+ */
+/*
* Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
@@ -19,8 +22,6 @@
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
- *
- * \deprecated Superseded by mbedtls/net_sockets.h
*/
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h
index de33552..54e612c 100644
--- a/include/mbedtls/net_sockets.h
+++ b/include/mbedtls/net_sockets.h
@@ -2,7 +2,8 @@
* \file net_sockets.h
*
* \brief Network communication functions
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index fcecdaf..bf2ef5e 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -2,7 +2,8 @@
* \file oid.h
*
* \brief Object Identifier (OID) database
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/padlock.h b/include/mbedtls/padlock.h
index 2045a5a..677936e 100644
--- a/include/mbedtls/padlock.h
+++ b/include/mbedtls/padlock.h
@@ -3,7 +3,8 @@
*
* \brief VIA PadLock ACE for HW encryption/decryption supported by some
* processors
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h
index 54dc02d..2cf4c0a 100644
--- a/include/mbedtls/pem.h
+++ b/include/mbedtls/pem.h
@@ -2,7 +2,8 @@
* \file pem.h
*
* \brief Privacy Enhanced Mail (PEM) decoding
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index f9f9b9b..28f6150 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -2,7 +2,8 @@
* \file pk.h
*
* \brief Public Key abstraction layer
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/pk_internal.h b/include/mbedtls/pk_internal.h
index 01d0f21..3dae0fc 100644
--- a/include/mbedtls/pk_internal.h
+++ b/include/mbedtls/pk_internal.h
@@ -1,8 +1,9 @@
/**
- * \file pk.h
+ * \file pk_internal.h
*
* \brief Public Key abstraction layer: wrapper functions
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/pkcs11.h b/include/mbedtls/pkcs11.h
index 2e88928..bf65c55 100644
--- a/include/mbedtls/pkcs11.h
+++ b/include/mbedtls/pkcs11.h
@@ -4,7 +4,8 @@
* \brief Wrapper for PKCS#11 library libpkcs11-helper
*
* \author Adriaan de Jong <dejong@fox-it.com>
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h
index 9b2d904..a621ef5 100644
--- a/include/mbedtls/pkcs12.h
+++ b/include/mbedtls/pkcs12.h
@@ -2,7 +2,8 @@
* \file pkcs12.h
*
* \brief PKCS#12 Personal Information Exchange Syntax
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h
index ec5cb9e..9a3c9fd 100644
--- a/include/mbedtls/pkcs5.h
+++ b/include/mbedtls/pkcs5.h
@@ -4,7 +4,8 @@
* \brief PKCS#5 functions
*
* \author Mathias Olsson <mathias@kompetensum.com>
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h
index 35010f8..e051751 100644
--- a/include/mbedtls/platform.h
+++ b/include/mbedtls/platform.h
@@ -2,7 +2,8 @@
* \file platform.h
*
* \brief mbed TLS Platform abstraction layer
- *
+ */
+/*
* Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h
index abb3431..2ed36f5 100644
--- a/include/mbedtls/platform_time.h
+++ b/include/mbedtls/platform_time.h
@@ -2,7 +2,8 @@
* \file platform_time.h
*
* \brief mbed TLS Platform time abstraction
- *
+ */
+/*
* Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h
index 3921e66..c21868b 100644
--- a/include/mbedtls/ripemd160.h
+++ b/include/mbedtls/ripemd160.h
@@ -2,7 +2,8 @@
* \file ripemd160.h
*
* \brief RIPE MD-160 message digest
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index d7503ac..a4a4716 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -2,7 +2,8 @@
* \file rsa.h
*
* \brief The RSA public-key cryptosystem
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/rsa_internal.h b/include/mbedtls/rsa_internal.h
index 7e6a2ec..bcb3c94 100644
--- a/include/mbedtls/rsa_internal.h
+++ b/include/mbedtls/rsa_internal.h
@@ -2,7 +2,8 @@
* \file rsa_internal.h
*
* \brief Context-independent RSA helper functions
- *
+ */
+/*
* Copyright (C) 2006-2017, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h
index b879ee6..4d3a164 100644
--- a/include/mbedtls/sha1.h
+++ b/include/mbedtls/sha1.h
@@ -2,7 +2,8 @@
* \file sha1.h
*
* \brief SHA-1 cryptographic hash function
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h
index e9cc0ca..5c5d07a 100644
--- a/include/mbedtls/sha256.h
+++ b/include/mbedtls/sha256.h
@@ -2,7 +2,8 @@
* \file sha256.h
*
* \brief SHA-224 and SHA-256 cryptographic hash function
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h
index 395f8bb..7453c44 100644
--- a/include/mbedtls/sha512.h
+++ b/include/mbedtls/sha512.h
@@ -2,7 +2,8 @@
* \file sha512.h
*
* \brief SHA-384 and SHA-512 cryptographic hash function
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index e98101e..7ad71cc 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -2,7 +2,8 @@
* \file ssl.h
*
* \brief SSL/TLS functions.
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h
index 3734bb7..ec081e6 100644
--- a/include/mbedtls/ssl_cache.h
+++ b/include/mbedtls/ssl_cache.h
@@ -2,7 +2,8 @@
* \file ssl_cache.h
*
* \brief SSL session cache implementation
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
index 9101d9c..545468a 100644
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/include/mbedtls/ssl_ciphersuites.h
@@ -2,7 +2,8 @@
* \file ssl_ciphersuites.h
*
* \brief SSL Ciphersuites for mbed TLS
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h
index 037e1c3..80b65bb 100644
--- a/include/mbedtls/ssl_cookie.h
+++ b/include/mbedtls/ssl_cookie.h
@@ -2,7 +2,8 @@
* \file ssl_cookie.h
*
* \brief DTLS cookie callbacks implementation
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index c39c02d..bf7b1dc 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -1,8 +1,9 @@
/**
- * \file ssl_ticket.h
+ * \file ssl_internal.h
*
* \brief Internal functions shared by the SSL modules
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h
index 7c6bc61..93ad46a 100644
--- a/include/mbedtls/ssl_ticket.h
+++ b/include/mbedtls/ssl_ticket.h
@@ -2,7 +2,8 @@
* \file ssl_ticket.h
*
* \brief TLS server ticket callbacks implementation
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h
index b0c34ec..58e6db2 100644
--- a/include/mbedtls/threading.h
+++ b/include/mbedtls/threading.h
@@ -2,7 +2,8 @@
* \file threading.h
*
* \brief Threading abstraction layer
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h
index bfb8579..2c497bf 100644
--- a/include/mbedtls/timing.h
+++ b/include/mbedtls/timing.h
@@ -2,7 +2,8 @@
* \file timing.h
*
* \brief Portable interface to timeouts and to the CPU cycle counter
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h
index 3b209a6..8af6f01 100644
--- a/include/mbedtls/version.h
+++ b/include/mbedtls/version.h
@@ -2,7 +2,8 @@
* \file version.h
*
* \brief Run-time version information
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index d7e318d..d6db9c6 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -2,7 +2,8 @@
* \file x509.h
*
* \brief X.509 generic defines and structures
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h
index 7988439..08a4283 100644
--- a/include/mbedtls/x509_crl.h
+++ b/include/mbedtls/x509_crl.h
@@ -2,7 +2,8 @@
* \file x509_crl.h
*
* \brief X.509 certificate revocation list parsing
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 06166d8..2dbb7ec 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -2,7 +2,8 @@
* \file x509_crt.h
*
* \brief X.509 certificate parsing and writing
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
@@ -373,21 +374,22 @@
#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
/**
- * \brief Check usage of certificate against extentedJeyUsage.
+ * \brief Check usage of certificate against extendedKeyUsage.
*
- * \param crt Leaf certificate used.
- * \param usage_oid Intended usage (eg MBEDTLS_OID_SERVER_AUTH or MBEDTLS_OID_CLIENT_AUTH).
+ * \param crt Leaf certificate used.
+ * \param usage_oid Intended usage (eg MBEDTLS_OID_SERVER_AUTH or
+ * MBEDTLS_OID_CLIENT_AUTH).
* \param usage_len Length of usage_oid (eg given by MBEDTLS_OID_SIZE()).
*
- * \return 0 if this use of the certificate is allowed,
- * MBEDTLS_ERR_X509_BAD_INPUT_DATA if not.
+ * \return 0 if this use of the certificate is allowed,
+ * MBEDTLS_ERR_X509_BAD_INPUT_DATA if not.
*
- * \note Usually only makes sense on leaf certificates.
+ * \note Usually only makes sense on leaf certificates.
*/
int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
- const char *usage_oid,
- size_t usage_len );
-#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) */
+ const char *usage_oid,
+ size_t usage_len );
+#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
#if defined(MBEDTLS_X509_CRL_PARSE_C)
/**
diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h
index fe9843c..0c6ccad 100644
--- a/include/mbedtls/x509_csr.h
+++ b/include/mbedtls/x509_csr.h
@@ -2,7 +2,8 @@
* \file x509_csr.h
*
* \brief X.509 certificate signing request parsing and writing
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/include/mbedtls/xtea.h b/include/mbedtls/xtea.h
index b073f84..1d01e56 100644
--- a/include/mbedtls/xtea.h
+++ b/include/mbedtls/xtea.h
@@ -2,7 +2,8 @@
* \file xtea.h
*
* \brief XTEA block cipher (32-bit)
- *
+ */
+/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
diff --git a/library/cipher.c b/library/cipher.c
index e9e0b22..ff03273 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -516,14 +516,14 @@
if( NULL == input || NULL == data_len )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
- bad = 0xFF;
+ bad = 0x80;
*data_len = 0;
for( i = input_len; i > 0; i-- )
{
prev_done = done;
- done |= ( input[i-1] != 0 );
+ done |= ( input[i - 1] != 0 );
*data_len |= ( i - 1 ) * ( done != prev_done );
- bad &= ( input[i-1] ^ 0x80 ) | ( done == prev_done );
+ bad ^= input[i - 1] * ( done != prev_done );
}
return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
diff --git a/library/dhm.c b/library/dhm.c
index bec52a1..cff0958 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -57,6 +57,7 @@
#define mbedtls_free free
#endif
+#if !defined(MBEDTLS_DHM_ALT)
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
@@ -577,6 +578,7 @@
}
#endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_ASN1_PARSE_C */
+#endif /* MBEDTLS_DHM_ALT */
#if defined(MBEDTLS_SELF_TEST)
diff --git a/library/ecjpake.c b/library/ecjpake.c
index 1fa1c2d..e8f4086 100644
--- a/library/ecjpake.c
+++ b/library/ecjpake.c
@@ -36,6 +36,8 @@
#include <string.h>
+#if !defined(MBEDTLS_ECJPAKE_ALT)
+
/*
* Convert a mbedtls_ecjpake_role to identifier string
*/
@@ -764,6 +766,7 @@
#undef ID_MINE
#undef ID_PEER
+#endif /* ! MBEDTLS_ECJPAKE_ALT */
#if defined(MBEDTLS_SELF_TEST)
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 8dea347..2b79188 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -2042,7 +2042,7 @@
const mbedtls_ssl_ciphersuite_t *suite = NULL;
const mbedtls_cipher_info_t *cipher = NULL;
- if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_EXTENDED_MS_DISABLED ||
+ if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED ||
ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
{
*olen = 0;
diff --git a/library/version_features.c b/library/version_features.c
index 172cf12..72afec2 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -105,6 +105,12 @@
#if defined(MBEDTLS_DES_ALT)
"MBEDTLS_DES_ALT",
#endif /* MBEDTLS_DES_ALT */
+#if defined(MBEDTLS_DHM_ALT)
+ "MBEDTLS_DHM_ALT",
+#endif /* MBEDTLS_DHM_ALT */
+#if defined(MBEDTLS_ECJPAKE_ALT)
+ "MBEDTLS_ECJPAKE_ALT",
+#endif /* MBEDTLS_ECJPAKE_ALT */
#if defined(MBEDTLS_GCM_ALT)
"MBEDTLS_GCM_ALT",
#endif /* MBEDTLS_GCM_ALT */
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
index 4d8632b..4304231 100644
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -252,6 +252,7 @@
memset( buf, 0, sizeof( buf ) );
+ n = dhm.len;
if( ( ret = mbedtls_net_recv( &client_fd, buf, n ) ) != (int) n )
{
mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret );
diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c
index ed6ed30..a7f5c90 100644
--- a/programs/pkey/gen_key.c
+++ b/programs/pkey/gen_key.c
@@ -345,7 +345,7 @@
mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_rsa_gen_key returned -0x%04x", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ecp_gen_key returned -0x%04x", -ret );
goto exit;
}
}
diff --git a/tests/suites/test_suite_cipher.padding.data b/tests/suites/test_suite_cipher.padding.data
index d6fc266..1c0ba09 100644
--- a/tests/suites/test_suite_cipher.padding.data
+++ b/tests/suites/test_suite_cipher.padding.data
@@ -184,6 +184,10 @@
depends_on:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
check_padding:MBEDTLS_PADDING_ONE_AND_ZEROS:"0000000000":MBEDTLS_ERR_CIPHER_INVALID_PADDING:4
+Check one and zeros padding #8 (last byte 0x80 | x)
+depends_on:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
+check_padding:MBEDTLS_PADDING_ONE_AND_ZEROS:"0000000082":MBEDTLS_ERR_CIPHER_INVALID_PADDING:4
+
Check zeros and len padding #1 (correct)
depends_on:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
check_padding:MBEDTLS_PADDING_ZEROS_AND_LEN:"DABBAD0001":0:4
diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function
index 883cfe0..d8ffebe 100644
--- a/tests/suites/test_suite_ctr_drbg.function
+++ b/tests/suites/test_suite_ctr_drbg.function
@@ -1,8 +1,8 @@
/* BEGIN_HEADER */
#include "mbedtls/ctr_drbg.h"
-int test_offset_idx;
-int mbedtls_entropy_func( void *data, unsigned char *buf, size_t len )
+static int test_offset_idx;
+static int mbedtls_test_entropy_func( void *data, unsigned char *buf, size_t len )
{
const unsigned char *p = (unsigned char *) data;
memcpy( buf, p + test_offset_idx, len );
@@ -72,7 +72,7 @@
add2_len = unhexify( add2, add2_string );
test_offset_idx = 0;
- TEST_ASSERT( mbedtls_ctr_drbg_seed_entropy_len( &ctx, mbedtls_entropy_func, entropy, add_init, add_init_len, 32 ) == 0 );
+ TEST_ASSERT( mbedtls_ctr_drbg_seed_entropy_len( &ctx, mbedtls_test_entropy_func, entropy, add_init, add_init_len, 32 ) == 0 );
mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON );
TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, buf, 16, add1, add1_len ) == 0 );
@@ -110,7 +110,7 @@
add2_len = unhexify( add2, add2_string );
test_offset_idx = 0;
- TEST_ASSERT( mbedtls_ctr_drbg_seed_entropy_len( &ctx, mbedtls_entropy_func, entropy, add_init, add_init_len, 32 ) == 0 );
+ TEST_ASSERT( mbedtls_ctr_drbg_seed_entropy_len( &ctx, mbedtls_test_entropy_func, entropy, add_init, add_init_len, 32 ) == 0 );
TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, buf, 16, add1, add1_len ) == 0 );
TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, add_reseed, add_reseed_len ) == 0 );
@@ -141,7 +141,7 @@
/* Init must use entropy */
last_idx = test_offset_idx;
- TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, mbedtls_entropy_func, entropy, NULL, 0 ) == 0 );
+ TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, mbedtls_test_entropy_func, entropy, NULL, 0 ) == 0 );
TEST_ASSERT( last_idx < test_offset_idx );
/* By default, PR is off and reseed_interval is large,
diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function
index 5209470..a413f5e 100644
--- a/tests/suites/test_suite_hmac_drbg.function
+++ b/tests/suites/test_suite_hmac_drbg.function
@@ -7,7 +7,7 @@
size_t len;
} entropy_ctx;
-int mbedtls_entropy_func( void *data, unsigned char *buf, size_t len )
+static int mbedtls_test_entropy_func( void *data, unsigned char *buf, size_t len )
{
entropy_ctx *ctx = (entropy_ctx *) data;
@@ -50,7 +50,7 @@
/* Init must use entropy */
last_len = entropy.len;
- TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_entropy_func, &entropy,
+ TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &entropy,
NULL, 0 ) == 0 );
TEST_ASSERT( entropy.len < last_len );
@@ -206,7 +206,7 @@
TEST_ASSERT( memcmp( my_output, output, out_len ) == 0 );
/* And now the normal entropy-based variant */
- TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_entropy_func, &p_entropy,
+ TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
custom, custom_len ) == 0 );
TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
add1, add1_len ) == 0 );
@@ -251,7 +251,7 @@
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
- TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_entropy_func, &p_entropy,
+ TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
custom, custom_len ) == 0 );
TEST_ASSERT( mbedtls_hmac_drbg_reseed( &ctx, add1, add1_len ) == 0 );
TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
@@ -296,7 +296,7 @@
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
- TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_entropy_func, &p_entropy,
+ TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
custom, custom_len ) == 0 );
mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON );
TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,