Revert changes from 3.6.1..3.6.2
Signed-off-by: David Horstmann <david.horstmann@arm.com>
diff --git a/BRANCHES.md b/BRANCHES.md
index cf86a9d..9d5d779 100644
--- a/BRANCHES.md
+++ b/BRANCHES.md
@@ -107,7 +107,7 @@
- [`development`](https://github.com/Mbed-TLS/mbedtls/)
- [`mbedtls-3.6`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-3.6)
maintained until March 2027, see
- <https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.2>.
+ <https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.1>.
- [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28)
maintained until the end of 2024, see
<https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.9>.
diff --git a/CMakeLists.txt b/CMakeLists.txt
index f061502..5f5afb2 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -40,12 +40,12 @@
if(TEST_CPP)
project("Mbed TLS"
LANGUAGES C CXX
- VERSION 3.6.2
+ VERSION 3.6.1
)
else()
project("Mbed TLS"
LANGUAGES C
- VERSION 3.6.2
+ VERSION 3.6.1
)
endif()
@@ -449,7 +449,7 @@
write_basic_package_version_file(
"cmake/MbedTLSConfigVersion.cmake"
COMPATIBILITY SameMajorVersion
- VERSION 3.6.2)
+ VERSION 3.6.1)
install(
FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake"
diff --git a/ChangeLog b/ChangeLog
index 8134c10..8eb43fe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,17 +1,5 @@
Mbed TLS ChangeLog (Sorted per branch, date)
-= Mbed TLS 3.6.2 branch released 2024-10-11
-
-Security
- * Fix a buffer overflow in mbedtls_pk_write_pubkey(),
- mbedtls_pk_write_pubkey_der() and mbedtls_pk_write_key_der().
- With MBEDTLS_USE_PSA_CRYPTO turned on, these functions would
- write to a location before the start of the output buffer if it was less
- than the size of the key being written and also less than
- PK_MAX_EC_PUBLIC_KEY_SIZE (for EC public keys) and
- PSA_EXPORT_KEY_PAIR_MAX_SIZE (for RSA private keys).
- This buffer overflow only occurs for keys with the type MBEDTLS_PK_OPAQUE.
-
= Mbed TLS 3.6.1 branch released 2024-08-30
API changes
diff --git a/docs/architecture/psa-keystore-design.md b/docs/architecture/psa-keystore-design.md
index be082a8..cdd2cac 100644
--- a/docs/architecture/psa-keystore-design.md
+++ b/docs/architecture/psa-keystore-design.md
@@ -67,7 +67,7 @@
There are three variants of the key store implementation, responding to different needs.
* Hybrid key store ([static key slots](#static-key-store) with dynamic key data): the key store is a statically allocated array of slots, of size `MBEDTLS_PSA_KEY_SLOT_COUNT`. Key material is allocated on the heap. This is the historical implementation. It remains the default in the Mbed TLS 3.6 long-time support (LTS) branch when using a handwritten `mbedtls_config.h`, as is common on resource-constrained platforms, because the alternatives have tradeoffs (key size limit and larger RAM usage at rest for the static key store, larger code size and more risk due to code complexity for the dynamic key store).
-* Fully [static key store](#static-key-store) (since Mbed TLS 3.6.3): the key store is a statically allocated array of slots, of size `MBEDTLS_PSA_KEY_SLOT_COUNT`. Each key slot contains the key representation directly, and the key representation must be no more than `MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE` bytes. This is intended for very constrained devices that do not have a heap.
+* Fully [static key store](#static-key-store) (since Mbed TLS 3.6.2): the key store is a statically allocated array of slots, of size `MBEDTLS_PSA_KEY_SLOT_COUNT`. Each key slot contains the key representation directly, and the key representation must be no more than `MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE` bytes. This is intended for very constrained devices that do not have a heap.
* [Dynamic key store](#dynamic-key-store) (since Mbed TLS 3.6.1): the key store is dynamically allocated as multiple slices on the heap, with a size that adjusts to the application's usage. Key material is allocated on the heap. Compared to the hybrid key store, the code size and RAM consumption are larger. This is intended for higher-end devices where applications are not expected to have a highly predicatable resource usage. This is the default implementation when using the default `mbedtls_config.h` file, as is common on platforms such as Linux, starting with Mbed TLS 3.6.1.
#### Future improvement: merging the key store variants
@@ -95,7 +95,7 @@
The static key store is the historical implementation. The key store is a statically allocated array of slots, of size `MBEDTLS_PSA_KEY_SLOT_COUNT`. This value is an upper bound for the total number of volatile keys plus loaded keys.
-Since Mbed TLS 3.6.3, there are two variants for the static key store: a hybrid variant (default), and a fully-static variant enabled by the configuration option `MBEDTLS_PSA_STATIC_KEY_SLOTS`. The two variants have the same key store management: the only difference is in how the memory for key data is managed. With fully static key slots, the key data is directly inside the slot, and limited to `MBEDTLS_PSA_KEY_SLOT_BUFFER_SIZE` bytes. With the hybrid key store, the slot contains a pointer to the key data, which is allocated on the heap.
+Since Mbed TLS 3.6.2, there are two variants for the static key store: a hybrid variant (default), and a fully-static variant enabled by the configuration option `MBEDTLS_PSA_STATIC_KEY_SLOTS`. The two variants have the same key store management: the only difference is in how the memory for key data is managed. With fully static key slots, the key data is directly inside the slot, and limited to `MBEDTLS_PSA_KEY_SLOT_BUFFER_SIZE` bytes. With the hybrid key store, the slot contains a pointer to the key data, which is allocated on the heap.
#### Volatile key identifiers in the static key store
diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h
index d872818..740bb19 100644
--- a/doxygen/input/doc_mainpage.h
+++ b/doxygen/input/doc_mainpage.h
@@ -10,7 +10,7 @@
*/
/**
- * @mainpage Mbed TLS v3.6.2 API Documentation
+ * @mainpage Mbed TLS v3.6.1 API Documentation
*
* This documentation describes the internal structure of Mbed TLS. It was
* automatically generated from specially formatted comment blocks in
diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index 281f062..2a82820 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -1,4 +1,4 @@
-PROJECT_NAME = "Mbed TLS v3.6.2"
+PROJECT_NAME = "Mbed TLS v3.6.1"
OUTPUT_DIRECTORY = ../apidoc/
FULL_PATH_NAMES = NO
OPTIMIZE_OUTPUT_FOR_C = YES
diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h
index d91d296..8242ec6 100644
--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h
@@ -26,16 +26,16 @@
*/
#define MBEDTLS_VERSION_MAJOR 3
#define MBEDTLS_VERSION_MINOR 6
-#define MBEDTLS_VERSION_PATCH 2
+#define MBEDTLS_VERSION_PATCH 1
/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
-#define MBEDTLS_VERSION_NUMBER 0x03060200
-#define MBEDTLS_VERSION_STRING "3.6.2"
-#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.6.2"
+#define MBEDTLS_VERSION_NUMBER 0x03060100
+#define MBEDTLS_VERSION_STRING "3.6.1"
+#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.6.1"
/* Macros for build-time platform detection */
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index db20aab..e4d8f0d 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -300,7 +300,7 @@
if(USE_SHARED_MBEDTLS_LIBRARY)
set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR})
add_library(${mbedcrypto_target} SHARED ${src_crypto})
- set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.6.2 SOVERSION 16)
+ set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.6.1 SOVERSION 16)
target_link_libraries(${mbedcrypto_target} PUBLIC ${libs})
if(TARGET ${everest_target})
@@ -312,11 +312,11 @@
endif()
add_library(${mbedx509_target} SHARED ${src_x509})
- set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.6.2 SOVERSION 7)
+ set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.6.1 SOVERSION 7)
target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target})
add_library(${mbedtls_target} SHARED ${src_tls})
- set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.6.2 SOVERSION 21)
+ set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.6.1 SOVERSION 21)
target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target})
endif(USE_SHARED_MBEDTLS_LIBRARY)
diff --git a/library/pkwrite.c b/library/pkwrite.c
index 2a69844..5e009c5 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -65,21 +65,17 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
uint8_t tmp[PSA_EXPORT_KEY_PAIR_MAX_SIZE];
- size_t tmp_len = 0;
+ size_t len = 0, tmp_len = 0;
if (psa_export_key(pk->priv_id, tmp, sizeof(tmp), &tmp_len) != PSA_SUCCESS) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
}
- /* Ensure there's enough space in the provided buffer before copying data into it. */
- if (tmp_len > (size_t) (*p - buf)) {
- mbedtls_platform_zeroize(tmp, sizeof(tmp));
- return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
- }
*p -= tmp_len;
memcpy(*p, tmp, tmp_len);
+ len += tmp_len;
mbedtls_platform_zeroize(tmp, sizeof(tmp));
- return (int) tmp_len;
+ return (int) len;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
return mbedtls_rsa_write_key(mbedtls_pk_rsa(*pk), buf, p);
@@ -129,10 +125,6 @@
if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
}
- /* Ensure there's enough space in the provided buffer before copying data into it. */
- if (len > (size_t) (*p - start)) {
- return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
- }
*p -= len;
memcpy(*p, buf, len);
return (int) len;
diff --git a/tests/src/test_certs.h b/tests/src/test_certs.h
index 26cfbc4..d740635 100644
--- a/tests/src/test_certs.h
+++ b/tests/src/test_certs.h
@@ -8,8 +8,8 @@
/* THIS FILE is generated by `framework/scripts/generate_test_cert_macros.py` */
/* *INDENT-OFF* */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca2.crt. */
-/* BEGIN FILE string macro TEST_CA_CRT_EC_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca2.crt */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca2.crt. */
+/* BEGIN FILE string macro TEST_CA_CRT_EC_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca2.crt */
#define TEST_CA_CRT_EC_PEM \
"-----BEGIN CERTIFICATE-----\r\n" \
"MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE\r\n" \
@@ -26,8 +26,8 @@
"-----END CERTIFICATE-----\r\n"
/* END FILE */
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca2.crt.der. */
-/* BEGIN FILE binary macro TEST_CA_CRT_EC_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca2.crt.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca2.crt.der. */
+/* BEGIN FILE binary macro TEST_CA_CRT_EC_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca2.crt.der */
#define TEST_CA_CRT_EC_DER { \
0x30, 0x82, 0x02, 0x07, 0x30, 0x82, 0x01, 0x8b, 0xa0, 0x03, 0x02, 0x01, \
0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, \
@@ -76,8 +76,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca2.key.enc. */
-/* BEGIN FILE string macro TEST_CA_KEY_EC_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca2.key.enc */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca2.key.enc. */
+/* BEGIN FILE string macro TEST_CA_KEY_EC_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca2.key.enc */
#define TEST_CA_KEY_EC_PEM \
"-----BEGIN EC PRIVATE KEY-----\r\n" \
"Proc-Type: 4,ENCRYPTED\r\n" \
@@ -92,8 +92,8 @@
#define TEST_CA_PWD_EC_PEM "PolarSSLTest"
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca2.key.der. */
-/* BEGIN FILE binary macro TEST_CA_KEY_EC_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca2.key.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca2.key.der. */
+/* BEGIN FILE binary macro TEST_CA_KEY_EC_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca2.key.der */
#define TEST_CA_KEY_EC_DER { \
0x30, 0x81, 0xa4, 0x02, 0x01, 0x01, 0x04, 0x30, 0x83, 0xd9, 0x15, 0x0e, \
0xa0, 0x71, 0xf0, 0x57, 0x10, 0x33, 0xa3, 0x38, 0xb8, 0x86, 0xc1, 0xa6, \
@@ -112,8 +112,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca-sha256.crt. */
-/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA256_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca-sha256.crt */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca-sha256.crt. */
+/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA256_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca-sha256.crt */
#define TEST_CA_CRT_RSA_SHA256_PEM \
"-----BEGIN CERTIFICATE-----\r\n" \
"MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
@@ -137,8 +137,8 @@
"-----END CERTIFICATE-----\r\n"
/* END FILE */
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca-sha256.crt.der. */
-/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA256_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca-sha256.crt.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca-sha256.crt.der. */
+/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA256_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca-sha256.crt.der */
#define TEST_CA_CRT_RSA_SHA256_DER { \
0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \
0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \
@@ -213,8 +213,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca-sha1.crt. */
-/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA1_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca-sha1.crt */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca-sha1.crt. */
+/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA1_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca-sha1.crt */
#define TEST_CA_CRT_RSA_SHA1_PEM \
"-----BEGIN CERTIFICATE-----\r\n" \
"MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \
@@ -238,8 +238,8 @@
"-----END CERTIFICATE-----\r\n"
/* END FILE */
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca-sha1.crt.der. */
-/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA1_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca-sha1.crt.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca-sha1.crt.der. */
+/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA1_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca-sha1.crt.der */
#define TEST_CA_CRT_RSA_SHA1_DER { \
0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \
0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \
@@ -314,8 +314,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca.key. */
-/* BEGIN FILE string macro TEST_CA_KEY_RSA_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca.key */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca.key. */
+/* BEGIN FILE string macro TEST_CA_KEY_RSA_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca.key */
#define TEST_CA_KEY_RSA_PEM \
"-----BEGIN RSA PRIVATE KEY-----\r\n" \
"Proc-Type: 4,ENCRYPTED\r\n" \
@@ -351,8 +351,8 @@
#define TEST_CA_PWD_RSA_PEM "PolarSSLTest"
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca.key.der. */
-/* BEGIN FILE binary macro TEST_CA_KEY_RSA_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/test-ca.key.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca.key.der. */
+/* BEGIN FILE binary macro TEST_CA_KEY_RSA_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/test-ca.key.der */
#define TEST_CA_KEY_RSA_DER { \
0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \
0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, 0x86, 0xde, \
@@ -457,8 +457,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server5.crt. */
-/* BEGIN FILE string macro TEST_SRV_CRT_EC_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server5.crt */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server5.crt. */
+/* BEGIN FILE string macro TEST_SRV_CRT_EC_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server5.crt */
#define TEST_SRV_CRT_EC_PEM \
"-----BEGIN CERTIFICATE-----\r\n" \
"MIICIDCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \
@@ -476,8 +476,8 @@
"-----END CERTIFICATE-----\r\n"
/* END FILE */
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server5.crt.der. */
-/* BEGIN FILE binary macro TEST_SRV_CRT_EC_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server5.crt.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server5.crt.der. */
+/* BEGIN FILE binary macro TEST_SRV_CRT_EC_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server5.crt.der */
#define TEST_SRV_CRT_EC_DER { \
0x30, 0x82, 0x02, 0x20, 0x30, 0x82, 0x01, 0xa5, 0xa0, 0x03, 0x02, 0x01, \
0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
@@ -528,8 +528,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server5.key. */
-/* BEGIN FILE string macro TEST_SRV_KEY_EC_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server5.key */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server5.key. */
+/* BEGIN FILE string macro TEST_SRV_KEY_EC_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server5.key */
#define TEST_SRV_KEY_EC_PEM \
"-----BEGIN EC PRIVATE KEY-----\r\n" \
"MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n" \
@@ -538,8 +538,8 @@
"-----END EC PRIVATE KEY-----\r\n"
/* END FILE */
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server5.key.der. */
-/* BEGIN FILE binary macro TEST_SRV_KEY_EC_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server5.key.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server5.key.der. */
+/* BEGIN FILE binary macro TEST_SRV_KEY_EC_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server5.key.der */
#define TEST_SRV_KEY_EC_DER { \
0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf1, 0x2a, 0x13, 0x20, 0x76, \
0x02, 0x70, 0xa8, 0x3c, 0xbf, 0xfd, 0x53, 0xf6, 0x03, 0x1e, 0xf7, 0x6a, \
@@ -555,8 +555,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server2-sha256.crt. */
-/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA256_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server2-sha256.crt */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server2-sha256.crt. */
+/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA256_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server2-sha256.crt */
#define TEST_SRV_CRT_RSA_SHA256_PEM \
"-----BEGIN CERTIFICATE-----\r\n" \
"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
@@ -580,8 +580,8 @@
"-----END CERTIFICATE-----\r\n"
/* END FILE */
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server2-sha256.crt.der. */
-/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA256_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server2-sha256.crt.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server2-sha256.crt.der. */
+/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA256_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server2-sha256.crt.der */
#define TEST_SRV_CRT_RSA_SHA256_DER { \
0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \
0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \
@@ -655,8 +655,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server2.crt. */
-/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA1_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server2.crt */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server2.crt. */
+/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA1_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server2.crt */
#define TEST_SRV_CRT_RSA_SHA1_PEM \
"-----BEGIN CERTIFICATE-----\r\n" \
"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \
@@ -680,8 +680,8 @@
"-----END CERTIFICATE-----\r\n"
/* END FILE */
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server2.crt.der. */
-/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA1_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server2.crt.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server2.crt.der. */
+/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA1_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server2.crt.der */
#define TEST_SRV_CRT_RSA_SHA1_DER { \
0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \
0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \
@@ -755,8 +755,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server2.key. */
-/* BEGIN FILE string macro TEST_SRV_KEY_RSA_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server2.key */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server2.key. */
+/* BEGIN FILE string macro TEST_SRV_KEY_RSA_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server2.key */
#define TEST_SRV_KEY_RSA_PEM \
"-----BEGIN RSA PRIVATE KEY-----\r\n" \
"MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n" \
@@ -787,8 +787,8 @@
"-----END RSA PRIVATE KEY-----\r\n"
/* END FILE */
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server2.key.der. */
-/* BEGIN FILE binary macro TEST_SRV_KEY_RSA_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/server2.key.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server2.key.der. */
+/* BEGIN FILE binary macro TEST_SRV_KEY_RSA_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/server2.key.der */
#define TEST_SRV_KEY_RSA_DER { \
0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \
0xc1, 0x4d, 0xa3, 0xdd, 0xe7, 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, \
@@ -893,8 +893,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli2.crt. */
-/* BEGIN FILE string macro TEST_CLI_CRT_EC_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli2.crt */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli2.crt. */
+/* BEGIN FILE string macro TEST_CLI_CRT_EC_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli2.crt */
#define TEST_CLI_CRT_EC_PEM \
"-----BEGIN CERTIFICATE-----\r\n" \
"MIIB3zCCAWOgAwIBAgIBDTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw\r\n" \
@@ -911,8 +911,8 @@
"-----END CERTIFICATE-----\r\n"
/* END FILE */
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli2.crt.der. */
-/* BEGIN FILE binary macro TEST_CLI_CRT_EC_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli2.crt.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli2.crt.der. */
+/* BEGIN FILE binary macro TEST_CLI_CRT_EC_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli2.crt.der */
#define TEST_CLI_CRT_EC_DER { \
0x30, 0x82, 0x01, 0xdf, 0x30, 0x82, 0x01, 0x63, 0xa0, 0x03, 0x02, 0x01, \
0x02, 0x02, 0x01, 0x0d, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \
@@ -958,8 +958,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli2.key. */
-/* BEGIN FILE string macro TEST_CLI_KEY_EC_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli2.key */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli2.key. */
+/* BEGIN FILE string macro TEST_CLI_KEY_EC_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli2.key */
#define TEST_CLI_KEY_EC_PEM \
"-----BEGIN EC PRIVATE KEY-----\r\n" \
"MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n" \
@@ -968,8 +968,8 @@
"-----END EC PRIVATE KEY-----\r\n"
/* END FILE */
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli2.key.der. */
-/* BEGIN FILE binary macro TEST_CLI_KEY_EC_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli2.key.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli2.key.der. */
+/* BEGIN FILE binary macro TEST_CLI_KEY_EC_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli2.key.der */
#define TEST_CLI_KEY_EC_DER { \
0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf6, 0xf7, 0x86, 0x64, 0xf1, \
0x67, 0x7f, 0xe6, 0x64, 0x8d, 0xef, 0xca, 0x4e, 0xe9, 0xdd, 0x4d, 0xf0, \
@@ -985,8 +985,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli-rsa-sha256.crt. */
-/* BEGIN FILE string macro TEST_CLI_CRT_RSA_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli-rsa-sha256.crt */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli-rsa-sha256.crt. */
+/* BEGIN FILE string macro TEST_CLI_CRT_RSA_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli-rsa-sha256.crt */
#define TEST_CLI_CRT_RSA_PEM \
"-----BEGIN CERTIFICATE-----\r\n" \
"MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \
@@ -1010,8 +1010,8 @@
"-----END CERTIFICATE-----\r\n"
/* END FILE */
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli-rsa-sha256.crt.der. */
-/* BEGIN FILE binary macro TEST_CLI_CRT_RSA_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli-rsa-sha256.crt.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli-rsa-sha256.crt.der. */
+/* BEGIN FILE binary macro TEST_CLI_CRT_RSA_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli-rsa-sha256.crt.der */
#define TEST_CLI_CRT_RSA_DER { \
0x30, 0x82, 0x03, 0x3f, 0x30, 0x82, 0x02, 0x27, 0xa0, 0x03, 0x02, 0x01, \
0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \
@@ -1086,8 +1086,8 @@
}
/* END FILE */
-/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli-rsa.key. */
-/* BEGIN FILE string macro TEST_CLI_KEY_RSA_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli-rsa.key */
+/* This is taken from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli-rsa.key. */
+/* BEGIN FILE string macro TEST_CLI_KEY_RSA_PEM /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli-rsa.key */
#define TEST_CLI_KEY_RSA_PEM \
"-----BEGIN RSA PRIVATE KEY-----\r\n" \
"MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n" \
@@ -1118,8 +1118,8 @@
"-----END RSA PRIVATE KEY-----\r\n"
/* END FILE */
-/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli-rsa.key.der. */
-/* BEGIN FILE binary macro TEST_CLI_KEY_RSA_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/mbedtls/framework/data_files/cli-rsa.key.der */
+/* This is generated from /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli-rsa.key.der. */
+/* BEGIN FILE binary macro TEST_CLI_KEY_RSA_DER /home/davhor01/seclibs/misc/mbedtls-prepare-release/tmp-3.6.1-release-creation-mbedtls/framework/data_files/cli-rsa.key.der */
#define TEST_CLI_KEY_RSA_DER { \
0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \
0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, 0x45, 0xd9, 0x14, \
diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function
index 3392528..735c125 100644
--- a/tests/suites/test_suite_pkwrite.function
+++ b/tests/suites/test_suite_pkwrite.function
@@ -2,7 +2,6 @@
#include "pk_internal.h"
#include "mbedtls/pem.h"
#include "mbedtls/oid.h"
-#include "mbedtls/base64.h"
#include "psa/crypto_sizes.h"
typedef enum {
@@ -73,8 +72,7 @@
unsigned char *buf = NULL;
unsigned char *check_buf = NULL;
unsigned char *start_buf;
- size_t buf_len, check_buf_len, wrong_buf_len = 1;
- int expected_result;
+ size_t buf_len, check_buf_len;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t opaque_id = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
@@ -111,17 +109,6 @@
start_buf = buf;
buf_len = check_buf_len;
- if (is_der) {
- expected_result = MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
- } else {
- expected_result = MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
- }
- /* Intentionally pass a wrong size for the provided output buffer and check
- * that the writing functions fails as expected. */
- TEST_EQUAL(pk_write_any_key(&key, &start_buf, &wrong_buf_len, is_public_key,
- is_der), expected_result);
- TEST_EQUAL(pk_write_any_key(&key, &start_buf, &buf_len, is_public_key,
- is_der), 0);
TEST_EQUAL(pk_write_any_key(&key, &start_buf, &buf_len, is_public_key,
is_der), 0);
@@ -140,10 +127,6 @@
TEST_EQUAL(mbedtls_pk_setup_opaque(&key, opaque_id), 0);
start_buf = buf;
buf_len = check_buf_len;
- /* Intentionally pass a wrong size for the provided output buffer and check
- * that the writing functions fails as expected. */
- TEST_EQUAL(pk_write_any_key(&key, &start_buf, &wrong_buf_len, is_public_key,
- is_der), expected_result);
TEST_EQUAL(pk_write_any_key(&key, &start_buf, &buf_len, is_public_key,
is_der), 0);
diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data
index cc71a4e..670e06b 100644
--- a/tests/suites/test_suite_version.data
+++ b/tests/suites/test_suite_version.data
@@ -1,8 +1,8 @@
Check compile time library version
-check_compiletime_version:"3.6.2"
+check_compiletime_version:"3.6.1"
Check runtime library version
-check_runtime_version:"3.6.2"
+check_runtime_version:"3.6.1"
Check for MBEDTLS_VERSION_C
check_feature:"MBEDTLS_VERSION_C":0