Merge branch 'speedup_tests'
Pull Request #533 - Use MAKEFLAGS to pass args to make in all.sh
Modify the script at tests/scripts/all.sh to export the variable
MAKEFLAGS with -j if it was not set before. This should decrease the
total runtime of tests/scripts/all.sh by letting make run multiple jobs
in parallel. Also, add a check at the top of the script to cause a
failure if the environment is not Linux.w
diff --git a/CMakeLists.txt b/CMakeLists.txt
index a7ebfc1..3e47224 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -92,7 +92,9 @@
endif(CMAKE_COMPILER_IS_CLANG)
if(MSVC)
- set(CMAKE_C_FLAGS_CHECK "/WX")
+ # Strictest warnings, and treat as errors
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3")
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX")
endif(MSVC)
if(CMAKE_BUILD_TYPE STREQUAL "Coverage")
diff --git a/ChangeLog b/ChangeLog
index a4f98ce..0a857ba 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,8 +1,28 @@
mbed TLS ChangeLog (Sorted per branch, date)
-= mbed TLS 2.3.x branch released 2016-xx-xx
+= mbed TLS 2.4.1 branch released 2016-12-13
+
+Changes
+ * Update to CMAC test data, taken from - NIST Special Publication 800-38B -
+ Recommendation for Block Cipher Modes of Operation: The CMAC Mode for
+ Authentication – October 2016
+
+= mbed TLS 2.4.0 branch released 2016-10-17
+
+Security
+ * Removed the MBEDTLS_SSL_AEAD_RANDOM_IV option, because it was not compliant
+ with RFC-5116 and could lead to session key recovery in very long TLS
+ sessions. "Nonce-Disrespecting Adversaries Practical Forgery Attacks on GCM in
+ TLS" - H. Bock, A. Zauner, S. Devlin, J. Somorovsky, P. Jovanovic.
+ https://eprint.iacr.org/2016/475.pdf
+ * Fixed potential stack corruption in mbedtls_x509write_crt_der() and
+ mbedtls_x509write_csr_der() when the signature is copied to the buffer
+ without checking whether there is enough space in the destination. The
+ issue cannot be triggered remotely. Found by Jethro Beekman.
Features
+ * Added support for CMAC for AES and 3DES and AES-CMAC-PRF-128, as defined by
+ NIST SP 800-38B, RFC-4493 and RFC-4615.
* Added hardware entropy selftest to verify that the hardware entropy source
is functioning correctly.
* Added a script to print build environment info for diagnostic use in test
@@ -10,18 +30,46 @@
* Added the macro MBEDTLS_X509_MAX_FILE_PATH_LEN that enables the user to
configure the maximum length of a file path that can be buffered when
calling mbedtls_x509_crt_parse_path().
+ * Added a configuration file config-no-entropy.h that configures the subset of
+ library features that do not require an entropy source.
+ * Added the macro MBEDTLS_ENTROPY_MIN_HARDWARE in config.h. This allows users
+ to configure the minimum number of bytes for entropy sources using the
+ mbedtls_hardware_poll() function.
Bugfix
* Fix for platform time abstraction to avoid dependency issues where a build
may need time but not the standard C library abstraction, and added
configuration consistency checks to check_config.h
* Fix dependency issue in Makefile to allow parallel builds.
- * Fix incorrect handling of block lengths in crypt_and_hash sample program,
- when GCM is used. #441
+ * Fix incorrect handling of block lengths in crypt_and_hash.c sample program,
+ when GCM is used. Found by udf2457. #441
* Fix for key exchanges based on ECDH-RSA or ECDH-ECDSA which weren't
enabled unless others were also present. Found by David Fernandez. #428
* Fix for out-of-tree builds using CMake. Found by jwurzer, and fix based on
a contribution from Tobias Tangemann. #541
+ * Fixed cert_app.c sample program for debug output and for use when no root
+ certificates are provided.
+ * Fix conditional statement that would cause a 1 byte overread in
+ mbedtls_asn1_get_int(). Found and fixed by Guido Vranken. #599
+ * Fixed pthread implementation to avoid unintended double initialisations
+ and double frees. Found by Niklas Amnebratt.
+ * Fixed the sample applications gen_key.c, cert_req.c and cert_write.c for
+ builds where the configuration MBEDTLS_PEM_WRITE_C is not defined. Found
+ by inestlerode. #559.
+ * Fix mbedtls_x509_get_sig() to update the ASN1 type in the mbedtls_x509_buf
+ data structure until after error checks are successful. Found by
+ subramanyam-c. #622
+ * Fix documentation and implementation missmatch for function arguments of
+ mbedtls_gcm_finish(). Found by cmiatpaar. #602
+ * Guarantee that P>Q at RSA key generation. Found by inestlerode. #558
+ * Fix potential byte overread when verifying malformed SERVER_HELLO in
+ ssl_parse_hello_verify_request() for DTLS. Found by Guido Vranken.
+ * Fix check for validity of date when parsing in mbedtls_x509_get_time().
+ Found by subramanyam-c. #626
+ * Fix compatibility issue with Internet Explorer client authentication,
+ where the limited hash choices prevented the client from sending its
+ certificate. Found by teumas. #513
+ * Fix compilation without MBEDTLS_SELF_TEST enabled.
Changes
* Extended test coverage of special cases, and added new timing test suite.
@@ -32,7 +80,13 @@
* Added support for a Yotta specific configuration file -
through the symbol YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE.
* Added optimization for code space for X.509/OID based on configured
- features. (contributed by Aviv Palivoda)
+ features. Contributed by Aviv Palivoda.
+ * Renamed source file library/net.c to library/net_sockets.c to avoid
+ naming collision in projects which also have files with the common name
+ net.c. For consistency, the corresponding header file, net.h, is marked as
+ deprecated, and its contents moved to net_sockets.h.
+ * Changed the strategy for X.509 certificate parsing and validation, to no
+ longer disregard certificates with unrecognised fields.
= mbed TLS 2.3.0 branch released 2016-06-28
diff --git a/README.md b/README.md
index 3bae47d..f069d98 100644
--- a/README.md
+++ b/README.md
@@ -165,7 +165,7 @@
- We would ask that contributions conform to [our coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards), and that contributions should be fully tested before submission.
- As with any open source project, contributions will be reviewed by the project team and community and may need some modifications to be accepted.
-To accept the Contributor’s Licence Agreement (CLA), individual contributors can do this by creating an mbed account and [accepting the online agreement here with a click through](https://developer.mbed.org/contributor_agreement/). Alternatively, for contributions from corporations, or those that do not wish to create an mbed account, a slightly different agreeement can be found [here](https://www.mbed.com/en/about-mbed/contributor-license-agreements/). This agreement should be signed and returned to ARM as described in the instructions given.
+To accept the Contributor’s Licence Agreement (CLA), individual contributors can do this by creating an mbed account and [accepting the online agreement here with a click through](https://developer.mbed.org/contributor_agreement/). Alternatively, for contributions from corporations, or those that do not wish to create an mbed account, a slightly different agreement can be found [here](https://www.mbed.com/en/about-mbed/contributor-license-agreements/). This agreement should be signed and returned to ARM as described in the instructions given.
### Making a Contribution
diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h
new file mode 100644
index 0000000..95f17d4
--- /dev/null
+++ b/configs/config-no-entropy.h
@@ -0,0 +1,85 @@
+/**
+ * Minimal configuration of features that do not require an entropy source
+ *
+ * Copyright (C) 2016, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ * Minimal configuration of features that do not require an entropy source
+ * Distinguishing reatures:
+ * - no entropy module
+ * - no TLS protocol implementation available due to absence of an entropy
+ * source
+ *
+ * See README.txt for usage instructions.
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+/* System support */
+#define MBEDTLS_HAVE_ASM
+#define MBEDTLS_HAVE_TIME
+
+/* mbed TLS feature support */
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_CIPHER_PADDING_PKCS7
+#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define MBEDTLS_ECP_NIST_OPTIM
+#define MBEDTLS_ECDSA_DETERMINISTIC
+#define MBEDTLS_PK_RSA_ALT_SUPPORT
+#define MBEDTLS_PKCS1_V15
+#define MBEDTLS_PKCS1_V21
+#define MBEDTLS_SELF_TEST
+#define MBEDTLS_VERSION_FEATURES
+#define MBEDTLS_X509_CHECK_KEY_USAGE
+#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+
+/* mbed TLS modules */
+#define MBEDTLS_AES_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_CCM_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ERROR_C
+#define MBEDTLS_GCM_C
+#define MBEDTLS_HMAC_DRBG_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PEM_PARSE_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_WRITE_C
+#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_RSA_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA512_C
+#define MBEDTLS_VERSION_C
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_X509_CRT_PARSE_C
+#define MBEDTLS_X509_CRL_PARSE_C
+
+#include "check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/configs/config-thread.h b/configs/config-thread.h
index 3193a04..990fe08 100644
--- a/configs/config-thread.h
+++ b/configs/config-thread.h
@@ -57,6 +57,7 @@
#define MBEDTLS_CCM_C
#define MBEDTLS_CIPHER_C
#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_CMAC_C
#define MBEDTLS_ECJPAKE_C
#define MBEDTLS_ECP_C
#define MBEDTLS_ENTROPY_C
diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h
index b13083c..0794167 100644
--- a/doxygen/input/doc_mainpage.h
+++ b/doxygen/input/doc_mainpage.h
@@ -21,7 +21,7 @@
*/
/**
- * @mainpage mbed TLS v2.3.0 source code documentation
+ * @mainpage mbed TLS v2.4.1 source code documentation
*
* This documentation describes the internal structure of mbed TLS. It was
* automatically generated from specially formatted comment blocks in
diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index 253e184..e58794e 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -28,7 +28,7 @@
# identify the project. Note that if you do not use Doxywizard you need
# to put quotes around the project name if it contains spaces.
-PROJECT_NAME = "mbed TLS v2.3.0"
+PROJECT_NAME = "mbed TLS v2.4.1"
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
# This could be handy for archiving the generated documentation or
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 75cdcbc..fe86c1e 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -77,6 +77,11 @@
#error "MBEDTLS_DHM_C defined, but not all prerequisites"
#endif
+#if defined(MBEDTLS_CMAC_C) && \
+ !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C)
+#error "MBEDTLS_CMAC_C defined, but not all prerequisites"
+#endif
+
#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C)
#error "MBEDTLS_ECDH_C defined, but not all prerequisites"
#endif
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index c967554..b12e388 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -177,6 +177,11 @@
typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
/**
+ * CMAC context (opaque struct).
+ */
+typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
+
+/**
* Cipher information. Allows cipher functions to be called in a generic way.
*/
typedef struct {
@@ -241,6 +246,11 @@
/** Cipher-specific context */
void *cipher_ctx;
+
+#if defined(MBEDTLS_CMAC_C)
+ /** CMAC Specific context */
+ mbedtls_cmac_context_t *cmac_ctx;
+#endif
} mbedtls_cipher_context_t;
/**
diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
new file mode 100644
index 0000000..9a2b96b
--- /dev/null
+++ b/include/mbedtls/cmac.h
@@ -0,0 +1,170 @@
+/**
+ * \file cmac.h
+ *
+ * \brief Cipher-based Message Authentication Code (CMAC) Mode for
+ * Authentication
+ *
+ * Copyright (C) 2015-2016, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_CMAC_H
+#define MBEDTLS_CMAC_H
+
+#include "mbedtls/cipher.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define MBEDTLS_AES_BLOCK_SIZE 16
+#define MBEDTLS_DES3_BLOCK_SIZE 8
+
+#if defined(MBEDTLS_AES_C)
+#define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /* longest used by CMAC is AES */
+#else
+#define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /* longest used by CMAC is 3DES */
+#endif
+
+/**
+ * CMAC context structure - Contains internal state information only
+ */
+struct mbedtls_cmac_context_t
+{
+ /** Internal state of the CMAC algorithm */
+ unsigned char state[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+ /** Unprocessed data - either data that was not block aligned and is still
+ * pending to be processed, or the final block */
+ unsigned char unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+ /** Length of data pending to be processed */
+ size_t unprocessed_len;
+};
+
+/**
+ * \brief Set the CMAC key and prepare to authenticate the input
+ * data.
+ * Should be called with an initialized cipher context.
+ *
+ * \param ctx Cipher context. This should be a cipher context,
+ * initialized to be one of the following types:
+ * MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_CIPHER_AES_192_ECB,
+ * MBEDTLS_CIPHER_AES_256_ECB or
+ * MBEDTLS_CIPHER_DES_EDE3_ECB.
+ * \param key CMAC key
+ * \param keybits length of the CMAC key in bits
+ * (must be acceptable by the cipher)
+ *
+ * \return 0 if successful, or a cipher specific error code
+ */
+int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
+ const unsigned char *key, size_t keybits );
+
+/**
+ * \brief Generic CMAC process buffer.
+ * Called between mbedtls_cipher_cmac_starts() or
+ * mbedtls_cipher_cmac_reset() and
+ * mbedtls_cipher_cmac_finish().
+ * May be called repeatedly.
+ *
+ * \param ctx CMAC context
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ *
+ * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
+ * verification fails.
+ */
+int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
+ const unsigned char *input, size_t ilen );
+
+/**
+ * \brief Output CMAC.
+ * Called after mbedtls_cipher_cmac_update().
+ * Usually followed by mbedtls_cipher_cmac_reset(), then
+ * mbedtls_cipher_cmac_starts(), or mbedtls_cipher_free().
+ *
+ * \param ctx CMAC context
+ * \param output Generic CMAC checksum result
+ *
+ * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
+ * verification fails.
+ */
+int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
+ unsigned char *output );
+
+/**
+ * \brief Prepare to authenticate a new message with the same key.
+ * Called after mbedtls_cipher_cmac_finish() and before
+ * mbedtls_cipher_cmac_update().
+ *
+ * \param ctx CMAC context to be reset
+ *
+ * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
+ * verification fails.
+ */
+int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
+
+/**
+ * \brief Output = Generic_CMAC( cmac key, input buffer )
+ *
+ * \param cipher_info message digest info
+ * \param key CMAC key
+ * \param keylen length of the CMAC key in bits
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ * \param output Generic CMAC-result
+ *
+ * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
+ * verification fails.
+ */
+int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
+ const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output );
+
+#if defined(MBEDTLS_AES_C)
+/**
+ * \brief AES-CMAC-128-PRF
+ * Implementation of (AES-CMAC-PRF-128), as defined in RFC 4615
+ *
+ * \param key PRF key
+ * \param key_len PRF key length in bytes
+ * \param input buffer holding the input data
+ * \param in_len length of the input data in bytes
+ * \param output buffer holding the generated pseudorandom output (16 bytes)
+ *
+ * \return 0 if successful
+ */
+int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
+ const unsigned char *input, size_t in_len,
+ unsigned char output[16] );
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
+/**
+ * \brief Checkup routine
+ *
+ * \return 0 if successful, or 1 if the test failed
+ */
+int mbedtls_cmac_self_test( int verbose );
+#endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_CMAC_H */
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 8d7d631..0f7e29b 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -941,18 +941,6 @@
//#define MBEDTLS_SHA256_SMALLER
/**
- * \def MBEDTLS_SSL_AEAD_RANDOM_IV
- *
- * Generate a random IV rather than using the record sequence number as a
- * nonce for ciphersuites using and AEAD algorithm (GCM or CCM).
- *
- * Using the sequence number is generally recommended.
- *
- * Uncomment this macro to always use random IVs with AEAD ciphersuites.
- */
-//#define MBEDTLS_SSL_AEAD_RANDOM_IV
-
-/**
* \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
*
* Enable sending of alert messages in case of encountered errors as per RFC.
@@ -1537,7 +1525,7 @@
* library/pkwrite.c
* library/x509_create.c
* library/x509write_crt.c
- * library/mbedtls_x509write_csr.c
+ * library/x509write_csr.c
*/
#define MBEDTLS_ASN1_WRITE_C
@@ -1672,6 +1660,19 @@
#define MBEDTLS_CIPHER_C
/**
+ * \def MBEDTLS_CMAC_C
+ *
+ * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
+ * ciphers.
+ *
+ * Module: library/cmac.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
+ *
+ */
+//#define MBEDTLS_CMAC_C
+
+/**
* \def MBEDTLS_CTR_DRBG_C
*
* Enable the CTR_DRBG AES-256-based random generator.
@@ -1885,7 +1886,7 @@
*
* Enable the generic message digest layer.
*
- * Module: library/mbedtls_md.c
+ * Module: library/md.c
* Caller:
*
* Uncomment to enable generic message digest wrappers.
@@ -1897,7 +1898,7 @@
*
* Enable the MD2 hash algorithm.
*
- * Module: library/mbedtls_md2.c
+ * Module: library/md2.c
* Caller:
*
* Uncomment to enable support for (rare) MD2-signed X.509 certs.
@@ -1909,7 +1910,7 @@
*
* Enable the MD4 hash algorithm.
*
- * Module: library/mbedtls_md4.c
+ * Module: library/md4.c
* Caller:
*
* Uncomment to enable support for (rare) MD4-signed X.509 certs.
@@ -1921,8 +1922,8 @@
*
* Enable the MD5 hash algorithm.
*
- * Module: library/mbedtls_md5.c
- * Caller: library/mbedtls_md.c
+ * Module: library/md5.c
+ * Caller: library/md.c
* library/pem.c
* library/ssl_tls.c
*
@@ -1960,7 +1961,7 @@
* environment:
* https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
*
- * Module: library/net.c
+ * Module: library/net_sockets.c
*
* This module provides networking routines.
*/
@@ -1979,11 +1980,11 @@
* library/rsa.c
* library/x509.c
* library/x509_create.c
- * library/mbedtls_x509_crl.c
- * library/mbedtls_x509_crt.c
- * library/mbedtls_x509_csr.c
+ * library/x509_crl.c
+ * library/x509_crt.c
+ * library/x509_csr.c
* library/x509write_crt.c
- * library/mbedtls_x509write_csr.c
+ * library/x509write_csr.c
*
* This modules translates between OIDs and internal values.
*/
@@ -2011,9 +2012,9 @@
* Module: library/pem.c
* Caller: library/dhm.c
* library/pkparse.c
- * library/mbedtls_x509_crl.c
- * library/mbedtls_x509_crt.c
- * library/mbedtls_x509_csr.c
+ * library/x509_crl.c
+ * library/x509_crt.c
+ * library/x509_csr.c
*
* Requires: MBEDTLS_BASE64_C
*
@@ -2029,7 +2030,7 @@
* Module: library/pem.c
* Caller: library/pkwrite.c
* library/x509write_crt.c
- * library/mbedtls_x509write_csr.c
+ * library/x509write_csr.c
*
* Requires: MBEDTLS_BASE64_C
*
@@ -2059,8 +2060,8 @@
* Enable the generic public (asymetric) key parser.
*
* Module: library/pkparse.c
- * Caller: library/mbedtls_x509_crt.c
- * library/mbedtls_x509_csr.c
+ * Caller: library/x509_crt.c
+ * library/x509_csr.c
*
* Requires: MBEDTLS_PK_C
*
@@ -2151,8 +2152,8 @@
*
* Enable the RIPEMD-160 hash algorithm.
*
- * Module: library/mbedtls_ripemd160.c
- * Caller: library/mbedtls_md.c
+ * Module: library/ripemd160.c
+ * Caller: library/md.c
*
*/
#define MBEDTLS_RIPEMD160_C
@@ -2180,8 +2181,8 @@
*
* Enable the SHA1 cryptographic hash algorithm.
*
- * Module: library/mbedtls_sha1.c
- * Caller: library/mbedtls_md.c
+ * Module: library/sha1.c
+ * Caller: library/md.c
* library/ssl_cli.c
* library/ssl_srv.c
* library/ssl_tls.c
@@ -2196,9 +2197,9 @@
*
* Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
*
- * Module: library/mbedtls_sha256.c
+ * Module: library/sha256.c
* Caller: library/entropy.c
- * library/mbedtls_md.c
+ * library/md.c
* library/ssl_cli.c
* library/ssl_srv.c
* library/ssl_tls.c
@@ -2213,9 +2214,9 @@
*
* Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
*
- * Module: library/mbedtls_sha512.c
+ * Module: library/sha512.c
* Caller: library/entropy.c
- * library/mbedtls_md.c
+ * library/md.c
* library/ssl_cli.c
* library/ssl_srv.c
*
@@ -2363,9 +2364,9 @@
* Enable X.509 core for using certificates.
*
* Module: library/x509.c
- * Caller: library/mbedtls_x509_crl.c
- * library/mbedtls_x509_crt.c
- * library/mbedtls_x509_csr.c
+ * Caller: library/x509_crl.c
+ * library/x509_crt.c
+ * library/x509_csr.c
*
* Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
* MBEDTLS_PK_PARSE_C
@@ -2379,7 +2380,7 @@
*
* Enable X.509 certificate parsing.
*
- * Module: library/mbedtls_x509_crt.c
+ * Module: library/x509_crt.c
* Caller: library/ssl_cli.c
* library/ssl_srv.c
* library/ssl_tls.c
@@ -2395,8 +2396,8 @@
*
* Enable X.509 CRL parsing.
*
- * Module: library/mbedtls_x509_crl.c
- * Caller: library/mbedtls_x509_crt.c
+ * Module: library/x509_crl.c
+ * Caller: library/x509_crt.c
*
* Requires: MBEDTLS_X509_USE_C
*
@@ -2409,7 +2410,7 @@
*
* Enable X.509 Certificate Signing Request (CSR) parsing.
*
- * Module: library/mbedtls_x509_csr.c
+ * Module: library/x509_csr.c
* Caller: library/x509_crt_write.c
*
* Requires: MBEDTLS_X509_USE_C
@@ -2509,6 +2510,7 @@
/* Entropy options */
//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
//#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
+//#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
/* Memory buffer allocator options */
//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
diff --git a/include/mbedtls/entropy_poll.h b/include/mbedtls/entropy_poll.h
index 430e865..81258d5 100644
--- a/include/mbedtls/entropy_poll.h
+++ b/include/mbedtls/entropy_poll.h
@@ -41,7 +41,9 @@
#define MBEDTLS_ENTROPY_MIN_PLATFORM 32 /**< Minimum for platform source */
#define MBEDTLS_ENTROPY_MIN_HAVEGE 32 /**< Minimum for HAVEGE */
#define MBEDTLS_ENTROPY_MIN_HARDCLOCK 4 /**< Minimum for mbedtls_timing_hardclock() */
+#if !defined(MBEDTLS_ENTROPY_MIN_HARDWARE)
#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */
+#endif
/**
* \brief Entropy poll callback that provides 0 entropy.
diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index 6743ac9..1b77aae 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@@ -190,8 +190,8 @@
* 16 bytes.
*
* \param ctx GCM context
- * \param tag buffer for holding the tag (may be NULL if tag_len is 0)
- * \param tag_len length of the tag to generate
+ * \param tag buffer for holding the tag
+ * \param tag_len length of the tag to generate (must be at least 4)
*
* \return 0 if successful or MBEDTLS_ERR_GCM_BAD_INPUT
*/
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index b902355..9b996a9 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -304,8 +304,8 @@
/**
* \brief Output HMAC.
* Called after mbedtls_md_hmac_update().
- * Usually followed my mbedtls_md_hmac_reset(), mbedtls_md_hmac_starts(),
- * or mbedtls_md_free().
+ * Usually followed by mbedtls_md_hmac_reset(),
+ * mbedtls_md_hmac_starts(), or mbedtls_md_free().
*
* \param ctx HMAC context
* \param output Generic HMAC checksum result
@@ -317,7 +317,8 @@
/**
* \brief Prepare to authenticate a new message with the same key.
- * Called after mbedtls_md_hmac_finish() and before mbedtls_md_hmac_update().
+ * Called after mbedtls_md_hmac_finish() and before
+ * mbedtls_md_hmac_update().
*
* \param ctx HMAC context to be reset
*
diff --git a/include/mbedtls/net.h b/include/mbedtls/net.h
index 8c6534c..774559b 100644
--- a/include/mbedtls/net.h
+++ b/include/mbedtls/net.h
@@ -1,9 +1,9 @@
/**
* \file net.h
*
- * \brief Network communication functions
+ * \brief Deprecated header file that includes mbedtls/net_sockets.h
*
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
@@ -19,207 +19,13 @@
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
+ *
+ * \deprecated Superseded by mbedtls/net_sockets.h
*/
-#ifndef MBEDTLS_NET_H
-#define MBEDTLS_NET_H
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "ssl.h"
-
-#include <stddef.h>
-#include <stdint.h>
-
-#define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */
-#define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */
-#define MBEDTLS_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */
-#define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */
-#define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */
-#define MBEDTLS_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */
-#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */
-#define MBEDTLS_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */
-#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052 /**< Failed to get an IP address for the given hostname. */
-#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043 /**< Buffer is too small to hold the data. */
-#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045 /**< The context is invalid, eg because it was free()ed. */
-
-#define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */
-
-#define MBEDTLS_NET_PROTO_TCP 0 /**< The TCP transport protocol */
-#define MBEDTLS_NET_PROTO_UDP 1 /**< The UDP transport protocol */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * Wrapper type for sockets.
- *
- * Currently backed by just a file descriptor, but might be more in the future
- * (eg two file descriptors for combined IPv4 + IPv6 support, or additional
- * structures for hand-made UDP demultiplexing).
- */
-typedef struct
-{
- int fd; /**< The underlying file descriptor */
-}
-mbedtls_net_context;
-
-/**
- * \brief Initialize a context
- * Just makes the context ready to be used or freed safely.
- *
- * \param ctx Context to initialize
- */
-void mbedtls_net_init( mbedtls_net_context *ctx );
-
-/**
- * \brief Initiate a connection with host:port in the given protocol
- *
- * \param ctx Socket to use
- * \param host Host to connect to
- * \param port Port to connect to
- * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP
- *
- * \return 0 if successful, or one of:
- * MBEDTLS_ERR_NET_SOCKET_FAILED,
- * MBEDTLS_ERR_NET_UNKNOWN_HOST,
- * MBEDTLS_ERR_NET_CONNECT_FAILED
- *
- * \note Sets the socket in connected mode even with UDP.
- */
-int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto );
-
-/**
- * \brief Create a receiving socket on bind_ip:port in the chosen
- * protocol. If bind_ip == NULL, all interfaces are bound.
- *
- * \param ctx Socket to use
- * \param bind_ip IP to bind to, can be NULL
- * \param port Port number to use
- * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP
- *
- * \return 0 if successful, or one of:
- * MBEDTLS_ERR_NET_SOCKET_FAILED,
- * MBEDTLS_ERR_NET_BIND_FAILED,
- * MBEDTLS_ERR_NET_LISTEN_FAILED
- *
- * \note Regardless of the protocol, opens the sockets and binds it.
- * In addition, make the socket listening if protocol is TCP.
- */
-int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto );
-
-/**
- * \brief Accept a connection from a remote client
- *
- * \param bind_ctx Relevant socket
- * \param client_ctx Will contain the connected client socket
- * \param client_ip Will contain the client IP address
- * \param buf_size Size of the client_ip buffer
- * \param ip_len Will receive the size of the client IP written
- *
- * \return 0 if successful, or
- * MBEDTLS_ERR_NET_ACCEPT_FAILED, or
- * MBEDTLS_ERR_NET_BUFFER_TOO_SMALL if buf_size is too small,
- * MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to
- * non-blocking and accept() would block.
- */
-int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
- mbedtls_net_context *client_ctx,
- void *client_ip, size_t buf_size, size_t *ip_len );
-
-/**
- * \brief Set the socket blocking
- *
- * \param ctx Socket to set
- *
- * \return 0 if successful, or a non-zero error code
- */
-int mbedtls_net_set_block( mbedtls_net_context *ctx );
-
-/**
- * \brief Set the socket non-blocking
- *
- * \param ctx Socket to set
- *
- * \return 0 if successful, or a non-zero error code
- */
-int mbedtls_net_set_nonblock( mbedtls_net_context *ctx );
-
-/**
- * \brief Portable usleep helper
- *
- * \param usec Amount of microseconds to sleep
- *
- * \note Real amount of time slept will not be less than
- * select()'s timeout granularity (typically, 10ms).
- */
-void mbedtls_net_usleep( unsigned long usec );
-
-/**
- * \brief Read at most 'len' characters. If no error occurs,
- * the actual amount read is returned.
- *
- * \param ctx Socket
- * \param buf The buffer to write to
- * \param len Maximum length of the buffer
- *
- * \return the number of bytes received,
- * or a non-zero error code; with a non-blocking socket,
- * MBEDTLS_ERR_SSL_WANT_READ indicates read() would block.
- */
-int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len );
-
-/**
- * \brief Write at most 'len' characters. If no error occurs,
- * the actual amount read is returned.
- *
- * \param ctx Socket
- * \param buf The buffer to read from
- * \param len The length of the buffer
- *
- * \return the number of bytes sent,
- * or a non-zero error code; with a non-blocking socket,
- * MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block.
- */
-int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len );
-
-/**
- * \brief Read at most 'len' characters, blocking for at most
- * 'timeout' seconds. If no error occurs, the actual amount
- * read is returned.
- *
- * \param ctx Socket
- * \param buf The buffer to write to
- * \param len Maximum length of the buffer
- * \param timeout Maximum number of milliseconds to wait for data
- * 0 means no timeout (wait forever)
- *
- * \return the number of bytes received,
- * or a non-zero error code:
- * MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out,
- * MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal.
- *
- * \note This function will block (until data becomes available or
- * timeout is reached) even if the socket is set to
- * non-blocking. Handling timeouts with non-blocking reads
- * requires a different strategy.
- */
-int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
- uint32_t timeout );
-
-/**
- * \brief Gracefully shutdown the connection and free associated data
- *
- * \param ctx The context to free
- */
-void mbedtls_net_free( mbedtls_net_context *ctx );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* net.h */
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#include "mbedtls/net_sockets.h"
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#warning "Deprecated header file: Superseded by mbedtls/net_sockets.h"
+#endif /* MBEDTLS_DEPRECATED_WARNING */
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h
new file mode 100644
index 0000000..de33552
--- /dev/null
+++ b/include/mbedtls/net_sockets.h
@@ -0,0 +1,225 @@
+/**
+ * \file net_sockets.h
+ *
+ * \brief Network communication functions
+ *
+ * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_NET_SOCKETS_H
+#define MBEDTLS_NET_SOCKETS_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "ssl.h"
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */
+#define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */
+#define MBEDTLS_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */
+#define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */
+#define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */
+#define MBEDTLS_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */
+#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */
+#define MBEDTLS_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */
+#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052 /**< Failed to get an IP address for the given hostname. */
+#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043 /**< Buffer is too small to hold the data. */
+#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045 /**< The context is invalid, eg because it was free()ed. */
+
+#define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */
+
+#define MBEDTLS_NET_PROTO_TCP 0 /**< The TCP transport protocol */
+#define MBEDTLS_NET_PROTO_UDP 1 /**< The UDP transport protocol */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Wrapper type for sockets.
+ *
+ * Currently backed by just a file descriptor, but might be more in the future
+ * (eg two file descriptors for combined IPv4 + IPv6 support, or additional
+ * structures for hand-made UDP demultiplexing).
+ */
+typedef struct
+{
+ int fd; /**< The underlying file descriptor */
+}
+mbedtls_net_context;
+
+/**
+ * \brief Initialize a context
+ * Just makes the context ready to be used or freed safely.
+ *
+ * \param ctx Context to initialize
+ */
+void mbedtls_net_init( mbedtls_net_context *ctx );
+
+/**
+ * \brief Initiate a connection with host:port in the given protocol
+ *
+ * \param ctx Socket to use
+ * \param host Host to connect to
+ * \param port Port to connect to
+ * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP
+ *
+ * \return 0 if successful, or one of:
+ * MBEDTLS_ERR_NET_SOCKET_FAILED,
+ * MBEDTLS_ERR_NET_UNKNOWN_HOST,
+ * MBEDTLS_ERR_NET_CONNECT_FAILED
+ *
+ * \note Sets the socket in connected mode even with UDP.
+ */
+int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto );
+
+/**
+ * \brief Create a receiving socket on bind_ip:port in the chosen
+ * protocol. If bind_ip == NULL, all interfaces are bound.
+ *
+ * \param ctx Socket to use
+ * \param bind_ip IP to bind to, can be NULL
+ * \param port Port number to use
+ * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP
+ *
+ * \return 0 if successful, or one of:
+ * MBEDTLS_ERR_NET_SOCKET_FAILED,
+ * MBEDTLS_ERR_NET_BIND_FAILED,
+ * MBEDTLS_ERR_NET_LISTEN_FAILED
+ *
+ * \note Regardless of the protocol, opens the sockets and binds it.
+ * In addition, make the socket listening if protocol is TCP.
+ */
+int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto );
+
+/**
+ * \brief Accept a connection from a remote client
+ *
+ * \param bind_ctx Relevant socket
+ * \param client_ctx Will contain the connected client socket
+ * \param client_ip Will contain the client IP address
+ * \param buf_size Size of the client_ip buffer
+ * \param ip_len Will receive the size of the client IP written
+ *
+ * \return 0 if successful, or
+ * MBEDTLS_ERR_NET_ACCEPT_FAILED, or
+ * MBEDTLS_ERR_NET_BUFFER_TOO_SMALL if buf_size is too small,
+ * MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to
+ * non-blocking and accept() would block.
+ */
+int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
+ mbedtls_net_context *client_ctx,
+ void *client_ip, size_t buf_size, size_t *ip_len );
+
+/**
+ * \brief Set the socket blocking
+ *
+ * \param ctx Socket to set
+ *
+ * \return 0 if successful, or a non-zero error code
+ */
+int mbedtls_net_set_block( mbedtls_net_context *ctx );
+
+/**
+ * \brief Set the socket non-blocking
+ *
+ * \param ctx Socket to set
+ *
+ * \return 0 if successful, or a non-zero error code
+ */
+int mbedtls_net_set_nonblock( mbedtls_net_context *ctx );
+
+/**
+ * \brief Portable usleep helper
+ *
+ * \param usec Amount of microseconds to sleep
+ *
+ * \note Real amount of time slept will not be less than
+ * select()'s timeout granularity (typically, 10ms).
+ */
+void mbedtls_net_usleep( unsigned long usec );
+
+/**
+ * \brief Read at most 'len' characters. If no error occurs,
+ * the actual amount read is returned.
+ *
+ * \param ctx Socket
+ * \param buf The buffer to write to
+ * \param len Maximum length of the buffer
+ *
+ * \return the number of bytes received,
+ * or a non-zero error code; with a non-blocking socket,
+ * MBEDTLS_ERR_SSL_WANT_READ indicates read() would block.
+ */
+int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len );
+
+/**
+ * \brief Write at most 'len' characters. If no error occurs,
+ * the actual amount read is returned.
+ *
+ * \param ctx Socket
+ * \param buf The buffer to read from
+ * \param len The length of the buffer
+ *
+ * \return the number of bytes sent,
+ * or a non-zero error code; with a non-blocking socket,
+ * MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block.
+ */
+int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len );
+
+/**
+ * \brief Read at most 'len' characters, blocking for at most
+ * 'timeout' seconds. If no error occurs, the actual amount
+ * read is returned.
+ *
+ * \param ctx Socket
+ * \param buf The buffer to write to
+ * \param len Maximum length of the buffer
+ * \param timeout Maximum number of milliseconds to wait for data
+ * 0 means no timeout (wait forever)
+ *
+ * \return the number of bytes received,
+ * or a non-zero error code:
+ * MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out,
+ * MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal.
+ *
+ * \note This function will block (until data becomes available or
+ * timeout is reached) even if the socket is set to
+ * non-blocking. Handling timeouts with non-blocking reads
+ * requires a different strategy.
+ */
+int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
+ uint32_t timeout );
+
+/**
+ * \brief Gracefully shutdown the connection and free associated data
+ *
+ * \param ctx The context to free
+ */
+void mbedtls_net_free( mbedtls_net_context *ctx );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* net_sockets.h */
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 35185df..54653df 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -206,7 +206,7 @@
* \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
*
* \note This function does NOT take care of message
- * padding. Also, be sure to set input[0] = 0 or assure that
+ * padding. Also, be sure to set input[0] = 0 or ensure that
* input is smaller than N.
*
* \note The input and output buffers must be large
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index c0bfd3e..2c02190 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -107,6 +107,8 @@
#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */
#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 /**< The client initiated a reconnect from the same port. */
#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700 /**< Record header looks valid but is not expected. */
+#define MBEDTLS_ERR_SSL_NON_FATAL -0x6680 /**< The alert message received indicates a non-fatal error. */
+#define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH -0x6600 /**< Couldn't set the hash for verifying CertificateVerify */
/*
* Various constants
@@ -1105,9 +1107,10 @@
* \c mbedtls_ssl_recv_t and \c mbedtls_ssl_recv_timeout_t for
* the conventions those callbacks must follow.
*
- * \note On some platforms, net.c provides \c mbedtls_net_send(),
- * \c mbedtls_net_recv() and \c mbedtls_net_recv_timeout()
- * that are suitable to be used here.
+ * \note On some platforms, net_sockets.c provides
+ * \c mbedtls_net_send(), \c mbedtls_net_recv() and
+ * \c mbedtls_net_recv_timeout() that are suitable to be used
+ * here.
*/
void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
void *p_bio,
@@ -2510,7 +2513,6 @@
* \param transport MBEDTLS_SSL_TRANSPORT_STREAM for TLS, or
* MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS
* \param preset a MBEDTLS_SSL_PRESET_XXX value
- * (currently unused).
*
* \note See \c mbedtls_ssl_conf_transport() for notes on DTLS.
*
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index d63d7d4..668c0f5 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -355,6 +355,11 @@
void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl );
int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_read_record_layer( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl );
+
int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl );
int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want );
@@ -384,6 +389,7 @@
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
unsigned char mbedtls_ssl_hash_from_md_alg( int md );
+int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md );
#if defined(MBEDTLS_ECP_C)
int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h
index b40aa51..3270346 100644
--- a/include/mbedtls/version.h
+++ b/include/mbedtls/version.h
@@ -38,17 +38,17 @@
* Major, Minor, Patchlevel
*/
#define MBEDTLS_VERSION_MAJOR 2
-#define MBEDTLS_VERSION_MINOR 3
-#define MBEDTLS_VERSION_PATCH 0
+#define MBEDTLS_VERSION_MINOR 4
+#define MBEDTLS_VERSION_PATCH 1
/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
-#define MBEDTLS_VERSION_NUMBER 0x02030000
-#define MBEDTLS_VERSION_STRING "2.3.0"
-#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.3.0"
+#define MBEDTLS_VERSION_NUMBER 0x02040100
+#define MBEDTLS_VERSION_STRING "2.4.1"
+#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.4.1"
#if defined(MBEDTLS_VERSION_C)
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 54dac16..f219bf1 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -157,7 +157,7 @@
#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY (1 << 13)
#define MBEDTLS_X509_EXT_FRESHEST_CRL (1 << 14)
-#define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16) /* Parsed (and then ?) */
+#define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16)
/*
* Storage format identifiers
diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h
index 7a9c2e0..fe9843c 100644
--- a/include/mbedtls/x509_csr.h
+++ b/include/mbedtls/x509_csr.h
@@ -282,7 +282,7 @@
*
* \note f_rng may be NULL if RSA is used for signature and the
* signature is made offline (otherwise f_rng is desirable
- * for couermeasures against timing attacks).
+ * for countermeasures against timing attacks).
* ECDSA signatures always require a non-NULL f_rng.
*/
int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 6aeb385..8882ddf 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -15,6 +15,7 @@
ccm.c
cipher.c
cipher_wrap.c
+ cmac.c
ctr_drbg.c
des.c
dhm.c
@@ -71,7 +72,7 @@
set(src_tls
debug.c
- net.c
+ net_sockets.c
ssl_cache.c
ssl_ciphersuites.c
ssl_cli.c
@@ -139,15 +140,15 @@
if(USE_SHARED_MBEDTLS_LIBRARY)
add_library(mbedcrypto SHARED ${src_crypto})
- set_target_properties(mbedcrypto PROPERTIES VERSION 2.3.0 SOVERSION 0)
+ set_target_properties(mbedcrypto PROPERTIES VERSION 2.4.1 SOVERSION 0)
target_link_libraries(mbedcrypto ${libs})
add_library(mbedx509 SHARED ${src_x509})
- set_target_properties(mbedx509 PROPERTIES VERSION 2.3.0 SOVERSION 0)
+ set_target_properties(mbedx509 PROPERTIES VERSION 2.4.1 SOVERSION 0)
target_link_libraries(mbedx509 ${libs} mbedcrypto)
add_library(mbedtls SHARED ${src_tls})
- set_target_properties(mbedtls PROPERTIES VERSION 2.3.0 SOVERSION 10)
+ set_target_properties(mbedtls PROPERTIES VERSION 2.4.1 SOVERSION 10)
target_link_libraries(mbedtls ${libs} mbedx509)
install(TARGETS mbedtls mbedx509 mbedcrypto
diff --git a/library/Makefile b/library/Makefile
index 00528b3..28f9231 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -48,9 +48,9 @@
asn1parse.o asn1write.o base64.o \
bignum.o blowfish.o camellia.o \
ccm.o cipher.o cipher_wrap.o \
- ctr_drbg.o des.o dhm.o \
- ecdh.o ecdsa.o ecjpake.o \
- ecp.o \
+ cmac.o ctr_drbg.o des.o \
+ dhm.o ecdh.o ecdsa.o \
+ ecjpake.o ecp.o \
ecp_curves.o entropy.o entropy_poll.o \
error.o gcm.o havege.o \
hmac_drbg.o md.o md2.o \
@@ -68,9 +68,10 @@
x509_create.o x509_crl.o x509_crt.o \
x509_csr.o x509write_crt.o x509write_csr.o
-OBJS_TLS= debug.o net.o ssl_cache.o \
- ssl_ciphersuites.o ssl_cli.o \
- ssl_cookie.o ssl_srv.o ssl_ticket.o \
+OBJS_TLS= debug.o net_sockets.o \
+ ssl_cache.o ssl_ciphersuites.o \
+ ssl_cli.o ssl_cookie.o \
+ ssl_srv.o ssl_ticket.o \
ssl_tls.o
.SILENT:
diff --git a/library/asn1parse.c b/library/asn1parse.c
index ffa2f52..4dd65c0 100644
--- a/library/asn1parse.c
+++ b/library/asn1parse.c
@@ -153,7 +153,7 @@
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
return( ret );
- if( len > sizeof( int ) || ( **p & 0x80 ) != 0 )
+ if( len == 0 || len > sizeof( int ) || ( **p & 0x80 ) != 0 )
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
*val = 0;
diff --git a/library/cipher.c b/library/cipher.c
index bbe40eb..a883438 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -45,6 +45,17 @@
#include "mbedtls/ccm.h"
#endif
+#if defined(MBEDTLS_CMAC_C)
+#include "mbedtls/cmac.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#endif
+
#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
#define MBEDTLS_CIPHER_MODE_STREAM
#endif
@@ -127,6 +138,14 @@
if( ctx == NULL )
return;
+#if defined(MBEDTLS_CMAC_C)
+ if( ctx->cmac_ctx )
+ {
+ mbedtls_zeroize( ctx->cmac_ctx, sizeof( mbedtls_cmac_context_t ) );
+ mbedtls_free( ctx->cmac_ctx );
+ }
+#endif
+
if( ctx->cipher_ctx )
ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
diff --git a/library/cmac.c b/library/cmac.c
new file mode 100644
index 0000000..b2fe713
--- /dev/null
+++ b/library/cmac.c
@@ -0,0 +1,1074 @@
+/*
+ * \file cmac.c
+ *
+ * \brief NIST SP800-38B compliant CMAC implementation for AES and 3DES
+ *
+ * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * References:
+ *
+ * - NIST SP 800-38B Recommendation for Block Cipher Modes of Operation: The
+ * CMAC Mode for Authentication
+ * http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38b.pdf
+ *
+ * - RFC 4493 - The AES-CMAC Algorithm
+ * https://tools.ietf.org/html/rfc4493
+ *
+ * - RFC 4615 - The Advanced Encryption Standard-Cipher-based Message
+ * Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128)
+ * Algorithm for the Internet Key Exchange Protocol (IKE)
+ * https://tools.ietf.org/html/rfc4615
+ *
+ * Additional test vectors: ISO/IEC 9797-1
+ *
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_CMAC_C)
+
+#include "mbedtls/cmac.h"
+
+#include <string.h>
+
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc calloc
+#define mbedtls_free free
+#if defined(MBEDTLS_SELF_TEST)
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_SELF_TEST */
+#endif /* MBEDTLS_PLATFORM_C */
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * Multiplication by u in the Galois field of GF(2^n)
+ *
+ * As explained in NIST SP 800-38B, this can be computed:
+ *
+ * If MSB(p) = 0, then p = (p << 1)
+ * If MSB(p) = 1, then p = (p << 1) ^ R_n
+ * with R_64 = 0x1B and R_128 = 0x87
+ *
+ * Input and output MUST NOT point to the same buffer
+ * Block size must be 8 bytes or 16 bytes - the block sizes for DES and AES.
+ */
+static int cmac_multiply_by_u( unsigned char *output,
+ const unsigned char *input,
+ size_t blocksize )
+{
+ const unsigned char R_128 = 0x87;
+ const unsigned char R_64 = 0x1B;
+ unsigned char R_n, mask;
+ unsigned char overflow = 0x00;
+ int i;
+
+ if( blocksize == MBEDTLS_AES_BLOCK_SIZE )
+ {
+ R_n = R_128;
+ }
+ else if( blocksize == MBEDTLS_DES3_BLOCK_SIZE )
+ {
+ R_n = R_64;
+ }
+ else
+ {
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+
+ for( i = (int)blocksize - 1; i >= 0; i-- )
+ {
+ output[i] = input[i] << 1 | overflow;
+ overflow = input[i] >> 7;
+ }
+
+ /* mask = ( input[0] >> 7 ) ? 0xff : 0x00
+ * using bit operations to avoid branches */
+
+ /* MSVC has a warning about unary minus on unsigned, but this is
+ * well-defined and precisely what we want to do here */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+ mask = - ( input[0] >> 7 );
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+
+ output[ blocksize - 1 ] ^= R_n & mask;
+
+ return( 0 );
+}
+
+/*
+ * Generate subkeys
+ *
+ * - as specified by RFC 4493, section 2.3 Subkey Generation Algorithm
+ */
+static int cmac_generate_subkeys( mbedtls_cipher_context_t *ctx,
+ unsigned char* K1, unsigned char* K2 )
+{
+ int ret;
+ unsigned char L[MBEDTLS_CIPHER_BLKSIZE_MAX];
+ size_t olen, block_size;
+
+ mbedtls_zeroize( L, sizeof( L ) );
+
+ block_size = ctx->cipher_info->block_size;
+
+ /* Calculate Ek(0) */
+ if( ( ret = mbedtls_cipher_update( ctx, L, block_size, L, &olen ) ) != 0 )
+ goto exit;
+
+ /*
+ * Generate K1 and K2
+ */
+ if( ( ret = cmac_multiply_by_u( K1, L , block_size ) ) != 0 )
+ goto exit;
+
+ if( ( ret = cmac_multiply_by_u( K2, K1 , block_size ) ) != 0 )
+ goto exit;
+
+exit:
+ mbedtls_zeroize( L, sizeof( L ) );
+
+ return( ret );
+}
+
+static void cmac_xor_block( unsigned char *output, const unsigned char *input1,
+ const unsigned char *input2,
+ const size_t block_size )
+{
+ size_t index;
+
+ for( index = 0; index < block_size; index++ )
+ output[ index ] = input1[ index ] ^ input2[ index ];
+}
+
+/*
+ * Create padded last block from (partial) last block.
+ *
+ * We can't use the padding option from the cipher layer, as it only works for
+ * CBC and we use ECB mode, and anyway we need to XOR K1 or K2 in addition.
+ */
+static void cmac_pad( unsigned char padded_block[MBEDTLS_CIPHER_BLKSIZE_MAX],
+ size_t padded_block_len,
+ const unsigned char *last_block,
+ size_t last_block_len )
+{
+ size_t j;
+
+ for( j = 0; j < padded_block_len; j++ )
+ {
+ if( j < last_block_len )
+ padded_block[j] = last_block[j];
+ else if( j == last_block_len )
+ padded_block[j] = 0x80;
+ else
+ padded_block[j] = 0x00;
+ }
+}
+
+int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
+ const unsigned char *key, size_t keybits )
+{
+ mbedtls_cipher_type_t type;
+ mbedtls_cmac_context_t *cmac_ctx;
+ int retval;
+
+ if( ctx == NULL || ctx->cipher_info == NULL || key == NULL )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ if( ( retval = mbedtls_cipher_setkey( ctx, key, (int)keybits,
+ MBEDTLS_ENCRYPT ) ) != 0 )
+ return( retval );
+
+ type = ctx->cipher_info->type;
+
+ switch( type )
+ {
+ case MBEDTLS_CIPHER_AES_128_ECB:
+ case MBEDTLS_CIPHER_AES_192_ECB:
+ case MBEDTLS_CIPHER_AES_256_ECB:
+ case MBEDTLS_CIPHER_DES_EDE3_ECB:
+ break;
+ default:
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+ }
+
+ /* Allocated and initialise in the cipher context memory for the CMAC
+ * context */
+ cmac_ctx = mbedtls_calloc( 1, sizeof( mbedtls_cmac_context_t ) );
+ if( cmac_ctx == NULL )
+ return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
+
+ ctx->cmac_ctx = cmac_ctx;
+
+ mbedtls_zeroize( cmac_ctx->state, sizeof( cmac_ctx->state ) );
+
+ return 0;
+}
+
+int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
+ const unsigned char *input, size_t ilen )
+{
+ mbedtls_cmac_context_t* cmac_ctx;
+ unsigned char *state;
+ int ret = 0;
+ size_t n, j, olen, block_size;
+
+ if( ctx == NULL || ctx->cipher_info == NULL || input == NULL ||
+ ctx->cmac_ctx == NULL )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ cmac_ctx = ctx->cmac_ctx;
+ block_size = ctx->cipher_info->block_size;
+ state = ctx->cmac_ctx->state;
+
+ /* Is there data still to process from the last call, that's greater in
+ * size than a block? */
+ if( cmac_ctx->unprocessed_len > 0 &&
+ ilen > block_size - cmac_ctx->unprocessed_len )
+ {
+ memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
+ input,
+ block_size - cmac_ctx->unprocessed_len );
+
+ cmac_xor_block( state, cmac_ctx->unprocessed_block, state, block_size );
+
+ if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state,
+ &olen ) ) != 0 )
+ {
+ goto exit;
+ }
+
+ input += block_size - cmac_ctx->unprocessed_len;
+ ilen -= block_size - cmac_ctx->unprocessed_len;
+ cmac_ctx->unprocessed_len = 0;
+ }
+
+ /* n is the number of blocks including any final partial block */
+ n = ( ilen + block_size - 1 ) / block_size;
+
+ /* Iterate across the input data in block sized chunks, excluding any
+ * final partial or complete block */
+ for( j = 1; j < n; j++ )
+ {
+ cmac_xor_block( state, input, state, block_size );
+
+ if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state,
+ &olen ) ) != 0 )
+ goto exit;
+
+ ilen -= block_size;
+ input += block_size;
+ }
+
+ /* If there is data left over that wasn't aligned to a block */
+ if( ilen > 0 )
+ {
+ memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
+ input,
+ ilen );
+ cmac_ctx->unprocessed_len += ilen;
+ }
+
+exit:
+ return( ret );
+}
+
+int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
+ unsigned char *output )
+{
+ mbedtls_cmac_context_t* cmac_ctx;
+ unsigned char *state, *last_block;
+ unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
+ unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX];
+ unsigned char M_last[MBEDTLS_CIPHER_BLKSIZE_MAX];
+ int ret;
+ size_t olen, block_size;
+
+ if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL ||
+ output == NULL )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ cmac_ctx = ctx->cmac_ctx;
+ block_size = ctx->cipher_info->block_size;
+ state = cmac_ctx->state;
+
+ mbedtls_zeroize( K1, sizeof( K1 ) );
+ mbedtls_zeroize( K2, sizeof( K2 ) );
+ cmac_generate_subkeys( ctx, K1, K2 );
+
+ last_block = cmac_ctx->unprocessed_block;
+
+ /* Calculate last block */
+ if( cmac_ctx->unprocessed_len < block_size )
+ {
+ cmac_pad( M_last, block_size, last_block, cmac_ctx->unprocessed_len );
+ cmac_xor_block( M_last, M_last, K2, block_size );
+ }
+ else
+ {
+ /* Last block is complete block */
+ cmac_xor_block( M_last, last_block, K1, block_size );
+ }
+
+
+ cmac_xor_block( state, M_last, state, block_size );
+ if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state,
+ &olen ) ) != 0 )
+ {
+ goto exit;
+ }
+
+ memcpy( output, state, block_size );
+
+exit:
+ /* Wipe the generated keys on the stack, and any other transients to avoid
+ * side channel leakage */
+ mbedtls_zeroize( K1, sizeof( K1 ) );
+ mbedtls_zeroize( K2, sizeof( K2 ) );
+
+ cmac_ctx->unprocessed_len = 0;
+ mbedtls_zeroize( cmac_ctx->unprocessed_block,
+ sizeof( cmac_ctx->unprocessed_block ) );
+
+ mbedtls_zeroize( state, MBEDTLS_CIPHER_BLKSIZE_MAX );
+ return( ret );
+}
+
+int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx )
+{
+ mbedtls_cmac_context_t* cmac_ctx;
+
+ if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ cmac_ctx = ctx->cmac_ctx;
+
+ /* Reset the internal state */
+ cmac_ctx->unprocessed_len = 0;
+ mbedtls_zeroize( cmac_ctx->unprocessed_block,
+ sizeof( cmac_ctx->unprocessed_block ) );
+ mbedtls_zeroize( cmac_ctx->state,
+ sizeof( cmac_ctx->state ) );
+
+ return( 0 );
+}
+
+int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
+ const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output )
+{
+ mbedtls_cipher_context_t ctx;
+ int ret;
+
+ if( cipher_info == NULL || key == NULL || input == NULL || output == NULL )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ mbedtls_cipher_init( &ctx );
+
+ if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 )
+ goto exit;
+
+ ret = mbedtls_cipher_cmac_starts( &ctx, key, keylen );
+ if( ret != 0 )
+ goto exit;
+
+ ret = mbedtls_cipher_cmac_update( &ctx, input, ilen );
+ if( ret != 0 )
+ goto exit;
+
+ ret = mbedtls_cipher_cmac_finish( &ctx, output );
+
+exit:
+ mbedtls_cipher_free( &ctx );
+
+ return( ret );
+}
+
+#if defined(MBEDTLS_AES_C)
+/*
+ * Implementation of AES-CMAC-PRF-128 defined in RFC 4615
+ */
+int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length,
+ const unsigned char *input, size_t in_len,
+ unsigned char *output )
+{
+ int ret;
+ const mbedtls_cipher_info_t *cipher_info;
+ unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE];
+ unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE];
+
+ if( key == NULL || input == NULL || output == NULL )
+ return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
+ if( cipher_info == NULL )
+ {
+ /* Failing at this point must be due to a build issue */
+ ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+ goto exit;
+ }
+
+ if( key_length == MBEDTLS_AES_BLOCK_SIZE )
+ {
+ /* Use key as is */
+ memcpy( int_key, key, MBEDTLS_AES_BLOCK_SIZE );
+ }
+ else
+ {
+ memset( zero_key, 0, MBEDTLS_AES_BLOCK_SIZE );
+
+ ret = mbedtls_cipher_cmac( cipher_info, zero_key, 128, key,
+ key_length, int_key );
+ if( ret != 0 )
+ goto exit;
+ }
+
+ ret = mbedtls_cipher_cmac( cipher_info, int_key, 128, input, in_len,
+ output );
+
+exit:
+ mbedtls_zeroize( int_key, sizeof( int_key ) );
+
+ return( ret );
+}
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * CMAC test data for SP800-38B
+ * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_CMAC.pdf
+ * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/TDES_CMAC.pdf
+ *
+ * AES-CMAC-PRF-128 test data from RFC 4615
+ * https://tools.ietf.org/html/rfc4615#page-4
+ */
+
+#define NB_CMAC_TESTS_PER_KEY 4
+#define NB_PRF_TESTS 3
+
+#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C)
+/* All CMAC test inputs are truncated from the same 64 byte buffer. */
+static const unsigned char test_message[] = {
+ /* PT */
+ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
+ 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
+ 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
+ 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11,
+ 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
+ 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
+ 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
+};
+#endif /* MBEDTLS_AES_C || MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+/* Truncation point of message for AES CMAC tests */
+static const unsigned int aes_message_lengths[NB_CMAC_TESTS_PER_KEY] = {
+ /* Mlen */
+ 0,
+ 16,
+ 20,
+ 64
+};
+
+/* CMAC-AES128 Test Data */
+static const unsigned char aes_128_key[16] = {
+ 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
+ 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
+};
+static const unsigned char aes_128_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
+ {
+ /* K1 */
+ 0xfb, 0xee, 0xd6, 0x18, 0x35, 0x71, 0x33, 0x66,
+ 0x7c, 0x85, 0xe0, 0x8f, 0x72, 0x36, 0xa8, 0xde
+ },
+ {
+ /* K2 */
+ 0xf7, 0xdd, 0xac, 0x30, 0x6a, 0xe2, 0x66, 0xcc,
+ 0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b
+ }
+};
+static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
+ {
+ /* Example #1 */
+ 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28,
+ 0x7f, 0xa3, 0x7d, 0x12, 0x9b, 0x75, 0x67, 0x46
+ },
+ {
+ /* Example #2 */
+ 0x07, 0x0a, 0x16, 0xb4, 0x6b, 0x4d, 0x41, 0x44,
+ 0xf7, 0x9b, 0xdd, 0x9d, 0xd0, 0x4a, 0x28, 0x7c
+ },
+ {
+ /* Example #3 */
+ 0x7d, 0x85, 0x44, 0x9e, 0xa6, 0xea, 0x19, 0xc8,
+ 0x23, 0xa7, 0xbf, 0x78, 0x83, 0x7d, 0xfa, 0xde
+ },
+ {
+ /* Example #4 */
+ 0x51, 0xf0, 0xbe, 0xbf, 0x7e, 0x3b, 0x9d, 0x92,
+ 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe
+ }
+};
+
+/* CMAC-AES192 Test Data */
+static const unsigned char aes_192_key[24] = {
+ 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
+ 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
+ 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
+};
+static const unsigned char aes_192_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
+ {
+ /* K1 */
+ 0x44, 0x8a, 0x5b, 0x1c, 0x93, 0x51, 0x4b, 0x27,
+ 0x3e, 0xe6, 0x43, 0x9d, 0xd4, 0xda, 0xa2, 0x96
+ },
+ {
+ /* K2 */
+ 0x89, 0x14, 0xb6, 0x39, 0x26, 0xa2, 0x96, 0x4e,
+ 0x7d, 0xcc, 0x87, 0x3b, 0xa9, 0xb5, 0x45, 0x2c
+ }
+};
+static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
+ {
+ /* Example #1 */
+ 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5,
+ 0x31, 0xca, 0xc4, 0x83, 0xde, 0x7a, 0x93, 0x67
+ },
+ {
+ /* Example #2 */
+ 0x9e, 0x99, 0xa7, 0xbf, 0x31, 0xe7, 0x10, 0x90,
+ 0x06, 0x62, 0xf6, 0x5e, 0x61, 0x7c, 0x51, 0x84
+ },
+ {
+ /* Example #3 */
+ 0x3d, 0x75, 0xc1, 0x94, 0xed, 0x96, 0x07, 0x04,
+ 0x44, 0xa9, 0xfa, 0x7e, 0xc7, 0x40, 0xec, 0xf8
+ },
+ {
+ /* Example #4 */
+ 0xa1, 0xd5, 0xdf, 0x0e, 0xed, 0x79, 0x0f, 0x79,
+ 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11
+ }
+};
+
+/* CMAC-AES256 Test Data */
+static const unsigned char aes_256_key[32] = {
+ 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
+ 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
+ 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
+ 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
+};
+static const unsigned char aes_256_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
+ {
+ /* K1 */
+ 0xca, 0xd1, 0xed, 0x03, 0x29, 0x9e, 0xed, 0xac,
+ 0x2e, 0x9a, 0x99, 0x80, 0x86, 0x21, 0x50, 0x2f
+ },
+ {
+ /* K2 */
+ 0x95, 0xa3, 0xda, 0x06, 0x53, 0x3d, 0xdb, 0x58,
+ 0x5d, 0x35, 0x33, 0x01, 0x0c, 0x42, 0xa0, 0xd9
+ }
+};
+static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
+ {
+ /* Example #1 */
+ 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e,
+ 0xfc, 0x6b, 0x55, 0x1f, 0x46, 0x67, 0xd9, 0x83
+ },
+ {
+ /* Example #2 */
+ 0x28, 0xa7, 0x02, 0x3f, 0x45, 0x2e, 0x8f, 0x82,
+ 0xbd, 0x4b, 0xf2, 0x8d, 0x8c, 0x37, 0xc3, 0x5c
+ },
+ {
+ /* Example #3 */
+ 0x15, 0x67, 0x27, 0xdc, 0x08, 0x78, 0x94, 0x4a,
+ 0x02, 0x3c, 0x1f, 0xe0, 0x3b, 0xad, 0x6d, 0x93
+ },
+ {
+ /* Example #4 */
+ 0xe1, 0x99, 0x21, 0x90, 0x54, 0x9f, 0x6e, 0xd5,
+ 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10
+ }
+};
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_DES_C)
+/* Truncation point of message for 3DES CMAC tests */
+static const unsigned int des3_message_lengths[NB_CMAC_TESTS_PER_KEY] = {
+ 0,
+ 16,
+ 20,
+ 32
+};
+
+/* CMAC-TDES (Generation) - 2 Key Test Data */
+static const unsigned char des3_2key_key[24] = {
+ /* Key1 */
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+ /* Key2 */
+ 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xEF, 0x01,
+ /* Key3 */
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef
+};
+static const unsigned char des3_2key_subkeys[2][8] = {
+ {
+ /* K1 */
+ 0x0d, 0xd2, 0xcb, 0x7a, 0x3d, 0x88, 0x88, 0xd9
+ },
+ {
+ /* K2 */
+ 0x1b, 0xa5, 0x96, 0xf4, 0x7b, 0x11, 0x11, 0xb2
+ }
+};
+static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = {
+ {
+ /* Sample #1 */
+ 0x79, 0xce, 0x52, 0xa7, 0xf7, 0x86, 0xa9, 0x60
+ },
+ {
+ /* Sample #2 */
+ 0xcc, 0x18, 0xa0, 0xb7, 0x9a, 0xf2, 0x41, 0x3b
+ },
+ {
+ /* Sample #3 */
+ 0xc0, 0x6d, 0x37, 0x7e, 0xcd, 0x10, 0x19, 0x69
+ },
+ {
+ /* Sample #4 */
+ 0x9c, 0xd3, 0x35, 0x80, 0xf9, 0xb6, 0x4d, 0xfb
+ }
+};
+
+/* CMAC-TDES (Generation) - 3 Key Test Data */
+static const unsigned char des3_3key_key[24] = {
+ /* Key1 */
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xaa, 0xcd, 0xef,
+ /* Key2 */
+ 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01,
+ /* Key3 */
+ 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x01, 0x23
+};
+static const unsigned char des3_3key_subkeys[2][8] = {
+ {
+ /* K1 */
+ 0x9d, 0x74, 0xe7, 0x39, 0x33, 0x17, 0x96, 0xc0
+ },
+ {
+ /* K2 */
+ 0x3a, 0xe9, 0xce, 0x72, 0x66, 0x2f, 0x2d, 0x9b
+ }
+};
+static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = {
+ {
+ /* Sample #1 */
+ 0x7d, 0xb0, 0xd3, 0x7d, 0xf9, 0x36, 0xc5, 0x50
+ },
+ {
+ /* Sample #2 */
+ 0x30, 0x23, 0x9c, 0xf1, 0xf5, 0x2e, 0x66, 0x09
+ },
+ {
+ /* Sample #3 */
+ 0x6c, 0x9f, 0x3e, 0xe4, 0x92, 0x3f, 0x6b, 0xe2
+ },
+ {
+ /* Sample #4 */
+ 0x99, 0x42, 0x9b, 0xd0, 0xbF, 0x79, 0x04, 0xe5
+ }
+};
+
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+/* AES AES-CMAC-PRF-128 Test Data */
+static const unsigned char PRFK[] = {
+ /* Key */
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0xed, 0xcb
+};
+
+/* Sizes in bytes */
+static const size_t PRFKlen[NB_PRF_TESTS] = {
+ 18,
+ 16,
+ 10
+};
+
+/* Message */
+static const unsigned char PRFM[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13
+};
+
+static const unsigned char PRFT[NB_PRF_TESTS][16] = {
+ {
+ 0x84, 0xa3, 0x48, 0xa4, 0xa4, 0x5d, 0x23, 0x5b,
+ 0xab, 0xff, 0xfc, 0x0d, 0x2b, 0x4d, 0xa0, 0x9a
+ },
+ {
+ 0x98, 0x0a, 0xe8, 0x7b, 0x5f, 0x4c, 0x9c, 0x52,
+ 0x14, 0xf5, 0xb6, 0xa8, 0x45, 0x5e, 0x4c, 0x2d
+ },
+ {
+ 0x29, 0x0d, 0x9e, 0x11, 0x2e, 0xdb, 0x09, 0xee,
+ 0x14, 0x1f, 0xcf, 0x64, 0xc0, 0xb7, 0x2f, 0x3d
+ }
+};
+#endif /* MBEDTLS_AES_C */
+
+static int cmac_test_subkeys( int verbose,
+ const char* testname,
+ const unsigned char* key,
+ int keybits,
+ const unsigned char* subkeys,
+ mbedtls_cipher_type_t cipher_type,
+ int block_size,
+ int num_tests )
+{
+ int i, ret;
+ mbedtls_cipher_context_t ctx;
+ const mbedtls_cipher_info_t *cipher_info;
+ unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
+ unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+ cipher_info = mbedtls_cipher_info_from_type( cipher_type );
+ if( cipher_info == NULL )
+ {
+ /* Failing at this point must be due to a build issue */
+ return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+ }
+
+ for( i = 0; i < num_tests; i++ )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( " %s CMAC subkey #%u: ", testname, i + 1 );
+
+ mbedtls_cipher_init( &ctx );
+
+ if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( "test execution failed\n" );
+
+ goto cleanup;
+ }
+
+ if( ( ret = mbedtls_cipher_setkey( &ctx, key, keybits,
+ MBEDTLS_ENCRYPT ) ) != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( "test execution failed\n" );
+
+ goto cleanup;
+ }
+
+ ret = cmac_generate_subkeys( &ctx, K1, K2 );
+ if( ret != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( "failed\n" );
+
+ goto cleanup;
+ }
+
+ if( ( ret = memcmp( K1, subkeys, block_size ) ) != 0 ||
+ ( ret = memcmp( K2, &subkeys[block_size], block_size ) ) != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( "failed\n" );
+
+ goto cleanup;
+ }
+
+ if( verbose != 0 )
+ mbedtls_printf( "passed\n" );
+
+ mbedtls_cipher_free( &ctx );
+ }
+
+ goto exit;
+
+cleanup:
+ mbedtls_cipher_free( &ctx );
+
+exit:
+ return( ret );
+}
+
+static int cmac_test_wth_cipher( int verbose,
+ const char* testname,
+ const unsigned char* key,
+ int keybits,
+ const unsigned char* messages,
+ const unsigned int message_lengths[4],
+ const unsigned char* expected_result,
+ mbedtls_cipher_type_t cipher_type,
+ int block_size,
+ int num_tests )
+{
+ const mbedtls_cipher_info_t *cipher_info;
+ int i, ret;
+ unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+ cipher_info = mbedtls_cipher_info_from_type( cipher_type );
+ if( cipher_info == NULL )
+ {
+ /* Failing at this point must be due to a build issue */
+ ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+ goto exit;
+ }
+
+ for( i = 0; i < num_tests; i++ )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( " %s CMAC #%u: ", testname, i + 1 );
+
+ if( ( ret = mbedtls_cipher_cmac( cipher_info, key, keybits, messages,
+ message_lengths[i], output ) ) != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( "failed\n" );
+ goto exit;
+ }
+
+ if( ( ret = memcmp( output, &expected_result[i * block_size], block_size ) ) != 0 )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( "failed\n" );
+ goto exit;
+ }
+
+ if( verbose != 0 )
+ mbedtls_printf( "passed\n" );
+ }
+
+exit:
+ return( ret );
+}
+
+#if defined(MBEDTLS_AES_C)
+static int test_aes128_cmac_prf( int verbose )
+{
+ int i;
+ int ret;
+ unsigned char output[MBEDTLS_AES_BLOCK_SIZE];
+
+ for( i = 0; i < NB_PRF_TESTS; i++ )
+ {
+ mbedtls_printf( " AES CMAC 128 PRF #%u: ", i );
+ ret = mbedtls_aes_cmac_prf_128( PRFK, PRFKlen[i], PRFM, 20, output );
+ if( ret != 0 ||
+ memcmp( output, PRFT[i], MBEDTLS_AES_BLOCK_SIZE ) != 0 )
+ {
+
+ if( verbose != 0 )
+ mbedtls_printf( "failed\n" );
+
+ return( ret );
+ }
+ else if( verbose != 0 )
+ {
+ mbedtls_printf( "passed\n" );
+ }
+ }
+ return( ret );
+}
+#endif /* MBEDTLS_AES_C */
+
+int mbedtls_cmac_self_test( int verbose )
+{
+ int ret;
+
+#if defined(MBEDTLS_AES_C)
+ /* AES-128 */
+ if( ( ret = cmac_test_subkeys( verbose,
+ "AES 128",
+ aes_128_key,
+ 128,
+ (const unsigned char*)aes_128_subkeys,
+ MBEDTLS_CIPHER_AES_128_ECB,
+ MBEDTLS_AES_BLOCK_SIZE,
+ NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ if( ( ret = cmac_test_wth_cipher( verbose,
+ "AES 128",
+ aes_128_key,
+ 128,
+ test_message,
+ aes_message_lengths,
+ (const unsigned char*)aes_128_expected_result,
+ MBEDTLS_CIPHER_AES_128_ECB,
+ MBEDTLS_AES_BLOCK_SIZE,
+ NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ /* AES-192 */
+ if( ( ret = cmac_test_subkeys( verbose,
+ "AES 192",
+ aes_192_key,
+ 192,
+ (const unsigned char*)aes_192_subkeys,
+ MBEDTLS_CIPHER_AES_192_ECB,
+ MBEDTLS_AES_BLOCK_SIZE,
+ NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ if( ( ret = cmac_test_wth_cipher( verbose,
+ "AES 192",
+ aes_192_key,
+ 192,
+ test_message,
+ aes_message_lengths,
+ (const unsigned char*)aes_192_expected_result,
+ MBEDTLS_CIPHER_AES_192_ECB,
+ MBEDTLS_AES_BLOCK_SIZE,
+ NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ /* AES-256 */
+ if( ( ret = cmac_test_subkeys( verbose,
+ "AES 256",
+ aes_256_key,
+ 256,
+ (const unsigned char*)aes_256_subkeys,
+ MBEDTLS_CIPHER_AES_256_ECB,
+ MBEDTLS_AES_BLOCK_SIZE,
+ NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ if( ( ret = cmac_test_wth_cipher ( verbose,
+ "AES 256",
+ aes_256_key,
+ 256,
+ test_message,
+ aes_message_lengths,
+ (const unsigned char*)aes_256_expected_result,
+ MBEDTLS_CIPHER_AES_256_ECB,
+ MBEDTLS_AES_BLOCK_SIZE,
+ NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+ {
+ return( ret );
+ }
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_DES_C)
+ /* 3DES 2 key */
+ if( ( ret = cmac_test_subkeys( verbose,
+ "3DES 2 key",
+ des3_2key_key,
+ 192,
+ (const unsigned char*)des3_2key_subkeys,
+ MBEDTLS_CIPHER_DES_EDE3_ECB,
+ MBEDTLS_DES3_BLOCK_SIZE,
+ NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ if( ( ret = cmac_test_wth_cipher( verbose,
+ "3DES 2 key",
+ des3_2key_key,
+ 192,
+ test_message,
+ des3_message_lengths,
+ (const unsigned char*)des3_2key_expected_result,
+ MBEDTLS_CIPHER_DES_EDE3_ECB,
+ MBEDTLS_DES3_BLOCK_SIZE,
+ NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ /* 3DES 3 key */
+ if( ( ret = cmac_test_subkeys( verbose,
+ "3DES 3 key",
+ des3_3key_key,
+ 192,
+ (const unsigned char*)des3_3key_subkeys,
+ MBEDTLS_CIPHER_DES_EDE3_ECB,
+ MBEDTLS_DES3_BLOCK_SIZE,
+ NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ if( ( ret = cmac_test_wth_cipher( verbose,
+ "3DES 3 key",
+ des3_3key_key,
+ 192,
+ test_message,
+ des3_message_lengths,
+ (const unsigned char*)des3_3key_expected_result,
+ MBEDTLS_CIPHER_DES_EDE3_ECB,
+ MBEDTLS_DES3_BLOCK_SIZE,
+ NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+ {
+ return( ret );
+ }
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+ if( ( ret = test_aes128_cmac_prf( verbose ) ) != 0 )
+ return( ret );
+#endif /* MBEDTLS_AES_C */
+
+ if( verbose != 0 )
+ mbedtls_printf( "\n" );
+
+ return( 0 );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_CMAC_C */
diff --git a/library/error.c b/library/error.c
index 4bd15bf..dd2db0c 100644
--- a/library/error.c
+++ b/library/error.c
@@ -102,7 +102,7 @@
#endif
#if defined(MBEDTLS_NET_C)
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#endif
#if defined(MBEDTLS_OID_C)
@@ -435,6 +435,10 @@
mbedtls_snprintf( buf, buflen, "SSL - The client initiated a reconnect from the same port" );
if( use_ret == -(MBEDTLS_ERR_SSL_UNEXPECTED_RECORD) )
mbedtls_snprintf( buf, buflen, "SSL - Record header looks valid but is not expected" );
+ if( use_ret == -(MBEDTLS_ERR_SSL_NON_FATAL) )
+ mbedtls_snprintf( buf, buflen, "SSL - The alert message received indicates a non-fatal error" );
+ if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH) )
+ mbedtls_snprintf( buf, buflen, "SSL - Couldn't set the hash for verifying CertificateVerify" );
#endif /* MBEDTLS_SSL_TLS_C */
#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
diff --git a/library/gcm.c b/library/gcm.c
index aaacf97..f1210c5 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -415,8 +415,7 @@
if( tag_len > 16 || tag_len < 4 )
return( MBEDTLS_ERR_GCM_BAD_INPUT );
- if( tag_len != 0 )
- memcpy( tag, ctx->base_ectr, tag_len );
+ memcpy( tag, ctx->base_ectr, tag_len );
if( orig_len || orig_add_len )
{
diff --git a/library/net.c b/library/net_sockets.c
similarity index 99%
rename from library/net.c
rename to library/net_sockets.c
index 8b96321..6a013e9 100644
--- a/library/net.c
+++ b/library/net_sockets.c
@@ -38,7 +38,7 @@
#include <stdlib.h>
#endif
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include <string.h>
@@ -238,7 +238,7 @@
}
}
- /* I we ever get there, it's a success */
+ /* Bind was successful */
ret = 0;
break;
}
diff --git a/library/pkparse.c b/library/pkparse.c
index 275429e..efdf437 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -1187,12 +1187,12 @@
#endif /* MBEDTLS_PEM_PARSE_C */
/*
- * At this point we only know it's not a PEM formatted key. Could be any
- * of the known DER encoded private key formats
- *
- * We try the different DER format parsers to see if one passes without
- * error
- */
+ * At this point we only know it's not a PEM formatted key. Could be any
+ * of the known DER encoded private key formats
+ *
+ * We try the different DER format parsers to see if one passes without
+ * error
+ */
#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, key, keylen,
pwd, pwdlen ) ) == 0 )
diff --git a/library/platform.c b/library/platform.c
index 2591c45..8b336c3 100644
--- a/library/platform.c
+++ b/library/platform.c
@@ -237,7 +237,7 @@
}
fclose( file );
- return( n );
+ return( (int)n );
}
int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len )
@@ -255,7 +255,7 @@
}
fclose( file );
- return( n );
+ return( (int)n );
}
#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
diff --git a/library/rsa.c b/library/rsa.c
index 7a33689..40ef2a9 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -102,7 +102,10 @@
if( f_rng == NULL || nbits < 128 || exponent < 3 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
- mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 );
+ if( nbits % 2 )
+ return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+ mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 );
mbedtls_mpi_init( &H ); mbedtls_mpi_init( &G );
/*
@@ -116,16 +119,8 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, nbits >> 1, 0,
f_rng, p_rng ) );
- if( nbits % 2 )
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, ( nbits >> 1 ) + 1, 0,
+ MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, 0,
f_rng, p_rng ) );
- }
- else
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, 0,
- f_rng, p_rng ) );
- }
if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) == 0 )
continue;
@@ -134,6 +129,9 @@
if( mbedtls_mpi_bitlen( &ctx->N ) != nbits )
continue;
+ if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 )
+ mbedtls_mpi_swap( &ctx->P, &ctx->Q );
+
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &P1, &Q1 ) );
diff --git a/library/sha256.c b/library/sha256.c
index 4e82c0b..ad25d38 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -41,7 +41,10 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
+#include <stdlib.h>
#define mbedtls_printf printf
+#define mbedtls_calloc calloc
+#define mbedtls_free free
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
@@ -389,10 +392,19 @@
int mbedtls_sha256_self_test( int verbose )
{
int i, j, k, buflen, ret = 0;
- unsigned char buf[1024];
+ unsigned char *buf;
unsigned char sha256sum[32];
mbedtls_sha256_context ctx;
+ buf = mbedtls_calloc( 1024, sizeof(unsigned char) );
+ if( NULL == buf )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( "Buffer allocation failed\n" );
+
+ return( 1 );
+ }
+
mbedtls_sha256_init( &ctx );
for( i = 0; i < 6; i++ )
@@ -436,6 +448,7 @@
exit:
mbedtls_sha256_free( &ctx );
+ mbedtls_free( buf );
return( ret );
}
diff --git a/library/sha512.c b/library/sha512.c
index 0f9e1e5..724522a 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -47,7 +47,10 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
+#include <stdlib.h>
#define mbedtls_printf printf
+#define mbedtls_calloc calloc
+#define mbedtls_free free
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
@@ -445,10 +448,19 @@
int mbedtls_sha512_self_test( int verbose )
{
int i, j, k, buflen, ret = 0;
- unsigned char buf[1024];
+ unsigned char *buf;
unsigned char sha512sum[64];
mbedtls_sha512_context ctx;
+ buf = mbedtls_calloc( 1024, sizeof(unsigned char) );
+ if( NULL == buf )
+ {
+ if( verbose != 0 )
+ mbedtls_printf( "Buffer allocation failed\n" );
+
+ return( 1 );
+ }
+
mbedtls_sha512_init( &ctx );
for( i = 0; i < 6; i++ )
@@ -492,6 +504,7 @@
exit:
mbedtls_sha512_free( &ctx );
+ mbedtls_free( buf );
return( ret );
}
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 29a3943..223823b 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1355,6 +1355,15 @@
cookie_len = *p++;
MBEDTLS_SSL_DEBUG_BUF( 3, "cookie", p, cookie_len );
+ if( ( ssl->in_msg + ssl->in_msglen ) - p < cookie_len )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1,
+ ( "cookie length does not match incoming message size" ) );
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+ return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+ }
+
mbedtls_free( ssl->handshake->verify_cookie );
ssl->handshake->verify_cookie = mbedtls_calloc( 1, cookie_len );
@@ -2630,6 +2639,15 @@
{
size_t sig_alg_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 )
| ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) );
+#if defined(MBEDTLS_DEBUG_C)
+ unsigned char* sig_alg = buf + mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n;
+ size_t i;
+
+ for( i = 0; i < sig_alg_len; i += 2 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "Supported Signature Algorithm found: %d,%d", sig_alg[i], sig_alg[i + 1] ) );
+ }
+#endif
n += 2 + sig_alg_len;
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 4b0f997..fc0d2d7 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1043,7 +1043,6 @@
ssl->session_negotiate->ciphersuite = ciphersuites[i];
ssl->transform_negotiate->ciphersuite_info = ciphersuite_info;
- mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info );
/*
* SSLv2 Client Hello relevant renegotiation security checks
@@ -1840,7 +1839,6 @@
ssl->session_negotiate->ciphersuite = ciphersuites[i];
ssl->transform_negotiate->ciphersuite_info = ciphersuite_info;
- mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info );
ssl->state++;
@@ -2556,29 +2554,27 @@
*/
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
{
- /*
- * Only use current running hash algorithm that is already required
- * for requested ciphersuite.
- */
- ssl->handshake->verify_sig_alg = MBEDTLS_SSL_HASH_SHA256;
-
- if( ssl->transform_negotiate->ciphersuite_info->mac ==
- MBEDTLS_MD_SHA384 )
- {
- ssl->handshake->verify_sig_alg = MBEDTLS_SSL_HASH_SHA384;
- }
+ const int *cur;
/*
* Supported signature algorithms
*/
+ for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ )
+ {
+ unsigned char hash = mbedtls_ssl_hash_from_md_alg( *cur );
+
+ if( MBEDTLS_SSL_HASH_NONE == hash || mbedtls_ssl_set_calc_verify_md( ssl, hash ) )
+ continue;
+
#if defined(MBEDTLS_RSA_C)
- p[2 + sa_len++] = ssl->handshake->verify_sig_alg;
- p[2 + sa_len++] = MBEDTLS_SSL_SIG_RSA;
+ p[2 + sa_len++] = hash;
+ p[2 + sa_len++] = MBEDTLS_SSL_SIG_RSA;
#endif
#if defined(MBEDTLS_ECDSA_C)
- p[2 + sa_len++] = ssl->handshake->verify_sig_alg;
- p[2 + sa_len++] = MBEDTLS_SSL_SIG_ECDSA;
+ p[2 + sa_len++] = hash;
+ p[2 + sa_len++] = MBEDTLS_SSL_SIG_ECDSA;
#endif
+ }
p[0] = (unsigned char)( sa_len >> 8 );
p[1] = (unsigned char)( sa_len );
@@ -3581,17 +3577,28 @@
return( 0 );
}
- /* Needs to be done before read_record() to exclude current message */
- ssl->handshake->calc_verify( ssl, hash );
+ /* Read the message without adding it to the checksum */
+ do {
- if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_read_record_layer( ssl ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record_layer" ), ret );
+ return( ret );
+ }
+
+ ret = mbedtls_ssl_handle_message_type( ssl );
+
+ } while( MBEDTLS_ERR_SSL_NON_FATAL == ret );
+
+ if( 0 != ret )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_handle_message_type" ), ret );
return( ret );
}
ssl->state++;
+ /* Process the message contents */
if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ||
ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY )
{
@@ -3638,14 +3645,19 @@
/*
* Hash
*/
- if( ssl->in_msg[i] != ssl->handshake->verify_sig_alg )
+ md_alg = mbedtls_ssl_md_alg_from_hash( ssl->in_msg[i] );
+
+ if( md_alg == MBEDTLS_MD_NONE || mbedtls_ssl_set_calc_verify_md( ssl, ssl->in_msg[i] ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg"
" for verify message" ) );
return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
}
- md_alg = mbedtls_ssl_md_alg_from_hash( ssl->handshake->verify_sig_alg );
+#if !defined(MBEDTLS_MD_SHA1)
+ if( MBEDTLS_MD_SHA1 == md_alg )
+ hash_start += 16;
+#endif
/* Info from md_alg will be used instead */
hashlen = 0;
@@ -3696,6 +3708,9 @@
return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
}
+ /* Calculate hash and verify signature */
+ ssl->handshake->calc_verify( ssl, hash );
+
if( ( ret = mbedtls_pk_verify( &ssl->session_negotiate->peer_cert->pk,
md_alg, hash_start, hashlen,
ssl->in_msg + i, sig_len ) ) != 0 )
@@ -3704,6 +3719,8 @@
return( ret );
}
+ mbedtls_ssl_update_handshake_status( ssl );
+
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) );
return( ret );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 505bb6c..121c135 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -49,8 +49,7 @@
#include <string.h>
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
- defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
#include "mbedtls/oid.h"
#endif
@@ -1374,17 +1373,6 @@
/*
* Generate IV
*/
-#if defined(MBEDTLS_SSL_AEAD_RANDOM_IV)
- ret = ssl->conf->f_rng( ssl->conf->p_rng,
- ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen,
- ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen );
- if( ret != 0 )
- return( ret );
-
- memcpy( ssl->out_iv,
- ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen,
- ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen );
-#else
if( ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen != 8 )
{
/* Reminder if we ever add an AEAD mode with a different size */
@@ -1395,7 +1383,6 @@
memcpy( ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen,
ssl->out_ctr, 8 );
memcpy( ssl->out_iv, ssl->out_ctr, 8 );
-#endif
MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", ssl->out_iv,
ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen );
@@ -3083,7 +3070,7 @@
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
-static int ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
+int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
{
if( ssl->in_msglen < mbedtls_ssl_hs_hdr_len( ssl ) )
{
@@ -3165,6 +3152,12 @@
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
+ return( 0 );
+}
+
+void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl )
+{
+
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER &&
ssl->handshake != NULL )
{
@@ -3179,8 +3172,6 @@
ssl->handshake->in_msg_seq++;
}
#endif
-
- return( 0 );
}
/*
@@ -3437,7 +3428,7 @@
if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED )
{
- /* Dont check write errors as we can't do anything here.
+ /* Don't check write errors as we can't do anything here.
* If the error is permanent we'll catch it later,
* if it's not, then hopefully it'll work next time. */
(void) ssl->f_send( ssl->p_bio, ssl->out_buf, len );
@@ -3736,6 +3727,38 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read record" ) );
+ do {
+
+ if( ( ret = mbedtls_ssl_read_record_layer( ssl ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record_layer" ), ret );
+ return( ret );
+ }
+
+ ret = mbedtls_ssl_handle_message_type( ssl );
+
+ } while( MBEDTLS_ERR_SSL_NON_FATAL == ret );
+
+ if( 0 != ret )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_handle_message_type" ), ret );
+ return( ret );
+ }
+
+ if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
+ {
+ mbedtls_ssl_update_handshake_status( ssl );
+ }
+
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read record" ) );
+
+ return( 0 );
+}
+
+int mbedtls_ssl_read_record_layer( mbedtls_ssl_context *ssl )
+{
+ int ret;
+
if( ssl->in_hslen != 0 && ssl->in_hslen < ssl->in_msglen )
{
/*
@@ -3749,9 +3772,6 @@
MBEDTLS_SSL_DEBUG_BUF( 4, "remaining content in record",
ssl->in_msg, ssl->in_msglen );
- if( ( ret = ssl_prepare_handshake_record( ssl ) ) != 0 )
- return( ret );
-
return( 0 );
}
@@ -3760,7 +3780,10 @@
/*
* Read the record header and parse it
*/
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
read_record_header:
+#endif
+
if( ( ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_hdr_len( ssl ) ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
@@ -3914,13 +3937,22 @@
}
#endif
+ return( 0 );
+}
+
+int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl )
+{
+ int ret;
+
/*
* Handle particular types of records
*/
if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
{
- if( ( ret = ssl_prepare_handshake_record( ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_prepare_handshake_record( ssl ) ) != 0 )
+ {
return( ret );
+ }
}
if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT )
@@ -3968,11 +4000,9 @@
#endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */
/* Silently ignore: fetch new message */
- goto read_record_header;
+ return MBEDTLS_ERR_SSL_NON_FATAL;
}
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read record" ) );
-
return( 0 );
}
@@ -4347,7 +4377,7 @@
ret = mbedtls_x509_crt_parse_der( ssl->session_negotiate->peer_cert,
ssl->in_msg + i, n );
- if( ret != 0 )
+ if( 0 != ret && ( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND ) != ret )
{
MBEDTLS_SSL_DEBUG_RET( 1, " mbedtls_x509_crt_parse_der", ret );
return( ret );
@@ -5976,8 +6006,9 @@
const char **p;
/*
- * "Empty strings MUST NOT be included and byte strings MUST NOT be
- * truncated". Check lengths now rather than later.
+ * RFC 7301 3.1: "Empty strings MUST NOT be included and byte strings
+ * MUST NOT be truncated."
+ * We check lengths now rather than later.
*/
tot_len = 0;
for( p = protos; *p != NULL; p++ )
@@ -7555,7 +7586,7 @@
* and, for DTLS, to/from TLS equivalent.
*
* For TLS this is the identity.
- * For DTLS, use one complement (v -> 255 - v, and then map as follows:
+ * For DTLS, use 1's complement (v -> 255 - v, and then map as follows:
* 1.0 <-> 3.2 (DTLS 1.0 is based on TLS 1.1)
* 1.x <-> 3.x+1 for x != 0 (DTLS 1.2 based on TLS 1.2)
*/
@@ -7603,4 +7634,47 @@
}
}
+int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md )
+{
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
+ return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+
+ switch( md )
+ {
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+#if defined(MBEDTLS_MD5_C)
+ case MBEDTLS_SSL_HASH_MD5:
+ ssl->handshake->calc_verify = ssl_calc_verify_tls;
+ break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+ case MBEDTLS_SSL_HASH_SHA1:
+ ssl->handshake->calc_verify = ssl_calc_verify_tls;
+ break;
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
+#if defined(MBEDTLS_SHA512_C)
+ case MBEDTLS_SSL_HASH_SHA384:
+ ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384;
+ break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+ case MBEDTLS_SSL_HASH_SHA256:
+ ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256;
+ break;
+#endif
+ default:
+ return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+ }
+
+ return 0;
+#else /* !MBEDTLS_SSL_PROTO_TLS1_2 */
+ (void) ssl;
+ (void) md;
+
+ return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+}
+
#endif /* MBEDTLS_SSL_TLS_C */
diff --git a/library/threading.c b/library/threading.c
index 1b6d9cd..83ec01a 100644
--- a/library/threading.c
+++ b/library/threading.c
@@ -32,7 +32,7 @@
#if defined(MBEDTLS_THREADING_PTHREAD)
static void threading_mutex_init_pthread( mbedtls_threading_mutex_t *mutex )
{
- if( mutex == NULL )
+ if( mutex == NULL || mutex->is_valid )
return;
mutex->is_valid = pthread_mutex_init( &mutex->mutex, NULL ) == 0;
@@ -40,10 +40,11 @@
static void threading_mutex_free_pthread( mbedtls_threading_mutex_t *mutex )
{
- if( mutex == NULL )
+ if( mutex == NULL || !mutex->is_valid )
return;
(void) pthread_mutex_destroy( &mutex->mutex );
+ mutex->is_valid = 0;
}
static int threading_mutex_lock_pthread( mbedtls_threading_mutex_t *mutex )
diff --git a/library/version_features.c b/library/version_features.c
index 5d20ba0..e866e67 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -324,9 +324,6 @@
#if defined(MBEDTLS_SHA256_SMALLER)
"MBEDTLS_SHA256_SMALLER",
#endif /* MBEDTLS_SHA256_SMALLER */
-#if defined(MBEDTLS_SSL_AEAD_RANDOM_IV)
- "MBEDTLS_SSL_AEAD_RANDOM_IV",
-#endif /* MBEDTLS_SSL_AEAD_RANDOM_IV */
#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
"MBEDTLS_SSL_ALL_ALERT_MESSAGES",
#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
@@ -465,6 +462,9 @@
#if defined(MBEDTLS_CIPHER_C)
"MBEDTLS_CIPHER_C",
#endif /* MBEDTLS_CIPHER_C */
+#if defined(MBEDTLS_CMAC_C)
+ "MBEDTLS_CMAC_C",
+#endif /* MBEDTLS_CMAC_C */
#if defined(MBEDTLS_CTR_DRBG_C)
"MBEDTLS_CTR_DRBG_C",
#endif /* MBEDTLS_CTR_DRBG_C */
diff --git a/library/x509.c b/library/x509.c
index bc3bfe0..4df542e 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -80,6 +80,7 @@
#endif
#define CHECK(code) if( ( ret = code ) != 0 ){ return( ret ); }
+#define CHECK_RANGE(min, max, val) if( val < min || val > max ){ return( ret ); }
/*
* CertificateSerialNumber ::= INTEGER
@@ -489,6 +490,33 @@
return 0;
}
+static int x509_date_is_valid(const mbedtls_x509_time *time)
+{
+ int ret = MBEDTLS_ERR_X509_INVALID_DATE;
+
+ CHECK_RANGE( 0, 9999, time->year );
+ CHECK_RANGE( 0, 23, time->hour );
+ CHECK_RANGE( 0, 59, time->min );
+ CHECK_RANGE( 0, 59, time->sec );
+
+ switch( time->mon )
+ {
+ case 1: case 3: case 5: case 7: case 8: case 10: case 12:
+ CHECK_RANGE( 1, 31, time->day );
+ break;
+ case 4: case 6: case 9: case 11:
+ CHECK_RANGE( 1, 30, time->day );
+ break;
+ case 2:
+ CHECK_RANGE( 1, 28 + (time->year % 4 == 0), time->day );
+ break;
+ default:
+ return( ret );
+ }
+
+ return( 0 );
+}
+
/*
* Time ::= CHOICE {
* utcTime UTCTime,
@@ -528,6 +556,8 @@
time->year += 100 * ( time->year < 50 );
time->year += 1900;
+ CHECK( x509_date_is_valid( time ) );
+
return( 0 );
}
else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME )
@@ -548,6 +578,8 @@
if( len > 14 && *(*p)++ != 'Z' )
return( MBEDTLS_ERR_X509_INVALID_DATE );
+ CHECK( x509_date_is_valid( time ) );
+
return( 0 );
}
else
@@ -559,16 +591,18 @@
{
int ret;
size_t len;
+ int tag_type;
if( ( end - *p ) < 1 )
return( MBEDTLS_ERR_X509_INVALID_SIGNATURE +
MBEDTLS_ERR_ASN1_OUT_OF_DATA );
- sig->tag = **p;
+ tag_type = **p;
if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 )
return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret );
+ sig->tag = tag_type;
sig->len = len;
sig->p = *p;
@@ -627,7 +661,7 @@
/*
* X.509 Extensions (No parsing of extensions, pointer should
- * be either manually updated or extensions should be parsed!
+ * be either manually updated or extensions should be parsed!)
*/
int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *ext, int tag )
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 60e14f9..80af725 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1122,7 +1122,7 @@
p = filename + len;
filename[len++] = '*';
- w_ret = MultiByteToWideChar( CP_ACP, 0, filename, len, szDir,
+ w_ret = MultiByteToWideChar( CP_ACP, 0, filename, (int)len, szDir,
MAX_PATH - 3 );
if( w_ret == 0 )
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 9041d44..d1d9a22 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -413,6 +413,9 @@
MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf,
sig_oid, sig_oid_len, sig, sig_len ) );
+ if( len > (size_t)( c2 - buf ) )
+ return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
c2 -= len;
memcpy( c2, c, len );
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index 0b9a285..8fd856b 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -213,6 +213,9 @@
MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf,
sig_oid, sig_oid_len, sig, sig_len ) );
+ if( len > (size_t)( c2 - buf ) )
+ return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
c2 -= len;
memcpy( c2, c, len );
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index 8ebf34a..875d0b08 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -36,8 +36,9 @@
#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
- defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/net.h"
+ defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \
+ defined(MBEDTLS_SHA1_C)
+#include "mbedtls/net_sockets.h"
#include "mbedtls/aes.h"
#include "mbedtls/dhm.h"
#include "mbedtls/rsa.h"
@@ -55,7 +56,8 @@
#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
- !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
+ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
+ !defined(MBEDTLS_SHA1_C)
int main( void )
{
mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
index 7eef845..8bf2b1b 100644
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -36,8 +36,9 @@
#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
- defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/net.h"
+ defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \
+ defined(MBEDTLS_SHA1_C)
+#include "mbedtls/net_sockets.h"
#include "mbedtls/aes.h"
#include "mbedtls/dhm.h"
#include "mbedtls/rsa.h"
@@ -55,7 +56,8 @@
#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
- !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
+ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
+ !defined(MBEDTLS_SHA1_C)
int main( void )
{
mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c
index 63a3aeb..4812694 100644
--- a/programs/pkey/gen_key.c
+++ b/programs/pkey/gen_key.c
@@ -120,12 +120,14 @@
USAGE_DEV_RANDOM \
"\n"
-#if !defined(MBEDTLS_PK_WRITE_C) || !defined(MBEDTLS_FS_IO) || \
- !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
+#if !defined(MBEDTLS_PK_WRITE_C) || !defined(MBEDTLS_PEM_WRITE_C) || \
+ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
+ !defined(MBEDTLS_CTR_DRBG_C)
int main( void )
{
mbedtls_printf( "MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO and/or "
- "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C "
+ "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
+ "MBEDTLS_PEM_WRITE_C"
"not defined.\n" );
return( 0 );
}
@@ -418,4 +420,6 @@
return( ret );
}
-#endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */
+#endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_PEM_WRITE_C && MBEDTLS_FS_IO &&
+ * MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index b37eb83..442a3fb 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -51,7 +51,7 @@
#include <string.h>
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include "mbedtls/debug.h"
#include "mbedtls/ssl.h"
#include "mbedtls/entropy.h"
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index 1d6eb3b..9d0dda4 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -67,7 +67,7 @@
#include "mbedtls/x509.h"
#include "mbedtls/ssl.h"
#include "mbedtls/ssl_cookie.h"
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include "mbedtls/error.h"
#include "mbedtls/debug.h"
#include "mbedtls/timing.h"
diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c
index 1d78731..290455e 100644
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@@ -68,7 +68,7 @@
#include <string.h>
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include "mbedtls/ssl.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index 3516e15..591f737 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -52,7 +52,7 @@
}
#else
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include "mbedtls/debug.h"
#include "mbedtls/ssl.h"
#include "mbedtls/entropy.h"
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 78f9e00..a1d71e1 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -49,7 +49,7 @@
}
#else
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include "mbedtls/ssl.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 363f38f..7624896 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -66,7 +66,7 @@
#include "mbedtls/certs.h"
#include "mbedtls/x509.h"
#include "mbedtls/ssl.h"
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include "mbedtls/timing.h"
#include <string.h>
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index c807eb5..4a22771 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -54,7 +54,7 @@
#include "mbedtls/base64.h"
#include "mbedtls/error.h"
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include "mbedtls/ssl.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index c4b02ac..9a05ad8 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -66,7 +66,7 @@
#include "mbedtls/certs.h"
#include "mbedtls/x509.h"
#include "mbedtls/ssl.h"
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include "mbedtls/error.h"
#if defined(MBEDTLS_SSL_CACHE_C)
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index c7f5267..fd54f17 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -65,7 +65,7 @@
#include "mbedtls/certs.h"
#include "mbedtls/x509.h"
#include "mbedtls/ssl.h"
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include "mbedtls/error.h"
#include "mbedtls/debug.h"
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 6d4e916..18bda59 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -50,7 +50,7 @@
}
#else
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include "mbedtls/ssl.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 8ab32f6..eb578e7 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -1,7 +1,7 @@
/*
* Benchmark demonstration program
*
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
@@ -61,6 +61,7 @@
#include "mbedtls/camellia.h"
#include "mbedtls/gcm.h"
#include "mbedtls/ccm.h"
+#include "mbedtls/cmac.h"
#include "mbedtls/havege.h"
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/hmac_drbg.h"
@@ -92,13 +93,14 @@
#define OPTIONS \
"md4, md5, ripemd160, sha1, sha256, sha512,\n" \
- "arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,\n" \
+ "arc4, des3, des, camellia, blowfish,\n" \
+ "aes_cbc, aes_gcm, aes_ccm, aes_cmac, des3_cmac,\n" \
"havege, ctr_drbg, hmac_drbg\n" \
"rsa, dhm, ecdsa, ecdh.\n"
#if defined(MBEDTLS_ERROR_C)
#define PRINT_ERROR \
- mbedtls_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
+ mbedtls_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \
mbedtls_printf( "FAILED: %s\n", tmp );
#else
#define PRINT_ERROR \
@@ -234,7 +236,9 @@
typedef struct {
char md4, md5, ripemd160, sha1, sha256, sha512,
- arc4, des3, des, aes_cbc, aes_gcm, aes_ccm, camellia, blowfish,
+ arc4, des3, des,
+ aes_cbc, aes_gcm, aes_ccm, aes_cmac, des3_cmac,
+ camellia, blowfish,
havege, ctr_drbg, hmac_drbg,
rsa, dhm, ecdsa, ecdh;
} todo_list;
@@ -283,6 +287,10 @@
todo.aes_gcm = 1;
else if( strcmp( argv[i], "aes_ccm" ) == 0 )
todo.aes_ccm = 1;
+ else if( strcmp( argv[i], "aes_cmac" ) == 0 )
+ todo.aes_cmac = 1;
+ else if( strcmp( argv[i], "des3_cmac" ) == 0 )
+ todo.des3_cmac = 1;
else if( strcmp( argv[i], "camellia" ) == 0 )
todo.camellia = 1;
else if( strcmp( argv[i], "blowfish" ) == 0 )
@@ -358,7 +366,8 @@
}
#endif
-#if defined(MBEDTLS_DES_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
if( todo.des3 )
{
mbedtls_des3_context des3;
@@ -378,7 +387,25 @@
mbedtls_des_crypt_cbc( &des, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) );
mbedtls_des_free( &des );
}
-#endif
+
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_CMAC_C)
+ if( todo.des3_cmac )
+ {
+ unsigned char output[8];
+ const mbedtls_cipher_info_t *cipher_info;
+
+ memset( buf, 0, sizeof( buf ) );
+ memset( tmp, 0, sizeof( tmp ) );
+
+ cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_DES_EDE3_ECB );
+
+ TIME_AND_TSC( "3DES-CMAC",
+ mbedtls_cipher_cmac( cipher_info, tmp, 192, buf,
+ BUFSIZE, output ) );
+ }
+#endif /* MBEDTLS_CMAC_C */
+#endif /* MBEDTLS_DES_C */
#if defined(MBEDTLS_AES_C)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
@@ -447,7 +474,38 @@
}
}
#endif
-#endif
+#if defined(MBEDTLS_CMAC_C)
+ if( todo.aes_cmac )
+ {
+ unsigned char output[16];
+ const mbedtls_cipher_info_t *cipher_info;
+ mbedtls_cipher_type_t cipher_type;
+ int keysize;
+
+ for( keysize = 128, cipher_type = MBEDTLS_CIPHER_AES_128_ECB;
+ keysize <= 256;
+ keysize += 64, cipher_type++ )
+ {
+ mbedtls_snprintf( title, sizeof( title ), "AES-CMAC-%d", keysize );
+
+ memset( buf, 0, sizeof( buf ) );
+ memset( tmp, 0, sizeof( tmp ) );
+
+ cipher_info = mbedtls_cipher_info_from_type( cipher_type );
+
+ TIME_AND_TSC( title,
+ mbedtls_cipher_cmac( cipher_info, tmp, keysize,
+ buf, BUFSIZE, output ) );
+ }
+
+ memset( buf, 0, sizeof( buf ) );
+ memset( tmp, 0, sizeof( tmp ) );
+ TIME_AND_TSC( "AES-CMAC-PRF-128",
+ mbedtls_aes_cmac_prf_128( tmp, 16, buf, BUFSIZE,
+ output ) );
+ }
+#endif /* MBEDTLS_CMAC_C */
+#endif /* MBEDTLS_AES_C */
#if defined(MBEDTLS_CAMELLIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
if( todo.camellia )
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index 89c6616..1941ad0 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -32,6 +32,7 @@
#include "mbedtls/dhm.h"
#include "mbedtls/gcm.h"
#include "mbedtls/ccm.h"
+#include "mbedtls/cmac.h"
#include "mbedtls/md2.h"
#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
@@ -277,6 +278,14 @@
suites_tested++;
#endif
+#if defined(MBEDTLS_CMAC_C)
+ if( ( mbedtls_cmac_self_test( v ) ) != 0 )
+ {
+ suites_failed++;
+ }
+ suites_tested++;
+#endif
+
#if defined(MBEDTLS_BASE64_C)
if( mbedtls_base64_self_test( v ) != 0 )
{
diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c
index b698c78..20624d2 100644
--- a/programs/test/udp_proxy.c
+++ b/programs/test/udp_proxy.c
@@ -50,7 +50,7 @@
}
#else
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include "mbedtls/error.h"
#include "mbedtls/ssl.h"
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index 3f50a7a..c893ca8 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -54,9 +54,10 @@
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
-#include "mbedtls/net.h"
+#include "mbedtls/net_sockets.h"
#include "mbedtls/ssl.h"
#include "mbedtls/x509.h"
+#include "mbedtls/debug.h"
#include <stdio.h>
#include <stdlib.h>
@@ -152,9 +153,7 @@
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_x509_crt cacert;
- mbedtls_x509_crt clicert;
mbedtls_x509_crl cacrl;
- mbedtls_pk_context pkey;
int i, j;
uint32_t flags;
int verify = 0;
@@ -169,7 +168,6 @@
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_x509_crt_init( &cacert );
- mbedtls_x509_crt_init( &clicert );
#if defined(MBEDTLS_X509_CRL_PARSE_C)
mbedtls_x509_crl_init( &cacrl );
#else
@@ -177,7 +175,6 @@
it to the verify function */
memset( &cacrl, 0, sizeof(mbedtls_x509_crl) );
#endif
- mbedtls_pk_init( &pkey );
if( argc == 0 )
{
@@ -380,6 +377,10 @@
mbedtls_printf( " ok\n" );
+#if defined(MBEDTLS_DEBUG_C)
+ mbedtls_debug_set_threshold( opt.debug_level );
+#endif
+
/*
* 2. Start the connection
*/
@@ -418,12 +419,6 @@
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
- if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
- goto ssl_exit;
- }
-
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
@@ -479,11 +474,9 @@
mbedtls_net_free( &server_fd );
mbedtls_x509_crt_free( &cacert );
- mbedtls_x509_crt_free( &clicert );
#if defined(MBEDTLS_X509_CRL_PARSE_C)
mbedtls_x509_crl_free( &cacrl );
#endif
- mbedtls_pk_free( &pkey );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index 5cafb80..30df216 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -34,7 +34,8 @@
#if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_FS_IO) || \
!defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \
- !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
+ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
+ !defined(MBEDTLS_PEM_WRITE_C)
int main( void )
{
mbedtls_printf( "MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or "
@@ -341,4 +342,4 @@
return( ret );
}
#endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
- MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
+ MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_WRITE_C */
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index 7907d82..66e5f1d 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -32,10 +32,11 @@
#define mbedtls_printf printf
#endif
-#if !defined(MBEDTLS_X509_CRT_WRITE_C) || \
- !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
- !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
- !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C)
+#if !defined(MBEDTLS_X509_CRT_WRITE_C) || \
+ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
+ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \
+ !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C) || \
+ !defined(MBEDTLS_PEM_WRITE_C)
int main( void )
{
mbedtls_printf( "MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or "
@@ -664,4 +665,4 @@
}
#endif /* MBEDTLS_X509_CRT_WRITE_C && MBEDTLS_X509_CRT_PARSE_C &&
MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
- MBEDTLS_ERROR_C */
+ MBEDTLS_ERROR_C && MBEDTLS_PEM_WRITE_C */
diff --git a/scripts/config.pl b/scripts/config.pl
index 8921a87..2757f17 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -70,7 +70,7 @@
used:
$config_file
-o | --force - If the symbol isn't present in the configuration
- file when setting it's value, a #define is
+ file when setting its value, a #define is
appended to the end of the file.
EOU
diff --git a/scripts/footprint.sh b/scripts/footprint.sh
index 9d3c629..d38e50a 100755
--- a/scripts/footprint.sh
+++ b/scripts/footprint.sh
@@ -85,7 +85,7 @@
echo "(generated by $0)" > "$OUTFILE"
echo "" >> "$OUTFILE"
-log "Footprint of standard configurations (minus net.c, timing.c, fs_io)"
+log "Footprint of standard configurations (minus net_sockets.c, timing.c, fs_io)"
log "for bare-metal ARM Cortex-M3/M4 microcontrollers."
VERSION_H="include/mbedtls/version.h"
diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl
index 9605d68..cfcf07c 100755
--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@@ -90,6 +90,9 @@
$include_name =~ tr/A-Z/a-z/;
$include_name = "" if ($include_name eq "asn1");
+ # Fix faulty ones
+ $include_name = "net_sockets" if ($module_name eq "NET");
+
my $found_ll = grep $_ eq $module_name, @low_level_modules;
my $found_hl = grep $_ eq $module_name, @high_level_modules;
if (!$found_ll && !$found_hl)
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 13659de..dc27979 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -39,7 +39,9 @@
endif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG)
if(MSVC)
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /w") # no warnings here
+ # If a warning level has been defined, suppress all warnings for test code
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W0")
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX-")
endif(MSVC)
add_test_suite(aes aes.ecb)
@@ -61,6 +63,7 @@
add_test_suite(cipher cipher.gcm)
add_test_suite(cipher cipher.null)
add_test_suite(cipher cipher.padding)
+add_test_suite(cmac)
add_test_suite(ctr_drbg)
add_test_suite(debug)
add_test_suite(des)
@@ -112,7 +115,7 @@
if (CMAKE_HOST_UNIX)
set(command ln -s ${target} ${link})
else()
- set(command cmd.exe /c mklink /d ${link} ${target})
+ set(command cmd.exe /c mklink /j ${link} ${target})
endif()
execute_process(COMMAND ${command}
diff --git a/tests/Makefile b/tests/Makefile
index b86702c..4787f25 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -50,6 +50,7 @@
test_suite_arc4$(EXEXT) test_suite_asn1write$(EXEXT) \
test_suite_base64$(EXEXT) test_suite_blowfish$(EXEXT) \
test_suite_camellia$(EXEXT) test_suite_ccm$(EXEXT) \
+ test_suite_cmac$(EXEXT) \
test_suite_cipher.aes$(EXEXT) \
test_suite_cipher.arc4$(EXEXT) test_suite_cipher.ccm$(EXEXT) \
test_suite_cipher.gcm$(EXEXT) \
@@ -236,6 +237,10 @@
echo " CC $<"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+test_suite_cmac$(EXEXT): test_suite_cmac.c $(DEP)
+ echo " CC $<"
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
test_suite_cipher.aes$(EXEXT): test_suite_cipher.aes.c $(DEP)
echo " CC $<"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index ff60c27..d73c926 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -35,6 +35,7 @@
MEMORY=0
FORCE=0
+RELEASE=0
# Default commands, can be overriden by the environment
: ${OPENSSL:="openssl"}
@@ -56,6 +57,8 @@
printf " -h|--help\t\tPrint this help.\n"
printf " -m|--memory\t\tAdditional optional memory tests.\n"
printf " -f|--force\t\tForce the tests to overwrite any modified files.\n"
+ printf " -s|--seed\t\tInteger seed value to use for this test run.\n"
+ printf " -r|--release-test\t\tRun this script in release mode. This fixes the seed value to 1.\n"
printf " --out-of-source-dir=<path>\t\tDirectory used for CMake out-of-source build tests."
printf " --openssl=<OpenSSL_path>\t\tPath to OpenSSL executable to use for most tests.\n"
printf " --openssl-legacy=<OpenSSL_path>\t\tPath to OpenSSL executable to use for legacy tests e.g. SSLv3.\n"
@@ -114,6 +117,13 @@
--force|-f)
FORCE=1
;;
+ --seed|-s)
+ shift
+ SEED="$1"
+ ;;
+ --release-test|-r)
+ RELEASE=1
+ ;;
--out-of-source-dir)
shift
OUT_OF_SOURCE_DIR="$1"
@@ -179,9 +189,15 @@
fi
fi
+if [ $RELEASE -eq 1 ]; then
+ # Fix the seed value to 1 to ensure that the tests are deterministic.
+ SEED=1
+fi
+
msg "info: $0 configuration"
echo "MEMORY: $MEMORY"
echo "FORCE: $FORCE"
+echo "SEED: ${SEED-"UNSET"}"
echo "OPENSSL: $OPENSSL"
echo "OPENSSL_LEGACY: $OPENSSL_LEGACY"
echo "GNUTLS_CLI: $GNUTLS_CLI"
@@ -189,6 +205,15 @@
echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI"
echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV"
+# To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh
+# we just export the variables they require
+export OPENSSL_CMD="$OPENSSL"
+export GNUTLS_CLI="$GNUTLS_CLI"
+export GNUTLS_SERV="$GNUTLS_SERV"
+
+# Avoid passing --seed flag in every call to ssl-opt.sh
+[ ! -z ${SEED+set} ] && export SEED
+
# Make sure the tools we need are available.
check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$GNUTLS_CLI" "$GNUTLS_SERV" \
"$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" "doxygen" "dot" \
@@ -340,7 +365,7 @@
scripts/config.pl unset MBEDTLS_SSL_CLI_C
CC=gcc CFLAGS='-Werror -O0' make
-msg "build: full config except net.c, make, gcc -std=c99 -pedantic" # ~ 30s
+msg "build: full config except net_sockets.c, make, gcc -std=c99 -pedantic" # ~ 30s
cleanup
cp "$CONFIG_H" "$CONFIG_BAK"
scripts/config.pl full
diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh
index e8b6164..b405871 100755
--- a/tests/scripts/basic-build-test.sh
+++ b/tests/scripts/basic-build-test.sh
@@ -36,11 +36,30 @@
exit 1
fi
+: ${OPENSSL:="openssl"}
+: ${OPENSSL_LEGACY:="$OPENSSL"}
+: ${GNUTLS_CLI:="gnutls-cli"}
+: ${GNUTLS_SERV:="gnutls-serv"}
+: ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"}
+: ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"}
+
+# To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh
+# we just export the variables they require
+export OPENSSL_CMD="$OPENSSL"
+export GNUTLS_CLI="$GNUTLS_CLI"
+export GNUTLS_SERV="$GNUTLS_SERV"
+
CONFIG_H='include/mbedtls/config.h'
CONFIG_BAK="$CONFIG_H.bak"
# Step 0 - print build environment info
-scripts/output_env.sh
+OPENSSL="$OPENSSL" \
+ OPENSSL_LEGACY="$OPENSSL_LEGACY" \
+ GNUTLS_CLI="$GNUTLS_CLI" \
+ GNUTLS_SERV="$GNUTLS_SERV" \
+ GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" \
+ GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" \
+ scripts/output_env.sh
echo
# Step 1 - Make and instrumented build for code coverage
@@ -65,7 +84,15 @@
echo
# Step 2c - Compatibility tests
-sh compat.sh |tee compat-test-$TEST_OUTPUT
+sh compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2' | \
+ tee compat-test-$TEST_OUTPUT
+OPENSSL_CMD="$OPENSSL_LEGACY" \
+ sh compat.sh -m 'ssl3' |tee -a compat-test-$TEST_OUTPUT
+OPENSSL_CMD="$OPENSSL_LEGACY" \
+ GNUTLS_CLI="$GNUTLS_LEGACY_CLI" \
+ GNUTLS_SERV="$GNUTLS_LEGACY_SERV" \
+ sh compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR' | \
+ tee -a compat-test-$TEST_OUTPUT
echo
# Step 3 - Process the coverage report
@@ -128,9 +155,9 @@
# Step 4c - System Compatibility tests
echo "System/Compatibility tests - tests/compat.sh"
-PASSED_TESTS=$(tail -n5 compat-test-$TEST_OUTPUT|sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p')
-SKIPPED_TESTS=$(tail -n5 compat-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p')
-EXED_TESTS=$(tail -n5 compat-test-$TEST_OUTPUT|sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p')
+PASSED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* (\([0-9]*\) \/ [0-9]* tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
+SKIPPED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ [0-9]* tests (\([0-9]*\) skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
+EXED_TESTS=$(cat compat-test-$TEST_OUTPUT | sed -n -e 's/.* ([0-9]* \/ \([0-9]*\) tests ([0-9]* skipped))$/\1/p' | awk 'BEGIN{ s = 0 } { s += $1 } END{ print s }')
FAILED_TESTS=$(($EXED_TESTS - $PASSED_TESTS))
echo "Passed : $PASSED_TESTS"
diff --git a/tests/scripts/yotta-build.sh b/tests/scripts/yotta-build.sh
index 19cc576..4bae34a 100755
--- a/tests/scripts/yotta-build.sh
+++ b/tests/scripts/yotta-build.sh
@@ -1,12 +1,26 @@
#!/bin/sh
-# Do test builds of the yotta module for all supported targets
+# yotta-build.sh
+#
+# This file is part of mbed TLS (https://tls.mbed.org)
+#
+# Copyright (c) 2015-2016, ARM Limited, All Rights Reserved
+#
+# Purpose
+#
+# To run test builds of the yotta module for all supported targets.
set -eu
-yotta/create-module.sh
-cd yotta/module
-yt update || true # needs network
+check_tools()
+{
+ for TOOL in "$@"; do
+ if ! `hash "$TOOL" >/dev/null 2>&1`; then
+ echo "$TOOL not found!" >&2
+ exit 1
+ fi
+ done
+}
yotta_build()
{
@@ -19,22 +33,29 @@
yt -t $TARGET build -d
}
+# Make sure the tools we need are available.
+check_tools "arm-none-eabi-gcc" "armcc" "yotta"
+
+yotta/create-module.sh
+cd yotta/module
+yt update || true # needs network
+
if uname -a | grep 'Linux.*x86' >/dev/null; then
yotta_build x86-linux-native
fi
if uname -a | grep 'Darwin.*x86' >/dev/null; then
yotta_build x86-osx-native
fi
-if which armcc >/dev/null && armcc --help >/dev/null 2>&1; then
- yotta_build frdm-k64f-armcc
- #yotta_build nordic-nrf51822-16k-armcc
-fi
-if which arm-none-eabi-gcc >/dev/null; then
- yotta_build frdm-k64f-gcc
- #yotta_build st-nucleo-f401re-gcc # dirent
- #yotta_build stm32f429i-disco-gcc # fails in mbed-hal-st-stm32f4
- #yotta_build nordic-nrf51822-16k-gcc # fails in minar-platform
- #yotta_build bbc-microbit-classic-gcc # fails in minar-platform
- #yotta_build st-stm32f439zi-gcc # fails in mbed-hal-st-stm32f4
- #yotta_build st-stm32f429i-disco-gcc # fails in mbed-hal-st-stm32f4
-fi
+
+# armcc build tests.
+yotta_build frdm-k64f-armcc
+#yotta_build nordic-nrf51822-16k-armcc
+
+# arm-none-eabi-gcc build tests.
+yotta_build frdm-k64f-gcc
+#yotta_build st-nucleo-f401re-gcc # dirent
+#yotta_build stm32f429i-disco-gcc # fails in mbed-hal-st-stm32f4
+#yotta_build nordic-nrf51822-16k-gcc # fails in minar-platform
+#yotta_build bbc-microbit-classic-gcc # fails in minar-platform
+#yotta_build st-stm32f439zi-gcc # fails in mbed-hal-st-stm32f4
+#yotta_build st-stm32f429i-disco-gcc # fails in mbed-hal-st-stm32f4
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index d9c45cd..57155b8 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -58,6 +58,7 @@
printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n"
printf " -s|--show-numbers\tShow test numbers in front of test names\n"
printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n"
+ printf " --seed\tInteger seed value to use for this test run\n"
}
get_options() {
@@ -81,6 +82,9 @@
-p|--preserve-logs)
PRESERVE_LOGS=1
;;
+ --seed)
+ shift; SEED="$1"
+ ;;
-h|--help)
print_usage
exit 0
@@ -329,8 +333,10 @@
# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
# Options: -s pattern pattern that must be present in server output
# -c pattern pattern that must be present in client output
+# -u pattern lines after pattern must be unique in client output
# -S pattern pattern that must be absent in server output
# -C pattern pattern that must be absent in client output
+# -U pattern lines after pattern must be unique in server output
run_test() {
NAME="$1"
shift 1
@@ -471,28 +477,49 @@
case $1 in
"-s")
if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else
- fail "-s $2"
+ fail "pattern '$2' MUST be present in the Server output"
return
fi
;;
"-c")
if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else
- fail "-c $2"
+ fail "pattern '$2' MUST be present in the Client output"
return
fi
;;
"-S")
if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then
- fail "-S $2"
+ fail "pattern '$2' MUST NOT be present in the Server output"
return
fi
;;
"-C")
if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then
- fail "-C $2"
+ fail "pattern '$2' MUST NOT be present in the Client output"
+ return
+ fi
+ ;;
+
+ # The filtering in the following two options (-u and -U) do the following
+ # - ignore valgrind output
+ # - filter out everything but lines right after the pattern occurances
+ # - keep one of each non-unique line
+ # - count how many lines remain
+ # A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1
+ # if there were no duplicates.
+ "-U")
+ if [ $(grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then
+ fail "lines following pattern '$2' must be unique in Server output"
+ return
+ fi
+ ;;
+
+ "-u")
+ if [ $(grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then
+ fail "lines following pattern '$2' must be unique in Client output"
return
fi
;;
@@ -595,7 +622,7 @@
# +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later
P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT"
P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT"
-P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT"
+P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}"
O_SRV="$O_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
O_CLI="$O_CLI -connect localhost:+SRV_PORT"
G_SRV="$G_SRV -p $SRV_PORT"
@@ -635,6 +662,14 @@
-s "Protocol is DTLSv1.2" \
-s "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384"
+# Test for uniqueness of IVs in AEAD ciphersuites
+run_test "Unique IV in GCM" \
+ "$P_SRV exchanges=20 debug_level=4" \
+ "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
+ 0 \
+ -u "IV used" \
+ -U "IV used"
+
# Tests for rc4 option
requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES
@@ -1721,6 +1756,24 @@
-C "! mbedtls_ssl_handshake returned" \
-C "X509 - Certificate verification failed"
+run_test "Authentication: client SHA256, server required" \
+ "$P_SRV auth_mode=required" \
+ "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
+ key_file=data_files/server6.key \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
+ 0 \
+ -c "Supported Signature Algorithm found: 4," \
+ -c "Supported Signature Algorithm found: 5,"
+
+run_test "Authentication: client SHA384, server required" \
+ "$P_SRV auth_mode=required" \
+ "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
+ key_file=data_files/server6.key \
+ force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
+ 0 \
+ -c "Supported Signature Algorithm found: 4," \
+ -c "Supported Signature Algorithm found: 5,"
+
run_test "Authentication: client badcert, server required" \
"$P_SRV debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index d12be75..63815df 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -8,16 +8,13 @@
#include "mbedtls/platform.h"
#else
#include <stdio.h>
-#define mbedtls_printf printf
#define mbedtls_fprintf fprintf
-#define mbedtls_calloc calloc
+#define mbedtls_snprintf snprintf
+#define mbedtls_calloc calloc
#define mbedtls_free free
#define mbedtls_exit exit
#define mbedtls_time time
#define mbedtls_time_t time_t
-#define mbedtls_fprintf fprintf
-#define mbedtls_printf printf
-#define mbedtls_snprintf snprintf
#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif
@@ -37,6 +34,9 @@
#include <string.h>
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+#include <unistd.h>
+#endif
/*----------------------------------------------------------------------------*/
/* Constants */
@@ -105,6 +105,48 @@
/*----------------------------------------------------------------------------*/
/* Helper Functions */
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+static int redirect_output( FILE** out_stream, const char* path )
+{
+ int stdout_fd = dup( fileno( *out_stream ) );
+
+ if( stdout_fd == -1 )
+ {
+ return -1;
+ }
+
+ fflush( *out_stream );
+ fclose( *out_stream );
+ *out_stream = fopen( path, "w" );
+
+ if( *out_stream == NULL )
+ {
+ return -1;
+ }
+
+ return stdout_fd;
+}
+
+static int restore_output( FILE** out_stream, int old_fd )
+{
+ fflush( *out_stream );
+ fclose( *out_stream );
+
+ *out_stream = fdopen( old_fd, "w" );
+ if( *out_stream == NULL )
+ {
+ return -1;
+ }
+
+ return 0;
+}
+
+static void close_output( FILE* out_stream )
+{
+ fclose( out_stream );
+}
+#endif /* __unix__ || __APPLE__ __MACH__ */
+
static int unhexify( unsigned char *obuf, const char *ibuf )
{
unsigned char c, c2;
@@ -355,7 +397,8 @@
{
test_errors++;
if( test_errors == 1 )
- mbedtls_printf( "FAILED\n" );
- mbedtls_printf( " %s\n at line %d, %s\n", test, line_no, filename );
+ mbedtls_fprintf( stdout, "FAILED\n" );
+ mbedtls_fprintf( stdout, " %s\n at line %d, %s\n", test, line_no,
+ filename );
}
diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index ac5322e..a7bb41d 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@@ -7,7 +7,8 @@
if( (*str)[0] != '"' ||
(*str)[strlen( *str ) - 1] != '"' )
{
- mbedtls_printf( "Expected string (with \"\") for parameter and got: %s\n", *str );
+ mbedtls_fprintf( stderr,
+ "Expected string (with \"\") for parameter and got: %s\n", *str );
return( -1 );
}
@@ -60,7 +61,8 @@
MAPPING_CODE
- mbedtls_printf( "Expected integer for parameter and got: %s\n", str );
+ mbedtls_fprintf( stderr,
+ "Expected integer for parameter and got: %s\n", str );
return( KEY_VALUE_MAPPING_NOT_FOUND );
}
@@ -259,6 +261,9 @@
char buf[5000];
char *params[50];
void *pointer;
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+ int stdout_fd = -1;
+#endif /* __unix__ || __APPLE__ __MACH__ */
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
!defined(TEST_SUITE_MEMORY_BUFFER_ALLOC)
@@ -343,7 +348,8 @@
{
if( unmet_dep_count > 0 )
{
- mbedtls_printf("FATAL: Dep count larger than zero at start of loop\n");
+ mbedtls_fprintf( stderr,
+ "FATAL: Dep count larger than zero at start of loop\n" );
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
}
unmet_dep_count = 0;
@@ -379,7 +385,7 @@
unmet_dependencies[ unmet_dep_count ] = strdup(params[i]);
if( unmet_dependencies[ unmet_dep_count ] == NULL )
{
- mbedtls_printf("FATAL: Out of memory\n");
+ mbedtls_fprintf( stderr, "FATAL: Out of memory\n" );
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
}
unmet_dep_count++;
@@ -395,7 +401,32 @@
if( unmet_dep_count == 0 )
{
test_errors = 0;
+
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+ /* Suppress all output from the library unless we're verbose
+ * mode
+ */
+ if( !option_verbose )
+ {
+ stdout_fd = redirect_output( &stdout, "/dev/null" );
+ if( stdout_fd == -1 )
+ {
+ /* Redirection has failed with no stdout so exit */
+ exit( 1 );
+ }
+ }
+#endif /* __unix__ || __APPLE__ __MACH__ */
+
ret = dispatch_test( cnt, params );
+
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+ if( !option_verbose && restore_output( &stdout, stdout_fd ) )
+ {
+ /* Redirection has failed with no stdout so exit */
+ exit( 1 );
+ }
+#endif /* __unix__ || __APPLE__ __MACH__ */
+
}
if( unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE )
@@ -470,6 +501,11 @@
mbedtls_memory_buffer_alloc_free();
#endif
+#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__))
+ if( stdout_fd != -1 )
+ close_output( stdout );
+#endif /* __unix__ || __APPLE__ __MACH__ */
+
return( total_errors != 0 );
}
diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index 97bf51b..c5f0eaa 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -292,6 +292,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void aes_selftest()
{
- TEST_ASSERT( mbedtls_aes_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_aes_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_arc4.function b/tests/suites/test_suite_arc4.function
index 3da7d88..a4b401b 100644
--- a/tests/suites/test_suite_arc4.function
+++ b/tests/suites/test_suite_arc4.function
@@ -41,6 +41,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void arc4_selftest()
{
- TEST_ASSERT( mbedtls_arc4_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_arc4_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function
index ab6d88c..77fa7fd 100644
--- a/tests/suites/test_suite_base64.function
+++ b/tests/suites/test_suite_base64.function
@@ -119,6 +119,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void base64_selftest()
{
- TEST_ASSERT( mbedtls_base64_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_base64_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_camellia.function b/tests/suites/test_suite_camellia.function
index 8c69a96..9df6482 100644
--- a/tests/suites/test_suite_camellia.function
+++ b/tests/suites/test_suite_camellia.function
@@ -224,6 +224,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void camellia_selftest()
{
- TEST_ASSERT( mbedtls_camellia_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_camellia_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function
index 13371eb..2f5c77c 100644
--- a/tests/suites/test_suite_ccm.function
+++ b/tests/suites/test_suite_ccm.function
@@ -10,7 +10,7 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */
void mbedtls_ccm_self_test( )
{
- TEST_ASSERT( mbedtls_ccm_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_ccm_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_cmac.data b/tests/suites/test_suite_cmac.data
new file mode 100644
index 0000000..70b7609
--- /dev/null
+++ b/tests/suites/test_suite_cmac.data
@@ -0,0 +1,64 @@
+CMAC self test
+mbedtls_cmac_self_test:
+
+CMAC null arguments
+mbedtls_cmac_null_args:
+
+CMAC init #1 AES-128: OK
+depends_on:MBEDTLS_AES_C
+mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_128_ECB:128:0
+
+CMAC init #2 AES-192: OK
+depends_on:MBEDTLS_AES_C
+mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_192_ECB:192:0
+
+CMAC init #3 AES-256: OK
+depends_on:MBEDTLS_AES_C
+mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_256_ECB:256:0
+
+CMAC init #4 3DES : OK
+depends_on:MBEDTLS_DES_C
+mbedtls_cmac_setkey:MBEDTLS_CIPHER_DES_EDE3_ECB:192:0
+
+CMAC init #5 AES-224: bad key size
+depends_on:MBEDTLS_AES_C
+mbedtls_cmac_setkey:MBEDTLS_CIPHER_ID_AES:224:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+CMAC init #6 AES-0: bad key size
+depends_on:MBEDTLS_AES_C
+mbedtls_cmac_setkey:MBEDTLS_CIPHER_ID_AES:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+CMAC init #7 Camellia: wrong cipher
+depends_on:MBEDTLS_CAMELLIA_C
+mbedtls_cmac_setkey:MBEDTLS_CIPHER_ID_CAMELLIA:128:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+
+CMAC Single Blocks #1 - Empty block, no updates
+mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":-1:"":-1:"":-1:"":-1:"bb1d6929e95937287fa37d129b756746"
+
+CMAC Single Blocks #2 - Single 16 byte block
+mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172a":16:"":-1:"":-1:"":-1:"070a16b46b4d4144f79bdd9dd04a287c"
+
+CMAC Single Blocks #3 - Single 64 byte block
+mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"":-1:"51f0bebf7e3b9d92fc49741779363cfe"
+
+CMAC Multiple Blocks #1 - Multiple 8 byte blocks
+mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96":8:"e93d7e117393172a":8:"":-1:"":-1:"070a16b46b4d4144f79bdd9dd04a287c"
+
+CMAC Multiple Blocks #2 - Multiple 16 byte blocks
+mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172a":16:"ae2d8a571e03ac9c9eb76fac45af8e51":16:"30c81c46a35ce411e5fbc1191a0a52ef":16:"f69f2445df4f9b17ad2b417be66c3710":16:"51f0bebf7e3b9d92fc49741779363cfe"
+
+CMAC Multiple Blocks #3 - Multiple variable sized blocks
+mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96":8:"e93d7e117393172aae2d8a571e03ac9c":16:"9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52ef":24:"f69f2445df4f9b17ad2b417be66c3710":16:"51f0bebf7e3b9d92fc49741779363cfe"
+
+CMAC Multiple Blocks #4 - Multiple 8 byte blocks with gaps
+mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":0:"6bc1bee22e409f96":8:"":0:"e93d7e117393172a":8:"070a16b46b4d4144f79bdd9dd04a287c"
+
+CMAC Multiple Operations, same key #1 - Empty, empty
+mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367"
+
+CMAC Multiple Operations, same key #2 - Empty, 64 byte block
+mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"a1d5df0eed790f794d77589659f39a11"
+
+CMAC Multiple Operations, same key #3 - variable byte blocks
+mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11"
+
diff --git a/tests/suites/test_suite_cmac.function b/tests/suites/test_suite_cmac.function
new file mode 100644
index 0000000..4b31ab2
--- /dev/null
+++ b/tests/suites/test_suite_cmac.function
@@ -0,0 +1,310 @@
+/* BEGIN_HEADER */
+#include "mbedtls/cipher.h"
+#include "mbedtls/cmac.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_CMAC_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
+void mbedtls_cmac_self_test( )
+{
+ TEST_ASSERT( mbedtls_cmac_self_test( 1 ) == 0 );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_cmac_null_args( )
+{
+ mbedtls_cipher_context_t ctx;
+ const mbedtls_cipher_info_t *cipher_info;
+ unsigned char test_key[MBEDTLS_CIPHER_BLKSIZE_MAX];
+ unsigned char test_data[MBEDTLS_CIPHER_BLKSIZE_MAX];
+ unsigned char test_output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+ mbedtls_cipher_init( &ctx );
+
+ /* Test NULL cipher info */
+ TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, test_data, 16 ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
+ TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 );
+
+ TEST_ASSERT( mbedtls_cipher_cmac_starts( NULL, test_key, 128 ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, NULL, 128 ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_cipher_cmac_update( NULL, test_data, 16 ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, NULL, 16 ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_cipher_cmac_finish( NULL, test_output ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, NULL ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_cipher_cmac_reset( NULL ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_cipher_cmac( NULL,
+ test_key, 128,
+ test_data, 16,
+ test_output ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_cipher_cmac( cipher_info,
+ NULL, 128,
+ test_data, 16,
+ test_output ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_cipher_cmac( cipher_info,
+ test_key, 128,
+ NULL, 16,
+ test_output ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_cipher_cmac( cipher_info,
+ test_key, 128,
+ test_data, 16,
+ NULL ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_aes_cmac_prf_128( NULL, 16,
+ test_data, 16,
+ test_output ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16,
+ NULL, 16,
+ test_output ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+ TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16,
+ test_data, 16,
+ NULL ) ==
+ MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+exit:
+ mbedtls_cipher_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_cmac_setkey( int cipher_type, int key_size,
+ int result )
+{
+ const mbedtls_cipher_info_t *cipher_info;
+ unsigned char key[32];
+ unsigned char buf[16];
+ unsigned char tmp[16];
+
+ memset( key, 0x2A, sizeof( key ) );
+ TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) );
+
+ TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) )
+ != NULL );
+
+ memset( buf, 0x2A, sizeof( buf ) );
+ TEST_ASSERT( ( result == mbedtls_cipher_cmac( cipher_info, key, key_size,
+ buf, 16, tmp ) ) != 0 );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_cmac_multiple_blocks( int cipher_type,
+ char *key_string, int keybits,
+ int block_size,
+ char *block1_string, int block1_len,
+ char *block2_string, int block2_len,
+ char *block3_string, int block3_len,
+ char *block4_string, int block4_len,
+ char *expected_result_string )
+{
+ unsigned char key[100];
+ unsigned char block1[100];
+ unsigned char block2[100];
+ unsigned char block3[100];
+ unsigned char block4[100];
+ unsigned char expected_result[100];
+ const mbedtls_cipher_info_t *cipher_info;
+ mbedtls_cipher_context_t ctx;
+ unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+ /* Convert the test parameters to binary data */
+ unhexify( key, key_string );
+ unhexify( block1, block1_string );
+ unhexify( block2, block2_string );
+ unhexify( block3, block3_string );
+ unhexify( block4, block4_string );
+ unhexify( expected_result, expected_result_string );
+
+ mbedtls_cipher_init( &ctx );
+
+ /* Validate the test inputs */
+ TEST_ASSERT( block1_len <= 100 );
+ TEST_ASSERT( block2_len <= 100 );
+ TEST_ASSERT( block3_len <= 100 );
+ TEST_ASSERT( block4_len <= 100 );
+
+ /* Set up */
+ TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) )
+ != NULL );
+
+ TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 );
+
+ TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx,
+ (const unsigned char*)key,
+ keybits ) == 0 );
+
+ /* Multiple partial and complete blocks. A negative length means skip the
+ * update operation */
+ if( block1_len >= 0)
+ TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
+ (unsigned char*)block1,
+ block1_len ) == 0);
+
+ if( block2_len >= 0 )
+ TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
+ (unsigned char*)block2,
+ block2_len ) == 0);
+
+ if( block3_len >= 0 )
+ TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
+ (unsigned char*)block3,
+ block3_len ) == 0);
+
+ if( block4_len >= 0 )
+ TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
+ (unsigned char*)block4,
+ block4_len ) == 0);
+
+ TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 );
+
+ TEST_ASSERT( memcmp( output, expected_result, block_size ) == 0 );
+
+exit:
+ mbedtls_cipher_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_cmac_multiple_operations_same_key( int cipher_type,
+ char *key_string, int keybits,
+ int block_size,
+ char *block_a1_string, int block_a1_len,
+ char *block_a2_string, int block_a2_len,
+ char *block_a3_string, int block_a3_len,
+ char *expected_result_a_string,
+ char *block_b1_string, int block_b1_len,
+ char *block_b2_string, int block_b2_len,
+ char *block_b3_string, int block_b3_len,
+ char *expected_result_b_string )
+{
+ unsigned char key[100];
+ unsigned char block_a1[100];
+ unsigned char block_a2[100];
+ unsigned char block_a3[100];
+ unsigned char block_b1[100];
+ unsigned char block_b2[100];
+ unsigned char block_b3[100];
+ unsigned char expected_result_a[100], expected_result_b[100];
+ const mbedtls_cipher_info_t *cipher_info;
+ mbedtls_cipher_context_t ctx;
+ unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+ /* Convert the test parameters to binary data */
+ unhexify( key, key_string );
+ unhexify( block_a1, block_a1_string );
+ unhexify( block_a2, block_a2_string );
+ unhexify( block_a3, block_a3_string );
+
+ unhexify( block_b1, block_b1_string );
+ unhexify( block_b2, block_b2_string );
+ unhexify( block_b3, block_b3_string );
+
+ unhexify( expected_result_a, expected_result_a_string );
+ unhexify( expected_result_b, expected_result_b_string );
+
+ mbedtls_cipher_init( &ctx );
+
+ /* Validate the test inputs */
+ TEST_ASSERT( block_a1_len <= 100 );
+ TEST_ASSERT( block_a2_len <= 100 );
+ TEST_ASSERT( block_a3_len <= 100 );
+
+ TEST_ASSERT( block_b1_len <= 100 );
+ TEST_ASSERT( block_b2_len <= 100 );
+ TEST_ASSERT( block_b3_len <= 100 );
+
+ /* Set up */
+ TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) )
+ != NULL );
+
+ TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 );
+
+ TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx,
+ (const unsigned char*)key,
+ keybits ) == 0 );
+
+ /* Sequence A */
+
+ /* Multiple partial and complete blocks. A negative length means skip the
+ * update operation */
+ if( block_a1_len >= 0 )
+ TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
+ (unsigned char*)block_a1,
+ block_a1_len ) == 0);
+
+ if( block_a2_len >= 0 )
+ TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
+ (unsigned char*)block_a2,
+ block_a2_len ) == 0);
+
+ if( block_a3_len >= 0 )
+ TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
+ (unsigned char*)block_a3,
+ block_a3_len ) == 0);
+
+ TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 );
+
+ TEST_ASSERT( memcmp( output, expected_result_a, block_size ) == 0 );
+
+ TEST_ASSERT( mbedtls_cipher_cmac_reset( &ctx ) == 0 );
+
+ /* Sequence B */
+
+ /* Multiple partial and complete blocks. A negative length means skip the
+ * update operation */
+ if( block_b1_len >= 0)
+ TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
+ (unsigned char*)block_b1,
+ block_b1_len ) == 0);
+
+ if( block_b2_len >= 0 )
+ TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
+ (unsigned char*)block_b2,
+ block_b2_len ) == 0);
+
+ if( block_b3_len >= 0 )
+ TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx,
+ (unsigned char*)block_b3,
+ block_b3_len ) == 0);
+
+ TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 );
+
+ TEST_ASSERT( memcmp( output, expected_result_b, block_size ) == 0 );
+
+exit:
+ mbedtls_cipher_free( &ctx );
+}
+/* END_CASE */
+
diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function
index 3c7873b..3acfb8b 100644
--- a/tests/suites/test_suite_ctr_drbg.function
+++ b/tests/suites/test_suite_ctr_drbg.function
@@ -216,6 +216,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void ctr_drbg_selftest( )
{
- TEST_ASSERT( mbedtls_ctr_drbg_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_ctr_drbg_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_des.function b/tests/suites/test_suite_des.function
index aecd419..2e73a77 100644
--- a/tests/suites/test_suite_des.function
+++ b/tests/suites/test_suite_des.function
@@ -362,6 +362,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void des_selftest()
{
- TEST_ASSERT( mbedtls_des_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_des_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function
index 002c20b..b9b8e19 100644
--- a/tests/suites/test_suite_dhm.function
+++ b/tests/suites/test_suite_dhm.function
@@ -123,6 +123,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void dhm_selftest()
{
- TEST_ASSERT( mbedtls_dhm_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_dhm_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_ecjpake.function b/tests/suites/test_suite_ecjpake.function
index 8d867b7..11cf8dc 100644
--- a/tests/suites/test_suite_ecjpake.function
+++ b/tests/suites/test_suite_ecjpake.function
@@ -101,7 +101,7 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void ecjpake_selftest()
{
- TEST_ASSERT( mbedtls_ecjpake_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_ecjpake_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index eee6486..afe61ec 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -507,6 +507,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void ecp_selftest()
{
- TEST_ASSERT( mbedtls_ecp_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function
index 5b97cad..97a21bc 100644
--- a/tests/suites/test_suite_entropy.function
+++ b/tests/suites/test_suite_entropy.function
@@ -380,6 +380,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void entropy_selftest( int result )
{
- TEST_ASSERT( mbedtls_entropy_self_test( 0 ) == result );
+ TEST_ASSERT( mbedtls_entropy_self_test( 1 ) == result );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function
index 9d841dc..56c7e18 100644
--- a/tests/suites/test_suite_gcm.function
+++ b/tests/suites/test_suite_gcm.function
@@ -119,6 +119,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void gcm_selftest()
{
- TEST_ASSERT( mbedtls_gcm_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_gcm_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function
index 3cc9642..5209470 100644
--- a/tests/suites/test_suite_hmac_drbg.function
+++ b/tests/suites/test_suite_hmac_drbg.function
@@ -314,6 +314,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void hmac_drbg_selftest( )
{
- TEST_ASSERT( mbedtls_hmac_drbg_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_hmac_drbg_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_mdx.function b/tests/suites/test_suite_mdx.function
index 3d23363..9d0ee47 100644
--- a/tests/suites/test_suite_mdx.function
+++ b/tests/suites/test_suite_mdx.function
@@ -88,27 +88,27 @@
/* BEGIN_CASE depends_on:MBEDTLS_MD2_C:MBEDTLS_SELF_TEST */
void md2_selftest()
{
- TEST_ASSERT( mbedtls_md2_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_md2_self_test( 1 ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD4_C:MBEDTLS_SELF_TEST */
void md4_selftest()
{
- TEST_ASSERT( mbedtls_md4_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_md4_self_test( 1 ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_MD5_C:MBEDTLS_SELF_TEST */
void md5_selftest()
{
- TEST_ASSERT( mbedtls_md5_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_md5_self_test( 1 ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_SELF_TEST */
void ripemd160_selftest()
{
- TEST_ASSERT( mbedtls_ripemd160_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_ripemd160_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_memory_buffer_alloc.function b/tests/suites/test_suite_memory_buffer_alloc.function
index 04dd68b..a0c70d8 100644
--- a/tests/suites/test_suite_memory_buffer_alloc.function
+++ b/tests/suites/test_suite_memory_buffer_alloc.function
@@ -25,7 +25,7 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void mbedtls_memory_buffer_alloc_self_test( )
{
- TEST_ASSERT( mbedtls_memory_buffer_alloc_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_memory_buffer_alloc_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function
index e5d0850..b94c889 100644
--- a/tests/suites/test_suite_mpi.function
+++ b/tests/suites/test_suite_mpi.function
@@ -877,6 +877,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void mpi_selftest()
{
- TEST_ASSERT( mbedtls_mpi_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function
index b1f796e..8fabec0 100644
--- a/tests/suites/test_suite_pkcs5.function
+++ b/tests/suites/test_suite_pkcs5.function
@@ -82,6 +82,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void pkcs5_selftest( )
{
- TEST_ASSERT( mbedtls_pkcs5_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_pkcs5_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data
index d522332..af16880 100644
--- a/tests/suites/test_suite_rsa.data
+++ b/tests/suites/test_suite_rsa.data
@@ -361,7 +361,7 @@
mbedtls_rsa_gen_key:2048:3:0
RSA Generate Key - 1025 bit key
-mbedtls_rsa_gen_key:1025:3:0
+mbedtls_rsa_gen_key:1025:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
RSA PKCS1 Encrypt Bad RNG
depends_on:MBEDTLS_PKCS1_V15
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index 59cbb5c..d48bc85 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -678,6 +678,7 @@
if( result == 0 )
{
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
}
exit:
@@ -690,6 +691,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void rsa_selftest()
{
- TEST_ASSERT( mbedtls_rsa_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function
index ec326fc..6b3ee9c 100644
--- a/tests/suites/test_suite_shax.function
+++ b/tests/suites/test_suite_shax.function
@@ -112,20 +112,20 @@
/* BEGIN_CASE depends_on:MBEDTLS_SHA1_C:MBEDTLS_SELF_TEST */
void sha1_selftest()
{
- TEST_ASSERT( mbedtls_sha1_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_sha1_self_test( 1 ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_SELF_TEST */
void sha256_selftest()
{
- TEST_ASSERT( mbedtls_sha256_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_sha256_self_test( 1 ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_SELF_TEST */
void sha512_selftest()
{
- TEST_ASSERT( mbedtls_sha512_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_sha512_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_timing.function b/tests/suites/test_suite_timing.function
index 74f711c..5882f85 100644
--- a/tests/suites/test_suite_timing.function
+++ b/tests/suites/test_suite_timing.function
@@ -10,6 +10,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void timing_selftest()
{
- TEST_ASSERT( mbedtls_timing_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_timing_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data
index f9c2011..22e608f 100644
--- a/tests/suites/test_suite_version.data
+++ b/tests/suites/test_suite_version.data
@@ -1,8 +1,8 @@
Check compiletime library version
-check_compiletime_version:"2.3.0"
+check_compiletime_version:"2.4.1"
Check runtime library version
-check_runtime_version:"2.3.0"
+check_runtime_version:"2.4.1"
Check for MBEDTLS_VERSION_C
check_feature:"MBEDTLS_VERSION_C":0
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 17711dc..c829823 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -1526,3 +1526,39 @@
X509 File parse (trailing spaces, OK)
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
x509parse_crt_file:"data_files/server7_trailing_space.crt":0
+
+X509 Get time (UTC no issues)
+depends_on:MBEDTLS_X509_USE_C
+x509_get_time:MBEDTLS_ASN1_UTC_TIME:"500101000000Z":0:1950:1:1:0:0:0
+
+X509 Get time (Generalized Time no issues)
+depends_on:MBEDTLS_X509_USE_C
+x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"99991231235959Z":0:9999:12:31:23:59:59
+
+X509 Get time (UTC year without leap day)
+depends_on:MBEDTLS_X509_USE_C
+x509_get_time:MBEDTLS_ASN1_UTC_TIME:"490229121212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0
+
+X509 Get time (UTC year with leap day)
+depends_on:MBEDTLS_X509_USE_C
+x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000229121212Z":0:2000:2:29:12:12:12
+
+X509 Get time (UTC invalid day of month #1)
+depends_on:MBEDTLS_X509_USE_C
+x509_get_time:MBEDTLS_ASN1_UTC_TIME:"000132121212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0
+
+X509 Get time (UTC invalid day of month #2)
+depends_on:MBEDTLS_X509_USE_C
+x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001131121212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0
+
+X509 Get time (UTC invalid hour)
+depends_on:MBEDTLS_X509_USE_C
+x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001130241212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0
+
+X509 Get time (UTC invalid min)
+depends_on:MBEDTLS_X509_USE_C
+x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001130236012Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0
+
+X509 Get time (UTC invalid sec)
+depends_on:MBEDTLS_X509_USE_C
+x509_get_time:MBEDTLS_ASN1_UTC_TIME:"001130235960Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index c476ec5..be85869 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -1,4 +1,5 @@
/* BEGIN_HEADER */
+#include "mbedtls/x509.h"
#include "mbedtls/x509_crt.h"
#include "mbedtls/x509_crl.h"
#include "mbedtls/x509_csr.h"
@@ -590,6 +591,39 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */
+void x509_get_time( int tag, char *time_str, int ret,
+ int year, int mon, int day,
+ int hour, int min, int sec )
+{
+ mbedtls_x509_time time;
+ unsigned char buf[17];
+ unsigned char* start = buf;
+ unsigned char* end = buf;
+
+ memset( &time, 0x00, sizeof( time ) );
+ *end = (unsigned char)tag; end++;
+ if( tag == MBEDTLS_ASN1_UTC_TIME )
+ *end = 13;
+ else
+ *end = 15;
+ end++;
+ memcpy( end, time_str, (size_t)*(end - 1) );
+ end += *(end - 1);
+
+ TEST_ASSERT( mbedtls_x509_get_time( &start, end, &time ) == ret );
+ if( ret == 0 )
+ {
+ TEST_ASSERT( year == time.year );
+ TEST_ASSERT( mon == time.mon );
+ TEST_ASSERT( day == time.day );
+ TEST_ASSERT( hour == time.hour );
+ TEST_ASSERT( min == time.min );
+ TEST_ASSERT( sec == time.sec );
+ }
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT */
void x509_parse_rsassa_pss_params( char *hex_params, int params_tag,
int ref_msg_md, int ref_mgf_md,
@@ -623,6 +657,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_SELF_TEST */
void x509_selftest()
{
- TEST_ASSERT( mbedtls_x509_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_x509_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index c3773ba..89be31f 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -16,10 +16,11 @@
{
mbedtls_pk_context key;
mbedtls_x509write_csr req;
- unsigned char buf[4000];
+ unsigned char buf[4096];
unsigned char check_buf[4000];
int ret;
size_t olen = 0, pem_len = 0;
+ int der_len = -1;
FILE *f;
const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
rnd_pseudo_info rnd_info;
@@ -52,6 +53,17 @@
TEST_ASSERT( olen >= pem_len - 1 );
TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 );
+ der_len = mbedtls_x509write_csr_der( &req, buf, sizeof( buf ),
+ rnd_pseudo_rand, &rnd_info );
+ TEST_ASSERT( der_len >= 0 );
+
+ if( der_len == 0 )
+ goto exit;
+
+ ret = mbedtls_x509write_csr_der( &req, buf, (size_t)( der_len - 1 ),
+ rnd_pseudo_rand, &rnd_info );
+ TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
exit:
mbedtls_x509write_csr_free( &req );
mbedtls_pk_free( &key );
@@ -68,11 +80,12 @@
{
mbedtls_pk_context subject_key, issuer_key;
mbedtls_x509write_cert crt;
- unsigned char buf[4000];
+ unsigned char buf[4096];
unsigned char check_buf[5000];
mbedtls_mpi serial;
int ret;
size_t olen = 0, pem_len = 0;
+ int der_len = -1;
FILE *f;
rnd_pseudo_info rnd_info;
@@ -125,6 +138,17 @@
TEST_ASSERT( olen >= pem_len - 1 );
TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 );
+ der_len = mbedtls_x509write_crt_der( &crt, buf, sizeof( buf ),
+ rnd_pseudo_rand, &rnd_info );
+ TEST_ASSERT( der_len >= 0 );
+
+ if( der_len == 0 )
+ goto exit;
+
+ ret = mbedtls_x509write_crt_der( &crt, buf, (size_t)( der_len - 1 ),
+ rnd_pseudo_rand, &rnd_info );
+ TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
exit:
mbedtls_x509write_crt_free( &crt );
mbedtls_pk_free( &issuer_key );
diff --git a/tests/suites/test_suite_xtea.function b/tests/suites/test_suite_xtea.function
index e294a9b..cbc714a 100644
--- a/tests/suites/test_suite_xtea.function
+++ b/tests/suites/test_suite_xtea.function
@@ -124,6 +124,6 @@
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
void xtea_selftest()
{
- TEST_ASSERT( mbedtls_xtea_self_test( 0 ) == 0 );
+ TEST_ASSERT( mbedtls_xtea_self_test( 1 ) == 0 );
}
/* END_CASE */
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 04b7377..85dc3d8 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -157,6 +157,7 @@
<ClInclude Include="..\..\include\mbedtls\check_config.h" />
<ClInclude Include="..\..\include\mbedtls\cipher.h" />
<ClInclude Include="..\..\include\mbedtls\cipher_internal.h" />
+ <ClInclude Include="..\..\include\mbedtls\cmac.h" />
<ClInclude Include="..\..\include\mbedtls\compat-1.3.h" />
<ClInclude Include="..\..\include\mbedtls\config.h" />
<ClInclude Include="..\..\include\mbedtls\ctr_drbg.h" />
@@ -180,6 +181,7 @@
<ClInclude Include="..\..\include\mbedtls\md_internal.h" />
<ClInclude Include="..\..\include\mbedtls\memory_buffer_alloc.h" />
<ClInclude Include="..\..\include\mbedtls\net.h" />
+ <ClInclude Include="..\..\include\mbedtls\net_sockets.h" />
<ClInclude Include="..\..\include\mbedtls\oid.h" />
<ClInclude Include="..\..\include\mbedtls\padlock.h" />
<ClInclude Include="..\..\include\mbedtls\pem.h" />
@@ -189,6 +191,7 @@
<ClInclude Include="..\..\include\mbedtls\pkcs12.h" />
<ClInclude Include="..\..\include\mbedtls\pkcs5.h" />
<ClInclude Include="..\..\include\mbedtls\platform.h" />
+ <ClInclude Include="..\..\include\mbedtls\platform_time.h" />
<ClInclude Include="..\..\include\mbedtls\ripemd160.h" />
<ClInclude Include="..\..\include\mbedtls\rsa.h" />
<ClInclude Include="..\..\include\mbedtls\sha1.h" />
@@ -223,6 +226,7 @@
<ClCompile Include="..\..\library\certs.c" />
<ClCompile Include="..\..\library\cipher.c" />
<ClCompile Include="..\..\library\cipher_wrap.c" />
+ <ClCompile Include="..\..\library\cmac.c" />
<ClCompile Include="..\..\library\ctr_drbg.c" />
<ClCompile Include="..\..\library\debug.c" />
<ClCompile Include="..\..\library\des.c" />
@@ -244,7 +248,7 @@
<ClCompile Include="..\..\library\md5.c" />
<ClCompile Include="..\..\library\md_wrap.c" />
<ClCompile Include="..\..\library\memory_buffer_alloc.c" />
- <ClCompile Include="..\..\library\net.c" />
+ <ClCompile Include="..\..\library\net_sockets.c" />
<ClCompile Include="..\..\library\oid.c" />
<ClCompile Include="..\..\library\padlock.c" />
<ClCompile Include="..\..\library\pem.c" />
diff --git a/yotta/data/README.md b/yotta/data/README.md
index 7ec7cef..b748aac 100644
--- a/yotta/data/README.md
+++ b/yotta/data/README.md
@@ -72,7 +72,7 @@
* The mbed OS edition has a smaller set of features enabled by default in `config.h`, in order to reduce footprint. While the default configuration of the standalone edition puts more emphasize on maintaining interoperability with old peers, the mbed OS edition only enables the most modern ciphers and the latest version of (D)TLS.
-* The following components of mbed TLS are disabled in the mbed OS edition: `net.c` and `timing.c`. This is because mbed OS includes their equivalents.
+* The following components of mbed TLS are disabled in the mbed OS edition: `net_sockets.c` and `timing.c`. This is because mbed OS include their equivalents.
* The mbed OS edition comes with a fully integrated API for (D)TLS connections in a companion module: [mbed-tls-sockets](https://github.com/ARMmbed/mbed-tls-sockets). See "Performing TLS and DTLS connections" above.