Switch to the new code style
Signed-off-by: David Horstmann <david.horstmann@arm.com>
diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index 1cd20fe..42e1fe8 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -72,19 +72,18 @@
/**
* \brief The AES context-type definition.
*/
-typedef struct mbedtls_aes_context
-{
+typedef struct mbedtls_aes_context {
int MBEDTLS_PRIVATE(nr); /*!< The number of rounds. */
size_t MBEDTLS_PRIVATE(rk_offset); /*!< The offset in array elements to AES
- round keys in the buffer. */
+ round keys in the buffer. */
uint32_t MBEDTLS_PRIVATE(buf)[68]; /*!< Unaligned data buffer. This buffer can
- hold 32 extra Bytes, which can be used for
- one of the following purposes:
- <ul><li>Alignment if VIA padlock is
- used.</li>
- <li>Simplifying key expansion in the 256-bit
- case by generating an extra round key.
- </li></ul> */
+ hold 32 extra Bytes, which can be used for
+ one of the following purposes:
+ <ul><li>Alignment if VIA padlock is
+ used.</li>
+ <li>Simplifying key expansion in the 256-bit
+ case by generating an extra round key.
+ </li></ul> */
}
mbedtls_aes_context;
@@ -92,12 +91,11 @@
/**
* \brief The AES XTS context-type definition.
*/
-typedef struct mbedtls_aes_xts_context
-{
+typedef struct mbedtls_aes_xts_context {
mbedtls_aes_context MBEDTLS_PRIVATE(crypt); /*!< The AES context to use for AES block
- encryption or decryption. */
+ encryption or decryption. */
mbedtls_aes_context MBEDTLS_PRIVATE(tweak); /*!< The AES context used for tweak
- computation. */
+ computation. */
} mbedtls_aes_xts_context;
#endif /* MBEDTLS_CIPHER_MODE_XTS */
@@ -113,7 +111,7 @@
*
* \param ctx The AES context to initialize. This must not be \c NULL.
*/
-void mbedtls_aes_init( mbedtls_aes_context *ctx );
+void mbedtls_aes_init(mbedtls_aes_context *ctx);
/**
* \brief This function releases and clears the specified AES context.
@@ -122,7 +120,7 @@
* If this is \c NULL, this function does nothing.
* Otherwise, the context must have been at least initialized.
*/
-void mbedtls_aes_free( mbedtls_aes_context *ctx );
+void mbedtls_aes_free(mbedtls_aes_context *ctx);
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/**
@@ -133,7 +131,7 @@
*
* \param ctx The AES XTS context to initialize. This must not be \c NULL.
*/
-void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx );
+void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx);
/**
* \brief This function releases and clears the specified AES XTS context.
@@ -142,7 +140,7 @@
* If this is \c NULL, this function does nothing.
* Otherwise, the context must have been at least initialized.
*/
-void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx );
+void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx);
#endif /* MBEDTLS_CIPHER_MODE_XTS */
/**
@@ -161,8 +159,8 @@
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
- unsigned int keybits );
+int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
+ unsigned int keybits);
/**
* \brief This function sets the decryption key.
@@ -180,8 +178,8 @@
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
- unsigned int keybits );
+int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
+ unsigned int keybits);
#if defined(MBEDTLS_CIPHER_MODE_XTS)
/**
@@ -201,9 +199,9 @@
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
- const unsigned char *key,
- unsigned int keybits );
+int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx,
+ const unsigned char *key,
+ unsigned int keybits);
/**
* \brief This function prepares an XTS context for decryption and
@@ -222,9 +220,9 @@
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
- const unsigned char *key,
- unsigned int keybits );
+int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx,
+ const unsigned char *key,
+ unsigned int keybits);
#endif /* MBEDTLS_CIPHER_MODE_XTS */
/**
@@ -251,10 +249,10 @@
* \return \c 0 on success.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
- int mode,
- const unsigned char input[16],
- unsigned char output[16] );
+int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
+ int mode,
+ const unsigned char input[16],
+ unsigned char output[16]);
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/**
@@ -299,12 +297,12 @@
* on failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[16],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
+ int mode,
+ size_t length,
+ unsigned char iv[16],
+ const unsigned char *input,
+ unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_XTS)
@@ -344,12 +342,12 @@
* length is larger than 2^20 blocks (16 MiB).
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
- int mode,
- size_t length,
- const unsigned char data_unit[16],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx,
+ int mode,
+ size_t length,
+ const unsigned char data_unit[16],
+ const unsigned char *input,
+ unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_XTS */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
@@ -393,13 +391,13 @@
* \return \c 0 on success.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
- int mode,
- size_t length,
- size_t *iv_off,
- unsigned char iv[16],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
+ int mode,
+ size_t length,
+ size_t *iv_off,
+ unsigned char iv[16],
+ const unsigned char *input,
+ unsigned char *output);
/**
* \brief This function performs an AES-CFB8 encryption or decryption
@@ -438,12 +436,12 @@
* \return \c 0 on success.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[16],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
+ int mode,
+ size_t length,
+ unsigned char iv[16],
+ const unsigned char *input,
+ unsigned char *output);
#endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_OFB)
@@ -493,12 +491,12 @@
* \return \c 0 on success.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
- size_t length,
- size_t *iv_off,
- unsigned char iv[16],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx,
+ size_t length,
+ size_t *iv_off,
+ unsigned char iv[16],
+ const unsigned char *input,
+ unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_OFB */
@@ -576,13 +574,13 @@
* \return \c 0 on success.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
- size_t length,
- size_t *nc_off,
- unsigned char nonce_counter[16],
- unsigned char stream_block[16],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
+ size_t length,
+ size_t *nc_off,
+ unsigned char nonce_counter[16],
+ unsigned char stream_block[16],
+ const unsigned char *input,
+ unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */
/**
@@ -597,9 +595,9 @@
* \return \c 0 on success.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
- const unsigned char input[16],
- unsigned char output[16] );
+int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
+ const unsigned char input[16],
+ unsigned char output[16]);
/**
* \brief Internal AES block decryption function. This is only
@@ -613,9 +611,9 @@
* \return \c 0 on success.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
- const unsigned char input[16],
- unsigned char output[16] );
+int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
+ const unsigned char input[16],
+ unsigned char output[16]);
#if defined(MBEDTLS_SELF_TEST)
/**
@@ -625,7 +623,7 @@
* \return \c 1 on failure.
*/
MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_aes_self_test( int verbose );
+int mbedtls_aes_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h
index 71540c8..587cbf8 100644
--- a/include/mbedtls/aria.h
+++ b/include/mbedtls/aria.h
@@ -61,8 +61,7 @@
/**
* \brief The ARIA context-type definition.
*/
-typedef struct mbedtls_aria_context
-{
+typedef struct mbedtls_aria_context {
unsigned char MBEDTLS_PRIVATE(nr); /*!< The number of rounds (12, 14 or 16) */
/*! The ARIA round keys. */
uint32_t MBEDTLS_PRIVATE(rk)[MBEDTLS_ARIA_MAX_ROUNDS + 1][MBEDTLS_ARIA_BLOCKSIZE / 4];
@@ -81,7 +80,7 @@
*
* \param ctx The ARIA context to initialize. This must not be \c NULL.
*/
-void mbedtls_aria_init( mbedtls_aria_context *ctx );
+void mbedtls_aria_init(mbedtls_aria_context *ctx);
/**
* \brief This function releases and clears the specified ARIA context.
@@ -90,7 +89,7 @@
* case this function returns immediately. If it is not \c NULL,
* it must point to an initialized ARIA context.
*/
-void mbedtls_aria_free( mbedtls_aria_context *ctx );
+void mbedtls_aria_free(mbedtls_aria_context *ctx);
/**
* \brief This function sets the encryption key.
@@ -107,9 +106,9 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
- const unsigned char *key,
- unsigned int keybits );
+int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx,
+ const unsigned char *key,
+ unsigned int keybits);
/**
* \brief This function sets the decryption key.
@@ -126,9 +125,9 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
- const unsigned char *key,
- unsigned int keybits );
+int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
+ const unsigned char *key,
+ unsigned int keybits);
/**
* \brief This function performs an ARIA single-block encryption or
@@ -150,9 +149,9 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
- const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
- unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] );
+int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx,
+ const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
+ unsigned char output[MBEDTLS_ARIA_BLOCKSIZE]);
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/**
@@ -196,12 +195,12 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx,
+ int mode,
+ size_t length,
+ unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
+ const unsigned char *input,
+ unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
@@ -246,13 +245,13 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
- int mode,
- size_t length,
- size_t *iv_off,
- unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx,
+ int mode,
+ size_t length,
+ size_t *iv_off,
+ unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
+ const unsigned char *input,
+ unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
@@ -333,13 +332,13 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
- size_t length,
- size_t *nc_off,
- unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
- unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx,
+ size_t length,
+ size_t *nc_off,
+ unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
+ unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
+ const unsigned char *input,
+ unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(MBEDTLS_SELF_TEST)
@@ -348,7 +347,7 @@
*
* \return \c 0 on success, or \c 1 on failure.
*/
-int mbedtls_aria_self_test( int verbose );
+int mbedtls_aria_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus
diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h
index 5e3f387..e15aeb3 100644
--- a/include/mbedtls/asn1.h
+++ b/include/mbedtls/asn1.h
@@ -96,15 +96,15 @@
/* Slightly smaller way to check if tag is a string tag
* compared to canonical implementation. */
-#define MBEDTLS_ASN1_IS_STRING_TAG( tag ) \
- ( ( tag ) < 32u && ( \
- ( ( 1u << ( tag ) ) & ( ( 1u << MBEDTLS_ASN1_BMP_STRING ) | \
- ( 1u << MBEDTLS_ASN1_UTF8_STRING ) | \
- ( 1u << MBEDTLS_ASN1_T61_STRING ) | \
- ( 1u << MBEDTLS_ASN1_IA5_STRING ) | \
- ( 1u << MBEDTLS_ASN1_UNIVERSAL_STRING ) | \
- ( 1u << MBEDTLS_ASN1_PRINTABLE_STRING ) | \
- ( 1u << MBEDTLS_ASN1_BIT_STRING ) ) ) != 0 ) )
+#define MBEDTLS_ASN1_IS_STRING_TAG(tag) \
+ ((tag) < 32u && ( \
+ ((1u << (tag)) & ((1u << MBEDTLS_ASN1_BMP_STRING) | \
+ (1u << MBEDTLS_ASN1_UTF8_STRING) | \
+ (1u << MBEDTLS_ASN1_T61_STRING) | \
+ (1u << MBEDTLS_ASN1_IA5_STRING) | \
+ (1u << MBEDTLS_ASN1_UNIVERSAL_STRING) | \
+ (1u << MBEDTLS_ASN1_PRINTABLE_STRING) | \
+ (1u << MBEDTLS_ASN1_BIT_STRING))) != 0))
/*
* Bit masks for each of the components of an ASN.1 tag as specified in
@@ -132,12 +132,12 @@
* 'unsigned char *oid' here!
*/
#define MBEDTLS_OID_CMP(oid_str, oid_buf) \
- ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) || \
- memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 )
+ ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len) || \
+ memcmp((oid_str), (oid_buf)->p, (oid_buf)->len) != 0)
#define MBEDTLS_OID_CMP_RAW(oid_str, oid_buf, oid_buf_len) \
- ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len) ) || \
- memcmp( (oid_str), (oid_buf), (oid_buf_len) ) != 0 )
+ ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len)) || \
+ memcmp((oid_str), (oid_buf), (oid_buf_len)) != 0)
#ifdef __cplusplus
extern "C" {
@@ -151,8 +151,7 @@
/**
* Type-length-value structure that allows for ASN1 using DER.
*/
-typedef struct mbedtls_asn1_buf
-{
+typedef struct mbedtls_asn1_buf {
int tag; /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */
size_t len; /**< ASN1 length, in octets. */
unsigned char *p; /**< ASN1 data, e.g. in ASCII. */
@@ -162,8 +161,7 @@
/**
* Container for ASN1 bit strings.
*/
-typedef struct mbedtls_asn1_bitstring
-{
+typedef struct mbedtls_asn1_bitstring {
size_t len; /**< ASN1 length, in octets. */
unsigned char unused_bits; /**< Number of unused bits at the end of the string */
unsigned char *p; /**< Raw ASN1 data for the bit string */
@@ -173,8 +171,7 @@
/**
* Container for a sequence of ASN.1 items
*/
-typedef struct mbedtls_asn1_sequence
-{
+typedef struct mbedtls_asn1_sequence {
mbedtls_asn1_buf buf; /**< Buffer containing the given ASN.1 item. */
/** The next entry in the sequence.
@@ -191,8 +188,7 @@
/**
* Container for a sequence or list of 'named' ASN.1 data items
*/
-typedef struct mbedtls_asn1_named_data
-{
+typedef struct mbedtls_asn1_named_data {
mbedtls_asn1_buf oid; /**< The object identifier. */
mbedtls_asn1_buf val; /**< The named value. */
@@ -232,9 +228,9 @@
* would end beyond \p end.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
*/
-int mbedtls_asn1_get_len( unsigned char **p,
- const unsigned char *end,
- size_t *len );
+int mbedtls_asn1_get_len(unsigned char **p,
+ const unsigned char *end,
+ size_t *len);
/**
* \brief Get the tag and length of the element.
@@ -257,9 +253,9 @@
* would end beyond \p end.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
*/
-int mbedtls_asn1_get_tag( unsigned char **p,
- const unsigned char *end,
- size_t *len, int tag );
+int mbedtls_asn1_get_tag(unsigned char **p,
+ const unsigned char *end,
+ size_t *len, int tag);
/**
* \brief Retrieve a boolean ASN.1 tag and its value.
@@ -276,9 +272,9 @@
* \return An ASN.1 error code if the input does not start with
* a valid ASN.1 BOOLEAN.
*/
-int mbedtls_asn1_get_bool( unsigned char **p,
- const unsigned char *end,
- int *val );
+int mbedtls_asn1_get_bool(unsigned char **p,
+ const unsigned char *end,
+ int *val);
/**
* \brief Retrieve an integer ASN.1 tag and its value.
@@ -297,9 +293,9 @@
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
* not fit in an \c int.
*/
-int mbedtls_asn1_get_int( unsigned char **p,
- const unsigned char *end,
- int *val );
+int mbedtls_asn1_get_int(unsigned char **p,
+ const unsigned char *end,
+ int *val);
/**
* \brief Retrieve an enumerated ASN.1 tag and its value.
@@ -318,9 +314,9 @@
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
* not fit in an \c int.
*/
-int mbedtls_asn1_get_enum( unsigned char **p,
- const unsigned char *end,
- int *val );
+int mbedtls_asn1_get_enum(unsigned char **p,
+ const unsigned char *end,
+ int *val);
/**
* \brief Retrieve a bitstring ASN.1 tag and its value.
@@ -339,8 +335,8 @@
* \return An ASN.1 error code if the input does not start with
* a valid ASN.1 BIT STRING.
*/
-int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
- mbedtls_asn1_bitstring *bs );
+int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end,
+ mbedtls_asn1_bitstring *bs);
/**
* \brief Retrieve a bitstring ASN.1 tag without unused bits and its
@@ -360,9 +356,9 @@
* \return An ASN.1 error code if the input does not start with
* a valid ASN.1 BIT STRING.
*/
-int mbedtls_asn1_get_bitstring_null( unsigned char **p,
- const unsigned char *end,
- size_t *len );
+int mbedtls_asn1_get_bitstring_null(unsigned char **p,
+ const unsigned char *end,
+ size_t *len);
/**
* \brief Parses and splits an ASN.1 "SEQUENCE OF <tag>".
@@ -411,10 +407,10 @@
* \return An ASN.1 error code if the input does not start with
* a valid ASN.1 SEQUENCE.
*/
-int mbedtls_asn1_get_sequence_of( unsigned char **p,
- const unsigned char *end,
- mbedtls_asn1_sequence *cur,
- int tag );
+int mbedtls_asn1_get_sequence_of(unsigned char **p,
+ const unsigned char *end,
+ mbedtls_asn1_sequence *cur,
+ int tag);
/**
* \brief Free a heap-allocated linked list presentation of
* an ASN.1 sequence, including the first element.
@@ -436,7 +432,7 @@
* be \c NULL, in which case this functions returns
* immediately.
*/
-void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq );
+void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq);
/**
* \brief Traverse an ASN.1 SEQUENCE container and
@@ -528,9 +524,9 @@
const unsigned char *end,
unsigned char tag_must_mask, unsigned char tag_must_val,
unsigned char tag_may_mask, unsigned char tag_may_val,
- int (*cb)( void *ctx, int tag,
- unsigned char* start, size_t len ),
- void *ctx );
+ int (*cb)(void *ctx, int tag,
+ unsigned char *start, size_t len),
+ void *ctx);
#if defined(MBEDTLS_BIGNUM_C)
/**
@@ -551,9 +547,9 @@
* not fit in an \c int.
* \return An MPI error code if the parsed value is too large.
*/
-int mbedtls_asn1_get_mpi( unsigned char **p,
- const unsigned char *end,
- mbedtls_mpi *X );
+int mbedtls_asn1_get_mpi(unsigned char **p,
+ const unsigned char *end,
+ mbedtls_mpi *X);
#endif /* MBEDTLS_BIGNUM_C */
/**
@@ -572,9 +568,9 @@
*
* \return 0 if successful or a specific ASN.1 or MPI error code.
*/
-int mbedtls_asn1_get_alg( unsigned char **p,
- const unsigned char *end,
- mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params );
+int mbedtls_asn1_get_alg(unsigned char **p,
+ const unsigned char *end,
+ mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params);
/**
* \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no
@@ -591,9 +587,9 @@
*
* \return 0 if successful or a specific ASN.1 or MPI error code.
*/
-int mbedtls_asn1_get_alg_null( unsigned char **p,
- const unsigned char *end,
- mbedtls_asn1_buf *alg );
+int mbedtls_asn1_get_alg_null(unsigned char **p,
+ const unsigned char *end,
+ mbedtls_asn1_buf *alg);
/**
* \brief Find a specific named_data entry in a sequence or list based on
@@ -605,8 +601,8 @@
*
* \return NULL if not found, or a pointer to the existing entry.
*/
-const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( const mbedtls_asn1_named_data *list,
- const char *oid, size_t len );
+const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(const mbedtls_asn1_named_data *list,
+ const char *oid, size_t len);
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
/**
@@ -621,7 +617,7 @@
* This function calls mbedtls_free() on
* `entry->oid.p` and `entry->val.p`.
*/
-void MBEDTLS_DEPRECATED mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry );
+void MBEDTLS_DEPRECATED mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *entry);
#endif /* MBEDTLS_DEPRECATED_REMOVED */
/**
@@ -632,7 +628,7 @@
* `entry->oid.p` and `entry->val.p` and then on `entry`
* for each list entry, and sets \c *head to \c NULL.
*/
-void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head );
+void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head);
/**
* \brief Free all shallow entries in a mbedtls_asn1_named_data list,
@@ -641,7 +637,7 @@
* \param name Head of the list of named data entries to free.
* This function calls mbedtls_free() on each list element.
*/
-void mbedtls_asn1_free_named_data_list_shallow( mbedtls_asn1_named_data *name );
+void mbedtls_asn1_free_named_data_list_shallow(mbedtls_asn1_named_data *name);
/** \} name Functions to parse ASN.1 data structures */
/** \} addtogroup asn1_module */
diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h
index e6f0479..acfc073 100644
--- a/include/mbedtls/asn1write.h
+++ b/include/mbedtls/asn1write.h
@@ -29,11 +29,11 @@
#define MBEDTLS_ASN1_CHK_ADD(g, f) \
do \
{ \
- if( ( ret = (f) ) < 0 ) \
- return( ret ); \
+ if ((ret = (f)) < 0) \
+ return ret; \
else \
- (g) += ret; \
- } while( 0 )
+ (g) += ret; \
+ } while (0)
#ifdef __cplusplus
extern "C" {
@@ -51,8 +51,8 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
-int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start,
- size_t len );
+int mbedtls_asn1_write_len(unsigned char **p, const unsigned char *start,
+ size_t len);
/**
* \brief Write an ASN.1 tag in ASN.1 format.
*
@@ -65,8 +65,8 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
-int mbedtls_asn1_write_tag( unsigned char **p, const unsigned char *start,
- unsigned char tag );
+int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start,
+ unsigned char tag);
/**
* \brief Write raw buffer data.
@@ -81,8 +81,8 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
-int mbedtls_asn1_write_raw_buffer( unsigned char **p, const unsigned char *start,
- const unsigned char *buf, size_t size );
+int mbedtls_asn1_write_raw_buffer(unsigned char **p, const unsigned char *start,
+ const unsigned char *buf, size_t size);
#if defined(MBEDTLS_BIGNUM_C)
/**
@@ -99,8 +99,8 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
-int mbedtls_asn1_write_mpi( unsigned char **p, const unsigned char *start,
- const mbedtls_mpi *X );
+int mbedtls_asn1_write_mpi(unsigned char **p, const unsigned char *start,
+ const mbedtls_mpi *X);
#endif /* MBEDTLS_BIGNUM_C */
/**
@@ -115,7 +115,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
-int mbedtls_asn1_write_null( unsigned char **p, const unsigned char *start );
+int mbedtls_asn1_write_null(unsigned char **p, const unsigned char *start);
/**
* \brief Write an OID tag (#MBEDTLS_ASN1_OID) and data
@@ -131,8 +131,8 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
-int mbedtls_asn1_write_oid( unsigned char **p, const unsigned char *start,
- const char *oid, size_t oid_len );
+int mbedtls_asn1_write_oid(unsigned char **p, const unsigned char *start,
+ const char *oid, size_t oid_len);
/**
* \brief Write an AlgorithmIdentifier sequence in ASN.1 format.
@@ -149,10 +149,10 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
-int mbedtls_asn1_write_algorithm_identifier( unsigned char **p,
- const unsigned char *start,
- const char *oid, size_t oid_len,
- size_t par_len );
+int mbedtls_asn1_write_algorithm_identifier(unsigned char **p,
+ const unsigned char *start,
+ const char *oid, size_t oid_len,
+ size_t par_len);
/**
* \brief Write a boolean tag (#MBEDTLS_ASN1_BOOLEAN) and value
@@ -167,8 +167,8 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
-int mbedtls_asn1_write_bool( unsigned char **p, const unsigned char *start,
- int boolean );
+int mbedtls_asn1_write_bool(unsigned char **p, const unsigned char *start,
+ int boolean);
/**
* \brief Write an int tag (#MBEDTLS_ASN1_INTEGER) and value
@@ -184,7 +184,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
-int mbedtls_asn1_write_int( unsigned char **p, const unsigned char *start, int val );
+int mbedtls_asn1_write_int(unsigned char **p, const unsigned char *start, int val);
/**
* \brief Write an enum tag (#MBEDTLS_ASN1_ENUMERATED) and value
@@ -199,7 +199,7 @@
* \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
-int mbedtls_asn1_write_enum( unsigned char **p, const unsigned char *start, int val );
+int mbedtls_asn1_write_enum(unsigned char **p, const unsigned char *start, int val);
/**
* \brief Write a string in ASN.1 format using a specific
@@ -218,9 +218,9 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
-int mbedtls_asn1_write_tagged_string( unsigned char **p, const unsigned char *start,
- int tag, const char *text,
- size_t text_len );
+int mbedtls_asn1_write_tagged_string(unsigned char **p, const unsigned char *start,
+ int tag, const char *text,
+ size_t text_len);
/**
* \brief Write a string in ASN.1 format using the PrintableString
@@ -237,9 +237,9 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
-int mbedtls_asn1_write_printable_string( unsigned char **p,
- const unsigned char *start,
- const char *text, size_t text_len );
+int mbedtls_asn1_write_printable_string(unsigned char **p,
+ const unsigned char *start,
+ const char *text, size_t text_len);
/**
* \brief Write a UTF8 string in ASN.1 format using the UTF8String
@@ -256,8 +256,8 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
-int mbedtls_asn1_write_utf8_string( unsigned char **p, const unsigned char *start,
- const char *text, size_t text_len );
+int mbedtls_asn1_write_utf8_string(unsigned char **p, const unsigned char *start,
+ const char *text, size_t text_len);
/**
* \brief Write a string in ASN.1 format using the IA5String
@@ -274,8 +274,8 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
-int mbedtls_asn1_write_ia5_string( unsigned char **p, const unsigned char *start,
- const char *text, size_t text_len );
+int mbedtls_asn1_write_ia5_string(unsigned char **p, const unsigned char *start,
+ const char *text, size_t text_len);
/**
* \brief Write a bitstring tag (#MBEDTLS_ASN1_BIT_STRING) and
@@ -291,8 +291,8 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
-int mbedtls_asn1_write_bitstring( unsigned char **p, const unsigned char *start,
- const unsigned char *buf, size_t bits );
+int mbedtls_asn1_write_bitstring(unsigned char **p, const unsigned char *start,
+ const unsigned char *buf, size_t bits);
/**
* \brief This function writes a named bitstring tag
@@ -311,10 +311,10 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
-int mbedtls_asn1_write_named_bitstring( unsigned char **p,
- const unsigned char *start,
- const unsigned char *buf,
- size_t bits );
+int mbedtls_asn1_write_named_bitstring(unsigned char **p,
+ const unsigned char *start,
+ const unsigned char *buf,
+ size_t bits);
/**
* \brief Write an octet string tag (#MBEDTLS_ASN1_OCTET_STRING)
@@ -330,8 +330,8 @@
* \return The number of bytes written to \p p on success.
* \return A negative error code on failure.
*/
-int mbedtls_asn1_write_octet_string( unsigned char **p, const unsigned char *start,
- const unsigned char *buf, size_t size );
+int mbedtls_asn1_write_octet_string(unsigned char **p, const unsigned char *start,
+ const unsigned char *buf, size_t size);
/**
* \brief Create or find a specific named_data entry for writing in a
@@ -354,10 +354,10 @@
* \return A pointer to the new / existing entry on success.
* \return \c NULL if there was a memory allocation error.
*/
-mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list,
- const char *oid, size_t oid_len,
- const unsigned char *val,
- size_t val_len );
+mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data **list,
+ const char *oid, size_t oid_len,
+ const unsigned char *val,
+ size_t val_len);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h
index 8378589..635be71 100644
--- a/include/mbedtls/base64.h
+++ b/include/mbedtls/base64.h
@@ -54,8 +54,8 @@
* \note Call this function with dlen = 0 to obtain the
* required buffer size in *olen
*/
-int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
- const unsigned char *src, size_t slen );
+int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
+ const unsigned char *src, size_t slen);
/**
* \brief Decode a base64-formatted buffer
@@ -74,8 +74,8 @@
* \note Call this function with *dst = NULL or dlen = 0 to obtain
* the required buffer size in *olen
*/
-int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
- const unsigned char *src, size_t slen );
+int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen,
+ const unsigned char *src, size_t slen);
#if defined(MBEDTLS_SELF_TEST)
/**
@@ -83,7 +83,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
-int mbedtls_base64_self_test( int verbose );
+int mbedtls_base64_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index 877fbc7..e8fb2de 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@@ -52,9 +52,9 @@
#define MBEDTLS_MPI_CHK(f) \
do \
{ \
- if( ( ret = (f) ) != 0 ) \
- goto cleanup; \
- } while( 0 )
+ if ((ret = (f)) != 0) \
+ goto cleanup; \
+ } while (0)
/*
* Maximum size MPIs are allowed to grow to in number of limbs.
@@ -85,7 +85,7 @@
#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
#endif /* !MBEDTLS_MPI_MAX_SIZE */
-#define MBEDTLS_MPI_MAX_BITS ( 8 * MBEDTLS_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */
+#define MBEDTLS_MPI_MAX_BITS (8 * MBEDTLS_MPI_MAX_SIZE) /**< Maximum number of bits for usable MPIs. */
/*
* When reading from files with mbedtls_mpi_read_file() and writing to files with
@@ -105,9 +105,11 @@
* MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) +
* LabelSize + 6
*/
-#define MBEDTLS_MPI_MAX_BITS_SCALE100 ( 100 * MBEDTLS_MPI_MAX_BITS )
+#define MBEDTLS_MPI_MAX_BITS_SCALE100 (100 * MBEDTLS_MPI_MAX_BITS)
#define MBEDTLS_LN_2_DIV_LN_10_SCALE100 332
-#define MBEDTLS_MPI_RW_BUFFER_SIZE ( ((MBEDTLS_MPI_MAX_BITS_SCALE100 + MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6 )
+#define MBEDTLS_MPI_RW_BUFFER_SIZE (((MBEDTLS_MPI_MAX_BITS_SCALE100 + \
+ MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / \
+ MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6)
/*
* Define the base integer type, architecture-wise.
@@ -121,60 +123,60 @@
*/
#if !defined(MBEDTLS_HAVE_INT32)
#if defined(_MSC_VER) && defined(_M_AMD64)
- /* Always choose 64-bit when using MSC */
+/* Always choose 64-bit when using MSC */
#if !defined(MBEDTLS_HAVE_INT64)
#define MBEDTLS_HAVE_INT64
#endif /* !MBEDTLS_HAVE_INT64 */
- typedef int64_t mbedtls_mpi_sint;
- typedef uint64_t mbedtls_mpi_uint;
+typedef int64_t mbedtls_mpi_sint;
+typedef uint64_t mbedtls_mpi_uint;
#elif defined(__GNUC__) && ( \
- defined(__amd64__) || defined(__x86_64__) || \
- defined(__ppc64__) || defined(__powerpc64__) || \
- defined(__ia64__) || defined(__alpha__) || \
- ( defined(__sparc__) && defined(__arch64__) ) || \
- defined(__s390x__) || defined(__mips64) || \
- defined(__aarch64__) )
+ defined(__amd64__) || defined(__x86_64__) || \
+ defined(__ppc64__) || defined(__powerpc64__) || \
+ defined(__ia64__) || defined(__alpha__) || \
+ (defined(__sparc__) && defined(__arch64__)) || \
+ defined(__s390x__) || defined(__mips64) || \
+ defined(__aarch64__))
#if !defined(MBEDTLS_HAVE_INT64)
#define MBEDTLS_HAVE_INT64
#endif /* MBEDTLS_HAVE_INT64 */
- typedef int64_t mbedtls_mpi_sint;
- typedef uint64_t mbedtls_mpi_uint;
+typedef int64_t mbedtls_mpi_sint;
+typedef uint64_t mbedtls_mpi_uint;
#if !defined(MBEDTLS_NO_UDBL_DIVISION)
- /* mbedtls_t_udbl defined as 128-bit unsigned int */
- typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI)));
+/* mbedtls_t_udbl defined as 128-bit unsigned int */
+typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI)));
#define MBEDTLS_HAVE_UDBL
#endif /* !MBEDTLS_NO_UDBL_DIVISION */
#elif defined(__ARMCC_VERSION) && defined(__aarch64__)
- /*
- * __ARMCC_VERSION is defined for both armcc and armclang and
- * __aarch64__ is only defined by armclang when compiling 64-bit code
- */
+/*
+ * __ARMCC_VERSION is defined for both armcc and armclang and
+ * __aarch64__ is only defined by armclang when compiling 64-bit code
+ */
#if !defined(MBEDTLS_HAVE_INT64)
#define MBEDTLS_HAVE_INT64
#endif /* !MBEDTLS_HAVE_INT64 */
- typedef int64_t mbedtls_mpi_sint;
- typedef uint64_t mbedtls_mpi_uint;
+typedef int64_t mbedtls_mpi_sint;
+typedef uint64_t mbedtls_mpi_uint;
#if !defined(MBEDTLS_NO_UDBL_DIVISION)
- /* mbedtls_t_udbl defined as 128-bit unsigned int */
- typedef __uint128_t mbedtls_t_udbl;
+/* mbedtls_t_udbl defined as 128-bit unsigned int */
+typedef __uint128_t mbedtls_t_udbl;
#define MBEDTLS_HAVE_UDBL
#endif /* !MBEDTLS_NO_UDBL_DIVISION */
#elif defined(MBEDTLS_HAVE_INT64)
- /* Force 64-bit integers with unknown compiler */
- typedef int64_t mbedtls_mpi_sint;
- typedef uint64_t mbedtls_mpi_uint;
+/* Force 64-bit integers with unknown compiler */
+typedef int64_t mbedtls_mpi_sint;
+typedef uint64_t mbedtls_mpi_uint;
#endif
#endif /* !MBEDTLS_HAVE_INT32 */
#if !defined(MBEDTLS_HAVE_INT64)
- /* Default to 32-bit compilation */
+/* Default to 32-bit compilation */
#if !defined(MBEDTLS_HAVE_INT32)
#define MBEDTLS_HAVE_INT32
#endif /* !MBEDTLS_HAVE_INT32 */
- typedef int32_t mbedtls_mpi_sint;
- typedef uint32_t mbedtls_mpi_uint;
+typedef int32_t mbedtls_mpi_sint;
+typedef uint32_t mbedtls_mpi_uint;
#if !defined(MBEDTLS_NO_UDBL_DIVISION)
- typedef uint64_t mbedtls_t_udbl;
+typedef uint64_t mbedtls_t_udbl;
#define MBEDTLS_HAVE_UDBL
#endif /* !MBEDTLS_NO_UDBL_DIVISION */
#endif /* !MBEDTLS_HAVE_INT64 */
@@ -200,8 +202,7 @@
/**
* \brief MPI structure
*/
-typedef struct mbedtls_mpi
-{
+typedef struct mbedtls_mpi {
/** Sign: -1 if the mpi is negative, 1 otherwise.
*
* The number 0 must be represented with `s = +1`. Although many library
@@ -234,7 +235,7 @@
*
* \param X The MPI context to initialize. This must not be \c NULL.
*/
-void mbedtls_mpi_init( mbedtls_mpi *X );
+void mbedtls_mpi_init(mbedtls_mpi *X);
/**
* \brief This function frees the components of an MPI context.
@@ -243,7 +244,7 @@
* in which case this function is a no-op. If it is
* not \c NULL, it must point to an initialized MPI.
*/
-void mbedtls_mpi_free( mbedtls_mpi *X );
+void mbedtls_mpi_free(mbedtls_mpi *X);
/**
* \brief Enlarge an MPI to the specified number of limbs.
@@ -258,7 +259,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs );
+int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs);
/**
* \brief This function resizes an MPI downwards, keeping at least the
@@ -275,7 +276,7 @@
* (this can only happen when resizing up).
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs );
+int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs);
/**
* \brief Make a copy of an MPI.
@@ -290,7 +291,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y );
+int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y);
/**
* \brief Swap the contents of two MPIs.
@@ -298,7 +299,7 @@
* \param X The first MPI. It must be initialized.
* \param Y The second MPI. It must be initialized.
*/
-void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y );
+void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y);
/**
* \brief Perform a safe conditional copy of MPI which doesn't
@@ -328,7 +329,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign );
+int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign);
/**
* \brief Perform a safe conditional swap which doesn't
@@ -357,7 +358,7 @@
* \return Another negative error code on other kinds of failure.
*
*/
-int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap );
+int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap);
/**
* \brief Store integer value in MPI.
@@ -369,7 +370,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z );
+int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z);
/**
* \brief Get a specific bit from an MPI.
@@ -381,7 +382,7 @@
* of \c X is unset or set.
* \return A negative error code on failure.
*/
-int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos );
+int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos);
/**
* \brief Modify a specific bit in an MPI.
@@ -398,7 +399,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val );
+int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val);
/**
* \brief Return the number of bits of value \c 0 before the
@@ -412,7 +413,7 @@
* \return The number of bits of value \c 0 before the least significant
* bit of value \c 1 in \p X.
*/
-size_t mbedtls_mpi_lsb( const mbedtls_mpi *X );
+size_t mbedtls_mpi_lsb(const mbedtls_mpi *X);
/**
* \brief Return the number of bits up to and including the most
@@ -426,7 +427,7 @@
* \return The number of bits up to and including the most
* significant bit of value \c 1.
*/
-size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X );
+size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X);
/**
* \brief Return the total size of an MPI value in bytes.
@@ -441,7 +442,7 @@
* \return The least number of bytes capable of storing
* the absolute value of \p X.
*/
-size_t mbedtls_mpi_size( const mbedtls_mpi *X );
+size_t mbedtls_mpi_size(const mbedtls_mpi *X);
/**
* \brief Import an MPI from an ASCII string.
@@ -453,7 +454,7 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s );
+int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s);
/**
* \brief Export an MPI to an ASCII string.
@@ -477,8 +478,8 @@
* size of \p buf required for a successful call.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
- char *buf, size_t buflen, size_t *olen );
+int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix,
+ char *buf, size_t buflen, size_t *olen);
#if defined(MBEDTLS_FS_IO)
/**
@@ -502,7 +503,7 @@
* is too small.
* \return Another negative error code on failure.
*/
-int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin );
+int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin);
/**
* \brief Export an MPI into an opened file.
@@ -519,8 +520,8 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X,
- int radix, FILE *fout );
+int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X,
+ int radix, FILE *fout);
#endif /* MBEDTLS_FS_IO */
/**
@@ -535,8 +536,8 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf,
- size_t buflen );
+int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf,
+ size_t buflen);
/**
* \brief Import X from unsigned binary data, little endian
@@ -550,8 +551,8 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_read_binary_le( mbedtls_mpi *X,
- const unsigned char *buf, size_t buflen );
+int mbedtls_mpi_read_binary_le(mbedtls_mpi *X,
+ const unsigned char *buf, size_t buflen);
/**
* \brief Export X into unsigned binary data, big endian.
@@ -568,8 +569,8 @@
* large enough to hold the value of \p X.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf,
- size_t buflen );
+int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf,
+ size_t buflen);
/**
* \brief Export X into unsigned binary data, little endian.
@@ -586,8 +587,8 @@
* large enough to hold the value of \p X.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X,
- unsigned char *buf, size_t buflen );
+int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X,
+ unsigned char *buf, size_t buflen);
/**
* \brief Perform a left-shift on an MPI: X <<= count
@@ -599,7 +600,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count );
+int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count);
/**
* \brief Perform a right-shift on an MPI: X >>= count
@@ -611,7 +612,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count );
+int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count);
/**
* \brief Compare the absolute values of two MPIs.
@@ -623,7 +624,7 @@
* \return \c -1 if `|X|` is lesser than `|Y|`.
* \return \c 0 if `|X|` is equal to `|Y|`.
*/
-int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y );
+int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y);
/**
* \brief Compare two MPIs.
@@ -635,7 +636,7 @@
* \return \c -1 if \p X is lesser than \p Y.
* \return \c 0 if \p X is equal to \p Y.
*/
-int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y );
+int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y);
/**
* \brief Check if an MPI is less than the other in constant time.
@@ -652,8 +653,8 @@
* \return MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of
* the two input MPIs is not the same.
*/
-int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y,
- unsigned *ret );
+int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, const mbedtls_mpi *Y,
+ unsigned *ret);
/**
* \brief Compare an MPI with an integer.
@@ -665,7 +666,7 @@
* \return \c -1 if \p X is lesser than \p z.
* \return \c 0 if \p X is equal to \p z.
*/
-int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z );
+int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z);
/**
* \brief Perform an unsigned addition of MPIs: X = |A| + |B|
@@ -678,8 +679,8 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
- const mbedtls_mpi *B );
+int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A,
+ const mbedtls_mpi *B);
/**
* \brief Perform an unsigned subtraction of MPIs: X = |A| - |B|
@@ -693,8 +694,8 @@
* \return Another negative error code on different kinds of failure.
*
*/
-int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
- const mbedtls_mpi *B );
+int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A,
+ const mbedtls_mpi *B);
/**
* \brief Perform a signed addition of MPIs: X = A + B
@@ -707,8 +708,8 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
- const mbedtls_mpi *B );
+int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
+ const mbedtls_mpi *B);
/**
* \brief Perform a signed subtraction of MPIs: X = A - B
@@ -721,8 +722,8 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
- const mbedtls_mpi *B );
+int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
+ const mbedtls_mpi *B);
/**
* \brief Perform a signed addition of an MPI and an integer: X = A + b
@@ -735,8 +736,8 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A,
- mbedtls_mpi_sint b );
+int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A,
+ mbedtls_mpi_sint b);
/**
* \brief Perform a signed subtraction of an MPI and an integer:
@@ -750,8 +751,8 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A,
- mbedtls_mpi_sint b );
+int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A,
+ mbedtls_mpi_sint b);
/**
* \brief Perform a multiplication of two MPIs: X = A * B
@@ -765,8 +766,8 @@
* \return Another negative error code on different kinds of failure.
*
*/
-int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
- const mbedtls_mpi *B );
+int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
+ const mbedtls_mpi *B);
/**
* \brief Perform a multiplication of an MPI with an unsigned integer:
@@ -781,8 +782,8 @@
* \return Another negative error code on different kinds of failure.
*
*/
-int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A,
- mbedtls_mpi_uint b );
+int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A,
+ mbedtls_mpi_uint b);
/**
* \brief Perform a division with remainder of two MPIs:
@@ -802,8 +803,8 @@
* \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
- const mbedtls_mpi *B );
+int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
+ const mbedtls_mpi *B);
/**
* \brief Perform a division with remainder of an MPI by an integer:
@@ -823,8 +824,8 @@
* \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
- mbedtls_mpi_sint b );
+int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
+ mbedtls_mpi_sint b);
/**
* \brief Perform a modular reduction. R = A mod B
@@ -843,8 +844,8 @@
* \return Another negative error code on different kinds of failure.
*
*/
-int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A,
- const mbedtls_mpi *B );
+int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A,
+ const mbedtls_mpi *B);
/**
* \brief Perform a modular reduction with respect to an integer.
@@ -862,8 +863,8 @@
* \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A,
- mbedtls_mpi_sint b );
+int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A,
+ mbedtls_mpi_sint b);
/**
* \brief Perform a sliding-window exponentiation: X = A^E mod N
@@ -892,9 +893,9 @@
* \return Another negative error code on different kinds of failures.
*
*/
-int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
- const mbedtls_mpi *E, const mbedtls_mpi *N,
- mbedtls_mpi *prec_RR );
+int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
+ const mbedtls_mpi *E, const mbedtls_mpi *N,
+ mbedtls_mpi *prec_RR);
/**
* \brief Fill an MPI with a number of random bytes.
@@ -913,9 +914,9 @@
* as a big-endian representation of an MPI; this can
* be relevant in applications like deterministic ECDSA.
*/
-int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/** Generate a random number uniformly in a range.
*
@@ -949,11 +950,11 @@
* for all usual cryptographic applications.
* \return Another negative error code on failure.
*/
-int mbedtls_mpi_random( mbedtls_mpi *X,
- mbedtls_mpi_sint min,
- const mbedtls_mpi *N,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_mpi_random(mbedtls_mpi *X,
+ mbedtls_mpi_sint min,
+ const mbedtls_mpi *N,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief Compute the greatest common divisor: G = gcd(A, B)
@@ -966,8 +967,8 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A,
- const mbedtls_mpi *B );
+int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A,
+ const mbedtls_mpi *B);
/**
* \brief Compute the modular inverse: X = A^-1 mod N
@@ -985,8 +986,8 @@
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse
* with respect to \p N.
*/
-int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
- const mbedtls_mpi *N );
+int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
+ const mbedtls_mpi *N);
/**
* \brief Miller-Rabin primality test.
@@ -1015,9 +1016,9 @@
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief Flags for mbedtls_mpi_gen_prime()
*
@@ -1048,9 +1049,9 @@
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between
* \c 3 and #MBEDTLS_MPI_MAX_BITS.
*/
-int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
#if defined(MBEDTLS_SELF_TEST)
@@ -1059,7 +1060,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
-int mbedtls_mpi_self_test( int verbose );
+int mbedtls_mpi_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h
index 049a120..bbfd5d4 100644
--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h
@@ -6,22 +6,22 @@
* Include this file if you need to depend on the
* configuration options defined in mbedtls_config.h or MBEDTLS_CONFIG_FILE
*/
- /*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
#ifndef MBEDTLS_BUILD_INFO_H
#define MBEDTLS_BUILD_INFO_H
@@ -54,7 +54,7 @@
#endif
/* Define `inline` on some non-C99-compliant compilers. */
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
@@ -67,7 +67,7 @@
#if defined(MBEDTLS_CONFIG_VERSION) && ( \
MBEDTLS_CONFIG_VERSION < 0x03000000 || \
- MBEDTLS_CONFIG_VERSION > MBEDTLS_VERSION_NUMBER )
+ MBEDTLS_CONFIG_VERSION > MBEDTLS_VERSION_NUMBER)
#error "Invalid config version, defined value of MBEDTLS_CONFIG_VERSION is unsupported"
#endif
diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h
index 6b0a871..f4aa002 100644
--- a/include/mbedtls/camellia.h
+++ b/include/mbedtls/camellia.h
@@ -50,8 +50,7 @@
/**
* \brief CAMELLIA context structure
*/
-typedef struct mbedtls_camellia_context
-{
+typedef struct mbedtls_camellia_context {
int MBEDTLS_PRIVATE(nr); /*!< number of rounds */
uint32_t MBEDTLS_PRIVATE(rk)[68]; /*!< CAMELLIA round keys */
}
@@ -67,7 +66,7 @@
* \param ctx The CAMELLIA context to be initialized.
* This must not be \c NULL.
*/
-void mbedtls_camellia_init( mbedtls_camellia_context *ctx );
+void mbedtls_camellia_init(mbedtls_camellia_context *ctx);
/**
* \brief Clear a CAMELLIA context.
@@ -76,7 +75,7 @@
* in which case this function returns immediately. If it is not
* \c NULL, it must be initialized.
*/
-void mbedtls_camellia_free( mbedtls_camellia_context *ctx );
+void mbedtls_camellia_free(mbedtls_camellia_context *ctx);
/**
* \brief Perform a CAMELLIA key schedule operation for encryption.
@@ -90,9 +89,9 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
- const unsigned char *key,
- unsigned int keybits );
+int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx,
+ const unsigned char *key,
+ unsigned int keybits);
/**
* \brief Perform a CAMELLIA key schedule operation for decryption.
@@ -106,9 +105,9 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
- const unsigned char *key,
- unsigned int keybits );
+int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx,
+ const unsigned char *key,
+ unsigned int keybits);
/**
* \brief Perform a CAMELLIA-ECB block encryption/decryption operation.
@@ -125,10 +124,10 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
- int mode,
- const unsigned char input[16],
- unsigned char output[16] );
+int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx,
+ int mode,
+ const unsigned char input[16],
+ unsigned char output[16]);
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/**
@@ -159,12 +158,12 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[16],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_camellia_crypt_cbc(mbedtls_camellia_context *ctx,
+ int mode,
+ size_t length,
+ unsigned char iv[16],
+ const unsigned char *input,
+ unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB)
@@ -205,13 +204,13 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
- int mode,
- size_t length,
- size_t *iv_off,
- unsigned char iv[16],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx,
+ int mode,
+ size_t length,
+ size_t *iv_off,
+ unsigned char iv[16],
+ const unsigned char *input,
+ unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR)
@@ -289,13 +288,13 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
- size_t length,
- size_t *nc_off,
- unsigned char nonce_counter[16],
- unsigned char stream_block[16],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_camellia_crypt_ctr(mbedtls_camellia_context *ctx,
+ size_t length,
+ size_t *nc_off,
+ unsigned char nonce_counter[16],
+ unsigned char stream_block[16],
+ const unsigned char *input,
+ unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(MBEDTLS_SELF_TEST)
@@ -305,7 +304,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
-int mbedtls_camellia_self_test( int verbose );
+int mbedtls_camellia_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h
index 1be1689..6c22552 100644
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@@ -74,8 +74,7 @@
* \brief The CCM context-type definition. The CCM context is passed
* to the APIs called.
*/
-typedef struct mbedtls_ccm_context
-{
+typedef struct mbedtls_ccm_context {
unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working buffer */
unsigned char MBEDTLS_PRIVATE(ctr)[16]; /*!< The counter buffer */
mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */
@@ -90,10 +89,10 @@
auth data input is finished. */
unsigned char MBEDTLS_PRIVATE(q); /*!< The Q working value */
unsigned char MBEDTLS_PRIVATE(mode); /*!< The operation to perform:
- #MBEDTLS_CCM_ENCRYPT or
- #MBEDTLS_CCM_DECRYPT or
- #MBEDTLS_CCM_STAR_ENCRYPT or
- #MBEDTLS_CCM_STAR_DECRYPT. */
+ #MBEDTLS_CCM_ENCRYPT or
+ #MBEDTLS_CCM_DECRYPT or
+ #MBEDTLS_CCM_STAR_ENCRYPT or
+ #MBEDTLS_CCM_STAR_DECRYPT. */
int MBEDTLS_PRIVATE(state); /*!< Working value holding context's
state. Used for chunked data
input */
@@ -111,7 +110,7 @@
*
* \param ctx The CCM context to initialize. This must not be \c NULL.
*/
-void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
+void mbedtls_ccm_init(mbedtls_ccm_context *ctx);
/**
* \brief This function initializes the CCM context set in the
@@ -126,10 +125,10 @@
* \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure.
*/
-int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
- mbedtls_cipher_id_t cipher,
- const unsigned char *key,
- unsigned int keybits );
+int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx,
+ mbedtls_cipher_id_t cipher,
+ const unsigned char *key,
+ unsigned int keybits);
/**
* \brief This function releases and clears the specified CCM context
@@ -138,7 +137,7 @@
* \param ctx The CCM context to clear. If this is \c NULL, the function
* has no effect. Otherwise, this must be initialized.
*/
-void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
+void mbedtls_ccm_free(mbedtls_ccm_context *ctx);
/**
* \brief This function encrypts a buffer using CCM.
@@ -176,11 +175,11 @@
* \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure.
*/
-int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
- const unsigned char *iv, size_t iv_len,
- const unsigned char *ad, size_t ad_len,
- const unsigned char *input, unsigned char *output,
- unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *ad, size_t ad_len,
+ const unsigned char *input, unsigned char *output,
+ unsigned char *tag, size_t tag_len);
/**
* \brief This function encrypts a buffer using CCM*.
@@ -225,11 +224,11 @@
* \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure.
*/
-int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
- const unsigned char *iv, size_t iv_len,
- const unsigned char *ad, size_t ad_len,
- const unsigned char *input, unsigned char *output,
- unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *ad, size_t ad_len,
+ const unsigned char *input, unsigned char *output,
+ unsigned char *tag, size_t tag_len);
/**
* \brief This function performs a CCM authenticated decryption of a
@@ -262,11 +261,11 @@
* \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
* \return A cipher-specific error code on calculation failure.
*/
-int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
- const unsigned char *iv, size_t iv_len,
- const unsigned char *ad, size_t ad_len,
- const unsigned char *input, unsigned char *output,
- const unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *ad, size_t ad_len,
+ const unsigned char *input, unsigned char *output,
+ const unsigned char *tag, size_t tag_len);
/**
* \brief This function performs a CCM* authenticated decryption of a
@@ -308,11 +307,11 @@
* \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
* \return A cipher-specific error code on calculation failure.
*/
-int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
- const unsigned char *iv, size_t iv_len,
- const unsigned char *ad, size_t ad_len,
- const unsigned char *input, unsigned char *output,
- const unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *ad, size_t ad_len,
+ const unsigned char *input, unsigned char *output,
+ const unsigned char *tag, size_t tag_len);
/**
* \brief This function starts a CCM encryption or decryption
@@ -342,10 +341,10 @@
* \p iv_len is invalid (lower than \c 7 or greater than
* \c 13).
*/
-int mbedtls_ccm_starts( mbedtls_ccm_context *ctx,
- int mode,
- const unsigned char *iv,
- size_t iv_len );
+int mbedtls_ccm_starts(mbedtls_ccm_context *ctx,
+ int mode,
+ const unsigned char *iv,
+ size_t iv_len);
/**
* \brief This function declares the lengths of the message
@@ -374,10 +373,10 @@
* \p ctx is in an invalid state,
* \p total_ad_len is greater than \c 0xFF00.
*/
-int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx,
- size_t total_ad_len,
- size_t plaintext_len,
- size_t tag_len );
+int mbedtls_ccm_set_lengths(mbedtls_ccm_context *ctx,
+ size_t total_ad_len,
+ size_t plaintext_len,
+ size_t tag_len);
/**
* \brief This function feeds an input buffer as associated data
@@ -409,9 +408,9 @@
* \p ctx is in an invalid state,
* total input length too long.
*/
-int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx,
- const unsigned char *ad,
- size_t ad_len );
+int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx,
+ const unsigned char *ad,
+ size_t ad_len);
/**
* \brief This function feeds an input buffer into an ongoing CCM
@@ -476,10 +475,10 @@
* total input length too long,
* or \p output_size too small.
*/
-int mbedtls_ccm_update( mbedtls_ccm_context *ctx,
- const unsigned char *input, size_t input_len,
- unsigned char *output, size_t output_size,
- size_t *output_len );
+int mbedtls_ccm_update(mbedtls_ccm_context *ctx,
+ const unsigned char *input, size_t input_len,
+ unsigned char *output, size_t output_size,
+ size_t *output_len);
/**
* \brief This function finishes the CCM operation and generates
@@ -512,8 +511,8 @@
* mbedtls_ccm_update() was lower than the plaintext length
* \c plaintext_len passed to mbedtls_ccm_set_lengths().
*/
-int mbedtls_ccm_finish( mbedtls_ccm_context *ctx,
- unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_finish(mbedtls_ccm_context *ctx,
+ unsigned char *tag, size_t tag_len);
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
/**
@@ -522,7 +521,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_ccm_self_test( int verbose );
+int mbedtls_ccm_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
#ifdef __cplusplus
diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h
index 8af16ed..e24e56b 100644
--- a/include/mbedtls/chacha20.h
+++ b/include/mbedtls/chacha20.h
@@ -47,8 +47,7 @@
#if !defined(MBEDTLS_CHACHA20_ALT)
-typedef struct mbedtls_chacha20_context
-{
+typedef struct mbedtls_chacha20_context {
uint32_t MBEDTLS_PRIVATE(state)[16]; /*! The state (before round operations). */
uint8_t MBEDTLS_PRIVATE(keystream8)[64]; /*! Leftover keystream bytes. */
size_t MBEDTLS_PRIVATE(keystream_bytes_used); /*! Number of keystream bytes already used. */
@@ -74,7 +73,7 @@
* \param ctx The ChaCha20 context to initialize.
* This must not be \c NULL.
*/
-void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx );
+void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx);
/**
* \brief This function releases and clears the specified
@@ -85,7 +84,7 @@
* \c NULL, it must point to an initialized context.
*
*/
-void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx );
+void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx);
/**
* \brief This function sets the encryption/decryption key.
@@ -103,8 +102,8 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL.
*/
-int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
- const unsigned char key[32] );
+int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx,
+ const unsigned char key[32]);
/**
* \brief This function sets the nonce and initial counter value.
@@ -125,9 +124,9 @@
* \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is
* NULL.
*/
-int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
- const unsigned char nonce[12],
- uint32_t counter );
+int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx,
+ const unsigned char nonce[12],
+ uint32_t counter);
/**
* \brief This function encrypts or decrypts data.
@@ -158,10 +157,10 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
- size_t size,
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx,
+ size_t size,
+ const unsigned char *input,
+ unsigned char *output);
/**
* \brief This function encrypts or decrypts data with ChaCha20 and
@@ -191,12 +190,12 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_chacha20_crypt( const unsigned char key[32],
- const unsigned char nonce[12],
- uint32_t counter,
- size_t size,
- const unsigned char* input,
- unsigned char* output );
+int mbedtls_chacha20_crypt(const unsigned char key[32],
+ const unsigned char nonce[12],
+ uint32_t counter,
+ size_t size,
+ const unsigned char *input,
+ unsigned char *output);
#if defined(MBEDTLS_SELF_TEST)
/**
@@ -205,7 +204,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_chacha20_self_test( int verbose );
+int mbedtls_chacha20_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus
diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h
index 2b49402..19baade 100644
--- a/include/mbedtls/chachapoly.h
+++ b/include/mbedtls/chachapoly.h
@@ -47,8 +47,7 @@
extern "C" {
#endif
-typedef enum
-{
+typedef enum {
MBEDTLS_CHACHAPOLY_ENCRYPT, /**< The mode value for performing encryption. */
MBEDTLS_CHACHAPOLY_DECRYPT /**< The mode value for performing decryption. */
}
@@ -58,8 +57,7 @@
#include "mbedtls/chacha20.h"
-typedef struct mbedtls_chachapoly_context
-{
+typedef struct mbedtls_chachapoly_context {
mbedtls_chacha20_context MBEDTLS_PRIVATE(chacha20_ctx); /**< The ChaCha20 context. */
mbedtls_poly1305_context MBEDTLS_PRIVATE(poly1305_ctx); /**< The Poly1305 context. */
uint64_t MBEDTLS_PRIVATE(aad_len); /**< The length (bytes) of the Additional Authenticated Data. */
@@ -115,7 +113,7 @@
*
* \param ctx The ChachaPoly context to initialize. Must not be \c NULL.
*/
-void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx );
+void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx);
/**
* \brief This function releases and clears the specified
@@ -124,7 +122,7 @@
* \param ctx The ChachaPoly context to clear. This may be \c NULL, in which
* case this function is a no-op.
*/
-void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx );
+void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx);
/**
* \brief This function sets the ChaCha20-Poly1305
@@ -137,8 +135,8 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
- const unsigned char key[32] );
+int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx,
+ const unsigned char key[32]);
/**
* \brief This function starts a ChaCha20-Poly1305 encryption or
@@ -165,9 +163,9 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
- const unsigned char nonce[12],
- mbedtls_chachapoly_mode_t mode );
+int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx,
+ const unsigned char nonce[12],
+ mbedtls_chachapoly_mode_t mode);
/**
* \brief This function feeds additional data to be authenticated
@@ -208,9 +206,9 @@
* if the operations has not been started or has been
* finished, or if the AAD has been finished.
*/
-int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
- const unsigned char *aad,
- size_t aad_len );
+int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx,
+ const unsigned char *aad,
+ size_t aad_len);
/**
* \brief Thus function feeds data to be encrypted or decrypted
@@ -243,10 +241,10 @@
* finished.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
- size_t len,
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx,
+ size_t len,
+ const unsigned char *input,
+ unsigned char *output);
/**
* \brief This function finished the ChaCha20-Poly1305 operation and
@@ -264,8 +262,8 @@
* finished.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
- unsigned char mac[16] );
+int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx,
+ unsigned char mac[16]);
/**
* \brief This function performs a complete ChaCha20-Poly1305
@@ -296,14 +294,14 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
- size_t length,
- const unsigned char nonce[12],
- const unsigned char *aad,
- size_t aad_len,
- const unsigned char *input,
- unsigned char *output,
- unsigned char tag[16] );
+int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx,
+ size_t length,
+ const unsigned char nonce[12],
+ const unsigned char *aad,
+ size_t aad_len,
+ const unsigned char *input,
+ unsigned char *output,
+ unsigned char tag[16]);
/**
* \brief This function performs a complete ChaCha20-Poly1305
@@ -330,14 +328,14 @@
* if the data was not authentic.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
- size_t length,
- const unsigned char nonce[12],
- const unsigned char *aad,
- size_t aad_len,
- const unsigned char tag[16],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx,
+ size_t length,
+ const unsigned char nonce[12],
+ const unsigned char *aad,
+ size_t aad_len,
+ const unsigned char tag[16],
+ const unsigned char *input,
+ unsigned char *output);
#if defined(MBEDTLS_SELF_TEST)
/**
@@ -346,7 +344,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_chachapoly_self_test( int verbose );
+int mbedtls_chachapoly_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 151da1d..e09bd92 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -271,8 +271,7 @@
* mbedtls_cipher_info_from_values(),
* mbedtls_cipher_info_from_psa().
*/
-typedef struct mbedtls_cipher_info_t
-{
+typedef struct mbedtls_cipher_info_t {
/** Full cipher identifier. For example,
* MBEDTLS_CIPHER_AES_256_CBC.
*/
@@ -288,7 +287,7 @@
unsigned int MBEDTLS_PRIVATE(key_bitlen);
/** Name of the cipher. */
- const char * MBEDTLS_PRIVATE(name);
+ const char *MBEDTLS_PRIVATE(name);
/** IV or nonce size, in Bytes.
* For ciphers that accept variable IV sizes,
@@ -313,8 +312,7 @@
/**
* Generic cipher context.
*/
-typedef struct mbedtls_cipher_context_t
-{
+typedef struct mbedtls_cipher_context_t {
/** Information about the associated cipher. */
const mbedtls_cipher_info_t *MBEDTLS_PRIVATE(cipher_info);
@@ -330,8 +328,8 @@
/** Padding functions to use, if relevant for
* the specific cipher mode.
*/
- void (*MBEDTLS_PRIVATE(add_padding))( unsigned char *output, size_t olen, size_t data_len );
- int (*MBEDTLS_PRIVATE(get_padding))( unsigned char *input, size_t ilen, size_t *data_len );
+ void(*MBEDTLS_PRIVATE(add_padding))(unsigned char *output, size_t olen, size_t data_len);
+ int(*MBEDTLS_PRIVATE(get_padding))(unsigned char *input, size_t ilen, size_t *data_len);
#endif
/** Buffer for input that has not been processed yet. */
@@ -381,7 +379,7 @@
* \return A statically-allocated array of cipher identifiers
* of type cipher_type_t. The last entry is zero.
*/
-const int *mbedtls_cipher_list( void );
+const int *mbedtls_cipher_list(void);
/**
* \brief This function retrieves the cipher-information
@@ -394,7 +392,7 @@
* given \p cipher_name.
* \return \c NULL if the associated cipher information is not found.
*/
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string(const char *cipher_name);
/**
* \brief This function retrieves the cipher-information
@@ -406,7 +404,7 @@
* given \p cipher_type.
* \return \c NULL if the associated cipher information is not found.
*/
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type);
/**
* \brief This function retrieves the cipher-information
@@ -422,9 +420,9 @@
* given \p cipher_id.
* \return \c NULL if the associated cipher information is not found.
*/
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
- int key_bitlen,
- const mbedtls_cipher_mode_t mode );
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id,
+ int key_bitlen,
+ const mbedtls_cipher_mode_t mode);
/**
* \brief Retrieve the identifier for a cipher info structure.
@@ -436,12 +434,13 @@
* \return #MBEDTLS_CIPHER_NONE if \p info is \c NULL.
*/
static inline mbedtls_cipher_type_t mbedtls_cipher_info_get_type(
- const mbedtls_cipher_info_t *info )
+ const mbedtls_cipher_info_t *info)
{
- if( info == NULL )
- return( MBEDTLS_CIPHER_NONE );
- else
- return( info->MBEDTLS_PRIVATE(type) );
+ if (info == NULL) {
+ return MBEDTLS_CIPHER_NONE;
+ } else {
+ return info->MBEDTLS_PRIVATE(type);
+ }
}
/**
@@ -454,12 +453,13 @@
* \return #MBEDTLS_MODE_NONE if \p info is \c NULL.
*/
static inline mbedtls_cipher_mode_t mbedtls_cipher_info_get_mode(
- const mbedtls_cipher_info_t *info )
+ const mbedtls_cipher_info_t *info)
{
- if( info == NULL )
- return( MBEDTLS_MODE_NONE );
- else
- return( info->MBEDTLS_PRIVATE(mode) );
+ if (info == NULL) {
+ return MBEDTLS_MODE_NONE;
+ } else {
+ return info->MBEDTLS_PRIVATE(mode);
+ }
}
/**
@@ -474,12 +474,13 @@
* \return \c 0 if \p info is \c NULL.
*/
static inline size_t mbedtls_cipher_info_get_key_bitlen(
- const mbedtls_cipher_info_t *info )
+ const mbedtls_cipher_info_t *info)
{
- if( info == NULL )
- return( 0 );
- else
- return( info->MBEDTLS_PRIVATE(key_bitlen) );
+ if (info == NULL) {
+ return 0;
+ } else {
+ return info->MBEDTLS_PRIVATE(key_bitlen);
+ }
}
/**
@@ -494,12 +495,13 @@
* \return \c NULL if \c info is \p NULL.
*/
static inline const char *mbedtls_cipher_info_get_name(
- const mbedtls_cipher_info_t *info )
+ const mbedtls_cipher_info_t *info)
{
- if( info == NULL )
- return( NULL );
- else
- return( info->MBEDTLS_PRIVATE(name) );
+ if (info == NULL) {
+ return NULL;
+ } else {
+ return info->MBEDTLS_PRIVATE(name);
+ }
}
/**
@@ -513,12 +515,13 @@
* \return \c 0 if \p info is \c NULL.
*/
static inline size_t mbedtls_cipher_info_get_iv_size(
- const mbedtls_cipher_info_t *info )
+ const mbedtls_cipher_info_t *info)
{
- if( info == NULL )
- return( 0 );
+ if (info == NULL) {
+ return 0;
+ }
- return( (size_t) info->MBEDTLS_PRIVATE(iv_size) );
+ return (size_t) info->MBEDTLS_PRIVATE(iv_size);
}
/**
@@ -532,12 +535,13 @@
* \return \c 0 if \p info is \c NULL.
*/
static inline size_t mbedtls_cipher_info_get_block_size(
- const mbedtls_cipher_info_t *info )
+ const mbedtls_cipher_info_t *info)
{
- if( info == NULL )
- return( 0 );
+ if (info == NULL) {
+ return 0;
+ }
- return( (size_t) info->MBEDTLS_PRIVATE(block_size) );
+ return (size_t) info->MBEDTLS_PRIVATE(block_size);
}
/**
@@ -550,12 +554,13 @@
* \return \c 0 if the given pointer is \c NULL.
*/
static inline int mbedtls_cipher_info_has_variable_key_bitlen(
- const mbedtls_cipher_info_t *info )
+ const mbedtls_cipher_info_t *info)
{
- if( info == NULL )
- return( 0 );
+ if (info == NULL) {
+ return 0;
+ }
- return( info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_KEY_LEN );
+ return info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_KEY_LEN;
}
/**
@@ -568,12 +573,13 @@
* \return \c 0 if the given pointer is \c NULL.
*/
static inline int mbedtls_cipher_info_has_variable_iv_size(
- const mbedtls_cipher_info_t *info )
+ const mbedtls_cipher_info_t *info)
{
- if( info == NULL )
- return( 0 );
+ if (info == NULL) {
+ return 0;
+ }
- return( info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_IV_LEN );
+ return info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_IV_LEN;
}
/**
@@ -581,7 +587,7 @@
*
* \param ctx The context to be initialized. This must not be \c NULL.
*/
-void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
+void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx);
/**
* \brief This function frees and clears the cipher-specific
@@ -592,7 +598,7 @@
* function has no effect, otherwise this must point to an
* initialized context.
*/
-void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
+void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx);
/**
@@ -621,8 +627,8 @@
* \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
* cipher-specific context fails.
*/
-int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
- const mbedtls_cipher_info_t *cipher_info );
+int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx,
+ const mbedtls_cipher_info_t *cipher_info);
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
@@ -652,8 +658,9 @@
* \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
* cipher-specific context fails.
*/
-int MBEDTLS_DEPRECATED mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
- const mbedtls_cipher_info_t *cipher_info, size_t taglen );
+int MBEDTLS_DEPRECATED mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx,
+ const mbedtls_cipher_info_t *cipher_info,
+ size_t taglen);
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
@@ -668,11 +675,12 @@
* \return \c 0 if \p ctx has not been initialized.
*/
static inline unsigned int mbedtls_cipher_get_block_size(
- const mbedtls_cipher_context_t *ctx )
+ const mbedtls_cipher_context_t *ctx)
{
- MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
- if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
+ MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
+ if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return 0;
+ }
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size);
}
@@ -687,11 +695,12 @@
* \return #MBEDTLS_MODE_NONE if \p ctx has not been initialized.
*/
static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
- const mbedtls_cipher_context_t *ctx )
+ const mbedtls_cipher_context_t *ctx)
{
- MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE );
- if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
+ MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, MBEDTLS_MODE_NONE);
+ if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return MBEDTLS_MODE_NONE;
+ }
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode);
}
@@ -707,14 +716,16 @@
* \return The actual size if an IV has been set.
*/
static inline int mbedtls_cipher_get_iv_size(
- const mbedtls_cipher_context_t *ctx )
+ const mbedtls_cipher_context_t *ctx)
{
- MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
- if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
+ MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
+ if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return 0;
+ }
- if( ctx->MBEDTLS_PRIVATE(iv_size) != 0 )
+ if (ctx->MBEDTLS_PRIVATE(iv_size) != 0) {
return (int) ctx->MBEDTLS_PRIVATE(iv_size);
+ }
return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size);
}
@@ -728,12 +739,13 @@
* \return #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized.
*/
static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
- const mbedtls_cipher_context_t *ctx )
+ const mbedtls_cipher_context_t *ctx)
{
MBEDTLS_INTERNAL_VALIDATE_RET(
- ctx != NULL, MBEDTLS_CIPHER_NONE );
- if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
+ ctx != NULL, MBEDTLS_CIPHER_NONE);
+ if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return MBEDTLS_CIPHER_NONE;
+ }
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type);
}
@@ -748,11 +760,12 @@
* \return NULL if \p ctx has not been not initialized.
*/
static inline const char *mbedtls_cipher_get_name(
- const mbedtls_cipher_context_t *ctx )
+ const mbedtls_cipher_context_t *ctx)
{
- MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
- if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
+ MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
+ if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return 0;
+ }
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(name);
}
@@ -767,12 +780,13 @@
* initialized.
*/
static inline int mbedtls_cipher_get_key_bitlen(
- const mbedtls_cipher_context_t *ctx )
+ const mbedtls_cipher_context_t *ctx)
{
MBEDTLS_INTERNAL_VALIDATE_RET(
- ctx != NULL, MBEDTLS_KEY_LENGTH_NONE );
- if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
+ ctx != NULL, MBEDTLS_KEY_LENGTH_NONE);
+ if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return MBEDTLS_KEY_LENGTH_NONE;
+ }
return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen);
}
@@ -786,12 +800,13 @@
* \return #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized.
*/
static inline mbedtls_operation_t mbedtls_cipher_get_operation(
- const mbedtls_cipher_context_t *ctx )
+ const mbedtls_cipher_context_t *ctx)
{
MBEDTLS_INTERNAL_VALIDATE_RET(
- ctx != NULL, MBEDTLS_OPERATION_NONE );
- if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
+ ctx != NULL, MBEDTLS_OPERATION_NONE);
+ if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return MBEDTLS_OPERATION_NONE;
+ }
return ctx->MBEDTLS_PRIVATE(operation);
}
@@ -812,10 +827,10 @@
* parameter-verification failure.
* \return A cipher-specific error code on failure.
*/
-int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
- const unsigned char *key,
- int key_bitlen,
- const mbedtls_operation_t operation );
+int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
+ const unsigned char *key,
+ int key_bitlen,
+ const mbedtls_operation_t operation);
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
/**
@@ -834,8 +849,8 @@
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
* does not support padding.
*/
-int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
- mbedtls_cipher_padding_t mode );
+int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx,
+ mbedtls_cipher_padding_t mode);
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
/**
@@ -862,9 +877,9 @@
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
* parameter-verification failure.
*/
-int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
- const unsigned char *iv,
- size_t iv_len );
+int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
+ const unsigned char *iv,
+ size_t iv_len);
/**
* \brief This function resets the cipher state.
@@ -898,7 +913,7 @@
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
* parameter-verification failure.
*/
-int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
+int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx);
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
/**
@@ -913,8 +928,8 @@
* \return \c 0 on success.
* \return A specific error code on failure.
*/
-int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
- const unsigned char *ad, size_t ad_len );
+int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx,
+ const unsigned char *ad, size_t ad_len);
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
/**
@@ -946,10 +961,10 @@
* unsupported mode for a cipher.
* \return A cipher-specific error code on failure.
*/
-int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx,
- const unsigned char *input,
- size_t ilen, unsigned char *output,
- size_t *olen );
+int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx,
+ const unsigned char *input,
+ size_t ilen, unsigned char *output,
+ size_t *olen);
/**
* \brief The generic cipher finalization function. If data still
@@ -973,8 +988,8 @@
* while decrypting.
* \return A cipher-specific error code on failure.
*/
-int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
- unsigned char *output, size_t *olen );
+int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx,
+ unsigned char *output, size_t *olen);
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
/**
@@ -993,8 +1008,8 @@
* \return \c 0 on success.
* \return A specific error code on failure.
*/
-int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
- unsigned char *tag, size_t tag_len );
+int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx,
+ unsigned char *tag, size_t tag_len);
/**
* \brief This function checks the tag for AEAD ciphers.
@@ -1009,8 +1024,8 @@
* \return \c 0 on success.
* \return A specific error code on failure.
*/
-int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
- const unsigned char *tag, size_t tag_len );
+int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx,
+ const unsigned char *tag, size_t tag_len);
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
/**
@@ -1046,10 +1061,10 @@
* while decrypting.
* \return A cipher-specific error code on failure.
*/
-int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
- const unsigned char *iv, size_t iv_len,
- const unsigned char *input, size_t ilen,
- unsigned char *output, size_t *olen );
+int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t *olen);
#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
/**
@@ -1096,12 +1111,12 @@
* parameter-verification failure.
* \return A cipher-specific error code on failure.
*/
-int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx,
- const unsigned char *iv, size_t iv_len,
- const unsigned char *ad, size_t ad_len,
- const unsigned char *input, size_t ilen,
- unsigned char *output, size_t output_len,
- size_t *olen, size_t tag_len );
+int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *ad, size_t ad_len,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t output_len,
+ size_t *olen, size_t tag_len);
/**
* \brief The authenticated encryption (AEAD/NIST_KW) function.
@@ -1152,12 +1167,12 @@
* \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
* \return A cipher-specific error code on failure.
*/
-int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx,
- const unsigned char *iv, size_t iv_len,
- const unsigned char *ad, size_t ad_len,
- const unsigned char *input, size_t ilen,
- unsigned char *output, size_t output_len,
- size_t *olen, size_t tag_len );
+int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx,
+ const unsigned char *iv, size_t iv_len,
+ const unsigned char *ad, size_t ad_len,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t output_len,
+ size_t *olen, size_t tag_len);
#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
#ifdef __cplusplus
}
diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index 21ce882..3125e70 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -49,8 +49,7 @@
/**
* The CMAC context structure.
*/
-struct mbedtls_cmac_context_t
-{
+struct mbedtls_cmac_context_t {
/** The internal state of the CMAC algorithm. */
unsigned char MBEDTLS_PRIVATE(state)[MBEDTLS_CIPHER_BLKSIZE_MAX];
@@ -96,8 +95,8 @@
* \return \c 0 on success.
* \return A cipher-specific error code on failure.
*/
-int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
- const unsigned char *key, size_t keybits );
+int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx,
+ const unsigned char *key, size_t keybits);
/**
* \brief This function feeds an input buffer into an ongoing CMAC
@@ -121,8 +120,8 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails.
*/
-int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
- const unsigned char *input, size_t ilen );
+int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx,
+ const unsigned char *input, size_t ilen);
/**
* \brief This function finishes an ongoing CMAC operation, and
@@ -140,8 +139,8 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails.
*/
-int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
- unsigned char *output );
+int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx,
+ unsigned char *output);
/**
* \brief This function starts a new CMAC operation with the same
@@ -159,7 +158,7 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails.
*/
-int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
+int mbedtls_cipher_cmac_reset(mbedtls_cipher_context_t *ctx);
/**
* \brief This function calculates the full generic CMAC
@@ -188,10 +187,10 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails.
*/
-int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
- const unsigned char *key, size_t keylen,
- const unsigned char *input, size_t ilen,
- unsigned char *output );
+int mbedtls_cipher_cmac(const mbedtls_cipher_info_t *cipher_info,
+ const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output);
#if defined(MBEDTLS_AES_C)
/**
@@ -211,12 +210,12 @@
*
* \return \c 0 on success.
*/
-int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
- const unsigned char *input, size_t in_len,
- unsigned char output[16] );
+int mbedtls_aes_cmac_prf_128(const unsigned char *key, size_t key_len,
+ const unsigned char *input, size_t in_len,
+ unsigned char output[16]);
#endif /* MBEDTLS_AES_C */
-#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
+#if defined(MBEDTLS_SELF_TEST) && (defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C))
/**
* \brief The CMAC checkup routine.
*
@@ -230,7 +229,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_cmac_self_test( int verbose );
+int mbedtls_cmac_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
#ifdef __cplusplus
diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index 5727c5e..09bc32c 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -296,9 +296,9 @@
(defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
defined(PSA_WANT_ALG_ECB_NO_PADDING) || \
(defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
- !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
+ !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
(defined(PSA_WANT_ALG_CBC_PKCS7) && \
- !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
+ !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
(defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC))
#define PSA_HAVE_SOFT_BLOCK_MODE 1
#endif
diff --git a/include/mbedtls/constant_time.h b/include/mbedtls/constant_time.h
index fb1f7e9..91a9e7f 100644
--- a/include/mbedtls/constant_time.h
+++ b/include/mbedtls/constant_time.h
@@ -39,8 +39,8 @@
* \return Zero if the content of the two buffer is the same,
* otherwise non-zero.
*/
-int mbedtls_ct_memcmp( const void *a,
- const void *b,
- size_t n );
+int mbedtls_ct_memcmp(const void *a,
+ const void *b,
+ size_t n);
#endif /* MBEDTLS_CONSTANT_TIME_H */
diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h
index 2b66b53..8d28150 100644
--- a/include/mbedtls/ctr_drbg.h
+++ b/include/mbedtls/ctr_drbg.h
@@ -77,8 +77,8 @@
*/
#endif
-#define MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 ) /**< The key size for the DRBG operation, in bits. */
-#define MBEDTLS_CTR_DRBG_SEEDLEN ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE ) /**< The seed length, calculated as (counter + AES key). */
+#define MBEDTLS_CTR_DRBG_KEYBITS (MBEDTLS_CTR_DRBG_KEYSIZE * 8) /**< The key size for the DRBG operation, in bits. */
+#define MBEDTLS_CTR_DRBG_SEEDLEN (MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE) /**< The seed length, calculated as (counter + AES key). */
/**
* \name SECTION: Module settings
@@ -161,42 +161,41 @@
* the entropy source does not provide enough material to form a nonce.
* See the documentation of mbedtls_ctr_drbg_seed() for more information.
*/
-#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN ( MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1 ) / 2
+#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2
#endif
/**
* \brief The CTR_DRBG context structure.
*/
-typedef struct mbedtls_ctr_drbg_context
-{
+typedef struct mbedtls_ctr_drbg_context {
unsigned char MBEDTLS_PRIVATE(counter)[16]; /*!< The counter (V). */
int MBEDTLS_PRIVATE(reseed_counter); /*!< The reseed counter.
- * This is the number of requests that have
- * been made since the last (re)seeding,
- * minus one.
- * Before the initial seeding, this field
- * contains the amount of entropy in bytes
- * to use as a nonce for the initial seeding,
- * or -1 if no nonce length has been explicitly
- * set (see mbedtls_ctr_drbg_set_nonce_len()).
- */
+ * This is the number of requests that have
+ * been made since the last (re)seeding,
+ * minus one.
+ * Before the initial seeding, this field
+ * contains the amount of entropy in bytes
+ * to use as a nonce for the initial seeding,
+ * or -1 if no nonce length has been explicitly
+ * set (see mbedtls_ctr_drbg_set_nonce_len()).
+ */
int MBEDTLS_PRIVATE(prediction_resistance); /*!< This determines whether prediction
- resistance is enabled, that is
- whether to systematically reseed before
- each random generation. */
+ resistance is enabled, that is
+ whether to systematically reseed before
+ each random generation. */
size_t MBEDTLS_PRIVATE(entropy_len); /*!< The amount of entropy grabbed on each
- seed or reseed operation, in bytes. */
+ seed or reseed operation, in bytes. */
int MBEDTLS_PRIVATE(reseed_interval); /*!< The reseed interval.
- * This is the maximum number of requests
- * that can be made between reseedings. */
+ * This is the maximum number of requests
+ * that can be made between reseedings. */
mbedtls_aes_context MBEDTLS_PRIVATE(aes_ctx); /*!< The AES context. */
/*
* Callbacks (Entropy)
*/
- int (*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t);
- /*!< The entropy callback function. */
+ int(*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t);
+ /*!< The entropy callback function. */
void *MBEDTLS_PRIVATE(p_entropy); /*!< The context for the entropy function. */
@@ -225,7 +224,7 @@
*
* \param ctx The CTR_DRBG context to initialize.
*/
-void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
+void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx);
/**
* \brief This function seeds and sets up the CTR_DRBG
@@ -326,11 +325,11 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
*/
-int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
- int (*f_entropy)(void *, unsigned char *, size_t),
- void *p_entropy,
- const unsigned char *custom,
- size_t len );
+int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx,
+ int (*f_entropy)(void *, unsigned char *, size_t),
+ void *p_entropy,
+ const unsigned char *custom,
+ size_t len);
/**
* \brief This function resets CTR_DRBG context to the state immediately
@@ -338,7 +337,7 @@
*
* \param ctx The CTR_DRBG context to clear.
*/
-void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx );
+void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx);
/**
* \brief This function turns prediction resistance on or off.
@@ -353,8 +352,8 @@
* \param ctx The CTR_DRBG context.
* \param resistance #MBEDTLS_CTR_DRBG_PR_ON or #MBEDTLS_CTR_DRBG_PR_OFF.
*/
-void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
- int resistance );
+void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx,
+ int resistance);
/**
* \brief This function sets the amount of entropy grabbed on each
@@ -380,8 +379,8 @@
* and at most the maximum length accepted by the
* entropy function that is set in the context.
*/
-void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
- size_t len );
+void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx,
+ size_t len);
/**
* \brief This function sets the amount of entropy grabbed
@@ -402,8 +401,8 @@
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
* if the initial seeding has already taken place.
*/
-int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx,
- size_t len );
+int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx,
+ size_t len);
/**
* \brief This function sets the reseed interval.
@@ -417,8 +416,8 @@
* \param ctx The CTR_DRBG context.
* \param interval The reseed interval.
*/
-void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
- int interval );
+void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx,
+ int interval);
/**
* \brief This function reseeds the CTR_DRBG context, that is
@@ -440,8 +439,8 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
*/
-int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
- const unsigned char *additional, size_t len );
+int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx,
+ const unsigned char *additional, size_t len);
/**
* \brief This function updates the state of the CTR_DRBG context.
@@ -463,9 +462,9 @@
* #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT.
* \return An error from the underlying AES cipher on failure.
*/
-int mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
- const unsigned char *additional,
- size_t add_len );
+int mbedtls_ctr_drbg_update(mbedtls_ctr_drbg_context *ctx,
+ const unsigned char *additional,
+ size_t add_len);
/**
* \brief This function updates a CTR_DRBG instance with additional
@@ -498,9 +497,9 @@
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
* #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
*/
-int mbedtls_ctr_drbg_random_with_add( void *p_rng,
- unsigned char *output, size_t output_len,
- const unsigned char *additional, size_t add_len );
+int mbedtls_ctr_drbg_random_with_add(void *p_rng,
+ unsigned char *output, size_t output_len,
+ const unsigned char *additional, size_t add_len);
/**
* \brief This function uses CTR_DRBG to generate random data.
@@ -526,8 +525,8 @@
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
* #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
*/
-int mbedtls_ctr_drbg_random( void *p_rng,
- unsigned char *output, size_t output_len );
+int mbedtls_ctr_drbg_random(void *p_rng,
+ unsigned char *output, size_t output_len);
#if defined(MBEDTLS_FS_IO)
/**
@@ -541,7 +540,7 @@
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on reseed
* failure.
*/
-int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
+int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path);
/**
* \brief This function reads and updates a seed file. The seed
@@ -557,7 +556,7 @@
* \return #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if the existing
* seed file is too large.
*/
-int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
+int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path);
#endif /* MBEDTLS_FS_IO */
#if defined(MBEDTLS_SELF_TEST)
@@ -568,7 +567,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_ctr_drbg_self_test( int verbose );
+int mbedtls_ctr_drbg_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h
index 5c8aba8..2b0d00e 100644
--- a/include/mbedtls/debug.h
+++ b/include/mbedtls/debug.h
@@ -32,51 +32,51 @@
#if defined(MBEDTLS_DEBUG_C)
-#define MBEDTLS_DEBUG_STRIP_PARENS( ... ) __VA_ARGS__
+#define MBEDTLS_DEBUG_STRIP_PARENS(...) __VA_ARGS__
-#define MBEDTLS_SSL_DEBUG_MSG( level, args ) \
- mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__, \
- MBEDTLS_DEBUG_STRIP_PARENS args )
+#define MBEDTLS_SSL_DEBUG_MSG(level, args) \
+ mbedtls_debug_print_msg(ssl, level, __FILE__, __LINE__, \
+ MBEDTLS_DEBUG_STRIP_PARENS args)
-#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) \
- mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret )
+#define MBEDTLS_SSL_DEBUG_RET(level, text, ret) \
+ mbedtls_debug_print_ret(ssl, level, __FILE__, __LINE__, text, ret)
-#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) \
- mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len )
+#define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len) \
+ mbedtls_debug_print_buf(ssl, level, __FILE__, __LINE__, text, buf, len)
#if defined(MBEDTLS_BIGNUM_C)
-#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) \
- mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X )
+#define MBEDTLS_SSL_DEBUG_MPI(level, text, X) \
+ mbedtls_debug_print_mpi(ssl, level, __FILE__, __LINE__, text, X)
#endif
#if defined(MBEDTLS_ECP_C)
-#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) \
- mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X )
+#define MBEDTLS_SSL_DEBUG_ECP(level, text, X) \
+ mbedtls_debug_print_ecp(ssl, level, __FILE__, __LINE__, text, X)
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if !defined(MBEDTLS_X509_REMOVE_INFO)
-#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \
- mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt )
+#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) \
+ mbedtls_debug_print_crt(ssl, level, __FILE__, __LINE__, text, crt)
#else
-#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )
+#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) do { } while (0)
#endif /* MBEDTLS_X509_REMOVE_INFO */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_ECDH_C)
-#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) \
- mbedtls_debug_printf_ecdh( ssl, level, __FILE__, __LINE__, ecdh, attr )
+#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) \
+ mbedtls_debug_printf_ecdh(ssl, level, __FILE__, __LINE__, ecdh, attr)
#endif
#else /* MBEDTLS_DEBUG_C */
-#define MBEDTLS_SSL_DEBUG_MSG( level, args ) do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) do { } while( 0 )
+#define MBEDTLS_SSL_DEBUG_MSG(level, args) do { } while (0)
+#define MBEDTLS_SSL_DEBUG_RET(level, text, ret) do { } while (0)
+#define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len) do { } while (0)
+#define MBEDTLS_SSL_DEBUG_MPI(level, text, X) do { } while (0)
+#define MBEDTLS_SSL_DEBUG_ECP(level, text, X) do { } while (0)
+#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) do { } while (0)
+#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) do { } while (0)
#endif /* MBEDTLS_DEBUG_C */
@@ -96,7 +96,7 @@
#if __has_attribute(format)
#if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1
#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \
- __attribute__((__format__ (gnu_printf, string_index, first_to_check)))
+ __attribute__((__format__(gnu_printf, string_index, first_to_check)))
#else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */
#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \
__attribute__((format(printf, string_index, first_to_check)))
@@ -124,10 +124,12 @@
#include <inttypes.h>
#define MBEDTLS_PRINTF_SIZET PRIuPTR
#define MBEDTLS_PRINTF_LONGLONG "I64d"
-#else /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
+#else \
+ /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
#define MBEDTLS_PRINTF_SIZET "zu"
#define MBEDTLS_PRINTF_LONGLONG "lld"
-#endif /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
+#endif \
+ /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
#ifdef __cplusplus
extern "C" {
@@ -148,7 +150,7 @@
* - 3 Informational
* - 4 Verbose
*/
-void mbedtls_debug_set_threshold( int threshold );
+void mbedtls_debug_set_threshold(int threshold);
/**
* \brief Print a message to the debug output. This function is always used
@@ -165,9 +167,9 @@
* \attention This function is intended for INTERNAL usage within the
* library only.
*/
-void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *format, ... ) MBEDTLS_PRINTF_ATTRIBUTE(5, 6);
+void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
+ const char *file, int line,
+ const char *format, ...) MBEDTLS_PRINTF_ATTRIBUTE(5, 6);
/**
* \brief Print the return value of a function to the debug output. This
@@ -184,9 +186,9 @@
* \attention This function is intended for INTERNAL usage within the
* library only.
*/
-void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *text, int ret );
+void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level,
+ const char *file, int line,
+ const char *text, int ret);
/**
* \brief Output a buffer of size len bytes to the debug output. This function
@@ -205,9 +207,9 @@
* \attention This function is intended for INTERNAL usage within the
* library only.
*/
-void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line, const char *text,
- const unsigned char *buf, size_t len );
+void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level,
+ const char *file, int line, const char *text,
+ const unsigned char *buf, size_t len);
#if defined(MBEDTLS_BIGNUM_C)
/**
@@ -226,9 +228,9 @@
* \attention This function is intended for INTERNAL usage within the
* library only.
*/
-void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *text, const mbedtls_mpi *X );
+void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level,
+ const char *file, int line,
+ const char *text, const mbedtls_mpi *X);
#endif
#if defined(MBEDTLS_ECP_C)
@@ -248,9 +250,9 @@
* \attention This function is intended for INTERNAL usage within the
* library only.
*/
-void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *text, const mbedtls_ecp_point *X );
+void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level,
+ const char *file, int line,
+ const char *text, const mbedtls_ecp_point *X);
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
@@ -269,14 +271,13 @@
* \attention This function is intended for INTERNAL usage within the
* library only.
*/
-void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *text, const mbedtls_x509_crt *crt );
+void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
+ const char *file, int line,
+ const char *text, const mbedtls_x509_crt *crt);
#endif
#if defined(MBEDTLS_ECDH_C)
-typedef enum
-{
+typedef enum {
MBEDTLS_DEBUG_ECDH_Q,
MBEDTLS_DEBUG_ECDH_QP,
MBEDTLS_DEBUG_ECDH_Z,
@@ -298,10 +299,10 @@
* \attention This function is intended for INTERNAL usage within the
* library only.
*/
-void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const mbedtls_ecdh_context *ecdh,
- mbedtls_debug_ecdh_attr attr );
+void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
+ const char *file, int line,
+ const mbedtls_ecdh_context *ecdh,
+ mbedtls_debug_ecdh_attr attr);
#endif
#ifdef __cplusplus
diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h
index be74cb1..5a18634 100644
--- a/include/mbedtls/des.h
+++ b/include/mbedtls/des.h
@@ -57,8 +57,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-typedef struct mbedtls_des_context
-{
+typedef struct mbedtls_des_context {
uint32_t MBEDTLS_PRIVATE(sk)[32]; /*!< DES subkeys */
}
mbedtls_des_context;
@@ -66,8 +65,7 @@
/**
* \brief Triple-DES context structure
*/
-typedef struct mbedtls_des3_context
-{
+typedef struct mbedtls_des3_context {
uint32_t MBEDTLS_PRIVATE(sk)[96]; /*!< 3DES subkeys */
}
mbedtls_des3_context;
@@ -85,7 +83,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-void mbedtls_des_init( mbedtls_des_context *ctx );
+void mbedtls_des_init(mbedtls_des_context *ctx);
/**
* \brief Clear DES context
@@ -96,21 +94,21 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-void mbedtls_des_free( mbedtls_des_context *ctx );
+void mbedtls_des_free(mbedtls_des_context *ctx);
/**
* \brief Initialize Triple-DES context
*
* \param ctx DES3 context to be initialized
*/
-void mbedtls_des3_init( mbedtls_des3_context *ctx );
+void mbedtls_des3_init(mbedtls_des3_context *ctx);
/**
* \brief Clear Triple-DES context
*
* \param ctx DES3 context to be cleared
*/
-void mbedtls_des3_free( mbedtls_des3_context *ctx );
+void mbedtls_des3_free(mbedtls_des3_context *ctx);
/**
* \brief Set key parity on the given key to odd.
@@ -124,7 +122,7 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/**
* \brief Check that key parity on the given key is odd.
@@ -141,7 +139,7 @@
* instead.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/**
* \brief Check that key is not a weak or semi-weak DES key
@@ -155,7 +153,7 @@
* instead.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/**
* \brief DES key schedule (56-bit, encryption)
@@ -170,7 +168,7 @@
* instead.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/**
* \brief DES key schedule (56-bit, decryption)
@@ -185,7 +183,7 @@
* instead.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/**
* \brief Triple-DES key schedule (112-bit, encryption)
@@ -196,8 +194,8 @@
* \return 0
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
- const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
+int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx,
+ const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
/**
* \brief Triple-DES key schedule (112-bit, decryption)
@@ -208,8 +206,8 @@
* \return 0
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
- const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
+int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx,
+ const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
/**
* \brief Triple-DES key schedule (168-bit, encryption)
@@ -220,8 +218,8 @@
* \return 0
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
- const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
+int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx,
+ const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
/**
* \brief Triple-DES key schedule (168-bit, decryption)
@@ -232,8 +230,8 @@
* \return 0
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
- const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
+int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx,
+ const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
/**
* \brief DES-ECB block encryption/decryption
@@ -249,9 +247,9 @@
* instead.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
- const unsigned char input[8],
- unsigned char output[8] );
+int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx,
+ const unsigned char input[8],
+ unsigned char output[8]);
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/**
@@ -277,12 +275,12 @@
* instead.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[8],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx,
+ int mode,
+ size_t length,
+ unsigned char iv[8],
+ const unsigned char *input,
+ unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */
/**
@@ -295,9 +293,9 @@
* \return 0 if successful
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
- const unsigned char input[8],
- unsigned char output[8] );
+int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx,
+ const unsigned char input[8],
+ unsigned char output[8]);
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/**
@@ -321,12 +319,12 @@
* \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[8],
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx,
+ int mode,
+ size_t length,
+ unsigned char iv[8],
+ const unsigned char *input,
+ unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */
/**
@@ -341,8 +339,8 @@
* security risk. We recommend considering stronger ciphers
* instead.
*/
-void mbedtls_des_setkey( uint32_t SK[32],
- const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+void mbedtls_des_setkey(uint32_t SK[32],
+ const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
#if defined(MBEDTLS_SELF_TEST)
@@ -352,7 +350,7 @@
* \return 0 if successful, or 1 if the test failed
*/
MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_des_self_test( int verbose );
+int mbedtls_des_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
index 32a957d..6ffe681 100644
--- a/include/mbedtls/dhm.h
+++ b/include/mbedtls/dhm.h
@@ -92,8 +92,7 @@
#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580
/** Which parameter to access in mbedtls_dhm_get_value(). */
-typedef enum
-{
+typedef enum {
MBEDTLS_DHM_PARAM_P, /*!< The prime modulus. */
MBEDTLS_DHM_PARAM_G, /*!< The generator. */
MBEDTLS_DHM_PARAM_X, /*!< Our secret value. */
@@ -111,8 +110,7 @@
/**
* \brief The DHM context structure.
*/
-typedef struct mbedtls_dhm_context
-{
+typedef struct mbedtls_dhm_context {
mbedtls_mpi MBEDTLS_PRIVATE(P); /*!< The prime modulus. */
mbedtls_mpi MBEDTLS_PRIVATE(G); /*!< The generator. */
mbedtls_mpi MBEDTLS_PRIVATE(X); /*!< Our secret value. */
@@ -135,7 +133,7 @@
*
* \param ctx The DHM context to initialize.
*/
-void mbedtls_dhm_init( mbedtls_dhm_context *ctx );
+void mbedtls_dhm_init(mbedtls_dhm_context *ctx);
/**
* \brief This function parses the DHM parameters in a
@@ -159,9 +157,9 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/
-int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
- unsigned char **p,
- const unsigned char *end );
+int mbedtls_dhm_read_params(mbedtls_dhm_context *ctx,
+ unsigned char **p,
+ const unsigned char *end);
/**
* \brief This function generates a DHM key pair and exports its
@@ -195,10 +193,10 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/
-int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
- unsigned char *output, size_t *olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size,
+ unsigned char *output, size_t *olen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This function sets the prime modulus and generator.
@@ -215,9 +213,9 @@
* \return \c 0 if successful.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/
-int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
- const mbedtls_mpi *P,
- const mbedtls_mpi *G );
+int mbedtls_dhm_set_group(mbedtls_dhm_context *ctx,
+ const mbedtls_mpi *P,
+ const mbedtls_mpi *G);
/**
* \brief This function imports the raw public value of the peer.
@@ -235,8 +233,8 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/
-int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
- const unsigned char *input, size_t ilen );
+int mbedtls_dhm_read_public(mbedtls_dhm_context *ctx,
+ const unsigned char *input, size_t ilen);
/**
* \brief This function creates a DHM key pair and exports
@@ -262,10 +260,10 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/
-int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
- unsigned char *output, size_t olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_dhm_make_public(mbedtls_dhm_context *ctx, int x_size,
+ unsigned char *output, size_t olen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This function derives and exports the shared secret
@@ -293,10 +291,10 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/
-int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
- unsigned char *output, size_t output_size, size_t *olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx,
+ unsigned char *output, size_t output_size, size_t *olen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This function returns the size of the prime modulus in bits.
@@ -306,7 +304,7 @@
* \return The size of the prime modulus in bits,
* i.e. the number n such that 2^(n-1) <= P < 2^n.
*/
-size_t mbedtls_dhm_get_bitlen( const mbedtls_dhm_context *ctx );
+size_t mbedtls_dhm_get_bitlen(const mbedtls_dhm_context *ctx);
/**
* \brief This function returns the size of the prime modulus in bytes.
@@ -316,7 +314,7 @@
* \return The size of the prime modulus in bytes,
* i.e. the number n such that 2^(8*(n-1)) <= P < 2^(8*n).
*/
-size_t mbedtls_dhm_get_len( const mbedtls_dhm_context *ctx );
+size_t mbedtls_dhm_get_len(const mbedtls_dhm_context *ctx);
/**
* \brief This function copies a parameter of a DHM key.
@@ -330,9 +328,9 @@
* \return #MBEDTLS_ERR_DHM_BAD_INPUT_DATA if \p field is invalid.
* \return An \c MBEDTLS_ERR_MPI_XXX error code if the copy fails.
*/
-int mbedtls_dhm_get_value( const mbedtls_dhm_context *ctx,
- mbedtls_dhm_parameter param,
- mbedtls_mpi *dest );
+int mbedtls_dhm_get_value(const mbedtls_dhm_context *ctx,
+ mbedtls_dhm_parameter param,
+ mbedtls_mpi *dest);
/**
* \brief This function frees and clears the components
@@ -342,7 +340,7 @@
* in which case this function is a no-op. If it is not \c NULL,
* it must point to an initialized DHM context.
*/
-void mbedtls_dhm_free( mbedtls_dhm_context *ctx );
+void mbedtls_dhm_free(mbedtls_dhm_context *ctx);
#if defined(MBEDTLS_ASN1_PARSE_C)
/**
@@ -359,8 +357,8 @@
* \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX error
* code on failure.
*/
-int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
- size_t dhminlen );
+int mbedtls_dhm_parse_dhm(mbedtls_dhm_context *dhm, const unsigned char *dhmin,
+ size_t dhminlen);
#if defined(MBEDTLS_FS_IO)
/**
@@ -375,7 +373,7 @@
* \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX
* error code on failure.
*/
-int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
+int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path);
#endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_ASN1_PARSE_C */
@@ -387,7 +385,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_dhm_self_test( int verbose );
+int mbedtls_dhm_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus
@@ -440,546 +438,546 @@
*/
#define MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN { \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+ 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
+ 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
+ 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
+ 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
+ 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
+ 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
+ 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
+ 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
+ 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
+ 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
+ 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
+ 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
+ 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, \
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
#define MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN { 0x02 }
#define MBEDTLS_DHM_RFC3526_MODP_3072_P_BIN { \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \
- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \
- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \
- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \
- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \
- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \
- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \
- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \
- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \
- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \
- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \
- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \
- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \
- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \
- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \
- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \
- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+ 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
+ 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
+ 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
+ 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
+ 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
+ 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
+ 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
+ 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
+ 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
+ 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
+ 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
+ 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
+ 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \
+ 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \
+ 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \
+ 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \
+ 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \
+ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \
+ 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \
+ 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \
+ 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \
+ 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \
+ 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \
+ 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \
+ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \
+ 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \
+ 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \
+ 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \
+ 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, \
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
#define MBEDTLS_DHM_RFC3526_MODP_3072_G_BIN { 0x02 }
#define MBEDTLS_DHM_RFC3526_MODP_4096_P_BIN { \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
- 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
- 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
- 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
- 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
- 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
- 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
- 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
- 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
- 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
- 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
- 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
- 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
- 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
- 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
- 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
- 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
- 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
- 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
- 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
- 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
- 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
- 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
- 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
- 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
- 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
- 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
- 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
- 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
- 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
- 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \
- 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \
- 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \
- 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \
- 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \
- 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \
- 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \
- 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \
- 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \
- 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \
- 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \
- 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \
- 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \
- 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \
- 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \
- 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \
- 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, \
- 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, \
- 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, \
- 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, \
- 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, \
- 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, \
- 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, \
- 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, \
- 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, \
- 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, \
- 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, \
- 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, \
- 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, \
- 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, \
- 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, \
- 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, \
- 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+ 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
+ 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
+ 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
+ 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
+ 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
+ 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
+ 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
+ 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
+ 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
+ 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
+ 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
+ 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
+ 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
+ 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
+ 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
+ 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
+ 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
+ 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
+ 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
+ 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
+ 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
+ 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
+ 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
+ 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
+ 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
+ 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
+ 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
+ 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
+ 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
+ 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \
+ 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \
+ 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \
+ 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \
+ 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \
+ 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \
+ 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \
+ 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \
+ 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \
+ 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \
+ 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \
+ 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \
+ 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \
+ 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \
+ 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \
+ 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \
+ 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, \
+ 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, \
+ 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, \
+ 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, \
+ 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, \
+ 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, \
+ 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, \
+ 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, \
+ 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, \
+ 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, \
+ 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, \
+ 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, \
+ 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, \
+ 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, \
+ 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, \
+ 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, \
+ 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, \
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
#define MBEDTLS_DHM_RFC3526_MODP_4096_G_BIN { 0x02 }
#define MBEDTLS_DHM_RFC7919_FFDHE2048_P_BIN { \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
- 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
- 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
- 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
- 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
- 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
- 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
- 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
- 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
- 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
- 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
- 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
- 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
- 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
- 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
- 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
- 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
- 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
- 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
- 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
- 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
- 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
- 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
- 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
- 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
- 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
- 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
- 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
- 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
- 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
- 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+ 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+ 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+ 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+ 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+ 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+ 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+ 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+ 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+ 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+ 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+ 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+ 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+ 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+ 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+ 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+ 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+ 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+ 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+ 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+ 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+ 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+ 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+ 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+ 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+ 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+ 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+ 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+ 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+ 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+ 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, \
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }
#define MBEDTLS_DHM_RFC7919_FFDHE2048_G_BIN { 0x02 }
#define MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN { \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
- 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
- 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
- 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
- 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
- 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
- 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
- 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
- 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
- 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
- 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
- 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
- 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
- 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
- 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
- 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
- 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
- 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
- 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
- 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
- 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
- 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
- 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
- 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
- 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
- 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
- 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
- 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
- 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
- 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
- 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
- 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
- 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
- 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
- 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
- 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
- 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
- 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
- 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
- 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
- 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
- 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
- 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
- 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
- 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
- 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
- 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+ 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+ 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+ 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+ 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+ 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+ 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+ 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+ 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+ 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+ 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+ 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+ 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+ 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+ 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+ 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+ 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+ 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+ 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+ 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+ 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+ 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+ 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+ 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+ 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+ 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+ 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+ 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+ 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+ 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+ 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+ 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+ 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+ 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+ 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+ 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+ 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+ 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+ 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+ 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+ 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+ 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+ 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+ 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+ 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+ 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+ 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, \
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
#define MBEDTLS_DHM_RFC7919_FFDHE3072_G_BIN { 0x02 }
#define MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN { \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
- 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
- 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
- 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
- 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
- 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
- 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
- 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
- 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
- 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
- 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
- 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
- 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
- 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
- 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
- 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
- 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
- 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
- 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
- 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
- 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
- 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
- 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
- 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
- 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
- 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
- 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
- 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
- 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
- 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
- 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
- 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
- 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
- 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
- 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
- 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
- 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
- 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
- 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
- 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
- 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
- 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
- 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
- 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
- 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
- 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
- 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
- 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
- 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
- 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
- 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
- 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
- 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
- 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
- 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
- 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
- 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
- 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
- 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
- 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
- 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
- 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
- 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+ 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+ 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+ 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+ 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+ 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+ 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+ 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+ 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+ 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+ 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+ 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+ 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+ 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+ 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+ 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+ 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+ 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+ 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+ 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+ 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+ 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+ 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+ 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+ 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+ 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+ 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+ 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+ 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+ 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+ 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+ 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+ 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+ 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+ 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+ 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+ 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+ 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+ 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+ 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+ 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+ 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+ 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+ 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+ 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+ 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+ 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
+ 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
+ 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
+ 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
+ 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
+ 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
+ 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
+ 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
+ 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
+ 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
+ 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
+ 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
+ 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
+ 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
+ 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
+ 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
+ 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, \
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
#define MBEDTLS_DHM_RFC7919_FFDHE4096_G_BIN { 0x02 }
#define MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN { \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
- 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
- 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
- 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
- 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
- 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
- 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
- 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
- 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
- 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
- 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
- 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
- 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
- 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
- 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
- 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
- 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
- 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
- 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
- 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
- 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
- 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
- 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
- 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
- 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
- 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
- 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
- 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
- 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
- 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
- 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
- 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
- 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
- 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
- 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
- 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
- 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
- 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
- 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
- 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
- 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
- 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
- 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
- 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
- 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
- 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
- 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
- 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
- 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
- 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
- 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
- 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
- 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
- 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
- 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
- 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
- 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
- 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
- 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
- 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
- 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
- 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
- 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
- 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
- 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
- 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
- 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
- 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
- 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
- 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
- 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
- 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
- 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
- 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
- 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
- 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
- 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
- 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
- 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
- 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
- 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
- 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
- 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
- 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
- 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
- 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
- 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
- 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
- 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
- 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
- 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
- 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
- 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
- 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
- 0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+ 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+ 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+ 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+ 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+ 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+ 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+ 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+ 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+ 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+ 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+ 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+ 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+ 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+ 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+ 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+ 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+ 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+ 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+ 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+ 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+ 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+ 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+ 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+ 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+ 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+ 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+ 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+ 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+ 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+ 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+ 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+ 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+ 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+ 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+ 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+ 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+ 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+ 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+ 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+ 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+ 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+ 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+ 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+ 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+ 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+ 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
+ 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
+ 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
+ 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
+ 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
+ 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
+ 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
+ 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
+ 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
+ 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
+ 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
+ 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
+ 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
+ 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
+ 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
+ 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
+ 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
+ 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
+ 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
+ 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
+ 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
+ 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
+ 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
+ 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
+ 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
+ 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
+ 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
+ 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
+ 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
+ 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
+ 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
+ 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
+ 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
+ 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
+ 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
+ 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
+ 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
+ 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
+ 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
+ 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
+ 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
+ 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
+ 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
+ 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
+ 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
+ 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
+ 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
+ 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
+ 0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, \
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
#define MBEDTLS_DHM_RFC7919_FFDHE6144_G_BIN { 0x02 }
#define MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN { \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
- 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
- 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
- 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
- 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
- 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
- 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
- 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
- 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
- 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
- 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
- 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
- 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
- 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
- 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
- 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
- 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
- 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
- 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
- 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
- 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
- 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
- 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
- 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
- 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
- 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
- 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
- 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
- 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
- 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
- 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
- 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
- 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
- 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
- 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
- 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
- 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
- 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
- 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
- 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
- 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
- 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
- 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
- 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
- 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
- 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
- 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
- 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
- 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
- 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
- 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
- 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
- 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
- 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
- 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
- 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
- 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
- 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
- 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
- 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
- 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
- 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
- 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
- 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
- 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
- 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
- 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
- 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
- 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
- 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
- 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
- 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
- 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
- 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
- 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
- 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
- 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
- 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
- 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
- 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
- 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
- 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
- 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
- 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
- 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
- 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
- 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
- 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
- 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
- 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
- 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
- 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
- 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
- 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
- 0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, \
- 0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, \
- 0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, \
- 0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, \
- 0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, \
- 0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, \
- 0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, \
- 0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, \
- 0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, \
- 0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, \
- 0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, \
- 0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, \
- 0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, \
- 0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, \
- 0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, \
- 0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, \
- 0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, \
- 0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, \
- 0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, \
- 0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, \
- 0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, \
- 0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, \
- 0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, \
- 0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, \
- 0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, \
- 0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, \
- 0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, \
- 0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, \
- 0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, \
- 0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, \
- 0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, \
- 0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, \
- 0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, \
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+ 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+ 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+ 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+ 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+ 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+ 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+ 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+ 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+ 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+ 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+ 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+ 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+ 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+ 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+ 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+ 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+ 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+ 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+ 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+ 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+ 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+ 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+ 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+ 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+ 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+ 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+ 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+ 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+ 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+ 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+ 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+ 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+ 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+ 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+ 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+ 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+ 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+ 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+ 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+ 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+ 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+ 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+ 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+ 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+ 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+ 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
+ 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
+ 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
+ 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
+ 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
+ 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
+ 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
+ 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
+ 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
+ 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
+ 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
+ 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
+ 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
+ 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
+ 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
+ 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
+ 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
+ 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
+ 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
+ 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
+ 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
+ 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
+ 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
+ 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
+ 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
+ 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
+ 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
+ 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
+ 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
+ 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
+ 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
+ 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
+ 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
+ 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
+ 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
+ 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
+ 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
+ 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
+ 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
+ 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
+ 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
+ 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
+ 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
+ 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
+ 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
+ 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
+ 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
+ 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
+ 0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, \
+ 0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, \
+ 0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, \
+ 0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, \
+ 0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, \
+ 0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, \
+ 0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, \
+ 0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, \
+ 0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, \
+ 0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, \
+ 0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, \
+ 0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, \
+ 0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, \
+ 0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, \
+ 0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, \
+ 0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, \
+ 0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, \
+ 0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, \
+ 0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, \
+ 0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, \
+ 0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, \
+ 0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, \
+ 0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, \
+ 0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, \
+ 0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, \
+ 0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, \
+ 0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, \
+ 0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, \
+ 0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, \
+ 0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, \
+ 0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, \
+ 0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, \
+ 0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, \
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
#define MBEDTLS_DHM_RFC7919_FFDHE8192_G_BIN { 0x02 }
diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h
index 7fa7440..67c94f0 100644
--- a/include/mbedtls/ecdh.h
+++ b/include/mbedtls/ecdh.h
@@ -68,8 +68,7 @@
/**
* Defines the source of the imported EC key.
*/
-typedef enum
-{
+typedef enum {
MBEDTLS_ECDH_OURS, /**< Our key. */
MBEDTLS_ECDH_THEIRS, /**< The key of the peer. */
} mbedtls_ecdh_side;
@@ -81,8 +80,7 @@
* Later versions of the library may add new variants, therefore users should
* not make any assumptions about them.
*/
-typedef enum
-{
+typedef enum {
MBEDTLS_ECDH_VARIANT_NONE = 0, /*!< Implementation not defined. */
MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0,/*!< The default Mbed TLS implementation */
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
@@ -97,8 +95,7 @@
* should not make any assumptions about the structure of
* mbedtls_ecdh_context_mbed.
*/
-typedef struct mbedtls_ecdh_context_mbed
-{
+typedef struct mbedtls_ecdh_context_mbed {
mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */
mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */
mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< The public key. */
@@ -117,8 +114,7 @@
* should not be shared between multiple threads.
* \brief The ECDH context structure.
*/
-typedef struct mbedtls_ecdh_context
-{
+typedef struct mbedtls_ecdh_context {
#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */
mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */
@@ -135,24 +131,23 @@
#endif /* MBEDTLS_ECP_RESTARTABLE */
#else
uint8_t MBEDTLS_PRIVATE(point_format); /*!< The format of point export in TLS messages
- as defined in RFC 4492. */
+ as defined in RFC 4492. */
mbedtls_ecp_group_id MBEDTLS_PRIVATE(grp_id);/*!< The elliptic curve used. */
mbedtls_ecdh_variant MBEDTLS_PRIVATE(var); /*!< The ECDH implementation/structure used. */
- union
- {
+ union {
mbedtls_ecdh_context_mbed MBEDTLS_PRIVATE(mbed_ecdh);
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
mbedtls_ecdh_context_everest MBEDTLS_PRIVATE(everest_ecdh);
#endif
} MBEDTLS_PRIVATE(ctx); /*!< Implementation-specific context. The
- context in use is specified by the \c var
- field. */
+ context in use is specified by the \c var
+ field. */
#if defined(MBEDTLS_ECP_RESTARTABLE)
uint8_t MBEDTLS_PRIVATE(restart_enabled); /*!< The flag for restartable mode. Functions of
- an alternative implementation not supporting
- restartable mode must return
- MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error
- if this flag is set. */
+ an alternative implementation not supporting
+ restartable mode must return
+ MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error
+ if this flag is set. */
#endif /* MBEDTLS_ECP_RESTARTABLE */
#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */
}
@@ -165,7 +160,7 @@
*
* \return \c 1 if the group can be used, \c 0 otherwise
*/
-int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid );
+int mbedtls_ecdh_can_do(mbedtls_ecp_group_id gid);
/**
* \brief This function generates an ECDH keypair on an elliptic
@@ -192,9 +187,9 @@
* \return Another \c MBEDTLS_ERR_ECP_XXX or
* \c MBEDTLS_MPI_XXX error code on failure.
*/
-int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecdh_gen_public(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This function computes the shared secret.
@@ -227,17 +222,17 @@
* \return Another \c MBEDTLS_ERR_ECP_XXX or
* \c MBEDTLS_MPI_XXX error code on failure.
*/
-int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
- const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecdh_compute_shared(mbedtls_ecp_group *grp, mbedtls_mpi *z,
+ const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This function initializes an ECDH context.
*
* \param ctx The ECDH context to initialize. This must not be \c NULL.
*/
-void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
+void mbedtls_ecdh_init(mbedtls_ecdh_context *ctx);
/**
* \brief This function sets up the ECDH context with the information
@@ -255,8 +250,8 @@
*
* \return \c 0 on success.
*/
-int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx,
- mbedtls_ecp_group_id grp_id );
+int mbedtls_ecdh_setup(mbedtls_ecdh_context *ctx,
+ mbedtls_ecp_group_id grp_id);
/**
* \brief This function frees a context.
@@ -265,7 +260,7 @@
* case this function does nothing. If it is not \c NULL,
* it must point to an initialized ECDH context.
*/
-void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx );
+void mbedtls_ecdh_free(mbedtls_ecdh_context *ctx);
/**
* \brief This function generates an EC key pair and exports its
@@ -292,10 +287,10 @@
* operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/
-int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
- unsigned char *buf, size_t blen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecdh_make_params(mbedtls_ecdh_context *ctx, size_t *olen,
+ unsigned char *buf, size_t blen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This function parses the ECDHE parameters in a
@@ -321,9 +316,9 @@
* \return An \c MBEDTLS_ERR_ECP_XXX error code on failure.
*
*/
-int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
- const unsigned char **buf,
- const unsigned char *end );
+int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx,
+ const unsigned char **buf,
+ const unsigned char *end);
/**
* \brief This function sets up an ECDH context from an EC key.
@@ -344,9 +339,9 @@
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*
*/
-int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
- const mbedtls_ecp_keypair *key,
- mbedtls_ecdh_side side );
+int mbedtls_ecdh_get_params(mbedtls_ecdh_context *ctx,
+ const mbedtls_ecp_keypair *key,
+ mbedtls_ecdh_side side);
/**
* \brief This function generates a public key and exports it
@@ -374,10 +369,10 @@
* operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/
-int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
- unsigned char *buf, size_t blen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecdh_make_public(mbedtls_ecdh_context *ctx, size_t *olen,
+ unsigned char *buf, size_t blen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This function parses and processes the ECDHE payload of a
@@ -398,8 +393,8 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/
-int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
- const unsigned char *buf, size_t blen );
+int mbedtls_ecdh_read_public(mbedtls_ecdh_context *ctx,
+ const unsigned char *buf, size_t blen);
/**
* \brief This function derives and exports the shared secret.
@@ -430,10 +425,10 @@
* operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/
-int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
- unsigned char *buf, size_t blen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecdh_calc_secret(mbedtls_ecdh_context *ctx, size_t *olen,
+ unsigned char *buf, size_t blen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
#if defined(MBEDTLS_ECP_RESTARTABLE)
/**
@@ -448,7 +443,7 @@
*
* \param ctx The ECDH context to use. This must be initialized.
*/
-void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx );
+void mbedtls_ecdh_enable_restart(mbedtls_ecdh_context *ctx);
#endif /* MBEDTLS_ECP_RESTARTABLE */
#ifdef __cplusplus
diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h
index 967f07b..0a42040 100644
--- a/include/mbedtls/ecdsa.h
+++ b/include/mbedtls/ecdsa.h
@@ -53,13 +53,13 @@
*
* For each of r and s, the value (V) may include an extra initial "0" bit.
*/
-#define MBEDTLS_ECDSA_MAX_SIG_LEN( bits ) \
- ( /*T,L of SEQUENCE*/ ( ( bits ) >= 61 * 8 ? 3 : 2 ) + \
- /*T,L of r,s*/ 2 * ( ( ( bits ) >= 127 * 8 ? 3 : 2 ) + \
- /*V of r,s*/ ( ( bits ) + 8 ) / 8 ) )
+#define MBEDTLS_ECDSA_MAX_SIG_LEN(bits) \
+ (/*T,L of SEQUENCE*/ ((bits) >= 61 * 8 ? 3 : 2) + \
+ /*T,L of r,s*/ 2 * (((bits) >= 127 * 8 ? 3 : 2) + \
+ /*V of r,s*/ ((bits) + 8) / 8))
/** The maximal size of an ECDSA signature in Bytes. */
-#define MBEDTLS_ECDSA_MAX_LEN MBEDTLS_ECDSA_MAX_SIG_LEN( MBEDTLS_ECP_MAX_BITS )
+#define MBEDTLS_ECDSA_MAX_LEN MBEDTLS_ECDSA_MAX_SIG_LEN(MBEDTLS_ECP_MAX_BITS)
#ifdef __cplusplus
extern "C" {
@@ -102,10 +102,9 @@
/**
* \brief General context for resuming ECDSA operations
*/
-typedef struct
-{
+typedef struct {
mbedtls_ecp_restart_ctx MBEDTLS_PRIVATE(ecp); /*!< base context for ECP restart and
- shared administrative info */
+ shared administrative info */
mbedtls_ecdsa_restart_ver_ctx *MBEDTLS_PRIVATE(ver); /*!< ecdsa_verify() sub-context */
mbedtls_ecdsa_restart_sig_ctx *MBEDTLS_PRIVATE(sig); /*!< ecdsa_sign() sub-context */
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
@@ -128,7 +127,7 @@
*
* \return \c 1 if the group can be used, \c 0 otherwise
*/
-int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid );
+int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid);
/**
* \brief This function computes the ECDSA signature of a
@@ -166,9 +165,9 @@
* \return An \c MBEDTLS_ERR_ECP_XXX
* or \c MBEDTLS_MPI_XXX error code on failure.
*/
-int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
- const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
+ const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
/**
@@ -210,12 +209,12 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
* error code on failure.
*/
-int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r,
- mbedtls_mpi *s, const mbedtls_mpi *d,
- const unsigned char *buf, size_t blen,
- mbedtls_md_type_t md_alg,
- int (*f_rng_blind)(void *, unsigned char *, size_t),
- void *p_rng_blind );
+int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r,
+ mbedtls_mpi *s, const mbedtls_mpi *d,
+ const unsigned char *buf, size_t blen,
+ mbedtls_md_type_t md_alg,
+ int (*f_rng_blind)(void *, unsigned char *, size_t),
+ void *p_rng_blind);
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
/**
@@ -248,10 +247,10 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
* error code on failure.
*/
-int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
- const unsigned char *buf, size_t blen,
- const mbedtls_ecp_point *Q, const mbedtls_mpi *r,
- const mbedtls_mpi *s);
+int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp,
+ const unsigned char *buf, size_t blen,
+ const mbedtls_ecp_point *Q, const mbedtls_mpi *r,
+ const mbedtls_mpi *s);
/**
* \brief This function computes the ECDSA signature and writes it
@@ -302,12 +301,12 @@
* \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
* \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
-int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx,
- mbedtls_md_type_t md_alg,
- const unsigned char *hash, size_t hlen,
- unsigned char *sig, size_t sig_size, size_t *slen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx,
+ mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hlen,
+ unsigned char *sig, size_t sig_size, size_t *slen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This function computes the ECDSA signature and writes it
@@ -349,13 +348,13 @@
* \return Another \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
* \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/
-int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
- mbedtls_md_type_t md_alg,
- const unsigned char *hash, size_t hlen,
- unsigned char *sig, size_t sig_size, size_t *slen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- mbedtls_ecdsa_restart_ctx *rs_ctx );
+int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx,
+ mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hlen,
+ unsigned char *sig, size_t sig_size, size_t *slen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_ecdsa_restart_ctx *rs_ctx);
/**
* \brief This function reads and verifies an ECDSA signature.
@@ -384,9 +383,9 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
* error code on failure for any other reason.
*/
-int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
- const unsigned char *hash, size_t hlen,
- const unsigned char *sig, size_t slen );
+int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx,
+ const unsigned char *hash, size_t hlen,
+ const unsigned char *sig, size_t slen);
/**
* \brief This function reads and verifies an ECDSA signature,
@@ -419,10 +418,10 @@
* \return Another \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
* error code on failure for any other reason.
*/
-int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
- const unsigned char *hash, size_t hlen,
- const unsigned char *sig, size_t slen,
- mbedtls_ecdsa_restart_ctx *rs_ctx );
+int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx,
+ const unsigned char *hash, size_t hlen,
+ const unsigned char *sig, size_t slen,
+ mbedtls_ecdsa_restart_ctx *rs_ctx);
/**
* \brief This function generates an ECDSA keypair on the given curve.
@@ -440,8 +439,8 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX code on failure.
*/
-int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/**
* \brief This function sets up an ECDSA context from an EC key pair.
@@ -458,8 +457,8 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX code on failure.
*/
-int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx,
- const mbedtls_ecp_keypair *key );
+int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx,
+ const mbedtls_ecp_keypair *key);
/**
* \brief This function initializes an ECDSA context.
@@ -467,7 +466,7 @@
* \param ctx The ECDSA context to initialize.
* This must not be \c NULL.
*/
-void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx );
+void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx);
/**
* \brief This function frees an ECDSA context.
@@ -476,7 +475,7 @@
* in which case this function does nothing. If it
* is not \c NULL, it must be initialized.
*/
-void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx );
+void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx);
#if defined(MBEDTLS_ECP_RESTARTABLE)
/**
@@ -485,7 +484,7 @@
* \param ctx The restart context to initialize.
* This must not be \c NULL.
*/
-void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx );
+void mbedtls_ecdsa_restart_init(mbedtls_ecdsa_restart_ctx *ctx);
/**
* \brief Free the components of a restart context.
@@ -494,7 +493,7 @@
* in which case this function does nothing. If it
* is not \c NULL, it must be initialized.
*/
-void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx );
+void mbedtls_ecdsa_restart_free(mbedtls_ecdsa_restart_ctx *ctx);
#endif /* MBEDTLS_ECP_RESTARTABLE */
#ifdef __cplusplus
diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h
index 3dd3361..a63bb32 100644
--- a/include/mbedtls/ecjpake.h
+++ b/include/mbedtls/ecjpake.h
@@ -68,8 +68,7 @@
* convention from the Thread v1.0 spec. Correspondence is indicated in the
* description as a pair C: client name, S: server name
*/
-typedef struct mbedtls_ecjpake_context
-{
+typedef struct mbedtls_ecjpake_context {
mbedtls_md_type_t MBEDTLS_PRIVATE(md_type); /**< Hash to use */
mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /**< Elliptic curve */
mbedtls_ecjpake_role MBEDTLS_PRIVATE(role); /**< Are we client or server? */
@@ -97,7 +96,7 @@
* \param ctx The ECJPAKE context to initialize.
* This must not be \c NULL.
*/
-void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx );
+void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx);
/**
* \brief Set up an ECJPAKE context for use.
@@ -120,12 +119,12 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
- mbedtls_ecjpake_role role,
- mbedtls_md_type_t hash,
- mbedtls_ecp_group_id curve,
- const unsigned char *secret,
- size_t len );
+int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx,
+ mbedtls_ecjpake_role role,
+ mbedtls_md_type_t hash,
+ mbedtls_ecp_group_id curve,
+ const unsigned char *secret,
+ size_t len);
/**
* \brief Set the point format for future reads and writes.
@@ -139,8 +138,8 @@
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p point_format
* is invalid.
*/
-int mbedtls_ecjpake_set_point_format( mbedtls_ecjpake_context *ctx,
- int point_format );
+int mbedtls_ecjpake_set_point_format(mbedtls_ecjpake_context *ctx,
+ int point_format);
/**
* \brief Check if an ECJPAKE context is ready for use.
@@ -151,7 +150,7 @@
* \return \c 0 if the context is ready for use.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise.
*/
-int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx );
+int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx);
/**
* \brief Generate and write the first round message
@@ -172,10 +171,10 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx,
- unsigned char *buf, size_t len, size_t *olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx,
+ unsigned char *buf, size_t len, size_t *olen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief Read and process the first round message
@@ -191,9 +190,9 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx,
- const unsigned char *buf,
- size_t len );
+int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx,
+ const unsigned char *buf,
+ size_t len);
/**
* \brief Generate and write the second round message
@@ -213,10 +212,10 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
- unsigned char *buf, size_t len, size_t *olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx,
+ unsigned char *buf, size_t len, size_t *olen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief Read and process the second round message
@@ -231,9 +230,9 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
- const unsigned char *buf,
- size_t len );
+int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx,
+ const unsigned char *buf,
+ size_t len);
/**
* \brief Derive the shared secret
@@ -253,10 +252,10 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
- unsigned char *buf, size_t len, size_t *olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx,
+ unsigned char *buf, size_t len, size_t *olen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief Write the shared key material to be passed to a Key
@@ -276,10 +275,10 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_ecjpake_write_shared_key( mbedtls_ecjpake_context *ctx,
- unsigned char *buf, size_t len, size_t *olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecjpake_write_shared_key(mbedtls_ecjpake_context *ctx,
+ unsigned char *buf, size_t len, size_t *olen,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This clears an ECJPAKE context and frees any
@@ -289,7 +288,7 @@
* in which case this function does nothing. If it is not
* \c NULL, it must point to an initialized ECJPAKE context.
*/
-void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx );
+void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx);
#if defined(MBEDTLS_SELF_TEST)
@@ -298,7 +297,7 @@
*
* \return 0 if successful, or 1 if a test failed
*/
-int mbedtls_ecjpake_self_test( int verbose );
+int mbedtls_ecjpake_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h
index 0c1790d..18b37a9 100644
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@@ -110,8 +110,7 @@
* - Add the curve to applicable profiles in x509_crt.c.
* - Add the curve to applicable presets in ssl_tls.c.
*/
-typedef enum
-{
+typedef enum {
MBEDTLS_ECP_DP_NONE = 0, /*!< Curve not defined. */
MBEDTLS_ECP_DP_SECP192R1, /*!< Domain parameters for the 192-bit curve defined by FIPS 186-4 and SEC1. */
MBEDTLS_ECP_DP_SECP224R1, /*!< Domain parameters for the 224-bit curve defined by FIPS 186-4 and SEC1. */
@@ -136,8 +135,7 @@
/*
* Curve types
*/
-typedef enum
-{
+typedef enum {
MBEDTLS_ECP_TYPE_NONE = 0,
MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS, /* y^2 = x^3 + a x + b */
MBEDTLS_ECP_TYPE_MONTGOMERY, /* y^2 = x^3 + a x^2 + x */
@@ -150,8 +148,7 @@
* accessed directly by applications. Future versions of the library may
* add extra fields or reorder existing fields.
*/
-typedef struct mbedtls_ecp_curve_info
-{
+typedef struct mbedtls_ecp_curve_info {
mbedtls_ecp_group_id grp_id; /*!< An internal identifier. */
uint16_t tls_id; /*!< The TLS NamedCurve identifier. */
uint16_t bit_size; /*!< The curve size in bits. */
@@ -169,8 +166,7 @@
* Otherwise, \p X and \p Y are its standard (affine)
* coordinates.
*/
-typedef struct mbedtls_ecp_point
-{
+typedef struct mbedtls_ecp_point {
mbedtls_mpi MBEDTLS_PRIVATE(X); /*!< The X coordinate of the ECP point. */
mbedtls_mpi MBEDTLS_PRIVATE(Y); /*!< The Y coordinate of the ECP point. */
mbedtls_mpi MBEDTLS_PRIVATE(Z); /*!< The Z coordinate of the ECP point. */
@@ -224,8 +220,7 @@
* of these fields does not need to be supported.
* They do not need to be at the same offset in the structure.
*/
-typedef struct mbedtls_ecp_group
-{
+typedef struct mbedtls_ecp_group {
mbedtls_ecp_group_id id; /*!< An internal group identifier. */
mbedtls_mpi P; /*!< The prime modulus of the base field. */
mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For
@@ -241,10 +236,10 @@
/* End of public fields */
unsigned int MBEDTLS_PRIVATE(h); /*!< \internal 1 if the constants are static. */
- int (*MBEDTLS_PRIVATE(modp))(mbedtls_mpi *); /*!< The function for fast pseudo-reduction
- mod \p P (see above).*/
- int (*MBEDTLS_PRIVATE(t_pre))(mbedtls_ecp_point *, void *); /*!< Unused. */
- int (*MBEDTLS_PRIVATE(t_post))(mbedtls_ecp_point *, void *); /*!< Unused. */
+ int(*MBEDTLS_PRIVATE(modp))(mbedtls_mpi *); /*!< The function for fast pseudo-reduction
+ mod \p P (see above).*/
+ int(*MBEDTLS_PRIVATE(t_pre))(mbedtls_ecp_point *, void *); /*!< Unused. */
+ int(*MBEDTLS_PRIVATE(t_post))(mbedtls_ecp_point *, void *); /*!< Unused. */
void *MBEDTLS_PRIVATE(t_data); /*!< Unused. */
mbedtls_ecp_point *MBEDTLS_PRIVATE(T); /*!< Pre-computed points for ecp_mul_comb(). */
size_t MBEDTLS_PRIVATE(T_size); /*!< The number of dynamic allocated pre-computed points. */
@@ -343,8 +338,8 @@
#error "Missing definition of MBEDTLS_ECP_MAX_BITS"
#endif
-#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
-#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 )
+#define MBEDTLS_ECP_MAX_BYTES ((MBEDTLS_ECP_MAX_BITS + 7) / 8)
+#define MBEDTLS_ECP_MAX_PT_LEN (2 * MBEDTLS_ECP_MAX_BYTES + 1)
#if defined(MBEDTLS_ECP_RESTARTABLE)
@@ -365,8 +360,7 @@
/**
* \brief General context for resuming ECC operations
*/
-typedef struct
-{
+typedef struct {
unsigned MBEDTLS_PRIVATE(ops_done); /*!< current ops count */
unsigned MBEDTLS_PRIVATE(depth); /*!< call depth (0 = top-level) */
mbedtls_ecp_restart_mul_ctx *MBEDTLS_PRIVATE(rsm); /*!< ecp_mul_comb() sub-context */
@@ -392,18 +386,18 @@
* \return \c 0 if doing \p ops basic ops is still allowed,
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS otherwise.
*/
-int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp,
- mbedtls_ecp_restart_ctx *rs_ctx,
- unsigned ops );
+int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp,
+ mbedtls_ecp_restart_ctx *rs_ctx,
+ unsigned ops);
/* Utility macro for checking and updating ops budget */
-#define MBEDTLS_ECP_BUDGET( ops ) \
- MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, rs_ctx, \
- (unsigned) (ops) ) );
+#define MBEDTLS_ECP_BUDGET(ops) \
+ MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, rs_ctx, \
+ (unsigned) (ops)));
#else /* MBEDTLS_ECP_RESTARTABLE */
-#define MBEDTLS_ECP_BUDGET( ops ) /* no-op; for compatibility */
+#define MBEDTLS_ECP_BUDGET(ops) /* no-op; for compatibility */
/* We want to declare restartable versions of existing functions anyway */
typedef void mbedtls_ecp_restart_ctx;
@@ -418,8 +412,7 @@
* \note Members are deliberately in the same order as in the
* ::mbedtls_ecdsa_context structure.
*/
-typedef struct mbedtls_ecp_keypair
-{
+typedef struct mbedtls_ecp_keypair {
mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< Elliptic curve and base point */
mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< our secret value */
mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< our public value */
@@ -495,7 +488,7 @@
*
* \note This setting is currently ignored by Curve25519.
*/
-void mbedtls_ecp_set_max_ops( unsigned max_ops );
+void mbedtls_ecp_set_max_ops(unsigned max_ops);
/**
* \brief Check if restart is enabled (max_ops != 0)
@@ -503,13 +496,13 @@
* \return \c 0 if \c max_ops == 0 (restart disabled)
* \return \c 1 otherwise (restart enabled)
*/
-int mbedtls_ecp_restart_is_enabled( void );
+int mbedtls_ecp_restart_is_enabled(void);
#endif /* MBEDTLS_ECP_RESTARTABLE */
/*
* Get the type of a curve
*/
-mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp );
+mbedtls_ecp_curve_type mbedtls_ecp_get_type(const mbedtls_ecp_group *grp);
/**
* \brief This function retrieves the information defined in
@@ -523,7 +516,7 @@
*
* \return A statically allocated array. The last entry is 0.
*/
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list(void);
/**
* \brief This function retrieves the list of internal group
@@ -539,7 +532,7 @@
* \return A statically allocated array,
* terminated with MBEDTLS_ECP_DP_NONE.
*/
-const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void );
+const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list(void);
/**
* \brief This function retrieves curve information from an internal
@@ -550,7 +543,7 @@
* \return The associated curve information on success.
* \return NULL on failure.
*/
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id );
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id);
/**
* \brief This function retrieves curve information from a TLS
@@ -561,7 +554,7 @@
* \return The associated curve information on success.
* \return NULL on failure.
*/
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id );
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id);
/**
* \brief This function retrieves curve information from a
@@ -572,14 +565,14 @@
* \return The associated curve information on success.
* \return NULL on failure.
*/
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name );
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name(const char *name);
/**
* \brief This function initializes a point as zero.
*
* \param pt The point to initialize.
*/
-void mbedtls_ecp_point_init( mbedtls_ecp_point *pt );
+void mbedtls_ecp_point_init(mbedtls_ecp_point *pt);
/**
* \brief This function initializes an ECP group context
@@ -590,21 +583,21 @@
* mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group()
* functions.
*/
-void mbedtls_ecp_group_init( mbedtls_ecp_group *grp );
+void mbedtls_ecp_group_init(mbedtls_ecp_group *grp);
/**
* \brief This function initializes a key pair as an invalid one.
*
* \param key The key pair to initialize.
*/
-void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key );
+void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key);
/**
* \brief This function frees the components of a point.
*
* \param pt The point to free.
*/
-void mbedtls_ecp_point_free( mbedtls_ecp_point *pt );
+void mbedtls_ecp_point_free(mbedtls_ecp_point *pt);
/**
* \brief This function frees the components of an ECP group.
@@ -613,7 +606,7 @@
* case this function returns immediately. If it is not
* \c NULL, it must point to an initialized ECP group.
*/
-void mbedtls_ecp_group_free( mbedtls_ecp_group *grp );
+void mbedtls_ecp_group_free(mbedtls_ecp_group *grp);
/**
* \brief This function frees the components of a key pair.
@@ -622,7 +615,7 @@
* case this function returns immediately. If it is not
* \c NULL, it must point to an initialized ECP key pair.
*/
-void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key );
+void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key);
#if defined(MBEDTLS_ECP_RESTARTABLE)
/**
@@ -631,7 +624,7 @@
* \param ctx The restart context to initialize. This must
* not be \c NULL.
*/
-void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx );
+void mbedtls_ecp_restart_init(mbedtls_ecp_restart_ctx *ctx);
/**
* \brief Free the components of a restart context.
@@ -640,7 +633,7 @@
* case this function returns immediately. If it is not
* \c NULL, it must point to an initialized restart context.
*/
-void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx );
+void mbedtls_ecp_restart_free(mbedtls_ecp_restart_ctx *ctx);
#endif /* MBEDTLS_ECP_RESTARTABLE */
/**
@@ -654,7 +647,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code for other kinds of failure.
*/
-int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q );
+int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q);
/**
* \brief This function copies the contents of group \p src into
@@ -667,8 +660,8 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst,
- const mbedtls_ecp_group *src );
+int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst,
+ const mbedtls_ecp_group *src);
/**
* \brief This function sets a point to the point at infinity.
@@ -679,7 +672,7 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt );
+int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt);
/**
* \brief This function checks if a point is the point at infinity.
@@ -690,7 +683,7 @@
* \return \c 0 if the point is non-zero.
* \return A negative error code on failure.
*/
-int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt );
+int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt);
/**
* \brief This function compares two points.
@@ -704,8 +697,8 @@
* \return \c 0 if the points are equal.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the points are not equal.
*/
-int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P,
- const mbedtls_ecp_point *Q );
+int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P,
+ const mbedtls_ecp_point *Q);
/**
* \brief This function imports a non-zero point from two ASCII
@@ -719,8 +712,8 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_MPI_XXX error code on failure.
*/
-int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix,
- const char *x, const char *y );
+int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix,
+ const char *x, const char *y);
/**
* \brief This function exports a point into unsigned binary data.
@@ -747,10 +740,10 @@
* or the export for the given group is not implemented.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp,
- const mbedtls_ecp_point *P,
- int format, size_t *olen,
- unsigned char *buf, size_t buflen );
+int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp,
+ const mbedtls_ecp_point *P,
+ int format, size_t *olen,
+ unsigned char *buf, size_t buflen);
/**
* \brief This function imports a point from unsigned binary data.
@@ -774,9 +767,9 @@
* \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the import for the
* given group is not implemented.
*/
-int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp,
- mbedtls_ecp_point *P,
- const unsigned char *buf, size_t ilen );
+int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp,
+ mbedtls_ecp_point *P,
+ const unsigned char *buf, size_t ilen);
/**
* \brief This function imports a point from a TLS ECPoint record.
@@ -796,9 +789,9 @@
* failure.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid.
*/
-int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp,
- mbedtls_ecp_point *pt,
- const unsigned char **buf, size_t len );
+int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp,
+ mbedtls_ecp_point *pt,
+ const unsigned char **buf, size_t len);
/**
* \brief This function exports a point as a TLS ECPoint record
@@ -822,10 +815,10 @@
* is too small to hold the exported point.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp,
- const mbedtls_ecp_point *pt,
- int format, size_t *olen,
- unsigned char *buf, size_t blen );
+int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp,
+ const mbedtls_ecp_point *pt,
+ int format, size_t *olen,
+ unsigned char *buf, size_t blen);
/**
* \brief This function sets up an ECP group context
@@ -844,7 +837,7 @@
* correspond to a known group.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id );
+int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id);
/**
* \brief This function sets up an ECP group context from a TLS
@@ -863,8 +856,8 @@
* recognized.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp,
- const unsigned char **buf, size_t len );
+int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp,
+ const unsigned char **buf, size_t len);
/**
* \brief This function extracts an elliptic curve group ID from a
@@ -884,9 +877,9 @@
* recognized.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp,
- const unsigned char **buf,
- size_t len );
+int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp,
+ const unsigned char **buf,
+ size_t len);
/**
* \brief This function exports an elliptic curve as a TLS
* ECParameters record as defined in RFC 4492, Section 5.4.
@@ -905,9 +898,9 @@
* buffer is too small to hold the exported group.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp,
- size_t *olen,
- unsigned char *buf, size_t blen );
+int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp,
+ size_t *olen,
+ unsigned char *buf, size_t blen);
/**
* \brief This function performs a scalar multiplication of a point
@@ -938,9 +931,9 @@
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
- const mbedtls_mpi *m, const mbedtls_ecp_point *P,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+ const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/**
* \brief This function performs multiplication of a point by
@@ -972,10 +965,10 @@
* operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
- const mbedtls_mpi *m, const mbedtls_ecp_point *P,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
- mbedtls_ecp_restart_ctx *rs_ctx );
+int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+ const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ mbedtls_ecp_restart_ctx *rs_ctx);
#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
/**
@@ -1013,9 +1006,9 @@
* designate a short Weierstrass curve.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
- const mbedtls_mpi *m, const mbedtls_ecp_point *P,
- const mbedtls_mpi *n, const mbedtls_ecp_point *Q );
+int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+ const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+ const mbedtls_mpi *n, const mbedtls_ecp_point *Q);
/**
* \brief This function performs multiplication and addition of two
@@ -1058,10 +1051,10 @@
* \return Another negative error code on other kinds of failure.
*/
int mbedtls_ecp_muladd_restartable(
- mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
- const mbedtls_mpi *m, const mbedtls_ecp_point *P,
- const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
- mbedtls_ecp_restart_ctx *rs_ctx );
+ mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+ const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+ const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
+ mbedtls_ecp_restart_ctx *rs_ctx);
#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
/**
@@ -1091,8 +1084,8 @@
* a valid public key for the given curve.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp,
- const mbedtls_ecp_point *pt );
+int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp,
+ const mbedtls_ecp_point *pt);
/**
* \brief This function checks that an \p mbedtls_mpi is a
@@ -1113,8 +1106,8 @@
* private key for the given curve.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp,
- const mbedtls_mpi *d );
+int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp,
+ const mbedtls_mpi *d);
/**
* \brief This function generates a private key.
@@ -1131,10 +1124,10 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure.
*/
-int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
- mbedtls_mpi *d,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp,
+ mbedtls_mpi *d,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This function generates a keypair with a configurable base
@@ -1163,11 +1156,11 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure.
*/
-int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
- const mbedtls_ecp_point *G,
- mbedtls_mpi *d, mbedtls_ecp_point *Q,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp,
+ const mbedtls_ecp_point *G,
+ mbedtls_mpi *d, mbedtls_ecp_point *Q,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This function generates an ECP keypair.
@@ -1192,10 +1185,10 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure.
*/
-int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d,
- mbedtls_ecp_point *Q,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, mbedtls_mpi *d,
+ mbedtls_ecp_point *Q,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This function generates an ECP key.
@@ -1210,9 +1203,9 @@
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure.
*/
-int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief This function reads an elliptic curve private key.
@@ -1232,8 +1225,8 @@
* the group is not implemented.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
- const unsigned char *buf, size_t buflen );
+int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
+ const unsigned char *buf, size_t buflen);
/**
* \brief This function exports an elliptic curve private key.
@@ -1251,8 +1244,8 @@
* the group is not implemented.
* \return Another negative error code on different kinds of failure.
*/
-int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key,
- unsigned char *buf, size_t buflen );
+int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key,
+ unsigned char *buf, size_t buflen);
/**
* \brief This function checks that the keypair objects
@@ -1275,8 +1268,8 @@
* error code on calculation failure.
*/
int mbedtls_ecp_check_pub_priv(
- const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+ const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/**
* \brief This function exports generic key-pair parameters.
@@ -1306,7 +1299,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_ecp_self_test( int verbose );
+int mbedtls_ecp_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index 14e8b31..2c8b750 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h
@@ -99,15 +99,14 @@
* MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise
*/
typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, size_t len,
- size_t *olen);
+ size_t *olen);
/**
* \brief Entropy source state
*/
-typedef struct mbedtls_entropy_source_state
-{
+typedef struct mbedtls_entropy_source_state {
mbedtls_entropy_f_source_ptr MBEDTLS_PRIVATE(f_source); /**< The entropy source callback */
- void * MBEDTLS_PRIVATE(p_source); /**< The callback data pointer */
+ void *MBEDTLS_PRIVATE(p_source); /**< The callback data pointer */
size_t MBEDTLS_PRIVATE(size); /**< Amount received in bytes */
size_t MBEDTLS_PRIVATE(threshold); /**< Minimum bytes required before release */
int MBEDTLS_PRIVATE(strong); /**< Is the source strong? */
@@ -117,11 +116,10 @@
/**
* \brief Entropy context structure
*/
-typedef struct mbedtls_entropy_context
-{
+typedef struct mbedtls_entropy_context {
int MBEDTLS_PRIVATE(accumulator_started); /* 0 after init.
- * 1 after the first update.
- * -1 after free. */
+ * 1 after the first update.
+ * -1 after free. */
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_context MBEDTLS_PRIVATE(accumulator);
#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR)
@@ -142,8 +140,8 @@
/**
* \brief Platform-specific entropy poll callback
*/
-int mbedtls_platform_entropy_poll( void *data,
- unsigned char *output, size_t len, size_t *olen );
+int mbedtls_platform_entropy_poll(void *data,
+ unsigned char *output, size_t len, size_t *olen);
#endif
/**
@@ -151,14 +149,14 @@
*
* \param ctx Entropy context to initialize
*/
-void mbedtls_entropy_init( mbedtls_entropy_context *ctx );
+void mbedtls_entropy_init(mbedtls_entropy_context *ctx);
/**
* \brief Free the data in the context
*
* \param ctx Entropy context to free
*/
-void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
+void mbedtls_entropy_free(mbedtls_entropy_context *ctx);
/**
* \brief Adds an entropy source to poll
@@ -177,9 +175,9 @@
*
* \return 0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES
*/
-int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
- mbedtls_entropy_f_source_ptr f_source, void *p_source,
- size_t threshold, int strong );
+int mbedtls_entropy_add_source(mbedtls_entropy_context *ctx,
+ mbedtls_entropy_f_source_ptr f_source, void *p_source,
+ size_t threshold, int strong);
/**
* \brief Trigger an extra gather poll for the accumulator
@@ -189,7 +187,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/
-int mbedtls_entropy_gather( mbedtls_entropy_context *ctx );
+int mbedtls_entropy_gather(mbedtls_entropy_context *ctx);
/**
* \brief Retrieve entropy from the accumulator
@@ -202,7 +200,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/
-int mbedtls_entropy_func( void *data, unsigned char *output, size_t len );
+int mbedtls_entropy_func(void *data, unsigned char *output, size_t len);
/**
* \brief Add data to the accumulator manually
@@ -214,8 +212,8 @@
*
* \return 0 if successful
*/
-int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
- const unsigned char *data, size_t len );
+int mbedtls_entropy_update_manual(mbedtls_entropy_context *ctx,
+ const unsigned char *data, size_t len);
#if defined(MBEDTLS_ENTROPY_NV_SEED)
/**
@@ -226,7 +224,7 @@
*
* \return 0 if successful
*/
-int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx );
+int mbedtls_entropy_update_nv_seed(mbedtls_entropy_context *ctx);
#endif /* MBEDTLS_ENTROPY_NV_SEED */
#if defined(MBEDTLS_FS_IO)
@@ -240,7 +238,7 @@
* MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or
* MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/
-int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path );
+int mbedtls_entropy_write_seed_file(mbedtls_entropy_context *ctx, const char *path);
/**
* \brief Read and update a seed file. Seed is added to this
@@ -254,7 +252,7 @@
* MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error,
* MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/
-int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path );
+int mbedtls_entropy_update_seed_file(mbedtls_entropy_context *ctx, const char *path);
#endif /* MBEDTLS_FS_IO */
#if defined(MBEDTLS_SELF_TEST)
@@ -266,7 +264,7 @@
*
* \return 0 if successful, or 1 if a test failed
*/
-int mbedtls_entropy_self_test( int verbose );
+int mbedtls_entropy_self_test(int verbose);
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
/**
@@ -282,7 +280,7 @@
*
* \return 0 if successful, or 1 if a test failed
*/
-int mbedtls_entropy_source_self_test( int verbose );
+int mbedtls_entropy_source_self_test(int verbose);
#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 4a97d65..23a83f2 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -121,15 +121,15 @@
* Wrapper macro for mbedtls_error_add(). See that function for
* more details.
*/
-#define MBEDTLS_ERROR_ADD( high, low ) \
- mbedtls_error_add( high, low, __FILE__, __LINE__ )
+#define MBEDTLS_ERROR_ADD(high, low) \
+ mbedtls_error_add(high, low, __FILE__, __LINE__)
#if defined(MBEDTLS_TEST_HOOKS)
/**
* \brief Testing hook called before adding/combining two error codes together.
* Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS.
*/
-extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int );
+extern void (*mbedtls_test_hook_error_add)(int, int, const char *, int);
#endif
/**
@@ -150,17 +150,18 @@
* \param file file where this error code addition occurred.
* \param line line where this error code addition occurred.
*/
-static inline int mbedtls_error_add( int high, int low,
- const char *file, int line )
+static inline int mbedtls_error_add(int high, int low,
+ const char *file, int line)
{
#if defined(MBEDTLS_TEST_HOOKS)
- if( *mbedtls_test_hook_error_add != NULL )
- ( *mbedtls_test_hook_error_add )( high, low, file, line );
+ if (*mbedtls_test_hook_error_add != NULL) {
+ (*mbedtls_test_hook_error_add)(high, low, file, line);
+ }
#endif
- (void)file;
- (void)line;
+ (void) file;
+ (void) line;
- return( high + low );
+ return high + low;
}
/**
@@ -172,7 +173,7 @@
* \param buffer buffer to place representation in
* \param buflen length of the buffer
*/
-void mbedtls_strerror( int errnum, char *buffer, size_t buflen );
+void mbedtls_strerror(int errnum, char *buffer, size_t buflen);
/**
* \brief Translate the high-level part of an Mbed TLS error code into a string
@@ -187,7 +188,7 @@
* \return The string representation of the error code, or \c NULL if the error
* code is unknown.
*/
-const char * mbedtls_high_level_strerr( int error_code );
+const char *mbedtls_high_level_strerr(int error_code);
/**
* \brief Translate the low-level part of an Mbed TLS error code into a string
@@ -202,7 +203,7 @@
* \return The string representation of the error code, or \c NULL if the error
* code is unknown.
*/
-const char * mbedtls_low_level_strerr( int error_code );
+const char *mbedtls_low_level_strerr(int error_code);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index 7dc9dfb..c3343e6 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@@ -57,8 +57,7 @@
/**
* \brief The GCM context structure.
*/
-typedef struct mbedtls_gcm_context
-{
+typedef struct mbedtls_gcm_context {
mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */
uint64_t MBEDTLS_PRIVATE(HL)[16]; /*!< Precalculated HTable low. */
uint64_t MBEDTLS_PRIVATE(HH)[16]; /*!< Precalculated HTable high. */
@@ -68,8 +67,8 @@
unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working value. */
unsigned char MBEDTLS_PRIVATE(buf)[16]; /*!< The buf working value. */
int MBEDTLS_PRIVATE(mode); /*!< The operation to perform:
- #MBEDTLS_GCM_ENCRYPT or
- #MBEDTLS_GCM_DECRYPT. */
+ #MBEDTLS_GCM_ENCRYPT or
+ #MBEDTLS_GCM_DECRYPT. */
}
mbedtls_gcm_context;
@@ -88,7 +87,7 @@
*
* \param ctx The GCM context to initialize. This must not be \c NULL.
*/
-void mbedtls_gcm_init( mbedtls_gcm_context *ctx );
+void mbedtls_gcm_init(mbedtls_gcm_context *ctx);
/**
* \brief This function associates a GCM context with a
@@ -106,10 +105,10 @@
* \return \c 0 on success.
* \return A cipher-specific error code on failure.
*/
-int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
- mbedtls_cipher_id_t cipher,
- const unsigned char *key,
- unsigned int keybits );
+int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx,
+ mbedtls_cipher_id_t cipher,
+ const unsigned char *key,
+ unsigned int keybits);
/**
* \brief This function performs GCM encryption or decryption of a buffer.
@@ -162,17 +161,17 @@
* not valid or a cipher-specific error code if the encryption
* or decryption failed.
*/
-int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
- int mode,
- size_t length,
- const unsigned char *iv,
- size_t iv_len,
- const unsigned char *add,
- size_t add_len,
- const unsigned char *input,
- unsigned char *output,
- size_t tag_len,
- unsigned char *tag );
+int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx,
+ int mode,
+ size_t length,
+ const unsigned char *iv,
+ size_t iv_len,
+ const unsigned char *add,
+ size_t add_len,
+ const unsigned char *input,
+ unsigned char *output,
+ size_t tag_len,
+ unsigned char *tag);
/**
* \brief This function performs a GCM authenticated decryption of a
@@ -207,16 +206,16 @@
* not valid or a cipher-specific error code if the decryption
* failed.
*/
-int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
- size_t length,
- const unsigned char *iv,
- size_t iv_len,
- const unsigned char *add,
- size_t add_len,
- const unsigned char *tag,
- size_t tag_len,
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx,
+ size_t length,
+ const unsigned char *iv,
+ size_t iv_len,
+ const unsigned char *add,
+ size_t add_len,
+ const unsigned char *tag,
+ size_t tag_len,
+ const unsigned char *input,
+ unsigned char *output);
/**
* \brief This function starts a GCM encryption or decryption
@@ -231,10 +230,10 @@
*
* \return \c 0 on success.
*/
-int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
- int mode,
- const unsigned char *iv,
- size_t iv_len );
+int mbedtls_gcm_starts(mbedtls_gcm_context *ctx,
+ int mode,
+ const unsigned char *iv,
+ size_t iv_len);
/**
* \brief This function feeds an input buffer as associated data
@@ -256,9 +255,9 @@
*
* \return \c 0 on success.
*/
-int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
- const unsigned char *add,
- size_t add_len );
+int mbedtls_gcm_update_ad(mbedtls_gcm_context *ctx,
+ const unsigned char *add,
+ size_t add_len);
/**
* \brief This function feeds an input buffer into an ongoing GCM
@@ -311,10 +310,10 @@
* unsupported input/output buffer overlap detected,
* or \p output_size too small.
*/
-int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
- const unsigned char *input, size_t input_length,
- unsigned char *output, size_t output_size,
- size_t *output_length );
+int mbedtls_gcm_update(mbedtls_gcm_context *ctx,
+ const unsigned char *input, size_t input_length,
+ unsigned char *output, size_t output_size,
+ size_t *output_length);
/**
* \brief This function finishes the GCM operation and generates
@@ -349,10 +348,10 @@
* invalid value of \p tag_len,
* or \p output_size too small.
*/
-int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
- unsigned char *output, size_t output_size,
- size_t *output_length,
- unsigned char *tag, size_t tag_len );
+int mbedtls_gcm_finish(mbedtls_gcm_context *ctx,
+ unsigned char *output, size_t output_size,
+ size_t *output_length,
+ unsigned char *tag, size_t tag_len);
/**
* \brief This function clears a GCM context and the underlying
@@ -361,7 +360,7 @@
* \param ctx The GCM context to clear. If this is \c NULL, the call has
* no effect. Otherwise, this must be initialized.
*/
-void mbedtls_gcm_free( mbedtls_gcm_context *ctx );
+void mbedtls_gcm_free(mbedtls_gcm_context *ctx);
#if defined(MBEDTLS_SELF_TEST)
@@ -371,7 +370,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_gcm_self_test( int verbose );
+int mbedtls_gcm_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h
index 2e225cb..699c6d9 100644
--- a/include/mbedtls/hkdf.h
+++ b/include/mbedtls/hkdf.h
@@ -65,10 +65,10 @@
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
-int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
- size_t salt_len, const unsigned char *ikm, size_t ikm_len,
- const unsigned char *info, size_t info_len,
- unsigned char *okm, size_t okm_len );
+int mbedtls_hkdf(const mbedtls_md_info_t *md, const unsigned char *salt,
+ size_t salt_len, const unsigned char *ikm, size_t ikm_len,
+ const unsigned char *info, size_t info_len,
+ unsigned char *okm, size_t okm_len);
/**
* \brief Take the input keying material \p ikm and extract from it a
@@ -94,10 +94,10 @@
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
-int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
- const unsigned char *salt, size_t salt_len,
- const unsigned char *ikm, size_t ikm_len,
- unsigned char *prk );
+int mbedtls_hkdf_extract(const mbedtls_md_info_t *md,
+ const unsigned char *salt, size_t salt_len,
+ const unsigned char *ikm, size_t ikm_len,
+ unsigned char *prk);
/**
* \brief Expand the supplied \p prk into several additional pseudorandom
@@ -125,9 +125,9 @@
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
-int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
- size_t prk_len, const unsigned char *info,
- size_t info_len, unsigned char *okm, size_t okm_len );
+int mbedtls_hkdf_expand(const mbedtls_md_info_t *md, const unsigned char *prk,
+ size_t prk_len, const unsigned char *info,
+ size_t info_len, unsigned char *okm, size_t okm_len);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
index f2cf2c0..4ca6b08 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/include/mbedtls/hmac_drbg.h
@@ -83,8 +83,7 @@
/**
* HMAC_DRBG context.
*/
-typedef struct mbedtls_hmac_drbg_context
-{
+typedef struct mbedtls_hmac_drbg_context {
/* Working state: the key K is not stored explicitly,
* but is implied by the HMAC context */
mbedtls_md_context_t MBEDTLS_PRIVATE(md_ctx); /*!< HMAC context (inc. K) */
@@ -94,11 +93,11 @@
/* Administrative state */
size_t MBEDTLS_PRIVATE(entropy_len); /*!< entropy bytes grabbed on each (re)seed */
int MBEDTLS_PRIVATE(prediction_resistance); /*!< enable prediction resistance (Automatic
- reseed before every random generation) */
+ reseed before every random generation) */
int MBEDTLS_PRIVATE(reseed_interval); /*!< reseed interval */
/* Callbacks */
- int (*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t); /*!< entropy function */
+ int(*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t); /*!< entropy function */
void *MBEDTLS_PRIVATE(p_entropy); /*!< context for the entropy function */
#if defined(MBEDTLS_THREADING_C)
@@ -126,7 +125,7 @@
*
* \param ctx HMAC_DRBG context to be initialized.
*/
-void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx );
+void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx);
/**
* \brief HMAC_DRBG initial seeding.
@@ -196,12 +195,12 @@
* \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
* if the call to \p f_entropy failed.
*/
-int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
- const mbedtls_md_info_t * md_info,
- int (*f_entropy)(void *, unsigned char *, size_t),
- void *p_entropy,
- const unsigned char *custom,
- size_t len );
+int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx,
+ const mbedtls_md_info_t *md_info,
+ int (*f_entropy)(void *, unsigned char *, size_t),
+ void *p_entropy,
+ const unsigned char *custom,
+ size_t len);
/**
* \brief Initialisation of simplified HMAC_DRBG (never reseeds).
@@ -231,9 +230,9 @@
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough
* memory to allocate context data.
*/
-int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
- const mbedtls_md_info_t * md_info,
- const unsigned char *data, size_t data_len );
+int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx,
+ const mbedtls_md_info_t *md_info,
+ const unsigned char *data, size_t data_len);
/**
* \brief This function turns prediction resistance on or off.
@@ -248,8 +247,8 @@
* \param ctx The HMAC_DRBG context.
* \param resistance #MBEDTLS_HMAC_DRBG_PR_ON or #MBEDTLS_HMAC_DRBG_PR_OFF.
*/
-void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx,
- int resistance );
+void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx,
+ int resistance);
/**
* \brief This function sets the amount of entropy grabbed on each
@@ -260,8 +259,8 @@
* \param ctx The HMAC_DRBG context.
* \param len The amount of entropy to grab, in bytes.
*/
-void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx,
- size_t len );
+void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx,
+ size_t len);
/**
* \brief Set the reseed interval.
@@ -275,8 +274,8 @@
* \param ctx The HMAC_DRBG context.
* \param interval The reseed interval.
*/
-void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx,
- int interval );
+void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx,
+ int interval);
/**
* \brief This function updates the state of the HMAC_DRBG context.
@@ -295,8 +294,8 @@
* \return \c 0 on success, or an error from the underlying
* hash calculation.
*/
-int mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
- const unsigned char *additional, size_t add_len );
+int mbedtls_hmac_drbg_update(mbedtls_hmac_drbg_context *ctx,
+ const unsigned char *additional, size_t add_len);
/**
* \brief This function reseeds the HMAC_DRBG context, that is
@@ -322,8 +321,8 @@
* \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
* if a call to the entropy function failed.
*/
-int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
- const unsigned char *additional, size_t len );
+int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx,
+ const unsigned char *additional, size_t len);
/**
* \brief This function updates an HMAC_DRBG instance with additional
@@ -356,10 +355,10 @@
* \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if
* \p add_len > #MBEDTLS_HMAC_DRBG_MAX_INPUT.
*/
-int mbedtls_hmac_drbg_random_with_add( void *p_rng,
- unsigned char *output, size_t output_len,
- const unsigned char *additional,
- size_t add_len );
+int mbedtls_hmac_drbg_random_with_add(void *p_rng,
+ unsigned char *output, size_t output_len,
+ const unsigned char *additional,
+ size_t add_len);
/**
* \brief This function uses HMAC_DRBG to generate random data.
@@ -388,7 +387,7 @@
* \return #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if
* \p out_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
*/
-int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len );
+int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len);
/**
* \brief This function resets HMAC_DRBG context to the state immediately
@@ -396,7 +395,7 @@
*
* \param ctx The HMAC_DRBG context to free.
*/
-void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx );
+void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx);
#if defined(MBEDTLS_FS_IO)
/**
@@ -410,7 +409,7 @@
* \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on reseed
* failure.
*/
-int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path );
+int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path);
/**
* \brief This function reads and updates a seed file. The seed
@@ -426,7 +425,7 @@
* \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if the existing
* seed file is too large.
*/
-int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path );
+int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path);
#endif /* MBEDTLS_FS_IO */
@@ -437,7 +436,7 @@
* \return \c 0 if successful.
* \return \c 1 if the test failed.
*/
-int mbedtls_hmac_drbg_self_test( int verbose );
+int mbedtls_hmac_drbg_self_test(int verbose);
#endif
#ifdef __cplusplus
diff --git a/include/mbedtls/legacy_or_psa.h b/include/mbedtls/legacy_or_psa.h
index 35798a5..e9bdb77 100644
--- a/include/mbedtls/legacy_or_psa.h
+++ b/include/mbedtls/legacy_or_psa.h
@@ -110,105 +110,105 @@
/* Hashes using low-level or PSA based on availability */
#if defined(MBEDTLS_MD5_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
+ (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5))
#define MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_RIPEMD160_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
+ (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160))
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA1_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
+ (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1))
#define MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA224_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
+ (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224))
#define MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA256_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
+ (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256))
#define MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA384_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
+ (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384))
#define MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA
#endif
#if defined(MBEDTLS_SHA512_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
+ (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512))
#define MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA
#endif
/* Hashes using MD or PSA based on availability */
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
+#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C)) || \
+ (!defined(MBEDTLS_MD_C) && \
+ defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5))
#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA
#endif
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
+#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C)) || \
+ (!defined(MBEDTLS_MD_C) && \
+ defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160))
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA
#endif
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
+#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C)) || \
+ (!defined(MBEDTLS_MD_C) && \
+ defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1))
#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA
#endif
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
+#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C)) || \
+ (!defined(MBEDTLS_MD_C) && \
+ defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224))
#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA
#endif
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
+#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)) || \
+ (!defined(MBEDTLS_MD_C) && \
+ defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256))
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
#endif
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
+#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C)) || \
+ (!defined(MBEDTLS_MD_C) && \
+ defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384))
#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA
#endif
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
+#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C)) || \
+ (!defined(MBEDTLS_MD_C) && \
+ defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512))
#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA
#endif
/* Hashes using MD or PSA based on MBEDTLS_USE_PSA_CRYPTO */
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_MD5) )
+#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C)) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_MD5))
#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_RIPEMD160) )
+#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C)) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_RIPEMD160))
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1) )
+#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C)) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1))
#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224) )
+#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C)) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224))
#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256) )
+#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256))
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384) )
+#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C)) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384))
#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512) )
+#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C)) || \
+ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512))
#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif
diff --git a/include/mbedtls/lms.h b/include/mbedtls/lms.h
index 1179cd1..5c8df42 100644
--- a/include/mbedtls/lms.h
+++ b/include/mbedtls/lms.h
@@ -104,10 +104,10 @@
*/
typedef struct {
unsigned char MBEDTLS_PRIVATE(I_key_identifier[MBEDTLS_LMOTS_I_KEY_ID_LEN]); /*!< The key
- identifier. */
+ identifier. */
unsigned char MBEDTLS_PRIVATE(q_leaf_identifier[MBEDTLS_LMOTS_Q_LEAF_ID_LEN]); /*!< Which
- leaf of the LMS key this is.
- 0 if the key is not part of an LMS key. */
+ leaf of the LMS key this is.
+ 0 if the key is not part of an LMS key. */
mbedtls_lmots_algorithm_type_t MBEDTLS_PRIVATE(type); /*!< The LM-OTS key type identifier as
per IANA. Only SHA256_N32_W8 is
currently supported. */
@@ -134,7 +134,7 @@
mbedtls_lmots_parameters_t MBEDTLS_PRIVATE(params);
unsigned char MBEDTLS_PRIVATE(public_key)[MBEDTLS_LMOTS_N_HASH_LEN_MAX];
unsigned char MBEDTLS_PRIVATE(have_public_key); /*!< Whether the context contains a public key.
- Boolean values only. */
+ Boolean values only. */
} mbedtls_lmots_public_t;
#if defined(MBEDTLS_LMS_PRIVATE)
@@ -157,9 +157,10 @@
*/
typedef struct {
mbedtls_lmots_parameters_t MBEDTLS_PRIVATE(params);
- unsigned char MBEDTLS_PRIVATE(private_key)[MBEDTLS_LMOTS_P_SIG_DIGIT_COUNT_MAX][MBEDTLS_LMOTS_N_HASH_LEN_MAX];
+ unsigned char MBEDTLS_PRIVATE(private_key)[MBEDTLS_LMOTS_P_SIG_DIGIT_COUNT_MAX][
+ MBEDTLS_LMOTS_N_HASH_LEN_MAX];
unsigned char MBEDTLS_PRIVATE(have_private_key); /*!< Whether the context contains a private key.
- Boolean values only. */
+ Boolean values only. */
} mbedtls_lmots_private_t;
#endif /* defined(MBEDTLS_LMS_PRIVATE) */
@@ -171,10 +172,10 @@
*/
typedef struct {
unsigned char MBEDTLS_PRIVATE(I_key_identifier[MBEDTLS_LMOTS_I_KEY_ID_LEN]); /*!< The key
- identifier. */
+ identifier. */
mbedtls_lmots_algorithm_type_t MBEDTLS_PRIVATE(otstype); /*!< The LM-OTS key type identifier as
- per IANA. Only SHA256_N32_W8 is
- currently supported. */
+ per IANA. Only SHA256_N32_W8 is
+ currently supported. */
mbedtls_lms_algorithm_type_t MBEDTLS_PRIVATE(type); /*!< The LMS key type identifier as per
IANA. Only SHA256_M32_H10 is currently
supported. */
@@ -182,7 +183,7 @@
/** LMS public context structure.
*
- *A LMS public key is the hash output that is the root of the Merkle tree, and
+ * A LMS public key is the hash output that is the root of the Merkle tree, and
* the applicable parameter set
*
* The context must be initialized before it is used. A public key must either
@@ -201,9 +202,9 @@
typedef struct {
mbedtls_lms_parameters_t MBEDTLS_PRIVATE(params);
unsigned char MBEDTLS_PRIVATE(T_1_pub_key)[MBEDTLS_LMS_M_NODE_BYTES_MAX]; /*!< The public key, in
- the form of the Merkle tree root node. */
+ the form of the Merkle tree root node. */
unsigned char MBEDTLS_PRIVATE(have_public_key); /*!< Whether the context contains a public key.
- Boolean values only. */
+ Boolean values only. */
} mbedtls_lms_public_t;
@@ -229,9 +230,9 @@
uint32_t MBEDTLS_PRIVATE(q_next_usable_key); /*!< The index of the next OTS key that has not
been used. */
mbedtls_lmots_private_t *MBEDTLS_PRIVATE(ots_private_keys); /*!< The private key material. One OTS key
- for each leaf node in the Merkle tree. NULL
- when have_private_key is 0 and non-NULL otherwise.
- is 2^MBEDTLS_LMS_H_TREE_HEIGHT(type) in length. */
+ for each leaf node in the Merkle tree. NULL
+ when have_private_key is 0 and non-NULL otherwise.
+ is 2^MBEDTLS_LMS_H_TREE_HEIGHT(type) in length. */
mbedtls_lmots_public_t *MBEDTLS_PRIVATE(ots_public_keys); /*!< The OTS key public keys, used to
build the Merkle tree. NULL
when have_private_key is 0 and
@@ -239,7 +240,7 @@
Is 2^MBEDTLS_LMS_H_TREE_HEIGHT(type)
in length. */
unsigned char MBEDTLS_PRIVATE(have_private_key); /*!< Whether the context contains a private key.
- Boolean values only. */
+ Boolean values only. */
} mbedtls_lms_private_t;
#endif /* defined(MBEDTLS_LMS_PRIVATE) */
@@ -249,7 +250,7 @@
* \param ctx The uninitialized LMS context that will then be
* initialized.
*/
-void mbedtls_lms_public_init( mbedtls_lms_public_t *ctx );
+void mbedtls_lms_public_init(mbedtls_lms_public_t *ctx);
/**
* \brief This function uninitializes an LMS public context
@@ -257,7 +258,7 @@
* \param ctx The initialized LMS context that will then be
* uninitialized.
*/
-void mbedtls_lms_public_free( mbedtls_lms_public_t *ctx );
+void mbedtls_lms_public_free(mbedtls_lms_public_t *ctx);
/**
* \brief This function imports an LMS public key into a
@@ -278,8 +279,8 @@
* \return \c 0 on success.
* \return A non-zero error code on failure.
*/
-int mbedtls_lms_import_public_key( mbedtls_lms_public_t *ctx,
- const unsigned char *key, size_t key_size );
+int mbedtls_lms_import_public_key(mbedtls_lms_public_t *ctx,
+ const unsigned char *key, size_t key_size);
/**
* \brief This function exports an LMS public key from a
@@ -304,9 +305,9 @@
* \return \c 0 on success.
* \return A non-zero error code on failure.
*/
-int mbedtls_lms_export_public_key( const mbedtls_lms_public_t *ctx,
- unsigned char *key, size_t key_size,
- size_t *key_len );
+int mbedtls_lms_export_public_key(const mbedtls_lms_public_t *ctx,
+ unsigned char *key, size_t key_size,
+ size_t *key_len);
/**
* \brief This function verifies a LMS signature, using a
@@ -328,9 +329,9 @@
* \return \c 0 on successful verification.
* \return A non-zero error code on failure.
*/
-int mbedtls_lms_verify( const mbedtls_lms_public_t *ctx,
- const unsigned char *msg, size_t msg_size,
- const unsigned char *sig, size_t sig_size );
+int mbedtls_lms_verify(const mbedtls_lms_public_t *ctx,
+ const unsigned char *msg, size_t msg_size,
+ const unsigned char *sig, size_t sig_size);
#if defined(MBEDTLS_LMS_PRIVATE)
/**
@@ -338,7 +339,7 @@
*
* \param ctx The uninitialized LMS private context that will
* then be initialized. */
-void mbedtls_lms_private_init( mbedtls_lms_private_t *ctx );
+void mbedtls_lms_private_init(mbedtls_lms_private_t *ctx);
/**
* \brief This function uninitializes an LMS private context
@@ -346,7 +347,7 @@
* \param ctx The initialized LMS private context that will then
* be uninitialized.
*/
-void mbedtls_lms_private_free( mbedtls_lms_private_t *ctx );
+void mbedtls_lms_private_free(mbedtls_lms_private_t *ctx);
/**
* \brief This function generates an LMS private key, and
@@ -372,12 +373,12 @@
* \return \c 0 on success.
* \return A non-zero error code on failure.
*/
-int mbedtls_lms_generate_private_key( mbedtls_lms_private_t *ctx,
- mbedtls_lms_algorithm_type_t type,
- mbedtls_lmots_algorithm_type_t otstype,
- int (*f_rng)(void *, unsigned char *, size_t),
- void* p_rng, const unsigned char *seed,
- size_t seed_size );
+int mbedtls_lms_generate_private_key(mbedtls_lms_private_t *ctx,
+ mbedtls_lms_algorithm_type_t type,
+ mbedtls_lmots_algorithm_type_t otstype,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng, const unsigned char *seed,
+ size_t seed_size);
/**
* \brief This function calculates an LMS public key from a
@@ -397,8 +398,8 @@
* \return \c 0 on success.
* \return A non-zero error code on failure.
*/
-int mbedtls_lms_calculate_public_key( mbedtls_lms_public_t *ctx,
- const mbedtls_lms_private_t *priv_ctx );
+int mbedtls_lms_calculate_public_key(mbedtls_lms_public_t *ctx,
+ const mbedtls_lms_private_t *priv_ctx);
/**
* \brief This function creates a LMS signature, using a
@@ -437,11 +438,11 @@
* \return \c 0 on success.
* \return A non-zero error code on failure.
*/
-int mbedtls_lms_sign( mbedtls_lms_private_t *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void* p_rng, const unsigned char *msg,
- unsigned int msg_size, unsigned char *sig, size_t sig_size,
- size_t *sig_len );
+int mbedtls_lms_sign(mbedtls_lms_private_t *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng, const unsigned char *msg,
+ unsigned int msg_size, unsigned char *sig, size_t sig_size,
+ size_t *sig_len);
#endif /* defined(MBEDTLS_LMS_PRIVATE) */
#ifdef __cplusplus
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 092152d..1b89ddb 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1687,21 +1687,21 @@
#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
/**
-* \def MBEDTLS_SSL_EARLY_DATA
-*
-* Enable support for RFC 8446 TLS 1.3 early data.
-*
-* Requires: MBEDTLS_SSL_SESSION_TICKETS and either
-* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or
-* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
-*
-* Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3
-* is not enabled, this option does not have any effect on the build.
-*
-* This feature is experimental, not completed and thus not ready for
-* production.
-*
-*/
+ * \def MBEDTLS_SSL_EARLY_DATA
+ *
+ * Enable support for RFC 8446 TLS 1.3 early data.
+ *
+ * Requires: MBEDTLS_SSL_SESSION_TICKETS and either
+ * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or
+ * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
+ *
+ * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3
+ * is not enabled, this option does not have any effect on the build.
+ *
+ * This feature is experimental, not completed and thus not ready for
+ * production.
+ *
+ */
//#define MBEDTLS_SSL_EARLY_DATA
/**
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index 85ecc43..1a92c57 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -1,4 +1,4 @@
- /**
+/**
* \file md.h
*
* \brief This file contains the generic message-digest wrapper.
@@ -96,8 +96,7 @@
/**
* The generic message-digest context.
*/
-typedef struct mbedtls_md_context_t
-{
+typedef struct mbedtls_md_context_t {
/** Information about the associated message digest. */
const mbedtls_md_info_t *MBEDTLS_PRIVATE(md_info);
@@ -119,7 +118,7 @@
* message-digest enumeration #mbedtls_md_type_t.
* The last entry is 0.
*/
-const int *mbedtls_md_list( void );
+const int *mbedtls_md_list(void);
/**
* \brief This function returns the message-digest information
@@ -130,7 +129,7 @@
* \return The message-digest information associated with \p md_name.
* \return NULL if the associated message-digest information is not found.
*/
-const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
+const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name);
/**
* \brief This function returns the message-digest information
@@ -141,7 +140,7 @@
* \return The message-digest information associated with \p md_type.
* \return NULL if the associated message-digest information is not found.
*/
-const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
+const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type);
/**
* \brief This function returns the message-digest information
@@ -154,7 +153,7 @@
* \return \c NULL if \p ctx is \c NULL.
*/
const mbedtls_md_info_t *mbedtls_md_info_from_ctx(
- const mbedtls_md_context_t *ctx );
+ const mbedtls_md_context_t *ctx);
/**
* \brief This function initializes a message-digest context without
@@ -164,7 +163,7 @@
* context for mbedtls_md_setup() for binding it to a
* message-digest algorithm.
*/
-void mbedtls_md_init( mbedtls_md_context_t *ctx );
+void mbedtls_md_init(mbedtls_md_context_t *ctx);
/**
* \brief This function clears the internal structure of \p ctx and
@@ -179,7 +178,7 @@
* You must not call this function if you have not called
* mbedtls_md_init().
*/
-void mbedtls_md_free( mbedtls_md_context_t *ctx );
+void mbedtls_md_free(mbedtls_md_context_t *ctx);
/**
@@ -202,7 +201,7 @@
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac );
+int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac);
/**
* \brief This function clones the state of a message-digest
@@ -224,8 +223,8 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_clone( mbedtls_md_context_t *dst,
- const mbedtls_md_context_t *src );
+int mbedtls_md_clone(mbedtls_md_context_t *dst,
+ const mbedtls_md_context_t *src);
/**
* \brief This function extracts the message-digest size from the
@@ -236,7 +235,7 @@
*
* \return The size of the message-digest output in Bytes.
*/
-unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
+unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info);
/**
* \brief This function extracts the message-digest type from the
@@ -247,7 +246,7 @@
*
* \return The type of the message digest.
*/
-mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
+mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info);
/**
* \brief This function extracts the message-digest name from the
@@ -258,7 +257,7 @@
*
* \return The name of the message digest.
*/
-const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
+const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info);
/**
* \brief This function starts a message-digest computation.
@@ -274,7 +273,7 @@
* failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_starts( mbedtls_md_context_t *ctx );
+int mbedtls_md_starts(mbedtls_md_context_t *ctx);
/**
* \brief This function feeds an input buffer into an ongoing
@@ -293,7 +292,7 @@
* failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen );
+int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen);
/**
* \brief This function finishes the digest operation,
@@ -314,7 +313,7 @@
* failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
+int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output);
/**
* \brief This function calculates the message-digest of a buffer,
@@ -335,8 +334,8 @@
* failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
- unsigned char *output );
+int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
+ unsigned char *output);
#if defined(MBEDTLS_FS_IO)
/**
@@ -357,8 +356,8 @@
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
- unsigned char *output );
+int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path,
+ unsigned char *output);
#endif /* MBEDTLS_FS_IO */
/**
@@ -380,8 +379,8 @@
* failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
- size_t keylen );
+int mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const unsigned char *key,
+ size_t keylen);
/**
* \brief This function feeds an input buffer into an ongoing HMAC
@@ -403,8 +402,8 @@
* failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input,
- size_t ilen );
+int mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const unsigned char *input,
+ size_t ilen);
/**
* \brief This function finishes the HMAC operation, and writes
@@ -425,7 +424,7 @@
* failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output);
+int mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, unsigned char *output);
/**
* \brief This function prepares to authenticate a new message with
@@ -443,7 +442,7 @@
* failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
+int mbedtls_md_hmac_reset(mbedtls_md_context_t *ctx);
/**
* \brief This function calculates the full generic HMAC
@@ -468,13 +467,13 @@
* failure.
*/
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
- const unsigned char *input, size_t ilen,
- unsigned char *output );
+int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output);
/* Internal use */
MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data );
+int mbedtls_md_process(mbedtls_md_context_t *ctx, const unsigned char *data);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h
index e7befc3..8081886 100644
--- a/include/mbedtls/md5.h
+++ b/include/mbedtls/md5.h
@@ -48,8 +48,7 @@
* stronger message digests instead.
*
*/
-typedef struct mbedtls_md5_context
-{
+typedef struct mbedtls_md5_context {
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */
uint32_t MBEDTLS_PRIVATE(state)[4]; /*!< intermediate digest state */
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */
@@ -70,7 +69,7 @@
* stronger message digests instead.
*
*/
-void mbedtls_md5_init( mbedtls_md5_context *ctx );
+void mbedtls_md5_init(mbedtls_md5_context *ctx);
/**
* \brief Clear MD5 context
@@ -82,7 +81,7 @@
* stronger message digests instead.
*
*/
-void mbedtls_md5_free( mbedtls_md5_context *ctx );
+void mbedtls_md5_free(mbedtls_md5_context *ctx);
/**
* \brief Clone (the state of) an MD5 context
@@ -95,8 +94,8 @@
* stronger message digests instead.
*
*/
-void mbedtls_md5_clone( mbedtls_md5_context *dst,
- const mbedtls_md5_context *src );
+void mbedtls_md5_clone(mbedtls_md5_context *dst,
+ const mbedtls_md5_context *src);
/**
* \brief MD5 context setup
@@ -110,7 +109,7 @@
* stronger message digests instead.
*
*/
-int mbedtls_md5_starts( mbedtls_md5_context *ctx );
+int mbedtls_md5_starts(mbedtls_md5_context *ctx);
/**
* \brief MD5 process buffer
@@ -126,9 +125,9 @@
* stronger message digests instead.
*
*/
-int mbedtls_md5_update( mbedtls_md5_context *ctx,
- const unsigned char *input,
- size_t ilen );
+int mbedtls_md5_update(mbedtls_md5_context *ctx,
+ const unsigned char *input,
+ size_t ilen);
/**
* \brief MD5 final digest
@@ -143,8 +142,8 @@
* stronger message digests instead.
*
*/
-int mbedtls_md5_finish( mbedtls_md5_context *ctx,
- unsigned char output[16] );
+int mbedtls_md5_finish(mbedtls_md5_context *ctx,
+ unsigned char output[16]);
/**
* \brief MD5 process data block (internal use only)
@@ -159,8 +158,8 @@
* stronger message digests instead.
*
*/
-int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
- const unsigned char data[64] );
+int mbedtls_internal_md5_process(mbedtls_md5_context *ctx,
+ const unsigned char data[64]);
/**
* \brief Output = MD5( input buffer )
@@ -176,9 +175,9 @@
* stronger message digests instead.
*
*/
-int mbedtls_md5( const unsigned char *input,
- size_t ilen,
- unsigned char output[16] );
+int mbedtls_md5(const unsigned char *input,
+ size_t ilen,
+ unsigned char output[16]);
#if defined(MBEDTLS_SELF_TEST)
@@ -192,7 +191,7 @@
* stronger message digests instead.
*
*/
-int mbedtls_md5_self_test( int verbose );
+int mbedtls_md5_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/memory_buffer_alloc.h b/include/mbedtls/memory_buffer_alloc.h
index 0b07974..9694d24 100644
--- a/include/mbedtls/memory_buffer_alloc.h
+++ b/include/mbedtls/memory_buffer_alloc.h
@@ -43,7 +43,8 @@
#define MBEDTLS_MEMORY_VERIFY_NONE 0
#define MBEDTLS_MEMORY_VERIFY_ALLOC (1 << 0)
#define MBEDTLS_MEMORY_VERIFY_FREE (1 << 1)
-#define MBEDTLS_MEMORY_VERIFY_ALWAYS (MBEDTLS_MEMORY_VERIFY_ALLOC | MBEDTLS_MEMORY_VERIFY_FREE)
+#define MBEDTLS_MEMORY_VERIFY_ALWAYS (MBEDTLS_MEMORY_VERIFY_ALLOC | \
+ MBEDTLS_MEMORY_VERIFY_FREE)
#ifdef __cplusplus
extern "C" {
@@ -64,12 +65,12 @@
* \param buf buffer to use as heap
* \param len size of the buffer
*/
-void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len );
+void mbedtls_memory_buffer_alloc_init(unsigned char *buf, size_t len);
/**
* \brief Free the mutex for thread-safety and clear remaining memory
*/
-void mbedtls_memory_buffer_alloc_free( void );
+void mbedtls_memory_buffer_alloc_free(void);
/**
* \brief Determine when the allocator should automatically verify the state
@@ -79,7 +80,7 @@
* \param verify One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC,
* MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS
*/
-void mbedtls_memory_buffer_set_verify( int verify );
+void mbedtls_memory_buffer_set_verify(int verify);
#if defined(MBEDTLS_MEMORY_DEBUG)
/**
@@ -88,7 +89,7 @@
* Prints out a list of 'still allocated' blocks and their stack
* trace if MBEDTLS_MEMORY_BACKTRACE is defined.
*/
-void mbedtls_memory_buffer_alloc_status( void );
+void mbedtls_memory_buffer_alloc_status(void);
/**
* \brief Get the number of alloc/free so far.
@@ -96,7 +97,7 @@
* \param alloc_count Number of allocations.
* \param free_count Number of frees.
*/
-void mbedtls_memory_buffer_alloc_count_get( size_t *alloc_count, size_t *free_count );
+void mbedtls_memory_buffer_alloc_count_get(size_t *alloc_count, size_t *free_count);
/**
* \brief Get the peak heap usage so far
@@ -106,12 +107,12 @@
* into smaller blocks but larger than the requested size.
* \param max_blocks Peak number of blocks in use, including free and used
*/
-void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks );
+void mbedtls_memory_buffer_alloc_max_get(size_t *max_used, size_t *max_blocks);
/**
* \brief Reset peak statistics
*/
-void mbedtls_memory_buffer_alloc_max_reset( void );
+void mbedtls_memory_buffer_alloc_max_reset(void);
/**
* \brief Get the current heap usage
@@ -121,7 +122,7 @@
* into smaller blocks but larger than the requested size.
* \param cur_blocks Current number of blocks in use, including free and used
*/
-void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks );
+void mbedtls_memory_buffer_alloc_cur_get(size_t *cur_used, size_t *cur_blocks);
#endif /* MBEDTLS_MEMORY_DEBUG */
/**
@@ -135,7 +136,7 @@
*
* \return 0 if verified, 1 otherwise
*/
-int mbedtls_memory_buffer_alloc_verify( void );
+int mbedtls_memory_buffer_alloc_verify(void);
#if defined(MBEDTLS_SELF_TEST)
/**
@@ -143,7 +144,7 @@
*
* \return 0 if successful, or 1 if a test failed
*/
-int mbedtls_memory_buffer_alloc_self_test( int verbose );
+int mbedtls_memory_buffer_alloc_self_test(int verbose);
#endif
#ifdef __cplusplus
diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h
index 0c754b1..14316fb 100644
--- a/include/mbedtls/net_sockets.h
+++ b/include/mbedtls/net_sockets.h
@@ -92,8 +92,7 @@
* (eg two file descriptors for combined IPv4 + IPv6 support, or additional
* structures for hand-made UDP demultiplexing).
*/
-typedef struct mbedtls_net_context
-{
+typedef struct mbedtls_net_context {
/** The underlying file descriptor.
*
* This field is only guaranteed to be present on POSIX/Unix-like platforms.
@@ -110,7 +109,7 @@
*
* \param ctx Context to initialize
*/
-void mbedtls_net_init( mbedtls_net_context *ctx );
+void mbedtls_net_init(mbedtls_net_context *ctx);
/**
* \brief Initiate a connection with host:port in the given protocol
@@ -127,7 +126,7 @@
*
* \note Sets the socket in connected mode even with UDP.
*/
-int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto );
+int mbedtls_net_connect(mbedtls_net_context *ctx, const char *host, const char *port, int proto);
/**
* \brief Create a receiving socket on bind_ip:port in the chosen
@@ -147,7 +146,7 @@
* \note Regardless of the protocol, opens the sockets and binds it.
* In addition, make the socket listening if protocol is TCP.
*/
-int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto );
+int mbedtls_net_bind(mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto);
/**
* \brief Accept a connection from a remote client
@@ -167,9 +166,9 @@
* MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to
* non-blocking and accept() would block.
*/
-int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
- mbedtls_net_context *client_ctx,
- void *client_ip, size_t buf_size, size_t *ip_len );
+int mbedtls_net_accept(mbedtls_net_context *bind_ctx,
+ mbedtls_net_context *client_ctx,
+ void *client_ip, size_t buf_size, size_t *ip_len);
/**
* \brief Check and wait for the context to be ready for read/write
@@ -196,7 +195,7 @@
* \return Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE
* on success or timeout, or a negative return code otherwise.
*/
-int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout );
+int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout);
/**
* \brief Set the socket blocking
@@ -205,7 +204,7 @@
*
* \return 0 if successful, or a non-zero error code
*/
-int mbedtls_net_set_block( mbedtls_net_context *ctx );
+int mbedtls_net_set_block(mbedtls_net_context *ctx);
/**
* \brief Set the socket non-blocking
@@ -214,7 +213,7 @@
*
* \return 0 if successful, or a non-zero error code
*/
-int mbedtls_net_set_nonblock( mbedtls_net_context *ctx );
+int mbedtls_net_set_nonblock(mbedtls_net_context *ctx);
/**
* \brief Portable usleep helper
@@ -224,7 +223,7 @@
* \note Real amount of time slept will not be less than
* select()'s timeout granularity (typically, 10ms).
*/
-void mbedtls_net_usleep( unsigned long usec );
+void mbedtls_net_usleep(unsigned long usec);
/**
* \brief Read at most 'len' characters. If no error occurs,
@@ -238,7 +237,7 @@
* or a non-zero error code; with a non-blocking socket,
* MBEDTLS_ERR_SSL_WANT_READ indicates read() would block.
*/
-int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len );
+int mbedtls_net_recv(void *ctx, unsigned char *buf, size_t len);
/**
* \brief Write at most 'len' characters. If no error occurs,
@@ -252,7 +251,7 @@
* or a non-zero error code; with a non-blocking socket,
* MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block.
*/
-int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len );
+int mbedtls_net_send(void *ctx, const unsigned char *buf, size_t len);
/**
* \brief Read at most 'len' characters, blocking for at most
@@ -280,22 +279,22 @@
* non-blocking. Handling timeouts with non-blocking reads
* requires a different strategy.
*/
-int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
- uint32_t timeout );
+int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, size_t len,
+ uint32_t timeout);
/**
* \brief Closes down the connection and free associated data
*
* \param ctx The context to close
*/
-void mbedtls_net_close( mbedtls_net_context *ctx );
+void mbedtls_net_close(mbedtls_net_context *ctx);
/**
* \brief Gracefully shutdown the connection and free associated data
*
* \param ctx The context to free
*/
-void mbedtls_net_free( mbedtls_net_context *ctx );
+void mbedtls_net_free(mbedtls_net_context *ctx);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h
index bd6c658..0c95c90 100644
--- a/include/mbedtls/nist_kw.h
+++ b/include/mbedtls/nist_kw.h
@@ -44,8 +44,7 @@
extern "C" {
#endif
-typedef enum
-{
+typedef enum {
MBEDTLS_KW_MODE_KW = 0,
MBEDTLS_KW_MODE_KWP = 1
} mbedtls_nist_kw_mode_t;
@@ -77,7 +76,7 @@
* \param ctx The key wrapping context to initialize.
*
*/
-void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx );
+void mbedtls_nist_kw_init(mbedtls_nist_kw_context *ctx);
/**
* \brief This function initializes the key wrapping context set in the
@@ -95,11 +94,11 @@
* which are not supported.
* \return cipher-specific error code on failure of the underlying cipher.
*/
-int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx,
- mbedtls_cipher_id_t cipher,
- const unsigned char *key,
- unsigned int keybits,
- const int is_wrap );
+int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx,
+ mbedtls_cipher_id_t cipher,
+ const unsigned char *key,
+ unsigned int keybits,
+ const int is_wrap);
/**
* \brief This function releases and clears the specified key wrapping context
@@ -107,7 +106,7 @@
*
* \param ctx The key wrapping context to clear.
*/
-void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx );
+void mbedtls_nist_kw_free(mbedtls_nist_kw_context *ctx);
/**
* \brief This function encrypts a buffer using key wrapping.
@@ -130,9 +129,9 @@
* \return \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length.
* \return cipher-specific error code on failure of the underlying cipher.
*/
-int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
- const unsigned char *input, size_t in_len,
- unsigned char *output, size_t* out_len, size_t out_size );
+int mbedtls_nist_kw_wrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
+ const unsigned char *input, size_t in_len,
+ unsigned char *output, size_t *out_len, size_t out_size);
/**
* \brief This function decrypts a buffer using key wrapping.
@@ -157,9 +156,9 @@
* \return \c MBEDTLS_ERR_CIPHER_AUTH_FAILED for verification failure of the ciphertext.
* \return cipher-specific error code on failure of the underlying cipher.
*/
-int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
- const unsigned char *input, size_t in_len,
- unsigned char *output, size_t* out_len, size_t out_size);
+int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
+ const unsigned char *input, size_t in_len,
+ unsigned char *output, size_t *out_len, size_t out_size);
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
@@ -169,7 +168,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_nist_kw_self_test( int verbose );
+int mbedtls_nist_kw_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
#ifdef __cplusplus
diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index e5c4b92..a592e63 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -77,10 +77,10 @@
#define MBEDTLS_OID_COUNTRY_US "\x86\x48" /* {us(840)} */
#define MBEDTLS_OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */
#define MBEDTLS_OID_RSA_COMPANY MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
- MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
+ MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
#define MBEDTLS_OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */
#define MBEDTLS_OID_ANSI_X9_62 MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
- MBEDTLS_OID_ORG_ANSI_X9_62
+ MBEDTLS_OID_ORG_ANSI_X9_62
/*
* ISO Identified organization OID parts
@@ -91,15 +91,18 @@
#define MBEDTLS_OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG "\x02"
#define MBEDTLS_OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_ALG "\x1a"
#define MBEDTLS_OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */
-#define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_CERTICOM
+#define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+ MBEDTLS_OID_ORG_CERTICOM
#define MBEDTLS_OID_ORG_TELETRUST "\x24" /* teletrust(36) */
-#define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_TELETRUST
+#define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+ MBEDTLS_OID_ORG_TELETRUST
/*
* ISO ITU OID parts
*/
#define MBEDTLS_OID_ORGANIZATION "\x01" /* {organization(1)} */
-#define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */
+#define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US \
+ MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */
#define MBEDTLS_OID_ORG_GOV "\x65" /* {gov(101)} */
#define MBEDTLS_OID_GOV MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */
@@ -117,7 +120,8 @@
* { iso(1) identified-organization(3) dod(6) internet(1)
* security(5) mechanisms(5) pkix(7) }
*/
-#define MBEDTLS_OID_INTERNET MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01"
+#define MBEDTLS_OID_INTERNET MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD \
+ "\x01"
#define MBEDTLS_OID_PKIX MBEDTLS_OID_INTERNET "\x05\x05\x07"
/*
@@ -247,7 +251,8 @@
* Digest algorithms
*/
#define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */
-#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+ MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA256 MBEDTLS_OID_NIST_ALG "\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */
@@ -270,7 +275,8 @@
/*
* Encryption algorithms
*/
-#define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */
+#define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+ MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */
#define MBEDTLS_OID_DES_EDE3_CBC MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */
#define MBEDTLS_OID_AES MBEDTLS_OID_NIST_ALG "\x01" /** aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1 } */
@@ -438,8 +444,7 @@
/**
* \brief Base OID descriptor structure
*/
-typedef struct mbedtls_oid_descriptor_t
-{
+typedef struct mbedtls_oid_descriptor_t {
const char *MBEDTLS_PRIVATE(asn1); /*!< OID ASN.1 representation */
size_t MBEDTLS_PRIVATE(asn1_len); /*!< length of asn1 */
#if !defined(MBEDTLS_X509_REMOVE_INFO)
@@ -459,7 +464,7 @@
* \return Length of the string written (excluding final NULL) or
* MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error
*/
-int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid );
+int mbedtls_oid_get_numeric_string(char *buf, size_t size, const mbedtls_asn1_buf *oid);
/**
* \brief Translate an X.509 extension OID into local values
@@ -469,7 +474,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type );
+int mbedtls_oid_get_x509_ext_type(const mbedtls_asn1_buf *oid, int *ext_type);
/**
* \brief Translate an X.509 attribute type OID into the short name
@@ -480,7 +485,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **short_name );
+int mbedtls_oid_get_attr_short_name(const mbedtls_asn1_buf *oid, const char **short_name);
/**
* \brief Translate PublicKeyAlgorithm OID into pk_type
@@ -490,7 +495,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg );
+int mbedtls_oid_get_pk_alg(const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg);
/**
* \brief Translate pk_type into PublicKeyAlgorithm OID
@@ -501,8 +506,8 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg,
- const char **oid, size_t *olen );
+int mbedtls_oid_get_oid_by_pk_alg(mbedtls_pk_type_t pk_alg,
+ const char **oid, size_t *olen);
#if defined(MBEDTLS_ECP_C)
/**
@@ -513,7 +518,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id );
+int mbedtls_oid_get_ec_grp(const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id);
/**
* \brief Translate EC group identifier into NamedCurve OID
@@ -524,8 +529,8 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id,
- const char **oid, size_t *olen );
+int mbedtls_oid_get_oid_by_ec_grp(mbedtls_ecp_group_id grp_id,
+ const char **oid, size_t *olen);
#endif /* MBEDTLS_ECP_C */
/**
@@ -537,8 +542,8 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid,
- mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg );
+int mbedtls_oid_get_sig_alg(const mbedtls_asn1_buf *oid,
+ mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg);
/**
* \brief Translate SignatureAlgorithm OID into description
@@ -548,7 +553,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc );
+int mbedtls_oid_get_sig_alg_desc(const mbedtls_asn1_buf *oid, const char **desc);
/**
* \brief Translate md_type and pk_type into SignatureAlgorithm OID
@@ -560,8 +565,8 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
- const char **oid, size_t *olen );
+int mbedtls_oid_get_oid_by_sig_alg(mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
+ const char **oid, size_t *olen);
/**
* \brief Translate hmac algorithm OID into md_type
@@ -571,7 +576,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac );
+int mbedtls_oid_get_md_hmac(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac);
/**
* \brief Translate hash algorithm OID into md_type
@@ -581,7 +586,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg );
+int mbedtls_oid_get_md_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg);
#if !defined(MBEDTLS_X509_REMOVE_INFO)
/**
@@ -592,7 +597,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc );
+int mbedtls_oid_get_extended_key_usage(const mbedtls_asn1_buf *oid, const char **desc);
#endif
/**
@@ -603,7 +608,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const char **desc );
+int mbedtls_oid_get_certificate_policies(const mbedtls_asn1_buf *oid, const char **desc);
/**
* \brief Translate md_type into hash algorithm OID
@@ -614,7 +619,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_t *olen );
+int mbedtls_oid_get_oid_by_md(mbedtls_md_type_t md_alg, const char **oid, size_t *olen);
#if defined(MBEDTLS_CIPHER_C)
/**
@@ -625,7 +630,7 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg );
+int mbedtls_oid_get_cipher_alg(const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg);
#endif /* MBEDTLS_CIPHER_C */
#if defined(MBEDTLS_PKCS12_C)
@@ -639,8 +644,8 @@
*
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/
-int mbedtls_oid_get_pkcs12_pbe_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg,
- mbedtls_cipher_type_t *cipher_alg );
+int mbedtls_oid_get_pkcs12_pbe_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg,
+ mbedtls_cipher_type_t *cipher_alg);
#endif /* MBEDTLS_PKCS12_C */
#ifdef __cplusplus
diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h
index a4c6fb8..a33fc65 100644
--- a/include/mbedtls/pem.h
+++ b/include/mbedtls/pem.h
@@ -61,8 +61,7 @@
/**
* \brief PEM context structure
*/
-typedef struct mbedtls_pem_context
-{
+typedef struct mbedtls_pem_context {
unsigned char *MBEDTLS_PRIVATE(buf); /*!< buffer for decoded data */
size_t MBEDTLS_PRIVATE(buflen); /*!< length of the buffer */
unsigned char *MBEDTLS_PRIVATE(info); /*!< buffer for extra header information */
@@ -74,7 +73,7 @@
*
* \param ctx context to be initialized
*/
-void mbedtls_pem_init( mbedtls_pem_context *ctx );
+void mbedtls_pem_init(mbedtls_pem_context *ctx);
/**
* \brief Read a buffer for PEM information and store the resulting
@@ -102,10 +101,10 @@
*
* \return 0 on success, or a specific PEM error code
*/
-int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
- const unsigned char *data,
- const unsigned char *pwd,
- size_t pwdlen, size_t *use_len );
+int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const char *footer,
+ const unsigned char *data,
+ const unsigned char *pwd,
+ size_t pwdlen, size_t *use_len);
/**
* \brief Get the pointer to the decoded binary data in a PEM context.
@@ -119,10 +118,10 @@
* \note The returned pointer remains valid only until \p ctx is
modified or freed.
*/
-static inline const unsigned char *mbedtls_pem_get_buffer( mbedtls_pem_context *ctx, size_t *buflen )
+static inline const unsigned char *mbedtls_pem_get_buffer(mbedtls_pem_context *ctx, size_t *buflen)
{
*buflen = ctx->MBEDTLS_PRIVATE(buflen);
- return( ctx->MBEDTLS_PRIVATE(buf) );
+ return ctx->MBEDTLS_PRIVATE(buf);
}
@@ -131,7 +130,7 @@
*
* \param ctx context to be freed
*/
-void mbedtls_pem_free( mbedtls_pem_context *ctx );
+void mbedtls_pem_free(mbedtls_pem_context *ctx);
#endif /* MBEDTLS_PEM_PARSE_C */
#if defined(MBEDTLS_PEM_WRITE_C)
@@ -161,9 +160,9 @@
* the required minimum size of \p buf.
* \return Another PEM or BASE64 error code on other kinds of failure.
*/
-int mbedtls_pem_write_buffer( const char *header, const char *footer,
- const unsigned char *der_data, size_t der_len,
- unsigned char *buf, size_t buf_len, size_t *olen );
+int mbedtls_pem_write_buffer(const char *header, const char *footer,
+ const unsigned char *der_data, size_t der_len,
+ unsigned char *buf, size_t buf_len, size_t *olen);
#endif /* MBEDTLS_PEM_WRITE_C */
#ifdef __cplusplus
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 386ec42..0392bd4 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -97,8 +97,7 @@
* \brief Options for RSASSA-PSS signature verification.
* See \c mbedtls_rsa_rsassa_pss_verify_ext()
*/
-typedef struct mbedtls_pk_rsassa_pss_options
-{
+typedef struct mbedtls_pk_rsassa_pss_options {
mbedtls_md_type_t MBEDTLS_PRIVATE(mgf1_hash_id);
int MBEDTLS_PRIVATE(expected_salt_len);
@@ -118,7 +117,7 @@
*/
#define MBEDTLS_PK_SIGNATURE_MAX_SIZE 0
-#if ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT) ) && \
+#if (defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT)) && \
MBEDTLS_MPI_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE
/* For RSA, the signature can be as large as the bignum module allows.
* For RSA_ALT, the signature size is not necessarily tied to what the
@@ -152,15 +151,14 @@
* types, lengths (represented by up to 2 bytes), and potential leading
* zeros of the INTEGERs and the SEQUENCE. */
#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE
-#define MBEDTLS_PK_SIGNATURE_MAX_SIZE ( PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11 )
+#define MBEDTLS_PK_SIGNATURE_MAX_SIZE (PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11)
#endif
#endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */
/**
* \brief Types for interfacing with the debug module
*/
-typedef enum
-{
+typedef enum {
MBEDTLS_PK_DEBUG_NONE = 0,
MBEDTLS_PK_DEBUG_MPI,
MBEDTLS_PK_DEBUG_ECP,
@@ -169,8 +167,7 @@
/**
* \brief Item to send to the debug module
*/
-typedef struct mbedtls_pk_debug_item
-{
+typedef struct mbedtls_pk_debug_item {
mbedtls_pk_debug_type MBEDTLS_PRIVATE(type);
const char *MBEDTLS_PRIVATE(name);
void *MBEDTLS_PRIVATE(value);
@@ -191,20 +188,18 @@
/**
* \brief Public key container
*/
-typedef struct mbedtls_pk_context
-{
- const mbedtls_pk_info_t * MBEDTLS_PRIVATE(pk_info); /**< Public key information */
- void * MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
+typedef struct mbedtls_pk_context {
+ const mbedtls_pk_info_t *MBEDTLS_PRIVATE(pk_info); /**< Public key information */
+ void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
} mbedtls_pk_context;
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
/**
* \brief Context for resuming operations
*/
-typedef struct
-{
- const mbedtls_pk_info_t * MBEDTLS_PRIVATE(pk_info); /**< Public key information */
- void * MBEDTLS_PRIVATE(rs_ctx); /**< Underlying restart context */
+typedef struct {
+ const mbedtls_pk_info_t *MBEDTLS_PRIVATE(pk_info); /**< Public key information */
+ void *MBEDTLS_PRIVATE(rs_ctx); /**< Underlying restart context */
} mbedtls_pk_restart_ctx;
#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
/* Now we can declare functions that take a pointer to that */
@@ -215,14 +210,15 @@
/**
* \brief Types for RSA-alt abstraction
*/
-typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, size_t *olen,
- const unsigned char *input, unsigned char *output,
- size_t output_max_len );
-typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
- mbedtls_md_type_t md_alg, unsigned int hashlen,
- const unsigned char *hash, unsigned char *sig );
-typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
+typedef int (*mbedtls_pk_rsa_alt_decrypt_func)(void *ctx, size_t *olen,
+ const unsigned char *input, unsigned char *output,
+ size_t output_max_len);
+typedef int (*mbedtls_pk_rsa_alt_sign_func)(void *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_md_type_t md_alg, unsigned int hashlen,
+ const unsigned char *hash, unsigned char *sig);
+typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)(void *ctx);
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
/**
@@ -232,7 +228,7 @@
*
* \return The PK info associated with the type or NULL if not found.
*/
-const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
+const mbedtls_pk_info_t *mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type);
/**
* \brief Initialize a #mbedtls_pk_context (as NONE).
@@ -240,7 +236,7 @@
* \param ctx The context to initialize.
* This must not be \c NULL.
*/
-void mbedtls_pk_init( mbedtls_pk_context *ctx );
+void mbedtls_pk_init(mbedtls_pk_context *ctx);
/**
* \brief Free the components of a #mbedtls_pk_context.
@@ -253,7 +249,7 @@
* PSA key and you still need to call psa_destroy_key()
* independently if you want to destroy that key.
*/
-void mbedtls_pk_free( mbedtls_pk_context *ctx );
+void mbedtls_pk_free(mbedtls_pk_context *ctx);
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
/**
@@ -262,7 +258,7 @@
* \param ctx The context to initialize.
* This must not be \c NULL.
*/
-void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx );
+void mbedtls_pk_restart_init(mbedtls_pk_restart_ctx *ctx);
/**
* \brief Free the components of a restart context
@@ -270,7 +266,7 @@
* \param ctx The context to clear. It must have been initialized.
* If this is \c NULL, this function does nothing.
*/
-void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );
+void mbedtls_pk_restart_free(mbedtls_pk_restart_ctx *ctx);
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
/**
@@ -288,7 +284,7 @@
* \note For contexts holding an RSA-alt key, use
* \c mbedtls_pk_setup_rsa_alt() instead.
*/
-int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
+int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info);
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/**
@@ -319,8 +315,8 @@
* ECC key pair.
* \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
*/
-int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx,
- const mbedtls_svc_key_id_t key );
+int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx,
+ const mbedtls_svc_key_id_t key);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
@@ -339,10 +335,10 @@
*
* \note This function replaces \c mbedtls_pk_setup() for RSA-alt.
*/
-int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
- mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
- mbedtls_pk_rsa_alt_sign_func sign_func,
- mbedtls_pk_rsa_alt_key_len_func key_len_func );
+int mbedtls_pk_setup_rsa_alt(mbedtls_pk_context *ctx, void *key,
+ mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
+ mbedtls_pk_rsa_alt_sign_func sign_func,
+ mbedtls_pk_rsa_alt_key_len_func key_len_func);
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
/**
@@ -352,7 +348,7 @@
*
* \return Key size in bits, or 0 on error
*/
-size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx );
+size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx);
/**
* \brief Get the length in bytes of the underlying key
@@ -361,9 +357,9 @@
*
* \return Key length in bytes, or 0 on error
*/
-static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )
+static inline size_t mbedtls_pk_get_len(const mbedtls_pk_context *ctx)
{
- return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 );
+ return (mbedtls_pk_get_bitlen(ctx) + 7) / 8;
}
/**
@@ -378,7 +374,7 @@
* been initialized but not set up, or that has been
* cleared with mbedtls_pk_free().
*/
-int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );
+int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type);
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/**
@@ -408,8 +404,8 @@
* for a context that has been initialized but not set up
* or that has been cleared with mbedtls_pk_free().
*/
-int mbedtls_pk_can_do_ext( const mbedtls_pk_context *ctx, psa_algorithm_t alg,
- psa_key_usage_t usage );
+int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg,
+ psa_key_usage_t usage);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/**
@@ -439,9 +435,9 @@
* Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... )
* to verify RSASSA_PSS signatures.
*/
-int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
- const unsigned char *hash, size_t hash_len,
- const unsigned char *sig, size_t sig_len );
+int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ const unsigned char *sig, size_t sig_len);
/**
* \brief Restartable version of \c mbedtls_pk_verify()
@@ -463,11 +459,11 @@
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops().
*/
-int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
- mbedtls_md_type_t md_alg,
- const unsigned char *hash, size_t hash_len,
- const unsigned char *sig, size_t sig_len,
- mbedtls_pk_restart_ctx *rs_ctx );
+int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx,
+ mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ const unsigned char *sig, size_t sig_len,
+ mbedtls_pk_restart_ctx *rs_ctx);
/**
* \brief Verify signature, with options.
@@ -500,10 +496,10 @@
* #MBEDTLS_USE_PSA_CRYPTO is defined, the salt length is not
* verified as PSA_ALG_RSA_PSS_ANY_SALT is used.
*/
-int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
- mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
- const unsigned char *hash, size_t hash_len,
- const unsigned char *sig, size_t sig_len );
+int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options,
+ mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ const unsigned char *sig, size_t sig_len);
/**
* \brief Make signature, including padding if relevant.
@@ -533,10 +529,10 @@
* \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
*/
-int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
- const unsigned char *hash, size_t hash_len,
- unsigned char *sig, size_t sig_size, size_t *sig_len,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ unsigned char *sig, size_t sig_size, size_t *sig_len,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
#if defined(MBEDTLS_PSA_CRYPTO_C)
/**
@@ -568,13 +564,13 @@
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
*
*/
-int mbedtls_pk_sign_ext( mbedtls_pk_type_t pk_type,
- mbedtls_pk_context *ctx,
- mbedtls_md_type_t md_alg,
- const unsigned char *hash, size_t hash_len,
- unsigned char *sig, size_t sig_size, size_t *sig_len,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type,
+ mbedtls_pk_context *ctx,
+ mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ unsigned char *sig, size_t sig_size, size_t *sig_len,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
#endif /* MBEDTLS_PSA_CRYPTO_C */
/**
@@ -606,12 +602,12 @@
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops().
*/
-int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
- mbedtls_md_type_t md_alg,
- const unsigned char *hash, size_t hash_len,
- unsigned char *sig, size_t sig_size, size_t *sig_len,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
- mbedtls_pk_restart_ctx *rs_ctx );
+int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx,
+ mbedtls_md_type_t md_alg,
+ const unsigned char *hash, size_t hash_len,
+ unsigned char *sig, size_t sig_size, size_t *sig_len,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ mbedtls_pk_restart_ctx *rs_ctx);
/**
* \brief Decrypt message (including padding if relevant).
@@ -630,10 +626,10 @@
*
* \return 0 on success, or a specific error code.
*/
-int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
- const unsigned char *input, size_t ilen,
- unsigned char *output, size_t *olen, size_t osize,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_pk_decrypt(mbedtls_pk_context *ctx,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t *olen, size_t osize,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/**
* \brief Encrypt message (including padding if relevant).
@@ -653,10 +649,10 @@
*
* \return 0 on success, or a specific error code.
*/
-int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
- const unsigned char *input, size_t ilen,
- unsigned char *output, size_t *olen, size_t osize,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_pk_encrypt(mbedtls_pk_context *ctx,
+ const unsigned char *input, size_t ilen,
+ unsigned char *output, size_t *olen, size_t osize,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/**
* \brief Check if a public-private pair of keys matches.
@@ -672,10 +668,10 @@
* \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.
* \return Another non-zero value if the keys do not match.
*/
-int mbedtls_pk_check_pair( const mbedtls_pk_context *pub,
- const mbedtls_pk_context *prv,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_pk_check_pair(const mbedtls_pk_context *pub,
+ const mbedtls_pk_context *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief Export debug information
@@ -685,7 +681,7 @@
*
* \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
*/
-int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items );
+int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items);
/**
* \brief Access the type name
@@ -694,7 +690,7 @@
*
* \return Type name on success, or "invalid PK"
*/
-const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
+const char *mbedtls_pk_get_name(const mbedtls_pk_context *ctx);
/**
* \brief Get the key type
@@ -704,7 +700,7 @@
* \return Type on success.
* \return #MBEDTLS_PK_NONE for a context that has not been set up.
*/
-mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
+mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx);
#if defined(MBEDTLS_RSA_C)
/**
@@ -717,14 +713,13 @@
*
* \return The internal RSA context held by the PK context, or NULL.
*/
-static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )
+static inline mbedtls_rsa_context *mbedtls_pk_rsa(const mbedtls_pk_context pk)
{
- switch( mbedtls_pk_get_type( &pk ) )
- {
+ switch (mbedtls_pk_get_type(&pk)) {
case MBEDTLS_PK_RSA:
- return( (mbedtls_rsa_context *) (pk).MBEDTLS_PRIVATE(pk_ctx) );
+ return (mbedtls_rsa_context *) (pk).MBEDTLS_PRIVATE(pk_ctx);
default:
- return( NULL );
+ return NULL;
}
}
#endif /* MBEDTLS_RSA_C */
@@ -741,16 +736,15 @@
*
* \return The internal EC context held by the PK context, or NULL.
*/
-static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )
+static inline mbedtls_ecp_keypair *mbedtls_pk_ec(const mbedtls_pk_context pk)
{
- switch( mbedtls_pk_get_type( &pk ) )
- {
+ switch (mbedtls_pk_get_type(&pk)) {
case MBEDTLS_PK_ECKEY:
case MBEDTLS_PK_ECKEY_DH:
case MBEDTLS_PK_ECDSA:
- return( (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx) );
+ return (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx);
default:
- return( NULL );
+ return NULL;
}
}
#endif /* MBEDTLS_ECP_C */
@@ -787,10 +781,10 @@
*
* \return 0 if successful, or a specific PK or PEM error code
*/
-int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
- const unsigned char *key, size_t keylen,
- const unsigned char *pwd, size_t pwdlen,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_pk_parse_key(mbedtls_pk_context *ctx,
+ const unsigned char *key, size_t keylen,
+ const unsigned char *pwd, size_t pwdlen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** \ingroup pk_module */
/**
@@ -814,8 +808,8 @@
*
* \return 0 if successful, or a specific PK or PEM error code
*/
-int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
- const unsigned char *key, size_t keylen );
+int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx,
+ const unsigned char *key, size_t keylen);
#if defined(MBEDTLS_FS_IO)
/** \ingroup pk_module */
@@ -841,9 +835,9 @@
*
* \return 0 if successful, or a specific PK or PEM error code
*/
-int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
- const char *path, const char *password,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx,
+ const char *path, const char *password,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** \ingroup pk_module */
/**
@@ -862,7 +856,7 @@
*
* \return 0 if successful, or a specific PK or PEM error code
*/
-int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path );
+int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path);
#endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_PK_PARSE_C */
@@ -880,7 +874,7 @@
* \return length of data written if successful, or a specific
* error code
*/
-int mbedtls_pk_write_key_der( const mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
+int mbedtls_pk_write_key_der(const mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
/**
* \brief Write a public key to a SubjectPublicKeyInfo DER structure
@@ -895,7 +889,7 @@
* \return length of data written if successful, or a specific
* error code
*/
-int mbedtls_pk_write_pubkey_der( const mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
+int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
#if defined(MBEDTLS_PEM_WRITE_C)
/**
@@ -908,7 +902,7 @@
*
* \return 0 if successful, or a specific error code
*/
-int mbedtls_pk_write_pubkey_pem( const mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
+int mbedtls_pk_write_pubkey_pem(const mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
/**
* \brief Write a private key to a PKCS#1 or SEC1 PEM string
@@ -920,7 +914,7 @@
*
* \return 0 if successful, or a specific error code
*/
-int mbedtls_pk_write_key_pem( const mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
+int mbedtls_pk_write_key_pem(const mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
#endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_PK_WRITE_C */
@@ -940,8 +934,8 @@
*
* \return 0 if successful, or a specific PK error code
*/
-int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
- mbedtls_pk_context *pk );
+int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end,
+ mbedtls_pk_context *pk);
#endif /* MBEDTLS_PK_PARSE_C */
#if defined(MBEDTLS_PK_WRITE_C)
@@ -955,8 +949,8 @@
*
* \return the length written or a negative error code
*/
-int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
- const mbedtls_pk_context *key );
+int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
+ const mbedtls_pk_context *key);
#endif /* MBEDTLS_PK_WRITE_C */
/*
@@ -964,7 +958,7 @@
* know you do.
*/
#if defined(MBEDTLS_FS_IO)
-int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
+int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n);
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -987,11 +981,11 @@
* \return \c 0 if successful.
* \return An Mbed TLS error code otherwise.
*/
-int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
- mbedtls_svc_key_id_t *key,
- psa_algorithm_t alg,
- psa_key_usage_t usage,
- psa_algorithm_t alg2 );
+int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
+ mbedtls_svc_key_id_t *key,
+ psa_algorithm_t alg,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg2);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#ifdef __cplusplus
diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h
index 327996a..eb9e2d9 100644
--- a/include/mbedtls/pkcs12.h
+++ b/include/mbedtls/pkcs12.h
@@ -70,11 +70,11 @@
*
* \return 0 if successful, or a MBEDTLS_ERR_XXX code
*/
-int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
- mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
- const unsigned char *pwd, size_t pwdlen,
- const unsigned char *input, size_t len,
- unsigned char *output );
+int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode,
+ mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
+ const unsigned char *pwd, size_t pwdlen,
+ const unsigned char *input, size_t len,
+ unsigned char *output);
#endif /* MBEDTLS_ASN1_PARSE_C */
@@ -105,10 +105,10 @@
*
* \return 0 if successful, or a MD, BIGNUM type error.
*/
-int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
- const unsigned char *pwd, size_t pwdlen,
- const unsigned char *salt, size_t saltlen,
- mbedtls_md_type_t mbedtls_md, int id, int iterations );
+int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen,
+ const unsigned char *pwd, size_t pwdlen,
+ const unsigned char *salt, size_t saltlen,
+ mbedtls_md_type_t mbedtls_md, int id, int iterations);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h
index cf15664..152b45f 100644
--- a/include/mbedtls/pkcs5.h
+++ b/include/mbedtls/pkcs5.h
@@ -63,10 +63,10 @@
*
* \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/
-int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
- const unsigned char *pwd, size_t pwdlen,
- const unsigned char *data, size_t datalen,
- unsigned char *output );
+int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode,
+ const unsigned char *pwd, size_t pwdlen,
+ const unsigned char *data, size_t datalen,
+ unsigned char *output);
#endif /* MBEDTLS_ASN1_PARSE_C */
@@ -84,11 +84,11 @@
*
* \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/
-int mbedtls_pkcs5_pbkdf2_hmac_ext( mbedtls_md_type_t md_type,
- const unsigned char *password,
- size_t plen, const unsigned char *salt, size_t slen,
- unsigned int iteration_count,
- uint32_t key_length, unsigned char *output );
+int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_type,
+ const unsigned char *password,
+ size_t plen, const unsigned char *salt, size_t slen,
+ unsigned int iteration_count,
+ uint32_t key_length, unsigned char *output);
#if defined(MBEDTLS_MD_C)
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
@@ -108,11 +108,14 @@
*
* \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/
-int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx,
- const unsigned char *password,
- size_t plen, const unsigned char *salt, size_t slen,
- unsigned int iteration_count,
- uint32_t key_length, unsigned char *output );
+int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx,
+ const unsigned char *password,
+ size_t plen,
+ const unsigned char *salt,
+ size_t slen,
+ unsigned int iteration_count,
+ uint32_t key_length,
+ unsigned char *output);
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_MD_C */
#if defined(MBEDTLS_SELF_TEST)
@@ -122,7 +125,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
-int mbedtls_pkcs5_self_test( int verbose );
+int mbedtls_pkcs5_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/pkcs7.h b/include/mbedtls/pkcs7.h
index bf61a63..835d2c1 100644
--- a/include/mbedtls/pkcs7.h
+++ b/include/mbedtls/pkcs7.h
@@ -121,8 +121,7 @@
/**
* Structure holding PKCS7 signer info
*/
-typedef struct mbedtls_pkcs7_signer_info
-{
+typedef struct mbedtls_pkcs7_signer_info {
int MBEDTLS_PRIVATE(version);
mbedtls_x509_buf MBEDTLS_PRIVATE(serial);
mbedtls_x509_name MBEDTLS_PRIVATE(issuer);
@@ -137,8 +136,7 @@
/**
* Structure holding attached data as part of PKCS7 signed data format
*/
-typedef struct mbedtls_pkcs7_data
-{
+typedef struct mbedtls_pkcs7_data {
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(oid);
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(data);
}
@@ -147,8 +145,7 @@
/**
* Structure holding the signed data section
*/
-typedef struct mbedtls_pkcs7_signed_data
-{
+typedef struct mbedtls_pkcs7_signed_data {
int MBEDTLS_PRIVATE(version);
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(digest_alg_identifiers);
struct mbedtls_pkcs7_data MBEDTLS_PRIVATE(content);
@@ -164,8 +161,7 @@
/**
* Structure holding PKCS7 structure, only signed data for now
*/
-typedef struct mbedtls_pkcs7
-{
+typedef struct mbedtls_pkcs7 {
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(raw);
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(content_type_oid);
mbedtls_pkcs7_signed_data MBEDTLS_PRIVATE(signed_data);
@@ -177,7 +173,7 @@
*
* \param pkcs7 pkcs7 structure.
*/
-void mbedtls_pkcs7_init( mbedtls_pkcs7 *pkcs7 );
+void mbedtls_pkcs7_init(mbedtls_pkcs7 *pkcs7);
/**
* \brief Parse a single DER formatted pkcs7 content.
@@ -193,8 +189,8 @@
* \return The \c mbedtls_pkcs7_type of \p buf, if successful.
* \return A negative error code on failure.
*/
-int mbedtls_pkcs7_parse_der( mbedtls_pkcs7 *pkcs7, const unsigned char *buf,
- const size_t buflen );
+int mbedtls_pkcs7_parse_der(mbedtls_pkcs7 *pkcs7, const unsigned char *buf,
+ const size_t buflen);
/**
* \brief Verification of PKCS7 signature against a caller-supplied
@@ -220,10 +216,10 @@
*
* \return 0 if the signature verifies, or a negative error code on failure.
*/
-int mbedtls_pkcs7_signed_data_verify( mbedtls_pkcs7 *pkcs7,
- const mbedtls_x509_crt *cert,
- const unsigned char *data,
- size_t datalen );
+int mbedtls_pkcs7_signed_data_verify(mbedtls_pkcs7 *pkcs7,
+ const mbedtls_x509_crt *cert,
+ const unsigned char *data,
+ size_t datalen);
/**
* \brief Verification of PKCS7 signature against a caller-supplied
@@ -249,9 +245,9 @@
*
* \return 0 if the signature verifies, or a negative error code on failure.
*/
-int mbedtls_pkcs7_signed_hash_verify( mbedtls_pkcs7 *pkcs7,
- const mbedtls_x509_crt *cert,
- const unsigned char *hash, size_t hashlen);
+int mbedtls_pkcs7_signed_hash_verify(mbedtls_pkcs7 *pkcs7,
+ const mbedtls_x509_crt *cert,
+ const unsigned char *hash, size_t hashlen);
/**
* \brief Unallocate all PKCS7 data and zeroize the memory.
@@ -259,7 +255,7 @@
*
* \param pkcs7 PKCS7 structure to free.
*/
-void mbedtls_pkcs7_free( mbedtls_pkcs7 *pkcs7 );
+void mbedtls_pkcs7_free(mbedtls_pkcs7 *pkcs7);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h
index 62e12d2..f651587 100644
--- a/include/mbedtls/platform.h
+++ b/include/mbedtls/platform.h
@@ -144,8 +144,8 @@
#else
/* For size_t */
#include <stddef.h>
-extern void *mbedtls_calloc( size_t n, size_t size );
-extern void mbedtls_free( void *ptr );
+extern void *mbedtls_calloc(size_t n, size_t size);
+extern void mbedtls_free(void *ptr);
/**
* \brief This function dynamically sets the memory-management
@@ -156,8 +156,8 @@
*
* \return \c 0.
*/
-int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ),
- void (*free_func)( void * ) );
+int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t),
+ void (*free_func)(void *));
#endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */
#else /* !MBEDTLS_PLATFORM_MEMORY */
#define mbedtls_free free
@@ -170,7 +170,7 @@
#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
/* We need FILE * */
#include <stdio.h>
-extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... );
+extern int (*mbedtls_fprintf)(FILE *stream, const char *format, ...);
/**
* \brief This function dynamically configures the fprintf
@@ -181,8 +181,8 @@
*
* \return \c 0.
*/
-int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *,
- ... ) );
+int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *,
+ ...));
#else
#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
#define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO
@@ -195,7 +195,7 @@
* The function pointers for printf
*/
#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
-extern int (*mbedtls_printf)( const char *format, ... );
+extern int (*mbedtls_printf)(const char *format, ...);
/**
* \brief This function dynamically configures the snprintf
@@ -206,7 +206,7 @@
*
* \return \c 0 on success.
*/
-int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) );
+int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...));
#else /* !MBEDTLS_PLATFORM_PRINTF_ALT */
#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
#define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO
@@ -226,11 +226,11 @@
*/
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
/* For Windows (inc. MSYS2), we provide our own fixed implementation */
-int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... );
+int mbedtls_platform_win32_snprintf(char *s, size_t n, const char *fmt, ...);
#endif
#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
-extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... );
+extern int (*mbedtls_snprintf)(char *s, size_t n, const char *format, ...);
/**
* \brief This function allows configuring a custom
@@ -240,8 +240,8 @@
*
* \return \c 0 on success.
*/
-int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
- const char * format, ... ) );
+int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n,
+ const char *format, ...));
#else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
#define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO
@@ -262,12 +262,12 @@
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
#include <stdarg.h>
/* For Older Windows (inc. MSYS2), we provide our own fixed implementation */
-int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg );
+int mbedtls_platform_win32_vsnprintf(char *s, size_t n, const char *fmt, va_list arg);
#endif
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
#include <stdarg.h>
-extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_list arg );
+extern int (*mbedtls_vsnprintf)(char *s, size_t n, const char *format, va_list arg);
/**
* \brief Set your own snprintf function pointer
@@ -276,8 +276,8 @@
*
* \return \c 0
*/
-int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
- const char * format, va_list arg ) );
+int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n,
+ const char *format, va_list arg));
#else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
#define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO
@@ -307,7 +307,7 @@
* The library always calls this function with
* `buf` equal to `NULL`.
*/
-extern void (*mbedtls_setbuf)( FILE *stream, char *buf );
+extern void (*mbedtls_setbuf)(FILE *stream, char *buf);
/**
* \brief Dynamically configure the function that is called
@@ -318,8 +318,8 @@
*
* \return \c 0
*/
-int mbedtls_platform_set_setbuf( void (*setbuf_func)(
- FILE *stream, char *buf ) );
+int mbedtls_platform_set_setbuf(void (*setbuf_func)(
+ FILE *stream, char *buf));
#elif defined(MBEDTLS_PLATFORM_SETBUF_MACRO)
/**
* \brief Macro defining the function for the library to
@@ -340,7 +340,7 @@
* The function pointers for exit
*/
#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
-extern void (*mbedtls_exit)( int status );
+extern void (*mbedtls_exit)(int status);
/**
* \brief This function dynamically configures the exit
@@ -351,7 +351,7 @@
*
* \return \c 0 on success.
*/
-int mbedtls_platform_set_exit( void (*exit_func)( int status ) );
+int mbedtls_platform_set_exit(void (*exit_func)(int status));
#else
#if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
#define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO
@@ -383,13 +383,13 @@
#if defined(MBEDTLS_ENTROPY_NV_SEED)
#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO)
/* Internal standard platform definitions */
-int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len );
-int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len );
+int mbedtls_platform_std_nv_seed_read(unsigned char *buf, size_t buf_len);
+int mbedtls_platform_std_nv_seed_write(unsigned char *buf, size_t buf_len);
#endif
#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
-extern int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len );
-extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len );
+extern int (*mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len);
+extern int (*mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len);
/**
* \brief This function allows configuring custom seed file writing and
@@ -401,9 +401,9 @@
* \return \c 0 on success.
*/
int mbedtls_platform_set_nv_seed(
- int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ),
- int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len )
- );
+ int (*nv_seed_read_func)(unsigned char *buf, size_t buf_len),
+ int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len)
+ );
#else
#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \
defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
@@ -424,8 +424,7 @@
* \note This structure may be used to assist platform-specific
* setup or teardown operations.
*/
-typedef struct mbedtls_platform_context
-{
+typedef struct mbedtls_platform_context {
char MBEDTLS_PRIVATE(dummy); /**< A placeholder member, as empty structs are not portable. */
}
mbedtls_platform_context;
@@ -449,7 +448,7 @@
*
* \return \c 0 on success.
*/
-int mbedtls_platform_setup( mbedtls_platform_context *ctx );
+int mbedtls_platform_setup(mbedtls_platform_context *ctx);
/**
* \brief This function performs any platform teardown operations.
*
@@ -464,7 +463,7 @@
* \param ctx The platform context.
*
*/
-void mbedtls_platform_teardown( mbedtls_platform_context *ctx );
+void mbedtls_platform_teardown(mbedtls_platform_context *ctx);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h
index 8bef553..eae6f5f 100644
--- a/include/mbedtls/platform_time.h
+++ b/include/mbedtls/platform_time.h
@@ -43,7 +43,7 @@
* The function pointers for time
*/
#if defined(MBEDTLS_PLATFORM_TIME_ALT)
-extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time );
+extern mbedtls_time_t (*mbedtls_time)(mbedtls_time_t *time);
/**
* \brief Set your own time function pointer
@@ -52,7 +52,7 @@
*
* \return 0
*/
-int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time ) );
+int mbedtls_platform_set_time(mbedtls_time_t (*time_func)(mbedtls_time_t *time));
#else
#if defined(MBEDTLS_PLATFORM_TIME_MACRO)
#define mbedtls_time MBEDTLS_PLATFORM_TIME_MACRO
diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h
index ecd36da..edbde94 100644
--- a/include/mbedtls/platform_util.h
+++ b/include/mbedtls/platform_util.h
@@ -36,23 +36,23 @@
#endif
/* Internal macros meant to be called only from within the library. */
-#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) do { } while( 0 )
-#define MBEDTLS_INTERNAL_VALIDATE( cond ) do { } while( 0 )
+#define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret) do { } while (0)
+#define MBEDTLS_INTERNAL_VALIDATE(cond) do { } while (0)
/* Internal helper macros for deprecating API constants. */
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
-MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_string_constant_t;
-#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) \
- ( (mbedtls_deprecated_string_constant_t) ( VAL ) )
+MBEDTLS_DEPRECATED typedef char const *mbedtls_deprecated_string_constant_t;
+#define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL) \
+ ((mbedtls_deprecated_string_constant_t) (VAL))
MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
-#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) \
- ( (mbedtls_deprecated_numeric_constant_t) ( VAL ) )
+#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL) \
+ ((mbedtls_deprecated_numeric_constant_t) (VAL))
#else /* MBEDTLS_DEPRECATED_WARNING */
#define MBEDTLS_DEPRECATED
-#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) VAL
-#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) VAL
+#define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL) VAL
+#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL) VAL
#endif /* MBEDTLS_DEPRECATED_WARNING */
#endif /* MBEDTLS_DEPRECATED_REMOVED */
@@ -142,7 +142,7 @@
* https://stackoverflow.com/questions/40576003/ignoring-warning-wunused-result
* https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c34
*/
-#define MBEDTLS_IGNORE_RETURN(result) ( (void) !( result ) )
+#define MBEDTLS_IGNORE_RETURN(result) ((void) !(result))
#endif
/**
@@ -167,7 +167,7 @@
* \param len Length of the buffer in bytes
*
*/
-void mbedtls_platform_zeroize( void *buf, size_t len );
+void mbedtls_platform_zeroize(void *buf, size_t len);
#if defined(MBEDTLS_HAVE_TIME_DATE)
/**
@@ -196,8 +196,8 @@
* \return Pointer to an object of type struct tm on success, otherwise
* NULL
*/
-struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt,
- struct tm *tm_buf );
+struct tm *mbedtls_platform_gmtime_r(const mbedtls_time_t *tt,
+ struct tm *tm_buf);
#endif /* MBEDTLS_HAVE_TIME_DATE */
#ifdef __cplusplus
diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h
index 6657aa2..3025ef1 100644
--- a/include/mbedtls/poly1305.h
+++ b/include/mbedtls/poly1305.h
@@ -47,8 +47,7 @@
#if !defined(MBEDTLS_POLY1305_ALT)
-typedef struct mbedtls_poly1305_context
-{
+typedef struct mbedtls_poly1305_context {
uint32_t MBEDTLS_PRIVATE(r)[4]; /** The value for 'r' (low 128 bits of the key). */
uint32_t MBEDTLS_PRIVATE(s)[4]; /** The value for 's' (high 128 bits of the key). */
uint32_t MBEDTLS_PRIVATE(acc)[5]; /** The accumulator number. */
@@ -76,7 +75,7 @@
* \param ctx The Poly1305 context to initialize. This must
* not be \c NULL.
*/
-void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx );
+void mbedtls_poly1305_init(mbedtls_poly1305_context *ctx);
/**
* \brief This function releases and clears the specified
@@ -86,7 +85,7 @@
* case this function is a no-op. If it is not \c NULL, it must
* point to an initialized Poly1305 context.
*/
-void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx );
+void mbedtls_poly1305_free(mbedtls_poly1305_context *ctx);
/**
* \brief This function sets the one-time authentication key.
@@ -101,8 +100,8 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx,
- const unsigned char key[32] );
+int mbedtls_poly1305_starts(mbedtls_poly1305_context *ctx,
+ const unsigned char key[32]);
/**
* \brief This functions feeds an input buffer into an ongoing
@@ -122,9 +121,9 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx,
- const unsigned char *input,
- size_t ilen );
+int mbedtls_poly1305_update(mbedtls_poly1305_context *ctx,
+ const unsigned char *input,
+ size_t ilen);
/**
* \brief This function generates the Poly1305 Message
@@ -138,8 +137,8 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx,
- unsigned char mac[16] );
+int mbedtls_poly1305_finish(mbedtls_poly1305_context *ctx,
+ unsigned char mac[16]);
/**
* \brief This function calculates the Poly1305 MAC of the input
@@ -159,10 +158,10 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_poly1305_mac( const unsigned char key[32],
- const unsigned char *input,
- size_t ilen,
- unsigned char mac[16] );
+int mbedtls_poly1305_mac(const unsigned char key[32],
+ const unsigned char *input,
+ size_t ilen,
+ unsigned char mac[16]);
#if defined(MBEDTLS_SELF_TEST)
/**
@@ -171,7 +170,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_poly1305_self_test( int verbose );
+int mbedtls_poly1305_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus
diff --git a/include/mbedtls/private_access.h b/include/mbedtls/private_access.h
index 85461f6..61fa877 100644
--- a/include/mbedtls/private_access.h
+++ b/include/mbedtls/private_access.h
@@ -1,4 +1,4 @@
- /**
+/**
* \file private_access.h
*
* \brief Macro wrapper for struct's members.
diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index f030bea..d55b7f7 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -44,10 +44,9 @@
/* Translations for symmetric crypto. */
static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
- mbedtls_cipher_type_t cipher )
+ mbedtls_cipher_type_t cipher)
{
- switch( cipher )
- {
+ switch (cipher) {
case MBEDTLS_CIPHER_AES_128_CCM:
case MBEDTLS_CIPHER_AES_192_CCM:
case MBEDTLS_CIPHER_AES_256_CCM:
@@ -63,7 +62,7 @@
case MBEDTLS_CIPHER_AES_128_ECB:
case MBEDTLS_CIPHER_AES_192_ECB:
case MBEDTLS_CIPHER_AES_256_ECB:
- return( PSA_KEY_TYPE_AES );
+ return PSA_KEY_TYPE_AES;
/* ARIA not yet supported in PSA. */
/* case MBEDTLS_CIPHER_ARIA_128_CCM:
@@ -81,44 +80,43 @@
return( PSA_KEY_TYPE_ARIA ); */
default:
- return( 0 );
+ return 0;
}
}
static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
- mbedtls_cipher_mode_t mode, size_t taglen )
+ mbedtls_cipher_mode_t mode, size_t taglen)
{
- switch( mode )
- {
+ switch (mode) {
case MBEDTLS_MODE_ECB:
- return( PSA_ALG_ECB_NO_PADDING );
+ return PSA_ALG_ECB_NO_PADDING;
case MBEDTLS_MODE_GCM:
- return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, taglen ) );
+ return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, taglen);
case MBEDTLS_MODE_CCM:
- return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) );
+ return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen);
case MBEDTLS_MODE_CCM_STAR_NO_TAG:
return PSA_ALG_CCM_STAR_NO_TAG;
case MBEDTLS_MODE_CBC:
- if( taglen == 0 )
- return( PSA_ALG_CBC_NO_PADDING );
- else
- return( 0 );
+ if (taglen == 0) {
+ return PSA_ALG_CBC_NO_PADDING;
+ } else {
+ return 0;
+ }
default:
- return( 0 );
+ return 0;
}
}
static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
- mbedtls_operation_t op )
+ mbedtls_operation_t op)
{
- switch( op )
- {
+ switch (op) {
case MBEDTLS_ENCRYPT:
- return( PSA_KEY_USAGE_ENCRYPT );
+ return PSA_KEY_USAGE_ENCRYPT;
case MBEDTLS_DECRYPT:
- return( PSA_KEY_USAGE_DECRYPT );
+ return PSA_KEY_USAGE_DECRYPT;
default:
- return( 0 );
+ return 0;
}
}
@@ -127,42 +125,41 @@
/* Note: this function should not be used from inside the library, use
* mbedtls_hash_info_psa_from_md() from the internal hash_info.h instead.
* It is kept only for compatibility in case applications were using it. */
-static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
+static inline psa_algorithm_t mbedtls_psa_translate_md(mbedtls_md_type_t md_alg)
{
- switch( md_alg )
- {
+ switch (md_alg) {
#if defined(MBEDTLS_MD5_C) || defined(PSA_WANT_ALG_MD5)
- case MBEDTLS_MD_MD5:
- return( PSA_ALG_MD5 );
+ case MBEDTLS_MD_MD5:
+ return PSA_ALG_MD5;
#endif
#if defined(MBEDTLS_SHA1_C) || defined(PSA_WANT_ALG_SHA_1)
- case MBEDTLS_MD_SHA1:
- return( PSA_ALG_SHA_1 );
+ case MBEDTLS_MD_SHA1:
+ return PSA_ALG_SHA_1;
#endif
#if defined(MBEDTLS_SHA224_C) || defined(PSA_WANT_ALG_SHA_224)
- case MBEDTLS_MD_SHA224:
- return( PSA_ALG_SHA_224 );
+ case MBEDTLS_MD_SHA224:
+ return PSA_ALG_SHA_224;
#endif
#if defined(MBEDTLS_SHA256_C) || defined(PSA_WANT_ALG_SHA_256)
- case MBEDTLS_MD_SHA256:
- return( PSA_ALG_SHA_256 );
+ case MBEDTLS_MD_SHA256:
+ return PSA_ALG_SHA_256;
#endif
#if defined(MBEDTLS_SHA384_C) || defined(PSA_WANT_ALG_SHA_384)
- case MBEDTLS_MD_SHA384:
- return( PSA_ALG_SHA_384 );
+ case MBEDTLS_MD_SHA384:
+ return PSA_ALG_SHA_384;
#endif
#if defined(MBEDTLS_SHA512_C) || defined(PSA_WANT_ALG_SHA_512)
- case MBEDTLS_MD_SHA512:
- return( PSA_ALG_SHA_512 );
+ case MBEDTLS_MD_SHA512:
+ return PSA_ALG_SHA_512;
#endif
#if defined(MBEDTLS_RIPEMD160_C) || defined(PSA_WANT_ALG_RIPEMD160)
- case MBEDTLS_MD_RIPEMD160:
- return( PSA_ALG_RIPEMD160 );
+ case MBEDTLS_MD_RIPEMD160:
+ return PSA_ALG_RIPEMD160;
#endif
- case MBEDTLS_MD_NONE:
- return( 0 );
- default:
- return( 0 );
+ case MBEDTLS_MD_NONE:
+ return 0;
+ default:
+ return 0;
}
}
@@ -170,113 +167,110 @@
static inline int mbedtls_psa_get_ecc_oid_from_id(
psa_ecc_family_t curve, size_t bits,
- char const **oid, size_t *oid_len )
+ char const **oid, size_t *oid_len)
{
- switch( curve )
- {
+ switch (curve) {
case PSA_ECC_FAMILY_SECP_R1:
- switch( bits )
- {
+ switch (bits) {
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
case 192:
*oid = MBEDTLS_OID_EC_GRP_SECP192R1;
- *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 );
- return( 0 );
+ *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192R1);
+ return 0;
#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
case 224:
*oid = MBEDTLS_OID_EC_GRP_SECP224R1;
- *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 );
- return( 0 );
+ *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224R1);
+ return 0;
#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
case 256:
*oid = MBEDTLS_OID_EC_GRP_SECP256R1;
- *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 );
- return( 0 );
+ *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256R1);
+ return 0;
#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
case 384:
*oid = MBEDTLS_OID_EC_GRP_SECP384R1;
- *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 );
- return( 0 );
+ *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP384R1);
+ return 0;
#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
case 521:
*oid = MBEDTLS_OID_EC_GRP_SECP521R1;
- *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 );
- return( 0 );
+ *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP521R1);
+ return 0;
#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
}
break;
case PSA_ECC_FAMILY_SECP_K1:
- switch( bits )
- {
+ switch (bits) {
#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
case 192:
*oid = MBEDTLS_OID_EC_GRP_SECP192K1;
- *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 );
- return( 0 );
+ *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192K1);
+ return 0;
#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
case 224:
*oid = MBEDTLS_OID_EC_GRP_SECP224K1;
- *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 );
- return( 0 );
+ *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224K1);
+ return 0;
#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
case 256:
*oid = MBEDTLS_OID_EC_GRP_SECP256K1;
- *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 );
- return( 0 );
+ *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256K1);
+ return 0;
#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
}
break;
case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
- switch( bits )
- {
+ switch (bits) {
#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
case 256:
*oid = MBEDTLS_OID_EC_GRP_BP256R1;
- *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 );
- return( 0 );
+ *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP256R1);
+ return 0;
#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
case 384:
*oid = MBEDTLS_OID_EC_GRP_BP384R1;
- *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 );
- return( 0 );
+ *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP384R1);
+ return 0;
#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
case 512:
*oid = MBEDTLS_OID_EC_GRP_BP512R1;
- *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 );
- return( 0 );
+ *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP512R1);
+ return 0;
#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
}
break;
}
(void) oid;
(void) oid_len;
- return( -1 );
+ return -1;
}
#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \
- PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE( PSA_VENDOR_ECC_MAX_CURVE_BITS )
+ PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
/* This function transforms an ECC group identifier from
* https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
* into a PSA ECC group identifier. */
#if defined(MBEDTLS_ECP_C)
static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
- uint16_t tls_ecc_grp_reg_id, size_t *bits )
+ uint16_t tls_ecc_grp_reg_id, size_t *bits)
{
const mbedtls_ecp_curve_info *curve_info =
- mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id );
- if( curve_info == NULL )
- return( 0 );
- return( PSA_KEY_TYPE_ECC_KEY_PAIR(
- mbedtls_ecc_group_to_psa( curve_info->grp_id, bits ) ) );
+ mbedtls_ecp_curve_info_from_tls_id(tls_ecc_grp_reg_id);
+ if (curve_info == NULL) {
+ return 0;
+ }
+ return PSA_KEY_TYPE_ECC_KEY_PAIR(
+ mbedtls_ecc_group_to_psa(curve_info->grp_id, bits));
}
#endif /* MBEDTLS_ECP_C */
@@ -292,7 +286,7 @@
* This type name is not part of the Mbed TLS stable API. It may be renamed
* or moved without warning.
*/
-typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_size );
+typedef int mbedtls_f_rng_t(void *p_rng, unsigned char *output, size_t output_size);
#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
@@ -331,9 +325,9 @@
* `MBEDTLS_ERR_CTR_DRBG_xxx` or
* `MBEDTLS_ERR_HMAC_DRBG_xxx` on error.
*/
-int mbedtls_psa_get_random( void *p_rng,
- unsigned char *output,
- size_t output_size );
+int mbedtls_psa_get_random(void *p_rng,
+ unsigned char *output,
+ size_t output_size);
/** The random generator state for the PSA subsystem.
*
diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h
index 397ec84..acec3c5 100644
--- a/include/mbedtls/ripemd160.h
+++ b/include/mbedtls/ripemd160.h
@@ -39,8 +39,7 @@
/**
* \brief RIPEMD-160 context structure
*/
-typedef struct mbedtls_ripemd160_context
-{
+typedef struct mbedtls_ripemd160_context {
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */
uint32_t MBEDTLS_PRIVATE(state)[5]; /*!< intermediate digest state */
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */
@@ -56,14 +55,14 @@
*
* \param ctx RIPEMD-160 context to be initialized
*/
-void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx );
+void mbedtls_ripemd160_init(mbedtls_ripemd160_context *ctx);
/**
* \brief Clear RIPEMD-160 context
*
* \param ctx RIPEMD-160 context to be cleared
*/
-void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx );
+void mbedtls_ripemd160_free(mbedtls_ripemd160_context *ctx);
/**
* \brief Clone (the state of) a RIPEMD-160 context
@@ -71,8 +70,8 @@
* \param dst The destination context
* \param src The context to be cloned
*/
-void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst,
- const mbedtls_ripemd160_context *src );
+void mbedtls_ripemd160_clone(mbedtls_ripemd160_context *dst,
+ const mbedtls_ripemd160_context *src);
/**
* \brief RIPEMD-160 context setup
@@ -81,7 +80,7 @@
*
* \return 0 if successful
*/
-int mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx );
+int mbedtls_ripemd160_starts(mbedtls_ripemd160_context *ctx);
/**
* \brief RIPEMD-160 process buffer
@@ -92,9 +91,9 @@
*
* \return 0 if successful
*/
-int mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
- const unsigned char *input,
- size_t ilen );
+int mbedtls_ripemd160_update(mbedtls_ripemd160_context *ctx,
+ const unsigned char *input,
+ size_t ilen);
/**
* \brief RIPEMD-160 final digest
@@ -104,8 +103,8 @@
*
* \return 0 if successful
*/
-int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx,
- unsigned char output[20] );
+int mbedtls_ripemd160_finish(mbedtls_ripemd160_context *ctx,
+ unsigned char output[20]);
/**
* \brief RIPEMD-160 process data block (internal use only)
@@ -115,8 +114,8 @@
*
* \return 0 if successful
*/
-int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
- const unsigned char data[64] );
+int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx,
+ const unsigned char data[64]);
/**
* \brief Output = RIPEMD-160( input buffer )
@@ -127,9 +126,9 @@
*
* \return 0 if successful
*/
-int mbedtls_ripemd160( const unsigned char *input,
- size_t ilen,
- unsigned char output[20] );
+int mbedtls_ripemd160(const unsigned char *input,
+ size_t ilen,
+ unsigned char output[20]);
#if defined(MBEDTLS_SELF_TEST)
@@ -138,7 +137,7 @@
*
* \return 0 if successful, or 1 if the test failed
*/
-int mbedtls_ripemd160_self_test( int verbose );
+int mbedtls_ripemd160_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 2bfaf8f..d77a538 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -88,12 +88,11 @@
/**
* \brief The RSA context structure.
*/
-typedef struct mbedtls_rsa_context
-{
+typedef struct mbedtls_rsa_context {
int MBEDTLS_PRIVATE(ver); /*!< Reserved for internal purposes.
- * Do not set this field in application
- * code. Its meaning might change without
- * notice. */
+ * Do not set this field in application
+ * code. Its meaning might change without
+ * notice. */
size_t MBEDTLS_PRIVATE(len); /*!< The size of \p N in Bytes. */
mbedtls_mpi MBEDTLS_PRIVATE(N); /*!< The public modulus. */
@@ -116,12 +115,12 @@
mbedtls_mpi MBEDTLS_PRIVATE(Vf); /*!< The cached un-blinding value. */
int MBEDTLS_PRIVATE(padding); /*!< Selects padding mode:
- #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and
- #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */
+ #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and
+ #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */
int MBEDTLS_PRIVATE(hash_id); /*!< Hash identifier of mbedtls_md_type_t type,
- as specified in md.h for use in the MGF
- mask generating function used in the
- EME-OAEP and EMSA-PSS encodings. */
+ as specified in md.h for use in the MGF
+ mask generating function used in the
+ EME-OAEP and EMSA-PSS encodings. */
#if defined(MBEDTLS_THREADING_C)
/* Invariant: the mutex is initialized iff ver != 0. */
mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex); /*!< Thread-safety mutex. */
@@ -143,7 +142,7 @@
*
* \param ctx The RSA context to initialize. This must not be \c NULL.
*/
-void mbedtls_rsa_init( mbedtls_rsa_context *ctx );
+void mbedtls_rsa_init(mbedtls_rsa_context *ctx);
/**
* \brief This function sets padding for an already initialized RSA
@@ -179,8 +178,8 @@
* \return #MBEDTLS_ERR_RSA_INVALID_PADDING failure:
* \p padding or \p hash_id is invalid.
*/
-int mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
- mbedtls_md_type_t hash_id );
+int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding,
+ mbedtls_md_type_t hash_id);
/**
* \brief This function imports a set of core parameters into an
@@ -211,10 +210,10 @@
* \return \c 0 on success.
* \return A non-zero error code on failure.
*/
-int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
- const mbedtls_mpi *N,
- const mbedtls_mpi *P, const mbedtls_mpi *Q,
- const mbedtls_mpi *D, const mbedtls_mpi *E );
+int mbedtls_rsa_import(mbedtls_rsa_context *ctx,
+ const mbedtls_mpi *N,
+ const mbedtls_mpi *P, const mbedtls_mpi *Q,
+ const mbedtls_mpi *D, const mbedtls_mpi *E);
/**
* \brief This function imports core RSA parameters, in raw big-endian
@@ -250,12 +249,12 @@
* \return \c 0 on success.
* \return A non-zero error code on failure.
*/
-int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
- unsigned char const *N, size_t N_len,
- unsigned char const *P, size_t P_len,
- unsigned char const *Q, size_t Q_len,
- unsigned char const *D, size_t D_len,
- unsigned char const *E, size_t E_len );
+int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx,
+ unsigned char const *N, size_t N_len,
+ unsigned char const *P, size_t P_len,
+ unsigned char const *Q, size_t Q_len,
+ unsigned char const *D, size_t D_len,
+ unsigned char const *E, size_t E_len);
/**
* \brief This function completes an RSA context from
@@ -289,7 +288,7 @@
* failed.
*
*/
-int mbedtls_rsa_complete( mbedtls_rsa_context *ctx );
+int mbedtls_rsa_complete(mbedtls_rsa_context *ctx);
/**
* \brief This function exports the core parameters of an RSA key.
@@ -331,9 +330,9 @@
* \return A non-zero return code on any other failure.
*
*/
-int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
- mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
- mbedtls_mpi *D, mbedtls_mpi *E );
+int mbedtls_rsa_export(const mbedtls_rsa_context *ctx,
+ mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
+ mbedtls_mpi *D, mbedtls_mpi *E);
/**
* \brief This function exports core parameters of an RSA key
@@ -382,12 +381,12 @@
* functionality or because of security policies.
* \return A non-zero return code on any other failure.
*/
-int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
- unsigned char *N, size_t N_len,
- unsigned char *P, size_t P_len,
- unsigned char *Q, size_t Q_len,
- unsigned char *D, size_t D_len,
- unsigned char *E, size_t E_len );
+int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx,
+ unsigned char *N, size_t N_len,
+ unsigned char *P, size_t P_len,
+ unsigned char *Q, size_t Q_len,
+ unsigned char *D, size_t D_len,
+ unsigned char *E, size_t E_len);
/**
* \brief This function exports CRT parameters of a private RSA key.
@@ -408,8 +407,8 @@
* \return A non-zero error code on failure.
*
*/
-int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
- mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP );
+int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx,
+ mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP);
/**
* \brief This function retrieves the length of RSA modulus in Bytes.
@@ -419,7 +418,7 @@
* \return The length of the RSA modulus in Bytes.
*
*/
-size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
+size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx);
/**
* \brief This function generates an RSA keypair.
@@ -439,10 +438,10 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- unsigned int nbits, int exponent );
+int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ unsigned int nbits, int exponent);
/**
* \brief This function checks if a context contains at least an RSA
@@ -458,7 +457,7 @@
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*
*/
-int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx );
+int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx);
/**
* \brief This function checks if a context contains an RSA private key
@@ -496,7 +495,7 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx );
+int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx);
/**
* \brief This function checks a public-private RSA key pair.
@@ -509,8 +508,8 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
- const mbedtls_rsa_context *prv );
+int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub,
+ const mbedtls_rsa_context *prv);
/**
* \brief This function performs an RSA public key operation.
@@ -531,9 +530,9 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_rsa_public(mbedtls_rsa_context *ctx,
+ const unsigned char *input,
+ unsigned char *output);
/**
* \brief This function performs an RSA private key operation.
@@ -564,11 +563,11 @@
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*
*/
-int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_rsa_private(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ const unsigned char *input,
+ unsigned char *output);
/**
* \brief This function adds the message padding, then performs an RSA
@@ -593,12 +592,12 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- size_t ilen,
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ size_t ilen,
+ const unsigned char *input,
+ unsigned char *output);
/**
* \brief This function performs a PKCS#1 v1.5 encryption operation
@@ -620,12 +619,12 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- size_t ilen,
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ size_t ilen,
+ const unsigned char *input,
+ unsigned char *output);
/**
* \brief This function performs a PKCS#1 v2.1 OAEP encryption
@@ -654,13 +653,13 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- const unsigned char *label, size_t label_len,
- size_t ilen,
- const unsigned char *input,
- unsigned char *output );
+int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ const unsigned char *label, size_t label_len,
+ size_t ilen,
+ const unsigned char *input,
+ unsigned char *output);
/**
* \brief This function performs an RSA operation, then removes the
@@ -693,13 +692,13 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- size_t *olen,
- const unsigned char *input,
- unsigned char *output,
- size_t output_max_len );
+int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ size_t *olen,
+ const unsigned char *input,
+ unsigned char *output,
+ size_t output_max_len);
/**
* \brief This function performs a PKCS#1 v1.5 decryption
@@ -730,13 +729,13 @@
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*
*/
-int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- size_t *olen,
- const unsigned char *input,
- unsigned char *output,
- size_t output_max_len );
+int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ size_t *olen,
+ const unsigned char *input,
+ unsigned char *output,
+ size_t output_max_len);
/**
* \brief This function performs a PKCS#1 v2.1 OAEP decryption
@@ -771,14 +770,14 @@
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- const unsigned char *label, size_t label_len,
- size_t *olen,
- const unsigned char *input,
- unsigned char *output,
- size_t output_max_len );
+int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ const unsigned char *label, size_t label_len,
+ size_t *olen,
+ const unsigned char *input,
+ unsigned char *output,
+ size_t output_max_len);
/**
* \brief This function performs a private RSA operation to sign
@@ -814,13 +813,13 @@
* \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- mbedtls_md_type_t md_alg,
- unsigned int hashlen,
- const unsigned char *hash,
- unsigned char *sig );
+int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ unsigned char *sig);
/**
* \brief This function performs a PKCS#1 v1.5 signature
@@ -846,13 +845,13 @@
* \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- mbedtls_md_type_t md_alg,
- unsigned int hashlen,
- const unsigned char *hash,
- unsigned char *sig );
+int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ unsigned char *sig);
/**
* \brief This function performs a PKCS#1 v2.1 PSS signature
@@ -897,14 +896,14 @@
* \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- mbedtls_md_type_t md_alg,
- unsigned int hashlen,
- const unsigned char *hash,
- int saltlen,
- unsigned char *sig );
+int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ int saltlen,
+ unsigned char *sig);
/**
* \brief This function performs a PKCS#1 v2.1 PSS signature
@@ -947,13 +946,13 @@
* \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng,
- mbedtls_md_type_t md_alg,
- unsigned int hashlen,
- const unsigned char *hash,
- unsigned char *sig );
+int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ unsigned char *sig);
/**
* \brief This function performs a public RSA operation and checks
@@ -981,11 +980,11 @@
* \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
- mbedtls_md_type_t md_alg,
- unsigned int hashlen,
- const unsigned char *hash,
- const unsigned char *sig );
+int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ const unsigned char *sig);
/**
* \brief This function performs a PKCS#1 v1.5 verification
@@ -1006,11 +1005,11 @@
* \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
- mbedtls_md_type_t md_alg,
- unsigned int hashlen,
- const unsigned char *hash,
- const unsigned char *sig );
+int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ const unsigned char *sig);
/**
* \brief This function performs a PKCS#1 v2.1 PSS verification
@@ -1041,11 +1040,11 @@
* \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
- mbedtls_md_type_t md_alg,
- unsigned int hashlen,
- const unsigned char *hash,
- const unsigned char *sig );
+int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ const unsigned char *sig);
/**
* \brief This function performs a PKCS#1 v2.1 PSS verification
@@ -1081,13 +1080,13 @@
* \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
-int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
- mbedtls_md_type_t md_alg,
- unsigned int hashlen,
- const unsigned char *hash,
- mbedtls_md_type_t mgf1_hash_id,
- int expected_salt_len,
- const unsigned char *sig );
+int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx,
+ mbedtls_md_type_t md_alg,
+ unsigned int hashlen,
+ const unsigned char *hash,
+ mbedtls_md_type_t mgf1_hash_id,
+ int expected_salt_len,
+ const unsigned char *sig);
/**
* \brief This function copies the components of an RSA context.
@@ -1098,7 +1097,7 @@
* \return \c 0 on success.
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure.
*/
-int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src );
+int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src);
/**
* \brief This function frees the components of an RSA key.
@@ -1107,7 +1106,7 @@
* this function is a no-op. If it is not \c NULL, it must
* point to an initialized RSA context.
*/
-void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
+void mbedtls_rsa_free(mbedtls_rsa_context *ctx);
#if defined(MBEDTLS_SELF_TEST)
@@ -1117,7 +1116,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_rsa_self_test( int verbose );
+int mbedtls_rsa_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h
index 6b55174..18bde93 100644
--- a/include/mbedtls/sha1.h
+++ b/include/mbedtls/sha1.h
@@ -54,8 +54,7 @@
* stronger message digests instead.
*
*/
-typedef struct mbedtls_sha1_context
-{
+typedef struct mbedtls_sha1_context {
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */
uint32_t MBEDTLS_PRIVATE(state)[5]; /*!< The intermediate digest state. */
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */
@@ -77,7 +76,7 @@
* This must not be \c NULL.
*
*/
-void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
+void mbedtls_sha1_init(mbedtls_sha1_context *ctx);
/**
* \brief This function clears a SHA-1 context.
@@ -92,7 +91,7 @@
* SHA-1 context.
*
*/
-void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
+void mbedtls_sha1_free(mbedtls_sha1_context *ctx);
/**
* \brief This function clones the state of a SHA-1 context.
@@ -105,8 +104,8 @@
* \param src The SHA-1 context to clone from. This must be initialized.
*
*/
-void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
- const mbedtls_sha1_context *src );
+void mbedtls_sha1_clone(mbedtls_sha1_context *dst,
+ const mbedtls_sha1_context *src);
/**
* \brief This function starts a SHA-1 checksum calculation.
@@ -121,7 +120,7 @@
* \return A negative error code on failure.
*
*/
-int mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
+int mbedtls_sha1_starts(mbedtls_sha1_context *ctx);
/**
* \brief This function feeds an input buffer into an ongoing SHA-1
@@ -140,9 +139,9 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha1_update( mbedtls_sha1_context *ctx,
- const unsigned char *input,
- size_t ilen );
+int mbedtls_sha1_update(mbedtls_sha1_context *ctx,
+ const unsigned char *input,
+ size_t ilen);
/**
* \brief This function finishes the SHA-1 operation, and writes
@@ -160,8 +159,8 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
- unsigned char output[20] );
+int mbedtls_sha1_finish(mbedtls_sha1_context *ctx,
+ unsigned char output[20]);
/**
* \brief SHA-1 process data block (internal use only).
@@ -178,8 +177,8 @@
* \return A negative error code on failure.
*
*/
-int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
- const unsigned char data[64] );
+int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx,
+ const unsigned char data[64]);
/**
* \brief This function calculates the SHA-1 checksum of a buffer.
@@ -204,9 +203,9 @@
* \return A negative error code on failure.
*
*/
-int mbedtls_sha1( const unsigned char *input,
- size_t ilen,
- unsigned char output[20] );
+int mbedtls_sha1(const unsigned char *input,
+ size_t ilen,
+ unsigned char output[20]);
#if defined(MBEDTLS_SELF_TEST)
@@ -221,7 +220,7 @@
* \return \c 1 on failure.
*
*/
-int mbedtls_sha1_self_test( int verbose );
+int mbedtls_sha1_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h
index d256352..87e5cc6 100644
--- a/include/mbedtls/sha256.h
+++ b/include/mbedtls/sha256.h
@@ -49,13 +49,12 @@
* checksum calculations. The choice between these two is
* made in the call to mbedtls_sha256_starts().
*/
-typedef struct mbedtls_sha256_context
-{
+typedef struct mbedtls_sha256_context {
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */
uint32_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */
int MBEDTLS_PRIVATE(is224); /*!< Determines which function to use:
- 0: Use SHA-256, or 1: Use SHA-224. */
+ 0: Use SHA-256, or 1: Use SHA-224. */
}
mbedtls_sha256_context;
@@ -68,7 +67,7 @@
*
* \param ctx The SHA-256 context to initialize. This must not be \c NULL.
*/
-void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
+void mbedtls_sha256_init(mbedtls_sha256_context *ctx);
/**
* \brief This function clears a SHA-256 context.
@@ -77,7 +76,7 @@
* case this function returns immediately. If it is not \c NULL,
* it must point to an initialized SHA-256 context.
*/
-void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
+void mbedtls_sha256_free(mbedtls_sha256_context *ctx);
/**
* \brief This function clones the state of a SHA-256 context.
@@ -85,8 +84,8 @@
* \param dst The destination context. This must be initialized.
* \param src The context to clone. This must be initialized.
*/
-void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
- const mbedtls_sha256_context *src );
+void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
+ const mbedtls_sha256_context *src);
/**
* \brief This function starts a SHA-224 or SHA-256 checksum
@@ -103,7 +102,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 );
+int mbedtls_sha256_starts(mbedtls_sha256_context *ctx, int is224);
/**
* \brief This function feeds an input buffer into an ongoing
@@ -118,9 +117,9 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha256_update( mbedtls_sha256_context *ctx,
- const unsigned char *input,
- size_t ilen );
+int mbedtls_sha256_update(mbedtls_sha256_context *ctx,
+ const unsigned char *input,
+ size_t ilen);
/**
* \brief This function finishes the SHA-256 operation, and writes
@@ -135,8 +134,8 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
- unsigned char *output );
+int mbedtls_sha256_finish(mbedtls_sha256_context *ctx,
+ unsigned char *output);
/**
* \brief This function processes a single data block within
@@ -150,8 +149,8 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
- const unsigned char data[64] );
+int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx,
+ const unsigned char data[64]);
/**
* \brief This function calculates the SHA-224 or SHA-256
@@ -175,10 +174,10 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha256( const unsigned char *input,
- size_t ilen,
- unsigned char *output,
- int is224 );
+int mbedtls_sha256(const unsigned char *input,
+ size_t ilen,
+ unsigned char *output,
+ int is224);
#if defined(MBEDTLS_SELF_TEST)
@@ -189,7 +188,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_sha224_self_test( int verbose );
+int mbedtls_sha224_self_test(int verbose);
#endif /* MBEDTLS_SHA224_C */
#if defined(MBEDTLS_SHA256_C)
@@ -199,7 +198,7 @@
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_sha256_self_test( int verbose );
+int mbedtls_sha256_self_test(int verbose);
#endif /* MBEDTLS_SHA256_C */
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h
index 2b1fafd..ea54678 100644
--- a/include/mbedtls/sha512.h
+++ b/include/mbedtls/sha512.h
@@ -48,8 +48,7 @@
* checksum calculations. The choice between these two is
* made in the call to mbedtls_sha512_starts().
*/
-typedef struct mbedtls_sha512_context
-{
+typedef struct mbedtls_sha512_context {
uint64_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */
uint64_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */
unsigned char MBEDTLS_PRIVATE(buffer)[128]; /*!< The data block being processed. */
@@ -70,7 +69,7 @@
* \param ctx The SHA-512 context to initialize. This must
* not be \c NULL.
*/
-void mbedtls_sha512_init( mbedtls_sha512_context *ctx );
+void mbedtls_sha512_init(mbedtls_sha512_context *ctx);
/**
* \brief This function clears a SHA-512 context.
@@ -80,7 +79,7 @@
* is not \c NULL, it must point to an initialized
* SHA-512 context.
*/
-void mbedtls_sha512_free( mbedtls_sha512_context *ctx );
+void mbedtls_sha512_free(mbedtls_sha512_context *ctx);
/**
* \brief This function clones the state of a SHA-512 context.
@@ -88,8 +87,8 @@
* \param dst The destination context. This must be initialized.
* \param src The context to clone. This must be initialized.
*/
-void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
- const mbedtls_sha512_context *src );
+void mbedtls_sha512_clone(mbedtls_sha512_context *dst,
+ const mbedtls_sha512_context *src);
/**
* \brief This function starts a SHA-384 or SHA-512 checksum
@@ -106,7 +105,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 );
+int mbedtls_sha512_starts(mbedtls_sha512_context *ctx, int is384);
/**
* \brief This function feeds an input buffer into an ongoing
@@ -121,9 +120,9 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha512_update( mbedtls_sha512_context *ctx,
- const unsigned char *input,
- size_t ilen );
+int mbedtls_sha512_update(mbedtls_sha512_context *ctx,
+ const unsigned char *input,
+ size_t ilen);
/**
* \brief This function finishes the SHA-512 operation, and writes
@@ -138,8 +137,8 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
- unsigned char *output );
+int mbedtls_sha512_finish(mbedtls_sha512_context *ctx,
+ unsigned char *output);
/**
* \brief This function processes a single data block within
@@ -153,8 +152,8 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
- const unsigned char data[128] );
+int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx,
+ const unsigned char data[128]);
/**
* \brief This function calculates the SHA-512 or SHA-384
@@ -185,31 +184,31 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha512( const unsigned char *input,
- size_t ilen,
- unsigned char *output,
- int is384 );
+int mbedtls_sha512(const unsigned char *input,
+ size_t ilen,
+ unsigned char *output,
+ int is384);
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_SHA384_C)
- /**
+/**
* \brief The SHA-384 checkup routine.
*
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_sha384_self_test( int verbose );
+int mbedtls_sha384_self_test(int verbose);
#endif /* MBEDTLS_SHA384_C */
#if defined(MBEDTLS_SHA512_C)
- /**
+/**
* \brief The SHA-512 checkup routine.
*
* \return \c 0 on success.
* \return \c 1 on failure.
*/
-int mbedtls_sha512_self_test( int verbose );
+int mbedtls_sha512_self_test(int verbose);
#endif /* MBEDTLS_SHA512_C */
#endif /* MBEDTLS_SELF_TEST */
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 7751560..519afdb 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -230,29 +230,29 @@
* mbedtls_ssl_conf_tls13_key_exchange_modes().
*/
-#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK ( 1u << 0 ) /*!< Pure-PSK TLS 1.3 key exchange,
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK (1u << 0) /*!< Pure-PSK TLS 1.3 key exchange,
* encompassing both externally agreed PSKs
* as well as resumption PSKs. */
-#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL ( 1u << 1 ) /*!< Pure-Ephemeral TLS 1.3 key exchanges,
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL (1u << 1) /*!< Pure-Ephemeral TLS 1.3 key exchanges,
* including for example ECDHE and DHE
* key exchanges. */
-#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ( 1u << 2 ) /*!< PSK-Ephemeral TLS 1.3 key exchanges,
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL (1u << 2) /*!< PSK-Ephemeral TLS 1.3 key exchanges,
* using both a PSK and an ephemeral
* key exchange. */
/* Convenience macros for sets of key exchanges. */
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL \
- ( MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK | \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL | \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL ) /*!< All TLS 1.3 key exchanges */
+ (MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK | \
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL | \
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL) /*!< All TLS 1.3 key exchanges */
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL \
- ( MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK | \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All PSK-based TLS 1.3 key exchanges */
+ (MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK | \
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) /*!< All PSK-based TLS 1.3 key exchanges */
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL \
- ( MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL | \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) /*!< All ephemeral TLS 1.3 key exchanges */
+ (MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL | \
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) /*!< All ephemeral TLS 1.3 key exchanges */
-#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE ( 0 )
+#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE (0)
/*
* Various constants
@@ -602,8 +602,7 @@
#endif
/* Dummy type used only for its size */
-union mbedtls_ssl_premaster_secret
-{
+union mbedtls_ssl_premaster_secret {
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */
#endif
@@ -621,21 +620,21 @@
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
unsigned char _pms_dhe_psk[4 + MBEDTLS_MPI_MAX_SIZE
- + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */
+ + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
unsigned char _pms_rsa_psk[52 + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 4 */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
unsigned char _pms_ecdhe_psk[4 + MBEDTLS_ECP_MAX_BYTES
- + MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */
+ + MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
unsigned char _pms_ecjpake[32]; /* Thread spec: SHA-256 output */
#endif
};
-#define MBEDTLS_PREMASTER_SIZE sizeof( union mbedtls_ssl_premaster_secret )
+#define MBEDTLS_PREMASTER_SIZE sizeof(union mbedtls_ssl_premaster_secret)
#define MBEDTLS_TLS1_3_MD_MAX_SIZE PSA_HASH_MAX_SIZE
@@ -650,8 +649,7 @@
/*
* SSL state machine
*/
-typedef enum
-{
+typedef enum {
MBEDTLS_SSL_HELLO_REQUEST,
MBEDTLS_SSL_CLIENT_HELLO,
MBEDTLS_SSL_SERVER_HELLO,
@@ -701,9 +699,9 @@
* \note The callback is allowed to send fewer bytes than requested.
* It must always return the number of bytes actually sent.
*/
-typedef int mbedtls_ssl_send_t( void *ctx,
- const unsigned char *buf,
- size_t len );
+typedef int mbedtls_ssl_send_t(void *ctx,
+ const unsigned char *buf,
+ size_t len);
/**
* \brief Callback type: receive data from the network.
@@ -725,9 +723,9 @@
* buffer. It must always return the number of bytes actually
* received and written to the buffer.
*/
-typedef int mbedtls_ssl_recv_t( void *ctx,
- unsigned char *buf,
- size_t len );
+typedef int mbedtls_ssl_recv_t(void *ctx,
+ unsigned char *buf,
+ size_t len);
/**
* \brief Callback type: receive data from the network, with timeout
@@ -751,10 +749,10 @@
* buffer. It must always return the number of bytes actually
* received and written to the buffer.
*/
-typedef int mbedtls_ssl_recv_timeout_t( void *ctx,
- unsigned char *buf,
- size_t len,
- uint32_t timeout );
+typedef int mbedtls_ssl_recv_timeout_t(void *ctx,
+ unsigned char *buf,
+ size_t len,
+ uint32_t timeout);
/**
* \brief Callback type: set a pair of timers/delays to watch
*
@@ -777,9 +775,9 @@
* function while a timer is running must cancel it. Cancelled
* timers must not generate any event.
*/
-typedef void mbedtls_ssl_set_timer_t( void * ctx,
- uint32_t int_ms,
- uint32_t fin_ms );
+typedef void mbedtls_ssl_set_timer_t(void *ctx,
+ uint32_t int_ms,
+ uint32_t fin_ms);
/**
* \brief Callback type: get status of timers/delays
@@ -792,7 +790,7 @@
* 1 if only the intermediate delay has passed,
* 2 if the final delay has passed.
*/
-typedef int mbedtls_ssl_get_timer_t( void * ctx );
+typedef int mbedtls_ssl_get_timer_t(void *ctx);
/* Defined below */
typedef struct mbedtls_ssl_session mbedtls_ssl_session;
@@ -814,15 +812,15 @@
typedef uint8_t mbedtls_ssl_tls13_ticket_flags;
#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK /* 1U << 0 */
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK /* 1U << 0 */
#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION \
- MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL /* 1U << 2 */
-#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA ( 1U << 3 )
+ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL /* 1U << 2 */
+#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA (1U << 3)
#define MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK \
- ( MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION | \
- MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION | \
- MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA )
+ (MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION | \
+ MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION | \
+ MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA)
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */
/**
@@ -848,10 +846,10 @@
* \return A non-zero return value on failure.
*
*/
-typedef int mbedtls_ssl_cache_get_t( void *data,
- unsigned char const *session_id,
- size_t session_id_len,
- mbedtls_ssl_session *session );
+typedef int mbedtls_ssl_cache_get_t(void *data,
+ unsigned char const *session_id,
+ size_t session_id_len,
+ mbedtls_ssl_session *session);
/**
* \brief Callback type: server-side session cache setter
*
@@ -870,10 +868,10 @@
* \return \c 0 on success
* \return A non-zero return value on failure.
*/
-typedef int mbedtls_ssl_cache_set_t( void *data,
- unsigned char const *session_id,
- size_t session_id_len,
- const mbedtls_ssl_session *session );
+typedef int mbedtls_ssl_cache_set_t(void *data,
+ unsigned char const *session_id,
+ size_t session_id_len,
+ const mbedtls_ssl_session *session);
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -948,11 +946,11 @@
* use \c MBEDTLS_ERR_SSL_xxx error codes except as
* directed in the documentation of this callback.
*/
-typedef int mbedtls_ssl_async_sign_t( mbedtls_ssl_context *ssl,
- mbedtls_x509_crt *cert,
- mbedtls_md_type_t md_alg,
- const unsigned char *hash,
- size_t hash_len );
+typedef int mbedtls_ssl_async_sign_t(mbedtls_ssl_context *ssl,
+ mbedtls_x509_crt *cert,
+ mbedtls_md_type_t md_alg,
+ const unsigned char *hash,
+ size_t hash_len);
/**
* \brief Callback type: start external decryption operation.
@@ -1014,10 +1012,10 @@
* use \c MBEDTLS_ERR_SSL_xxx error codes except as
* directed in the documentation of this callback.
*/
-typedef int mbedtls_ssl_async_decrypt_t( mbedtls_ssl_context *ssl,
- mbedtls_x509_crt *cert,
- const unsigned char *input,
- size_t input_len );
+typedef int mbedtls_ssl_async_decrypt_t(mbedtls_ssl_context *ssl,
+ mbedtls_x509_crt *cert,
+ const unsigned char *input,
+ size_t input_len);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/**
@@ -1062,10 +1060,10 @@
* use \c MBEDTLS_ERR_SSL_xxx error codes except as
* directed in the documentation of this callback.
*/
-typedef int mbedtls_ssl_async_resume_t( mbedtls_ssl_context *ssl,
- unsigned char *output,
- size_t *output_len,
- size_t output_size );
+typedef int mbedtls_ssl_async_resume_t(mbedtls_ssl_context *ssl,
+ unsigned char *output,
+ size_t *output_len,
+ size_t output_size);
/**
* \brief Callback type: cancel external operation.
@@ -1084,7 +1082,7 @@
* \param ssl The SSL connection instance. It should not be
* modified.
*/
-typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );
+typedef void mbedtls_ssl_async_cancel_t(mbedtls_ssl_context *ssl);
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \
@@ -1106,12 +1104,11 @@
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED &&
!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-typedef struct
-{
- unsigned char client_application_traffic_secret_N[ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
- unsigned char server_application_traffic_secret_N[ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
- unsigned char exporter_master_secret [ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
- unsigned char resumption_master_secret [ MBEDTLS_TLS1_3_MD_MAX_SIZE ];
+typedef struct {
+ unsigned char client_application_traffic_secret_N[MBEDTLS_TLS1_3_MD_MAX_SIZE];
+ unsigned char server_application_traffic_secret_N[MBEDTLS_TLS1_3_MD_MAX_SIZE];
+ unsigned char exporter_master_secret[MBEDTLS_TLS1_3_MD_MAX_SIZE];
+ unsigned char resumption_master_secret[MBEDTLS_TLS1_3_MD_MAX_SIZE];
} mbedtls_ssl_tls13_application_secrets;
#if defined(MBEDTLS_SSL_DTLS_SRTP)
@@ -1127,17 +1124,16 @@
* Reminder: if this list is expanded mbedtls_ssl_check_srtp_profile_value
* must be updated too.
*/
-#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80 ( (uint16_t) 0x0001)
-#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32 ( (uint16_t) 0x0002)
-#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80 ( (uint16_t) 0x0005)
-#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 ( (uint16_t) 0x0006)
+#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80 ((uint16_t) 0x0001)
+#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32 ((uint16_t) 0x0002)
+#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80 ((uint16_t) 0x0005)
+#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 ((uint16_t) 0x0006)
/* This one is not iana defined, but for code readability. */
-#define MBEDTLS_TLS_SRTP_UNSET ( (uint16_t) 0x0000)
+#define MBEDTLS_TLS_SRTP_UNSET ((uint16_t) 0x0000)
typedef uint16_t mbedtls_ssl_srtp_profile;
-typedef struct mbedtls_dtls_srtp_info_t
-{
+typedef struct mbedtls_dtls_srtp_info_t {
/*! The SRTP profile that was negotiated. */
mbedtls_ssl_srtp_profile MBEDTLS_PRIVATE(chosen_dtls_srtp_profile);
/*! The length of mki_value. */
@@ -1150,8 +1146,7 @@
#endif /* MBEDTLS_SSL_DTLS_SRTP */
/** Human-friendly representation of the (D)TLS protocol version. */
-typedef enum
-{
+typedef enum {
MBEDTLS_SSL_VERSION_UNKNOWN, /*!< Context not in use or version not yet negotiated. */
MBEDTLS_SSL_VERSION_TLS1_2 = 0x0303, /*!< (D)TLS 1.2 */
MBEDTLS_SSL_VERSION_TLS1_3 = 0x0304, /*!< (D)TLS 1.3 */
@@ -1168,8 +1163,7 @@
* mbedtls_ssl_session_save() and ssl_session_load()
* ssl_session_copy()
*/
-struct mbedtls_ssl_session
-{
+struct mbedtls_ssl_session {
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
unsigned char MBEDTLS_PRIVATE(mfl_code); /*!< MaxFragmentLength negotiated by peer */
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
@@ -1237,18 +1231,16 @@
/*
* Identifiers for PRFs used in various versions of TLS.
*/
-typedef enum
-{
- MBEDTLS_SSL_TLS_PRF_NONE,
- MBEDTLS_SSL_TLS_PRF_SHA384,
- MBEDTLS_SSL_TLS_PRF_SHA256,
- MBEDTLS_SSL_HKDF_EXPAND_SHA384,
- MBEDTLS_SSL_HKDF_EXPAND_SHA256
+typedef enum {
+ MBEDTLS_SSL_TLS_PRF_NONE,
+ MBEDTLS_SSL_TLS_PRF_SHA384,
+ MBEDTLS_SSL_TLS_PRF_SHA256,
+ MBEDTLS_SSL_HKDF_EXPAND_SHA384,
+ MBEDTLS_SSL_HKDF_EXPAND_SHA256
}
mbedtls_tls_prf_types;
-typedef enum
-{
+typedef enum {
MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET = 0,
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_EARLY_SECRET,
@@ -1275,13 +1267,13 @@
* \param tls_prf_type The identifier for the PRF used in the handshake
* to which the key belongs.
*/
-typedef void mbedtls_ssl_export_keys_t( void *p_expkey,
- mbedtls_ssl_key_export_type type,
- const unsigned char *secret,
- size_t secret_len,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type );
+typedef void mbedtls_ssl_export_keys_t(void *p_expkey,
+ mbedtls_ssl_key_export_type type,
+ const unsigned char *secret,
+ size_t secret_len,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type);
#if defined(MBEDTLS_SSL_SRV_C)
/**
@@ -1299,7 +1291,7 @@
* or a specific MBEDTLS_ERR_XXX code, which will cause
* the handshake to be aborted.
*/
-typedef int (*mbedtls_ssl_hs_cb_t)( mbedtls_ssl_context *ssl );
+typedef int (*mbedtls_ssl_hs_cb_t)(mbedtls_ssl_context *ssl);
#endif
/* A type for storing user data in a library structure.
@@ -1308,8 +1300,7 @@
* Only the behaviors guaranteed by documented accessor functions are
* guaranteed to remain stable.
*/
-typedef union
-{
+typedef union {
uintptr_t n; /* typically a handle to an associated object */
void *p; /* typically a pointer to extra data */
} mbedtls_ssl_user_data_t;
@@ -1317,8 +1308,7 @@
/**
* SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
*/
-struct mbedtls_ssl_config
-{
+struct mbedtls_ssl_config {
/* Group items mostly by size. This helps to reduce memory wasted to
* padding. It also helps to keep smaller fields early in the structure,
* so that elements tend to be in the 128-element direct access window
@@ -1395,11 +1385,11 @@
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/** Callback for printing debug output */
- void (*MBEDTLS_PRIVATE(f_dbg))(void *, int, const char *, int, const char *);
+ void(*MBEDTLS_PRIVATE(f_dbg))(void *, int, const char *, int, const char *);
void *MBEDTLS_PRIVATE(p_dbg); /*!< context for the debug function */
/** Callback for getting (pseudo-)random numbers */
- int (*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
+ int(*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_rng); /*!< context for the RNG function */
/** Callback to retrieve a session from the cache */
@@ -1410,40 +1400,41 @@
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
/** Callback for setting cert according to SNI extension */
- int (*MBEDTLS_PRIVATE(f_sni))(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
+ int(*MBEDTLS_PRIVATE(f_sni))(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_sni); /*!< context for SNI callback */
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/** Callback to customize X.509 certificate chain verification */
- int (*MBEDTLS_PRIVATE(f_vrfy))(void *, mbedtls_x509_crt *, int, uint32_t *);
+ int(*MBEDTLS_PRIVATE(f_vrfy))(void *, mbedtls_x509_crt *, int, uint32_t *);
void *MBEDTLS_PRIVATE(p_vrfy); /*!< context for X.509 verify calllback */
#endif
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
#if defined(MBEDTLS_SSL_SRV_C)
/** Callback to retrieve PSK key from identity */
- int (*MBEDTLS_PRIVATE(f_psk))(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
+ int(*MBEDTLS_PRIVATE(f_psk))(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_psk); /*!< context for PSK callback */
#endif
#endif
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
/** Callback to create & write a cookie for ClientHello verification */
- int (*MBEDTLS_PRIVATE(f_cookie_write))( void *, unsigned char **, unsigned char *,
- const unsigned char *, size_t );
+ int(*MBEDTLS_PRIVATE(f_cookie_write))(void *, unsigned char **, unsigned char *,
+ const unsigned char *, size_t);
/** Callback to verify validity of a ClientHello cookie */
- int (*MBEDTLS_PRIVATE(f_cookie_check))( void *, const unsigned char *, size_t,
- const unsigned char *, size_t );
+ int(*MBEDTLS_PRIVATE(f_cookie_check))(void *, const unsigned char *, size_t,
+ const unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_cookie); /*!< context for the cookie callbacks */
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C)
/** Callback to create & write a session ticket */
- int (*MBEDTLS_PRIVATE(f_ticket_write))( void *, const mbedtls_ssl_session *,
- unsigned char *, const unsigned char *, size_t *, uint32_t * );
+ int(*MBEDTLS_PRIVATE(f_ticket_write))(void *, const mbedtls_ssl_session *,
+ unsigned char *, const unsigned char *, size_t *,
+ uint32_t *);
/** Callback to parse a session ticket into a session structure */
- int (*MBEDTLS_PRIVATE(f_ticket_parse))( void *, mbedtls_ssl_session *, unsigned char *, size_t);
+ int(*MBEDTLS_PRIVATE(f_ticket_parse))(void *, mbedtls_ssl_session *, unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_ticket); /*!< context for the ticket callbacks */
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
@@ -1494,33 +1485,33 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psk_opaque); /*!< PSA key slot holding opaque PSK. This field
- * should only be set via
- * mbedtls_ssl_conf_psk_opaque().
- * If either no PSK or a raw PSK have been
- * configured, this has value \c 0.
- */
+ * should only be set via
+ * mbedtls_ssl_conf_psk_opaque().
+ * If either no PSK or a raw PSK have been
+ * configured, this has value \c 0.
+ */
#endif /* MBEDTLS_USE_PSA_CRYPTO */
unsigned char *MBEDTLS_PRIVATE(psk); /*!< The raw pre-shared key. This field should
- * only be set via mbedtls_ssl_conf_psk().
- * If either no PSK or an opaque PSK
- * have been configured, this has value NULL. */
+ * only be set via mbedtls_ssl_conf_psk().
+ * If either no PSK or an opaque PSK
+ * have been configured, this has value NULL. */
size_t MBEDTLS_PRIVATE(psk_len); /*!< The length of the raw pre-shared key.
- * This field should only be set via
- * mbedtls_ssl_conf_psk().
- * Its value is non-zero if and only if
- * \c psk is not \c NULL. */
+ * This field should only be set via
+ * mbedtls_ssl_conf_psk().
+ * Its value is non-zero if and only if
+ * \c psk is not \c NULL. */
unsigned char *MBEDTLS_PRIVATE(psk_identity); /*!< The PSK identity for PSK negotiation.
- * This field should only be set via
- * mbedtls_ssl_conf_psk().
- * This is set if and only if either
- * \c psk or \c psk_opaque are set. */
+ * This field should only be set via
+ * mbedtls_ssl_conf_psk().
+ * This is set if and only if either
+ * \c psk or \c psk_opaque are set. */
size_t MBEDTLS_PRIVATE(psk_identity_len);/*!< The length of PSK identity.
- * This field should only be set via
- * mbedtls_ssl_conf_psk().
- * Its value is non-zero if and only if
- * \c psk is not \c NULL or \c psk_opaque
- * is not \c 0. */
+ * This field should only be set via
+ * mbedtls_ssl_conf_psk().
+ * Its value is non-zero if and only if
+ * \c psk is not \c NULL or \c psk_opaque
+ * is not \c 0. */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
#if defined(MBEDTLS_SSL_EARLY_DATA)
@@ -1554,15 +1545,15 @@
#if defined(MBEDTLS_SSL_PROTO_DTLS)
uint32_t MBEDTLS_PRIVATE(hs_timeout_min); /*!< initial value of the handshake
- retransmission timeout (ms) */
+ retransmission timeout (ms) */
uint32_t MBEDTLS_PRIVATE(hs_timeout_max); /*!< maximum value of the handshake
- retransmission timeout (ms) */
+ retransmission timeout (ms) */
#endif
#if defined(MBEDTLS_SSL_RENEGOTIATION)
int MBEDTLS_PRIVATE(renego_max_records); /*!< grace period for renegotiation */
unsigned char MBEDTLS_PRIVATE(renego_period)[8]; /*!< value of the record counters
- that triggers renegotiation */
+ that triggers renegotiation */
#endif
unsigned int MBEDTLS_PRIVATE(badmac_limit); /*!< limit of records with a bad MAC */
@@ -1587,8 +1578,7 @@
#endif
};
-struct mbedtls_ssl_context
-{
+struct mbedtls_ssl_context {
const mbedtls_ssl_config *MBEDTLS_PRIVATE(conf); /*!< configuration information */
/*
@@ -1598,8 +1588,8 @@
#if defined(MBEDTLS_SSL_RENEGOTIATION)
int MBEDTLS_PRIVATE(renego_status); /*!< Initial, in progress, pending? */
int MBEDTLS_PRIVATE(renego_records_seen); /*!< Records since renego request, or with DTLS,
- number of retransmissions of request if
- renego_max_records is < 0 */
+ number of retransmissions of request if
+ renego_max_records is < 0 */
#endif /* MBEDTLS_SSL_RENEGOTIATION */
/** Server: Negotiated TLS protocol version.
@@ -1622,14 +1612,14 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/** Callback to customize X.509 certificate chain verification */
- int (*MBEDTLS_PRIVATE(f_vrfy))(void *, mbedtls_x509_crt *, int, uint32_t *);
+ int(*MBEDTLS_PRIVATE(f_vrfy))(void *, mbedtls_x509_crt *, int, uint32_t *);
void *MBEDTLS_PRIVATE(p_vrfy); /*!< context for X.509 verify callback */
#endif
mbedtls_ssl_send_t *MBEDTLS_PRIVATE(f_send); /*!< Callback for network send */
mbedtls_ssl_recv_t *MBEDTLS_PRIVATE(f_recv); /*!< Callback for network receive */
mbedtls_ssl_recv_timeout_t *MBEDTLS_PRIVATE(f_recv_timeout);
- /*!< Callback for network receive with timeout */
+ /*!< Callback for network receive with timeout */
void *MBEDTLS_PRIVATE(p_bio); /*!< context for I/O operations */
@@ -1642,7 +1632,7 @@
mbedtls_ssl_session *MBEDTLS_PRIVATE(session_negotiate); /*!< session data in negotiation */
mbedtls_ssl_handshake_params *MBEDTLS_PRIVATE(handshake); /*!< params required only during
- the handshake process */
+ the handshake process */
/*
* Record layer transformations
@@ -1679,12 +1669,12 @@
*/
unsigned char *MBEDTLS_PRIVATE(in_buf); /*!< input buffer */
unsigned char *MBEDTLS_PRIVATE(in_ctr); /*!< 64-bit incoming message counter
- TLS: maintained by us
- DTLS: read from peer */
+ TLS: maintained by us
+ DTLS: read from peer */
unsigned char *MBEDTLS_PRIVATE(in_hdr); /*!< start of record header */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
unsigned char *MBEDTLS_PRIVATE(in_cid); /*!< The start of the CID;
- * (the end is marked by in_len). */
+ * (the end is marked by in_len). */
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
unsigned char *MBEDTLS_PRIVATE(in_len); /*!< two-bytes message length field */
unsigned char *MBEDTLS_PRIVATE(in_iv); /*!< ivlen-byte IV */
@@ -1700,7 +1690,7 @@
#if defined(MBEDTLS_SSL_PROTO_DTLS)
uint16_t MBEDTLS_PRIVATE(in_epoch); /*!< DTLS epoch for incoming records */
size_t MBEDTLS_PRIVATE(next_record_offset); /*!< offset of the next record in datagram
- (equal to in_left if none) */
+ (equal to in_left if none) */
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
uint64_t MBEDTLS_PRIVATE(in_window_top); /*!< last validated record seq_num */
@@ -1708,28 +1698,28 @@
#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
size_t MBEDTLS_PRIVATE(in_hslen); /*!< current handshake message length,
- including the handshake header */
+ including the handshake header */
int MBEDTLS_PRIVATE(nb_zero); /*!< # of 0-length encrypted messages */
int MBEDTLS_PRIVATE(keep_current_message); /*!< drop or reuse current message
- on next call to record layer? */
+ on next call to record layer? */
/* The following three variables indicate if and, if yes,
* what kind of alert is pending to be sent.
*/
unsigned char MBEDTLS_PRIVATE(send_alert); /*!< Determines if a fatal alert
- should be sent. Values:
- - \c 0 , no alert is to be sent.
- - \c 1 , alert is to be sent. */
+ should be sent. Values:
+ - \c 0 , no alert is to be sent.
+ - \c 1 , alert is to be sent. */
unsigned char MBEDTLS_PRIVATE(alert_type); /*!< Type of alert if send_alert
- != 0 */
+ != 0 */
int MBEDTLS_PRIVATE(alert_reason); /*!< The error code to be returned
- to the user once the fatal alert
- has been sent. */
+ to the user once the fatal alert
+ has been sent. */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
uint8_t MBEDTLS_PRIVATE(disable_datagram_packing); /*!< Disable packing multiple records
- * within a single datagram. */
+ * within a single datagram. */
#endif /* MBEDTLS_SSL_PROTO_DTLS */
/*
@@ -1740,7 +1730,7 @@
unsigned char *MBEDTLS_PRIVATE(out_hdr); /*!< start of record header */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
unsigned char *MBEDTLS_PRIVATE(out_cid); /*!< The start of the CID;
- * (the end is marked by in_len). */
+ * (the end is marked by in_len). */
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
unsigned char *MBEDTLS_PRIVATE(out_len); /*!< two-bytes message length field */
unsigned char *MBEDTLS_PRIVATE(out_iv); /*!< ivlen-byte IV */
@@ -1764,7 +1754,7 @@
*/
#if defined(MBEDTLS_X509_CRT_PARSE_C)
char *MBEDTLS_PRIVATE(hostname); /*!< expected peer CN for verification
- (and SNI if available) */
+ (and SNI if available) */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_ALPN)
@@ -1791,7 +1781,7 @@
*/
/* needed to know when to send extension on server */
int MBEDTLS_PRIVATE(secure_renegotiation); /*!< does peer support legacy or
- secure renegotiation */
+ secure renegotiation */
#if defined(MBEDTLS_SSL_RENEGOTIATION)
size_t MBEDTLS_PRIVATE(verify_data_len); /*!< length of verify data stored */
char MBEDTLS_PRIVATE(own_verify_data)[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */
@@ -1805,12 +1795,12 @@
* all subsequent handshakes. This may be different from the
* CID currently used in case the user has re-configured the CID
* after an initial handshake. */
- unsigned char MBEDTLS_PRIVATE(own_cid)[ MBEDTLS_SSL_CID_IN_LEN_MAX ];
+ unsigned char MBEDTLS_PRIVATE(own_cid)[MBEDTLS_SSL_CID_IN_LEN_MAX];
uint8_t MBEDTLS_PRIVATE(own_cid_len); /*!< The length of \c own_cid. */
uint8_t MBEDTLS_PRIVATE(negotiate_cid); /*!< This indicates whether the CID extension should
- * be negotiated in the next handshake or not.
- * Possible values are #MBEDTLS_SSL_CID_ENABLED
- * and #MBEDTLS_SSL_CID_DISABLED. */
+ * be negotiated in the next handshake or not.
+ * Possible values are #MBEDTLS_SSL_CID_ENABLED
+ * and #MBEDTLS_SSL_CID_DISABLED. */
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C)
@@ -1841,7 +1831,7 @@
*
* \return a string containing the ciphersuite name
*/
-const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id );
+const char *mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id);
/**
* \brief Return the ID of the ciphersuite associated with the
@@ -1851,7 +1841,7 @@
*
* \return the ID with the ciphersuite or 0 if not found
*/
-int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name );
+int mbedtls_ssl_get_ciphersuite_id(const char *ciphersuite_name);
/**
* \brief Initialize an SSL context
@@ -1860,7 +1850,7 @@
*
* \param ssl SSL context
*/
-void mbedtls_ssl_init( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_init(mbedtls_ssl_context *ssl);
/**
* \brief Set up an SSL context for use
@@ -1882,8 +1872,8 @@
* \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED if
* memory allocation failed
*/
-int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
- const mbedtls_ssl_config *conf );
+int mbedtls_ssl_setup(mbedtls_ssl_context *ssl,
+ const mbedtls_ssl_config *conf);
/**
* \brief Reset an already initialized SSL context for re-use
@@ -1894,7 +1884,7 @@
* \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED or
MBEDTLS_ERR_SSL_HW_ACCEL_FAILED
*/
-int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl);
/**
* \brief Set the current endpoint type
@@ -1902,7 +1892,7 @@
* \param conf SSL configuration
* \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER
*/
-void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint );
+void mbedtls_ssl_conf_endpoint(mbedtls_ssl_config *conf, int endpoint);
/**
* \brief Set the transport type (TLS or DTLS).
@@ -1918,7 +1908,7 @@
* MBEDTLS_SSL_TRANSPORT_STREAM for TLS,
* MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS.
*/
-void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport );
+void mbedtls_ssl_conf_transport(mbedtls_ssl_config *conf, int transport);
/**
* \brief Set the certificate verification mode
@@ -1946,30 +1936,30 @@
* the verification as soon as possible. For example, REQUIRED was protecting
* against the "triple handshake" attack even before it was found.
*/
-void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
+void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA)
/**
-* \brief Set the early data mode
-* Default: disabled on server and client
-*
-* \param conf The SSL configuration to use.
-* \param early_data_enabled can be:
-*
-* MBEDTLS_SSL_EARLY_DATA_DISABLED: early data functionality is disabled
-* This is the default on client and server.
-*
-* MBEDTLS_SSL_EARLY_DATA_ENABLED: early data functionality is enabled and
-* may be negotiated in the handshake. Application using
-* early data functionality needs to be aware of the
-* lack of replay protection of the early data application
-* payloads.
-*
-* \warning This interface is experimental and may change without notice.
-*
-*/
-void mbedtls_ssl_tls13_conf_early_data( mbedtls_ssl_config *conf,
- int early_data_enabled );
+ * \brief Set the early data mode
+ * Default: disabled on server and client
+ *
+ * \param conf The SSL configuration to use.
+ * \param early_data_enabled can be:
+ *
+ * MBEDTLS_SSL_EARLY_DATA_DISABLED: early data functionality is disabled
+ * This is the default on client and server.
+ *
+ * MBEDTLS_SSL_EARLY_DATA_ENABLED: early data functionality is enabled and
+ * may be negotiated in the handshake. Application using
+ * early data functionality needs to be aware of the
+ * lack of replay protection of the early data application
+ * payloads.
+ *
+ * \warning This interface is experimental and may change without notice.
+ *
+ */
+void mbedtls_ssl_tls13_conf_early_data(mbedtls_ssl_config *conf,
+ int early_data_enabled);
#if defined(MBEDTLS_SSL_SRV_C)
/**
@@ -1996,7 +1986,7 @@
*
*/
void mbedtls_ssl_tls13_conf_max_early_data_size(
- mbedtls_ssl_config *conf, uint32_t max_early_data_size );
+ mbedtls_ssl_config *conf, uint32_t max_early_data_size);
#endif /* MBEDTLS_SSL_SRV_C */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_EARLY_DATA */
@@ -2017,9 +2007,9 @@
* \param f_vrfy The verification callback to use during CRT verification.
* \param p_vrfy The opaque context to be passed to the callback.
*/
-void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
- int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
- void *p_vrfy );
+void mbedtls_ssl_conf_verify(mbedtls_ssl_config *conf,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+ void *p_vrfy);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/**
@@ -2029,9 +2019,9 @@
* \param f_rng RNG function (mandatory)
* \param p_rng RNG parameter
*/
-void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+void mbedtls_ssl_conf_rng(mbedtls_ssl_config *conf,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief Set the debug callback
@@ -2047,9 +2037,9 @@
* \param f_dbg debug function
* \param p_dbg debug parameter
*/
-void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
- void (*f_dbg)(void *, int, const char *, int, const char *),
- void *p_dbg );
+void mbedtls_ssl_conf_dbg(mbedtls_ssl_config *conf,
+ void (*f_dbg)(void *, int, const char *, int, const char *),
+ void *p_dbg);
/**
* \brief Return the SSL configuration structure associated
@@ -2062,9 +2052,9 @@
* \return Pointer to the SSL configuration associated with \p ssl.
*/
static inline const mbedtls_ssl_config *mbedtls_ssl_context_get_config(
- const mbedtls_ssl_context *ssl )
+ const mbedtls_ssl_context *ssl)
{
- return( ssl->MBEDTLS_PRIVATE( conf ) );
+ return ssl->MBEDTLS_PRIVATE(conf);
}
/**
@@ -2097,11 +2087,11 @@
* \c mbedtls_net_recv_timeout() that are suitable to be used
* here.
*/
-void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
- void *p_bio,
- mbedtls_ssl_send_t *f_send,
- mbedtls_ssl_recv_t *f_recv,
- mbedtls_ssl_recv_timeout_t *f_recv_timeout );
+void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl,
+ void *p_bio,
+ mbedtls_ssl_send_t *f_send,
+ mbedtls_ssl_recv_t *f_recv,
+ mbedtls_ssl_recv_timeout_t *f_recv_timeout);
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -2192,10 +2182,10 @@
* applies to the next handshake.
* \return A negative error code on failure.
*/
-int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
- int enable,
- unsigned char const *own_cid,
- size_t own_cid_len );
+int mbedtls_ssl_set_cid(mbedtls_ssl_context *ssl,
+ int enable,
+ unsigned char const *own_cid,
+ size_t own_cid_len);
/**
* \brief Get information about our request for usage of the CID
@@ -2226,10 +2216,10 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_ssl_get_own_cid( mbedtls_ssl_context *ssl,
+int mbedtls_ssl_get_own_cid(mbedtls_ssl_context *ssl,
int *enabled,
unsigned char own_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX],
- size_t *own_cid_len );
+ size_t *own_cid_len);
/**
* \brief Get information about the use of the CID extension
@@ -2268,10 +2258,10 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
- int *enabled,
- unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ],
- size_t *peer_cid_len );
+int mbedtls_ssl_get_peer_cid(mbedtls_ssl_context *ssl,
+ int *enabled,
+ unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX],
+ size_t *peer_cid_len);
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
@@ -2314,7 +2304,7 @@
* \param ssl SSL context
* \param mtu Value of the path MTU in bytes
*/
-void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu );
+void mbedtls_ssl_set_mtu(mbedtls_ssl_context *ssl, uint16_t mtu);
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -2336,9 +2326,9 @@
* \param f_vrfy The verification callback to use during CRT verification.
* \param p_vrfy The opaque context to be passed to the callback.
*/
-void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl,
- int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
- void *p_vrfy );
+void mbedtls_ssl_set_verify(mbedtls_ssl_context *ssl,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+ void *p_vrfy);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/**
@@ -2357,7 +2347,7 @@
* \note With non-blocking I/O, you may also skip this function
* altogether and handle timeouts at the application layer.
*/
-void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
+void mbedtls_ssl_conf_read_timeout(mbedtls_ssl_config *conf, uint32_t timeout);
/**
* \brief Check whether a buffer contains a valid and authentic record
@@ -2403,9 +2393,9 @@
* In this case, the SSL context becomes unusable and needs
* to be freed or reset before reuse.
*/
-int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
- unsigned char *buf,
- size_t buflen );
+int mbedtls_ssl_check_record(mbedtls_ssl_context const *ssl,
+ unsigned char *buf,
+ size_t buflen);
/**
* \brief Set the timer callbacks (Mandatory for DTLS.)
@@ -2427,10 +2417,10 @@
* \note See also the "DTLS tutorial" article in our knowledge base.
* https://mbed-tls.readthedocs.io/en/latest/kb/how-to/dtls-tutorial
*/
-void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl,
- void *p_timer,
- mbedtls_ssl_set_timer_t *f_set_timer,
- mbedtls_ssl_get_timer_t *f_get_timer );
+void mbedtls_ssl_set_timer_cb(mbedtls_ssl_context *ssl,
+ void *p_timer,
+ mbedtls_ssl_set_timer_t *f_set_timer,
+ mbedtls_ssl_get_timer_t *f_get_timer);
#if defined(MBEDTLS_SSL_SRV_C)
/**
@@ -2443,8 +2433,8 @@
* \param f_cert_cb The callback for selecting server certificate after
* `ClientHello` processing has finished.
*/
-static inline void mbedtls_ssl_conf_cert_cb( mbedtls_ssl_config *conf,
- mbedtls_ssl_hs_cb_t f_cert_cb )
+static inline void mbedtls_ssl_conf_cert_cb(mbedtls_ssl_config *conf,
+ mbedtls_ssl_hs_cb_t f_cert_cb)
{
conf->MBEDTLS_PRIVATE(f_cert_cb) = f_cert_cb;
}
@@ -2469,12 +2459,12 @@
* \return 0 if successful, or
* a specific MBEDTLS_ERR_XXX code.
*/
-typedef int mbedtls_ssl_ticket_write_t( void *p_ticket,
- const mbedtls_ssl_session *session,
- unsigned char *start,
- const unsigned char *end,
- size_t *tlen,
- uint32_t *lifetime );
+typedef int mbedtls_ssl_ticket_write_t(void *p_ticket,
+ const mbedtls_ssl_session *session,
+ unsigned char *start,
+ const unsigned char *end,
+ size_t *tlen,
+ uint32_t *lifetime);
/**
* \brief Callback type: parse and load session ticket
@@ -2499,10 +2489,10 @@
* MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED if expired, or
* any other non-zero code for other failures.
*/
-typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket,
- mbedtls_ssl_session *session,
- unsigned char *buf,
- size_t len );
+typedef int mbedtls_ssl_ticket_parse_t(void *p_ticket,
+ mbedtls_ssl_session *session,
+ unsigned char *buf,
+ size_t len);
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C)
/**
@@ -2519,10 +2509,10 @@
* \param f_ticket_parse Callback for parsing a ticket
* \param p_ticket Context shared by the two callbacks
*/
-void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf,
- mbedtls_ssl_ticket_write_t *f_ticket_write,
- mbedtls_ssl_ticket_parse_t *f_ticket_parse,
- void *p_ticket );
+void mbedtls_ssl_conf_session_tickets_cb(mbedtls_ssl_config *conf,
+ mbedtls_ssl_ticket_write_t *f_ticket_write,
+ mbedtls_ssl_ticket_parse_t *f_ticket_parse,
+ void *p_ticket);
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */
/**
@@ -2543,9 +2533,9 @@
* \param p_export_keys The opaque context pointer to be passed to the
* callback \p f_export_keys.
*/
-void mbedtls_ssl_set_export_keys_cb( mbedtls_ssl_context *ssl,
- mbedtls_ssl_export_keys_t *f_export_keys,
- void *p_export_keys );
+void mbedtls_ssl_set_export_keys_cb(mbedtls_ssl_context *ssl,
+ mbedtls_ssl_export_keys_t *f_export_keys,
+ void *p_export_keys);
/** \brief Set the user data in an SSL configuration to a pointer.
*
@@ -2559,7 +2549,7 @@
*/
static inline void mbedtls_ssl_conf_set_user_data_p(
mbedtls_ssl_config *conf,
- void *p )
+ void *p)
{
conf->MBEDTLS_PRIVATE(user_data).p = p;
}
@@ -2573,7 +2563,7 @@
*/
static inline void mbedtls_ssl_conf_set_user_data_n(
mbedtls_ssl_config *conf,
- uintptr_t n )
+ uintptr_t n)
{
conf->MBEDTLS_PRIVATE(user_data).n = n;
}
@@ -2589,9 +2579,9 @@
* \return The current value of the user data.
*/
static inline void *mbedtls_ssl_conf_get_user_data_p(
- mbedtls_ssl_config *conf )
+ mbedtls_ssl_config *conf)
{
- return( conf->MBEDTLS_PRIVATE(user_data).p );
+ return conf->MBEDTLS_PRIVATE(user_data).p;
}
/** \brief Retrieve the user data in an SSL configuration as an integer.
@@ -2605,9 +2595,9 @@
* \return The current value of the user data.
*/
static inline uintptr_t mbedtls_ssl_conf_get_user_data_n(
- mbedtls_ssl_config *conf )
+ mbedtls_ssl_config *conf)
{
- return( conf->MBEDTLS_PRIVATE(user_data).n );
+ return conf->MBEDTLS_PRIVATE(user_data).n;
}
/** \brief Set the user data in an SSL context to a pointer.
@@ -2622,7 +2612,7 @@
*/
static inline void mbedtls_ssl_set_user_data_p(
mbedtls_ssl_context *ssl,
- void *p )
+ void *p)
{
ssl->MBEDTLS_PRIVATE(user_data).p = p;
}
@@ -2636,7 +2626,7 @@
*/
static inline void mbedtls_ssl_set_user_data_n(
mbedtls_ssl_context *ssl,
- uintptr_t n )
+ uintptr_t n)
{
ssl->MBEDTLS_PRIVATE(user_data).n = n;
}
@@ -2652,9 +2642,9 @@
* \return The current value of the user data.
*/
static inline void *mbedtls_ssl_get_user_data_p(
- mbedtls_ssl_context *ssl )
+ mbedtls_ssl_context *ssl)
{
- return( ssl->MBEDTLS_PRIVATE(user_data).p );
+ return ssl->MBEDTLS_PRIVATE(user_data).p;
}
/** \brief Retrieve the user data in an SSL context as an integer.
@@ -2668,9 +2658,9 @@
* \return The current value of the user data.
*/
static inline uintptr_t mbedtls_ssl_get_user_data_n(
- mbedtls_ssl_context *ssl )
+ mbedtls_ssl_context *ssl)
{
- return( ssl->MBEDTLS_PRIVATE(user_data).n );
+ return ssl->MBEDTLS_PRIVATE(user_data).n;
}
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
@@ -2704,12 +2694,12 @@
* mbedtls_ssl_conf_get_async_config_data(). The
* library stores this value without dereferencing it.
*/
-void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf,
- mbedtls_ssl_async_sign_t *f_async_sign,
- mbedtls_ssl_async_decrypt_t *f_async_decrypt,
- mbedtls_ssl_async_resume_t *f_async_resume,
- mbedtls_ssl_async_cancel_t *f_async_cancel,
- void *config_data );
+void mbedtls_ssl_conf_async_private_cb(mbedtls_ssl_config *conf,
+ mbedtls_ssl_async_sign_t *f_async_sign,
+ mbedtls_ssl_async_decrypt_t *f_async_decrypt,
+ mbedtls_ssl_async_resume_t *f_async_resume,
+ mbedtls_ssl_async_cancel_t *f_async_cancel,
+ void *config_data);
/**
* \brief Retrieve the configuration data set by
@@ -2719,7 +2709,7 @@
* \return The configuration data set by
* mbedtls_ssl_conf_async_private_cb().
*/
-void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf );
+void *mbedtls_ssl_conf_get_async_config_data(const mbedtls_ssl_config *conf);
/**
* \brief Retrieve the asynchronous operation user context.
@@ -2735,7 +2725,7 @@
* called during the current handshake, this function returns
* \c NULL.
*/
-void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl );
+void *mbedtls_ssl_get_async_operation_data(const mbedtls_ssl_context *ssl);
/**
* \brief Retrieve the asynchronous operation user context.
@@ -2748,8 +2738,8 @@
* Call mbedtls_ssl_get_async_operation_data() later during the
* same handshake to retrieve this value.
*/
-void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl,
- void *ctx );
+void mbedtls_ssl_set_async_operation_data(mbedtls_ssl_context *ssl,
+ void *ctx);
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
/**
@@ -2766,9 +2756,9 @@
* \return The callback must return 0 on success,
* or a negative error code.
*/
-typedef int mbedtls_ssl_cookie_write_t( void *ctx,
- unsigned char **p, unsigned char *end,
- const unsigned char *info, size_t ilen );
+typedef int mbedtls_ssl_cookie_write_t(void *ctx,
+ unsigned char **p, unsigned char *end,
+ const unsigned char *info, size_t ilen);
/**
* \brief Callback type: verify a cookie
@@ -2783,9 +2773,9 @@
* \return The callback must return 0 if cookie is valid,
* or a negative error code.
*/
-typedef int mbedtls_ssl_cookie_check_t( void *ctx,
- const unsigned char *cookie, size_t clen,
- const unsigned char *info, size_t ilen );
+typedef int mbedtls_ssl_cookie_check_t(void *ctx,
+ const unsigned char *cookie, size_t clen,
+ const unsigned char *info, size_t ilen);
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
/**
@@ -2816,10 +2806,10 @@
* \param f_cookie_check Cookie check callback
* \param p_cookie Context for both callbacks
*/
-void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
- mbedtls_ssl_cookie_write_t *f_cookie_write,
- mbedtls_ssl_cookie_check_t *f_cookie_check,
- void *p_cookie );
+void mbedtls_ssl_conf_dtls_cookies(mbedtls_ssl_config *conf,
+ mbedtls_ssl_cookie_write_t *f_cookie_write,
+ mbedtls_ssl_cookie_check_t *f_cookie_check,
+ void *p_cookie);
/**
* \brief Set client's transport-level identification info.
@@ -2840,9 +2830,9 @@
* MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used on client,
* MBEDTLS_ERR_SSL_ALLOC_FAILED if out of memory.
*/
-int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl,
- const unsigned char *info,
- size_t ilen );
+int mbedtls_ssl_set_client_transport_id(mbedtls_ssl_context *ssl,
+ const unsigned char *info,
+ size_t ilen);
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */
@@ -2862,7 +2852,7 @@
* packets and needs information about them to adjust its
* transmission strategy, then you'll want to disable this.
*/
-void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
+void mbedtls_ssl_conf_dtls_anti_replay(mbedtls_ssl_config *conf, char mode);
#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
/**
@@ -2888,7 +2878,7 @@
* might make us waste resources checking authentication on
* many bogus packets.
*/
-void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit );
+void mbedtls_ssl_conf_dtls_badmac_limit(mbedtls_ssl_config *conf, unsigned limit);
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -2920,8 +2910,8 @@
* are currently always sent in separate datagrams.
*
*/
-void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl,
- unsigned allow_packing );
+void mbedtls_ssl_set_datagram_packing(mbedtls_ssl_context *ssl,
+ unsigned allow_packing);
/**
* \brief Set retransmit timeout values for the DTLS handshake.
@@ -2954,7 +2944,7 @@
* goes: send ... 1s -> resend ... 2s -> resend ... 4s ->
* resend ... 5s -> give up and return a timeout error.
*/
-void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max );
+void mbedtls_ssl_conf_handshake_timeout(mbedtls_ssl_config *conf, uint32_t min, uint32_t max);
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_SRV_C)
@@ -2995,10 +2985,10 @@
* \param f_get_cache session get callback
* \param f_set_cache session set callback
*/
-void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
- void *p_cache,
- mbedtls_ssl_cache_get_t *f_get_cache,
- mbedtls_ssl_cache_set_t *f_set_cache );
+void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf,
+ void *p_cache,
+ mbedtls_ssl_cache_get_t *f_get_cache,
+ mbedtls_ssl_cache_set_t *f_set_cache);
#endif /* MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_CLI_C)
@@ -3047,7 +3037,7 @@
* \sa mbedtls_ssl_get_session()
* \sa mbedtls_ssl_session_load()
*/
-int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session );
+int mbedtls_ssl_set_session(mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session);
#endif /* MBEDTLS_SSL_CLI_C */
/**
@@ -3082,9 +3072,9 @@
* \return Another negative value for other kinds of errors (for
* example, unsupported features in the embedded certificate).
*/
-int mbedtls_ssl_session_load( mbedtls_ssl_session *session,
- const unsigned char *buf,
- size_t len );
+int mbedtls_ssl_session_load(mbedtls_ssl_session *session,
+ const unsigned char *buf,
+ size_t len);
/**
* \brief Save session structure as serialized data in a buffer.
@@ -3111,10 +3101,10 @@
* \return \c 0 if successful.
* \return #MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL if \p buf is too small.
*/
-int mbedtls_ssl_session_save( const mbedtls_ssl_session *session,
- unsigned char *buf,
- size_t buf_len,
- size_t *olen );
+int mbedtls_ssl_session_save(const mbedtls_ssl_session *session,
+ unsigned char *buf,
+ size_t buf_len,
+ size_t *olen);
/**
* \brief Set the list of allowed ciphersuites and the preference
@@ -3157,8 +3147,8 @@
* and \c MBEDTLS_TLS1_3_XXX macros defined in
* ssl_ciphersuites.h.
*/
-void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
- const int *ciphersuites );
+void mbedtls_ssl_conf_ciphersuites(mbedtls_ssl_config *conf,
+ const int *ciphersuites);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/**
@@ -3203,8 +3193,8 @@
*
*/
-void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config* conf,
- const int kex_modes );
+void mbedtls_ssl_conf_tls13_key_exchange_modes(mbedtls_ssl_config *conf,
+ const int kex_modes);
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
@@ -3242,8 +3232,8 @@
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p own_cid_len
* is too large.
*/
-int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len,
- int ignore_other_cids );
+int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, size_t len,
+ int ignore_other_cids);
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -3257,8 +3247,8 @@
* \param conf SSL configuration
* \param profile Profile to use
*/
-void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
- const mbedtls_x509_crt_profile *profile );
+void mbedtls_ssl_conf_cert_profile(mbedtls_ssl_config *conf,
+ const mbedtls_x509_crt_profile *profile);
/**
* \brief Set the data required to verify peer certificate
@@ -3271,9 +3261,9 @@
* \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs)
* \param ca_crl trusted CA CRLs
*/
-void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ca_chain(mbedtls_ssl_config *conf,
mbedtls_x509_crt *ca_chain,
- mbedtls_x509_crl *ca_crl );
+ mbedtls_x509_crl *ca_crl);
#if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
/**
@@ -3288,8 +3278,8 @@
* from which the client should select client peer certificate.
*/
static inline
-void mbedtls_ssl_conf_dn_hints( mbedtls_ssl_config *conf,
- const mbedtls_x509_crt *crt )
+void mbedtls_ssl_conf_dn_hints(mbedtls_ssl_config *conf,
+ const mbedtls_x509_crt *crt)
{
conf->MBEDTLS_PRIVATE(dn_hints) = crt;
}
@@ -3347,9 +3337,9 @@
* to guarantee this (for example through a mutex
* contained in the callback context pointed to by \p p_ca_cb).
*/
-void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf,
- mbedtls_x509_crt_ca_cb_t f_ca_cb,
- void *p_ca_cb );
+void mbedtls_ssl_conf_ca_cb(mbedtls_ssl_config *conf,
+ mbedtls_x509_crt_ca_cb_t f_ca_cb,
+ void *p_ca_cb);
#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
/**
@@ -3388,9 +3378,9 @@
*
* \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED
*/
-int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
+int mbedtls_ssl_conf_own_cert(mbedtls_ssl_config *conf,
mbedtls_x509_crt *own_cert,
- mbedtls_pk_context *pk_key );
+ mbedtls_pk_context *pk_key);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED)
@@ -3426,9 +3416,9 @@
* can be configured. In this case, the old PSK(s) remain intact.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
- const unsigned char *psk, size_t psk_len,
- const unsigned char *psk_identity, size_t psk_identity_len );
+int mbedtls_ssl_conf_psk(mbedtls_ssl_config *conf,
+ const unsigned char *psk, size_t psk_len,
+ const unsigned char *psk_identity, size_t psk_identity_len);
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/**
@@ -3468,10 +3458,10 @@
* can be configured. In this case, the old PSK(s) remain intact.
* \return Another negative error code on other kinds of failure.
*/
-int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
- mbedtls_svc_key_id_t psk,
- const unsigned char *psk_identity,
- size_t psk_identity_len );
+int mbedtls_ssl_conf_psk_opaque(mbedtls_ssl_config *conf,
+ mbedtls_svc_key_id_t psk,
+ const unsigned char *psk_identity,
+ size_t psk_identity_len);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/**
@@ -3490,8 +3480,8 @@
* \return \c 0 if successful.
* \return An \c MBEDTLS_ERR_SSL_XXX error code on failure.
*/
-int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
- const unsigned char *psk, size_t psk_len );
+int mbedtls_ssl_set_hs_psk(mbedtls_ssl_context *ssl,
+ const unsigned char *psk, size_t psk_len);
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/**
@@ -3510,12 +3500,12 @@
* PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows its
* use for the key derivation algorithm
* applied in the handshake.
- *
+ *
* \return \c 0 if successful.
* \return An \c MBEDTLS_ERR_SSL_XXX error code on failure.
*/
-int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,
- mbedtls_svc_key_id_t psk );
+int mbedtls_ssl_set_hs_psk_opaque(mbedtls_ssl_context *ssl,
+ mbedtls_svc_key_id_t psk);
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_SSL_SRV_C)
@@ -3557,10 +3547,10 @@
* \param p_psk A pointer to an opaque structure to be passed to
* the callback, for example a PSK store.
*/
-void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
- int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
- size_t),
- void *p_psk );
+void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf,
+ int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
+ size_t),
+ void *p_psk);
#endif /* MBEDTLS_SSL_SRV_C */
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
@@ -3578,9 +3568,9 @@
*
* \return 0 if successful
*/
-int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
- const unsigned char *dhm_P, size_t P_len,
- const unsigned char *dhm_G, size_t G_len );
+int mbedtls_ssl_conf_dh_param_bin(mbedtls_ssl_config *conf,
+ const unsigned char *dhm_P, size_t P_len,
+ const unsigned char *dhm_G, size_t G_len);
/**
* \brief Set the Diffie-Hellman public P and G values,
@@ -3591,7 +3581,7 @@
*
* \return 0 if successful
*/
-int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx );
+int mbedtls_ssl_conf_dh_param_ctx(mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx);
#endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
@@ -3603,8 +3593,8 @@
* \param conf SSL configuration
* \param bitlen Minimum bit length of the DHM prime
*/
-void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
- unsigned int bitlen );
+void mbedtls_ssl_conf_dhm_min_bitlen(mbedtls_ssl_config *conf,
+ unsigned int bitlen);
#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_ECP_C)
@@ -3650,8 +3640,8 @@
* \param curves Ordered list of allowed curves,
* terminated by MBEDTLS_ECP_DP_NONE.
*/
-void MBEDTLS_DEPRECATED mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
- const mbedtls_ecp_group_id *curves );
+void MBEDTLS_DEPRECATED mbedtls_ssl_conf_curves(mbedtls_ssl_config *conf,
+ const mbedtls_ecp_group_id *curves);
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_ECP_C */
@@ -3692,8 +3682,8 @@
* Must contain valid IANA NamedGroup IDs (provided via either an integer
* or using MBEDTLS_TLS1_3_NAMED_GROUP_XXX macros).
*/
-void mbedtls_ssl_conf_groups( mbedtls_ssl_config *conf,
- const uint16_t *groups );
+void mbedtls_ssl_conf_groups(mbedtls_ssl_config *conf,
+ const uint16_t *groups);
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
#if !defined(MBEDTLS_DEPRECATED_REMOVED) && defined(MBEDTLS_SSL_PROTO_TLS1_2)
@@ -3726,8 +3716,8 @@
* \param hashes Ordered list of allowed signature hashes,
* terminated by \c MBEDTLS_MD_NONE.
*/
-void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
- const int *hashes );
+void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf,
+ const int *hashes);
#endif /* !MBEDTLS_DEPRECATED_REMOVED && MBEDTLS_SSL_PROTO_TLS1_2 */
/**
@@ -3739,8 +3729,8 @@
* available throughout the lifetime of the conf object. Supported
* values are available as \c MBEDTLS_TLS1_3_SIG_XXXX
*/
-void mbedtls_ssl_conf_sig_algs( mbedtls_ssl_config *conf,
- const uint16_t* sig_algs );
+void mbedtls_ssl_conf_sig_algs(mbedtls_ssl_config *conf,
+ const uint16_t *sig_algs);
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -3762,7 +3752,7 @@
* when NULL). On allocation failure hostname is cleared.
* On too long input failure, old hostname is unchanged.
*/
-int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname );
+int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
@@ -3784,8 +3774,8 @@
* - value is not '\0'-terminated. Use \c name_len for len.
* - value must not be freed.
*/
-const unsigned char *mbedtls_ssl_get_hs_sni( mbedtls_ssl_context *ssl,
- size_t *name_len );
+const unsigned char *mbedtls_ssl_get_hs_sni(mbedtls_ssl_context *ssl,
+ size_t *name_len);
/**
* \brief Set own certificate and key for the current handshake
@@ -3802,9 +3792,9 @@
*
* \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED
*/
-int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl,
- mbedtls_x509_crt *own_cert,
- mbedtls_pk_context *pk_key );
+int mbedtls_ssl_set_hs_own_cert(mbedtls_ssl_context *ssl,
+ mbedtls_x509_crt *own_cert,
+ mbedtls_pk_context *pk_key);
/**
* \brief Set the data required to verify peer certificate for the
@@ -3817,9 +3807,9 @@
* \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs)
* \param ca_crl trusted CA CRLs
*/
-void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl,
- mbedtls_x509_crt *ca_chain,
- mbedtls_x509_crl *ca_crl );
+void mbedtls_ssl_set_hs_ca_chain(mbedtls_ssl_context *ssl,
+ mbedtls_x509_crt *ca_chain,
+ mbedtls_x509_crl *ca_crl);
#if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED)
/**
@@ -3832,8 +3822,8 @@
* \param crt crt chain whose subject DNs are issuer DNs of client certs
* from which the client should select client peer certificate.
*/
-void mbedtls_ssl_set_hs_dn_hints( mbedtls_ssl_context *ssl,
- const mbedtls_x509_crt *crt );
+void mbedtls_ssl_set_hs_dn_hints(mbedtls_ssl_context *ssl,
+ const mbedtls_x509_crt *crt);
#endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */
/**
@@ -3846,8 +3836,8 @@
* \param authmode MBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL or
* MBEDTLS_SSL_VERIFY_REQUIRED
*/
-void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl,
- int authmode );
+void mbedtls_ssl_set_hs_authmode(mbedtls_ssl_context *ssl,
+ int authmode);
/**
* \brief Set server side ServerName TLS extension callback
@@ -3871,10 +3861,10 @@
* \param f_sni verification function
* \param p_sni verification parameter
*/
-void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
- int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *,
- size_t),
- void *p_sni );
+void mbedtls_ssl_conf_sni(mbedtls_ssl_config *conf,
+ int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *,
+ size_t),
+ void *p_sni);
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
@@ -3896,9 +3886,9 @@
*
* \return 0 on success, or a negative error code.
*/
-int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
- const unsigned char *pw,
- size_t pw_len );
+int mbedtls_ssl_set_hs_ecjpake_password(mbedtls_ssl_context *ssl,
+ const unsigned char *pw,
+ size_t pw_len);
/**
* \brief Set the EC J-PAKE opaque password for current handshake.
@@ -3914,8 +3904,8 @@
*
* \return 0 on success, or a negative error code.
*/
-int mbedtls_ssl_set_hs_ecjpake_password_opaque( mbedtls_ssl_context *ssl,
- mbedtls_svc_key_id_t pwd );
+int mbedtls_ssl_set_hs_ecjpake_password_opaque(mbedtls_ssl_context *ssl,
+ mbedtls_svc_key_id_t pwd);
#endif /*MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
#if defined(MBEDTLS_SSL_ALPN)
@@ -3931,7 +3921,7 @@
*
* \return 0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA.
*/
-int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos );
+int mbedtls_ssl_conf_alpn_protocols(mbedtls_ssl_config *conf, const char **protos);
/**
* \brief Get the name of the negotiated Application Layer Protocol.
@@ -3942,26 +3932,25 @@
*
* \return Protocol name, or NULL if no protocol was negotiated.
*/
-const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl );
+const char *mbedtls_ssl_get_alpn_protocol(const mbedtls_ssl_context *ssl);
#endif /* MBEDTLS_SSL_ALPN */
#if defined(MBEDTLS_SSL_DTLS_SRTP)
#if defined(MBEDTLS_DEBUG_C)
-static inline const char *mbedtls_ssl_get_srtp_profile_as_string( mbedtls_ssl_srtp_profile profile )
+static inline const char *mbedtls_ssl_get_srtp_profile_as_string(mbedtls_ssl_srtp_profile profile)
{
- switch( profile )
- {
+ switch (profile) {
case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
- return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" );
+ return "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80";
case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
- return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" );
+ return "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32";
case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
- return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" );
+ return "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80";
case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32:
- return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" );
+ return "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32";
default: break;
}
- return( "" );
+ return "";
}
#endif /* MBEDTLS_DEBUG_C */
/**
@@ -3977,8 +3966,8 @@
* #MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED
* or #MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED.
*/
-void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
- int support_mki_value );
+void mbedtls_ssl_conf_srtp_mki_value_supported(mbedtls_ssl_config *conf,
+ int support_mki_value);
/**
* \brief Set the supported DTLS-SRTP protection profiles.
@@ -4000,8 +3989,8 @@
* protection profiles is incorrect.
*/
int mbedtls_ssl_conf_dtls_srtp_protection_profiles
- ( mbedtls_ssl_config *conf,
- const mbedtls_ssl_srtp_profile *profiles );
+ (mbedtls_ssl_config *conf,
+ const mbedtls_ssl_srtp_profile *profiles);
/**
* \brief Set the mki_value for the current DTLS-SRTP session.
@@ -4019,9 +4008,9 @@
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA
* \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
*/
-int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
- unsigned char *mki_value,
- uint16_t mki_len );
+int mbedtls_ssl_dtls_srtp_set_mki_value(mbedtls_ssl_context *ssl,
+ unsigned char *mki_value,
+ uint16_t mki_len);
/**
* \brief Get the negotiated DTLS-SRTP information:
* Protection profile and MKI value.
@@ -4040,8 +4029,8 @@
* or peer's Hello packet was not parsed yet.
* - mki size and value( if size is > 0 ).
*/
-void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl,
- mbedtls_dtls_srtp_info *dtls_srtp_info );
+void mbedtls_ssl_get_dtls_srtp_negotiation_result(const mbedtls_ssl_context *ssl,
+ mbedtls_dtls_srtp_info *dtls_srtp_info);
#endif /* MBEDTLS_SSL_DTLS_SRTP */
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
@@ -4062,7 +4051,8 @@
* (#MBEDTLS_SSL_MINOR_VERSION_3 for (D)TLS 1.2,
* #MBEDTLS_SSL_MINOR_VERSION_4 for TLS 1.3)
*/
-void MBEDTLS_DEPRECATED mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor );
+void MBEDTLS_DEPRECATED mbedtls_ssl_conf_max_version(mbedtls_ssl_config *conf, int major,
+ int minor);
#endif /* MBEDTLS_DEPRECATED_REMOVED */
/**
@@ -4077,8 +4067,8 @@
* \param tls_version TLS protocol version number (\p mbedtls_ssl_protocol_version)
* (#MBEDTLS_SSL_VERSION_UNKNOWN is not valid)
*/
-static inline void mbedtls_ssl_conf_max_tls_version( mbedtls_ssl_config *conf,
- mbedtls_ssl_protocol_version tls_version )
+static inline void mbedtls_ssl_conf_max_tls_version(mbedtls_ssl_config *conf,
+ mbedtls_ssl_protocol_version tls_version)
{
conf->MBEDTLS_PRIVATE(max_tls_version) = tls_version;
}
@@ -4118,7 +4108,8 @@
* (#MBEDTLS_SSL_MINOR_VERSION_3 for (D)TLS 1.2,
* #MBEDTLS_SSL_MINOR_VERSION_4 for TLS 1.3)
*/
-void MBEDTLS_DEPRECATED mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor );
+void MBEDTLS_DEPRECATED mbedtls_ssl_conf_min_version(mbedtls_ssl_config *conf, int major,
+ int minor);
#endif /* MBEDTLS_DEPRECATED_REMOVED */
/**
@@ -4133,8 +4124,8 @@
* \param tls_version TLS protocol version number (\p mbedtls_ssl_protocol_version)
* (#MBEDTLS_SSL_VERSION_UNKNOWN is not valid)
*/
-static inline void mbedtls_ssl_conf_min_tls_version( mbedtls_ssl_config *conf,
- mbedtls_ssl_protocol_version tls_version )
+static inline void mbedtls_ssl_conf_min_tls_version(mbedtls_ssl_config *conf,
+ mbedtls_ssl_protocol_version tls_version)
{
conf->MBEDTLS_PRIVATE(min_tls_version) = tls_version;
}
@@ -4151,7 +4142,7 @@
* \param conf SSL configuration
* \param etm MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED
*/
-void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
+void mbedtls_ssl_conf_encrypt_then_mac(mbedtls_ssl_config *conf, char etm);
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
@@ -4166,7 +4157,7 @@
* \param conf SSL configuration
* \param ems MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED
*/
-void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems );
+void mbedtls_ssl_conf_extended_master_secret(mbedtls_ssl_config *conf, char ems);
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
#if defined(MBEDTLS_SSL_SRV_C)
@@ -4179,8 +4170,8 @@
* \param cert_req_ca_list MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED or
* MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED
*/
-void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,
- char cert_req_ca_list );
+void mbedtls_ssl_conf_cert_req_ca_list(mbedtls_ssl_config *conf,
+ char cert_req_ca_list);
#endif /* MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
@@ -4218,7 +4209,7 @@
*
* \return 0 if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA
*/
-int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code );
+int mbedtls_ssl_conf_max_frag_len(mbedtls_ssl_config *conf, unsigned char mfl_code);
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_SRV_C)
@@ -4231,7 +4222,7 @@
* \param order Server or client (MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_SERVER
* or MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_CLIENT)
*/
-void mbedtls_ssl_conf_preference_order( mbedtls_ssl_config *conf, int order );
+void mbedtls_ssl_conf_preference_order(mbedtls_ssl_config *conf, int order);
#endif /* MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
@@ -4246,7 +4237,7 @@
* \param use_tickets Enable or disable (MBEDTLS_SSL_SESSION_TICKETS_ENABLED or
* MBEDTLS_SSL_SESSION_TICKETS_DISABLED)
*/
-void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets );
+void mbedtls_ssl_conf_session_tickets(mbedtls_ssl_config *conf, int use_tickets);
#endif /* MBEDTLS_SSL_SESSION_TICKETS &&
MBEDTLS_SSL_CLI_C */
@@ -4270,8 +4261,8 @@
* \param num_tickets Number of NewSessionTicket.
*
*/
-void mbedtls_ssl_conf_new_session_tickets( mbedtls_ssl_config *conf,
- uint16_t num_tickets );
+void mbedtls_ssl_conf_new_session_tickets(mbedtls_ssl_config *conf,
+ uint16_t num_tickets);
#endif /* MBEDTLS_SSL_SESSION_TICKETS &&
MBEDTLS_SSL_SRV_C &&
MBEDTLS_SSL_PROTO_TLS1_3*/
@@ -4294,7 +4285,7 @@
* \param renegotiation Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or
* MBEDTLS_SSL_RENEGOTIATION_DISABLED)
*/
-void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation );
+void mbedtls_ssl_conf_renegotiation(mbedtls_ssl_config *conf, int renegotiation);
#endif /* MBEDTLS_SSL_RENEGOTIATION */
/**
@@ -4324,7 +4315,7 @@
* SSL_ALLOW_LEGACY_RENEGOTIATION or
* MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE)
*/
-void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy );
+void mbedtls_ssl_conf_legacy_renegotiation(mbedtls_ssl_config *conf, int allow_legacy);
#if defined(MBEDTLS_SSL_RENEGOTIATION)
/**
@@ -4364,7 +4355,7 @@
* enforce renegotiation, or a non-negative value to enforce
* it but allow for a grace period of max_records records.
*/
-void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records );
+void mbedtls_ssl_conf_renegotiation_enforced(mbedtls_ssl_config *conf, int max_records);
/**
* \brief Set record counter threshold for periodic renegotiation.
@@ -4391,8 +4382,8 @@
* \param conf SSL configuration
* \param period The threshold value: a big-endian 64-bit number.
*/
-void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
- const unsigned char period[8] );
+void mbedtls_ssl_conf_renegotiation_period(mbedtls_ssl_config *conf,
+ const unsigned char period[8]);
#endif /* MBEDTLS_SSL_RENEGOTIATION */
/**
@@ -4433,7 +4424,7 @@
* that all internal data has been processed.
*
*/
-int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_check_pending(const mbedtls_ssl_context *ssl);
/**
* \brief Return the number of application data bytes
@@ -4450,7 +4441,7 @@
* amount of data fitting into the input buffer.
*
*/
-size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl );
+size_t mbedtls_ssl_get_bytes_avail(const mbedtls_ssl_context *ssl);
/**
* \brief Return the result of the certificate verification
@@ -4464,7 +4455,7 @@
* \return A bitwise combination of \c MBEDTLS_X509_BADCERT_XXX
* and \c MBEDTLS_X509_BADCRL_XXX failure flags; see x509.h.
*/
-uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl );
+uint32_t mbedtls_ssl_get_verify_result(const mbedtls_ssl_context *ssl);
/**
* \brief Return the id of the current ciphersuite
@@ -4473,7 +4464,7 @@
*
* \return a ciphersuite id
*/
-int mbedtls_ssl_get_ciphersuite_id_from_ssl( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_get_ciphersuite_id_from_ssl(const mbedtls_ssl_context *ssl);
/**
* \brief Return the name of the current ciphersuite
@@ -4482,7 +4473,7 @@
*
* \return a string containing the ciphersuite name
*/
-const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl );
+const char *mbedtls_ssl_get_ciphersuite(const mbedtls_ssl_context *ssl);
/**
@@ -4497,7 +4488,7 @@
* \return The negotiated protocol version.
*/
static inline mbedtls_ssl_protocol_version mbedtls_ssl_get_version_number(
- const mbedtls_ssl_context *ssl )
+ const mbedtls_ssl_context *ssl)
{
return ssl->MBEDTLS_PRIVATE(tls_version);
}
@@ -4509,7 +4500,7 @@
*
* \return a string containing the TLS version
*/
-const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl );
+const char *mbedtls_ssl_get_version(const mbedtls_ssl_context *ssl);
/**
* \brief Return the (maximum) number of bytes added by the record
@@ -4519,7 +4510,7 @@
*
* \return Current maximum record expansion in bytes
*/
-int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_get_record_expansion(const mbedtls_ssl_context *ssl);
/**
* \brief Return the current maximum outgoing record payload in bytes.
@@ -4546,7 +4537,7 @@
* \return Current maximum payload for an outgoing record,
* or a negative error code.
*/
-int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl);
/**
* \brief Return the current maximum incoming record payload in bytes.
@@ -4566,7 +4557,7 @@
* \return Current maximum payload for an outgoing record,
* or a negative error code.
*/
-int mbedtls_ssl_get_max_in_record_payload( const mbedtls_ssl_context *ssl );
+int mbedtls_ssl_get_max_in_record_payload(const mbedtls_ssl_context *ssl);
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/**
@@ -4599,7 +4590,7 @@
* If you want to use the certificate across API calls,
* you must make a copy.
*/
-const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl );
+const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl);
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_CLI_C)
@@ -4637,8 +4628,8 @@
* \sa mbedtls_ssl_set_session()
* \sa mbedtls_ssl_session_save()
*/
-int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl,
- mbedtls_ssl_session *session );
+int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl,
+ mbedtls_ssl_session *session);
#endif /* MBEDTLS_SSL_CLI_C */
/**
@@ -4691,7 +4682,7 @@
* currently being processed might or might not contain further
* DTLS records.
*/
-int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl);
/**
* \brief After calling mbedtls_ssl_handshake() to start the SSL
@@ -4704,9 +4695,9 @@
*
* \return \c 1 if handshake is over, \c 0 if it is still ongoing.
*/
-static inline int mbedtls_ssl_is_handshake_over( mbedtls_ssl_context *ssl )
+static inline int mbedtls_ssl_is_handshake_over(mbedtls_ssl_context *ssl)
{
- return( ssl->MBEDTLS_PRIVATE( state ) >= MBEDTLS_SSL_HANDSHAKE_OVER );
+ return ssl->MBEDTLS_PRIVATE(state) >= MBEDTLS_SSL_HANDSHAKE_OVER;
}
/**
@@ -4742,7 +4733,7 @@
* re-using it for a new connection; the current connection
* must be closed.
*/
-int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl);
#if defined(MBEDTLS_SSL_RENEGOTIATION)
/**
@@ -4768,7 +4759,7 @@
* must be closed.
*
*/
-int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl);
#endif /* MBEDTLS_SSL_RENEGOTIATION */
/**
@@ -4848,7 +4839,7 @@
* \c mbedtls_ssl_check_pending to check for remaining records.
*
*/
-int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len );
+int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len);
/**
* \brief Try to write exactly 'len' application data bytes
@@ -4910,7 +4901,7 @@
* \note Attempting to write 0 bytes will result in an empty TLS
* application record being sent.
*/
-int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len );
+int mbedtls_ssl_write(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len);
/**
* \brief Send an alert message
@@ -4928,9 +4919,9 @@
* call \c mbedtls_ssl_session_reset() on it before re-using it
* for a new connection; the current connection must be closed.
*/
-int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl,
- unsigned char level,
- unsigned char message );
+int mbedtls_ssl_send_alert_message(mbedtls_ssl_context *ssl,
+ unsigned char level,
+ unsigned char message);
/**
* \brief Notify the peer that the connection is being closed
*
@@ -4944,7 +4935,7 @@
* call \c mbedtls_ssl_session_reset() on it before re-using it
* for a new connection; the current connection must be closed.
*/
-int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl);
#if defined(MBEDTLS_SSL_EARLY_DATA)
@@ -4993,8 +4984,8 @@
* \p ssl. But this is not mandatory.
*
*/
-int mbedtls_ssl_read_early_data( mbedtls_ssl_context *ssl,
- unsigned char *buf, size_t len );
+int mbedtls_ssl_read_early_data(mbedtls_ssl_context *ssl,
+ unsigned char *buf, size_t len);
#endif /* MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_CLI_C)
@@ -5054,8 +5045,8 @@
* mbedtls_ssl_get_early_data_status() with the handshake
* completed.
*/
-int mbedtls_ssl_write_early_data( mbedtls_ssl_context *ssl,
- const unsigned char *buf, size_t len );
+int mbedtls_ssl_write_early_data(mbedtls_ssl_context *ssl,
+ const unsigned char *buf, size_t len);
#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT 0
#define MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED 1
@@ -5086,7 +5077,7 @@
* application data by calling mbedtls_ssl_write().
*
*/
-int mbedtls_ssl_get_early_data_status( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_get_early_data_status(mbedtls_ssl_context *ssl);
#endif /* MBEDTLS_SSL_CLI_C */
#endif /* MBEDTLS_SSL_EARLY_DATA */
@@ -5096,7 +5087,7 @@
*
* \param ssl SSL context
*/
-void mbedtls_ssl_free( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_free(mbedtls_ssl_context *ssl);
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
/**
@@ -5155,10 +5146,10 @@
* or the connection does not use DTLS 1.2 with an AEAD
* ciphersuite, or renegotiation is enabled.
*/
-int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
- unsigned char *buf,
- size_t buf_len,
- size_t *olen );
+int mbedtls_ssl_context_save(mbedtls_ssl_context *ssl,
+ unsigned char *buf,
+ size_t buf_len,
+ size_t *olen);
/**
* \brief Load serialized connection data to an SSL context.
@@ -5228,9 +5219,9 @@
* comes from a different Mbed TLS version or build.
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if input data is invalid.
*/
-int mbedtls_ssl_context_load( mbedtls_ssl_context *ssl,
- const unsigned char *buf,
- size_t len );
+int mbedtls_ssl_context_load(mbedtls_ssl_context *ssl,
+ const unsigned char *buf,
+ size_t len);
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
/**
@@ -5243,7 +5234,7 @@
*
* \param conf SSL configuration context
*/
-void mbedtls_ssl_config_init( mbedtls_ssl_config *conf );
+void mbedtls_ssl_config_init(mbedtls_ssl_config *conf);
/**
* \brief Load reasonable default SSL configuration values.
@@ -5260,22 +5251,22 @@
* \return 0 if successful, or
* MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error.
*/
-int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
- int endpoint, int transport, int preset );
+int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf,
+ int endpoint, int transport, int preset);
/**
* \brief Free an SSL configuration context
*
* \param conf SSL configuration context
*/
-void mbedtls_ssl_config_free( mbedtls_ssl_config *conf );
+void mbedtls_ssl_config_free(mbedtls_ssl_config *conf);
/**
* \brief Initialize SSL session structure
*
* \param session SSL session
*/
-void mbedtls_ssl_session_init( mbedtls_ssl_session *session );
+void mbedtls_ssl_session_init(mbedtls_ssl_session *session);
/**
* \brief Free referenced items in an SSL session including the
@@ -5286,7 +5277,7 @@
*
* \param session SSL session
*/
-void mbedtls_ssl_session_free( mbedtls_ssl_session *session );
+void mbedtls_ssl_session_free(mbedtls_ssl_session *session);
/**
* \brief TLS-PRF function for key derivation.
@@ -5303,11 +5294,11 @@
*
* \return 0 on success. An SSL specific error on failure.
*/
-int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf,
- const unsigned char *secret, size_t slen,
- const char *label,
- const unsigned char *random, size_t rlen,
- unsigned char *dstbuf, size_t dlen );
+int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf,
+ const unsigned char *secret, size_t slen,
+ const char *label,
+ const unsigned char *random, size_t rlen,
+ unsigned char *dstbuf, size_t dlen);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h
index cb016fe..5cd1cd3 100644
--- a/include/mbedtls/ssl_cache.h
+++ b/include/mbedtls/ssl_cache.h
@@ -59,8 +59,7 @@
/**
* \brief This structure is used for storing cache entries
*/
-struct mbedtls_ssl_cache_entry
-{
+struct mbedtls_ssl_cache_entry {
#if defined(MBEDTLS_HAVE_TIME)
mbedtls_time_t MBEDTLS_PRIVATE(timestamp); /*!< entry timestamp */
#endif
@@ -77,8 +76,7 @@
/**
* \brief Cache context
*/
-struct mbedtls_ssl_cache_context
-{
+struct mbedtls_ssl_cache_context {
mbedtls_ssl_cache_entry *MBEDTLS_PRIVATE(chain); /*!< start of the chain */
int MBEDTLS_PRIVATE(timeout); /*!< cache entry timeout */
int MBEDTLS_PRIVATE(max_entries); /*!< maximum entries */
@@ -92,7 +90,7 @@
*
* \param cache SSL cache context
*/
-void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache );
+void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache);
/**
* \brief Cache get callback implementation
@@ -105,10 +103,10 @@
* \param session The address at which to store the session
* associated with \p session_id, if present.
*/
-int mbedtls_ssl_cache_get( void *data,
- unsigned char const *session_id,
- size_t session_id_len,
- mbedtls_ssl_session *session );
+int mbedtls_ssl_cache_get(void *data,
+ unsigned char const *session_id,
+ size_t session_id_len,
+ mbedtls_ssl_session *session);
/**
* \brief Cache set callback implementation
@@ -120,10 +118,10 @@
* \param session_id_len The length of \p session_id in bytes.
* \param session The session to store.
*/
-int mbedtls_ssl_cache_set( void *data,
- unsigned char const *session_id,
- size_t session_id_len,
- const mbedtls_ssl_session *session );
+int mbedtls_ssl_cache_set(void *data,
+ unsigned char const *session_id,
+ size_t session_id_len,
+ const mbedtls_ssl_session *session);
#if defined(MBEDTLS_HAVE_TIME)
/**
@@ -135,7 +133,7 @@
* \param cache SSL cache context
* \param timeout cache entry timeout in seconds
*/
-void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout );
+void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout);
#endif /* MBEDTLS_HAVE_TIME */
/**
@@ -145,14 +143,14 @@
* \param cache SSL cache context
* \param max cache entry maximum
*/
-void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max );
+void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max);
/**
* \brief Free referenced items in a cache context and clear memory
*
* \param cache SSL cache context
*/
-void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache );
+void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
index b46116e..17b8ff7 100644
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/include/mbedtls/ssl_ciphersuites.h
@@ -378,10 +378,9 @@
* in order to pack structure and reduce memory usage by internal
* \c ciphersuite_definitions[]
*/
-struct mbedtls_ssl_ciphersuite_t
-{
+struct mbedtls_ssl_ciphersuite_t {
int MBEDTLS_PRIVATE(id);
- const char * MBEDTLS_PRIVATE(name);
+ const char *MBEDTLS_PRIVATE(name);
uint8_t MBEDTLS_PRIVATE(cipher); /* mbedtls_cipher_type_t */
uint8_t MBEDTLS_PRIVATE(mac); /* mbedtls_md_type_t */
@@ -392,103 +391,98 @@
uint16_t MBEDTLS_PRIVATE(max_tls_version); /* mbedtls_ssl_protocol_version */
};
-const int *mbedtls_ssl_list_ciphersuites( void );
+const int *mbedtls_ssl_list_ciphersuites(void);
-const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
-const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );
+const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(const char *ciphersuite_name);
+const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite_id);
#if defined(MBEDTLS_PK_C)
-mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info);
#if defined(MBEDTLS_USE_PSA_CRYPTO)
-psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg( const mbedtls_ssl_ciphersuite_t *info );
-psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage( const mbedtls_ssl_ciphersuite_t *info );
+psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info);
+psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info);
#endif
-mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info );
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info);
#endif
-int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
-int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );
+int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info);
+int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info);
-static inline const char *mbedtls_ssl_ciphersuite_get_name( const mbedtls_ssl_ciphersuite_t *info )
+static inline const char *mbedtls_ssl_ciphersuite_get_name(const mbedtls_ssl_ciphersuite_t *info)
{
return info->MBEDTLS_PRIVATE(name);
}
-size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen( const mbedtls_ssl_ciphersuite_t *info );
+size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen(const mbedtls_ssl_ciphersuite_t *info);
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info)
{
- switch( info->MBEDTLS_PRIVATE(key_exchange) )
- {
+ switch (info->MBEDTLS_PRIVATE(key_exchange)) {
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
- return( 1 );
+ return 1;
default:
- return( 0 );
+ return 0;
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info)
{
- switch( info->MBEDTLS_PRIVATE(key_exchange) )
- {
+ switch (info->MBEDTLS_PRIVATE(key_exchange)) {
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_PSK:
case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
- return( 1 );
+ return 1;
default:
- return( 0 );
+ return 0;
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info)
{
- switch( info->MBEDTLS_PRIVATE(key_exchange) )
- {
+ switch (info->MBEDTLS_PRIVATE(key_exchange)) {
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
- return( 1 );
+ return 1;
default:
- return( 0 );
+ return 0;
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
-static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
{
- switch( info->MBEDTLS_PRIVATE(key_exchange) )
- {
+ switch (info->MBEDTLS_PRIVATE(key_exchange)) {
case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
- return( 1 );
+ return 1;
default:
- return( 0 );
+ return 0;
}
}
-static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info)
{
- switch( info->MBEDTLS_PRIVATE(key_exchange) )
- {
+ switch (info->MBEDTLS_PRIVATE(key_exchange)) {
case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
@@ -496,56 +490,54 @@
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
- return( 1 );
+ return 1;
default:
- return( 0 );
+ return 0;
}
}
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info)
{
- switch( info->MBEDTLS_PRIVATE(key_exchange) )
- {
+ switch (info->MBEDTLS_PRIVATE(key_exchange)) {
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
- return( 1 );
+ return 1;
default:
- return( 0 );
+ return 0;
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info)
{
- switch( info->MBEDTLS_PRIVATE(key_exchange) )
- {
+ switch (info->MBEDTLS_PRIVATE(key_exchange)) {
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
- return( 1 );
+ return 1;
default:
- return( 0 );
+ return 0;
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_server_signature(
+ const mbedtls_ssl_ciphersuite_t *info)
{
- switch( info->MBEDTLS_PRIVATE(key_exchange) )
- {
+ switch (info->MBEDTLS_PRIVATE(key_exchange)) {
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
- return( 1 );
+ return 1;
default:
- return( 0 );
+ return 0;
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h
index a1ca74b..5cd1847 100644
--- a/include/mbedtls/ssl_cookie.h
+++ b/include/mbedtls/ssl_cookie.h
@@ -53,8 +53,7 @@
/**
* \brief Context for the default cookie functions.
*/
-typedef struct mbedtls_ssl_cookie_ctx
-{
+typedef struct mbedtls_ssl_cookie_ctx {
#if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psa_hmac_key); /*!< key id for the HMAC portion */
psa_algorithm_t MBEDTLS_PRIVATE(psa_hmac_alg); /*!< key algorithm for the HMAC portion */
@@ -65,7 +64,7 @@
unsigned long MBEDTLS_PRIVATE(serial); /*!< serial number for expiration */
#endif
unsigned long MBEDTLS_PRIVATE(timeout); /*!< timeout delay, in seconds if HAVE_TIME,
- or in number of tickets issued */
+ or in number of tickets issued */
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_THREADING_C)
@@ -77,14 +76,14 @@
/**
* \brief Initialize cookie context
*/
-void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx );
+void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx);
/**
* \brief Setup cookie context (generate keys)
*/
-int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
/**
* \brief Set expiration delay for cookies
@@ -95,12 +94,12 @@
* issued in the meantime.
* 0 to disable expiration (NOT recommended)
*/
-void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay );
+void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay);
/**
* \brief Free cookie context
*/
-void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx );
+void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx);
/**
* \brief Generate cookie, see \c mbedtls_ssl_cookie_write_t
diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h
index b8a8a24..0cefe43 100644
--- a/include/mbedtls/ssl_ticket.h
+++ b/include/mbedtls/ssl_ticket.h
@@ -56,10 +56,9 @@
/**
* \brief Information for session ticket protection
*/
-typedef struct mbedtls_ssl_ticket_key
-{
+typedef struct mbedtls_ssl_ticket_key {
unsigned char MBEDTLS_PRIVATE(name)[MBEDTLS_SSL_TICKET_KEY_NAME_BYTES];
- /*!< random key identifier */
+ /*!< random key identifier */
#if defined(MBEDTLS_HAVE_TIME)
mbedtls_time_t MBEDTLS_PRIVATE(generation_time); /*!< key generation timestamp (seconds) */
#endif
@@ -77,15 +76,14 @@
/**
* \brief Context for session ticket handling functions
*/
-typedef struct mbedtls_ssl_ticket_context
-{
+typedef struct mbedtls_ssl_ticket_context {
mbedtls_ssl_ticket_key MBEDTLS_PRIVATE(keys)[2]; /*!< ticket protection keys */
unsigned char MBEDTLS_PRIVATE(active); /*!< index of the currently active key */
uint32_t MBEDTLS_PRIVATE(ticket_lifetime); /*!< lifetime of tickets in seconds */
/** Callback for getting (pseudo-)random numbers */
- int (*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
+ int(*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_rng); /*!< context for the RNG function */
#if defined(MBEDTLS_THREADING_C)
@@ -101,7 +99,7 @@
*
* \param ctx Context to be initialized
*/
-void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx );
+void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx);
/**
* \brief Prepare context to be actually used
@@ -125,10 +123,10 @@
* \return 0 if successful,
* or a specific MBEDTLS_ERR_XXX error code
*/
-int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
- mbedtls_cipher_type_t cipher,
- uint32_t lifetime );
+int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ mbedtls_cipher_type_t cipher,
+ uint32_t lifetime);
/**
* \brief Rotate session ticket encryption key to new specified key.
@@ -162,10 +160,10 @@
* \return 0 if successful,
* or a specific MBEDTLS_ERR_XXX error code
*/
-int mbedtls_ssl_ticket_rotate( mbedtls_ssl_ticket_context *ctx,
- const unsigned char *name, size_t nlength,
- const unsigned char *k, size_t klength,
- uint32_t lifetime );
+int mbedtls_ssl_ticket_rotate(mbedtls_ssl_ticket_context *ctx,
+ const unsigned char *name, size_t nlength,
+ const unsigned char *k, size_t klength,
+ uint32_t lifetime);
/**
* \brief Implementation of the ticket write callback
@@ -186,7 +184,7 @@
*
* \param ctx Context to be cleaned up
*/
-void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx );
+void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h
index fbc7374..1b9c7ce 100644
--- a/include/mbedtls/threading.h
+++ b/include/mbedtls/threading.h
@@ -38,8 +38,7 @@
#if defined(MBEDTLS_THREADING_PTHREAD)
#include <pthread.h>
-typedef struct mbedtls_threading_mutex_t
-{
+typedef struct mbedtls_threading_mutex_t {
pthread_mutex_t MBEDTLS_PRIVATE(mutex);
/* is_valid is 0 after a failed init or a free, and nonzero after a
* successful init. This field is not considered part of the public
@@ -70,15 +69,15 @@
* \param mutex_lock the lock function implementation
* \param mutex_unlock the unlock function implementation
*/
-void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ),
- void (*mutex_free)( mbedtls_threading_mutex_t * ),
- int (*mutex_lock)( mbedtls_threading_mutex_t * ),
- int (*mutex_unlock)( mbedtls_threading_mutex_t * ) );
+void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *),
+ void (*mutex_free)(mbedtls_threading_mutex_t *),
+ int (*mutex_lock)(mbedtls_threading_mutex_t *),
+ int (*mutex_unlock)(mbedtls_threading_mutex_t *));
/**
* \brief Free global mutexes.
*/
-void mbedtls_threading_free_alt( void );
+void mbedtls_threading_free_alt(void);
#endif /* MBEDTLS_THREADING_ALT */
#if defined(MBEDTLS_THREADING_C)
@@ -87,10 +86,10 @@
*
* All these functions are expected to work or the result will be undefined.
*/
-extern void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t *mutex );
-extern void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t *mutex );
-extern int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t *mutex );
-extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex );
+extern void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *mutex);
+extern void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *mutex);
+extern int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *mutex);
+extern int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *mutex);
/*
* Global mutexes
diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h
index 652548d..2d4a19c 100644
--- a/include/mbedtls/timing.h
+++ b/include/mbedtls/timing.h
@@ -38,16 +38,14 @@
/**
* \brief timer structure
*/
-struct mbedtls_timing_hr_time
-{
+struct mbedtls_timing_hr_time {
unsigned char MBEDTLS_PRIVATE(opaque)[32];
};
/**
* \brief Context for mbedtls_timing_set/get_delay()
*/
-typedef struct mbedtls_timing_delay_context
-{
+typedef struct mbedtls_timing_delay_context {
struct mbedtls_timing_hr_time MBEDTLS_PRIVATE(timer);
uint32_t MBEDTLS_PRIVATE(int_ms);
uint32_t MBEDTLS_PRIVATE(fin_ms);
@@ -58,7 +56,7 @@
#endif /* MBEDTLS_TIMING_ALT */
/* Internal use */
-unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset );
+unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset);
/**
* \brief Set a pair of delays to watch
@@ -74,7 +72,7 @@
* \note To set a single delay, either use \c mbedtls_timing_set_timer
* directly or use this function with int_ms == fin_ms.
*/
-void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms );
+void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms);
/**
* \brief Get the status of delays
@@ -88,7 +86,7 @@
* 1 if only the intermediate delay is passed,
* 2 if the final delay is passed.
*/
-int mbedtls_timing_get_delay( void *data );
+int mbedtls_timing_get_delay(void *data);
/**
* \brief Get the final timing delay
@@ -99,7 +97,7 @@
* \return Final timing delay in milliseconds.
*/
uint32_t mbedtls_timing_get_final_delay(
- const mbedtls_timing_delay_context *data );
+ const mbedtls_timing_delay_context *data);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h
index 773da4a..bb1a4c3 100644
--- a/include/mbedtls/version.h
+++ b/include/mbedtls/version.h
@@ -41,7 +41,7 @@
* \return The constructed version number in the format
* MMNNPP00 (Major, Minor, Patch).
*/
-unsigned int mbedtls_version_get_number( void );
+unsigned int mbedtls_version_get_number(void);
/**
* Get the version string ("x.y.z").
@@ -49,7 +49,7 @@
* \param string The string that will receive the value.
* (Should be at least 9 bytes in size)
*/
-void mbedtls_version_get_string( char *string );
+void mbedtls_version_get_string(char *string);
/**
* Get the full version string ("mbed TLS x.y.z").
@@ -60,7 +60,7 @@
* (So the buffer should be at least 18 bytes to receive this
* version string).
*/
-void mbedtls_version_get_string_full( char *string );
+void mbedtls_version_get_string_full(char *string);
/**
* \brief Check if support for a feature was compiled into this
@@ -79,7 +79,7 @@
* -2 if support for feature checking as a whole was not
* compiled in.
*/
-int mbedtls_version_check_feature( const char *feature );
+int mbedtls_version_check_feature(const char *feature);
#ifdef __cplusplus
}
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 213efa0..52fadad 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -244,8 +244,7 @@
typedef mbedtls_asn1_sequence mbedtls_x509_sequence;
/** Container for date and time (precision in seconds). */
-typedef struct mbedtls_x509_time
-{
+typedef struct mbedtls_x509_time {
int year, mon, day; /**< Date. */
int hour, min, sec; /**< Time. */
}
@@ -264,7 +263,7 @@
* \return The length of the string written (not including the
* terminated nul byte), or a negative error code.
*/
-int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn );
+int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn);
/**
* \brief Return the next relative DN in an X509 name.
@@ -277,12 +276,13 @@
* \return Pointer to the first attribute-value pair of the
* next RDN in sequence, or NULL if end is reached.
*/
-static inline mbedtls_x509_name * mbedtls_x509_dn_get_next(
- mbedtls_x509_name * dn )
+static inline mbedtls_x509_name *mbedtls_x509_dn_get_next(
+ mbedtls_x509_name *dn)
{
- while( dn->MBEDTLS_PRIVATE(next_merged) && dn->next != NULL )
+ while (dn->MBEDTLS_PRIVATE(next_merged) && dn->next != NULL) {
dn = dn->next;
- return( dn->next );
+ }
+ return dn->next;
}
/**
@@ -296,7 +296,7 @@
* \return The length of the string written (not including the
* terminated nul byte), or a negative error code.
*/
-int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial );
+int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial);
/**
* \brief Check a given mbedtls_x509_time against the system time
@@ -310,7 +310,7 @@
* \return 1 if the given time is in the past or an error occurred,
* 0 otherwise.
*/
-int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
+int mbedtls_x509_time_is_past(const mbedtls_x509_time *to);
/**
* \brief Check a given mbedtls_x509_time against the system time
@@ -324,7 +324,7 @@
* \return 1 if the given time is in the future or an error occurred,
* 0 otherwise.
*/
-int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
+int mbedtls_x509_time_is_future(const mbedtls_x509_time *from);
/** \} addtogroup x509_module */
@@ -332,53 +332,53 @@
* Internal module functions. You probably do not want to use these unless you
* know you do.
*/
-int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end,
- mbedtls_x509_name *cur );
-int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
- mbedtls_x509_buf *alg );
-int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
- mbedtls_x509_buf *alg, mbedtls_x509_buf *params );
+int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end,
+ mbedtls_x509_name *cur);
+int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end,
+ mbedtls_x509_buf *alg);
+int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end,
+ mbedtls_x509_buf *alg, mbedtls_x509_buf *params);
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params,
- mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
- int *salt_len );
+int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params,
+ mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
+ int *salt_len);
#endif
-int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig );
-int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
- mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
- void **sig_opts );
-int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
- mbedtls_x509_time *t );
-int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
- mbedtls_x509_buf *serial );
-int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
- mbedtls_x509_buf *ext, int tag );
+int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig);
+int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
+ mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
+ void **sig_opts);
+int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end,
+ mbedtls_x509_time *t);
+int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end,
+ mbedtls_x509_buf *serial);
+int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end,
+ mbedtls_x509_buf *ext, int tag);
#if !defined(MBEDTLS_X509_REMOVE_INFO)
-int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
- mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
- const void *sig_opts );
+int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
+ mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
+ const void *sig_opts);
#endif
-int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name );
-int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name );
-int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
- int critical, const unsigned char *val,
- size_t val_len );
-int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start,
- mbedtls_asn1_named_data *first );
-int mbedtls_x509_write_names( unsigned char **p, unsigned char *start,
- mbedtls_asn1_named_data *first );
-int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
- const char *oid, size_t oid_len,
- unsigned char *sig, size_t size );
+int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name);
+int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name);
+int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
+ int critical, const unsigned char *val,
+ size_t val_len);
+int mbedtls_x509_write_extensions(unsigned char **p, unsigned char *start,
+ mbedtls_asn1_named_data *first);
+int mbedtls_x509_write_names(unsigned char **p, unsigned char *start,
+ mbedtls_asn1_named_data *first);
+int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start,
+ const char *oid, size_t oid_len,
+ unsigned char *sig, size_t size);
#define MBEDTLS_X509_SAFE_SNPRINTF \
do { \
- if( ret < 0 || (size_t) ret >= n ) \
- return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); \
- \
+ if (ret < 0 || (size_t) ret >= n) \
+ return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; \
+ \
n -= (size_t) ret; \
p += (size_t) ret; \
- } while( 0 )
+ } while (0)
#ifdef __cplusplus
}
diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h
index 0339db8..49bbf61 100644
--- a/include/mbedtls/x509_crl.h
+++ b/include/mbedtls/x509_crl.h
@@ -48,8 +48,7 @@
* them except via Mbed TLS library functions: the effect of modifying
* those fields or the data that those fields points to is unspecified.
*/
-typedef struct mbedtls_x509_crl_entry
-{
+typedef struct mbedtls_x509_crl_entry {
/** Direct access to the whole entry inside the containing buffer. */
mbedtls_x509_buf raw;
/** The serial number of the revoked certificate. */
@@ -74,8 +73,7 @@
* Certificate revocation list structure.
* Every CRL may have multiple entries.
*/
-typedef struct mbedtls_x509_crl
-{
+typedef struct mbedtls_x509_crl {
mbedtls_x509_buf raw; /**< The raw certificate data (DER). */
mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
@@ -116,8 +114,8 @@
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
-int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
- const unsigned char *buf, size_t buflen );
+int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain,
+ const unsigned char *buf, size_t buflen);
/**
* \brief Parse one or more CRLs and append them to the chained list
*
@@ -130,7 +128,7 @@
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
-int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen );
+int mbedtls_x509_crl_parse(mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen);
#if defined(MBEDTLS_FS_IO)
/**
@@ -143,7 +141,7 @@
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
-int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path );
+int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path);
#endif /* MBEDTLS_FS_IO */
#if !defined(MBEDTLS_X509_REMOVE_INFO)
@@ -158,8 +156,8 @@
* \return The length of the string written (not including the
* terminated nul byte), or a negative error code.
*/
-int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
- const mbedtls_x509_crl *crl );
+int mbedtls_x509_crl_info(char *buf, size_t size, const char *prefix,
+ const mbedtls_x509_crl *crl);
#endif /* !MBEDTLS_X509_REMOVE_INFO */
/**
@@ -167,14 +165,14 @@
*
* \param crl CRL chain to initialize
*/
-void mbedtls_x509_crl_init( mbedtls_x509_crl *crl );
+void mbedtls_x509_crl_init(mbedtls_x509_crl *crl);
/**
* \brief Unallocate all CRL data
*
* \param crl CRL chain to free
*/
-void mbedtls_x509_crl_free( mbedtls_x509_crl *crl );
+void mbedtls_x509_crl_free(mbedtls_x509_crl *crl);
/** \} name Structures and functions for parsing CRLs */
/** \} addtogroup x509_module */
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index d2b7648..661f8aa 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -51,10 +51,9 @@
* them except via Mbed TLS library functions: the effect of modifying
* those fields or the data that those fields points to is unspecified.
*/
-typedef struct mbedtls_x509_crt
-{
+typedef struct mbedtls_x509_crt {
int MBEDTLS_PRIVATE(own_buffer); /**< Indicates if \c raw is owned
- * by the structure or not. */
+ * by the structure or not. */
mbedtls_x509_buf raw; /**< The raw certificate data (DER). */
mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
@@ -112,24 +111,21 @@
* Future versions of the library may add new fields to this structure or
* to its embedded union and structure.
*/
-typedef struct mbedtls_x509_san_other_name
-{
+typedef struct mbedtls_x509_san_other_name {
/**
* The type_id is an OID as defined in RFC 5280.
* To check the value of the type id, you should use
* \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf.
*/
mbedtls_x509_buf type_id; /**< The type id. */
- union
- {
+ union {
/**
* From RFC 4108 section 5:
* HardwareModuleName ::= SEQUENCE {
* hwType OBJECT IDENTIFIER,
* hwSerialNum OCTET STRING }
*/
- struct
- {
+ struct {
mbedtls_x509_buf oid; /**< The object identifier. */
mbedtls_x509_buf val; /**< The named value. */
}
@@ -146,8 +142,7 @@
* Future versions of the library may add new fields to this structure or
* to its embedded union and structure.
*/
-typedef struct mbedtls_x509_subject_alternative_name
-{
+typedef struct mbedtls_x509_subject_alternative_name {
int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */
union {
mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */
@@ -161,7 +156,7 @@
* Build flag from an algorithm/curve identifier (pk, md, ecp)
* Since 0 is always XXX_NONE, ignore it.
*/
-#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( (id) - 1 ) )
+#define MBEDTLS_X509_ID_FLAG(id) (1 << ((id) - 1))
/**
* Security profile for certificate verification.
@@ -188,8 +183,7 @@
* my_profile.allowed_pks = MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA );
* my_profile.rsa_min_bitlen = 3072;
*/
-typedef struct mbedtls_x509_crt_profile
-{
+typedef struct mbedtls_x509_crt_profile {
uint32_t allowed_mds; /**< MDs for signatures */
uint32_t allowed_pks; /**< PK algs for public keys;
* this applies to all certificates
@@ -206,7 +200,7 @@
#define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32
#define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15
-#if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN )
+#if !defined(MBEDTLS_X509_MAX_FILE_PATH_LEN)
#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512
#endif
@@ -217,72 +211,71 @@
* where X509_CRT_ERROR_INFO is defined by the user.
* See x509_crt.c for an example of how to use this. */
#define MBEDTLS_X509_CRT_ERROR_INFO_LIST \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_EXPIRED, \
- "MBEDTLS_X509_BADCERT_EXPIRED", \
- "The certificate validity has expired" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_REVOKED, \
- "MBEDTLS_X509_BADCERT_REVOKED", \
- "The certificate has been revoked (is on a CRL)" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_CN_MISMATCH, \
- "MBEDTLS_X509_BADCERT_CN_MISMATCH", \
- "The certificate Common Name (CN) does not match with the expected CN" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_NOT_TRUSTED, \
- "MBEDTLS_X509_BADCERT_NOT_TRUSTED", \
- "The certificate is not correctly signed by the trusted CA" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_NOT_TRUSTED, \
- "MBEDTLS_X509_BADCRL_NOT_TRUSTED", \
- "The CRL is not correctly signed by the trusted CA" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_EXPIRED, \
- "MBEDTLS_X509_BADCRL_EXPIRED", \
- "The CRL is expired" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_MISSING, \
- "MBEDTLS_X509_BADCERT_MISSING", \
- "Certificate was missing" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_SKIP_VERIFY, \
- "MBEDTLS_X509_BADCERT_SKIP_VERIFY", \
- "Certificate verification was skipped" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_OTHER, \
- "MBEDTLS_X509_BADCERT_OTHER", \
- "Other reason (can be used by verify callback)" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_FUTURE, \
- "MBEDTLS_X509_BADCERT_FUTURE", \
- "The certificate validity starts in the future" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_FUTURE, \
- "MBEDTLS_X509_BADCRL_FUTURE", \
- "The CRL is from the future" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_KEY_USAGE, \
- "MBEDTLS_X509_BADCERT_KEY_USAGE", \
- "Usage does not match the keyUsage extension" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, \
- "MBEDTLS_X509_BADCERT_EXT_KEY_USAGE", \
- "Usage does not match the extendedKeyUsage extension" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_NS_CERT_TYPE, \
- "MBEDTLS_X509_BADCERT_NS_CERT_TYPE", \
- "Usage does not match the nsCertType extension" ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_MD, \
- "MBEDTLS_X509_BADCERT_BAD_MD", \
- "The certificate is signed with an unacceptable hash." ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_PK, \
- "MBEDTLS_X509_BADCERT_BAD_PK", \
- "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_KEY, \
- "MBEDTLS_X509_BADCERT_BAD_KEY", \
- "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_MD, \
- "MBEDTLS_X509_BADCRL_BAD_MD", \
- "The CRL is signed with an unacceptable hash." ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_PK, \
- "MBEDTLS_X509_BADCRL_BAD_PK", \
- "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." ) \
- X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_KEY, \
- "MBEDTLS_X509_BADCRL_BAD_KEY", \
- "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." )
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_EXPIRED, \
+ "MBEDTLS_X509_BADCERT_EXPIRED", \
+ "The certificate validity has expired") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_REVOKED, \
+ "MBEDTLS_X509_BADCERT_REVOKED", \
+ "The certificate has been revoked (is on a CRL)") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_CN_MISMATCH, \
+ "MBEDTLS_X509_BADCERT_CN_MISMATCH", \
+ "The certificate Common Name (CN) does not match with the expected CN") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_NOT_TRUSTED, \
+ "MBEDTLS_X509_BADCERT_NOT_TRUSTED", \
+ "The certificate is not correctly signed by the trusted CA") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_NOT_TRUSTED, \
+ "MBEDTLS_X509_BADCRL_NOT_TRUSTED", \
+ "The CRL is not correctly signed by the trusted CA") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_EXPIRED, \
+ "MBEDTLS_X509_BADCRL_EXPIRED", \
+ "The CRL is expired") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_MISSING, \
+ "MBEDTLS_X509_BADCERT_MISSING", \
+ "Certificate was missing") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_SKIP_VERIFY, \
+ "MBEDTLS_X509_BADCERT_SKIP_VERIFY", \
+ "Certificate verification was skipped") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_OTHER, \
+ "MBEDTLS_X509_BADCERT_OTHER", \
+ "Other reason (can be used by verify callback)") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_FUTURE, \
+ "MBEDTLS_X509_BADCERT_FUTURE", \
+ "The certificate validity starts in the future") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_FUTURE, \
+ "MBEDTLS_X509_BADCRL_FUTURE", \
+ "The CRL is from the future") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_KEY_USAGE, \
+ "MBEDTLS_X509_BADCERT_KEY_USAGE", \
+ "Usage does not match the keyUsage extension") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, \
+ "MBEDTLS_X509_BADCERT_EXT_KEY_USAGE", \
+ "Usage does not match the extendedKeyUsage extension") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_NS_CERT_TYPE, \
+ "MBEDTLS_X509_BADCERT_NS_CERT_TYPE", \
+ "Usage does not match the nsCertType extension") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_BAD_MD, \
+ "MBEDTLS_X509_BADCERT_BAD_MD", \
+ "The certificate is signed with an unacceptable hash.") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_BAD_PK, \
+ "MBEDTLS_X509_BADCERT_BAD_PK", \
+ "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA).") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_BAD_KEY, \
+ "MBEDTLS_X509_BADCERT_BAD_KEY", \
+ "The certificate is signed with an unacceptable key (eg bad curve, RSA too short).") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_BAD_MD, \
+ "MBEDTLS_X509_BADCRL_BAD_MD", \
+ "The CRL is signed with an unacceptable hash.") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_BAD_PK, \
+ "MBEDTLS_X509_BADCRL_BAD_PK", \
+ "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA).") \
+ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_BAD_KEY, \
+ "MBEDTLS_X509_BADCRL_BAD_KEY", \
+ "The CRL is signed with an unacceptable key (eg bad curve, RSA too short).")
/**
* Container for writing a certificate (CRT)
*/
-typedef struct mbedtls_x509write_cert
-{
+typedef struct mbedtls_x509write_cert {
int MBEDTLS_PRIVATE(version);
mbedtls_mpi MBEDTLS_PRIVATE(serial);
mbedtls_pk_context *MBEDTLS_PRIVATE(subject_key);
@@ -307,13 +300,12 @@
/**
* Max size of verification chain: end-entity + intermediates + trusted root
*/
-#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 )
+#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE (MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2)
/**
* Verification chain as built by \c mbedtls_crt_verify_chain()
*/
-typedef struct
-{
+typedef struct {
mbedtls_x509_crt_verify_chain_item MBEDTLS_PRIVATE(items)[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE];
unsigned MBEDTLS_PRIVATE(len);
@@ -331,8 +323,7 @@
/**
* \brief Context for resuming X.509 verify operations
*/
-typedef struct
-{
+typedef struct {
/* for check_signature() */
mbedtls_pk_restart_ctx MBEDTLS_PRIVATE(pk);
@@ -415,9 +406,9 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain,
- const unsigned char *buf,
- size_t buflen );
+int mbedtls_x509_crt_parse_der(mbedtls_x509_crt *chain,
+ const unsigned char *buf,
+ size_t buflen);
/**
* \brief The type of certificate extension callbacks.
@@ -449,12 +440,12 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx,
- mbedtls_x509_crt const *crt,
- mbedtls_x509_buf const *oid,
- int critical,
- const unsigned char *p,
- const unsigned char *end );
+typedef int (*mbedtls_x509_crt_ext_cb_t)(void *p_ctx,
+ mbedtls_x509_crt const *crt,
+ mbedtls_x509_buf const *oid,
+ int critical,
+ const unsigned char *p,
+ const unsigned char *end);
/**
* \brief Parse a single DER formatted certificate and add it
@@ -496,12 +487,12 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain,
- const unsigned char *buf,
- size_t buflen,
- int make_copy,
- mbedtls_x509_crt_ext_cb_t cb,
- void *p_ctx );
+int mbedtls_x509_crt_parse_der_with_ext_cb(mbedtls_x509_crt *chain,
+ const unsigned char *buf,
+ size_t buflen,
+ int make_copy,
+ mbedtls_x509_crt_ext_cb_t cb,
+ void *p_ctx);
/**
* \brief Parse a single DER formatted certificate and add it
@@ -530,9 +521,9 @@
* \return \c 0 if successful.
* \return A negative error code on failure.
*/
-int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain,
- const unsigned char *buf,
- size_t buflen );
+int mbedtls_x509_crt_parse_der_nocopy(mbedtls_x509_crt *chain,
+ const unsigned char *buf,
+ size_t buflen);
/**
* \brief Parse one DER-encoded or one or more concatenated PEM-encoded
@@ -564,7 +555,7 @@
* \return A negative X509 or PEM error code otherwise.
*
*/
-int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen );
+int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen);
#if defined(MBEDTLS_FS_IO)
/**
@@ -580,7 +571,7 @@
* \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code
*/
-int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path );
+int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path);
/**
* \brief Load one or more certificate files from a path and add them
@@ -595,7 +586,7 @@
* \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code
*/
-int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
+int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path);
#endif /* MBEDTLS_FS_IO */
/**
@@ -625,8 +616,8 @@
* SAN type.
* \return Another negative value for any other failure.
*/
-int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf,
- mbedtls_x509_subject_alternative_name *san );
+int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf,
+ mbedtls_x509_subject_alternative_name *san);
#if !defined(MBEDTLS_X509_REMOVE_INFO)
/**
@@ -641,8 +632,8 @@
* \return The length of the string written (not including the
* terminated nul byte), or a negative error code.
*/
-int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
- const mbedtls_x509_crt *crt );
+int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix,
+ const mbedtls_x509_crt *crt);
/**
* \brief Returns an informational string about the
@@ -656,8 +647,8 @@
* \return The length of the string written (not including the
* terminated nul byte), or a negative error code.
*/
-int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
- uint32_t flags );
+int mbedtls_x509_crt_verify_info(char *buf, size_t size, const char *prefix,
+ uint32_t flags);
#endif /* !MBEDTLS_X509_REMOVE_INFO */
/**
@@ -726,12 +717,12 @@
* \return Another negative error code in case of a fatal error
* encountered during the verification process.
*/
-int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
- mbedtls_x509_crt *trust_ca,
- mbedtls_x509_crl *ca_crl,
- const char *cn, uint32_t *flags,
- int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
- void *p_vrfy );
+int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt,
+ mbedtls_x509_crt *trust_ca,
+ mbedtls_x509_crl *ca_crl,
+ const char *cn, uint32_t *flags,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+ void *p_vrfy);
/**
* \brief Verify a chain of certificates with respect to
@@ -767,13 +758,13 @@
* \return Another negative error code in case of a fatal error
* encountered during the verification process.
*/
-int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
- mbedtls_x509_crt *trust_ca,
- mbedtls_x509_crl *ca_crl,
- const mbedtls_x509_crt_profile *profile,
- const char *cn, uint32_t *flags,
- int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
- void *p_vrfy );
+int mbedtls_x509_crt_verify_with_profile(mbedtls_x509_crt *crt,
+ mbedtls_x509_crt *trust_ca,
+ mbedtls_x509_crl *ca_crl,
+ const mbedtls_x509_crt_profile *profile,
+ const char *cn, uint32_t *flags,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+ void *p_vrfy);
/**
* \brief Restartable version of \c mbedtls_crt_verify_with_profile()
@@ -801,14 +792,14 @@
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops().
*/
-int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
- mbedtls_x509_crt *trust_ca,
- mbedtls_x509_crl *ca_crl,
- const mbedtls_x509_crt_profile *profile,
- const char *cn, uint32_t *flags,
- int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
- void *p_vrfy,
- mbedtls_x509_crt_restart_ctx *rs_ctx );
+int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt,
+ mbedtls_x509_crt *trust_ca,
+ mbedtls_x509_crl *ca_crl,
+ const mbedtls_x509_crt_profile *profile,
+ const char *cn, uint32_t *flags,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+ void *p_vrfy,
+ mbedtls_x509_crt_restart_ctx *rs_ctx);
/**
* \brief The type of trusted certificate callbacks.
@@ -840,9 +831,9 @@
* to the caller.
* \return A negative error code on failure.
*/
-typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx,
- mbedtls_x509_crt const *child,
- mbedtls_x509_crt **candidate_cas );
+typedef int (*mbedtls_x509_crt_ca_cb_t)(void *p_ctx,
+ mbedtls_x509_crt const *child,
+ mbedtls_x509_crt **candidate_cas);
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
/**
@@ -867,13 +858,13 @@
*
* \return See \c mbedtls_crt_verify_with_profile().
*/
-int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt,
- mbedtls_x509_crt_ca_cb_t f_ca_cb,
- void *p_ca_cb,
- const mbedtls_x509_crt_profile *profile,
- const char *cn, uint32_t *flags,
- int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
- void *p_vrfy );
+int mbedtls_x509_crt_verify_with_ca_cb(mbedtls_x509_crt *crt,
+ mbedtls_x509_crt_ca_cb_t f_ca_cb,
+ void *p_ca_cb,
+ const mbedtls_x509_crt_profile *profile,
+ const char *cn, uint32_t *flags,
+ int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+ void *p_vrfy);
#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
@@ -898,8 +889,8 @@
* (intermediate) CAs the keyUsage extension is automatically
* checked by \c mbedtls_x509_crt_verify().
*/
-int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
- unsigned int usage );
+int mbedtls_x509_crt_check_key_usage(const mbedtls_x509_crt *crt,
+ unsigned int usage);
/**
* \brief Check usage of certificate against extendedKeyUsage.
@@ -914,9 +905,9 @@
*
* \note Usually only makes sense on leaf certificates.
*/
-int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
- const char *usage_oid,
- size_t usage_len );
+int mbedtls_x509_crt_check_extended_key_usage(const mbedtls_x509_crt *crt,
+ const char *usage_oid,
+ size_t usage_len);
#if defined(MBEDTLS_X509_CRL_PARSE_C)
/**
@@ -928,7 +919,7 @@
* \return 1 if the certificate is revoked, 0 otherwise
*
*/
-int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl );
+int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl);
#endif /* MBEDTLS_X509_CRL_PARSE_C */
/**
@@ -936,25 +927,25 @@
*
* \param crt Certificate chain to initialize
*/
-void mbedtls_x509_crt_init( mbedtls_x509_crt *crt );
+void mbedtls_x509_crt_init(mbedtls_x509_crt *crt);
/**
* \brief Unallocate all certificate data
*
* \param crt Certificate chain to free
*/
-void mbedtls_x509_crt_free( mbedtls_x509_crt *crt );
+void mbedtls_x509_crt_free(mbedtls_x509_crt *crt);
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
/**
* \brief Initialize a restart context
*/
-void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx );
+void mbedtls_x509_crt_restart_init(mbedtls_x509_crt_restart_ctx *ctx);
/**
* \brief Free the components of a restart context
*/
-void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx );
+void mbedtls_x509_crt_restart_free(mbedtls_x509_crt_restart_ctx *ctx);
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
@@ -969,8 +960,8 @@
* \return 0 if the given extension type is not present,
* non-zero otherwise
*/
-static inline int mbedtls_x509_crt_has_ext_type( const mbedtls_x509_crt *ctx,
- int ext_type )
+static inline int mbedtls_x509_crt_has_ext_type(const mbedtls_x509_crt *ctx,
+ int ext_type)
{
return ctx->MBEDTLS_PRIVATE(ext_types) & ext_type;
}
@@ -983,7 +974,7 @@
*
* \param ctx CRT context to initialize
*/
-void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx );
+void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx);
/**
* \brief Set the version for a Certificate
@@ -993,7 +984,7 @@
* \param version version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or
* MBEDTLS_X509_CRT_VERSION_3)
*/
-void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version );
+void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx, int version);
/**
* \brief Set the serial number for a Certificate.
@@ -1003,7 +994,7 @@
*
* \return 0 if successful
*/
-int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial );
+int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial);
/**
* \brief Set the validity period for a Certificate
@@ -1019,8 +1010,8 @@
* \return 0 if timestamp was parsed successfully, or
* a specific error code
*/
-int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before,
- const char *not_after );
+int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, const char *not_before,
+ const char *not_after);
/**
* \brief Set the issuer name for a Certificate
@@ -1034,8 +1025,8 @@
* \return 0 if issuer name was parsed successfully, or
* a specific error code
*/
-int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
- const char *issuer_name );
+int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx,
+ const char *issuer_name);
/**
* \brief Set the subject name for a Certificate
@@ -1049,8 +1040,8 @@
* \return 0 if subject name was parsed successfully, or
* a specific error code
*/
-int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
- const char *subject_name );
+int mbedtls_x509write_crt_set_subject_name(mbedtls_x509write_cert *ctx,
+ const char *subject_name);
/**
* \brief Set the subject public key for the certificate
@@ -1058,7 +1049,7 @@
* \param ctx CRT context to use
* \param key public key to include
*/
-void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key );
+void mbedtls_x509write_crt_set_subject_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key);
/**
* \brief Set the issuer key used for signing the certificate
@@ -1066,7 +1057,7 @@
* \param ctx CRT context to use
* \param key private key to sign with
*/
-void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key );
+void mbedtls_x509write_crt_set_issuer_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key);
/**
* \brief Set the MD algorithm to use for the signature
@@ -1075,7 +1066,7 @@
* \param ctx CRT context to use
* \param md_alg MD algorithm to use
*/
-void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg );
+void mbedtls_x509write_crt_set_md_alg(mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg);
/**
* \brief Generic function to add to or replace an extension in the
@@ -1090,10 +1081,10 @@
*
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/
-int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
- const char *oid, size_t oid_len,
- int critical,
- const unsigned char *val, size_t val_len );
+int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx,
+ const char *oid, size_t oid_len,
+ int critical,
+ const unsigned char *val, size_t val_len);
/**
* \brief Set the basicConstraints extension for a CRT
@@ -1106,8 +1097,8 @@
*
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/
-int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
- int is_ca, int max_pathlen );
+int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx,
+ int is_ca, int max_pathlen);
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
/**
@@ -1119,7 +1110,7 @@
*
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/
-int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx );
+int mbedtls_x509write_crt_set_subject_key_identifier(mbedtls_x509write_cert *ctx);
/**
* \brief Set the authorityKeyIdentifier extension for a CRT
@@ -1130,7 +1121,7 @@
*
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/
-int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx );
+int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *ctx);
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
/**
@@ -1142,8 +1133,8 @@
*
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*/
-int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
- unsigned int key_usage );
+int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx,
+ unsigned int key_usage);
/**
* \brief Set the Extended Key Usage Extension
@@ -1155,8 +1146,8 @@
*
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*/
-int mbedtls_x509write_crt_set_ext_key_usage( mbedtls_x509write_cert *ctx,
- const mbedtls_asn1_sequence *exts );
+int mbedtls_x509write_crt_set_ext_key_usage(mbedtls_x509write_cert *ctx,
+ const mbedtls_asn1_sequence *exts);
/**
* \brief Set the Netscape Cert Type flags
@@ -1167,15 +1158,15 @@
*
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*/
-int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
- unsigned char ns_cert_type );
+int mbedtls_x509write_crt_set_ns_cert_type(mbedtls_x509write_cert *ctx,
+ unsigned char ns_cert_type);
/**
* \brief Free the contents of a CRT write context
*
* \param ctx CRT context to free
*/
-void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx );
+void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx);
/**
* \brief Write a built up certificate to a X509 DER structure
@@ -1194,9 +1185,9 @@
*
* \note \p f_rng is used for the signature operation.
*/
-int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
#if defined(MBEDTLS_PEM_WRITE_C)
/**
@@ -1212,9 +1203,9 @@
*
* \note \p f_rng is used for the signature operation.
*/
-int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
#endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_X509_CRT_WRITE_C */
diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h
index 44b7aab..50998c4 100644
--- a/include/mbedtls/x509_csr.h
+++ b/include/mbedtls/x509_csr.h
@@ -47,8 +47,7 @@
* them except via Mbed TLS library functions: the effect of modifying
* those fields or the data that those fields point to is unspecified.
*/
-typedef struct mbedtls_x509_csr
-{
+typedef struct mbedtls_x509_csr {
mbedtls_x509_buf raw; /**< The raw CSR data (DER). */
mbedtls_x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */
@@ -70,8 +69,7 @@
/**
* Container for writing a CSR
*/
-typedef struct mbedtls_x509write_csr
-{
+typedef struct mbedtls_x509write_csr {
mbedtls_pk_context *MBEDTLS_PRIVATE(key);
mbedtls_asn1_named_data *MBEDTLS_PRIVATE(subject);
mbedtls_md_type_t MBEDTLS_PRIVATE(md_alg);
@@ -91,8 +89,8 @@
*
* \return 0 if successful, or a specific X509 error code
*/
-int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
- const unsigned char *buf, size_t buflen );
+int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr,
+ const unsigned char *buf, size_t buflen);
/**
* \brief Load a Certificate Signing Request (CSR), DER or PEM format
@@ -106,7 +104,7 @@
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
-int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen );
+int mbedtls_x509_csr_parse(mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen);
#if defined(MBEDTLS_FS_IO)
/**
@@ -119,7 +117,7 @@
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
-int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path );
+int mbedtls_x509_csr_parse_file(mbedtls_x509_csr *csr, const char *path);
#endif /* MBEDTLS_FS_IO */
#if !defined(MBEDTLS_X509_REMOVE_INFO)
@@ -135,8 +133,8 @@
* \return The length of the string written (not including the
* terminated nul byte), or a negative error code.
*/
-int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
- const mbedtls_x509_csr *csr );
+int mbedtls_x509_csr_info(char *buf, size_t size, const char *prefix,
+ const mbedtls_x509_csr *csr);
#endif /* !MBEDTLS_X509_REMOVE_INFO */
/**
@@ -144,14 +142,14 @@
*
* \param csr CSR to initialize
*/
-void mbedtls_x509_csr_init( mbedtls_x509_csr *csr );
+void mbedtls_x509_csr_init(mbedtls_x509_csr *csr);
/**
* \brief Unallocate all CSR data
*
* \param csr CSR to free
*/
-void mbedtls_x509_csr_free( mbedtls_x509_csr *csr );
+void mbedtls_x509_csr_free(mbedtls_x509_csr *csr);
#endif /* MBEDTLS_X509_CSR_PARSE_C */
/** \} name Structures and functions for X.509 Certificate Signing Requests (CSR) */
@@ -162,7 +160,7 @@
*
* \param ctx CSR context to initialize
*/
-void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx );
+void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx);
/**
* \brief Set the subject name for a CSR
@@ -176,8 +174,8 @@
* \return 0 if subject name was parsed successfully, or
* a specific error code
*/
-int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
- const char *subject_name );
+int mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr *ctx,
+ const char *subject_name);
/**
* \brief Set the key for a CSR (public key will be included,
@@ -186,7 +184,7 @@
* \param ctx CSR context to use
* \param key Asymmetric key to include
*/
-void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key );
+void mbedtls_x509write_csr_set_key(mbedtls_x509write_csr *ctx, mbedtls_pk_context *key);
/**
* \brief Set the MD algorithm to use for the signature
@@ -195,7 +193,7 @@
* \param ctx CSR context to use
* \param md_alg MD algorithm to use
*/
-void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg );
+void mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg);
/**
* \brief Set the Key Usage Extension flags
@@ -214,7 +212,7 @@
* #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this
* function.
*/
-int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage );
+int mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr *ctx, unsigned char key_usage);
/**
* \brief Set the Netscape Cert Type flags
@@ -225,8 +223,8 @@
*
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*/
-int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
- unsigned char ns_cert_type );
+int mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr *ctx,
+ unsigned char ns_cert_type);
/**
* \brief Generic function to add to or replace an extension in the
@@ -241,17 +239,17 @@
*
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/
-int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
- const char *oid, size_t oid_len,
- int critical,
- const unsigned char *val, size_t val_len );
+int mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr *ctx,
+ const char *oid, size_t oid_len,
+ int critical,
+ const unsigned char *val, size_t val_len);
/**
* \brief Free the contents of a CSR context
*
* \param ctx CSR context to free
*/
-void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx );
+void mbedtls_x509write_csr_free(mbedtls_x509write_csr *ctx);
/**
* \brief Write a CSR (Certificate Signing Request) to a
@@ -271,9 +269,9 @@
*
* \note \p f_rng is used for the signature operation.
*/
-int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
#if defined(MBEDTLS_PEM_WRITE_C)
/**
@@ -290,9 +288,9 @@
*
* \note \p f_rng is used for the signature operation.
*/
-int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
+int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng);
#endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_X509_CSR_WRITE_C */
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 03181ed..2b9b2a2 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -137,8 +137,8 @@
* \param[out] attributes The attribute structure to write to.
* \param key The persistent identifier for the key.
*/
-static void psa_set_key_id( psa_key_attributes_t *attributes,
- mbedtls_svc_key_id_t key );
+static void psa_set_key_id(psa_key_attributes_t *attributes,
+ mbedtls_svc_key_id_t key);
#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
/** Set the owner identifier of a key.
@@ -155,8 +155,8 @@
* \param[out] attributes The attribute structure to write to.
* \param owner The key owner identifier.
*/
-static void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes,
- mbedtls_key_owner_id_t owner );
+static void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
+ mbedtls_key_owner_id_t owner);
#endif
/** Set the location of a persistent key.
@@ -2884,13 +2884,13 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_sign_message( mbedtls_svc_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t * input,
- size_t input_length,
- uint8_t * signature,
- size_t signature_size,
- size_t * signature_length );
+psa_status_t psa_sign_message(mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *signature,
+ size_t signature_size,
+ size_t *signature_length);
/** \brief Verify the signature of a message with a public key, using
* a hash-and-sign verification algorithm.
@@ -2936,12 +2936,12 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_verify_message( mbedtls_svc_key_id_t key,
- psa_algorithm_t alg,
- const uint8_t * input,
- size_t input_length,
- const uint8_t * signature,
- size_t signature_length );
+psa_status_t psa_verify_message(mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *signature,
+ size_t signature_length);
/**
* \brief Sign a hash or short message with a private key.
@@ -3336,7 +3336,7 @@
* The value of the maximum possible capacity depends on the key derivation
* algorithm.
*/
-#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1))
+#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t) (-1))
/** Provide an input for key derivation or key agreement.
*
diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h
index e11e239..b7f0b11 100644
--- a/include/psa/crypto_builtin_composites.h
+++ b/include/psa/crypto_builtin_composites.h
@@ -45,8 +45,7 @@
#endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
-typedef struct
-{
+typedef struct {
/** The HMAC algorithm in use */
psa_algorithm_t MBEDTLS_PRIVATE(alg);
/** The hash context. */
@@ -55,16 +54,14 @@
uint8_t MBEDTLS_PRIVATE(opad)[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
} mbedtls_psa_hmac_operation_t;
-#define MBEDTLS_PSA_HMAC_OPERATION_INIT {0, PSA_HASH_OPERATION_INIT, {0}}
+#define MBEDTLS_PSA_HMAC_OPERATION_INIT { 0, PSA_HASH_OPERATION_INIT, { 0 } }
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
#include "mbedtls/cmac.h"
-typedef struct
-{
+typedef struct {
psa_algorithm_t MBEDTLS_PRIVATE(alg);
- union
- {
+ union {
unsigned MBEDTLS_PRIVATE(dummy); /* Make the union non-empty even with no supported algorithms. */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
mbedtls_psa_hmac_operation_t MBEDTLS_PRIVATE(hmac);
@@ -75,7 +72,7 @@
} MBEDTLS_PRIVATE(ctx);
} mbedtls_psa_mac_operation_t;
-#define MBEDTLS_PSA_MAC_OPERATION_INIT {0, {0}}
+#define MBEDTLS_PSA_MAC_OPERATION_INIT { 0, { 0 } }
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) || \
@@ -84,8 +81,7 @@
#endif
/* Context structure for the Mbed TLS AEAD implementation. */
-typedef struct
-{
+typedef struct {
psa_algorithm_t MBEDTLS_PRIVATE(alg);
psa_key_type_t MBEDTLS_PRIVATE(key_type);
@@ -93,8 +89,7 @@
uint8_t MBEDTLS_PRIVATE(tag_length);
- union
- {
+ union {
unsigned dummy; /* Enable easier initializing of the union. */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
mbedtls_ccm_context MBEDTLS_PRIVATE(ccm);
@@ -110,6 +105,6 @@
} mbedtls_psa_aead_operation_t;
-#define MBEDTLS_PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, {0}}
+#define MBEDTLS_PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, { 0 } }
#endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */
diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h
index 35f3a8b..c76bc78 100644
--- a/include/psa/crypto_builtin_primitives.h
+++ b/include/psa/crypto_builtin_primitives.h
@@ -56,11 +56,9 @@
#define MBEDTLS_PSA_BUILTIN_HASH
#endif
-typedef struct
-{
+typedef struct {
psa_algorithm_t MBEDTLS_PRIVATE(alg);
- union
- {
+ union {
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
mbedtls_md5_context md5;
@@ -72,17 +70,17 @@
mbedtls_sha1_context sha1;
#endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
+ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
mbedtls_sha256_context sha256;
#endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
+ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
mbedtls_sha512_context sha512;
#endif
} MBEDTLS_PRIVATE(ctx);
} mbedtls_psa_hash_operation_t;
-#define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}}
+#define MBEDTLS_PSA_HASH_OPERATION_INIT { 0, { 0 } }
/*
* Cipher multi-part operation definitions.
@@ -111,6 +109,6 @@
} MBEDTLS_PRIVATE(ctx);
} mbedtls_psa_cipher_operation_t;
-#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}}
+#define MBEDTLS_PSA_CIPHER_OPERATION_INIT { 0, 0, 0, { 0 } }
#endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */
diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h
index 89c13f1..97e6584 100644
--- a/include/psa/crypto_compat.h
+++ b/include/psa/crypto_compat.h
@@ -50,9 +50,9 @@
*
* \return Non-zero if the handle is null, zero otherwise.
*/
-static inline int psa_key_handle_is_null( psa_key_handle_t handle )
+static inline int psa_key_handle_is_null(psa_key_handle_t handle)
{
- return( mbedtls_svc_key_id_is_null( handle ) );
+ return mbedtls_svc_key_id_is_null(handle);
}
/** Open a handle to an existing persistent key.
@@ -115,8 +115,8 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_open_key( mbedtls_svc_key_id_t key,
- psa_key_handle_t *handle );
+psa_status_t psa_open_key(mbedtls_svc_key_id_t key,
+ psa_key_handle_t *handle);
/** Close a key handle.
*
diff --git a/include/psa/crypto_driver_contexts_composites.h b/include/psa/crypto_driver_contexts_composites.h
index 3f1c8af..bcd000e 100644
--- a/include/psa/crypto_driver_contexts_composites.h
+++ b/include/psa/crypto_driver_contexts_composites.h
@@ -50,41 +50,41 @@
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
typedef libtestdriver1_mbedtls_psa_mac_operation_t
- mbedtls_transparent_test_driver_mac_operation_t;
+ mbedtls_transparent_test_driver_mac_operation_t;
typedef libtestdriver1_mbedtls_psa_mac_operation_t
- mbedtls_opaque_test_driver_mac_operation_t;
+ mbedtls_opaque_test_driver_mac_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \
- LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT
+ LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT
#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \
- LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT
+ LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT
#else
typedef mbedtls_psa_mac_operation_t
- mbedtls_transparent_test_driver_mac_operation_t;
+ mbedtls_transparent_test_driver_mac_operation_t;
typedef mbedtls_psa_mac_operation_t
- mbedtls_opaque_test_driver_mac_operation_t;
+ mbedtls_opaque_test_driver_mac_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \
- MBEDTLS_PSA_MAC_OPERATION_INIT
+ MBEDTLS_PSA_MAC_OPERATION_INIT
#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \
- MBEDTLS_PSA_MAC_OPERATION_INIT
+ MBEDTLS_PSA_MAC_OPERATION_INIT
#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC */
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
typedef libtestdriver1_mbedtls_psa_aead_operation_t
- mbedtls_transparent_test_driver_aead_operation_t;
+ mbedtls_transparent_test_driver_aead_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_AEAD_OPERATION_INIT \
- LIBTESTDRIVER1_MBEDTLS_PSA_AEAD_OPERATION_INIT
+ LIBTESTDRIVER1_MBEDTLS_PSA_AEAD_OPERATION_INIT
#else
typedef mbedtls_psa_aead_operation_t
- mbedtls_transparent_test_driver_aead_operation_t;
+ mbedtls_transparent_test_driver_aead_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_AEAD_OPERATION_INIT \
- MBEDTLS_PSA_AEAD_OPERATION_INIT
+ MBEDTLS_PSA_AEAD_OPERATION_INIT
#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD */
diff --git a/include/psa/crypto_driver_contexts_primitives.h b/include/psa/crypto_driver_contexts_primitives.h
index 2bb01ed..620a4b3 100644
--- a/include/psa/crypto_driver_contexts_primitives.h
+++ b/include/psa/crypto_driver_contexts_primitives.h
@@ -50,32 +50,32 @@
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
typedef libtestdriver1_mbedtls_psa_cipher_operation_t
- mbedtls_transparent_test_driver_cipher_operation_t;
+ mbedtls_transparent_test_driver_cipher_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
- LIBTESTDRIVER1_MBEDTLS_PSA_CIPHER_OPERATION_INIT
+ LIBTESTDRIVER1_MBEDTLS_PSA_CIPHER_OPERATION_INIT
#else
typedef mbedtls_psa_cipher_operation_t
- mbedtls_transparent_test_driver_cipher_operation_t;
+ mbedtls_transparent_test_driver_cipher_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
- MBEDTLS_PSA_CIPHER_OPERATION_INIT
+ MBEDTLS_PSA_CIPHER_OPERATION_INIT
#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 &&
LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER */
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
typedef libtestdriver1_mbedtls_psa_hash_operation_t
- mbedtls_transparent_test_driver_hash_operation_t;
+ mbedtls_transparent_test_driver_hash_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \
- LIBTESTDRIVER1_MBEDTLS_PSA_HASH_OPERATION_INIT
+ LIBTESTDRIVER1_MBEDTLS_PSA_HASH_OPERATION_INIT
#else
typedef mbedtls_psa_hash_operation_t
- mbedtls_transparent_test_driver_hash_operation_t;
+ mbedtls_transparent_test_driver_hash_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \
- MBEDTLS_PSA_HASH_OPERATION_INIT
+ MBEDTLS_PSA_HASH_OPERATION_INIT
#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 &&
LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH */
@@ -85,7 +85,7 @@
} mbedtls_opaque_test_driver_cipher_operation_t;
#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \
- { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT }
+ { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT }
#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 33e2e77..bd1b5af 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -85,7 +85,7 @@
static inline psa_algorithm_t psa_get_key_enrollment_algorithm(
const psa_key_attributes_t *attributes)
{
- return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) );
+ return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2);
}
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
@@ -114,7 +114,7 @@
*/
psa_status_t psa_get_key_slot_number(
const psa_key_attributes_t *attributes,
- psa_key_slot_number_t *slot_number );
+ psa_key_slot_number_t *slot_number);
/** Choose the slot number where a key is stored.
*
@@ -141,7 +141,7 @@
*/
static inline void psa_set_key_slot_number(
psa_key_attributes_t *attributes,
- psa_key_slot_number_t slot_number )
+ psa_key_slot_number_t slot_number)
{
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
attributes->MBEDTLS_PRIVATE(slot_number) = slot_number;
@@ -154,9 +154,10 @@
* \param[out] attributes The attribute structure to write to.
*/
static inline void psa_clear_key_slot_number(
- psa_key_attributes_t *attributes )
+ psa_key_attributes_t *attributes)
{
- attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
+ attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) &=
+ ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
}
/** Register a key that is already present in a secure element.
@@ -214,7 +215,7 @@
*
* This is an Mbed TLS extension.
*/
-void mbedtls_psa_crypto_free( void );
+void mbedtls_psa_crypto_free(void);
/** \brief Statistics about
* resource consumption related to the PSA keystore.
@@ -222,8 +223,7 @@
* \note The content of this structure is not part of the stable API and ABI
* of Mbed Crypto and may change arbitrarily from version to version.
*/
-typedef struct mbedtls_psa_stats_s
-{
+typedef struct mbedtls_psa_stats_s {
/** Number of slots containing key material for a volatile key. */
size_t MBEDTLS_PRIVATE(volatile_slots);
/** Number of slots containing key material for a key which is in
@@ -254,7 +254,7 @@
* between the application and the keystore, the service may or
* may not expose this function.
*/
-void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats );
+void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats);
/**
* \brief Inject an initial entropy seed for the random generator into
@@ -339,7 +339,7 @@
* string. The length of the byte string is the length of the base prime `p`
* in bytes.
*/
-#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x4002)
+#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t) 0x4002)
/** DSA key pair (private and public key).
*
@@ -357,13 +357,13 @@
* Add 1 to the resulting integer and use this as the private key *x*.
*
*/
-#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002)
+#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t) 0x7002)
/** Whether a key type is a DSA key (pair or public-only). */
#define PSA_KEY_TYPE_IS_DSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
-#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x06000400)
+#define PSA_ALG_DSA_BASE ((psa_algorithm_t) 0x06000400)
/** DSA signature with hashing.
*
* This is the signature scheme defined by FIPS 186-4,
@@ -380,7 +380,7 @@
*/
#define PSA_ALG_DSA(hash_alg) \
(PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x06000500)
+#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t) 0x06000500)
#define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
/** Deterministic DSA signature with hashing.
*
@@ -587,53 +587,52 @@
* (`PSA_ECC_FAMILY_xxx`).
* \return \c 0 on failure (\p grpid is not recognized).
*/
-static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid,
- size_t *bits )
+static inline psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid,
+ size_t *bits)
{
- switch( grpid )
- {
+ switch (grpid) {
case MBEDTLS_ECP_DP_SECP192R1:
*bits = 192;
- return( PSA_ECC_FAMILY_SECP_R1 );
+ return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_SECP224R1:
*bits = 224;
- return( PSA_ECC_FAMILY_SECP_R1 );
+ return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_SECP256R1:
*bits = 256;
- return( PSA_ECC_FAMILY_SECP_R1 );
+ return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_SECP384R1:
*bits = 384;
- return( PSA_ECC_FAMILY_SECP_R1 );
+ return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_SECP521R1:
*bits = 521;
- return( PSA_ECC_FAMILY_SECP_R1 );
+ return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_BP256R1:
*bits = 256;
- return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
+ return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
case MBEDTLS_ECP_DP_BP384R1:
*bits = 384;
- return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
+ return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
case MBEDTLS_ECP_DP_BP512R1:
*bits = 512;
- return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 );
+ return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
case MBEDTLS_ECP_DP_CURVE25519:
*bits = 255;
- return( PSA_ECC_FAMILY_MONTGOMERY );
+ return PSA_ECC_FAMILY_MONTGOMERY;
case MBEDTLS_ECP_DP_SECP192K1:
*bits = 192;
- return( PSA_ECC_FAMILY_SECP_K1 );
+ return PSA_ECC_FAMILY_SECP_K1;
case MBEDTLS_ECP_DP_SECP224K1:
*bits = 224;
- return( PSA_ECC_FAMILY_SECP_K1 );
+ return PSA_ECC_FAMILY_SECP_K1;
case MBEDTLS_ECP_DP_SECP256K1:
*bits = 256;
- return( PSA_ECC_FAMILY_SECP_K1 );
+ return PSA_ECC_FAMILY_SECP_K1;
case MBEDTLS_ECP_DP_CURVE448:
*bits = 448;
- return( PSA_ECC_FAMILY_MONTGOMERY );
+ return PSA_ECC_FAMILY_MONTGOMERY;
default:
*bits = 0;
- return( 0 );
+ return 0;
}
}
@@ -656,9 +655,9 @@
* \return #MBEDTLS_ECP_DP_NONE if \p bits is not
* correct for \p curve.
*/
-mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve,
- size_t bits,
- int bits_is_sloppy );
+mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve,
+ size_t bits,
+ int bits_is_sloppy);
#endif /* MBEDTLS_ECP_C */
/**@}*/
@@ -709,7 +708,7 @@
*/
psa_status_t mbedtls_psa_external_get_random(
mbedtls_psa_external_random_context_t *context,
- uint8_t *output, size_t output_size, size_t *output_length );
+ uint8_t *output, size_t output_size, size_t *output_length);
#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
/**@}*/
@@ -729,14 +728,14 @@
* This value is part of the library's ABI since changing it would invalidate
* the values of built-in key identifiers in applications.
*/
-#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t)0x7fff0000)
+#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t) 0x7fff0000)
/** The maximum value for a key identifier that is built into the
* implementation.
*
* See #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information.
*/
-#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t)0x7fffefff)
+#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t) 0x7fffefff)
/** A slot number identifying a key in a driver.
*
@@ -754,10 +753,10 @@
* \retval 0
* The key identifier is not a builtin key identifier.
*/
-static inline int psa_key_id_is_builtin( psa_key_id_t key_id )
+static inline int psa_key_id_is_builtin(psa_key_id_t key_id)
{
- return( ( key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ) &&
- ( key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ) );
+ return (key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN) &&
+ (key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX);
}
/** Platform function to obtain the location and slot number of a built-in key.
@@ -807,7 +806,7 @@
psa_status_t mbedtls_psa_platform_get_builtin_key(
mbedtls_svc_key_id_t key_id,
psa_key_lifetime_t *lifetime,
- psa_drv_slot_number_t *slot_number );
+ psa_drv_slot_number_t *slot_number);
#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
/** @} */
@@ -816,7 +815,7 @@
* @{
*/
-#define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t)0x0a000000)
+#define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t) 0x0a000000)
/** Whether the specified algorithm is a password-authenticated key exchange.
*
@@ -945,7 +944,7 @@
* of RFC 8236 for two examples.
*
*/
-#define PSA_ALG_JPAKE ((psa_algorithm_t)0x0a000100)
+#define PSA_ALG_JPAKE ((psa_algorithm_t) 0x0a000100)
/** @} */
@@ -1004,7 +1003,7 @@
* This value can be used in a call to psa_pake_set_role() for symmetric PAKE
* algorithms which do not assign roles.
*/
-#define PSA_PAKE_ROLE_NONE ((psa_pake_role_t)0x00)
+#define PSA_PAKE_ROLE_NONE ((psa_pake_role_t) 0x00)
/** The first peer in a balanced PAKE.
*
@@ -1013,7 +1012,7 @@
* need this, both #PSA_PAKE_ROLE_FIRST and #PSA_PAKE_ROLE_SECOND are
* accepted.
*/
-#define PSA_PAKE_ROLE_FIRST ((psa_pake_role_t)0x01)
+#define PSA_PAKE_ROLE_FIRST ((psa_pake_role_t) 0x01)
/** The second peer in a balanced PAKE.
*
@@ -1022,19 +1021,19 @@
* need this, either #PSA_PAKE_ROLE_FIRST or #PSA_PAKE_ROLE_SECOND are
* accepted.
*/
-#define PSA_PAKE_ROLE_SECOND ((psa_pake_role_t)0x02)
+#define PSA_PAKE_ROLE_SECOND ((psa_pake_role_t) 0x02)
/** The client in an augmented PAKE.
*
* Augmented PAKE algorithms need to differentiate between client and server.
*/
-#define PSA_PAKE_ROLE_CLIENT ((psa_pake_role_t)0x11)
+#define PSA_PAKE_ROLE_CLIENT ((psa_pake_role_t) 0x11)
/** The server in an augmented PAKE.
*
* Augmented PAKE algorithms need to differentiate between client and server.
*/
-#define PSA_PAKE_ROLE_SERVER ((psa_pake_role_t)0x12)
+#define PSA_PAKE_ROLE_SERVER ((psa_pake_role_t) 0x12)
/** The PAKE primitive type indicating the use of elliptic curves.
*
@@ -1054,7 +1053,7 @@
* curve would be. For more information, consult the documentation of
* psa_export_key().
*/
-#define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t)0x01)
+#define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t) 0x01)
/** The PAKE primitive type indicating the use of Diffie-Hellman groups.
*
@@ -1074,7 +1073,7 @@
* group would be. For more information, consult the documentation of
* psa_export_key().
*/
-#define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t)0x02)
+#define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t) 0x02)
/** Construct a PAKE primitive from type, family and bit-size.
*
@@ -1098,7 +1097,7 @@
#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \
((pake_bits & 0xFFFF) != pake_bits) ? 0 : \
((psa_pake_primitive_t) (((pake_type) << 24 | \
- (pake_family) << 16) | (pake_bits)))
+ (pake_family) << 16) | (pake_bits)))
/** The key share being sent to or received from the peer.
*
@@ -1112,7 +1111,7 @@
* For information regarding how the group is determined, consult the
* documentation #PSA_PAKE_PRIMITIVE.
*/
-#define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t)0x01)
+#define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t) 0x01)
/** A Schnorr NIZKP public key.
*
@@ -1129,7 +1128,7 @@
* For information regarding how the group is determined, consult the
* documentation #PSA_PAKE_PRIMITIVE.
*/
-#define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t)0x02)
+#define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t) 0x02)
/** A Schnorr NIZKP proof.
*
@@ -1150,7 +1149,7 @@
* For information regarding how the group is determined, consult the
* documentation #PSA_PAKE_PRIMITIVE.
*/
-#define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t)0x03)
+#define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t) 0x03)
/** The type of the data structure for PAKE cipher suites.
*
@@ -1162,7 +1161,7 @@
/** Return an initial value for a PAKE cipher suite object.
*/
-static psa_pake_cipher_suite_t psa_pake_cipher_suite_init( void );
+static psa_pake_cipher_suite_t psa_pake_cipher_suite_init(void);
/** Retrieve the PAKE algorithm from a PAKE cipher suite.
*
@@ -1171,7 +1170,7 @@
* \return The PAKE algorithm stored in the cipher suite structure.
*/
static psa_algorithm_t psa_pake_cs_get_algorithm(
- const psa_pake_cipher_suite_t *cipher_suite );
+ const psa_pake_cipher_suite_t *cipher_suite);
/** Declare the PAKE algorithm for the cipher suite.
*
@@ -1185,8 +1184,8 @@
* If this is 0, the PAKE algorithm in
* \p cipher_suite becomes unspecified.
*/
-static void psa_pake_cs_set_algorithm( psa_pake_cipher_suite_t *cipher_suite,
- psa_algorithm_t algorithm );
+static void psa_pake_cs_set_algorithm(psa_pake_cipher_suite_t *cipher_suite,
+ psa_algorithm_t algorithm);
/** Retrieve the primitive from a PAKE cipher suite.
*
@@ -1195,7 +1194,7 @@
* \return The primitive stored in the cipher suite structure.
*/
static psa_pake_primitive_t psa_pake_cs_get_primitive(
- const psa_pake_cipher_suite_t *cipher_suite );
+ const psa_pake_cipher_suite_t *cipher_suite);
/** Declare the primitive for a PAKE cipher suite.
*
@@ -1206,8 +1205,8 @@
* primitive type in \p cipher_suite becomes
* unspecified.
*/
-static void psa_pake_cs_set_primitive( psa_pake_cipher_suite_t *cipher_suite,
- psa_pake_primitive_t primitive );
+static void psa_pake_cs_set_primitive(psa_pake_cipher_suite_t *cipher_suite,
+ psa_pake_primitive_t primitive);
/** Retrieve the PAKE family from a PAKE cipher suite.
*
@@ -1216,7 +1215,7 @@
* \return The PAKE family stored in the cipher suite structure.
*/
static psa_pake_family_t psa_pake_cs_get_family(
- const psa_pake_cipher_suite_t *cipher_suite );
+ const psa_pake_cipher_suite_t *cipher_suite);
/** Retrieve the PAKE primitive bit-size from a PAKE cipher suite.
*
@@ -1225,7 +1224,7 @@
* \return The PAKE primitive bit-size stored in the cipher suite structure.
*/
static uint16_t psa_pake_cs_get_bits(
- const psa_pake_cipher_suite_t *cipher_suite );
+ const psa_pake_cipher_suite_t *cipher_suite);
/** Retrieve the hash algorithm from a PAKE cipher suite.
*
@@ -1236,7 +1235,7 @@
* the hash algorithm is not set.
*/
static psa_algorithm_t psa_pake_cs_get_hash(
- const psa_pake_cipher_suite_t *cipher_suite );
+ const psa_pake_cipher_suite_t *cipher_suite);
/** Declare the hash algorithm for a PAKE cipher suite.
*
@@ -1254,8 +1253,8 @@
* If this is 0, the hash algorithm in
* \p cipher_suite becomes unspecified.
*/
-static void psa_pake_cs_set_hash( psa_pake_cipher_suite_t *cipher_suite,
- psa_algorithm_t hash );
+static void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite,
+ psa_algorithm_t hash);
/** The type of the state data structure for PAKE operations.
*
@@ -1289,7 +1288,7 @@
/** Return an initial value for a PAKE operation object.
*/
-static psa_pake_operation_t psa_pake_operation_init( void );
+static psa_pake_operation_t psa_pake_operation_init(void);
/** Set the session information for a password-authenticated key exchange.
*
@@ -1361,8 +1360,8 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_pake_setup( psa_pake_operation_t *operation,
- const psa_pake_cipher_suite_t *cipher_suite );
+psa_status_t psa_pake_setup(psa_pake_operation_t *operation,
+ const psa_pake_cipher_suite_t *cipher_suite);
/** Set the password for a password-authenticated key exchange from key ID.
*
@@ -1409,8 +1408,8 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_pake_set_password_key( psa_pake_operation_t *operation,
- mbedtls_svc_key_id_t password );
+psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation,
+ mbedtls_svc_key_id_t password);
/** Set the user ID for a password-authenticated key exchange.
*
@@ -1449,9 +1448,9 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_pake_set_user( psa_pake_operation_t *operation,
- const uint8_t *user_id,
- size_t user_id_len );
+psa_status_t psa_pake_set_user(psa_pake_operation_t *operation,
+ const uint8_t *user_id,
+ size_t user_id_len);
/** Set the peer ID for a password-authenticated key exchange.
*
@@ -1491,9 +1490,9 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_pake_set_peer( psa_pake_operation_t *operation,
- const uint8_t *peer_id,
- size_t peer_id_len );
+psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation,
+ const uint8_t *peer_id,
+ size_t peer_id_len);
/** Set the application role for a password-authenticated key exchange.
*
@@ -1533,8 +1532,8 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_pake_set_role( psa_pake_operation_t *operation,
- psa_pake_role_t role );
+psa_status_t psa_pake_set_role(psa_pake_operation_t *operation,
+ psa_pake_role_t role);
/** Get output for a step of a password-authenticated key exchange.
*
@@ -1591,11 +1590,11 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_pake_output( psa_pake_operation_t *operation,
- psa_pake_step_t step,
- uint8_t *output,
- size_t output_size,
- size_t *output_length );
+psa_status_t psa_pake_output(psa_pake_operation_t *operation,
+ psa_pake_step_t step,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length);
/** Provide input for a step of a password-authenticated key exchange.
*
@@ -1646,10 +1645,10 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_pake_input( psa_pake_operation_t *operation,
- psa_pake_step_t step,
- const uint8_t *input,
- size_t input_length );
+psa_status_t psa_pake_input(psa_pake_operation_t *operation,
+ psa_pake_step_t step,
+ const uint8_t *input,
+ size_t input_length);
/** Get implicitly confirmed shared secret from a PAKE.
*
@@ -1709,8 +1708,8 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_pake_get_implicit_key( psa_pake_operation_t *operation,
- psa_key_derivation_operation_t *output );
+psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation,
+ psa_key_derivation_operation_t *output);
/** Abort a PAKE operation.
*
@@ -1736,7 +1735,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
+psa_status_t psa_pake_abort(psa_pake_operation_t *operation);
/**@}*/
@@ -1761,15 +1760,15 @@
* return 0.
*/
#define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) \
- ( alg == PSA_ALG_JPAKE && \
- primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
- PSA_ECC_FAMILY_SECP_R1, 256) ? \
- ( \
- output_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
- output_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
- 32 \
- ) : \
- 0 )
+ (alg == PSA_ALG_JPAKE && \
+ primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
+ PSA_ECC_FAMILY_SECP_R1, 256) ? \
+ ( \
+ output_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
+ output_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
+ 32 \
+ ) : \
+ 0)
/** A sufficient input buffer size for psa_pake_input().
*
@@ -1791,15 +1790,15 @@
* the parameters are incompatible, return 0.
*/
#define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) \
- ( alg == PSA_ALG_JPAKE && \
- primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
- PSA_ECC_FAMILY_SECP_R1, 256) ? \
- ( \
- input_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
- input_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
- 32 \
- ) : \
- 0 )
+ (alg == PSA_ALG_JPAKE && \
+ primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
+ PSA_ECC_FAMILY_SECP_R1, 256) ? \
+ ( \
+ input_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
+ input_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
+ 32 \
+ ) : \
+ 0)
/** Output buffer size for psa_pake_output() for any of the supported PAKE
* algorithm and primitive suites and output step.
@@ -1822,22 +1821,21 @@
/** Returns a suitable initializer for a PAKE cipher suite object of type
* psa_pake_cipher_suite_t.
*/
-#define PSA_PAKE_CIPHER_SUITE_INIT {PSA_ALG_NONE, 0, 0, 0, PSA_ALG_NONE}
+#define PSA_PAKE_CIPHER_SUITE_INIT { PSA_ALG_NONE, 0, 0, 0, PSA_ALG_NONE }
/** Returns a suitable initializer for a PAKE operation object of type
* psa_pake_operation_t.
*/
#if defined(MBEDTLS_PSA_BUILTIN_PAKE)
-#define PSA_PAKE_OPERATION_INIT {PSA_ALG_NONE, 0, 0, 0, 0, \
- NULL, 0 , \
- PSA_PAKE_ROLE_NONE, {0}, 0, 0, \
- {.dummy = 0}}
+#define PSA_PAKE_OPERATION_INIT { PSA_ALG_NONE, 0, 0, 0, 0, \
+ NULL, 0, \
+ PSA_PAKE_ROLE_NONE, { 0 }, 0, 0, \
+ { .dummy = 0 } }
#else
-#define PSA_PAKE_OPERATION_INIT {PSA_ALG_NONE, 0, 0, {0}}
+#define PSA_PAKE_OPERATION_INIT { PSA_ALG_NONE, 0, 0, { 0 } }
#endif
-struct psa_pake_cipher_suite_s
-{
+struct psa_pake_cipher_suite_s {
psa_algorithm_t algorithm;
psa_pake_primitive_type_t type;
psa_pake_family_t family;
@@ -1846,31 +1844,32 @@
};
static inline psa_algorithm_t psa_pake_cs_get_algorithm(
- const psa_pake_cipher_suite_t *cipher_suite )
+ const psa_pake_cipher_suite_t *cipher_suite)
{
- return( cipher_suite->algorithm );
+ return cipher_suite->algorithm;
}
static inline void psa_pake_cs_set_algorithm(
psa_pake_cipher_suite_t *cipher_suite,
psa_algorithm_t algorithm)
{
- if( !PSA_ALG_IS_PAKE( algorithm ) )
+ if (!PSA_ALG_IS_PAKE(algorithm)) {
cipher_suite->algorithm = 0;
- else
+ } else {
cipher_suite->algorithm = algorithm;
+ }
}
static inline psa_pake_primitive_t psa_pake_cs_get_primitive(
- const psa_pake_cipher_suite_t *cipher_suite )
+ const psa_pake_cipher_suite_t *cipher_suite)
{
- return( PSA_PAKE_PRIMITIVE( cipher_suite->type, cipher_suite->family,
- cipher_suite->bits ) );
+ return PSA_PAKE_PRIMITIVE(cipher_suite->type, cipher_suite->family,
+ cipher_suite->bits);
}
static inline void psa_pake_cs_set_primitive(
- psa_pake_cipher_suite_t *cipher_suite,
- psa_pake_primitive_t primitive )
+ psa_pake_cipher_suite_t *cipher_suite,
+ psa_pake_primitive_t primitive)
{
cipher_suite->type = (psa_pake_primitive_type_t) (primitive >> 24);
cipher_suite->family = (psa_pake_family_t) (0xFF & (primitive >> 16));
@@ -1878,30 +1877,31 @@
}
static inline psa_pake_family_t psa_pake_cs_get_family(
- const psa_pake_cipher_suite_t *cipher_suite )
+ const psa_pake_cipher_suite_t *cipher_suite)
{
- return( cipher_suite->family );
+ return cipher_suite->family;
}
static inline uint16_t psa_pake_cs_get_bits(
- const psa_pake_cipher_suite_t *cipher_suite )
+ const psa_pake_cipher_suite_t *cipher_suite)
{
- return( cipher_suite->bits );
+ return cipher_suite->bits;
}
static inline psa_algorithm_t psa_pake_cs_get_hash(
- const psa_pake_cipher_suite_t *cipher_suite )
+ const psa_pake_cipher_suite_t *cipher_suite)
{
- return( cipher_suite->hash );
+ return cipher_suite->hash;
}
-static inline void psa_pake_cs_set_hash( psa_pake_cipher_suite_t *cipher_suite,
- psa_algorithm_t hash )
+static inline void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite,
+ psa_algorithm_t hash)
{
- if( !PSA_ALG_IS_HASH( hash ) )
+ if (!PSA_ALG_IS_HASH(hash)) {
cipher_suite->hash = 0;
- else
+ } else {
cipher_suite->hash = hash;
+ }
}
#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE)
@@ -1909,26 +1909,24 @@
/* Note: the format for mbedtls_ecjpake_read/write function has an extra
* length byte for each step, plus an extra 3 bytes for ECParameters in the
* server's 2nd round. */
-#define MBEDTLS_PSA_PAKE_BUFFER_SIZE ( ( 3 + 1 + 65 + 1 + 65 + 1 + 32 ) * 2 )
+#define MBEDTLS_PSA_PAKE_BUFFER_SIZE ((3 + 1 + 65 + 1 + 65 + 1 + 32) * 2)
#endif
-struct psa_pake_operation_s
-{
+struct psa_pake_operation_s {
psa_algorithm_t MBEDTLS_PRIVATE(alg);
unsigned int MBEDTLS_PRIVATE(state);
unsigned int MBEDTLS_PRIVATE(sequence);
#if defined(MBEDTLS_PSA_BUILTIN_PAKE)
unsigned int MBEDTLS_PRIVATE(input_step);
unsigned int MBEDTLS_PRIVATE(output_step);
- uint8_t* MBEDTLS_PRIVATE(password);
+ uint8_t *MBEDTLS_PRIVATE(password);
size_t MBEDTLS_PRIVATE(password_len);
psa_pake_role_t MBEDTLS_PRIVATE(role);
uint8_t MBEDTLS_PRIVATE(buffer[MBEDTLS_PSA_PAKE_BUFFER_SIZE]);
size_t MBEDTLS_PRIVATE(buffer_length);
size_t MBEDTLS_PRIVATE(buffer_offset);
#endif
- union
- {
+ union {
#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE)
mbedtls_ecjpake_context ecjpake;
#endif
@@ -1937,16 +1935,16 @@
} MBEDTLS_PRIVATE(ctx);
};
-static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite_init( void )
+static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite_init(void)
{
const struct psa_pake_cipher_suite_s v = PSA_PAKE_CIPHER_SUITE_INIT;
- return( v );
+ return v;
}
-static inline struct psa_pake_operation_s psa_pake_operation_init( void )
+static inline struct psa_pake_operation_s psa_pake_operation_init(void)
{
const struct psa_pake_operation_s v = PSA_PAKE_OPERATION_INIT;
- return( v );
+ return v;
}
#ifdef __cplusplus
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index 573b33c..e8d241b 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -65,10 +65,10 @@
*
* \return Non-zero if the two key owner identifiers are equal, zero otherwise.
*/
-static inline int mbedtls_key_owner_id_equal( mbedtls_key_owner_id_t id1,
- mbedtls_key_owner_id_t id2 )
+static inline int mbedtls_key_owner_id_equal(mbedtls_key_owner_id_t id1,
+ mbedtls_key_owner_id_t id2)
{
- return( id1 == id2 );
+ return id1 == id2;
}
#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h
index 225fb17..a052789 100644
--- a/include/psa/crypto_se_driver.h
+++ b/include/psa/crypto_se_driver.h
@@ -323,7 +323,7 @@
typedef struct {
/**The size in bytes of the hardware-specific secure element MAC context
* structure
- */
+ */
size_t MBEDTLS_PRIVATE(context_size);
/** Function that performs a MAC setup operation
*/
@@ -815,8 +815,7 @@
/** An enumeration indicating how a key is created.
*/
-typedef enum
-{
+typedef enum {
PSA_KEY_CREATION_IMPORT, /**< During psa_import_key() */
PSA_KEY_CREATION_GENERATE, /**< During psa_generate_key() */
PSA_KEY_CREATION_DERIVE, /**< During psa_key_derivation_output_key() */
@@ -1235,7 +1234,7 @@
* \retval #PSA_SUCCESS
*/
typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context,
- psa_key_slot_number_t dest_key);
+ psa_key_slot_number_t dest_key);
/** \brief A function that performs the final step of a secure element key
* agreement and place the generated key material in a buffer
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index b42b2df..3d6bb2c 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -276,7 +276,7 @@
((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \
PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) : \
PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
- ((void)(key_type), (void)(key_bits), 0))
+ ((void) (key_type), (void) (key_bits), 0))
/** The maximum size of the output of psa_aead_encrypt(), in bytes.
*
@@ -359,8 +359,8 @@
*/
#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
- (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \
- (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
+ (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \
+ (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
0)
/** A sufficient output buffer size for psa_aead_decrypt(), for any of the
@@ -382,7 +382,7 @@
*
*/
#define PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(ciphertext_length) \
- (ciphertext_length)
+ (ciphertext_length)
/** The default nonce size for an AEAD algorithm, in bytes.
*
@@ -411,11 +411,11 @@
*/
#define PSA_AEAD_NONCE_LENGTH(key_type, alg) \
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \
- MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \
- MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \
- 0 : \
+ MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \
+ MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \
+ 0 : \
(key_type) == PSA_KEY_TYPE_CHACHA20 && \
- MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \
+ MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \
0)
/** The maximum default nonce size among all supported pairs of key types and
@@ -463,9 +463,9 @@
* implementation to delay the output until it has a full block. */
#define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
- PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
- PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \
- (input_length) : \
+ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
+ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \
+ (input_length) : \
0)
/** A sufficient output buffer size for psa_aead_update(), for any of the
@@ -504,8 +504,8 @@
*/
#define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
- PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
- PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
+ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
0)
/** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the
@@ -538,8 +538,8 @@
*/
#define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
- PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
- PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
+ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
0)
/** A sufficient plaintext buffer size for psa_aead_verify(), for any of the
@@ -591,9 +591,9 @@
* return value is unspecified.
*/
#define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \
- (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
+ (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \
PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
- ((void)alg, 0))
+ ((void) alg, 0))
#define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \
PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
@@ -637,7 +637,7 @@
*/
#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \
(PSA_KEY_TYPE_IS_RSA(key_type) ? \
- ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
+ ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \
0)
/** A sufficient output buffer size for psa_asymmetric_encrypt(), for any
@@ -992,16 +992,16 @@
*/
#define PSA_CIPHER_IV_LENGTH(key_type, alg) \
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1 && \
- ((alg) == PSA_ALG_CTR || \
- (alg) == PSA_ALG_CFB || \
- (alg) == PSA_ALG_OFB || \
- (alg) == PSA_ALG_XTS || \
- (alg) == PSA_ALG_CBC_NO_PADDING || \
- (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
+ ((alg) == PSA_ALG_CTR || \
+ (alg) == PSA_ALG_CFB || \
+ (alg) == PSA_ALG_OFB || \
+ (alg) == PSA_ALG_XTS || \
+ (alg) == PSA_ALG_CBC_NO_PADDING || \
+ (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
(key_type) == PSA_KEY_TYPE_CHACHA20 && \
- (alg) == PSA_ALG_STREAM_CIPHER ? 12 : \
- (alg) == PSA_ALG_CCM_STAR_NO_TAG ? 13 : \
- 0)
+ (alg) == PSA_ALG_STREAM_CIPHER ? 12 : \
+ (alg) == PSA_ALG_CCM_STAR_NO_TAG ? 13 : \
+ 0)
/** The maximum IV size for all supported cipher algorithms, in bytes.
*
@@ -1035,12 +1035,12 @@
#define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \
(alg == PSA_ALG_CBC_PKCS7 ? \
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \
- PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
- (input_length) + 1) + \
- PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) : \
+ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
+ (input_length) + 1) + \
+ PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) : \
(PSA_ALG_IS_CIPHER(alg) ? \
(input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \
- 0))
+ 0))
/** A sufficient output buffer size for psa_cipher_encrypt(), for any of the
* supported key types and cipher algorithms.
@@ -1116,13 +1116,13 @@
*/
#define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \
(PSA_ALG_IS_CIPHER(alg) ? \
- (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \
- (((alg) == PSA_ALG_CBC_PKCS7 || \
- (alg) == PSA_ALG_CBC_NO_PADDING || \
- (alg) == PSA_ALG_ECB_NO_PADDING) ? \
- PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
+ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \
+ (((alg) == PSA_ALG_CBC_PKCS7 || \
+ (alg) == PSA_ALG_CBC_NO_PADDING || \
+ (alg) == PSA_ALG_ECB_NO_PADDING) ? \
+ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
input_length) : \
- (input_length)) : 0) : \
+ (input_length)) : 0) : \
0)
/** A sufficient output buffer size for psa_cipher_update(), for any of the
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index afba325..7a6caa2 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -79,8 +79,7 @@
* algorithms. */
#include "psa/crypto_driver_contexts_primitives.h"
-struct psa_hash_operation_s
-{
+struct psa_hash_operation_s {
/** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported.
@@ -92,14 +91,13 @@
};
#define PSA_HASH_OPERATION_INIT { 0, { 0 } }
-static inline struct psa_hash_operation_s psa_hash_operation_init( void )
+static inline struct psa_hash_operation_s psa_hash_operation_init(void)
{
const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT;
- return( v );
+ return v;
}
-struct psa_cipher_operation_s
-{
+struct psa_cipher_operation_s {
/** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported.
@@ -117,18 +115,17 @@
};
#define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } }
-static inline struct psa_cipher_operation_s psa_cipher_operation_init( void )
+static inline struct psa_cipher_operation_s psa_cipher_operation_init(void)
{
const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT;
- return( v );
+ return v;
}
/* Include the context definition for the compiled-in drivers for the composite
* algorithms. */
#include "psa/crypto_driver_contexts_composites.h"
-struct psa_mac_operation_s
-{
+struct psa_mac_operation_s {
/** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported.
@@ -142,14 +139,13 @@
};
#define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } }
-static inline struct psa_mac_operation_s psa_mac_operation_init( void )
+static inline struct psa_mac_operation_s psa_mac_operation_init(void)
{
const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
- return( v );
+ return v;
}
-struct psa_aead_operation_s
-{
+struct psa_aead_operation_s {
/** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping
@@ -174,18 +170,17 @@
psa_driver_aead_context_t MBEDTLS_PRIVATE(ctx);
};
-#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, {0}}
-static inline struct psa_aead_operation_s psa_aead_operation_init( void )
+#define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, { 0 } }
+static inline struct psa_aead_operation_s psa_aead_operation_init(void)
{
const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT;
- return( v );
+ return v;
}
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
-typedef struct
-{
+typedef struct {
uint8_t *MBEDTLS_PRIVATE(info);
size_t MBEDTLS_PRIVATE(info_length);
#if PSA_HASH_MAX_SIZE > 0xff
@@ -203,16 +198,14 @@
MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT ||
MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
-typedef struct
-{
+typedef struct {
uint8_t MBEDTLS_PRIVATE(data)[PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE];
} psa_tls12_ecjpake_to_pms_t;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
-typedef enum
-{
+typedef enum {
PSA_TLS12_PRF_STATE_INIT, /* no input provided */
PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */
PSA_TLS12_PRF_STATE_OTHER_KEY_SET, /* other key has been set - optional */
@@ -221,8 +214,7 @@
PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */
} psa_tls12_prf_key_derivation_state_t;
-typedef struct psa_tls12_prf_key_derivation_s
-{
+typedef struct psa_tls12_prf_key_derivation_s {
#if PSA_HASH_MAX_SIZE > 0xff
#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
#endif
@@ -255,22 +247,20 @@
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
-struct psa_key_derivation_s
-{
+struct psa_key_derivation_s {
psa_algorithm_t MBEDTLS_PRIVATE(alg);
unsigned int MBEDTLS_PRIVATE(can_output_key) : 1;
size_t MBEDTLS_PRIVATE(capacity);
- union
- {
+ union {
/* Make the union non-empty even with no supported algorithms. */
uint8_t MBEDTLS_PRIVATE(dummy);
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
+ defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
psa_hkdf_key_derivation_t MBEDTLS_PRIVATE(hkdf);
#endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
psa_tls12_prf_key_derivation_t MBEDTLS_PRIVATE(tls12_prf);
#endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
@@ -282,14 +272,13 @@
/* This only zeroes out the first byte in the union, the rest is unspecified. */
#define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } }
static inline struct psa_key_derivation_s psa_key_derivation_operation_init(
- void )
+ void)
{
const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT;
- return( v );
+ return v;
}
-struct psa_key_policy_s
-{
+struct psa_key_policy_s {
psa_key_usage_t MBEDTLS_PRIVATE(usage);
psa_algorithm_t MBEDTLS_PRIVATE(alg);
psa_algorithm_t MBEDTLS_PRIVATE(alg2);
@@ -297,10 +286,10 @@
typedef struct psa_key_policy_s psa_key_policy_t;
#define PSA_KEY_POLICY_INIT { 0, 0, 0 }
-static inline struct psa_key_policy_s psa_key_policy_init( void )
+static inline struct psa_key_policy_s psa_key_policy_init(void)
{
const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT;
- return( v );
+ return v;
}
/* The type used internally for key sizes.
@@ -308,7 +297,7 @@
typedef uint16_t psa_key_bits_t;
/* The maximum value of the type used to represent bit-sizes.
* This is used to mark an invalid key size. */
-#define PSA_KEY_BITS_TOO_LARGE ( ( psa_key_bits_t ) -1 )
+#define PSA_KEY_BITS_TOO_LARGE ((psa_key_bits_t) -1)
/* The maximum size of a key in bits.
* Currently defined as the maximum that can be represented, rounded down
* to a whole number of bytes.
@@ -326,21 +315,20 @@
typedef uint16_t psa_key_attributes_flag_t;
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \
- ( (psa_key_attributes_flag_t) 0x0001 )
+ ((psa_key_attributes_flag_t) 0x0001)
/* A mask of key attribute flags used externally only.
* Only meant for internal checks inside the library. */
#define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \
MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \
- 0 )
+ 0)
/* A mask of key attribute flags used both internally and externally.
* Currently there aren't any. */
#define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \
- 0 )
+ 0)
-typedef struct
-{
+typedef struct {
psa_key_type_t MBEDTLS_PRIVATE(type);
psa_key_bits_t MBEDTLS_PRIVATE(bits);
psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime);
@@ -354,8 +342,7 @@
MBEDTLS_SVC_KEY_ID_INIT, \
PSA_KEY_POLICY_INIT, 0 }
-struct psa_key_attributes_s
-{
+struct psa_key_attributes_s {
psa_core_key_attributes_t MBEDTLS_PRIVATE(core);
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number);
@@ -370,48 +357,46 @@
#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0 }
#endif
-static inline struct psa_key_attributes_s psa_key_attributes_init( void )
+static inline struct psa_key_attributes_s psa_key_attributes_init(void)
{
const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT;
- return( v );
+ return v;
}
-static inline void psa_set_key_id( psa_key_attributes_t *attributes,
- mbedtls_svc_key_id_t key )
+static inline void psa_set_key_id(psa_key_attributes_t *attributes,
+ mbedtls_svc_key_id_t key)
{
psa_key_lifetime_t lifetime = attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime);
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = key;
- if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
- {
+ if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) =
PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
PSA_KEY_LIFETIME_PERSISTENT,
- PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) );
+ PSA_KEY_LIFETIME_GET_LOCATION(lifetime));
}
}
static inline mbedtls_svc_key_id_t psa_get_key_id(
- const psa_key_attributes_t *attributes )
+ const psa_key_attributes_t *attributes)
{
- return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) );
+ return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id);
}
#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
-static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes,
- mbedtls_key_owner_id_t owner )
+static inline void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
+ mbedtls_key_owner_id_t owner)
{
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(owner) = owner;
}
#endif
-static inline void psa_set_key_lifetime( psa_key_attributes_t *attributes,
- psa_key_lifetime_t lifetime )
+static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
+ psa_key_lifetime_t lifetime)
{
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) = lifetime;
- if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
- {
+ if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(key_id) = 0;
#else
@@ -421,89 +406,89 @@
}
static inline psa_key_lifetime_t psa_get_key_lifetime(
- const psa_key_attributes_t *attributes )
+ const psa_key_attributes_t *attributes)
{
- return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) );
+ return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime);
}
-static inline void psa_extend_key_usage_flags( psa_key_usage_t *usage_flags )
+static inline void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags)
{
- if( *usage_flags & PSA_KEY_USAGE_SIGN_HASH )
+ if (*usage_flags & PSA_KEY_USAGE_SIGN_HASH) {
*usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
+ }
- if( *usage_flags & PSA_KEY_USAGE_VERIFY_HASH )
+ if (*usage_flags & PSA_KEY_USAGE_VERIFY_HASH) {
*usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
+ }
}
static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
psa_key_usage_t usage_flags)
{
- psa_extend_key_usage_flags( &usage_flags );
+ psa_extend_key_usage_flags(&usage_flags);
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags;
}
static inline psa_key_usage_t psa_get_key_usage_flags(
- const psa_key_attributes_t *attributes )
+ const psa_key_attributes_t *attributes)
{
- return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) );
+ return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage);
}
-static inline void psa_set_key_algorithm( psa_key_attributes_t *attributes,
- psa_algorithm_t alg )
+static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
+ psa_algorithm_t alg)
{
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) = alg;
}
static inline psa_algorithm_t psa_get_key_algorithm(
- const psa_key_attributes_t *attributes )
+ const psa_key_attributes_t *attributes)
{
- return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) );
+ return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg);
}
/* This function is declared in crypto_extra.h, which comes after this
* header file, but we need the function here, so repeat the declaration. */
-psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes,
+psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
psa_key_type_t type,
const uint8_t *data,
- size_t data_length );
+ size_t data_length);
-static inline void psa_set_key_type( psa_key_attributes_t *attributes,
- psa_key_type_t type )
+static inline void psa_set_key_type(psa_key_attributes_t *attributes,
+ psa_key_type_t type)
{
- if( attributes->MBEDTLS_PRIVATE(domain_parameters) == NULL )
- {
+ if (attributes->MBEDTLS_PRIVATE(domain_parameters) == NULL) {
/* Common case: quick path */
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) = type;
- }
- else
- {
+ } else {
/* Call the bigger function to free the old domain parameters.
* Ignore any errors which may arise due to type requiring
* non-default domain parameters, since this function can't
* report errors. */
- (void) psa_set_key_domain_parameters( attributes, type, NULL, 0 );
+ (void) psa_set_key_domain_parameters(attributes, type, NULL, 0);
}
}
static inline psa_key_type_t psa_get_key_type(
- const psa_key_attributes_t *attributes )
+ const psa_key_attributes_t *attributes)
{
- return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) );
+ return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type);
}
-static inline void psa_set_key_bits( psa_key_attributes_t *attributes,
- size_t bits )
+static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
+ size_t bits)
{
- if( bits > PSA_MAX_KEY_BITS )
+ if (bits > PSA_MAX_KEY_BITS) {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = PSA_KEY_BITS_TOO_LARGE;
- else
+ } else {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = (psa_key_bits_t) bits;
+ }
}
static inline size_t psa_get_key_bits(
- const psa_key_attributes_t *attributes )
+ const psa_key_attributes_t *attributes)
{
- return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) );
+ return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits);
}
#ifdef __cplusplus
diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h
index af61aea..95bf32f 100644
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@@ -291,7 +291,7 @@
* Any changes to existing values will require bumping the storage
* format version and providing a translation when reading the old
* format.
-*/
+ */
#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
typedef psa_key_id_t mbedtls_svc_key_id_t;
@@ -301,8 +301,7 @@
* client and encodes the client identity in the key identifier argument of
* functions such as psa_open_key().
*/
-typedef struct
-{
+typedef struct {
psa_key_id_t MBEDTLS_PRIVATE(key_id);
mbedtls_key_owner_id_t MBEDTLS_PRIVATE(owner);
} mbedtls_svc_key_id_t;
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index cf8a7b2..c688b50 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -59,14 +59,14 @@
* domains aren't already using. */
/** The action was completed successfully. */
-#define PSA_SUCCESS ((psa_status_t)0)
+#define PSA_SUCCESS ((psa_status_t) 0)
/** An error occurred that does not correspond to any defined
* failure cause.
*
* Implementations may use this error code if none of the other standard
* error codes are applicable. */
-#define PSA_ERROR_GENERIC_ERROR ((psa_status_t)-132)
+#define PSA_ERROR_GENERIC_ERROR ((psa_status_t) -132)
/** The requested operation or a parameter is not supported
* by this implementation.
@@ -75,7 +75,7 @@
* parameter such as a key type, algorithm, etc. is not recognized.
* If a combination of parameters is recognized and identified as
* not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
-#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134)
+#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t) -134)
/** The requested action is denied by a policy.
*
@@ -88,7 +88,7 @@
* not valid or not supported, it is unspecified whether the function
* returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or
* #PSA_ERROR_INVALID_ARGUMENT. */
-#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)-133)
+#define PSA_ERROR_NOT_PERMITTED ((psa_status_t) -133)
/** An output buffer is too small.
*
@@ -100,19 +100,19 @@
* buffer would succeed. However implementations may return this
* error if a function has invalid or unsupported parameters in addition
* to the parameters that determine the necessary output buffer size. */
-#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)-138)
+#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t) -138)
/** Asking for an item that already exists
*
* Implementations should return this error, when attempting
* to write an item (like a key) that already exists. */
-#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t)-139)
+#define PSA_ERROR_ALREADY_EXISTS ((psa_status_t) -139)
/** Asking for an item that doesn't exist
*
* Implementations should return this error, if a requested item (like
* a key) does not exist. */
-#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t)-140)
+#define PSA_ERROR_DOES_NOT_EXIST ((psa_status_t) -140)
/** The requested action cannot be performed in the current state.
*
@@ -128,7 +128,7 @@
* Implementations shall not return this error code to indicate that a
* key identifier is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
* instead. */
-#define PSA_ERROR_BAD_STATE ((psa_status_t)-137)
+#define PSA_ERROR_BAD_STATE ((psa_status_t) -137)
/** The parameters passed to the function are invalid.
*
@@ -139,13 +139,13 @@
* key identifier is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
* instead.
*/
-#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)-135)
+#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t) -135)
/** There is not enough runtime memory.
*
* If the action is carried out across multiple security realms, this
* error can refer to available memory in any of the security realms. */
-#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)-141)
+#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t) -141)
/** There is not enough persistent storage.
*
@@ -154,7 +154,7 @@
* many functions that do not otherwise access storage may return this
* error code if the implementation requires a mandatory log entry for
* the requested action and the log storage space is full. */
-#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)-142)
+#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t) -142)
/** There was a communication failure inside the implementation.
*
@@ -171,7 +171,7 @@
* cryptoprocessor but there was a breakdown of communication before
* the cryptoprocessor could report the status to the application.
*/
-#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)-145)
+#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t) -145)
/** There was a storage failure that may have led to data loss.
*
@@ -196,13 +196,13 @@
* permanent storage corruption. However application writers should
* keep in mind that transient errors while reading the storage may be
* reported using this error code. */
-#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)-146)
+#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t) -146)
/** A hardware failure was detected.
*
* A hardware failure may be transient or permanent depending on the
* cause. */
-#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)-147)
+#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t) -147)
/** A tampering attempt was detected.
*
@@ -233,7 +233,7 @@
* This error indicates an attack against the application. Implementations
* shall not return this error code as a consequence of the behavior of
* the application itself. */
-#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t)-151)
+#define PSA_ERROR_CORRUPTION_DETECTED ((psa_status_t) -151)
/** There is not enough entropy to generate random data needed
* for the requested action.
@@ -252,7 +252,7 @@
* secure pseudorandom generator (PRNG). However implementations may return
* this error at any time if a policy requires the PRNG to be reseeded
* during normal operation. */
-#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)-148)
+#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t) -148)
/** The signature, MAC or hash is incorrect.
*
@@ -262,7 +262,7 @@
*
* If the value to verify has an invalid size, implementations may return
* either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */
-#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149)
+#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t) -149)
/** The decrypted padding is incorrect.
*
@@ -278,15 +278,15 @@
* as close as possible to indistinguishable to an external observer.
* In particular, the timing of a decryption operation should not
* depend on the validity of the padding. */
-#define PSA_ERROR_INVALID_PADDING ((psa_status_t)-150)
+#define PSA_ERROR_INVALID_PADDING ((psa_status_t) -150)
/** Return this error when there's insufficient data when attempting
* to read from a resource. */
-#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)
+#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t) -143)
/** The key identifier is not valid. See also :ref:\`key-handles\`.
*/
-#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)
+#define PSA_ERROR_INVALID_HANDLE ((psa_status_t) -136)
/** Stored data has been corrupted.
*
@@ -310,7 +310,7 @@
* When a storage failure occurs, it is no longer possible to ensure the
* global integrity of the keystore.
*/
-#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152)
+#define PSA_ERROR_DATA_CORRUPT ((psa_status_t) -152)
/** Data read from storage is not valid for the implementation.
*
@@ -326,7 +326,7 @@
* cleartext storage backend, or an attempt to read data that was
* written by an incompatible version of the library.
*/
-#define PSA_ERROR_DATA_INVALID ((psa_status_t)-153)
+#define PSA_ERROR_DATA_INVALID ((psa_status_t) -153)
/**@}*/
@@ -344,7 +344,7 @@
*
* Zero is not the encoding of any key type.
*/
-#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x0000)
+#define PSA_KEY_TYPE_NONE ((psa_key_type_t) 0x0000)
/** Vendor-defined key type flag.
*
@@ -353,15 +353,15 @@
* must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should
* respect the bitwise structure used by standard encodings whenever practical.
*/
-#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x8000)
+#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t) 0x8000)
-#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7000)
-#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x1000)
-#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x2000)
-#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x4000)
-#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x7000)
+#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t) 0x7000)
+#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t) 0x1000)
+#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t) 0x2000)
+#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t) 0x4000)
+#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t) 0x7000)
-#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x3000)
+#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t) 0x3000)
/** Whether a key type is vendor-defined.
*
@@ -419,7 +419,7 @@
*
* A "key" of this type cannot be used for any cryptographic operation.
* Applications may use this type to store arbitrary data in the keystore. */
-#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x1001)
+#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t) 0x1001)
/** HMAC key.
*
@@ -429,7 +429,7 @@
* HMAC keys should generally have the same size as the underlying hash.
* This size can be calculated with #PSA_HASH_LENGTH(\c alg) where
* \c alg is the HMAC algorithm or the underlying hash algorithm. */
-#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100)
+#define PSA_KEY_TYPE_HMAC ((psa_key_type_t) 0x1100)
/** A secret for key derivation.
*
@@ -442,7 +442,7 @@
* The key policy determines which key derivation algorithm the key
* can be used for.
*/
-#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x1200)
+#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t) 0x1200)
/** A low-entropy secret for password hashing or key derivation.
*
@@ -465,7 +465,7 @@
* The key policy determines which key derivation algorithm the key can be
* used for, among the permissible subset defined above.
*/
-#define PSA_KEY_TYPE_PASSWORD ((psa_key_type_t)0x1203)
+#define PSA_KEY_TYPE_PASSWORD ((psa_key_type_t) 0x1203)
/** A secret value that can be used to verify a password hash.
*
@@ -473,25 +473,25 @@
* can be used for, among the same permissible subset as for
* #PSA_KEY_TYPE_PASSWORD.
*/
-#define PSA_KEY_TYPE_PASSWORD_HASH ((psa_key_type_t)0x1205)
+#define PSA_KEY_TYPE_PASSWORD_HASH ((psa_key_type_t) 0x1205)
/** A secret value that can be used in when computing a password hash.
*
* The key policy determines which key derivation algorithm the key
* can be used for, among the subset of algorithms that can use pepper.
*/
-#define PSA_KEY_TYPE_PEPPER ((psa_key_type_t)0x1206)
+#define PSA_KEY_TYPE_PEPPER ((psa_key_type_t) 0x1206)
/** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher.
*
* The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or
* 32 bytes (AES-256).
*/
-#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x2400)
+#define PSA_KEY_TYPE_AES ((psa_key_type_t) 0x2400)
/** Key for a cipher, AEAD or MAC algorithm based on the
* ARIA block cipher. */
-#define PSA_KEY_TYPE_ARIA ((psa_key_type_t)0x2406)
+#define PSA_KEY_TYPE_ARIA ((psa_key_type_t) 0x2406)
/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
*
@@ -502,11 +502,11 @@
* deprecated and should only be used to decrypt legacy data. 3-key 3DES
* is weak and deprecated and should only be used in legacy protocols.
*/
-#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x2301)
+#define PSA_KEY_TYPE_DES ((psa_key_type_t) 0x2301)
/** Key for a cipher, AEAD or MAC algorithm based on the
* Camellia block cipher. */
-#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403)
+#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t) 0x2403)
/** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm.
*
@@ -519,25 +519,25 @@
* with the initial counter value 1, you can process and discard a
* 64-byte block before the real data.
*/
-#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004)
+#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t) 0x2004)
/** RSA public key.
*
* The size of an RSA key is the bit size of the modulus.
*/
-#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x4001)
+#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t) 0x4001)
/** RSA key pair (private and public key).
*
* The size of an RSA key is the bit size of the modulus.
*/
-#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7001)
+#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t) 0x7001)
/** Whether a key type is an RSA key (pair or public-only). */
#define PSA_KEY_TYPE_IS_RSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
-#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x4100)
-#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x7100)
-#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff)
+#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4100)
+#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t) 0x7100)
+#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t) 0x00ff)
/** Elliptic curve key pair.
*
* The size of an elliptic curve key is the bit size associated with the curve,
@@ -577,8 +577,8 @@
/** Extract the curve from an elliptic curve key type. */
#define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \
((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
- ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
- 0))
+ ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
+ 0))
/** Check if the curve of given family is Weierstrass elliptic curve. */
#define PSA_ECC_FAMILY_IS_WEIERSTRASS(family) ((family & 0xc0) == 0)
@@ -672,9 +672,9 @@
*/
#define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42)
-#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x4200)
-#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200)
-#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff)
+#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4200)
+#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t) 0x7200)
+#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t) 0x00ff)
/** Diffie-Hellman key pair.
*
* \param group A value of type ::psa_dh_family_t that identifies the
@@ -706,8 +706,8 @@
/** Extract the group from a Diffie-Hellman key type. */
#define PSA_KEY_TYPE_DH_GET_FAMILY(type) \
((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \
- ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \
- 0))
+ ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \
+ 0))
/** Diffie-Hellman groups defined in RFC 7919 Appendix A.
*
@@ -740,7 +740,7 @@
#define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \
(((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
- 0u)
+ 0u)
/* Note that algorithm values are embedded in the persistent key store,
* as part of key metadata. As a consequence, they must not be changed
@@ -754,17 +754,17 @@
* the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure
* used by standard encodings whenever practical.
*/
-#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000)
+#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t) 0x80000000)
-#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000)
-#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x02000000)
-#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x03000000)
-#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000)
-#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x05000000)
-#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x06000000)
-#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000)
-#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000)
-#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000)
+#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t) 0x7f000000)
+#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t) 0x02000000)
+#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t) 0x03000000)
+#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t) 0x04000000)
+#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t) 0x05000000)
+#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t) 0x06000000)
+#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t) 0x07000000)
+#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t) 0x08000000)
+#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t) 0x09000000)
/** Whether an algorithm is vendor-defined.
*
@@ -883,42 +883,42 @@
(alg) & PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG)
/** An invalid algorithm identifier value. */
-#define PSA_ALG_NONE ((psa_algorithm_t)0)
+#define PSA_ALG_NONE ((psa_algorithm_t) 0)
-#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
+#define PSA_ALG_HASH_MASK ((psa_algorithm_t) 0x000000ff)
/** MD5 */
-#define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003)
+#define PSA_ALG_MD5 ((psa_algorithm_t) 0x02000003)
/** PSA_ALG_RIPEMD160 */
-#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x02000004)
+#define PSA_ALG_RIPEMD160 ((psa_algorithm_t) 0x02000004)
/** SHA1 */
-#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x02000005)
+#define PSA_ALG_SHA_1 ((psa_algorithm_t) 0x02000005)
/** SHA2-224 */
-#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x02000008)
+#define PSA_ALG_SHA_224 ((psa_algorithm_t) 0x02000008)
/** SHA2-256 */
-#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x02000009)
+#define PSA_ALG_SHA_256 ((psa_algorithm_t) 0x02000009)
/** SHA2-384 */
-#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0200000a)
+#define PSA_ALG_SHA_384 ((psa_algorithm_t) 0x0200000a)
/** SHA2-512 */
-#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0200000b)
+#define PSA_ALG_SHA_512 ((psa_algorithm_t) 0x0200000b)
/** SHA2-512/224 */
-#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0200000c)
+#define PSA_ALG_SHA_512_224 ((psa_algorithm_t) 0x0200000c)
/** SHA2-512/256 */
-#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0200000d)
+#define PSA_ALG_SHA_512_256 ((psa_algorithm_t) 0x0200000d)
/** SHA3-224 */
-#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x02000010)
+#define PSA_ALG_SHA3_224 ((psa_algorithm_t) 0x02000010)
/** SHA3-256 */
-#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x02000011)
+#define PSA_ALG_SHA3_256 ((psa_algorithm_t) 0x02000011)
/** SHA3-384 */
-#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x02000012)
+#define PSA_ALG_SHA3_384 ((psa_algorithm_t) 0x02000012)
/** SHA3-512 */
-#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x02000013)
+#define PSA_ALG_SHA3_512 ((psa_algorithm_t) 0x02000013)
/** The first 512 bits (64 bytes) of the SHAKE256 output.
*
* This is the prehashing for Ed448ph (see #PSA_ALG_ED448PH). For other
* scenarios where a hash function based on SHA3/SHAKE is desired, SHA3-512
* has the same output size and a (theoretically) higher security strength.
*/
-#define PSA_ALG_SHAKE256_512 ((psa_algorithm_t)0x02000015)
+#define PSA_ALG_SHAKE256_512 ((psa_algorithm_t) 0x02000015)
/** In a hash-and-sign algorithm policy, allow any hash algorithm.
*
@@ -953,10 +953,10 @@
* This value may not be used to build an algorithm specification to
* perform an operation. It is only valid to build policies.
*/
-#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x020000ff)
+#define PSA_ALG_ANY_HASH ((psa_algorithm_t) 0x020000ff)
-#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000)
-#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x03800000)
+#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t) 0x00c00000)
+#define PSA_ALG_HMAC_BASE ((psa_algorithm_t) 0x03800000)
/** Macro to build an HMAC algorithm.
*
* For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256.
@@ -995,7 +995,7 @@
* reach up to 63; the largest MAC is 64 bytes so its trivial truncation
* to full length is correctly encoded as 0 and any non-trivial truncation
* is correctly encoded as a value between 1 and 63. */
-#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x003f0000)
+#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t) 0x003f0000)
#define PSA_MAC_TRUNCATION_OFFSET 16
/* In the encoding of a MAC algorithm, the bit corresponding to
@@ -1004,7 +1004,7 @@
* algorithm policy can be used with any algorithm corresponding to the
* same base class and having a (potentially truncated) MAC length greater or
* equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */
-#define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000)
+#define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
/** Macro to build a truncated MAC algorithm.
*
@@ -1099,18 +1099,18 @@
* too large for the specified MAC algorithm.
*/
#define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \
- ( PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
- PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG )
+ (PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
+ PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)
-#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x03c00000)
+#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t) 0x03c00000)
/** The CBC-MAC construction over a block cipher
*
* \warning CBC-MAC is insecure in many cases.
* A more secure mode, such as #PSA_ALG_CMAC, is recommended.
*/
-#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100)
+#define PSA_ALG_CBC_MAC ((psa_algorithm_t) 0x03c00100)
/** The CMAC construction over a block cipher */
-#define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200)
+#define PSA_ALG_CMAC ((psa_algorithm_t) 0x03c00200)
/** Whether the specified algorithm is a MAC algorithm based on a block cipher.
*
@@ -1124,8 +1124,8 @@
(((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
PSA_ALG_CIPHER_MAC_BASE)
-#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000)
-#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
+#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t) 0x00800000)
+#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
/** Whether the specified algorithm is a stream cipher.
*
@@ -1141,14 +1141,14 @@
*/
#define PSA_ALG_IS_STREAM_CIPHER(alg) \
(((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
- (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
+ (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
/** The stream cipher mode of a stream cipher algorithm.
*
* The underlying stream cipher is determined by the key type.
* - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20.
*/
-#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100)
+#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t) 0x04800100)
/** The CTR stream cipher mode.
*
@@ -1157,19 +1157,19 @@
* For example, to use AES-128-CTR, use this algorithm with
* a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
*/
-#define PSA_ALG_CTR ((psa_algorithm_t)0x04c01000)
+#define PSA_ALG_CTR ((psa_algorithm_t) 0x04c01000)
/** The CFB stream cipher mode.
*
* The underlying block cipher is determined by the key type.
*/
-#define PSA_ALG_CFB ((psa_algorithm_t)0x04c01100)
+#define PSA_ALG_CFB ((psa_algorithm_t) 0x04c01100)
/** The OFB stream cipher mode.
*
* The underlying block cipher is determined by the key type.
*/
-#define PSA_ALG_OFB ((psa_algorithm_t)0x04c01200)
+#define PSA_ALG_OFB ((psa_algorithm_t) 0x04c01200)
/** The XTS cipher mode.
*
@@ -1177,7 +1177,7 @@
* least one full block of input, but beyond this minimum the input
* does not need to be a whole number of blocks.
*/
-#define PSA_ALG_XTS ((psa_algorithm_t)0x0440ff00)
+#define PSA_ALG_XTS ((psa_algorithm_t) 0x0440ff00)
/** The Electronic Code Book (ECB) mode of a block cipher, with no padding.
*
@@ -1197,7 +1197,7 @@
* multi-part cipher operation with this algorithm, psa_cipher_generate_iv()
* and psa_cipher_set_iv() must not be called.
*/
-#define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t)0x04404400)
+#define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t) 0x04404400)
/** The CBC block cipher chaining mode, with no padding.
*
@@ -1206,7 +1206,7 @@
* This symmetric cipher mode can only be used with messages whose lengths
* are whole number of blocks for the chosen block cipher.
*/
-#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04404000)
+#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t) 0x04404000)
/** The CBC block cipher chaining mode with PKCS#7 padding.
*
@@ -1214,9 +1214,9 @@
*
* This is the padding method defined by PKCS#7 (RFC 2315) §10.3.
*/
-#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04404100)
+#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t) 0x04404100)
-#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000)
+#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
/** Whether the specified algorithm is an AEAD mode on a block cipher.
*
@@ -1235,7 +1235,7 @@
*
* The underlying block cipher is determined by the key type.
*/
-#define PSA_ALG_CCM ((psa_algorithm_t)0x05500100)
+#define PSA_ALG_CCM ((psa_algorithm_t) 0x05500100)
/** The CCM* cipher mode without authentication.
*
@@ -1246,13 +1246,13 @@
*
* Currently only 13-byte long IV's are supported.
*/
-#define PSA_ALG_CCM_STAR_NO_TAG ((psa_algorithm_t)0x04c01300)
+#define PSA_ALG_CCM_STAR_NO_TAG ((psa_algorithm_t) 0x04c01300)
/** The GCM authenticated encryption algorithm.
*
* The underlying block cipher is determined by the key type.
*/
-#define PSA_ALG_GCM ((psa_algorithm_t)0x05500200)
+#define PSA_ALG_GCM ((psa_algorithm_t) 0x05500200)
/** The Chacha20-Poly1305 AEAD algorithm.
*
@@ -1263,13 +1263,13 @@
*
* Implementations must support 16-byte tags and should reject other sizes.
*/
-#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500)
+#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t) 0x05100500)
/* In the encoding of an AEAD algorithm, the bits corresponding to
* PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
* The constants for default lengths follow this encoding.
*/
-#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x003f0000)
+#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t) 0x003f0000)
#define PSA_AEAD_TAG_LENGTH_OFFSET 16
/* In the encoding of an AEAD algorithm, the bit corresponding to
@@ -1278,7 +1278,7 @@
* algorithm policy can be used with any algorithm corresponding to the
* same base class and having a tag length greater than or equal to the one
* encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */
-#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000)
+#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
/** Macro to build a shortened AEAD algorithm.
*
@@ -1302,7 +1302,7 @@
(((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \
PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \
((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
- PSA_ALG_AEAD_TAG_LENGTH_MASK))
+ PSA_ALG_AEAD_TAG_LENGTH_MASK))
/** Retrieve the tag length of a specified AEAD algorithm
*
@@ -1316,7 +1316,7 @@
*/
#define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \
(((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \
- PSA_AEAD_TAG_LENGTH_OFFSET )
+ PSA_AEAD_TAG_LENGTH_OFFSET)
/** Calculate the corresponding AEAD algorithm with the default tag length.
*
@@ -1362,10 +1362,10 @@
* or too large for the specified AEAD algorithm.
*/
#define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
- ( PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
- PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG )
+ (PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
+ PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)
-#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x06000200)
+#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t) 0x06000200)
/** RSA PKCS#1 v1.5 signature with hashing.
*
* This is the signature scheme defined by RFC 8017
@@ -1393,8 +1393,8 @@
#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
-#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x06000300)
-#define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t)0x06001300)
+#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t) 0x06000300)
+#define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t) 0x06001300)
/** RSA PSS signature with hashing.
*
* This is the signature scheme defined by RFC 8017
@@ -1483,7 +1483,7 @@
(PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \
PSA_ALG_IS_RSA_PSS_ANY_SALT(alg))
-#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x06000600)
+#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t) 0x06000600)
/** ECDSA signature with hashing.
*
* This is the ECDSA signature scheme defined by ANSI X9.62,
@@ -1516,7 +1516,7 @@
* the curve size.
*/
#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
-#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x06000700)
+#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t) 0x06000700)
/** Deterministic ECDSA signature with hashing.
*
* This is the deterministic ECDSA signature scheme defined by RFC 6979.
@@ -1541,7 +1541,7 @@
*/
#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
(PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00000100)
+#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t) 0x00000100)
#define PSA_ALG_IS_ECDSA(alg) \
(((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
PSA_ALG_ECDSA_BASE)
@@ -1580,9 +1580,9 @@
* RFC 8032 §5.1.6 and §5.2.6 (a 64-byte string for Ed25519, a 114-byte
* string for Ed448).
*/
-#define PSA_ALG_PURE_EDDSA ((psa_algorithm_t)0x06000800)
+#define PSA_ALG_PURE_EDDSA ((psa_algorithm_t) 0x06000800)
-#define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t)0x06000900)
+#define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t) 0x06000900)
#define PSA_ALG_IS_HASH_EDDSA(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE)
@@ -1674,7 +1674,7 @@
* supported algorithm identifier.
*/
#define PSA_ALG_IS_SIGN_MESSAGE(alg) \
- (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA )
+ (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA)
/** Whether the specified algorithm is a hash-and-sign algorithm.
*
@@ -1731,9 +1731,9 @@
/** RSA PKCS#1 v1.5 encryption.
*/
-#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x07000200)
+#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t) 0x07000200)
-#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x07000300)
+#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t) 0x07000300)
/** RSA OAEP encryption.
*
* This is the encryption scheme defined by RFC 8017
@@ -1757,7 +1757,7 @@
((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
0)
-#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x08000100)
+#define PSA_ALG_HKDF_BASE ((psa_algorithm_t) 0x08000100)
/** Macro to build an HKDF algorithm.
*
* For example, `PSA_ALG_HKDF(PSA_ALG_SHA_256)` is HKDF using HMAC-SHA-256.
@@ -1802,7 +1802,7 @@
#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_HKDF_EXTRACT_BASE ((psa_algorithm_t)0x08000400)
+#define PSA_ALG_HKDF_EXTRACT_BASE ((psa_algorithm_t) 0x08000400)
/** Macro to build an HKDF-Extract algorithm.
*
* For example, `PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256)` is
@@ -1851,7 +1851,7 @@
#define PSA_ALG_IS_HKDF_EXTRACT(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE)
-#define PSA_ALG_HKDF_EXPAND_BASE ((psa_algorithm_t)0x08000500)
+#define PSA_ALG_HKDF_EXPAND_BASE ((psa_algorithm_t) 0x08000500)
/** Macro to build an HKDF-Expand algorithm.
*
* For example, `PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256)` is
@@ -1908,7 +1908,7 @@
((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE || \
((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXPAND_BASE)
-#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x08000200)
+#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t) 0x08000200)
/** Macro to build a TLS-1.2 PRF algorithm.
*
* TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
@@ -1951,7 +1951,7 @@
#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x08000300)
+#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t) 0x08000300)
/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
*
* In a pure-PSK handshake in TLS 1.2, the master secret is derived
@@ -2033,7 +2033,7 @@
* The output has to be read as a single chunk of 32 bytes, defined as
* PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE.
*/
-#define PSA_ALG_TLS12_ECJPAKE_TO_PMS ((psa_algorithm_t)0x08000609)
+#define PSA_ALG_TLS12_ECJPAKE_TO_PMS ((psa_algorithm_t) 0x08000609)
/* This flag indicates whether the key derivation algorithm is suitable for
* use on low-entropy secrets such as password - these algorithms are also
@@ -2042,9 +2042,9 @@
*
* Those algorithms cannot be combined with a key agreement algorithm.
*/
-#define PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG ((psa_algorithm_t)0x00800000)
+#define PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG ((psa_algorithm_t) 0x00800000)
-#define PSA_ALG_PBKDF2_HMAC_BASE ((psa_algorithm_t)0x08800100)
+#define PSA_ALG_PBKDF2_HMAC_BASE ((psa_algorithm_t) 0x08800100)
/** Macro to build a PBKDF2-HMAC password hashing / key stretching algorithm.
*
* PBKDF2 is defined by PKCS#5, republished as RFC 8018 (section 5.2).
@@ -2094,10 +2094,10 @@
* This key derivation algorithm uses the same inputs as
* #PSA_ALG_PBKDF2_HMAC() with the same constraints.
*/
-#define PSA_ALG_PBKDF2_AES_CMAC_PRF_128 ((psa_algorithm_t)0x08800200)
+#define PSA_ALG_PBKDF2_AES_CMAC_PRF_128 ((psa_algorithm_t) 0x08800200)
-#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff)
-#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000)
+#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t) 0xfe00ffff)
+#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t) 0xffff0000)
/** Macro to build a combined algorithm that chains a key agreement with
* a key derivation.
@@ -2150,7 +2150,7 @@
* It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p`
* in bits.
*/
-#define PSA_ALG_FFDH ((psa_algorithm_t)0x09010000)
+#define PSA_ALG_FFDH ((psa_algorithm_t) 0x09010000)
/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
*
@@ -2192,7 +2192,7 @@
* in big-endian byte order.
* The bit size is `m` for the field `F_{2^m}`.
*/
-#define PSA_ALG_ECDH ((psa_algorithm_t)0x09020000)
+#define PSA_ALG_ECDH ((psa_algorithm_t) 0x09020000)
/** Whether the specified algorithm is an elliptic curve Diffie-Hellman
* algorithm.
@@ -2243,7 +2243,7 @@
* \return \c 0 if alg is not a composite algorithm that uses a hash.
*/
#define PSA_ALG_GET_HASH(alg) \
- (((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t)0) : 0x02000000 | ((alg) & 0x000000ff))
+ (((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t) 0) : 0x02000000 | ((alg) & 0x000000ff))
/**@}*/
@@ -2267,7 +2267,7 @@
* it must release all the resources associated with the key and erase the
* key material if the calling application terminates.
*/
-#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000)
+#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t) 0x00000000)
/** The default lifetime for persistent keys.
*
@@ -2281,31 +2281,31 @@
* application. Integrations of Mbed TLS may support other persistent lifetimes.
* See ::psa_key_lifetime_t for more information.
*/
-#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001)
+#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t) 0x00000001)
/** The persistence level of volatile keys.
*
* See ::psa_key_persistence_t for more information.
*/
-#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00)
+#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t) 0x00)
/** The default persistence level for persistent keys.
*
* See ::psa_key_persistence_t for more information.
*/
-#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01)
+#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t) 0x01)
/** A persistence level indicating that a key is never destroyed.
*
* See ::psa_key_persistence_t for more information.
*/
-#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff)
+#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t) 0xff)
#define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \
- ((psa_key_persistence_t)((lifetime) & 0x000000ff))
+ ((psa_key_persistence_t) ((lifetime) & 0x000000ff))
#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \
- ((psa_key_location_t)((lifetime) >> 8))
+ ((psa_key_location_t) ((lifetime) >> 8))
/** Whether a key lifetime indicates that the key is volatile.
*
@@ -2367,9 +2367,9 @@
*
* See ::psa_key_location_t for more information.
*/
-#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000)
+#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t) 0x000000)
-#define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000)
+#define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t) 0x800000)
/* Note that key identifier values are embedded in the
* persistent key store, as part of key metadata. As a consequence, they
@@ -2378,26 +2378,26 @@
/** The null key identifier.
*/
-#define PSA_KEY_ID_NULL ((psa_key_id_t)0)
+#define PSA_KEY_ID_NULL ((psa_key_id_t) 0)
/** The minimum value for a key identifier chosen by the application.
*/
-#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001)
+#define PSA_KEY_ID_USER_MIN ((psa_key_id_t) 0x00000001)
/** The maximum value for a key identifier chosen by the application.
*/
-#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff)
+#define PSA_KEY_ID_USER_MAX ((psa_key_id_t) 0x3fffffff)
/** The minimum value for a key identifier chosen by the implementation.
*/
-#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000)
+#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t) 0x40000000)
/** The maximum value for a key identifier chosen by the implementation.
*/
-#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff)
+#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t) 0x7fffffff)
#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
-#define MBEDTLS_SVC_KEY_ID_INIT ( (psa_key_id_t)0 )
-#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( id )
-#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( 0 )
+#define MBEDTLS_SVC_KEY_ID_INIT ((psa_key_id_t) 0)
+#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) (id)
+#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) (0)
/** Utility to initialize a key identifier at runtime.
*
@@ -2405,11 +2405,11 @@
* \param key_id Identifier of the key.
*/
static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
- unsigned int unused, psa_key_id_t key_id )
+ unsigned int unused, psa_key_id_t key_id)
{
- (void)unused;
+ (void) unused;
- return( key_id );
+ return key_id;
}
/** Compare two key identifiers.
@@ -2419,10 +2419,10 @@
*
* \return Non-zero if the two key identifier are equal, zero otherwise.
*/
-static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1,
- mbedtls_svc_key_id_t id2 )
+static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1,
+ mbedtls_svc_key_id_t id2)
{
- return( id1 == id2 );
+ return id1 == id2;
}
/** Check whether a key identifier is null.
@@ -2431,16 +2431,16 @@
*
* \return Non-zero if the key identifier is null, zero otherwise.
*/
-static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
+static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
{
- return( key == 0 );
+ return key == 0;
}
#else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
-#define MBEDTLS_SVC_KEY_ID_INIT ( (mbedtls_svc_key_id_t){ 0, 0 } )
-#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( ( id ).MBEDTLS_PRIVATE(key_id) )
-#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( ( id ).MBEDTLS_PRIVATE(owner) )
+#define MBEDTLS_SVC_KEY_ID_INIT ((mbedtls_svc_key_id_t){ 0, 0 })
+#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) ((id).MBEDTLS_PRIVATE(key_id))
+#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) ((id).MBEDTLS_PRIVATE(owner))
/** Utility to initialize a key identifier at runtime.
*
@@ -2448,10 +2448,10 @@
* \param key_id Identifier of the key.
*/
static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
- mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id )
+ mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id)
{
- return( (mbedtls_svc_key_id_t){ .MBEDTLS_PRIVATE(key_id) = key_id,
- .MBEDTLS_PRIVATE(owner) = owner_id } );
+ return (mbedtls_svc_key_id_t){ .MBEDTLS_PRIVATE(key_id) = key_id,
+ .MBEDTLS_PRIVATE(owner) = owner_id };
}
/** Compare two key identifiers.
@@ -2461,11 +2461,11 @@
*
* \return Non-zero if the two key identifier are equal, zero otherwise.
*/
-static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1,
- mbedtls_svc_key_id_t id2 )
+static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1,
+ mbedtls_svc_key_id_t id2)
{
- return( ( id1.MBEDTLS_PRIVATE(key_id) == id2.MBEDTLS_PRIVATE(key_id) ) &&
- mbedtls_key_owner_id_equal( id1.MBEDTLS_PRIVATE(owner), id2.MBEDTLS_PRIVATE(owner) ) );
+ return (id1.MBEDTLS_PRIVATE(key_id) == id2.MBEDTLS_PRIVATE(key_id)) &&
+ mbedtls_key_owner_id_equal(id1.MBEDTLS_PRIVATE(owner), id2.MBEDTLS_PRIVATE(owner));
}
/** Check whether a key identifier is null.
@@ -2474,9 +2474,9 @@
*
* \return Non-zero if the key identifier is null, zero otherwise.
*/
-static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
+static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
{
- return( key.MBEDTLS_PRIVATE(key_id) == 0 );
+ return key.MBEDTLS_PRIVATE(key_id) == 0;
}
#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
@@ -2503,7 +2503,7 @@
* The key may however be exportable in a wrapped form, i.e. in a form
* where it is encrypted by another key.
*/
-#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001)
+#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t) 0x00000001)
/** Whether the key may be copied.
*
@@ -2519,7 +2519,7 @@
* #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY
* is sufficient to permit the copy.
*/
-#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002)
+#define PSA_KEY_USAGE_COPY ((psa_key_usage_t) 0x00000002)
/** Whether the key may be used to encrypt a message.
*
@@ -2530,7 +2530,7 @@
*
* For a key pair, this concerns the public key.
*/
-#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100)
+#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t) 0x00000100)
/** Whether the key may be used to decrypt a message.
*
@@ -2541,7 +2541,7 @@
*
* For a key pair, this concerns the private key.
*/
-#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200)
+#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t) 0x00000200)
/** Whether the key may be used to sign a message.
*
@@ -2551,7 +2551,7 @@
*
* For a key pair, this concerns the private key.
*/
-#define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t)0x00000400)
+#define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t) 0x00000400)
/** Whether the key may be used to verify a message.
*
@@ -2561,7 +2561,7 @@
*
* For a key pair, this concerns the public key.
*/
-#define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t)0x00000800)
+#define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t) 0x00000800)
/** Whether the key may be used to sign a message.
*
@@ -2571,7 +2571,7 @@
*
* For a key pair, this concerns the private key.
*/
-#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00001000)
+#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t) 0x00001000)
/** Whether the key may be used to verify a message signature.
*
@@ -2581,7 +2581,7 @@
*
* For a key pair, this concerns the public key.
*/
-#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00002000)
+#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t) 0x00002000)
/** Whether the key may be used to derive other keys or produce a password
* hash.
@@ -2595,7 +2595,7 @@
* permits calling psa_key_derivation_output_bytes() or
* psa_key_derivation_output_key() at the end of the operation.
*/
-#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000)
+#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t) 0x00004000)
/** Whether the key may be used to verify the result of a key derivation,
* including password hashing.
@@ -2610,7 +2610,7 @@
* permits calling psa_key_derivation_verify_bytes() or
* psa_key_derivation_verify_key() at the end of the operation.
*/
-#define PSA_KEY_USAGE_VERIFY_DERIVATION ((psa_key_usage_t)0x00008000)
+#define PSA_KEY_USAGE_VERIFY_DERIVATION ((psa_key_usage_t) 0x00008000)
/**@}*/
@@ -2636,7 +2636,7 @@
* psa_key_derivation_verify_key(), but not
* psa_key_derivation_output_key().
*/
-#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101)
+#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101)
/** A low-entropy secret input for password hashing / key stretching.
*
@@ -2654,7 +2654,7 @@
* psa_key_derivation_verify_key(), but not
* psa_key_derivation_output_key().
*/
-#define PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t)0x0102)
+#define PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t) 0x0102)
/** A high-entropy additional secret input for key derivation.
*
@@ -2664,14 +2664,14 @@
* a direct input passed to `psa_key_derivation_input_bytes()`.
*/
#define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET \
- ((psa_key_derivation_step_t)0x0103)
+ ((psa_key_derivation_step_t) 0x0103)
/** A label for key derivation.
*
* This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/
-#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201)
+#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201)
/** A salt for key derivation.
*
@@ -2679,27 +2679,27 @@
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA or
* #PSA_KEY_TYPE_PEPPER.
*/
-#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202)
+#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202)
/** An information string for key derivation.
*
* This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/
-#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203)
+#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203)
/** A seed for key derivation.
*
* This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/
-#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204)
+#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204)
/** A cost parameter for password hashing / key stretching.
*
* This must be a direct input, passed to psa_key_derivation_input_integer().
*/
-#define PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t)0x0205)
+#define PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t) 0x0205)
/**@}*/