lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Switch to the new code style

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
2023-01-11 14:50:10 +01:00
parent fd13a0f851
commit 449bd8303e
442 changed files with 86735 additions and 89438 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
include/mbedtls/aes.h
View File

@ -72,8 +72,7 @@ extern "C" {
/** /**
* \brief The AES context-type definition. * \brief The AES context-type definition.
*/ */
typedef struct mbedtls_aes_context typedef struct mbedtls_aes_context {
{
int MBEDTLS_PRIVATE(nr); /*!< The number of rounds. */ int MBEDTLS_PRIVATE(nr); /*!< The number of rounds. */
size_t MBEDTLS_PRIVATE(rk_offset); /*!< The offset in array elements to AES size_t MBEDTLS_PRIVATE(rk_offset); /*!< The offset in array elements to AES
round keys in the buffer. */ round keys in the buffer. */
@ -92,8 +91,7 @@ mbedtls_aes_context;
/** /**
* \brief The AES XTS context-type definition. * \brief The AES XTS context-type definition.
*/ */
typedef struct mbedtls_aes_xts_context typedef struct mbedtls_aes_xts_context {
{
mbedtls_aes_context MBEDTLS_PRIVATE(crypt); /*!< The AES context to use for AES block mbedtls_aes_context MBEDTLS_PRIVATE(crypt); /*!< The AES context to use for AES block
encryption or decryption. */ encryption or decryption. */
mbedtls_aes_context MBEDTLS_PRIVATE(tweak); /*!< The AES context used for tweak mbedtls_aes_context MBEDTLS_PRIVATE(tweak); /*!< The AES context used for tweak
@ -113,7 +111,7 @@ typedef struct mbedtls_aes_xts_context
* *
* \param ctx The AES context to initialize. This must not be \c NULL. * \param ctx The AES context to initialize. This must not be \c NULL.
*/ */
void mbedtls_aes_init( mbedtls_aes_context *ctx ); void mbedtls_aes_init(mbedtls_aes_context *ctx);
/** /**
* \brief This function releases and clears the specified AES context. * \brief This function releases and clears the specified AES context.
@ -122,7 +120,7 @@ void mbedtls_aes_init( mbedtls_aes_context *ctx );
* If this is \c NULL, this function does nothing. * If this is \c NULL, this function does nothing.
* Otherwise, the context must have been at least initialized. * Otherwise, the context must have been at least initialized.
*/ */
void mbedtls_aes_free( mbedtls_aes_context *ctx ); void mbedtls_aes_free(mbedtls_aes_context *ctx);
#if defined(MBEDTLS_CIPHER_MODE_XTS) #if defined(MBEDTLS_CIPHER_MODE_XTS)
/** /**
@ -133,7 +131,7 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx );
* *
* \param ctx The AES XTS context to initialize. This must not be \c NULL. * \param ctx The AES XTS context to initialize. This must not be \c NULL.
*/ */
void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ); void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx);
/** /**
* \brief This function releases and clears the specified AES XTS context. * \brief This function releases and clears the specified AES XTS context.
@ -142,7 +140,7 @@ void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx );
* If this is \c NULL, this function does nothing. * If this is \c NULL, this function does nothing.
* Otherwise, the context must have been at least initialized. * Otherwise, the context must have been at least initialized.
*/ */
void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ); void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx);
#endif /* MBEDTLS_CIPHER_MODE_XTS */ #endif /* MBEDTLS_CIPHER_MODE_XTS */
/** /**
@ -161,8 +159,8 @@ void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx );
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief This function sets the decryption key. * \brief This function sets the decryption key.
@ -180,8 +178,8 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
#if defined(MBEDTLS_CIPHER_MODE_XTS) #if defined(MBEDTLS_CIPHER_MODE_XTS)
/** /**
@ -201,9 +199,9 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief This function prepares an XTS context for decryption and * \brief This function prepares an XTS context for decryption and
@ -222,9 +220,9 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
#endif /* MBEDTLS_CIPHER_MODE_XTS */ #endif /* MBEDTLS_CIPHER_MODE_XTS */
/** /**
@ -251,10 +249,10 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
@ -299,12 +297,12 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
* on failure. * on failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_XTS) #if defined(MBEDTLS_CIPHER_MODE_XTS)
@ -344,12 +342,12 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
* length is larger than 2^20 blocks (16 MiB). * length is larger than 2^20 blocks (16 MiB).
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx,
int mode, int mode,
size_t length, size_t length,
const unsigned char data_unit[16], const unsigned char data_unit[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_XTS */ #endif /* MBEDTLS_CIPHER_MODE_XTS */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
@ -393,13 +391,13 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function performs an AES-CFB8 encryption or decryption * \brief This function performs an AES-CFB8 encryption or decryption
@ -438,12 +436,12 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /*MBEDTLS_CIPHER_MODE_CFB */ #endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_OFB) #if defined(MBEDTLS_CIPHER_MODE_OFB)
@ -493,12 +491,12 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_OFB */ #endif /* MBEDTLS_CIPHER_MODE_OFB */
@ -576,13 +574,13 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[16], unsigned char nonce_counter[16],
unsigned char stream_block[16], unsigned char stream_block[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
/** /**
@ -597,9 +595,9 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
/** /**
* \brief Internal AES block decryption function. This is only * \brief Internal AES block decryption function. This is only
@ -613,9 +611,9 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
@ -625,7 +623,7 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
MBEDTLS_CHECK_RETURN_CRITICAL MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_aes_self_test( int verbose ); int mbedtls_aes_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

33
include/mbedtls/aria.h
View File

@ -61,8 +61,7 @@ extern "C" {
/** /**
* \brief The ARIA context-type definition. * \brief The ARIA context-type definition.
*/ */
typedef struct mbedtls_aria_context typedef struct mbedtls_aria_context {
{
unsigned char MBEDTLS_PRIVATE(nr); /*!< The number of rounds (12, 14 or 16) */ unsigned char MBEDTLS_PRIVATE(nr); /*!< The number of rounds (12, 14 or 16) */
/*! The ARIA round keys. */ /*! The ARIA round keys. */
uint32_t MBEDTLS_PRIVATE(rk)[MBEDTLS_ARIA_MAX_ROUNDS + 1][MBEDTLS_ARIA_BLOCKSIZE / 4]; uint32_t MBEDTLS_PRIVATE(rk)[MBEDTLS_ARIA_MAX_ROUNDS + 1][MBEDTLS_ARIA_BLOCKSIZE / 4];
@ -81,7 +80,7 @@ mbedtls_aria_context;
* *
* \param ctx The ARIA context to initialize. This must not be \c NULL. * \param ctx The ARIA context to initialize. This must not be \c NULL.
*/ */
void mbedtls_aria_init( mbedtls_aria_context *ctx ); void mbedtls_aria_init(mbedtls_aria_context *ctx);
/** /**
* \brief This function releases and clears the specified ARIA context. * \brief This function releases and clears the specified ARIA context.
@ -90,7 +89,7 @@ void mbedtls_aria_init( mbedtls_aria_context *ctx );
* case this function returns immediately. If it is not \c NULL, * case this function returns immediately. If it is not \c NULL,
* it must point to an initialized ARIA context. * it must point to an initialized ARIA context.
*/ */
void mbedtls_aria_free( mbedtls_aria_context *ctx ); void mbedtls_aria_free(mbedtls_aria_context *ctx);
/** /**
* \brief This function sets the encryption key. * \brief This function sets the encryption key.
@ -107,9 +106,9 @@ void mbedtls_aria_free( mbedtls_aria_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief This function sets the decryption key. * \brief This function sets the decryption key.
@ -126,9 +125,9 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief This function performs an ARIA single-block encryption or * \brief This function performs an ARIA single-block encryption or
@ -150,9 +149,9 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx,
const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] ); unsigned char output[MBEDTLS_ARIA_BLOCKSIZE]);
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
@ -196,12 +195,12 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
@ -246,13 +245,13 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
@ -333,13 +332,13 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE], unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE], unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -348,7 +347,7 @@ int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
* *
* \return \c 0 on success, or \c 1 on failure. * \return \c 0 on success, or \c 1 on failure.
*/ */
int mbedtls_aria_self_test( int verbose ); int mbedtls_aria_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus

100
include/mbedtls/asn1.h
View File

@ -96,15 +96,15 @@
/* Slightly smaller way to check if tag is a string tag /* Slightly smaller way to check if tag is a string tag
* compared to canonical implementation. */ * compared to canonical implementation. */
#define MBEDTLS_ASN1_IS_STRING_TAG( tag ) \ #define MBEDTLS_ASN1_IS_STRING_TAG(tag) \
( ( tag ) < 32u && ( \ ((tag) < 32u && ( \
( ( 1u << ( tag ) ) & ( ( 1u << MBEDTLS_ASN1_BMP_STRING ) | \ ((1u << (tag)) & ((1u << MBEDTLS_ASN1_BMP_STRING) | \
( 1u << MBEDTLS_ASN1_UTF8_STRING ) | \ (1u << MBEDTLS_ASN1_UTF8_STRING) | \
( 1u << MBEDTLS_ASN1_T61_STRING ) | \ (1u << MBEDTLS_ASN1_T61_STRING) | \
( 1u << MBEDTLS_ASN1_IA5_STRING ) | \ (1u << MBEDTLS_ASN1_IA5_STRING) | \
( 1u << MBEDTLS_ASN1_UNIVERSAL_STRING ) | \ (1u << MBEDTLS_ASN1_UNIVERSAL_STRING) | \
( 1u << MBEDTLS_ASN1_PRINTABLE_STRING ) | \ (1u << MBEDTLS_ASN1_PRINTABLE_STRING) | \
( 1u << MBEDTLS_ASN1_BIT_STRING ) ) ) != 0 ) ) (1u << MBEDTLS_ASN1_BIT_STRING))) != 0))
/* /*
* Bit masks for each of the components of an ASN.1 tag as specified in * Bit masks for each of the components of an ASN.1 tag as specified in
@ -132,12 +132,12 @@
* 'unsigned char *oid' here! * 'unsigned char *oid' here!
*/ */
#define MBEDTLS_OID_CMP(oid_str, oid_buf) \ #define MBEDTLS_OID_CMP(oid_str, oid_buf) \
( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) || \ ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len) || \
memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 ) memcmp((oid_str), (oid_buf)->p, (oid_buf)->len) != 0)
#define MBEDTLS_OID_CMP_RAW(oid_str, oid_buf, oid_buf_len) \ #define MBEDTLS_OID_CMP_RAW(oid_str, oid_buf, oid_buf_len) \
( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len) ) || \ ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len)) || \
memcmp( (oid_str), (oid_buf), (oid_buf_len) ) != 0 ) memcmp((oid_str), (oid_buf), (oid_buf_len)) != 0)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -151,8 +151,7 @@ extern "C" {
/** /**
* Type-length-value structure that allows for ASN1 using DER. * Type-length-value structure that allows for ASN1 using DER.
*/ */
typedef struct mbedtls_asn1_buf typedef struct mbedtls_asn1_buf {
{
int tag; /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */ int tag; /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */
size_t len; /**< ASN1 length, in octets. */ size_t len; /**< ASN1 length, in octets. */
unsigned char *p; /**< ASN1 data, e.g. in ASCII. */ unsigned char *p; /**< ASN1 data, e.g. in ASCII. */
@ -162,8 +161,7 @@ mbedtls_asn1_buf;
/** /**
* Container for ASN1 bit strings. * Container for ASN1 bit strings.
*/ */
typedef struct mbedtls_asn1_bitstring typedef struct mbedtls_asn1_bitstring {
{
size_t len; /**< ASN1 length, in octets. */ size_t len; /**< ASN1 length, in octets. */
unsigned char unused_bits; /**< Number of unused bits at the end of the string */ unsigned char unused_bits; /**< Number of unused bits at the end of the string */
unsigned char *p; /**< Raw ASN1 data for the bit string */ unsigned char *p; /**< Raw ASN1 data for the bit string */
@ -173,8 +171,7 @@ mbedtls_asn1_bitstring;
/** /**
* Container for a sequence of ASN.1 items * Container for a sequence of ASN.1 items
*/ */
typedef struct mbedtls_asn1_sequence typedef struct mbedtls_asn1_sequence {
{
mbedtls_asn1_buf buf; /**< Buffer containing the given ASN.1 item. */ mbedtls_asn1_buf buf; /**< Buffer containing the given ASN.1 item. */
/** The next entry in the sequence. /** The next entry in the sequence.
@ -191,8 +188,7 @@ mbedtls_asn1_sequence;
/** /**
* Container for a sequence or list of 'named' ASN.1 data items * Container for a sequence or list of 'named' ASN.1 data items
*/ */
typedef struct mbedtls_asn1_named_data typedef struct mbedtls_asn1_named_data {
{
mbedtls_asn1_buf oid; /**< The object identifier. */ mbedtls_asn1_buf oid; /**< The object identifier. */
mbedtls_asn1_buf val; /**< The named value. */ mbedtls_asn1_buf val; /**< The named value. */
@ -232,9 +228,9 @@ mbedtls_asn1_named_data;
* would end beyond \p end. * would end beyond \p end.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable. * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
*/ */
int mbedtls_asn1_get_len( unsigned char **p, int mbedtls_asn1_get_len(unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len ); size_t *len);
/** /**
* \brief Get the tag and length of the element. * \brief Get the tag and length of the element.
@ -257,9 +253,9 @@ int mbedtls_asn1_get_len( unsigned char **p,
* would end beyond \p end. * would end beyond \p end.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable. * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
*/ */
int mbedtls_asn1_get_tag( unsigned char **p, int mbedtls_asn1_get_tag(unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len, int tag ); size_t *len, int tag);
/** /**
* \brief Retrieve a boolean ASN.1 tag and its value. * \brief Retrieve a boolean ASN.1 tag and its value.
@ -276,9 +272,9 @@ int mbedtls_asn1_get_tag( unsigned char **p,
* \return An ASN.1 error code if the input does not start with * \return An ASN.1 error code if the input does not start with
* a valid ASN.1 BOOLEAN. * a valid ASN.1 BOOLEAN.
*/ */
int mbedtls_asn1_get_bool( unsigned char **p, int mbedtls_asn1_get_bool(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ); int *val);
/** /**
* \brief Retrieve an integer ASN.1 tag and its value. * \brief Retrieve an integer ASN.1 tag and its value.
@ -297,9 +293,9 @@ int mbedtls_asn1_get_bool( unsigned char **p,
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
* not fit in an \c int. * not fit in an \c int.
*/ */
int mbedtls_asn1_get_int( unsigned char **p, int mbedtls_asn1_get_int(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ); int *val);
/** /**
* \brief Retrieve an enumerated ASN.1 tag and its value. * \brief Retrieve an enumerated ASN.1 tag and its value.
@ -318,9 +314,9 @@ int mbedtls_asn1_get_int( unsigned char **p,
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
* not fit in an \c int. * not fit in an \c int.
*/ */
int mbedtls_asn1_get_enum( unsigned char **p, int mbedtls_asn1_get_enum(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ); int *val);
/** /**
* \brief Retrieve a bitstring ASN.1 tag and its value. * \brief Retrieve a bitstring ASN.1 tag and its value.
@ -339,8 +335,8 @@ int mbedtls_asn1_get_enum( unsigned char **p,
* \return An ASN.1 error code if the input does not start with * \return An ASN.1 error code if the input does not start with
* a valid ASN.1 BIT STRING. * a valid ASN.1 BIT STRING.
*/ */
int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end,
mbedtls_asn1_bitstring *bs ); mbedtls_asn1_bitstring *bs);
/** /**
* \brief Retrieve a bitstring ASN.1 tag without unused bits and its * \brief Retrieve a bitstring ASN.1 tag without unused bits and its
@ -360,9 +356,9 @@ int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
* \return An ASN.1 error code if the input does not start with * \return An ASN.1 error code if the input does not start with
* a valid ASN.1 BIT STRING. * a valid ASN.1 BIT STRING.
*/ */
int mbedtls_asn1_get_bitstring_null( unsigned char **p, int mbedtls_asn1_get_bitstring_null(unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len ); size_t *len);
/** /**
* \brief Parses and splits an ASN.1 "SEQUENCE OF <tag>". * \brief Parses and splits an ASN.1 "SEQUENCE OF <tag>".
@ -411,10 +407,10 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p,
* \return An ASN.1 error code if the input does not start with * \return An ASN.1 error code if the input does not start with
* a valid ASN.1 SEQUENCE. * a valid ASN.1 SEQUENCE.
*/ */
int mbedtls_asn1_get_sequence_of( unsigned char **p, int mbedtls_asn1_get_sequence_of(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_asn1_sequence *cur, mbedtls_asn1_sequence *cur,
int tag ); int tag);
/** /**
* \brief Free a heap-allocated linked list presentation of * \brief Free a heap-allocated linked list presentation of
* an ASN.1 sequence, including the first element. * an ASN.1 sequence, including the first element.
@ -436,7 +432,7 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p,
* be \c NULL, in which case this functions returns * be \c NULL, in which case this functions returns
* immediately. * immediately.
*/ */
void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ); void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq);
/** /**
* \brief Traverse an ASN.1 SEQUENCE container and * \brief Traverse an ASN.1 SEQUENCE container and
@ -528,9 +524,9 @@ int mbedtls_asn1_traverse_sequence_of(
const unsigned char *end, const unsigned char *end,
unsigned char tag_must_mask, unsigned char tag_must_val, unsigned char tag_must_mask, unsigned char tag_must_val,
unsigned char tag_may_mask, unsigned char tag_may_val, unsigned char tag_may_mask, unsigned char tag_may_val,
int (*cb)( void *ctx, int tag, int (*cb)(void *ctx, int tag,
unsigned char* start, size_t len ), unsigned char *start, size_t len),
void *ctx ); void *ctx);
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
/** /**
@ -551,9 +547,9 @@ int mbedtls_asn1_traverse_sequence_of(
* not fit in an \c int. * not fit in an \c int.
* \return An MPI error code if the parsed value is too large. * \return An MPI error code if the parsed value is too large.
*/ */
int mbedtls_asn1_get_mpi( unsigned char **p, int mbedtls_asn1_get_mpi(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_mpi *X ); mbedtls_mpi *X);
#endif /* MBEDTLS_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
/** /**
@ -572,9 +568,9 @@ int mbedtls_asn1_get_mpi( unsigned char **p,
* *
* \return 0 if successful or a specific ASN.1 or MPI error code. * \return 0 if successful or a specific ASN.1 or MPI error code.
*/ */
int mbedtls_asn1_get_alg( unsigned char **p, int mbedtls_asn1_get_alg(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ); mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params);
/** /**
* \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no * \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no
@ -591,9 +587,9 @@ int mbedtls_asn1_get_alg( unsigned char **p,
* *
* \return 0 if successful or a specific ASN.1 or MPI error code. * \return 0 if successful or a specific ASN.1 or MPI error code.
*/ */
int mbedtls_asn1_get_alg_null( unsigned char **p, int mbedtls_asn1_get_alg_null(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_asn1_buf *alg ); mbedtls_asn1_buf *alg);
/** /**
* \brief Find a specific named_data entry in a sequence or list based on * \brief Find a specific named_data entry in a sequence or list based on
@ -605,8 +601,8 @@ int mbedtls_asn1_get_alg_null( unsigned char **p,
* *
* \return NULL if not found, or a pointer to the existing entry. * \return NULL if not found, or a pointer to the existing entry.
*/ */
const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( const mbedtls_asn1_named_data *list, const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(const mbedtls_asn1_named_data *list,
const char *oid, size_t len ); const char *oid, size_t len);
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
/** /**
@ -621,7 +617,7 @@ const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( const mbedtls_asn1_
* This function calls mbedtls_free() on * This function calls mbedtls_free() on
* `entry->oid.p` and `entry->val.p`. * `entry->oid.p` and `entry->val.p`.
*/ */
void MBEDTLS_DEPRECATED mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry ); void MBEDTLS_DEPRECATED mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *entry);
#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
/** /**
@ -632,7 +628,7 @@ void MBEDTLS_DEPRECATED mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *e
* `entry->oid.p` and `entry->val.p` and then on `entry` * `entry->oid.p` and `entry->val.p` and then on `entry`
* for each list entry, and sets \c *head to \c NULL. * for each list entry, and sets \c *head to \c NULL.
*/ */
void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ); void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head);
/** /**
* \brief Free all shallow entries in a mbedtls_asn1_named_data list, * \brief Free all shallow entries in a mbedtls_asn1_named_data list,
@ -641,7 +637,7 @@ void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head );
* \param name Head of the list of named data entries to free. * \param name Head of the list of named data entries to free.
* This function calls mbedtls_free() on each list element. * This function calls mbedtls_free() on each list element.
*/ */
void mbedtls_asn1_free_named_data_list_shallow( mbedtls_asn1_named_data *name ); void mbedtls_asn1_free_named_data_list_shallow(mbedtls_asn1_named_data *name);
/** \} name Functions to parse ASN.1 data structures */ /** \} name Functions to parse ASN.1 data structures */
/** \} addtogroup asn1_module */ /** \} addtogroup asn1_module */

72
include/mbedtls/asn1write.h
View File

@ -29,11 +29,11 @@
#define MBEDTLS_ASN1_CHK_ADD(g, f) \ #define MBEDTLS_ASN1_CHK_ADD(g, f) \
do \ do \
{ \ { \
if( ( ret = (f) ) < 0 ) \ if ((ret = (f)) < 0) \
return( ret ); \ return ret; \
else \ else \
(g) += ret; \ (g) += ret; \
} while( 0 ) } while (0)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -51,8 +51,8 @@ extern "C" {
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_len(unsigned char **p, const unsigned char *start,
size_t len ); size_t len);
/** /**
* \brief Write an ASN.1 tag in ASN.1 format. * \brief Write an ASN.1 tag in ASN.1 format.
* *
@ -65,8 +65,8 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_tag( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start,
unsigned char tag ); unsigned char tag);
/** /**
* \brief Write raw buffer data. * \brief Write raw buffer data.
@ -81,8 +81,8 @@ int mbedtls_asn1_write_tag( unsigned char **p, const unsigned char *start,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_raw_buffer( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_raw_buffer(unsigned char **p, const unsigned char *start,
const unsigned char *buf, size_t size ); const unsigned char *buf, size_t size);
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
/** /**
@ -99,8 +99,8 @@ int mbedtls_asn1_write_raw_buffer( unsigned char **p, const unsigned char *start
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_mpi( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_mpi(unsigned char **p, const unsigned char *start,
const mbedtls_mpi *X ); const mbedtls_mpi *X);
#endif /* MBEDTLS_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
/** /**
@ -115,7 +115,7 @@ int mbedtls_asn1_write_mpi( unsigned char **p, const unsigned char *start,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_null( unsigned char **p, const unsigned char *start ); int mbedtls_asn1_write_null(unsigned char **p, const unsigned char *start);
/** /**
* \brief Write an OID tag (#MBEDTLS_ASN1_OID) and data * \brief Write an OID tag (#MBEDTLS_ASN1_OID) and data
@ -131,8 +131,8 @@ int mbedtls_asn1_write_null( unsigned char **p, const unsigned char *start );
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_oid( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_oid(unsigned char **p, const unsigned char *start,
const char *oid, size_t oid_len ); const char *oid, size_t oid_len);
/** /**
* \brief Write an AlgorithmIdentifier sequence in ASN.1 format. * \brief Write an AlgorithmIdentifier sequence in ASN.1 format.
@ -149,10 +149,10 @@ int mbedtls_asn1_write_oid( unsigned char **p, const unsigned char *start,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, int mbedtls_asn1_write_algorithm_identifier(unsigned char **p,
const unsigned char *start, const unsigned char *start,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
size_t par_len ); size_t par_len);
/** /**
* \brief Write a boolean tag (#MBEDTLS_ASN1_BOOLEAN) and value * \brief Write a boolean tag (#MBEDTLS_ASN1_BOOLEAN) and value
@ -167,8 +167,8 @@ int mbedtls_asn1_write_algorithm_identifier( unsigned char **p,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_bool( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_bool(unsigned char **p, const unsigned char *start,
int boolean ); int boolean);
/** /**
* \brief Write an int tag (#MBEDTLS_ASN1_INTEGER) and value * \brief Write an int tag (#MBEDTLS_ASN1_INTEGER) and value
@ -184,7 +184,7 @@ int mbedtls_asn1_write_bool( unsigned char **p, const unsigned char *start,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_int( unsigned char **p, const unsigned char *start, int val ); int mbedtls_asn1_write_int(unsigned char **p, const unsigned char *start, int val);
/** /**
* \brief Write an enum tag (#MBEDTLS_ASN1_ENUMERATED) and value * \brief Write an enum tag (#MBEDTLS_ASN1_ENUMERATED) and value
@ -199,7 +199,7 @@ int mbedtls_asn1_write_int( unsigned char **p, const unsigned char *start, int v
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_enum( unsigned char **p, const unsigned char *start, int val ); int mbedtls_asn1_write_enum(unsigned char **p, const unsigned char *start, int val);
/** /**
* \brief Write a string in ASN.1 format using a specific * \brief Write a string in ASN.1 format using a specific
@ -218,9 +218,9 @@ int mbedtls_asn1_write_enum( unsigned char **p, const unsigned char *start, int
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_tagged_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_tagged_string(unsigned char **p, const unsigned char *start,
int tag, const char *text, int tag, const char *text,
size_t text_len ); size_t text_len);
/** /**
* \brief Write a string in ASN.1 format using the PrintableString * \brief Write a string in ASN.1 format using the PrintableString
@ -237,9 +237,9 @@ int mbedtls_asn1_write_tagged_string( unsigned char **p, const unsigned char *st
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_printable_string( unsigned char **p, int mbedtls_asn1_write_printable_string(unsigned char **p,
const unsigned char *start, const unsigned char *start,
const char *text, size_t text_len ); const char *text, size_t text_len);
/** /**
* \brief Write a UTF8 string in ASN.1 format using the UTF8String * \brief Write a UTF8 string in ASN.1 format using the UTF8String
@ -256,8 +256,8 @@ int mbedtls_asn1_write_printable_string( unsigned char **p,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_utf8_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_utf8_string(unsigned char **p, const unsigned char *start,
const char *text, size_t text_len ); const char *text, size_t text_len);
/** /**
* \brief Write a string in ASN.1 format using the IA5String * \brief Write a string in ASN.1 format using the IA5String
@ -274,8 +274,8 @@ int mbedtls_asn1_write_utf8_string( unsigned char **p, const unsigned char *star
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_ia5_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_ia5_string(unsigned char **p, const unsigned char *start,
const char *text, size_t text_len ); const char *text, size_t text_len);
/** /**
* \brief Write a bitstring tag (#MBEDTLS_ASN1_BIT_STRING) and * \brief Write a bitstring tag (#MBEDTLS_ASN1_BIT_STRING) and
@ -291,8 +291,8 @@ int mbedtls_asn1_write_ia5_string( unsigned char **p, const unsigned char *start
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_bitstring( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_bitstring(unsigned char **p, const unsigned char *start,
const unsigned char *buf, size_t bits ); const unsigned char *buf, size_t bits);
/** /**
* \brief This function writes a named bitstring tag * \brief This function writes a named bitstring tag
@ -311,10 +311,10 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, const unsigned char *start,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_named_bitstring( unsigned char **p, int mbedtls_asn1_write_named_bitstring(unsigned char **p,
const unsigned char *start, const unsigned char *start,
const unsigned char *buf, const unsigned char *buf,
size_t bits ); size_t bits);
/** /**
* \brief Write an octet string tag (#MBEDTLS_ASN1_OCTET_STRING) * \brief Write an octet string tag (#MBEDTLS_ASN1_OCTET_STRING)
@ -330,8 +330,8 @@ int mbedtls_asn1_write_named_bitstring( unsigned char **p,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_octet_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_octet_string(unsigned char **p, const unsigned char *start,
const unsigned char *buf, size_t size ); const unsigned char *buf, size_t size);
/** /**
* \brief Create or find a specific named_data entry for writing in a * \brief Create or find a specific named_data entry for writing in a
@ -354,10 +354,10 @@ int mbedtls_asn1_write_octet_string( unsigned char **p, const unsigned char *sta
* \return A pointer to the new / existing entry on success. * \return A pointer to the new / existing entry on success.
* \return \c NULL if there was a memory allocation error. * \return \c NULL if there was a memory allocation error.
*/ */
mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list, mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data **list,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
const unsigned char *val, const unsigned char *val,
size_t val_len ); size_t val_len);
#ifdef __cplusplus #ifdef __cplusplus
} }

10
include/mbedtls/base64.h
View File

@ -54,8 +54,8 @@ extern "C" {
* \note Call this function with dlen = 0 to obtain the * \note Call this function with dlen = 0 to obtain the
* required buffer size in *olen * required buffer size in *olen
*/ */
int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen ); const unsigned char *src, size_t slen);
/** /**
* \brief Decode a base64-formatted buffer * \brief Decode a base64-formatted buffer
@ -74,8 +74,8 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
* \note Call this function with *dst = NULL or dlen = 0 to obtain * \note Call this function with *dst = NULL or dlen = 0 to obtain
* the required buffer size in *olen * the required buffer size in *olen
*/ */
int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen ); const unsigned char *src, size_t slen);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
@ -83,7 +83,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int mbedtls_base64_self_test( int verbose ); int mbedtls_base64_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

205
include/mbedtls/bignum.h
View File

@ -52,9 +52,9 @@
#define MBEDTLS_MPI_CHK(f) \ #define MBEDTLS_MPI_CHK(f) \
do \ do \
{ \ { \
if( ( ret = (f) ) != 0 ) \ if ((ret = (f)) != 0) \
goto cleanup; \ goto cleanup; \
} while( 0 ) } while (0)
/* /*
* Maximum size MPIs are allowed to grow to in number of limbs. * Maximum size MPIs are allowed to grow to in number of limbs.
@ -85,7 +85,7 @@
#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ #define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
#endif /* !MBEDTLS_MPI_MAX_SIZE */ #endif /* !MBEDTLS_MPI_MAX_SIZE */
#define MBEDTLS_MPI_MAX_BITS ( 8 * MBEDTLS_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */ #define MBEDTLS_MPI_MAX_BITS (8 * MBEDTLS_MPI_MAX_SIZE) /**< Maximum number of bits for usable MPIs. */
/* /*
* When reading from files with mbedtls_mpi_read_file() and writing to files with * When reading from files with mbedtls_mpi_read_file() and writing to files with
@ -105,9 +105,11 @@
* MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) + * MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) +
* LabelSize + 6 * LabelSize + 6
*/ */
#define MBEDTLS_MPI_MAX_BITS_SCALE100 ( 100 * MBEDTLS_MPI_MAX_BITS ) #define MBEDTLS_MPI_MAX_BITS_SCALE100 (100 * MBEDTLS_MPI_MAX_BITS)
#define MBEDTLS_LN_2_DIV_LN_10_SCALE100 332 #define MBEDTLS_LN_2_DIV_LN_10_SCALE100 332
#define MBEDTLS_MPI_RW_BUFFER_SIZE ( ((MBEDTLS_MPI_MAX_BITS_SCALE100 + MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6 ) #define MBEDTLS_MPI_RW_BUFFER_SIZE (((MBEDTLS_MPI_MAX_BITS_SCALE100 + \
MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / \
MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6)
/* /*
* Define the base integer type, architecture-wise. * Define the base integer type, architecture-wise.
@ -121,60 +123,60 @@
*/ */
#if !defined(MBEDTLS_HAVE_INT32) #if !defined(MBEDTLS_HAVE_INT32)
#if defined(_MSC_VER) && defined(_M_AMD64) #if defined(_MSC_VER) && defined(_M_AMD64)
/* Always choose 64-bit when using MSC */ /* Always choose 64-bit when using MSC */
#if !defined(MBEDTLS_HAVE_INT64) #if !defined(MBEDTLS_HAVE_INT64)
#define MBEDTLS_HAVE_INT64 #define MBEDTLS_HAVE_INT64
#endif /* !MBEDTLS_HAVE_INT64 */ #endif /* !MBEDTLS_HAVE_INT64 */
typedef int64_t mbedtls_mpi_sint; typedef int64_t mbedtls_mpi_sint;
typedef uint64_t mbedtls_mpi_uint; typedef uint64_t mbedtls_mpi_uint;
#elif defined(__GNUC__) && ( \ #elif defined(__GNUC__) && ( \
defined(__amd64__) || defined(__x86_64__) || \ defined(__amd64__) || defined(__x86_64__) || \
defined(__ppc64__) || defined(__powerpc64__) || \ defined(__ppc64__) || defined(__powerpc64__) || \
defined(__ia64__) || defined(__alpha__) || \ defined(__ia64__) || defined(__alpha__) || \
( defined(__sparc__) && defined(__arch64__) ) || \ (defined(__sparc__) && defined(__arch64__)) || \
defined(__s390x__) || defined(__mips64) || \ defined(__s390x__) || defined(__mips64) || \
defined(__aarch64__) ) defined(__aarch64__))
#if !defined(MBEDTLS_HAVE_INT64) #if !defined(MBEDTLS_HAVE_INT64)
#define MBEDTLS_HAVE_INT64 #define MBEDTLS_HAVE_INT64
#endif /* MBEDTLS_HAVE_INT64 */ #endif /* MBEDTLS_HAVE_INT64 */
typedef int64_t mbedtls_mpi_sint; typedef int64_t mbedtls_mpi_sint;
typedef uint64_t mbedtls_mpi_uint; typedef uint64_t mbedtls_mpi_uint;
#if !defined(MBEDTLS_NO_UDBL_DIVISION) #if !defined(MBEDTLS_NO_UDBL_DIVISION)
/* mbedtls_t_udbl defined as 128-bit unsigned int */ /* mbedtls_t_udbl defined as 128-bit unsigned int */
typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI))); typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI)));
#define MBEDTLS_HAVE_UDBL #define MBEDTLS_HAVE_UDBL
#endif /* !MBEDTLS_NO_UDBL_DIVISION */ #endif /* !MBEDTLS_NO_UDBL_DIVISION */
#elif defined(__ARMCC_VERSION) && defined(__aarch64__) #elif defined(__ARMCC_VERSION) && defined(__aarch64__)
/* /*
* __ARMCC_VERSION is defined for both armcc and armclang and * __ARMCC_VERSION is defined for both armcc and armclang and
* __aarch64__ is only defined by armclang when compiling 64-bit code * __aarch64__ is only defined by armclang when compiling 64-bit code
*/ */
#if !defined(MBEDTLS_HAVE_INT64) #if !defined(MBEDTLS_HAVE_INT64)
#define MBEDTLS_HAVE_INT64 #define MBEDTLS_HAVE_INT64
#endif /* !MBEDTLS_HAVE_INT64 */ #endif /* !MBEDTLS_HAVE_INT64 */
typedef int64_t mbedtls_mpi_sint; typedef int64_t mbedtls_mpi_sint;
typedef uint64_t mbedtls_mpi_uint; typedef uint64_t mbedtls_mpi_uint;
#if !defined(MBEDTLS_NO_UDBL_DIVISION) #if !defined(MBEDTLS_NO_UDBL_DIVISION)
/* mbedtls_t_udbl defined as 128-bit unsigned int */ /* mbedtls_t_udbl defined as 128-bit unsigned int */
typedef __uint128_t mbedtls_t_udbl; typedef __uint128_t mbedtls_t_udbl;
#define MBEDTLS_HAVE_UDBL #define MBEDTLS_HAVE_UDBL
#endif /* !MBEDTLS_NO_UDBL_DIVISION */ #endif /* !MBEDTLS_NO_UDBL_DIVISION */
#elif defined(MBEDTLS_HAVE_INT64) #elif defined(MBEDTLS_HAVE_INT64)
/* Force 64-bit integers with unknown compiler */ /* Force 64-bit integers with unknown compiler */
typedef int64_t mbedtls_mpi_sint; typedef int64_t mbedtls_mpi_sint;
typedef uint64_t mbedtls_mpi_uint; typedef uint64_t mbedtls_mpi_uint;
#endif #endif
#endif /* !MBEDTLS_HAVE_INT32 */ #endif /* !MBEDTLS_HAVE_INT32 */
#if !defined(MBEDTLS_HAVE_INT64) #if !defined(MBEDTLS_HAVE_INT64)
/* Default to 32-bit compilation */ /* Default to 32-bit compilation */
#if !defined(MBEDTLS_HAVE_INT32) #if !defined(MBEDTLS_HAVE_INT32)
#define MBEDTLS_HAVE_INT32 #define MBEDTLS_HAVE_INT32
#endif /* !MBEDTLS_HAVE_INT32 */ #endif /* !MBEDTLS_HAVE_INT32 */
typedef int32_t mbedtls_mpi_sint; typedef int32_t mbedtls_mpi_sint;
typedef uint32_t mbedtls_mpi_uint; typedef uint32_t mbedtls_mpi_uint;
#if !defined(MBEDTLS_NO_UDBL_DIVISION) #if !defined(MBEDTLS_NO_UDBL_DIVISION)
typedef uint64_t mbedtls_t_udbl; typedef uint64_t mbedtls_t_udbl;
#define MBEDTLS_HAVE_UDBL #define MBEDTLS_HAVE_UDBL
#endif /* !MBEDTLS_NO_UDBL_DIVISION */ #endif /* !MBEDTLS_NO_UDBL_DIVISION */
#endif /* !MBEDTLS_HAVE_INT64 */ #endif /* !MBEDTLS_HAVE_INT64 */
@ -200,8 +202,7 @@ extern "C" {
/** /**
* \brief MPI structure * \brief MPI structure
*/ */
typedef struct mbedtls_mpi typedef struct mbedtls_mpi {
{
/** Sign: -1 if the mpi is negative, 1 otherwise. /** Sign: -1 if the mpi is negative, 1 otherwise.
* *
* The number 0 must be represented with `s = +1`. Although many library * The number 0 must be represented with `s = +1`. Although many library
@ -234,7 +235,7 @@ mbedtls_mpi;
* *
* \param X The MPI context to initialize. This must not be \c NULL. * \param X The MPI context to initialize. This must not be \c NULL.
*/ */
void mbedtls_mpi_init( mbedtls_mpi *X ); void mbedtls_mpi_init(mbedtls_mpi *X);
/** /**
* \brief This function frees the components of an MPI context. * \brief This function frees the components of an MPI context.
@ -243,7 +244,7 @@ void mbedtls_mpi_init( mbedtls_mpi *X );
* in which case this function is a no-op. If it is * in which case this function is a no-op. If it is
* not \c NULL, it must point to an initialized MPI. * not \c NULL, it must point to an initialized MPI.
*/ */
void mbedtls_mpi_free( mbedtls_mpi *X ); void mbedtls_mpi_free(mbedtls_mpi *X);
/** /**
* \brief Enlarge an MPI to the specified number of limbs. * \brief Enlarge an MPI to the specified number of limbs.
@ -258,7 +259,7 @@ void mbedtls_mpi_free( mbedtls_mpi *X );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ); int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs);
/** /**
* \brief This function resizes an MPI downwards, keeping at least the * \brief This function resizes an MPI downwards, keeping at least the
@ -275,7 +276,7 @@ int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs );
* (this can only happen when resizing up). * (this can only happen when resizing up).
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ); int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs);
/** /**
* \brief Make a copy of an MPI. * \brief Make a copy of an MPI.
@ -290,7 +291,7 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ); int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y);
/** /**
* \brief Swap the contents of two MPIs. * \brief Swap the contents of two MPIs.
@ -298,7 +299,7 @@ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y );
* \param X The first MPI. It must be initialized. * \param X The first MPI. It must be initialized.
* \param Y The second MPI. It must be initialized. * \param Y The second MPI. It must be initialized.
*/ */
void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ); void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y);
/** /**
* \brief Perform a safe conditional copy of MPI which doesn't * \brief Perform a safe conditional copy of MPI which doesn't
@ -328,7 +329,7 @@ void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign ); int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign);
/** /**
* \brief Perform a safe conditional swap which doesn't * \brief Perform a safe conditional swap which doesn't
@ -357,7 +358,7 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
* *
*/ */
int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap ); int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap);
/** /**
* \brief Store integer value in MPI. * \brief Store integer value in MPI.
@ -369,7 +370,7 @@ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char sw
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ); int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z);
/** /**
* \brief Get a specific bit from an MPI. * \brief Get a specific bit from an MPI.
@ -381,7 +382,7 @@ int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z );
* of \c X is unset or set. * of \c X is unset or set.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos ); int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos);
/** /**
* \brief Modify a specific bit in an MPI. * \brief Modify a specific bit in an MPI.
@ -398,7 +399,7 @@ int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val ); int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val);
/** /**
* \brief Return the number of bits of value \c 0 before the * \brief Return the number of bits of value \c 0 before the
@ -412,7 +413,7 @@ int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val );
* \return The number of bits of value \c 0 before the least significant * \return The number of bits of value \c 0 before the least significant
* bit of value \c 1 in \p X. * bit of value \c 1 in \p X.
*/ */
size_t mbedtls_mpi_lsb( const mbedtls_mpi *X ); size_t mbedtls_mpi_lsb(const mbedtls_mpi *X);
/** /**
* \brief Return the number of bits up to and including the most * \brief Return the number of bits up to and including the most
@ -426,7 +427,7 @@ size_t mbedtls_mpi_lsb( const mbedtls_mpi *X );
* \return The number of bits up to and including the most * \return The number of bits up to and including the most
* significant bit of value \c 1. * significant bit of value \c 1.
*/ */
size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X ); size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X);
/** /**
* \brief Return the total size of an MPI value in bytes. * \brief Return the total size of an MPI value in bytes.
@ -441,7 +442,7 @@ size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X );
* \return The least number of bytes capable of storing * \return The least number of bytes capable of storing
* the absolute value of \p X. * the absolute value of \p X.
*/ */
size_t mbedtls_mpi_size( const mbedtls_mpi *X ); size_t mbedtls_mpi_size(const mbedtls_mpi *X);
/** /**
* \brief Import an MPI from an ASCII string. * \brief Import an MPI from an ASCII string.
@ -453,7 +454,7 @@ size_t mbedtls_mpi_size( const mbedtls_mpi *X );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ); int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s);
/** /**
* \brief Export an MPI to an ASCII string. * \brief Export an MPI to an ASCII string.
@ -477,8 +478,8 @@ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s );
* size of \p buf required for a successful call. * size of \p buf required for a successful call.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix,
char *buf, size_t buflen, size_t *olen ); char *buf, size_t buflen, size_t *olen);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -502,7 +503,7 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
* is too small. * is too small.
* \return Another negative error code on failure. * \return Another negative error code on failure.
*/ */
int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ); int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin);
/** /**
* \brief Export an MPI into an opened file. * \brief Export an MPI into an opened file.
@ -519,8 +520,8 @@ int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X,
int radix, FILE *fout ); int radix, FILE *fout);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
/** /**
@ -535,8 +536,8 @@ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf,
size_t buflen ); size_t buflen);
/** /**
* \brief Import X from unsigned binary data, little endian * \brief Import X from unsigned binary data, little endian
@ -550,8 +551,8 @@ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, int mbedtls_mpi_read_binary_le(mbedtls_mpi *X,
const unsigned char *buf, size_t buflen ); const unsigned char *buf, size_t buflen);
/** /**
* \brief Export X into unsigned binary data, big endian. * \brief Export X into unsigned binary data, big endian.
@ -568,8 +569,8 @@ int mbedtls_mpi_read_binary_le( mbedtls_mpi *X,
* large enough to hold the value of \p X. * large enough to hold the value of \p X.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf,
size_t buflen ); size_t buflen);
/** /**
* \brief Export X into unsigned binary data, little endian. * \brief Export X into unsigned binary data, little endian.
@ -586,8 +587,8 @@ int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf,
* large enough to hold the value of \p X. * large enough to hold the value of \p X.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X, int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X,
unsigned char *buf, size_t buflen ); unsigned char *buf, size_t buflen);
/** /**
* \brief Perform a left-shift on an MPI: X <<= count * \brief Perform a left-shift on an MPI: X <<= count
@ -599,7 +600,7 @@ int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ); int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count);
/** /**
* \brief Perform a right-shift on an MPI: X >>= count * \brief Perform a right-shift on an MPI: X >>= count
@ -611,7 +612,7 @@ int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ); int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count);
/** /**
* \brief Compare the absolute values of two MPIs. * \brief Compare the absolute values of two MPIs.
@ -623,7 +624,7 @@ int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count );
* \return \c -1 if `|X|` is lesser than `|Y|`. * \return \c -1 if `|X|` is lesser than `|Y|`.
* \return \c 0 if `|X|` is equal to `|Y|`. * \return \c 0 if `|X|` is equal to `|Y|`.
*/ */
int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ); int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y);
/** /**
* \brief Compare two MPIs. * \brief Compare two MPIs.
@ -635,7 +636,7 @@ int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y );
* \return \c -1 if \p X is lesser than \p Y. * \return \c -1 if \p X is lesser than \p Y.
* \return \c 0 if \p X is equal to \p Y. * \return \c 0 if \p X is equal to \p Y.
*/ */
int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ); int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y);
/** /**
* \brief Check if an MPI is less than the other in constant time. * \brief Check if an MPI is less than the other in constant time.
@ -652,8 +653,8 @@ int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y );
* \return MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of * \return MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of
* the two input MPIs is not the same. * the two input MPIs is not the same.
*/ */
int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, const mbedtls_mpi *Y,
unsigned *ret ); unsigned *ret);
/** /**
* \brief Compare an MPI with an integer. * \brief Compare an MPI with an integer.
@ -665,7 +666,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y,
* \return \c -1 if \p X is lesser than \p z. * \return \c -1 if \p X is lesser than \p z.
* \return \c 0 if \p X is equal to \p z. * \return \c 0 if \p X is equal to \p z.
*/ */
int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ); int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z);
/** /**
* \brief Perform an unsigned addition of MPIs: X = |A| + |B| * \brief Perform an unsigned addition of MPIs: X = |A| + |B|
@ -678,8 +679,8 @@ int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform an unsigned subtraction of MPIs: X = |A| - |B| * \brief Perform an unsigned subtraction of MPIs: X = |A| - |B|
@ -693,8 +694,8 @@ int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
* *
*/ */
int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform a signed addition of MPIs: X = A + B * \brief Perform a signed addition of MPIs: X = A + B
@ -707,8 +708,8 @@ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform a signed subtraction of MPIs: X = A - B * \brief Perform a signed subtraction of MPIs: X = A - B
@ -721,8 +722,8 @@ int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform a signed addition of an MPI and an integer: X = A + b * \brief Perform a signed addition of an MPI and an integer: X = A + b
@ -735,8 +736,8 @@ int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A,
mbedtls_mpi_sint b ); mbedtls_mpi_sint b);
/** /**
* \brief Perform a signed subtraction of an MPI and an integer: * \brief Perform a signed subtraction of an MPI and an integer:
@ -750,8 +751,8 @@ int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A,
mbedtls_mpi_sint b ); mbedtls_mpi_sint b);
/** /**
* \brief Perform a multiplication of two MPIs: X = A * B * \brief Perform a multiplication of two MPIs: X = A * B
@ -765,8 +766,8 @@ int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
* *
*/ */
int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform a multiplication of an MPI with an unsigned integer: * \brief Perform a multiplication of an MPI with an unsigned integer:
@ -781,8 +782,8 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
* *
*/ */
int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A,
mbedtls_mpi_uint b ); mbedtls_mpi_uint b);
/** /**
* \brief Perform a division with remainder of two MPIs: * \brief Perform a division with remainder of two MPIs:
@ -802,8 +803,8 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero. * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform a division with remainder of an MPI by an integer: * \brief Perform a division with remainder of an MPI by an integer:
@ -823,8 +824,8 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero. * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
mbedtls_mpi_sint b ); mbedtls_mpi_sint b);
/** /**
* \brief Perform a modular reduction. R = A mod B * \brief Perform a modular reduction. R = A mod B
@ -843,8 +844,8 @@ int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
* *
*/ */
int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform a modular reduction with respect to an integer. * \brief Perform a modular reduction with respect to an integer.
@ -862,8 +863,8 @@ int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative. * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A,
mbedtls_mpi_sint b ); mbedtls_mpi_sint b);
/** /**
* \brief Perform a sliding-window exponentiation: X = A^E mod N * \brief Perform a sliding-window exponentiation: X = A^E mod N
@ -892,9 +893,9 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A,
* \return Another negative error code on different kinds of failures. * \return Another negative error code on different kinds of failures.
* *
*/ */
int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *E, const mbedtls_mpi *N, const mbedtls_mpi *E, const mbedtls_mpi *N,
mbedtls_mpi *prec_RR ); mbedtls_mpi *prec_RR);
/** /**
* \brief Fill an MPI with a number of random bytes. * \brief Fill an MPI with a number of random bytes.
@ -913,9 +914,9 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
* as a big-endian representation of an MPI; this can * as a big-endian representation of an MPI; this can
* be relevant in applications like deterministic ECDSA. * be relevant in applications like deterministic ECDSA.
*/ */
int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** Generate a random number uniformly in a range. /** Generate a random number uniformly in a range.
* *
@ -949,11 +950,11 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
* for all usual cryptographic applications. * for all usual cryptographic applications.
* \return Another negative error code on failure. * \return Another negative error code on failure.
*/ */
int mbedtls_mpi_random( mbedtls_mpi *X, int mbedtls_mpi_random(mbedtls_mpi *X,
mbedtls_mpi_sint min, mbedtls_mpi_sint min,
const mbedtls_mpi *N, const mbedtls_mpi *N,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Compute the greatest common divisor: G = gcd(A, B) * \brief Compute the greatest common divisor: G = gcd(A, B)
@ -966,8 +967,8 @@ int mbedtls_mpi_random( mbedtls_mpi *X,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Compute the modular inverse: X = A^-1 mod N * \brief Compute the modular inverse: X = A^-1 mod N
@ -985,8 +986,8 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse
* with respect to \p N. * with respect to \p N.
*/ */
int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *N ); const mbedtls_mpi *N);
/** /**
* \brief Miller-Rabin primality test. * \brief Miller-Rabin primality test.
@ -1015,9 +1016,9 @@ int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime. * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds, int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Flags for mbedtls_mpi_gen_prime() * \brief Flags for mbedtls_mpi_gen_prime()
* *
@ -1048,9 +1049,9 @@ typedef enum {
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between
* \c 3 and #MBEDTLS_MPI_MAX_BITS. * \c 3 and #MBEDTLS_MPI_MAX_BITS.
*/ */
int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -1059,7 +1060,7 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int mbedtls_mpi_self_test( int verbose ); int mbedtls_mpi_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

6
include/mbedtls/build_info.h
View File

@ -6,7 +6,7 @@
* Include this file if you need to depend on the * Include this file if you need to depend on the
* configuration options defined in mbedtls_config.h or MBEDTLS_CONFIG_FILE * configuration options defined in mbedtls_config.h or MBEDTLS_CONFIG_FILE
*/ */
/* /*
* Copyright The Mbed TLS Contributors * Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
* *
@ -54,7 +54,7 @@
#endif #endif
/* Define `inline` on some non-C99-compliant compilers. */ /* Define `inline` on some non-C99-compliant compilers. */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ #if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
!defined(inline) && !defined(__cplusplus) !defined(inline) && !defined(__cplusplus)
#define inline __inline #define inline __inline
#endif #endif
@ -67,7 +67,7 @@
#if defined(MBEDTLS_CONFIG_VERSION) && ( \ #if defined(MBEDTLS_CONFIG_VERSION) && ( \
MBEDTLS_CONFIG_VERSION < 0x03000000 || \ MBEDTLS_CONFIG_VERSION < 0x03000000 || \
MBEDTLS_CONFIG_VERSION > MBEDTLS_VERSION_NUMBER ) MBEDTLS_CONFIG_VERSION > MBEDTLS_VERSION_NUMBER)
#error "Invalid config version, defined value of MBEDTLS_CONFIG_VERSION is unsupported" #error "Invalid config version, defined value of MBEDTLS_CONFIG_VERSION is unsupported"
#endif #endif

33
include/mbedtls/camellia.h
View File

@ -50,8 +50,7 @@ extern "C" {
/** /**
* \brief CAMELLIA context structure * \brief CAMELLIA context structure
*/ */
typedef struct mbedtls_camellia_context typedef struct mbedtls_camellia_context {
{
int MBEDTLS_PRIVATE(nr); /*!< number of rounds */ int MBEDTLS_PRIVATE(nr); /*!< number of rounds */
uint32_t MBEDTLS_PRIVATE(rk)[68]; /*!< CAMELLIA round keys */ uint32_t MBEDTLS_PRIVATE(rk)[68]; /*!< CAMELLIA round keys */
} }
@ -67,7 +66,7 @@ mbedtls_camellia_context;
* \param ctx The CAMELLIA context to be initialized. * \param ctx The CAMELLIA context to be initialized.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_camellia_init( mbedtls_camellia_context *ctx ); void mbedtls_camellia_init(mbedtls_camellia_context *ctx);
/** /**
* \brief Clear a CAMELLIA context. * \brief Clear a CAMELLIA context.
@ -76,7 +75,7 @@ void mbedtls_camellia_init( mbedtls_camellia_context *ctx );
* in which case this function returns immediately. If it is not * in which case this function returns immediately. If it is not
* \c NULL, it must be initialized. * \c NULL, it must be initialized.
*/ */
void mbedtls_camellia_free( mbedtls_camellia_context *ctx ); void mbedtls_camellia_free(mbedtls_camellia_context *ctx);
/** /**
* \brief Perform a CAMELLIA key schedule operation for encryption. * \brief Perform a CAMELLIA key schedule operation for encryption.
@ -90,9 +89,9 @@ void mbedtls_camellia_free( mbedtls_camellia_context *ctx );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief Perform a CAMELLIA key schedule operation for decryption. * \brief Perform a CAMELLIA key schedule operation for decryption.
@ -106,9 +105,9 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief Perform a CAMELLIA-ECB block encryption/decryption operation. * \brief Perform a CAMELLIA-ECB block encryption/decryption operation.
@ -125,10 +124,10 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
@ -159,12 +158,12 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, int mbedtls_camellia_crypt_cbc(mbedtls_camellia_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
@ -205,13 +204,13 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
@ -289,13 +288,13 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, int mbedtls_camellia_crypt_ctr(mbedtls_camellia_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[16], unsigned char nonce_counter[16],
unsigned char stream_block[16], unsigned char stream_block[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -305,7 +304,7 @@ int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int mbedtls_camellia_self_test( int verbose ); int mbedtls_camellia_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

49
include/mbedtls/ccm.h
View File

@ -74,8 +74,7 @@ extern "C" {
* \brief The CCM context-type definition. The CCM context is passed * \brief The CCM context-type definition. The CCM context is passed
* to the APIs called. * to the APIs called.
*/ */
typedef struct mbedtls_ccm_context typedef struct mbedtls_ccm_context {
{
unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working buffer */ unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working buffer */
unsigned char MBEDTLS_PRIVATE(ctr)[16]; /*!< The counter buffer */ unsigned char MBEDTLS_PRIVATE(ctr)[16]; /*!< The counter buffer */
mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */
@ -111,7 +110,7 @@ mbedtls_ccm_context;
* *
* \param ctx The CCM context to initialize. This must not be \c NULL. * \param ctx The CCM context to initialize. This must not be \c NULL.
*/ */
void mbedtls_ccm_init( mbedtls_ccm_context *ctx ); void mbedtls_ccm_init(mbedtls_ccm_context *ctx);
/** /**
* \brief This function initializes the CCM context set in the * \brief This function initializes the CCM context set in the
@ -126,10 +125,10 @@ void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure. * \return A CCM or cipher-specific error code on failure.
*/ */
int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx,
mbedtls_cipher_id_t cipher, mbedtls_cipher_id_t cipher,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief This function releases and clears the specified CCM context * \brief This function releases and clears the specified CCM context
@ -138,7 +137,7 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
* \param ctx The CCM context to clear. If this is \c NULL, the function * \param ctx The CCM context to clear. If this is \c NULL, the function
* has no effect. Otherwise, this must be initialized. * has no effect. Otherwise, this must be initialized.
*/ */
void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); void mbedtls_ccm_free(mbedtls_ccm_context *ctx);
/** /**
* \brief This function encrypts a buffer using CCM. * \brief This function encrypts a buffer using CCM.
@ -176,11 +175,11 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure. * \return A CCM or cipher-specific error code on failure.
*/ */
int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len ); unsigned char *tag, size_t tag_len);
/** /**
* \brief This function encrypts a buffer using CCM*. * \brief This function encrypts a buffer using CCM*.
@ -225,11 +224,11 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
* \return \c 0 on success. * \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure. * \return A CCM or cipher-specific error code on failure.
*/ */
int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len ); unsigned char *tag, size_t tag_len);
/** /**
* \brief This function performs a CCM authenticated decryption of a * \brief This function performs a CCM authenticated decryption of a
@ -262,11 +261,11 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
* \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match. * \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
* \return A cipher-specific error code on calculation failure. * \return A cipher-specific error code on calculation failure.
*/ */
int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len ); const unsigned char *tag, size_t tag_len);
/** /**
* \brief This function performs a CCM* authenticated decryption of a * \brief This function performs a CCM* authenticated decryption of a
@ -308,11 +307,11 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
* \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match. * \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
* \return A cipher-specific error code on calculation failure. * \return A cipher-specific error code on calculation failure.
*/ */
int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len ); const unsigned char *tag, size_t tag_len);
/** /**
* \brief This function starts a CCM encryption or decryption * \brief This function starts a CCM encryption or decryption
@ -342,10 +341,10 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
* \p iv_len is invalid (lower than \c 7 or greater than * \p iv_len is invalid (lower than \c 7 or greater than
* \c 13). * \c 13).
*/ */
int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, int mbedtls_ccm_starts(mbedtls_ccm_context *ctx,
int mode, int mode,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len ); size_t iv_len);
/** /**
* \brief This function declares the lengths of the message * \brief This function declares the lengths of the message
@ -374,10 +373,10 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx,
* \p ctx is in an invalid state, * \p ctx is in an invalid state,
* \p total_ad_len is greater than \c 0xFF00. * \p total_ad_len is greater than \c 0xFF00.
*/ */
int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, int mbedtls_ccm_set_lengths(mbedtls_ccm_context *ctx,
size_t total_ad_len, size_t total_ad_len,
size_t plaintext_len, size_t plaintext_len,
size_t tag_len ); size_t tag_len);
/** /**
* \brief This function feeds an input buffer as associated data * \brief This function feeds an input buffer as associated data
@ -409,9 +408,9 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx,
* \p ctx is in an invalid state, * \p ctx is in an invalid state,
* total input length too long. * total input length too long.
*/ */
int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx,
const unsigned char *ad, const unsigned char *ad,
size_t ad_len ); size_t ad_len);
/** /**
* \brief This function feeds an input buffer into an ongoing CCM * \brief This function feeds an input buffer into an ongoing CCM
@ -476,10 +475,10 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx,
* total input length too long, * total input length too long,
* or \p output_size too small. * or \p output_size too small.
*/ */
int mbedtls_ccm_update( mbedtls_ccm_context *ctx, int mbedtls_ccm_update(mbedtls_ccm_context *ctx,
const unsigned char *input, size_t input_len, const unsigned char *input, size_t input_len,
unsigned char *output, size_t output_size, unsigned char *output, size_t output_size,
size_t *output_len ); size_t *output_len);
/** /**
* \brief This function finishes the CCM operation and generates * \brief This function finishes the CCM operation and generates
@ -512,8 +511,8 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx,
* mbedtls_ccm_update() was lower than the plaintext length * mbedtls_ccm_update() was lower than the plaintext length
* \c plaintext_len passed to mbedtls_ccm_set_lengths(). * \c plaintext_len passed to mbedtls_ccm_set_lengths().
*/ */
int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, int mbedtls_ccm_finish(mbedtls_ccm_context *ctx,
unsigned char *tag, size_t tag_len ); unsigned char *tag, size_t tag_len);
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
/** /**
@ -522,7 +521,7 @@ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_ccm_self_test( int verbose ); int mbedtls_ccm_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
#ifdef __cplusplus #ifdef __cplusplus

27
include/mbedtls/chacha20.h
View File

@ -47,8 +47,7 @@ extern "C" {
#if !defined(MBEDTLS_CHACHA20_ALT) #if !defined(MBEDTLS_CHACHA20_ALT)
typedef struct mbedtls_chacha20_context typedef struct mbedtls_chacha20_context {
{
uint32_t MBEDTLS_PRIVATE(state)[16]; /*! The state (before round operations). */ uint32_t MBEDTLS_PRIVATE(state)[16]; /*! The state (before round operations). */
uint8_t MBEDTLS_PRIVATE(keystream8)[64]; /*! Leftover keystream bytes. */ uint8_t MBEDTLS_PRIVATE(keystream8)[64]; /*! Leftover keystream bytes. */
size_t MBEDTLS_PRIVATE(keystream_bytes_used); /*! Number of keystream bytes already used. */ size_t MBEDTLS_PRIVATE(keystream_bytes_used); /*! Number of keystream bytes already used. */
@ -74,7 +73,7 @@ mbedtls_chacha20_context;
* \param ctx The ChaCha20 context to initialize. * \param ctx The ChaCha20 context to initialize.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx ); void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx);
/** /**
* \brief This function releases and clears the specified * \brief This function releases and clears the specified
@ -85,7 +84,7 @@ void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx );
* \c NULL, it must point to an initialized context. * \c NULL, it must point to an initialized context.
* *
*/ */
void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ); void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx);
/** /**
* \brief This function sets the encryption/decryption key. * \brief This function sets the encryption/decryption key.
@ -103,8 +102,8 @@ void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL. * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL.
*/ */
int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx,
const unsigned char key[32] ); const unsigned char key[32]);
/** /**
* \brief This function sets the nonce and initial counter value. * \brief This function sets the nonce and initial counter value.
@ -125,9 +124,9 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
* \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is
* NULL. * NULL.
*/ */
int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx,
const unsigned char nonce[12], const unsigned char nonce[12],
uint32_t counter ); uint32_t counter);
/** /**
* \brief This function encrypts or decrypts data. * \brief This function encrypts or decrypts data.
@ -158,10 +157,10 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx,
size_t size, size_t size,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function encrypts or decrypts data with ChaCha20 and * \brief This function encrypts or decrypts data with ChaCha20 and
@ -191,12 +190,12 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_chacha20_crypt( const unsigned char key[32], int mbedtls_chacha20_crypt(const unsigned char key[32],
const unsigned char nonce[12], const unsigned char nonce[12],
uint32_t counter, uint32_t counter,
size_t size, size_t size,
const unsigned char* input, const unsigned char *input,
unsigned char* output ); unsigned char *output);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
@ -205,7 +204,7 @@ int mbedtls_chacha20_crypt( const unsigned char key[32],
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_chacha20_self_test( int verbose ); int mbedtls_chacha20_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus

40
include/mbedtls/chachapoly.h
View File

@ -47,8 +47,7 @@
extern "C" { extern "C" {
#endif #endif
typedef enum typedef enum {
{
MBEDTLS_CHACHAPOLY_ENCRYPT, /**< The mode value for performing encryption. */ MBEDTLS_CHACHAPOLY_ENCRYPT, /**< The mode value for performing encryption. */
MBEDTLS_CHACHAPOLY_DECRYPT /**< The mode value for performing decryption. */ MBEDTLS_CHACHAPOLY_DECRYPT /**< The mode value for performing decryption. */
} }
@ -58,8 +57,7 @@ mbedtls_chachapoly_mode_t;
#include "mbedtls/chacha20.h" #include "mbedtls/chacha20.h"
typedef struct mbedtls_chachapoly_context typedef struct mbedtls_chachapoly_context {
{
mbedtls_chacha20_context MBEDTLS_PRIVATE(chacha20_ctx); /**< The ChaCha20 context. */ mbedtls_chacha20_context MBEDTLS_PRIVATE(chacha20_ctx); /**< The ChaCha20 context. */
mbedtls_poly1305_context MBEDTLS_PRIVATE(poly1305_ctx); /**< The Poly1305 context. */ mbedtls_poly1305_context MBEDTLS_PRIVATE(poly1305_ctx); /**< The Poly1305 context. */
uint64_t MBEDTLS_PRIVATE(aad_len); /**< The length (bytes) of the Additional Authenticated Data. */ uint64_t MBEDTLS_PRIVATE(aad_len); /**< The length (bytes) of the Additional Authenticated Data. */
@ -115,7 +113,7 @@ mbedtls_chachapoly_context;
* *
* \param ctx The ChachaPoly context to initialize. Must not be \c NULL. * \param ctx The ChachaPoly context to initialize. Must not be \c NULL.
*/ */
void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ); void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx);
/** /**
* \brief This function releases and clears the specified * \brief This function releases and clears the specified
@ -124,7 +122,7 @@ void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx );
* \param ctx The ChachaPoly context to clear. This may be \c NULL, in which * \param ctx The ChachaPoly context to clear. This may be \c NULL, in which
* case this function is a no-op. * case this function is a no-op.
*/ */
void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ); void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx);
/** /**
* \brief This function sets the ChaCha20-Poly1305 * \brief This function sets the ChaCha20-Poly1305
@ -137,8 +135,8 @@ void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx,
const unsigned char key[32] ); const unsigned char key[32]);
/** /**
* \brief This function starts a ChaCha20-Poly1305 encryption or * \brief This function starts a ChaCha20-Poly1305 encryption or
@ -165,9 +163,9 @@ int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx,
const unsigned char nonce[12], const unsigned char nonce[12],
mbedtls_chachapoly_mode_t mode ); mbedtls_chachapoly_mode_t mode);
/** /**
* \brief This function feeds additional data to be authenticated * \brief This function feeds additional data to be authenticated
@ -208,9 +206,9 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
* if the operations has not been started or has been * if the operations has not been started or has been
* finished, or if the AAD has been finished. * finished, or if the AAD has been finished.
*/ */
int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx,
const unsigned char *aad, const unsigned char *aad,
size_t aad_len ); size_t aad_len);
/** /**
* \brief Thus function feeds data to be encrypted or decrypted * \brief Thus function feeds data to be encrypted or decrypted
@ -243,10 +241,10 @@ int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
* finished. * finished.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx,
size_t len, size_t len,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function finished the ChaCha20-Poly1305 operation and * \brief This function finished the ChaCha20-Poly1305 operation and
@ -264,8 +262,8 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
* finished. * finished.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx,
unsigned char mac[16] ); unsigned char mac[16]);
/** /**
* \brief This function performs a complete ChaCha20-Poly1305 * \brief This function performs a complete ChaCha20-Poly1305
@ -296,14 +294,14 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx,
size_t length, size_t length,
const unsigned char nonce[12], const unsigned char nonce[12],
const unsigned char *aad, const unsigned char *aad,
size_t aad_len, size_t aad_len,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
unsigned char tag[16] ); unsigned char tag[16]);
/** /**
* \brief This function performs a complete ChaCha20-Poly1305 * \brief This function performs a complete ChaCha20-Poly1305
@ -330,14 +328,14 @@ int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
* if the data was not authentic. * if the data was not authentic.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx,
size_t length, size_t length,
const unsigned char nonce[12], const unsigned char nonce[12],
const unsigned char *aad, const unsigned char *aad,
size_t aad_len, size_t aad_len,
const unsigned char tag[16], const unsigned char tag[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
@ -346,7 +344,7 @@ int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_chachapoly_self_test( int verbose ); int mbedtls_chachapoly_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus

213
include/mbedtls/cipher.h
View File

@ -271,8 +271,7 @@ typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
* mbedtls_cipher_info_from_values(), * mbedtls_cipher_info_from_values(),
* mbedtls_cipher_info_from_psa(). * mbedtls_cipher_info_from_psa().
*/ */
typedef struct mbedtls_cipher_info_t typedef struct mbedtls_cipher_info_t {
{
/** Full cipher identifier. For example, /** Full cipher identifier. For example,
* MBEDTLS_CIPHER_AES_256_CBC. * MBEDTLS_CIPHER_AES_256_CBC.
*/ */
@ -288,7 +287,7 @@ typedef struct mbedtls_cipher_info_t
unsigned int MBEDTLS_PRIVATE(key_bitlen); unsigned int MBEDTLS_PRIVATE(key_bitlen);
/** Name of the cipher. */ /** Name of the cipher. */
const char * MBEDTLS_PRIVATE(name); const char *MBEDTLS_PRIVATE(name);
/** IV or nonce size, in Bytes. /** IV or nonce size, in Bytes.
* For ciphers that accept variable IV sizes, * For ciphers that accept variable IV sizes,
@ -313,8 +312,7 @@ typedef struct mbedtls_cipher_info_t
/** /**
* Generic cipher context. * Generic cipher context.
*/ */
typedef struct mbedtls_cipher_context_t typedef struct mbedtls_cipher_context_t {
{
/** Information about the associated cipher. */ /** Information about the associated cipher. */
const mbedtls_cipher_info_t *MBEDTLS_PRIVATE(cipher_info); const mbedtls_cipher_info_t *MBEDTLS_PRIVATE(cipher_info);
@ -330,8 +328,8 @@ typedef struct mbedtls_cipher_context_t
/** Padding functions to use, if relevant for /** Padding functions to use, if relevant for
* the specific cipher mode. * the specific cipher mode.
*/ */
void (*MBEDTLS_PRIVATE(add_padding))( unsigned char *output, size_t olen, size_t data_len ); void(*MBEDTLS_PRIVATE(add_padding))(unsigned char *output, size_t olen, size_t data_len);
int (*MBEDTLS_PRIVATE(get_padding))( unsigned char *input, size_t ilen, size_t *data_len ); int(*MBEDTLS_PRIVATE(get_padding))(unsigned char *input, size_t ilen, size_t *data_len);
#endif #endif
/** Buffer for input that has not been processed yet. */ /** Buffer for input that has not been processed yet. */
@ -381,7 +379,7 @@ typedef struct mbedtls_cipher_context_t
* \return A statically-allocated array of cipher identifiers * \return A statically-allocated array of cipher identifiers
* of type cipher_type_t. The last entry is zero. * of type cipher_type_t. The last entry is zero.
*/ */
const int *mbedtls_cipher_list( void ); const int *mbedtls_cipher_list(void);
/** /**
* \brief This function retrieves the cipher-information * \brief This function retrieves the cipher-information
@ -394,7 +392,7 @@ const int *mbedtls_cipher_list( void );
* given \p cipher_name. * given \p cipher_name.
* \return \c NULL if the associated cipher information is not found. * \return \c NULL if the associated cipher information is not found.
*/ */
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name ); const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string(const char *cipher_name);
/** /**
* \brief This function retrieves the cipher-information * \brief This function retrieves the cipher-information
@ -406,7 +404,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher
* given \p cipher_type. * given \p cipher_type.
* \return \c NULL if the associated cipher information is not found. * \return \c NULL if the associated cipher information is not found.
*/ */
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type ); const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type);
/** /**
* \brief This function retrieves the cipher-information * \brief This function retrieves the cipher-information
@ -422,9 +420,9 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher
* given \p cipher_id. * given \p cipher_id.
* \return \c NULL if the associated cipher information is not found. * \return \c NULL if the associated cipher information is not found.
*/ */
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id, const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id,
int key_bitlen, int key_bitlen,
const mbedtls_cipher_mode_t mode ); const mbedtls_cipher_mode_t mode);
/** /**
* \brief Retrieve the identifier for a cipher info structure. * \brief Retrieve the identifier for a cipher info structure.
@ -436,12 +434,13 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_ciph
* \return #MBEDTLS_CIPHER_NONE if \p info is \c NULL. * \return #MBEDTLS_CIPHER_NONE if \p info is \c NULL.
*/ */
static inline mbedtls_cipher_type_t mbedtls_cipher_info_get_type( static inline mbedtls_cipher_type_t mbedtls_cipher_info_get_type(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( MBEDTLS_CIPHER_NONE ); return MBEDTLS_CIPHER_NONE;
else } else {
return( info->MBEDTLS_PRIVATE(type) ); return info->MBEDTLS_PRIVATE(type);
}
} }
/** /**
@ -454,12 +453,13 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_info_get_type(
* \return #MBEDTLS_MODE_NONE if \p info is \c NULL. * \return #MBEDTLS_MODE_NONE if \p info is \c NULL.
*/ */
static inline mbedtls_cipher_mode_t mbedtls_cipher_info_get_mode( static inline mbedtls_cipher_mode_t mbedtls_cipher_info_get_mode(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( MBEDTLS_MODE_NONE ); return MBEDTLS_MODE_NONE;
else } else {
return( info->MBEDTLS_PRIVATE(mode) ); return info->MBEDTLS_PRIVATE(mode);
}
} }
/** /**
@ -474,12 +474,13 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_info_get_mode(
* \return \c 0 if \p info is \c NULL. * \return \c 0 if \p info is \c NULL.
*/ */
static inline size_t mbedtls_cipher_info_get_key_bitlen( static inline size_t mbedtls_cipher_info_get_key_bitlen(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( 0 ); return 0;
else } else {
return( info->MBEDTLS_PRIVATE(key_bitlen) ); return info->MBEDTLS_PRIVATE(key_bitlen);
}
} }
/** /**
@ -494,12 +495,13 @@ static inline size_t mbedtls_cipher_info_get_key_bitlen(
* \return \c NULL if \c info is \p NULL. * \return \c NULL if \c info is \p NULL.
*/ */
static inline const char *mbedtls_cipher_info_get_name( static inline const char *mbedtls_cipher_info_get_name(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( NULL ); return NULL;
else } else {
return( info->MBEDTLS_PRIVATE(name) ); return info->MBEDTLS_PRIVATE(name);
}
} }
/** /**
@ -513,12 +515,13 @@ static inline const char *mbedtls_cipher_info_get_name(
* \return \c 0 if \p info is \c NULL. * \return \c 0 if \p info is \c NULL.
*/ */
static inline size_t mbedtls_cipher_info_get_iv_size( static inline size_t mbedtls_cipher_info_get_iv_size(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( 0 ); return 0;
}
return( (size_t) info->MBEDTLS_PRIVATE(iv_size) ); return (size_t) info->MBEDTLS_PRIVATE(iv_size);
} }
/** /**
@ -532,12 +535,13 @@ static inline size_t mbedtls_cipher_info_get_iv_size(
* \return \c 0 if \p info is \c NULL. * \return \c 0 if \p info is \c NULL.
*/ */
static inline size_t mbedtls_cipher_info_get_block_size( static inline size_t mbedtls_cipher_info_get_block_size(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( 0 ); return 0;
}
return( (size_t) info->MBEDTLS_PRIVATE(block_size) ); return (size_t) info->MBEDTLS_PRIVATE(block_size);
} }
/** /**
@ -550,12 +554,13 @@ static inline size_t mbedtls_cipher_info_get_block_size(
* \return \c 0 if the given pointer is \c NULL. * \return \c 0 if the given pointer is \c NULL.
*/ */
static inline int mbedtls_cipher_info_has_variable_key_bitlen( static inline int mbedtls_cipher_info_has_variable_key_bitlen(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( 0 ); return 0;
}
return( info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ); return info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_KEY_LEN;
} }
/** /**
@ -568,12 +573,13 @@ static inline int mbedtls_cipher_info_has_variable_key_bitlen(
* \return \c 0 if the given pointer is \c NULL. * \return \c 0 if the given pointer is \c NULL.
*/ */
static inline int mbedtls_cipher_info_has_variable_iv_size( static inline int mbedtls_cipher_info_has_variable_iv_size(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( 0 ); return 0;
}
return( info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_IV_LEN ); return info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_IV_LEN;
} }
/** /**
@ -581,7 +587,7 @@ static inline int mbedtls_cipher_info_has_variable_iv_size(
* *
* \param ctx The context to be initialized. This must not be \c NULL. * \param ctx The context to be initialized. This must not be \c NULL.
*/ */
void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ); void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx);
/** /**
* \brief This function frees and clears the cipher-specific * \brief This function frees and clears the cipher-specific
@ -592,7 +598,7 @@ void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
* function has no effect, otherwise this must point to an * function has no effect, otherwise this must point to an
* initialized context. * initialized context.
*/ */
void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx);
/** /**
@ -621,8 +627,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
* \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the * \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
* cipher-specific context fails. * cipher-specific context fails.
*/ */
int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx,
const mbedtls_cipher_info_t *cipher_info ); const mbedtls_cipher_info_t *cipher_info);
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
@ -652,8 +658,9 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the * \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
* cipher-specific context fails. * cipher-specific context fails.
*/ */
int MBEDTLS_DEPRECATED mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, int MBEDTLS_DEPRECATED mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx,
const mbedtls_cipher_info_t *cipher_info, size_t taglen ); const mbedtls_cipher_info_t *cipher_info,
size_t taglen);
#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
@ -668,11 +675,12 @@ int MBEDTLS_DEPRECATED mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
* \return \c 0 if \p ctx has not been initialized. * \return \c 0 if \p ctx has not been initialized.
*/ */
static inline unsigned int mbedtls_cipher_get_block_size( static inline unsigned int mbedtls_cipher_get_block_size(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return 0; return 0;
}
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size); return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size);
} }
@ -687,11 +695,12 @@ static inline unsigned int mbedtls_cipher_get_block_size(
* \return #MBEDTLS_MODE_NONE if \p ctx has not been initialized. * \return #MBEDTLS_MODE_NONE if \p ctx has not been initialized.
*/ */
static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE ); MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, MBEDTLS_MODE_NONE);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return MBEDTLS_MODE_NONE; return MBEDTLS_MODE_NONE;
}
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode); return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode);
} }
@ -707,14 +716,16 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
* \return The actual size if an IV has been set. * \return The actual size if an IV has been set.
*/ */
static inline int mbedtls_cipher_get_iv_size( static inline int mbedtls_cipher_get_iv_size(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return 0; return 0;
}
if( ctx->MBEDTLS_PRIVATE(iv_size) != 0 ) if (ctx->MBEDTLS_PRIVATE(iv_size) != 0) {
return (int) ctx->MBEDTLS_PRIVATE(iv_size); return (int) ctx->MBEDTLS_PRIVATE(iv_size);
}
return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size); return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size);
} }
@ -728,12 +739,13 @@ static inline int mbedtls_cipher_get_iv_size(
* \return #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized. * \return #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized.
*/ */
static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( MBEDTLS_INTERNAL_VALIDATE_RET(
ctx != NULL, MBEDTLS_CIPHER_NONE ); ctx != NULL, MBEDTLS_CIPHER_NONE);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return MBEDTLS_CIPHER_NONE; return MBEDTLS_CIPHER_NONE;
}
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type); return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type);
} }
@ -748,11 +760,12 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
* \return NULL if \p ctx has not been not initialized. * \return NULL if \p ctx has not been not initialized.
*/ */
static inline const char *mbedtls_cipher_get_name( static inline const char *mbedtls_cipher_get_name(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return 0; return 0;
}
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(name); return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(name);
} }
@ -767,12 +780,13 @@ static inline const char *mbedtls_cipher_get_name(
* initialized. * initialized.
*/ */
static inline int mbedtls_cipher_get_key_bitlen( static inline int mbedtls_cipher_get_key_bitlen(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( MBEDTLS_INTERNAL_VALIDATE_RET(
ctx != NULL, MBEDTLS_KEY_LENGTH_NONE ); ctx != NULL, MBEDTLS_KEY_LENGTH_NONE);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return MBEDTLS_KEY_LENGTH_NONE; return MBEDTLS_KEY_LENGTH_NONE;
}
return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen); return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen);
} }
@ -786,12 +800,13 @@ static inline int mbedtls_cipher_get_key_bitlen(
* \return #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized. * \return #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized.
*/ */
static inline mbedtls_operation_t mbedtls_cipher_get_operation( static inline mbedtls_operation_t mbedtls_cipher_get_operation(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( MBEDTLS_INTERNAL_VALIDATE_RET(
ctx != NULL, MBEDTLS_OPERATION_NONE ); ctx != NULL, MBEDTLS_OPERATION_NONE);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return MBEDTLS_OPERATION_NONE; return MBEDTLS_OPERATION_NONE;
}
return ctx->MBEDTLS_PRIVATE(operation); return ctx->MBEDTLS_PRIVATE(operation);
} }
@ -812,10 +827,10 @@ static inline mbedtls_operation_t mbedtls_cipher_get_operation(
* parameter-verification failure. * parameter-verification failure.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
const unsigned char *key, const unsigned char *key,
int key_bitlen, int key_bitlen,
const mbedtls_operation_t operation ); const mbedtls_operation_t operation);
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
/** /**
@ -834,8 +849,8 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
* does not support padding. * does not support padding.
*/ */
int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx,
mbedtls_cipher_padding_t mode ); mbedtls_cipher_padding_t mode);
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
/** /**
@ -862,9 +877,9 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
* parameter-verification failure. * parameter-verification failure.
*/ */
int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len ); size_t iv_len);
/** /**
* \brief This function resets the cipher state. * \brief This function resets the cipher state.
@ -898,7 +913,7 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
* parameter-verification failure. * parameter-verification failure.
*/ */
int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ); int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx);
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
/** /**
@ -913,8 +928,8 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A specific error code on failure. * \return A specific error code on failure.
*/ */
int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len ); const unsigned char *ad, size_t ad_len);
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
/** /**
@ -946,10 +961,10 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
* unsupported mode for a cipher. * unsupported mode for a cipher.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen, unsigned char *output, size_t ilen, unsigned char *output,
size_t *olen ); size_t *olen);
/** /**
* \brief The generic cipher finalization function. If data still * \brief The generic cipher finalization function. If data still
@ -973,8 +988,8 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx,
* while decrypting. * while decrypting.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx,
unsigned char *output, size_t *olen ); unsigned char *output, size_t *olen);
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
/** /**
@ -993,8 +1008,8 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A specific error code on failure. * \return A specific error code on failure.
*/ */
int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx,
unsigned char *tag, size_t tag_len ); unsigned char *tag, size_t tag_len);
/** /**
* \brief This function checks the tag for AEAD ciphers. * \brief This function checks the tag for AEAD ciphers.
@ -1009,8 +1024,8 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A specific error code on failure. * \return A specific error code on failure.
*/ */
int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len ); const unsigned char *tag, size_t tag_len);
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
/** /**
@ -1046,10 +1061,10 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
* while decrypting. * while decrypting.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen ); unsigned char *output, size_t *olen);
#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
/** /**
@ -1096,12 +1111,12 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
* parameter-verification failure. * parameter-verification failure.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t output_len, unsigned char *output, size_t output_len,
size_t *olen, size_t tag_len ); size_t *olen, size_t tag_len);
/** /**
* \brief The authenticated encryption (AEAD/NIST_KW) function. * \brief The authenticated encryption (AEAD/NIST_KW) function.
@ -1152,12 +1167,12 @@ int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic. * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t output_len, unsigned char *output, size_t output_len,
size_t *olen, size_t tag_len ); size_t *olen, size_t tag_len);
#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ #endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
#ifdef __cplusplus #ifdef __cplusplus
} }

29
include/mbedtls/cmac.h
View File

@ -49,8 +49,7 @@ extern "C" {
/** /**
* The CMAC context structure. * The CMAC context structure.
*/ */
struct mbedtls_cmac_context_t struct mbedtls_cmac_context_t {
{
/** The internal state of the CMAC algorithm. */ /** The internal state of the CMAC algorithm. */
unsigned char MBEDTLS_PRIVATE(state)[MBEDTLS_CIPHER_BLKSIZE_MAX]; unsigned char MBEDTLS_PRIVATE(state)[MBEDTLS_CIPHER_BLKSIZE_MAX];
@ -96,8 +95,8 @@ struct mbedtls_cmac_context_t
* \return \c 0 on success. * \return \c 0 on success.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx,
const unsigned char *key, size_t keybits ); const unsigned char *key, size_t keybits);
/** /**
* \brief This function feeds an input buffer into an ongoing CMAC * \brief This function feeds an input buffer into an ongoing CMAC
@ -121,8 +120,8 @@ int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails. * if parameter verification fails.
*/ */
int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx,
const unsigned char *input, size_t ilen ); const unsigned char *input, size_t ilen);
/** /**
* \brief This function finishes an ongoing CMAC operation, and * \brief This function finishes an ongoing CMAC operation, and
@ -140,8 +139,8 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails. * if parameter verification fails.
*/ */
int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function starts a new CMAC operation with the same * \brief This function starts a new CMAC operation with the same
@ -159,7 +158,7 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails. * if parameter verification fails.
*/ */
int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); int mbedtls_cipher_cmac_reset(mbedtls_cipher_context_t *ctx);
/** /**
* \brief This function calculates the full generic CMAC * \brief This function calculates the full generic CMAC
@ -188,10 +187,10 @@ int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails. * if parameter verification fails.
*/ */
int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, int mbedtls_cipher_cmac(const mbedtls_cipher_info_t *cipher_info,
const unsigned char *key, size_t keylen, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output ); unsigned char *output);
#if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_AES_C)
/** /**
@ -211,12 +210,12 @@ int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len, int mbedtls_aes_cmac_prf_128(const unsigned char *key, size_t key_len,
const unsigned char *input, size_t in_len, const unsigned char *input, size_t in_len,
unsigned char output[16] ); unsigned char output[16]);
#endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_AES_C */
#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) ) #if defined(MBEDTLS_SELF_TEST) && (defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C))
/** /**
* \brief The CMAC checkup routine. * \brief The CMAC checkup routine.
* *
@ -230,7 +229,7 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_cmac_self_test( int verbose ); int mbedtls_cmac_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
#ifdef __cplusplus #ifdef __cplusplus

4
include/mbedtls/constant_time.h
View File

@ -39,8 +39,8 @@
* \return Zero if the content of the two buffer is the same, * \return Zero if the content of the two buffer is the same,
* otherwise non-zero. * otherwise non-zero.
*/ */
int mbedtls_ct_memcmp( const void *a, int mbedtls_ct_memcmp(const void *a,
const void *b, const void *b,
size_t n ); size_t n);
#endif /* MBEDTLS_CONSTANT_TIME_H */ #endif /* MBEDTLS_CONSTANT_TIME_H */

57
include/mbedtls/ctr_drbg.h
View File

@ -77,8 +77,8 @@
*/ */
#endif #endif
#define MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 ) /**< The key size for the DRBG operation, in bits. */ #define MBEDTLS_CTR_DRBG_KEYBITS (MBEDTLS_CTR_DRBG_KEYSIZE * 8) /**< The key size for the DRBG operation, in bits. */
#define MBEDTLS_CTR_DRBG_SEEDLEN ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE ) /**< The seed length, calculated as (counter + AES key). */ #define MBEDTLS_CTR_DRBG_SEEDLEN (MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE) /**< The seed length, calculated as (counter + AES key). */
/** /**
* \name SECTION: Module settings * \name SECTION: Module settings
@ -161,14 +161,13 @@ extern "C" {
* the entropy source does not provide enough material to form a nonce. * the entropy source does not provide enough material to form a nonce.
* See the documentation of mbedtls_ctr_drbg_seed() for more information. * See the documentation of mbedtls_ctr_drbg_seed() for more information.
*/ */
#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN ( MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1 ) / 2 #define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2
#endif #endif
/** /**
* \brief The CTR_DRBG context structure. * \brief The CTR_DRBG context structure.
*/ */
typedef struct mbedtls_ctr_drbg_context typedef struct mbedtls_ctr_drbg_context {
{
unsigned char MBEDTLS_PRIVATE(counter)[16]; /*!< The counter (V). */ unsigned char MBEDTLS_PRIVATE(counter)[16]; /*!< The counter (V). */
int MBEDTLS_PRIVATE(reseed_counter); /*!< The reseed counter. int MBEDTLS_PRIVATE(reseed_counter); /*!< The reseed counter.
* This is the number of requests that have * This is the number of requests that have
@ -195,7 +194,7 @@ typedef struct mbedtls_ctr_drbg_context
/* /*
* Callbacks (Entropy) * Callbacks (Entropy)
*/ */
int (*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t); int(*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t);
/*!< The entropy callback function. */ /*!< The entropy callback function. */
void *MBEDTLS_PRIVATE(p_entropy); /*!< The context for the entropy function. */ void *MBEDTLS_PRIVATE(p_entropy); /*!< The context for the entropy function. */
@ -225,7 +224,7 @@ mbedtls_ctr_drbg_context;
* *
* \param ctx The CTR_DRBG context to initialize. * \param ctx The CTR_DRBG context to initialize.
*/ */
void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx);
/** /**
* \brief This function seeds and sets up the CTR_DRBG * \brief This function seeds and sets up the CTR_DRBG
@ -326,11 +325,11 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
*/ */
int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx,
int (*f_entropy)(void *, unsigned char *, size_t), int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy, void *p_entropy,
const unsigned char *custom, const unsigned char *custom,
size_t len ); size_t len);
/** /**
* \brief This function resets CTR_DRBG context to the state immediately * \brief This function resets CTR_DRBG context to the state immediately
@ -338,7 +337,7 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
* *
* \param ctx The CTR_DRBG context to clear. * \param ctx The CTR_DRBG context to clear.
*/ */
void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ); void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx);
/** /**
* \brief This function turns prediction resistance on or off. * \brief This function turns prediction resistance on or off.
@ -353,8 +352,8 @@ void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx );
* \param ctx The CTR_DRBG context. * \param ctx The CTR_DRBG context.
* \param resistance #MBEDTLS_CTR_DRBG_PR_ON or #MBEDTLS_CTR_DRBG_PR_OFF. * \param resistance #MBEDTLS_CTR_DRBG_PR_ON or #MBEDTLS_CTR_DRBG_PR_OFF.
*/ */
void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx,
int resistance ); int resistance);
/** /**
* \brief This function sets the amount of entropy grabbed on each * \brief This function sets the amount of entropy grabbed on each
@ -380,8 +379,8 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
* and at most the maximum length accepted by the * and at most the maximum length accepted by the
* entropy function that is set in the context. * entropy function that is set in the context.
*/ */
void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx,
size_t len ); size_t len);
/** /**
* \brief This function sets the amount of entropy grabbed * \brief This function sets the amount of entropy grabbed
@ -402,8 +401,8 @@ void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
* if the initial seeding has already taken place. * if the initial seeding has already taken place.
*/ */
int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx, int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx,
size_t len ); size_t len);
/** /**
* \brief This function sets the reseed interval. * \brief This function sets the reseed interval.
@ -417,8 +416,8 @@ int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx,
* \param ctx The CTR_DRBG context. * \param ctx The CTR_DRBG context.
* \param interval The reseed interval. * \param interval The reseed interval.
*/ */
void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx,
int interval ); int interval);
/** /**
* \brief This function reseeds the CTR_DRBG context, that is * \brief This function reseeds the CTR_DRBG context, that is
@ -440,8 +439,8 @@ void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
*/ */
int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, size_t len ); const unsigned char *additional, size_t len);
/** /**
* \brief This function updates the state of the CTR_DRBG context. * \brief This function updates the state of the CTR_DRBG context.
@ -463,9 +462,9 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
* #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT.
* \return An error from the underlying AES cipher on failure. * \return An error from the underlying AES cipher on failure.
*/ */
int mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, int mbedtls_ctr_drbg_update(mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, const unsigned char *additional,
size_t add_len ); size_t add_len);
/** /**
* \brief This function updates a CTR_DRBG instance with additional * \brief This function updates a CTR_DRBG instance with additional
@ -498,9 +497,9 @@ int mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
* #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure. * #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
*/ */
int mbedtls_ctr_drbg_random_with_add( void *p_rng, int mbedtls_ctr_drbg_random_with_add(void *p_rng,
unsigned char *output, size_t output_len, unsigned char *output, size_t output_len,
const unsigned char *additional, size_t add_len ); const unsigned char *additional, size_t add_len);
/** /**
* \brief This function uses CTR_DRBG to generate random data. * \brief This function uses CTR_DRBG to generate random data.
@ -526,8 +525,8 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
* #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure. * #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
*/ */
int mbedtls_ctr_drbg_random( void *p_rng, int mbedtls_ctr_drbg_random(void *p_rng,
unsigned char *output, size_t output_len ); unsigned char *output, size_t output_len);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -541,7 +540,7 @@ int mbedtls_ctr_drbg_random( void *p_rng,
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on reseed * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on reseed
* failure. * failure.
*/ */
int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path);
/** /**
* \brief This function reads and updates a seed file. The seed * \brief This function reads and updates a seed file. The seed
@ -557,7 +556,7 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char
* \return #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if the existing * \return #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if the existing
* seed file is too large. * seed file is too large.
*/ */
int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -568,7 +567,7 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_ctr_drbg_self_test( int verbose ); int mbedtls_ctr_drbg_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

89
include/mbedtls/debug.h
View File

@ -32,51 +32,51 @@
#if defined(MBEDTLS_DEBUG_C) #if defined(MBEDTLS_DEBUG_C)
#define MBEDTLS_DEBUG_STRIP_PARENS( ... ) __VA_ARGS__ #define MBEDTLS_DEBUG_STRIP_PARENS(...) __VA_ARGS__
#define MBEDTLS_SSL_DEBUG_MSG( level, args ) \ #define MBEDTLS_SSL_DEBUG_MSG(level, args) \
mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__, \ mbedtls_debug_print_msg(ssl, level, __FILE__, __LINE__, \
MBEDTLS_DEBUG_STRIP_PARENS args ) MBEDTLS_DEBUG_STRIP_PARENS args)
#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) \ #define MBEDTLS_SSL_DEBUG_RET(level, text, ret) \
mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret ) mbedtls_debug_print_ret(ssl, level, __FILE__, __LINE__, text, ret)
#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) \ #define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len) \
mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len ) mbedtls_debug_print_buf(ssl, level, __FILE__, __LINE__, text, buf, len)
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) \ #define MBEDTLS_SSL_DEBUG_MPI(level, text, X) \
mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X ) mbedtls_debug_print_mpi(ssl, level, __FILE__, __LINE__, text, X)
#endif #endif
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_C)
#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) \ #define MBEDTLS_SSL_DEBUG_ECP(level, text, X) \
mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X ) mbedtls_debug_print_ecp(ssl, level, __FILE__, __LINE__, text, X)
#endif #endif
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \ #define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) \
mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ) mbedtls_debug_print_crt(ssl, level, __FILE__, __LINE__, text, crt)
#else #else
#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) do { } while (0)
#endif /* MBEDTLS_X509_REMOVE_INFO */ #endif /* MBEDTLS_X509_REMOVE_INFO */
#endif /* MBEDTLS_X509_CRT_PARSE_C */ #endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_ECDH_C) #if defined(MBEDTLS_ECDH_C)
#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) \ #define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) \
mbedtls_debug_printf_ecdh( ssl, level, __FILE__, __LINE__, ecdh, attr ) mbedtls_debug_printf_ecdh(ssl, level, __FILE__, __LINE__, ecdh, attr)
#endif #endif
#else /* MBEDTLS_DEBUG_C */ #else /* MBEDTLS_DEBUG_C */
#define MBEDTLS_SSL_DEBUG_MSG( level, args ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_MSG(level, args) do { } while (0)
#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_RET(level, text, ret) do { } while (0)
#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len) do { } while (0)
#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_MPI(level, text, X) do { } while (0)
#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_ECP(level, text, X) do { } while (0)
#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) do { } while (0)
#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) do { } while (0)
#endif /* MBEDTLS_DEBUG_C */ #endif /* MBEDTLS_DEBUG_C */
@ -96,7 +96,7 @@
#if __has_attribute(format) #if __has_attribute(format)
#if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 #if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1
#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \ #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \
__attribute__((__format__ (gnu_printf, string_index, first_to_check))) __attribute__((__format__(gnu_printf, string_index, first_to_check)))
#else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */ #else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */
#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \ #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \
__attribute__((format(printf, string_index, first_to_check))) __attribute__((format(printf, string_index, first_to_check)))
@ -124,10 +124,12 @@
#include <inttypes.h> #include <inttypes.h>
#define MBEDTLS_PRINTF_SIZET PRIuPTR #define MBEDTLS_PRINTF_SIZET PRIuPTR
#define MBEDTLS_PRINTF_LONGLONG "I64d" #define MBEDTLS_PRINTF_LONGLONG "I64d"
#else /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ #else \
/* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
#define MBEDTLS_PRINTF_SIZET "zu" #define MBEDTLS_PRINTF_SIZET "zu"
#define MBEDTLS_PRINTF_LONGLONG "lld" #define MBEDTLS_PRINTF_LONGLONG "lld"
#endif /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ #endif \
/* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -148,7 +150,7 @@ extern "C" {
* - 3 Informational * - 3 Informational
* - 4 Verbose * - 4 Verbose
*/ */
void mbedtls_debug_set_threshold( int threshold ); void mbedtls_debug_set_threshold(int threshold);
/** /**
* \brief Print a message to the debug output. This function is always used * \brief Print a message to the debug output. This function is always used
@ -165,9 +167,9 @@ void mbedtls_debug_set_threshold( int threshold );
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *format, ... ) MBEDTLS_PRINTF_ATTRIBUTE(5, 6); const char *format, ...) MBEDTLS_PRINTF_ATTRIBUTE(5, 6);
/** /**
* \brief Print the return value of a function to the debug output. This * \brief Print the return value of a function to the debug output. This
@ -184,9 +186,9 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, int ret ); const char *text, int ret);
/** /**
* \brief Output a buffer of size len bytes to the debug output. This function * \brief Output a buffer of size len bytes to the debug output. This function
@ -205,9 +207,9 @@ void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *text, const char *file, int line, const char *text,
const unsigned char *buf, size_t len ); const unsigned char *buf, size_t len);
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
/** /**
@ -226,9 +228,9 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const mbedtls_mpi *X ); const char *text, const mbedtls_mpi *X);
#endif #endif
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_C)
@ -248,9 +250,9 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const mbedtls_ecp_point *X ); const char *text, const mbedtls_ecp_point *X);
#endif #endif
#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO) #if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
@ -269,14 +271,13 @@ void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const mbedtls_x509_crt *crt ); const char *text, const mbedtls_x509_crt *crt);
#endif #endif
#if defined(MBEDTLS_ECDH_C) #if defined(MBEDTLS_ECDH_C)
typedef enum typedef enum {
{
MBEDTLS_DEBUG_ECDH_Q, MBEDTLS_DEBUG_ECDH_Q,
MBEDTLS_DEBUG_ECDH_QP, MBEDTLS_DEBUG_ECDH_QP,
MBEDTLS_DEBUG_ECDH_Z, MBEDTLS_DEBUG_ECDH_Z,
@ -298,10 +299,10 @@ typedef enum
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const mbedtls_ecdh_context *ecdh, const mbedtls_ecdh_context *ecdh,
mbedtls_debug_ecdh_attr attr ); mbedtls_debug_ecdh_attr attr);
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

62
include/mbedtls/des.h
View File

@ -57,8 +57,7 @@ extern "C" {
* security risk. We recommend considering stronger ciphers * security risk. We recommend considering stronger ciphers
* instead. * instead.
*/ */
typedef struct mbedtls_des_context typedef struct mbedtls_des_context {
{
uint32_t MBEDTLS_PRIVATE(sk)[32]; /*!< DES subkeys */ uint32_t MBEDTLS_PRIVATE(sk)[32]; /*!< DES subkeys */
} }
mbedtls_des_context; mbedtls_des_context;
@ -66,8 +65,7 @@ mbedtls_des_context;
/** /**
* \brief Triple-DES context structure * \brief Triple-DES context structure
*/ */
typedef struct mbedtls_des3_context typedef struct mbedtls_des3_context {
{
uint32_t MBEDTLS_PRIVATE(sk)[96]; /*!< 3DES subkeys */ uint32_t MBEDTLS_PRIVATE(sk)[96]; /*!< 3DES subkeys */
} }
mbedtls_des3_context; mbedtls_des3_context;
@ -85,7 +83,7 @@ mbedtls_des3_context;
* security risk. We recommend considering stronger ciphers * security risk. We recommend considering stronger ciphers
* instead. * instead.
*/ */
void mbedtls_des_init( mbedtls_des_context *ctx ); void mbedtls_des_init(mbedtls_des_context *ctx);
/** /**
* \brief Clear DES context * \brief Clear DES context
@ -96,21 +94,21 @@ void mbedtls_des_init( mbedtls_des_context *ctx );
* security risk. We recommend considering stronger ciphers * security risk. We recommend considering stronger ciphers
* instead. * instead.
*/ */
void mbedtls_des_free( mbedtls_des_context *ctx ); void mbedtls_des_free(mbedtls_des_context *ctx);
/** /**
* \brief Initialize Triple-DES context * \brief Initialize Triple-DES context
* *
* \param ctx DES3 context to be initialized * \param ctx DES3 context to be initialized
*/ */
void mbedtls_des3_init( mbedtls_des3_context *ctx ); void mbedtls_des3_init(mbedtls_des3_context *ctx);
/** /**
* \brief Clear Triple-DES context * \brief Clear Triple-DES context
* *
* \param ctx DES3 context to be cleared * \param ctx DES3 context to be cleared
*/ */
void mbedtls_des3_free( mbedtls_des3_context *ctx ); void mbedtls_des3_free(mbedtls_des3_context *ctx);
/** /**
* \brief Set key parity on the given key to odd. * \brief Set key parity on the given key to odd.
@ -124,7 +122,7 @@ void mbedtls_des3_free( mbedtls_des3_context *ctx );
* security risk. We recommend considering stronger ciphers * security risk. We recommend considering stronger ciphers
* instead. * instead.
*/ */
void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] ); void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/** /**
* \brief Check that key parity on the given key is odd. * \brief Check that key parity on the given key is odd.
@ -141,7 +139,7 @@ void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
* instead. * instead.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/** /**
* \brief Check that key is not a weak or semi-weak DES key * \brief Check that key is not a weak or semi-weak DES key
@ -155,7 +153,7 @@ int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SI
* instead. * instead.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/** /**
* \brief DES key schedule (56-bit, encryption) * \brief DES key schedule (56-bit, encryption)
@ -170,7 +168,7 @@ int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
* instead. * instead.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/** /**
* \brief DES key schedule (56-bit, decryption) * \brief DES key schedule (56-bit, decryption)
@ -185,7 +183,7 @@ int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MB
* instead. * instead.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/** /**
* \brief Triple-DES key schedule (112-bit, encryption) * \brief Triple-DES key schedule (112-bit, encryption)
@ -196,8 +194,8 @@ int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MB
* \return 0 * \return 0
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx, int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
/** /**
* \brief Triple-DES key schedule (112-bit, decryption) * \brief Triple-DES key schedule (112-bit, decryption)
@ -208,8 +206,8 @@ int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
* \return 0 * \return 0
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx, int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
/** /**
* \brief Triple-DES key schedule (168-bit, encryption) * \brief Triple-DES key schedule (168-bit, encryption)
@ -220,8 +218,8 @@ int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
* \return 0 * \return 0
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx, int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
/** /**
* \brief Triple-DES key schedule (168-bit, decryption) * \brief Triple-DES key schedule (168-bit, decryption)
@ -232,8 +230,8 @@ int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
* \return 0 * \return 0
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx, int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
/** /**
* \brief DES-ECB block encryption/decryption * \brief DES-ECB block encryption/decryption
@ -249,9 +247,9 @@ int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
* instead. * instead.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx,
const unsigned char input[8], const unsigned char input[8],
unsigned char output[8] ); unsigned char output[8]);
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
@ -277,12 +275,12 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
* instead. * instead.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[8], unsigned char iv[8],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
/** /**
@ -295,9 +293,9 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
* \return 0 if successful * \return 0 if successful
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx,
const unsigned char input[8], const unsigned char input[8],
unsigned char output[8] ); unsigned char output[8]);
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
@ -321,12 +319,12 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
* \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH * \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx, int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[8], unsigned char iv[8],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
/** /**
@ -341,8 +339,8 @@ int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
* security risk. We recommend considering stronger ciphers * security risk. We recommend considering stronger ciphers
* instead. * instead.
*/ */
void mbedtls_des_setkey( uint32_t SK[32], void mbedtls_des_setkey(uint32_t SK[32],
const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -352,7 +350,7 @@ void mbedtls_des_setkey( uint32_t SK[32],
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
MBEDTLS_CHECK_RETURN_CRITICAL MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_des_self_test( int verbose ); int mbedtls_des_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

50
include/mbedtls/dhm.h
View File

@ -92,8 +92,7 @@
#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580 #define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580
/** Which parameter to access in mbedtls_dhm_get_value(). */ /** Which parameter to access in mbedtls_dhm_get_value(). */
typedef enum typedef enum {
{
MBEDTLS_DHM_PARAM_P, /*!< The prime modulus. */ MBEDTLS_DHM_PARAM_P, /*!< The prime modulus. */
MBEDTLS_DHM_PARAM_G, /*!< The generator. */ MBEDTLS_DHM_PARAM_G, /*!< The generator. */
MBEDTLS_DHM_PARAM_X, /*!< Our secret value. */ MBEDTLS_DHM_PARAM_X, /*!< Our secret value. */
@ -111,8 +110,7 @@ extern "C" {
/** /**
* \brief The DHM context structure. * \brief The DHM context structure.
*/ */
typedef struct mbedtls_dhm_context typedef struct mbedtls_dhm_context {
{
mbedtls_mpi MBEDTLS_PRIVATE(P); /*!< The prime modulus. */ mbedtls_mpi MBEDTLS_PRIVATE(P); /*!< The prime modulus. */
mbedtls_mpi MBEDTLS_PRIVATE(G); /*!< The generator. */ mbedtls_mpi MBEDTLS_PRIVATE(G); /*!< The generator. */
mbedtls_mpi MBEDTLS_PRIVATE(X); /*!< Our secret value. */ mbedtls_mpi MBEDTLS_PRIVATE(X); /*!< Our secret value. */
@ -135,7 +133,7 @@ mbedtls_dhm_context;
* *
* \param ctx The DHM context to initialize. * \param ctx The DHM context to initialize.
*/ */
void mbedtls_dhm_init( mbedtls_dhm_context *ctx ); void mbedtls_dhm_init(mbedtls_dhm_context *ctx);
/** /**
* \brief This function parses the DHM parameters in a * \brief This function parses the DHM parameters in a
@ -159,9 +157,9 @@ void mbedtls_dhm_init( mbedtls_dhm_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/ */
int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, int mbedtls_dhm_read_params(mbedtls_dhm_context *ctx,
unsigned char **p, unsigned char **p,
const unsigned char *end ); const unsigned char *end);
/** /**
* \brief This function generates a DHM key pair and exports its * \brief This function generates a DHM key pair and exports its
@ -195,10 +193,10 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/ */
int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size,
unsigned char *output, size_t *olen, unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function sets the prime modulus and generator. * \brief This function sets the prime modulus and generator.
@ -215,9 +213,9 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/ */
int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, int mbedtls_dhm_set_group(mbedtls_dhm_context *ctx,
const mbedtls_mpi *P, const mbedtls_mpi *P,
const mbedtls_mpi *G ); const mbedtls_mpi *G);
/** /**
* \brief This function imports the raw public value of the peer. * \brief This function imports the raw public value of the peer.
@ -235,8 +233,8 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/ */
int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, int mbedtls_dhm_read_public(mbedtls_dhm_context *ctx,
const unsigned char *input, size_t ilen ); const unsigned char *input, size_t ilen);
/** /**
* \brief This function creates a DHM key pair and exports * \brief This function creates a DHM key pair and exports
@ -262,10 +260,10 @@ int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/ */
int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, int mbedtls_dhm_make_public(mbedtls_dhm_context *ctx, int x_size,
unsigned char *output, size_t olen, unsigned char *output, size_t olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function derives and exports the shared secret * \brief This function derives and exports the shared secret
@ -293,10 +291,10 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
*/ */
int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx,
unsigned char *output, size_t output_size, size_t *olen, unsigned char *output, size_t output_size, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function returns the size of the prime modulus in bits. * \brief This function returns the size of the prime modulus in bits.
@ -306,7 +304,7 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
* \return The size of the prime modulus in bits, * \return The size of the prime modulus in bits,
* i.e. the number n such that 2^(n-1) <= P < 2^n. * i.e. the number n such that 2^(n-1) <= P < 2^n.
*/ */
size_t mbedtls_dhm_get_bitlen( const mbedtls_dhm_context *ctx ); size_t mbedtls_dhm_get_bitlen(const mbedtls_dhm_context *ctx);
/** /**
* \brief This function returns the size of the prime modulus in bytes. * \brief This function returns the size of the prime modulus in bytes.
@ -316,7 +314,7 @@ size_t mbedtls_dhm_get_bitlen( const mbedtls_dhm_context *ctx );
* \return The size of the prime modulus in bytes, * \return The size of the prime modulus in bytes,
* i.e. the number n such that 2^(8*(n-1)) <= P < 2^(8*n). * i.e. the number n such that 2^(8*(n-1)) <= P < 2^(8*n).
*/ */
size_t mbedtls_dhm_get_len( const mbedtls_dhm_context *ctx ); size_t mbedtls_dhm_get_len(const mbedtls_dhm_context *ctx);
/** /**
* \brief This function copies a parameter of a DHM key. * \brief This function copies a parameter of a DHM key.
@ -330,9 +328,9 @@ size_t mbedtls_dhm_get_len( const mbedtls_dhm_context *ctx );
* \return #MBEDTLS_ERR_DHM_BAD_INPUT_DATA if \p field is invalid. * \return #MBEDTLS_ERR_DHM_BAD_INPUT_DATA if \p field is invalid.
* \return An \c MBEDTLS_ERR_MPI_XXX error code if the copy fails. * \return An \c MBEDTLS_ERR_MPI_XXX error code if the copy fails.
*/ */
int mbedtls_dhm_get_value( const mbedtls_dhm_context *ctx, int mbedtls_dhm_get_value(const mbedtls_dhm_context *ctx,
mbedtls_dhm_parameter param, mbedtls_dhm_parameter param,
mbedtls_mpi *dest ); mbedtls_mpi *dest);
/** /**
* \brief This function frees and clears the components * \brief This function frees and clears the components
@ -342,7 +340,7 @@ int mbedtls_dhm_get_value( const mbedtls_dhm_context *ctx,
* in which case this function is a no-op. If it is not \c NULL, * in which case this function is a no-op. If it is not \c NULL,
* it must point to an initialized DHM context. * it must point to an initialized DHM context.
*/ */
void mbedtls_dhm_free( mbedtls_dhm_context *ctx ); void mbedtls_dhm_free(mbedtls_dhm_context *ctx);
#if defined(MBEDTLS_ASN1_PARSE_C) #if defined(MBEDTLS_ASN1_PARSE_C)
/** /**
@ -359,8 +357,8 @@ void mbedtls_dhm_free( mbedtls_dhm_context *ctx );
* \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX error * \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX error
* code on failure. * code on failure.
*/ */
int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, int mbedtls_dhm_parse_dhm(mbedtls_dhm_context *dhm, const unsigned char *dhmin,
size_t dhminlen ); size_t dhminlen);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -375,7 +373,7 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
* \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX * \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX
* error code on failure. * error code on failure.
*/ */
int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ); int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_ASN1_PARSE_C */ #endif /* MBEDTLS_ASN1_PARSE_C */
@ -387,7 +385,7 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_dhm_self_test( int verbose ); int mbedtls_dhm_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus

59
include/mbedtls/ecdh.h
View File

@ -68,8 +68,7 @@ extern "C" {
/** /**
* Defines the source of the imported EC key. * Defines the source of the imported EC key.
*/ */
typedef enum typedef enum {
{
MBEDTLS_ECDH_OURS, /**< Our key. */ MBEDTLS_ECDH_OURS, /**< Our key. */
MBEDTLS_ECDH_THEIRS, /**< The key of the peer. */ MBEDTLS_ECDH_THEIRS, /**< The key of the peer. */
} mbedtls_ecdh_side; } mbedtls_ecdh_side;
@ -81,8 +80,7 @@ typedef enum
* Later versions of the library may add new variants, therefore users should * Later versions of the library may add new variants, therefore users should
* not make any assumptions about them. * not make any assumptions about them.
*/ */
typedef enum typedef enum {
{
MBEDTLS_ECDH_VARIANT_NONE = 0, /*!< Implementation not defined. */ MBEDTLS_ECDH_VARIANT_NONE = 0, /*!< Implementation not defined. */
MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0,/*!< The default Mbed TLS implementation */ MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0,/*!< The default Mbed TLS implementation */
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
@ -97,8 +95,7 @@ typedef enum
* should not make any assumptions about the structure of * should not make any assumptions about the structure of
* mbedtls_ecdh_context_mbed. * mbedtls_ecdh_context_mbed.
*/ */
typedef struct mbedtls_ecdh_context_mbed typedef struct mbedtls_ecdh_context_mbed {
{
mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */ mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */
mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */ mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */
mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< The public key. */ mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< The public key. */
@ -117,8 +114,7 @@ typedef struct mbedtls_ecdh_context_mbed
* should not be shared between multiple threads. * should not be shared between multiple threads.
* \brief The ECDH context structure. * \brief The ECDH context structure.
*/ */
typedef struct mbedtls_ecdh_context typedef struct mbedtls_ecdh_context {
{
#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */ mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */
mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */ mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */
@ -138,8 +134,7 @@ typedef struct mbedtls_ecdh_context
as defined in RFC 4492. */ as defined in RFC 4492. */
mbedtls_ecp_group_id MBEDTLS_PRIVATE(grp_id);/*!< The elliptic curve used. */ mbedtls_ecp_group_id MBEDTLS_PRIVATE(grp_id);/*!< The elliptic curve used. */
mbedtls_ecdh_variant MBEDTLS_PRIVATE(var); /*!< The ECDH implementation/structure used. */ mbedtls_ecdh_variant MBEDTLS_PRIVATE(var); /*!< The ECDH implementation/structure used. */
union union {
{
mbedtls_ecdh_context_mbed MBEDTLS_PRIVATE(mbed_ecdh); mbedtls_ecdh_context_mbed MBEDTLS_PRIVATE(mbed_ecdh);
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
mbedtls_ecdh_context_everest MBEDTLS_PRIVATE(everest_ecdh); mbedtls_ecdh_context_everest MBEDTLS_PRIVATE(everest_ecdh);
@ -165,7 +160,7 @@ mbedtls_ecdh_context;
* *
* \return \c 1 if the group can be used, \c 0 otherwise * \return \c 1 if the group can be used, \c 0 otherwise
*/ */
int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ); int mbedtls_ecdh_can_do(mbedtls_ecp_group_id gid);
/** /**
* \brief This function generates an ECDH keypair on an elliptic * \brief This function generates an ECDH keypair on an elliptic
@ -192,9 +187,9 @@ int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid );
* \return Another \c MBEDTLS_ERR_ECP_XXX or * \return Another \c MBEDTLS_ERR_ECP_XXX or
* \c MBEDTLS_MPI_XXX error code on failure. * \c MBEDTLS_MPI_XXX error code on failure.
*/ */
int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int mbedtls_ecdh_gen_public(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function computes the shared secret. * \brief This function computes the shared secret.
@ -227,17 +222,17 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp
* \return Another \c MBEDTLS_ERR_ECP_XXX or * \return Another \c MBEDTLS_ERR_ECP_XXX or
* \c MBEDTLS_MPI_XXX error code on failure. * \c MBEDTLS_MPI_XXX error code on failure.
*/ */
int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, int mbedtls_ecdh_compute_shared(mbedtls_ecp_group *grp, mbedtls_mpi *z,
const mbedtls_ecp_point *Q, const mbedtls_mpi *d, const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function initializes an ECDH context. * \brief This function initializes an ECDH context.
* *
* \param ctx The ECDH context to initialize. This must not be \c NULL. * \param ctx The ECDH context to initialize. This must not be \c NULL.
*/ */
void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ); void mbedtls_ecdh_init(mbedtls_ecdh_context *ctx);
/** /**
* \brief This function sets up the ECDH context with the information * \brief This function sets up the ECDH context with the information
@ -255,8 +250,8 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, int mbedtls_ecdh_setup(mbedtls_ecdh_context *ctx,
mbedtls_ecp_group_id grp_id ); mbedtls_ecp_group_id grp_id);
/** /**
* \brief This function frees a context. * \brief This function frees a context.
@ -265,7 +260,7 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx,
* case this function does nothing. If it is not \c NULL, * case this function does nothing. If it is not \c NULL,
* it must point to an initialized ECDH context. * it must point to an initialized ECDH context.
*/ */
void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ); void mbedtls_ecdh_free(mbedtls_ecdh_context *ctx);
/** /**
* \brief This function generates an EC key pair and exports its * \brief This function generates an EC key pair and exports its
@ -292,10 +287,10 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx );
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/ */
int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, int mbedtls_ecdh_make_params(mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen, unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function parses the ECDHE parameters in a * \brief This function parses the ECDHE parameters in a
@ -321,9 +316,9 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
* \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure.
* *
*/ */
int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx,
const unsigned char **buf, const unsigned char **buf,
const unsigned char *end ); const unsigned char *end);
/** /**
* \brief This function sets up an ECDH context from an EC key. * \brief This function sets up an ECDH context from an EC key.
@ -344,9 +339,9 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
* *
*/ */
int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, int mbedtls_ecdh_get_params(mbedtls_ecdh_context *ctx,
const mbedtls_ecp_keypair *key, const mbedtls_ecp_keypair *key,
mbedtls_ecdh_side side ); mbedtls_ecdh_side side);
/** /**
* \brief This function generates a public key and exports it * \brief This function generates a public key and exports it
@ -374,10 +369,10 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/ */
int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, int mbedtls_ecdh_make_public(mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen, unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function parses and processes the ECDHE payload of a * \brief This function parses and processes the ECDHE payload of a
@ -398,8 +393,8 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/ */
int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, int mbedtls_ecdh_read_public(mbedtls_ecdh_context *ctx,
const unsigned char *buf, size_t blen ); const unsigned char *buf, size_t blen);
/** /**
* \brief This function derives and exports the shared secret. * \brief This function derives and exports the shared secret.
@ -430,10 +425,10 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/ */
int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, int mbedtls_ecdh_calc_secret(mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen, unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
@ -448,7 +443,7 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
* *
* \param ctx The ECDH context to use. This must be initialized. * \param ctx The ECDH context to use. This must be initialized.
*/ */
void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx ); void mbedtls_ecdh_enable_restart(mbedtls_ecdh_context *ctx);
#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECP_RESTARTABLE */
#ifdef __cplusplus #ifdef __cplusplus

57
include/mbedtls/ecdsa.h
View File

@ -53,13 +53,13 @@
* *
* For each of r and s, the value (V) may include an extra initial "0" bit. * For each of r and s, the value (V) may include an extra initial "0" bit.
*/ */
#define MBEDTLS_ECDSA_MAX_SIG_LEN( bits ) \ #define MBEDTLS_ECDSA_MAX_SIG_LEN(bits) \
( /*T,L of SEQUENCE*/ ( ( bits ) >= 61 * 8 ? 3 : 2 ) + \ (/*T,L of SEQUENCE*/ ((bits) >= 61 * 8 ? 3 : 2) + \
/*T,L of r,s*/ 2 * ( ( ( bits ) >= 127 * 8 ? 3 : 2 ) + \ /*T,L of r,s*/ 2 * (((bits) >= 127 * 8 ? 3 : 2) + \
/*V of r,s*/ ( ( bits ) + 8 ) / 8 ) ) /*V of r,s*/ ((bits) + 8) / 8))
/** The maximal size of an ECDSA signature in Bytes. */ /** The maximal size of an ECDSA signature in Bytes. */
#define MBEDTLS_ECDSA_MAX_LEN MBEDTLS_ECDSA_MAX_SIG_LEN( MBEDTLS_ECP_MAX_BITS ) #define MBEDTLS_ECDSA_MAX_LEN MBEDTLS_ECDSA_MAX_SIG_LEN(MBEDTLS_ECP_MAX_BITS)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -102,8 +102,7 @@ typedef struct mbedtls_ecdsa_restart_det mbedtls_ecdsa_restart_det_ctx;
/** /**
* \brief General context for resuming ECDSA operations * \brief General context for resuming ECDSA operations
*/ */
typedef struct typedef struct {
{
mbedtls_ecp_restart_ctx MBEDTLS_PRIVATE(ecp); /*!< base context for ECP restart and mbedtls_ecp_restart_ctx MBEDTLS_PRIVATE(ecp); /*!< base context for ECP restart and
shared administrative info */ shared administrative info */
mbedtls_ecdsa_restart_ver_ctx *MBEDTLS_PRIVATE(ver); /*!< ecdsa_verify() sub-context */ mbedtls_ecdsa_restart_ver_ctx *MBEDTLS_PRIVATE(ver); /*!< ecdsa_verify() sub-context */
@ -128,7 +127,7 @@ typedef void mbedtls_ecdsa_restart_ctx;
* *
* \return \c 1 if the group can be used, \c 0 otherwise * \return \c 1 if the group can be used, \c 0 otherwise
*/ */
int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ); int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid);
/** /**
* \brief This function computes the ECDSA signature of a * \brief This function computes the ECDSA signature of a
@ -166,9 +165,9 @@ int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid );
* \return An \c MBEDTLS_ERR_ECP_XXX * \return An \c MBEDTLS_ERR_ECP_XXX
* or \c MBEDTLS_MPI_XXX error code on failure. * or \c MBEDTLS_MPI_XXX error code on failure.
*/ */
int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
const mbedtls_mpi *d, const unsigned char *buf, size_t blen, const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
#if defined(MBEDTLS_ECDSA_DETERMINISTIC) #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
/** /**
@ -210,12 +209,12 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
* error code on failure. * error code on failure.
*/ */
int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r,
mbedtls_mpi *s, const mbedtls_mpi *d, mbedtls_mpi *s, const mbedtls_mpi *d,
const unsigned char *buf, size_t blen, const unsigned char *buf, size_t blen,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
int (*f_rng_blind)(void *, unsigned char *, size_t), int (*f_rng_blind)(void *, unsigned char *, size_t),
void *p_rng_blind ); void *p_rng_blind);
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
/** /**
@ -248,7 +247,7 @@ int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
* error code on failure. * error code on failure.
*/ */
int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp,
const unsigned char *buf, size_t blen, const unsigned char *buf, size_t blen,
const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_ecp_point *Q, const mbedtls_mpi *r,
const mbedtls_mpi *s); const mbedtls_mpi *s);
@ -302,12 +301,12 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
* \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or * \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
* \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t sig_size, size_t *slen, unsigned char *sig, size_t sig_size, size_t *slen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function computes the ECDSA signature and writes it * \brief This function computes the ECDSA signature and writes it
@ -349,13 +348,13 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx,
* \return Another \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or * \return Another \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
* \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t sig_size, size_t *slen, unsigned char *sig, size_t sig_size, size_t *slen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
mbedtls_ecdsa_restart_ctx *rs_ctx ); mbedtls_ecdsa_restart_ctx *rs_ctx);
/** /**
* \brief This function reads and verifies an ECDSA signature. * \brief This function reads and verifies an ECDSA signature.
@ -384,9 +383,9 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
* error code on failure for any other reason. * error code on failure for any other reason.
*/ */
int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen ); const unsigned char *sig, size_t slen);
/** /**
* \brief This function reads and verifies an ECDSA signature, * \brief This function reads and verifies an ECDSA signature,
@ -419,10 +418,10 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
* \return Another \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX * \return Another \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
* error code on failure for any other reason. * error code on failure for any other reason.
*/ */
int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen, const unsigned char *sig, size_t slen,
mbedtls_ecdsa_restart_ctx *rs_ctx ); mbedtls_ecdsa_restart_ctx *rs_ctx);
/** /**
* \brief This function generates an ECDSA keypair on the given curve. * \brief This function generates an ECDSA keypair on the given curve.
@ -440,8 +439,8 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX code on failure. * \return An \c MBEDTLS_ERR_ECP_XXX code on failure.
*/ */
int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** /**
* \brief This function sets up an ECDSA context from an EC key pair. * \brief This function sets up an ECDSA context from an EC key pair.
@ -458,8 +457,8 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX code on failure. * \return An \c MBEDTLS_ERR_ECP_XXX code on failure.
*/ */
int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx,
const mbedtls_ecp_keypair *key ); const mbedtls_ecp_keypair *key);
/** /**
* \brief This function initializes an ECDSA context. * \brief This function initializes an ECDSA context.
@ -467,7 +466,7 @@ int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx,
* \param ctx The ECDSA context to initialize. * \param ctx The ECDSA context to initialize.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ); void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx);
/** /**
* \brief This function frees an ECDSA context. * \brief This function frees an ECDSA context.
@ -476,7 +475,7 @@ void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx );
* in which case this function does nothing. If it * in which case this function does nothing. If it
* is not \c NULL, it must be initialized. * is not \c NULL, it must be initialized.
*/ */
void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx ); void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx);
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
@ -485,7 +484,7 @@ void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx );
* \param ctx The restart context to initialize. * \param ctx The restart context to initialize.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx ); void mbedtls_ecdsa_restart_init(mbedtls_ecdsa_restart_ctx *ctx);
/** /**
* \brief Free the components of a restart context. * \brief Free the components of a restart context.
@ -494,7 +493,7 @@ void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx );
* in which case this function does nothing. If it * in which case this function does nothing. If it
* is not \c NULL, it must be initialized. * is not \c NULL, it must be initialized.
*/ */
void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx ); void mbedtls_ecdsa_restart_free(mbedtls_ecdsa_restart_ctx *ctx);
#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECP_RESTARTABLE */
#ifdef __cplusplus #ifdef __cplusplus

43
include/mbedtls/ecjpake.h
View File

@ -68,8 +68,7 @@ typedef enum {
* convention from the Thread v1.0 spec. Correspondence is indicated in the * convention from the Thread v1.0 spec. Correspondence is indicated in the
* description as a pair C: client name, S: server name * description as a pair C: client name, S: server name
*/ */
typedef struct mbedtls_ecjpake_context typedef struct mbedtls_ecjpake_context {
{
mbedtls_md_type_t MBEDTLS_PRIVATE(md_type); /**< Hash to use */ mbedtls_md_type_t MBEDTLS_PRIVATE(md_type); /**< Hash to use */
mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /**< Elliptic curve */ mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /**< Elliptic curve */
mbedtls_ecjpake_role MBEDTLS_PRIVATE(role); /**< Are we client or server? */ mbedtls_ecjpake_role MBEDTLS_PRIVATE(role); /**< Are we client or server? */
@ -97,7 +96,7 @@ typedef struct mbedtls_ecjpake_context
* \param ctx The ECJPAKE context to initialize. * \param ctx The ECJPAKE context to initialize.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ); void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx);
/** /**
* \brief Set up an ECJPAKE context for use. * \brief Set up an ECJPAKE context for use.
@ -120,12 +119,12 @@ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx,
mbedtls_ecjpake_role role, mbedtls_ecjpake_role role,
mbedtls_md_type_t hash, mbedtls_md_type_t hash,
mbedtls_ecp_group_id curve, mbedtls_ecp_group_id curve,
const unsigned char *secret, const unsigned char *secret,
size_t len ); size_t len);
/** /**
* \brief Set the point format for future reads and writes. * \brief Set the point format for future reads and writes.
@ -139,8 +138,8 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p point_format * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p point_format
* is invalid. * is invalid.
*/ */
int mbedtls_ecjpake_set_point_format( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_set_point_format(mbedtls_ecjpake_context *ctx,
int point_format ); int point_format);
/** /**
* \brief Check if an ECJPAKE context is ready for use. * \brief Check if an ECJPAKE context is ready for use.
@ -151,7 +150,7 @@ int mbedtls_ecjpake_set_point_format( mbedtls_ecjpake_context *ctx,
* \return \c 0 if the context is ready for use. * \return \c 0 if the context is ready for use.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise.
*/ */
int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ); int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx);
/** /**
* \brief Generate and write the first round message * \brief Generate and write the first round message
@ -172,10 +171,10 @@ int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx,
unsigned char *buf, size_t len, size_t *olen, unsigned char *buf, size_t len, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Read and process the first round message * \brief Read and process the first round message
@ -191,9 +190,9 @@ int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx,
const unsigned char *buf, const unsigned char *buf,
size_t len ); size_t len);
/** /**
* \brief Generate and write the second round message * \brief Generate and write the second round message
@ -213,10 +212,10 @@ int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx,
unsigned char *buf, size_t len, size_t *olen, unsigned char *buf, size_t len, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Read and process the second round message * \brief Read and process the second round message
@ -231,9 +230,9 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx,
const unsigned char *buf, const unsigned char *buf,
size_t len ); size_t len);
/** /**
* \brief Derive the shared secret * \brief Derive the shared secret
@ -253,10 +252,10 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx,
unsigned char *buf, size_t len, size_t *olen, unsigned char *buf, size_t len, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Write the shared key material to be passed to a Key * \brief Write the shared key material to be passed to a Key
@ -276,10 +275,10 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_write_shared_key( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_write_shared_key(mbedtls_ecjpake_context *ctx,
unsigned char *buf, size_t len, size_t *olen, unsigned char *buf, size_t len, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This clears an ECJPAKE context and frees any * \brief This clears an ECJPAKE context and frees any
@ -289,7 +288,7 @@ int mbedtls_ecjpake_write_shared_key( mbedtls_ecjpake_context *ctx,
* in which case this function does nothing. If it is not * in which case this function does nothing. If it is not
* \c NULL, it must point to an initialized ECJPAKE context. * \c NULL, it must point to an initialized ECJPAKE context.
*/ */
void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ); void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -298,7 +297,7 @@ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx );
* *
* \return 0 if successful, or 1 if a test failed * \return 0 if successful, or 1 if a test failed
*/ */
int mbedtls_ecjpake_self_test( int verbose ); int mbedtls_ecjpake_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

173
include/mbedtls/ecp.h
View File

@ -110,8 +110,7 @@ extern "C" {
* - Add the curve to applicable profiles in x509_crt.c. * - Add the curve to applicable profiles in x509_crt.c.
* - Add the curve to applicable presets in ssl_tls.c. * - Add the curve to applicable presets in ssl_tls.c.
*/ */
typedef enum typedef enum {
{
MBEDTLS_ECP_DP_NONE = 0, /*!< Curve not defined. */ MBEDTLS_ECP_DP_NONE = 0, /*!< Curve not defined. */
MBEDTLS_ECP_DP_SECP192R1, /*!< Domain parameters for the 192-bit curve defined by FIPS 186-4 and SEC1. */ MBEDTLS_ECP_DP_SECP192R1, /*!< Domain parameters for the 192-bit curve defined by FIPS 186-4 and SEC1. */
MBEDTLS_ECP_DP_SECP224R1, /*!< Domain parameters for the 224-bit curve defined by FIPS 186-4 and SEC1. */ MBEDTLS_ECP_DP_SECP224R1, /*!< Domain parameters for the 224-bit curve defined by FIPS 186-4 and SEC1. */
@ -136,8 +135,7 @@ typedef enum
/* /*
* Curve types * Curve types
*/ */
typedef enum typedef enum {
{
MBEDTLS_ECP_TYPE_NONE = 0, MBEDTLS_ECP_TYPE_NONE = 0,
MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS, /* y^2 = x^3 + a x + b */ MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS, /* y^2 = x^3 + a x + b */
MBEDTLS_ECP_TYPE_MONTGOMERY, /* y^2 = x^3 + a x^2 + x */ MBEDTLS_ECP_TYPE_MONTGOMERY, /* y^2 = x^3 + a x^2 + x */
@ -150,8 +148,7 @@ typedef enum
* accessed directly by applications. Future versions of the library may * accessed directly by applications. Future versions of the library may
* add extra fields or reorder existing fields. * add extra fields or reorder existing fields.
*/ */
typedef struct mbedtls_ecp_curve_info typedef struct mbedtls_ecp_curve_info {
{
mbedtls_ecp_group_id grp_id; /*!< An internal identifier. */ mbedtls_ecp_group_id grp_id; /*!< An internal identifier. */
uint16_t tls_id; /*!< The TLS NamedCurve identifier. */ uint16_t tls_id; /*!< The TLS NamedCurve identifier. */
uint16_t bit_size; /*!< The curve size in bits. */ uint16_t bit_size; /*!< The curve size in bits. */
@ -169,8 +166,7 @@ typedef struct mbedtls_ecp_curve_info
* Otherwise, \p X and \p Y are its standard (affine) * Otherwise, \p X and \p Y are its standard (affine)
* coordinates. * coordinates.
*/ */
typedef struct mbedtls_ecp_point typedef struct mbedtls_ecp_point {
{
mbedtls_mpi MBEDTLS_PRIVATE(X); /*!< The X coordinate of the ECP point. */ mbedtls_mpi MBEDTLS_PRIVATE(X); /*!< The X coordinate of the ECP point. */
mbedtls_mpi MBEDTLS_PRIVATE(Y); /*!< The Y coordinate of the ECP point. */ mbedtls_mpi MBEDTLS_PRIVATE(Y); /*!< The Y coordinate of the ECP point. */
mbedtls_mpi MBEDTLS_PRIVATE(Z); /*!< The Z coordinate of the ECP point. */ mbedtls_mpi MBEDTLS_PRIVATE(Z); /*!< The Z coordinate of the ECP point. */
@ -224,8 +220,7 @@ mbedtls_ecp_point;
* of these fields does not need to be supported. * of these fields does not need to be supported.
* They do not need to be at the same offset in the structure. * They do not need to be at the same offset in the structure.
*/ */
typedef struct mbedtls_ecp_group typedef struct mbedtls_ecp_group {
{
mbedtls_ecp_group_id id; /*!< An internal group identifier. */ mbedtls_ecp_group_id id; /*!< An internal group identifier. */
mbedtls_mpi P; /*!< The prime modulus of the base field. */ mbedtls_mpi P; /*!< The prime modulus of the base field. */
mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For
@ -241,10 +236,10 @@ typedef struct mbedtls_ecp_group
/* End of public fields */ /* End of public fields */
unsigned int MBEDTLS_PRIVATE(h); /*!< \internal 1 if the constants are static. */ unsigned int MBEDTLS_PRIVATE(h); /*!< \internal 1 if the constants are static. */
int (*MBEDTLS_PRIVATE(modp))(mbedtls_mpi *); /*!< The function for fast pseudo-reduction int(*MBEDTLS_PRIVATE(modp))(mbedtls_mpi *); /*!< The function for fast pseudo-reduction
mod \p P (see above).*/ mod \p P (see above).*/
int (*MBEDTLS_PRIVATE(t_pre))(mbedtls_ecp_point *, void *); /*!< Unused. */ int(*MBEDTLS_PRIVATE(t_pre))(mbedtls_ecp_point *, void *); /*!< Unused. */
int (*MBEDTLS_PRIVATE(t_post))(mbedtls_ecp_point *, void *); /*!< Unused. */ int(*MBEDTLS_PRIVATE(t_post))(mbedtls_ecp_point *, void *); /*!< Unused. */
void *MBEDTLS_PRIVATE(t_data); /*!< Unused. */ void *MBEDTLS_PRIVATE(t_data); /*!< Unused. */
mbedtls_ecp_point *MBEDTLS_PRIVATE(T); /*!< Pre-computed points for ecp_mul_comb(). */ mbedtls_ecp_point *MBEDTLS_PRIVATE(T); /*!< Pre-computed points for ecp_mul_comb(). */
size_t MBEDTLS_PRIVATE(T_size); /*!< The number of dynamic allocated pre-computed points. */ size_t MBEDTLS_PRIVATE(T_size); /*!< The number of dynamic allocated pre-computed points. */
@ -343,8 +338,8 @@ mbedtls_ecp_group;
#error "Missing definition of MBEDTLS_ECP_MAX_BITS" #error "Missing definition of MBEDTLS_ECP_MAX_BITS"
#endif #endif
#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 ) #define MBEDTLS_ECP_MAX_BYTES ((MBEDTLS_ECP_MAX_BITS + 7) / 8)
#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 ) #define MBEDTLS_ECP_MAX_PT_LEN (2 * MBEDTLS_ECP_MAX_BYTES + 1)
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
@ -365,8 +360,7 @@ typedef struct mbedtls_ecp_restart_muladd mbedtls_ecp_restart_muladd_ctx;
/** /**
* \brief General context for resuming ECC operations * \brief General context for resuming ECC operations
*/ */
typedef struct typedef struct {
{
unsigned MBEDTLS_PRIVATE(ops_done); /*!< current ops count */ unsigned MBEDTLS_PRIVATE(ops_done); /*!< current ops count */
unsigned MBEDTLS_PRIVATE(depth); /*!< call depth (0 = top-level) */ unsigned MBEDTLS_PRIVATE(depth); /*!< call depth (0 = top-level) */
mbedtls_ecp_restart_mul_ctx *MBEDTLS_PRIVATE(rsm); /*!< ecp_mul_comb() sub-context */ mbedtls_ecp_restart_mul_ctx *MBEDTLS_PRIVATE(rsm); /*!< ecp_mul_comb() sub-context */
@ -392,18 +386,18 @@ typedef struct
* \return \c 0 if doing \p ops basic ops is still allowed, * \return \c 0 if doing \p ops basic ops is still allowed,
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS otherwise. * \return #MBEDTLS_ERR_ECP_IN_PROGRESS otherwise.
*/ */
int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp, int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp,
mbedtls_ecp_restart_ctx *rs_ctx, mbedtls_ecp_restart_ctx *rs_ctx,
unsigned ops ); unsigned ops);
/* Utility macro for checking and updating ops budget */ /* Utility macro for checking and updating ops budget */
#define MBEDTLS_ECP_BUDGET( ops ) \ #define MBEDTLS_ECP_BUDGET(ops) \
MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, rs_ctx, \ MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, rs_ctx, \
(unsigned) (ops) ) ); (unsigned) (ops)));
#else /* MBEDTLS_ECP_RESTARTABLE */ #else /* MBEDTLS_ECP_RESTARTABLE */
#define MBEDTLS_ECP_BUDGET( ops ) /* no-op; for compatibility */ #define MBEDTLS_ECP_BUDGET(ops) /* no-op; for compatibility */
/* We want to declare restartable versions of existing functions anyway */ /* We want to declare restartable versions of existing functions anyway */
typedef void mbedtls_ecp_restart_ctx; typedef void mbedtls_ecp_restart_ctx;
@ -418,8 +412,7 @@ typedef void mbedtls_ecp_restart_ctx;
* \note Members are deliberately in the same order as in the * \note Members are deliberately in the same order as in the
* ::mbedtls_ecdsa_context structure. * ::mbedtls_ecdsa_context structure.
*/ */
typedef struct mbedtls_ecp_keypair typedef struct mbedtls_ecp_keypair {
{
mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< Elliptic curve and base point */ mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< Elliptic curve and base point */
mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< our secret value */ mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< our secret value */
mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< our public value */ mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< our public value */
@ -495,7 +488,7 @@ mbedtls_ecp_keypair;
* *
* \note This setting is currently ignored by Curve25519. * \note This setting is currently ignored by Curve25519.
*/ */
void mbedtls_ecp_set_max_ops( unsigned max_ops ); void mbedtls_ecp_set_max_ops(unsigned max_ops);
/** /**
* \brief Check if restart is enabled (max_ops != 0) * \brief Check if restart is enabled (max_ops != 0)
@ -503,13 +496,13 @@ void mbedtls_ecp_set_max_ops( unsigned max_ops );
* \return \c 0 if \c max_ops == 0 (restart disabled) * \return \c 0 if \c max_ops == 0 (restart disabled)
* \return \c 1 otherwise (restart enabled) * \return \c 1 otherwise (restart enabled)
*/ */
int mbedtls_ecp_restart_is_enabled( void ); int mbedtls_ecp_restart_is_enabled(void);
#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECP_RESTARTABLE */
/* /*
* Get the type of a curve * Get the type of a curve
*/ */
mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp ); mbedtls_ecp_curve_type mbedtls_ecp_get_type(const mbedtls_ecp_group *grp);
/** /**
* \brief This function retrieves the information defined in * \brief This function retrieves the information defined in
@ -523,7 +516,7 @@ mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp );
* *
* \return A statically allocated array. The last entry is 0. * \return A statically allocated array. The last entry is 0.
*/ */
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void ); const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list(void);
/** /**
* \brief This function retrieves the list of internal group * \brief This function retrieves the list of internal group
@ -539,7 +532,7 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
* \return A statically allocated array, * \return A statically allocated array,
* terminated with MBEDTLS_ECP_DP_NONE. * terminated with MBEDTLS_ECP_DP_NONE.
*/ */
const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void ); const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list(void);
/** /**
* \brief This function retrieves curve information from an internal * \brief This function retrieves curve information from an internal
@ -550,7 +543,7 @@ const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void );
* \return The associated curve information on success. * \return The associated curve information on success.
* \return NULL on failure. * \return NULL on failure.
*/ */
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id ); const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id);
/** /**
* \brief This function retrieves curve information from a TLS * \brief This function retrieves curve information from a TLS
@ -561,7 +554,7 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_gr
* \return The associated curve information on success. * \return The associated curve information on success.
* \return NULL on failure. * \return NULL on failure.
*/ */
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id ); const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id);
/** /**
* \brief This function retrieves curve information from a * \brief This function retrieves curve information from a
@ -572,14 +565,14 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_i
* \return The associated curve information on success. * \return The associated curve information on success.
* \return NULL on failure. * \return NULL on failure.
*/ */
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name ); const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name(const char *name);
/** /**
* \brief This function initializes a point as zero. * \brief This function initializes a point as zero.
* *
* \param pt The point to initialize. * \param pt The point to initialize.
*/ */
void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ); void mbedtls_ecp_point_init(mbedtls_ecp_point *pt);
/** /**
* \brief This function initializes an ECP group context * \brief This function initializes an ECP group context
@ -590,21 +583,21 @@ void mbedtls_ecp_point_init( mbedtls_ecp_point *pt );
* mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group() * mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group()
* functions. * functions.
*/ */
void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ); void mbedtls_ecp_group_init(mbedtls_ecp_group *grp);
/** /**
* \brief This function initializes a key pair as an invalid one. * \brief This function initializes a key pair as an invalid one.
* *
* \param key The key pair to initialize. * \param key The key pair to initialize.
*/ */
void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key ); void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key);
/** /**
* \brief This function frees the components of a point. * \brief This function frees the components of a point.
* *
* \param pt The point to free. * \param pt The point to free.
*/ */
void mbedtls_ecp_point_free( mbedtls_ecp_point *pt ); void mbedtls_ecp_point_free(mbedtls_ecp_point *pt);
/** /**
* \brief This function frees the components of an ECP group. * \brief This function frees the components of an ECP group.
@ -613,7 +606,7 @@ void mbedtls_ecp_point_free( mbedtls_ecp_point *pt );
* case this function returns immediately. If it is not * case this function returns immediately. If it is not
* \c NULL, it must point to an initialized ECP group. * \c NULL, it must point to an initialized ECP group.
*/ */
void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ); void mbedtls_ecp_group_free(mbedtls_ecp_group *grp);
/** /**
* \brief This function frees the components of a key pair. * \brief This function frees the components of a key pair.
@ -622,7 +615,7 @@ void mbedtls_ecp_group_free( mbedtls_ecp_group *grp );
* case this function returns immediately. If it is not * case this function returns immediately. If it is not
* \c NULL, it must point to an initialized ECP key pair. * \c NULL, it must point to an initialized ECP key pair.
*/ */
void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ); void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key);
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
@ -631,7 +624,7 @@ void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key );
* \param ctx The restart context to initialize. This must * \param ctx The restart context to initialize. This must
* not be \c NULL. * not be \c NULL.
*/ */
void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx ); void mbedtls_ecp_restart_init(mbedtls_ecp_restart_ctx *ctx);
/** /**
* \brief Free the components of a restart context. * \brief Free the components of a restart context.
@ -640,7 +633,7 @@ void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx );
* case this function returns immediately. If it is not * case this function returns immediately. If it is not
* \c NULL, it must point to an initialized restart context. * \c NULL, it must point to an initialized restart context.
*/ */
void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx ); void mbedtls_ecp_restart_free(mbedtls_ecp_restart_ctx *ctx);
#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECP_RESTARTABLE */
/** /**
@ -654,7 +647,7 @@ void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code for other kinds of failure. * \return Another negative error code for other kinds of failure.
*/ */
int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ); int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q);
/** /**
* \brief This function copies the contents of group \p src into * \brief This function copies the contents of group \p src into
@ -667,8 +660,8 @@ int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst,
const mbedtls_ecp_group *src ); const mbedtls_ecp_group *src);
/** /**
* \brief This function sets a point to the point at infinity. * \brief This function sets a point to the point at infinity.
@ -679,7 +672,7 @@ int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ); int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt);
/** /**
* \brief This function checks if a point is the point at infinity. * \brief This function checks if a point is the point at infinity.
@ -690,7 +683,7 @@ int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt );
* \return \c 0 if the point is non-zero. * \return \c 0 if the point is non-zero.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ); int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt);
/** /**
* \brief This function compares two points. * \brief This function compares two points.
@ -704,8 +697,8 @@ int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt );
* \return \c 0 if the points are equal. * \return \c 0 if the points are equal.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the points are not equal. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the points are not equal.
*/ */
int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P, int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P,
const mbedtls_ecp_point *Q ); const mbedtls_ecp_point *Q);
/** /**
* \brief This function imports a non-zero point from two ASCII * \brief This function imports a non-zero point from two ASCII
@ -719,8 +712,8 @@ int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_MPI_XXX error code on failure. * \return An \c MBEDTLS_ERR_MPI_XXX error code on failure.
*/ */
int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix,
const char *x, const char *y ); const char *x, const char *y);
/** /**
* \brief This function exports a point into unsigned binary data. * \brief This function exports a point into unsigned binary data.
@ -747,10 +740,10 @@ int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix,
* or the export for the given group is not implemented. * or the export for the given group is not implemented.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp,
const mbedtls_ecp_point *P, const mbedtls_ecp_point *P,
int format, size_t *olen, int format, size_t *olen,
unsigned char *buf, size_t buflen ); unsigned char *buf, size_t buflen);
/** /**
* \brief This function imports a point from unsigned binary data. * \brief This function imports a point from unsigned binary data.
@ -774,9 +767,9 @@ int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp,
* \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the import for the * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the import for the
* given group is not implemented. * given group is not implemented.
*/ */
int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp,
mbedtls_ecp_point *P, mbedtls_ecp_point *P,
const unsigned char *buf, size_t ilen ); const unsigned char *buf, size_t ilen);
/** /**
* \brief This function imports a point from a TLS ECPoint record. * \brief This function imports a point from a TLS ECPoint record.
@ -796,9 +789,9 @@ int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp,
* failure. * failure.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid.
*/ */
int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp,
mbedtls_ecp_point *pt, mbedtls_ecp_point *pt,
const unsigned char **buf, size_t len ); const unsigned char **buf, size_t len);
/** /**
* \brief This function exports a point as a TLS ECPoint record * \brief This function exports a point as a TLS ECPoint record
@ -822,10 +815,10 @@ int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp,
* is too small to hold the exported point. * is too small to hold the exported point.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp,
const mbedtls_ecp_point *pt, const mbedtls_ecp_point *pt,
int format, size_t *olen, int format, size_t *olen,
unsigned char *buf, size_t blen ); unsigned char *buf, size_t blen);
/** /**
* \brief This function sets up an ECP group context * \brief This function sets up an ECP group context
@ -844,7 +837,7 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp,
* correspond to a known group. * correspond to a known group.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ); int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id);
/** /**
* \brief This function sets up an ECP group context from a TLS * \brief This function sets up an ECP group context from a TLS
@ -863,8 +856,8 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id );
* recognized. * recognized.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp,
const unsigned char **buf, size_t len ); const unsigned char **buf, size_t len);
/** /**
* \brief This function extracts an elliptic curve group ID from a * \brief This function extracts an elliptic curve group ID from a
@ -884,9 +877,9 @@ int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp,
* recognized. * recognized.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp, int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp,
const unsigned char **buf, const unsigned char **buf,
size_t len ); size_t len);
/** /**
* \brief This function exports an elliptic curve as a TLS * \brief This function exports an elliptic curve as a TLS
* ECParameters record as defined in RFC 4492, Section 5.4. * ECParameters record as defined in RFC 4492, Section 5.4.
@ -905,9 +898,9 @@ int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp,
* buffer is too small to hold the exported group. * buffer is too small to hold the exported group.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp,
size_t *olen, size_t *olen,
unsigned char *buf, size_t blen ); unsigned char *buf, size_t blen);
/** /**
* \brief This function performs a scalar multiplication of a point * \brief This function performs a scalar multiplication of a point
@ -938,9 +931,9 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *m, const mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** /**
* \brief This function performs multiplication of a point by * \brief This function performs multiplication of a point by
@ -972,10 +965,10 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *m, const mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_ecp_restart_ctx *rs_ctx ); mbedtls_ecp_restart_ctx *rs_ctx);
#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
/** /**
@ -1013,9 +1006,9 @@ int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
* designate a short Weierstrass curve. * designate a short Weierstrass curve.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *m, const mbedtls_ecp_point *P,
const mbedtls_mpi *n, const mbedtls_ecp_point *Q ); const mbedtls_mpi *n, const mbedtls_ecp_point *Q);
/** /**
* \brief This function performs multiplication and addition of two * \brief This function performs multiplication and addition of two
@ -1061,7 +1054,7 @@ int mbedtls_ecp_muladd_restartable(
mbedtls_ecp_group *grp, mbedtls_ecp_point *R, mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *m, const mbedtls_ecp_point *P,
const mbedtls_mpi *n, const mbedtls_ecp_point *Q, const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
mbedtls_ecp_restart_ctx *rs_ctx ); mbedtls_ecp_restart_ctx *rs_ctx);
#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
/** /**
@ -1091,8 +1084,8 @@ int mbedtls_ecp_muladd_restartable(
* a valid public key for the given curve. * a valid public key for the given curve.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp,
const mbedtls_ecp_point *pt ); const mbedtls_ecp_point *pt);
/** /**
* \brief This function checks that an \p mbedtls_mpi is a * \brief This function checks that an \p mbedtls_mpi is a
@ -1113,8 +1106,8 @@ int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp,
* private key for the given curve. * private key for the given curve.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp,
const mbedtls_mpi *d ); const mbedtls_mpi *d);
/** /**
* \brief This function generates a private key. * \brief This function generates a private key.
@ -1131,10 +1124,10 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure. * on failure.
*/ */
int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp,
mbedtls_mpi *d, mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function generates a keypair with a configurable base * \brief This function generates a keypair with a configurable base
@ -1163,11 +1156,11 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure. * on failure.
*/ */
int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp,
const mbedtls_ecp_point *G, const mbedtls_ecp_point *G,
mbedtls_mpi *d, mbedtls_ecp_point *Q, mbedtls_mpi *d, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function generates an ECP keypair. * \brief This function generates an ECP keypair.
@ -1192,10 +1185,10 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure. * on failure.
*/ */
int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d, int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, mbedtls_mpi *d,
mbedtls_ecp_point *Q, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function generates an ECP key. * \brief This function generates an ECP key.
@ -1210,9 +1203,9 @@ int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure. * on failure.
*/ */
int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function reads an elliptic curve private key. * \brief This function reads an elliptic curve private key.
@ -1232,8 +1225,8 @@ int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
* the group is not implemented. * the group is not implemented.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
const unsigned char *buf, size_t buflen ); const unsigned char *buf, size_t buflen);
/** /**
* \brief This function exports an elliptic curve private key. * \brief This function exports an elliptic curve private key.
@ -1251,8 +1244,8 @@ int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
* the group is not implemented. * the group is not implemented.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key, int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key,
unsigned char *buf, size_t buflen ); unsigned char *buf, size_t buflen);
/** /**
* \brief This function checks that the keypair objects * \brief This function checks that the keypair objects
@ -1276,7 +1269,7 @@ int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key,
*/ */
int mbedtls_ecp_check_pub_priv( int mbedtls_ecp_check_pub_priv(
const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv, const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** /**
* \brief This function exports generic key-pair parameters. * \brief This function exports generic key-pair parameters.
@ -1306,7 +1299,7 @@ int mbedtls_ecp_export(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp,
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_ecp_self_test( int verbose ); int mbedtls_ecp_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

38
include/mbedtls/entropy.h
View File

@ -104,10 +104,9 @@ typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, s
/** /**
* \brief Entropy source state * \brief Entropy source state
*/ */
typedef struct mbedtls_entropy_source_state typedef struct mbedtls_entropy_source_state {
{
mbedtls_entropy_f_source_ptr MBEDTLS_PRIVATE(f_source); /**< The entropy source callback */ mbedtls_entropy_f_source_ptr MBEDTLS_PRIVATE(f_source); /**< The entropy source callback */
void * MBEDTLS_PRIVATE(p_source); /**< The callback data pointer */ void *MBEDTLS_PRIVATE(p_source); /**< The callback data pointer */
size_t MBEDTLS_PRIVATE(size); /**< Amount received in bytes */ size_t MBEDTLS_PRIVATE(size); /**< Amount received in bytes */
size_t MBEDTLS_PRIVATE(threshold); /**< Minimum bytes required before release */ size_t MBEDTLS_PRIVATE(threshold); /**< Minimum bytes required before release */
int MBEDTLS_PRIVATE(strong); /**< Is the source strong? */ int MBEDTLS_PRIVATE(strong); /**< Is the source strong? */
@ -117,8 +116,7 @@ mbedtls_entropy_source_state;
/** /**
* \brief Entropy context structure * \brief Entropy context structure
*/ */
typedef struct mbedtls_entropy_context typedef struct mbedtls_entropy_context {
{
int MBEDTLS_PRIVATE(accumulator_started); /* 0 after init. int MBEDTLS_PRIVATE(accumulator_started); /* 0 after init.
* 1 after the first update. * 1 after the first update.
* -1 after free. */ * -1 after free. */
@ -142,8 +140,8 @@ mbedtls_entropy_context;
/** /**
* \brief Platform-specific entropy poll callback * \brief Platform-specific entropy poll callback
*/ */
int mbedtls_platform_entropy_poll( void *data, int mbedtls_platform_entropy_poll(void *data,
unsigned char *output, size_t len, size_t *olen ); unsigned char *output, size_t len, size_t *olen);
#endif #endif
/** /**
@ -151,14 +149,14 @@ int mbedtls_platform_entropy_poll( void *data,
* *
* \param ctx Entropy context to initialize * \param ctx Entropy context to initialize
*/ */
void mbedtls_entropy_init( mbedtls_entropy_context *ctx ); void mbedtls_entropy_init(mbedtls_entropy_context *ctx);
/** /**
* \brief Free the data in the context * \brief Free the data in the context
* *
* \param ctx Entropy context to free * \param ctx Entropy context to free
*/ */
void mbedtls_entropy_free( mbedtls_entropy_context *ctx ); void mbedtls_entropy_free(mbedtls_entropy_context *ctx);
/** /**
* \brief Adds an entropy source to poll * \brief Adds an entropy source to poll
@ -177,9 +175,9 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
* *
* \return 0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES * \return 0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES
*/ */
int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, int mbedtls_entropy_add_source(mbedtls_entropy_context *ctx,
mbedtls_entropy_f_source_ptr f_source, void *p_source, mbedtls_entropy_f_source_ptr f_source, void *p_source,
size_t threshold, int strong ); size_t threshold, int strong);
/** /**
* \brief Trigger an extra gather poll for the accumulator * \brief Trigger an extra gather poll for the accumulator
@ -189,7 +187,7 @@ int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
* *
* \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/ */
int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ); int mbedtls_entropy_gather(mbedtls_entropy_context *ctx);
/** /**
* \brief Retrieve entropy from the accumulator * \brief Retrieve entropy from the accumulator
@ -202,7 +200,7 @@ int mbedtls_entropy_gather( mbedtls_entropy_context *ctx );
* *
* \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/ */
int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ); int mbedtls_entropy_func(void *data, unsigned char *output, size_t len);
/** /**
* \brief Add data to the accumulator manually * \brief Add data to the accumulator manually
@ -214,8 +212,8 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len );
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, int mbedtls_entropy_update_manual(mbedtls_entropy_context *ctx,
const unsigned char *data, size_t len ); const unsigned char *data, size_t len);
#if defined(MBEDTLS_ENTROPY_NV_SEED) #if defined(MBEDTLS_ENTROPY_NV_SEED)
/** /**
@ -226,7 +224,7 @@ int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx ); int mbedtls_entropy_update_nv_seed(mbedtls_entropy_context *ctx);
#endif /* MBEDTLS_ENTROPY_NV_SEED */ #endif /* MBEDTLS_ENTROPY_NV_SEED */
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
@ -240,7 +238,7 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx );
* MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or
* MBEDTLS_ERR_ENTROPY_SOURCE_FAILED * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/ */
int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path ); int mbedtls_entropy_write_seed_file(mbedtls_entropy_context *ctx, const char *path);
/** /**
* \brief Read and update a seed file. Seed is added to this * \brief Read and update a seed file. Seed is added to this
@ -254,7 +252,7 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p
* MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error,
* MBEDTLS_ERR_ENTROPY_SOURCE_FAILED * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/ */
int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path ); int mbedtls_entropy_update_seed_file(mbedtls_entropy_context *ctx, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -266,7 +264,7 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *
* *
* \return 0 if successful, or 1 if a test failed * \return 0 if successful, or 1 if a test failed
*/ */
int mbedtls_entropy_self_test( int verbose ); int mbedtls_entropy_self_test(int verbose);
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
/** /**
@ -282,7 +280,7 @@ int mbedtls_entropy_self_test( int verbose );
* *
* \return 0 if successful, or 1 if a test failed * \return 0 if successful, or 1 if a test failed
*/ */
int mbedtls_entropy_source_self_test( int verbose ); int mbedtls_entropy_source_self_test(int verbose);
#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ #endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

27
include/mbedtls/error.h
View File

@ -121,15 +121,15 @@ extern "C" {
* Wrapper macro for mbedtls_error_add(). See that function for * Wrapper macro for mbedtls_error_add(). See that function for
* more details. * more details.
*/ */
#define MBEDTLS_ERROR_ADD( high, low ) \ #define MBEDTLS_ERROR_ADD(high, low) \
mbedtls_error_add( high, low, __FILE__, __LINE__ ) mbedtls_error_add(high, low, __FILE__, __LINE__)
#if defined(MBEDTLS_TEST_HOOKS) #if defined(MBEDTLS_TEST_HOOKS)
/** /**
* \brief Testing hook called before adding/combining two error codes together. * \brief Testing hook called before adding/combining two error codes together.
* Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS.
*/ */
extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); extern void (*mbedtls_test_hook_error_add)(int, int, const char *, int);
#endif #endif
/** /**
@ -150,17 +150,18 @@ extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int );
* \param file file where this error code addition occurred. * \param file file where this error code addition occurred.
* \param line line where this error code addition occurred. * \param line line where this error code addition occurred.
*/ */
static inline int mbedtls_error_add( int high, int low, static inline int mbedtls_error_add(int high, int low,
const char *file, int line ) const char *file, int line)
{ {
#if defined(MBEDTLS_TEST_HOOKS) #if defined(MBEDTLS_TEST_HOOKS)
if( *mbedtls_test_hook_error_add != NULL ) if (*mbedtls_test_hook_error_add != NULL) {
( *mbedtls_test_hook_error_add )( high, low, file, line ); (*mbedtls_test_hook_error_add)(high, low, file, line);
}
#endif #endif
(void)file; (void) file;
(void)line; (void) line;
return( high + low ); return high + low;
} }
/** /**
@ -172,7 +173,7 @@ static inline int mbedtls_error_add( int high, int low,
* \param buffer buffer to place representation in * \param buffer buffer to place representation in
* \param buflen length of the buffer * \param buflen length of the buffer
*/ */
void mbedtls_strerror( int errnum, char *buffer, size_t buflen ); void mbedtls_strerror(int errnum, char *buffer, size_t buflen);
/** /**
* \brief Translate the high-level part of an Mbed TLS error code into a string * \brief Translate the high-level part of an Mbed TLS error code into a string
@ -187,7 +188,7 @@ void mbedtls_strerror( int errnum, char *buffer, size_t buflen );
* \return The string representation of the error code, or \c NULL if the error * \return The string representation of the error code, or \c NULL if the error
* code is unknown. * code is unknown.
*/ */
const char * mbedtls_high_level_strerr( int error_code ); const char *mbedtls_high_level_strerr(int error_code);
/** /**
* \brief Translate the low-level part of an Mbed TLS error code into a string * \brief Translate the low-level part of an Mbed TLS error code into a string
@ -202,7 +203,7 @@ const char * mbedtls_high_level_strerr( int error_code );
* \return The string representation of the error code, or \c NULL if the error * \return The string representation of the error code, or \c NULL if the error
* code is unknown. * code is unknown.
*/ */
const char * mbedtls_low_level_strerr( int error_code ); const char *mbedtls_low_level_strerr(int error_code);
#ifdef __cplusplus #ifdef __cplusplus
} }

37
include/mbedtls/gcm.h
View File

@ -57,8 +57,7 @@ extern "C" {
/** /**
* \brief The GCM context structure. * \brief The GCM context structure.
*/ */
typedef struct mbedtls_gcm_context typedef struct mbedtls_gcm_context {
{
mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */
uint64_t MBEDTLS_PRIVATE(HL)[16]; /*!< Precalculated HTable low. */ uint64_t MBEDTLS_PRIVATE(HL)[16]; /*!< Precalculated HTable low. */
uint64_t MBEDTLS_PRIVATE(HH)[16]; /*!< Precalculated HTable high. */ uint64_t MBEDTLS_PRIVATE(HH)[16]; /*!< Precalculated HTable high. */
@ -88,7 +87,7 @@ mbedtls_gcm_context;
* *
* \param ctx The GCM context to initialize. This must not be \c NULL. * \param ctx The GCM context to initialize. This must not be \c NULL.
*/ */
void mbedtls_gcm_init( mbedtls_gcm_context *ctx ); void mbedtls_gcm_init(mbedtls_gcm_context *ctx);
/** /**
* \brief This function associates a GCM context with a * \brief This function associates a GCM context with a
@ -106,10 +105,10 @@ void mbedtls_gcm_init( mbedtls_gcm_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx,
mbedtls_cipher_id_t cipher, mbedtls_cipher_id_t cipher,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief This function performs GCM encryption or decryption of a buffer. * \brief This function performs GCM encryption or decryption of a buffer.
@ -162,7 +161,7 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
* not valid or a cipher-specific error code if the encryption * not valid or a cipher-specific error code if the encryption
* or decryption failed. * or decryption failed.
*/ */
int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx,
int mode, int mode,
size_t length, size_t length,
const unsigned char *iv, const unsigned char *iv,
@ -172,7 +171,7 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
size_t tag_len, size_t tag_len,
unsigned char *tag ); unsigned char *tag);
/** /**
* \brief This function performs a GCM authenticated decryption of a * \brief This function performs a GCM authenticated decryption of a
@ -207,7 +206,7 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
* not valid or a cipher-specific error code if the decryption * not valid or a cipher-specific error code if the decryption
* failed. * failed.
*/ */
int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx,
size_t length, size_t length,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len, size_t iv_len,
@ -216,7 +215,7 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
const unsigned char *tag, const unsigned char *tag,
size_t tag_len, size_t tag_len,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function starts a GCM encryption or decryption * \brief This function starts a GCM encryption or decryption
@ -231,10 +230,10 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, int mbedtls_gcm_starts(mbedtls_gcm_context *ctx,
int mode, int mode,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len ); size_t iv_len);
/** /**
* \brief This function feeds an input buffer as associated data * \brief This function feeds an input buffer as associated data
@ -256,9 +255,9 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, int mbedtls_gcm_update_ad(mbedtls_gcm_context *ctx,
const unsigned char *add, const unsigned char *add,
size_t add_len ); size_t add_len);
/** /**
* \brief This function feeds an input buffer into an ongoing GCM * \brief This function feeds an input buffer into an ongoing GCM
@ -311,10 +310,10 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
* unsupported input/output buffer overlap detected, * unsupported input/output buffer overlap detected,
* or \p output_size too small. * or \p output_size too small.
*/ */
int mbedtls_gcm_update( mbedtls_gcm_context *ctx, int mbedtls_gcm_update(mbedtls_gcm_context *ctx,
const unsigned char *input, size_t input_length, const unsigned char *input, size_t input_length,
unsigned char *output, size_t output_size, unsigned char *output, size_t output_size,
size_t *output_length ); size_t *output_length);
/** /**
* \brief This function finishes the GCM operation and generates * \brief This function finishes the GCM operation and generates
@ -349,10 +348,10 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
* invalid value of \p tag_len, * invalid value of \p tag_len,
* or \p output_size too small. * or \p output_size too small.
*/ */
int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, int mbedtls_gcm_finish(mbedtls_gcm_context *ctx,
unsigned char *output, size_t output_size, unsigned char *output, size_t output_size,
size_t *output_length, size_t *output_length,
unsigned char *tag, size_t tag_len ); unsigned char *tag, size_t tag_len);
/** /**
* \brief This function clears a GCM context and the underlying * \brief This function clears a GCM context and the underlying
@ -361,7 +360,7 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
* \param ctx The GCM context to clear. If this is \c NULL, the call has * \param ctx The GCM context to clear. If this is \c NULL, the call has
* no effect. Otherwise, this must be initialized. * no effect. Otherwise, this must be initialized.
*/ */
void mbedtls_gcm_free( mbedtls_gcm_context *ctx ); void mbedtls_gcm_free(mbedtls_gcm_context *ctx);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -371,7 +370,7 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_gcm_self_test( int verbose ); int mbedtls_gcm_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

12
include/mbedtls/hkdf.h
View File

@ -65,10 +65,10 @@ extern "C" {
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer. * MD layer.
*/ */
int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, int mbedtls_hkdf(const mbedtls_md_info_t *md, const unsigned char *salt,
size_t salt_len, const unsigned char *ikm, size_t ikm_len, size_t salt_len, const unsigned char *ikm, size_t ikm_len,
const unsigned char *info, size_t info_len, const unsigned char *info, size_t info_len,
unsigned char *okm, size_t okm_len ); unsigned char *okm, size_t okm_len);
/** /**
* \brief Take the input keying material \p ikm and extract from it a * \brief Take the input keying material \p ikm and extract from it a
@ -94,10 +94,10 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer. * MD layer.
*/ */
int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, int mbedtls_hkdf_extract(const mbedtls_md_info_t *md,
const unsigned char *salt, size_t salt_len, const unsigned char *salt, size_t salt_len,
const unsigned char *ikm, size_t ikm_len, const unsigned char *ikm, size_t ikm_len,
unsigned char *prk ); unsigned char *prk);
/** /**
* \brief Expand the supplied \p prk into several additional pseudorandom * \brief Expand the supplied \p prk into several additional pseudorandom
@ -125,9 +125,9 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer. * MD layer.
*/ */
int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, int mbedtls_hkdf_expand(const mbedtls_md_info_t *md, const unsigned char *prk,
size_t prk_len, const unsigned char *info, size_t prk_len, const unsigned char *info,
size_t info_len, unsigned char *okm, size_t okm_len ); size_t info_len, unsigned char *okm, size_t okm_len);
#ifdef __cplusplus #ifdef __cplusplus
} }

53
include/mbedtls/hmac_drbg.h
View File

@ -83,8 +83,7 @@ extern "C" {
/** /**
* HMAC_DRBG context. * HMAC_DRBG context.
*/ */
typedef struct mbedtls_hmac_drbg_context typedef struct mbedtls_hmac_drbg_context {
{
/* Working state: the key K is not stored explicitly, /* Working state: the key K is not stored explicitly,
* but is implied by the HMAC context */ * but is implied by the HMAC context */
mbedtls_md_context_t MBEDTLS_PRIVATE(md_ctx); /*!< HMAC context (inc. K) */ mbedtls_md_context_t MBEDTLS_PRIVATE(md_ctx); /*!< HMAC context (inc. K) */
@ -98,7 +97,7 @@ typedef struct mbedtls_hmac_drbg_context
int MBEDTLS_PRIVATE(reseed_interval); /*!< reseed interval */ int MBEDTLS_PRIVATE(reseed_interval); /*!< reseed interval */
/* Callbacks */ /* Callbacks */
int (*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t); /*!< entropy function */ int(*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t); /*!< entropy function */
void *MBEDTLS_PRIVATE(p_entropy); /*!< context for the entropy function */ void *MBEDTLS_PRIVATE(p_entropy); /*!< context for the entropy function */
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
@ -126,7 +125,7 @@ typedef struct mbedtls_hmac_drbg_context
* *
* \param ctx HMAC_DRBG context to be initialized. * \param ctx HMAC_DRBG context to be initialized.
*/ */
void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx);
/** /**
* \brief HMAC_DRBG initial seeding. * \brief HMAC_DRBG initial seeding.
@ -196,12 +195,12 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx );
* \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
* if the call to \p f_entropy failed. * if the call to \p f_entropy failed.
*/ */
int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info, const mbedtls_md_info_t *md_info,
int (*f_entropy)(void *, unsigned char *, size_t), int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy, void *p_entropy,
const unsigned char *custom, const unsigned char *custom,
size_t len ); size_t len);
/** /**
* \brief Initialisation of simplified HMAC_DRBG (never reseeds). * \brief Initialisation of simplified HMAC_DRBG (never reseeds).
@ -231,9 +230,9 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough * \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough
* memory to allocate context data. * memory to allocate context data.
*/ */
int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info, const mbedtls_md_info_t *md_info,
const unsigned char *data, size_t data_len ); const unsigned char *data, size_t data_len);
/** /**
* \brief This function turns prediction resistance on or off. * \brief This function turns prediction resistance on or off.
@ -248,8 +247,8 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
* \param ctx The HMAC_DRBG context. * \param ctx The HMAC_DRBG context.
* \param resistance #MBEDTLS_HMAC_DRBG_PR_ON or #MBEDTLS_HMAC_DRBG_PR_OFF. * \param resistance #MBEDTLS_HMAC_DRBG_PR_ON or #MBEDTLS_HMAC_DRBG_PR_OFF.
*/ */
void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx, void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx,
int resistance ); int resistance);
/** /**
* \brief This function sets the amount of entropy grabbed on each * \brief This function sets the amount of entropy grabbed on each
@ -260,8 +259,8 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx
* \param ctx The HMAC_DRBG context. * \param ctx The HMAC_DRBG context.
* \param len The amount of entropy to grab, in bytes. * \param len The amount of entropy to grab, in bytes.
*/ */
void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx,
size_t len ); size_t len);
/** /**
* \brief Set the reseed interval. * \brief Set the reseed interval.
@ -275,8 +274,8 @@ void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx,
* \param ctx The HMAC_DRBG context. * \param ctx The HMAC_DRBG context.
* \param interval The reseed interval. * \param interval The reseed interval.
*/ */
void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx,
int interval ); int interval);
/** /**
* \brief This function updates the state of the HMAC_DRBG context. * \brief This function updates the state of the HMAC_DRBG context.
@ -295,8 +294,8 @@ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx,
* \return \c 0 on success, or an error from the underlying * \return \c 0 on success, or an error from the underlying
* hash calculation. * hash calculation.
*/ */
int mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, int mbedtls_hmac_drbg_update(mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len ); const unsigned char *additional, size_t add_len);
/** /**
* \brief This function reseeds the HMAC_DRBG context, that is * \brief This function reseeds the HMAC_DRBG context, that is
@ -322,8 +321,8 @@ int mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
* \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
* if a call to the entropy function failed. * if a call to the entropy function failed.
*/ */
int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t len ); const unsigned char *additional, size_t len);
/** /**
* \brief This function updates an HMAC_DRBG instance with additional * \brief This function updates an HMAC_DRBG instance with additional
@ -356,10 +355,10 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
* \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if * \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if
* \p add_len > #MBEDTLS_HMAC_DRBG_MAX_INPUT. * \p add_len > #MBEDTLS_HMAC_DRBG_MAX_INPUT.
*/ */
int mbedtls_hmac_drbg_random_with_add( void *p_rng, int mbedtls_hmac_drbg_random_with_add(void *p_rng,
unsigned char *output, size_t output_len, unsigned char *output, size_t output_len,
const unsigned char *additional, const unsigned char *additional,
size_t add_len ); size_t add_len);
/** /**
* \brief This function uses HMAC_DRBG to generate random data. * \brief This function uses HMAC_DRBG to generate random data.
@ -388,7 +387,7 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng,
* \return #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if * \return #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if
* \p out_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST. * \p out_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
*/ */
int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ); int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len);
/** /**
* \brief This function resets HMAC_DRBG context to the state immediately * \brief This function resets HMAC_DRBG context to the state immediately
@ -396,7 +395,7 @@ int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len
* *
* \param ctx The HMAC_DRBG context to free. * \param ctx The HMAC_DRBG context to free.
*/ */
void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -410,7 +409,7 @@ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx );
* \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on reseed * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on reseed
* failure. * failure.
*/ */
int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ); int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path);
/** /**
* \brief This function reads and updates a seed file. The seed * \brief This function reads and updates a seed file. The seed
@ -426,7 +425,7 @@ int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const cha
* \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if the existing * \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if the existing
* seed file is too large. * seed file is too large.
*/ */
int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ); int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
@ -437,7 +436,7 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch
* \return \c 0 if successful. * \return \c 0 if successful.
* \return \c 1 if the test failed. * \return \c 1 if the test failed.
*/ */
int mbedtls_hmac_drbg_self_test( int verbose ); int mbedtls_hmac_drbg_self_test(int verbose);
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

98
include/mbedtls/legacy_or_psa.h
View File

@ -110,105 +110,105 @@
/* Hashes using low-level or PSA based on availability */ /* Hashes using low-level or PSA based on availability */
#if defined(MBEDTLS_MD5_C) || \ #if defined(MBEDTLS_MD5_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5))
#define MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
#endif #endif
#if defined(MBEDTLS_RIPEMD160_C) || \ #if defined(MBEDTLS_RIPEMD160_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160))
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA
#endif #endif
#if defined(MBEDTLS_SHA1_C) || \ #if defined(MBEDTLS_SHA1_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1))
#define MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA
#endif #endif
#if defined(MBEDTLS_SHA224_C) || \ #if defined(MBEDTLS_SHA224_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224))
#define MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA
#endif #endif
#if defined(MBEDTLS_SHA256_C) || \ #if defined(MBEDTLS_SHA256_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256))
#define MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA
#endif #endif
#if defined(MBEDTLS_SHA384_C) || \ #if defined(MBEDTLS_SHA384_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384))
#define MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA
#endif #endif
#if defined(MBEDTLS_SHA512_C) || \ #if defined(MBEDTLS_SHA512_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512))
#define MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA
#endif #endif
/* Hashes using MD or PSA based on availability */ /* Hashes using MD or PSA based on availability */
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5))
#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA
#endif #endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160))
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA
#endif #endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1))
#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA
#endif #endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224))
#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA
#endif #endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256))
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
#endif #endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384))
#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA
#endif #endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512))
#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA
#endif #endif
/* Hashes using MD or PSA based on MBEDTLS_USE_PSA_CRYPTO */ /* Hashes using MD or PSA based on MBEDTLS_USE_PSA_CRYPTO */
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_MD5) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_MD5))
#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_RIPEMD160) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_RIPEMD160))
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1))
#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224))
#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256))
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384))
#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512))
#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif

41
include/mbedtls/lms.h
View File

@ -157,7 +157,8 @@ typedef struct {
*/ */
typedef struct { typedef struct {
mbedtls_lmots_parameters_t MBEDTLS_PRIVATE(params); mbedtls_lmots_parameters_t MBEDTLS_PRIVATE(params);
unsigned char MBEDTLS_PRIVATE(private_key)[MBEDTLS_LMOTS_P_SIG_DIGIT_COUNT_MAX][MBEDTLS_LMOTS_N_HASH_LEN_MAX]; unsigned char MBEDTLS_PRIVATE(private_key)[MBEDTLS_LMOTS_P_SIG_DIGIT_COUNT_MAX][
MBEDTLS_LMOTS_N_HASH_LEN_MAX];
unsigned char MBEDTLS_PRIVATE(have_private_key); /*!< Whether the context contains a private key. unsigned char MBEDTLS_PRIVATE(have_private_key); /*!< Whether the context contains a private key.
Boolean values only. */ Boolean values only. */
} mbedtls_lmots_private_t; } mbedtls_lmots_private_t;
@ -182,7 +183,7 @@ typedef struct {
/** LMS public context structure. /** LMS public context structure.
* *
*A LMS public key is the hash output that is the root of the Merkle tree, and * A LMS public key is the hash output that is the root of the Merkle tree, and
* the applicable parameter set * the applicable parameter set
* *
* The context must be initialized before it is used. A public key must either * The context must be initialized before it is used. A public key must either
@ -249,7 +250,7 @@ typedef struct {
* \param ctx The uninitialized LMS context that will then be * \param ctx The uninitialized LMS context that will then be
* initialized. * initialized.
*/ */
void mbedtls_lms_public_init( mbedtls_lms_public_t *ctx ); void mbedtls_lms_public_init(mbedtls_lms_public_t *ctx);
/** /**
* \brief This function uninitializes an LMS public context * \brief This function uninitializes an LMS public context
@ -257,7 +258,7 @@ void mbedtls_lms_public_init( mbedtls_lms_public_t *ctx );
* \param ctx The initialized LMS context that will then be * \param ctx The initialized LMS context that will then be
* uninitialized. * uninitialized.
*/ */
void mbedtls_lms_public_free( mbedtls_lms_public_t *ctx ); void mbedtls_lms_public_free(mbedtls_lms_public_t *ctx);
/** /**
* \brief This function imports an LMS public key into a * \brief This function imports an LMS public key into a
@ -278,8 +279,8 @@ void mbedtls_lms_public_free( mbedtls_lms_public_t *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_lms_import_public_key( mbedtls_lms_public_t *ctx, int mbedtls_lms_import_public_key(mbedtls_lms_public_t *ctx,
const unsigned char *key, size_t key_size ); const unsigned char *key, size_t key_size);
/** /**
* \brief This function exports an LMS public key from a * \brief This function exports an LMS public key from a
@ -304,9 +305,9 @@ int mbedtls_lms_import_public_key( mbedtls_lms_public_t *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_lms_export_public_key( const mbedtls_lms_public_t *ctx, int mbedtls_lms_export_public_key(const mbedtls_lms_public_t *ctx,
unsigned char *key, size_t key_size, unsigned char *key, size_t key_size,
size_t *key_len ); size_t *key_len);
/** /**
* \brief This function verifies a LMS signature, using a * \brief This function verifies a LMS signature, using a
@ -328,9 +329,9 @@ int mbedtls_lms_export_public_key( const mbedtls_lms_public_t *ctx,
* \return \c 0 on successful verification. * \return \c 0 on successful verification.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_lms_verify( const mbedtls_lms_public_t *ctx, int mbedtls_lms_verify(const mbedtls_lms_public_t *ctx,
const unsigned char *msg, size_t msg_size, const unsigned char *msg, size_t msg_size,
const unsigned char *sig, size_t sig_size ); const unsigned char *sig, size_t sig_size);
#if defined(MBEDTLS_LMS_PRIVATE) #if defined(MBEDTLS_LMS_PRIVATE)
/** /**
@ -338,7 +339,7 @@ int mbedtls_lms_verify( const mbedtls_lms_public_t *ctx,
* *
* \param ctx The uninitialized LMS private context that will * \param ctx The uninitialized LMS private context that will
* then be initialized. */ * then be initialized. */
void mbedtls_lms_private_init( mbedtls_lms_private_t *ctx ); void mbedtls_lms_private_init(mbedtls_lms_private_t *ctx);
/** /**
* \brief This function uninitializes an LMS private context * \brief This function uninitializes an LMS private context
@ -346,7 +347,7 @@ void mbedtls_lms_private_init( mbedtls_lms_private_t *ctx );
* \param ctx The initialized LMS private context that will then * \param ctx The initialized LMS private context that will then
* be uninitialized. * be uninitialized.
*/ */
void mbedtls_lms_private_free( mbedtls_lms_private_t *ctx ); void mbedtls_lms_private_free(mbedtls_lms_private_t *ctx);
/** /**
* \brief This function generates an LMS private key, and * \brief This function generates an LMS private key, and
@ -372,12 +373,12 @@ void mbedtls_lms_private_free( mbedtls_lms_private_t *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_lms_generate_private_key( mbedtls_lms_private_t *ctx, int mbedtls_lms_generate_private_key(mbedtls_lms_private_t *ctx,
mbedtls_lms_algorithm_type_t type, mbedtls_lms_algorithm_type_t type,
mbedtls_lmots_algorithm_type_t otstype, mbedtls_lmots_algorithm_type_t otstype,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void* p_rng, const unsigned char *seed, void *p_rng, const unsigned char *seed,
size_t seed_size ); size_t seed_size);
/** /**
* \brief This function calculates an LMS public key from a * \brief This function calculates an LMS public key from a
@ -397,8 +398,8 @@ int mbedtls_lms_generate_private_key( mbedtls_lms_private_t *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_lms_calculate_public_key( mbedtls_lms_public_t *ctx, int mbedtls_lms_calculate_public_key(mbedtls_lms_public_t *ctx,
const mbedtls_lms_private_t *priv_ctx ); const mbedtls_lms_private_t *priv_ctx);
/** /**
* \brief This function creates a LMS signature, using a * \brief This function creates a LMS signature, using a
@ -437,11 +438,11 @@ int mbedtls_lms_calculate_public_key( mbedtls_lms_public_t *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_lms_sign( mbedtls_lms_private_t *ctx, int mbedtls_lms_sign(mbedtls_lms_private_t *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void* p_rng, const unsigned char *msg, void *p_rng, const unsigned char *msg,
unsigned int msg_size, unsigned char *sig, size_t sig_size, unsigned int msg_size, unsigned char *sig, size_t sig_size,
size_t *sig_len ); size_t *sig_len);
#endif /* defined(MBEDTLS_LMS_PRIVATE) */ #endif /* defined(MBEDTLS_LMS_PRIVATE) */
#ifdef __cplusplus #ifdef __cplusplus

30
include/mbedtls/mbedtls_config.h
View File

@ -1688,21 +1688,21 @@
#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 #define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
/** /**
* \def MBEDTLS_SSL_EARLY_DATA * \def MBEDTLS_SSL_EARLY_DATA
* *
* Enable support for RFC 8446 TLS 1.3 early data. * Enable support for RFC 8446 TLS 1.3 early data.
* *
* Requires: MBEDTLS_SSL_SESSION_TICKETS and either * Requires: MBEDTLS_SSL_SESSION_TICKETS and either
* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or
* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
* *
* Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3 * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3
* is not enabled, this option does not have any effect on the build. * is not enabled, this option does not have any effect on the build.
* *
* This feature is experimental, not completed and thus not ready for * This feature is experimental, not completed and thus not ready for
* production. * production.
* *
*/ */
//#define MBEDTLS_SSL_EARLY_DATA //#define MBEDTLS_SSL_EARLY_DATA
/** /**

61
include/mbedtls/md.h
View File

@ -1,4 +1,4 @@
/** /**
* \file md.h * \file md.h
* *
* \brief This file contains the generic message-digest wrapper. * \brief This file contains the generic message-digest wrapper.
@ -96,8 +96,7 @@ typedef struct mbedtls_md_info_t mbedtls_md_info_t;
/** /**
* The generic message-digest context. * The generic message-digest context.
*/ */
typedef struct mbedtls_md_context_t typedef struct mbedtls_md_context_t {
{
/** Information about the associated message digest. */ /** Information about the associated message digest. */
const mbedtls_md_info_t *MBEDTLS_PRIVATE(md_info); const mbedtls_md_info_t *MBEDTLS_PRIVATE(md_info);
@ -119,7 +118,7 @@ typedef struct mbedtls_md_context_t
* message-digest enumeration #mbedtls_md_type_t. * message-digest enumeration #mbedtls_md_type_t.
* The last entry is 0. * The last entry is 0.
*/ */
const int *mbedtls_md_list( void ); const int *mbedtls_md_list(void);
/** /**
* \brief This function returns the message-digest information * \brief This function returns the message-digest information
@ -130,7 +129,7 @@ const int *mbedtls_md_list( void );
* \return The message-digest information associated with \p md_name. * \return The message-digest information associated with \p md_name.
* \return NULL if the associated message-digest information is not found. * \return NULL if the associated message-digest information is not found.
*/ */
const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name);
/** /**
* \brief This function returns the message-digest information * \brief This function returns the message-digest information
@ -141,7 +140,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
* \return The message-digest information associated with \p md_type. * \return The message-digest information associated with \p md_type.
* \return NULL if the associated message-digest information is not found. * \return NULL if the associated message-digest information is not found.
*/ */
const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type);
/** /**
* \brief This function returns the message-digest information * \brief This function returns the message-digest information
@ -154,7 +153,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
* \return \c NULL if \p ctx is \c NULL. * \return \c NULL if \p ctx is \c NULL.
*/ */
const mbedtls_md_info_t *mbedtls_md_info_from_ctx( const mbedtls_md_info_t *mbedtls_md_info_from_ctx(
const mbedtls_md_context_t *ctx ); const mbedtls_md_context_t *ctx);
/** /**
* \brief This function initializes a message-digest context without * \brief This function initializes a message-digest context without
@ -164,7 +163,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_ctx(
* context for mbedtls_md_setup() for binding it to a * context for mbedtls_md_setup() for binding it to a
* message-digest algorithm. * message-digest algorithm.
*/ */
void mbedtls_md_init( mbedtls_md_context_t *ctx ); void mbedtls_md_init(mbedtls_md_context_t *ctx);
/** /**
* \brief This function clears the internal structure of \p ctx and * \brief This function clears the internal structure of \p ctx and
@ -179,7 +178,7 @@ void mbedtls_md_init( mbedtls_md_context_t *ctx );
* You must not call this function if you have not called * You must not call this function if you have not called
* mbedtls_md_init(). * mbedtls_md_init().
*/ */
void mbedtls_md_free( mbedtls_md_context_t *ctx ); void mbedtls_md_free(mbedtls_md_context_t *ctx);
/** /**
@ -202,7 +201,7 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx );
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ); int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac);
/** /**
* \brief This function clones the state of a message-digest * \brief This function clones the state of a message-digest
@ -224,8 +223,8 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_clone( mbedtls_md_context_t *dst, int mbedtls_md_clone(mbedtls_md_context_t *dst,
const mbedtls_md_context_t *src ); const mbedtls_md_context_t *src);
/** /**
* \brief This function extracts the message-digest size from the * \brief This function extracts the message-digest size from the
@ -236,7 +235,7 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst,
* *
* \return The size of the message-digest output in Bytes. * \return The size of the message-digest output in Bytes.
*/ */
unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info);
/** /**
* \brief This function extracts the message-digest type from the * \brief This function extracts the message-digest type from the
@ -247,7 +246,7 @@ unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
* *
* \return The type of the message digest. * \return The type of the message digest.
*/ */
mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info);
/** /**
* \brief This function extracts the message-digest name from the * \brief This function extracts the message-digest name from the
@ -258,7 +257,7 @@ mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
* *
* \return The name of the message digest. * \return The name of the message digest.
*/ */
const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info);
/** /**
* \brief This function starts a message-digest computation. * \brief This function starts a message-digest computation.
@ -274,7 +273,7 @@ const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_starts( mbedtls_md_context_t *ctx ); int mbedtls_md_starts(mbedtls_md_context_t *ctx);
/** /**
* \brief This function feeds an input buffer into an ongoing * \brief This function feeds an input buffer into an ongoing
@ -293,7 +292,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx );
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ); int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen);
/** /**
* \brief This function finishes the digest operation, * \brief This function finishes the digest operation,
@ -314,7 +313,7 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output);
/** /**
* \brief This function calculates the message-digest of a buffer, * \brief This function calculates the message-digest of a buffer,
@ -335,8 +334,8 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output ); unsigned char *output);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -357,8 +356,8 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
/** /**
@ -380,8 +379,8 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, int mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const unsigned char *key,
size_t keylen ); size_t keylen);
/** /**
* \brief This function feeds an input buffer into an ongoing HMAC * \brief This function feeds an input buffer into an ongoing HMAC
@ -403,8 +402,8 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, int mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief This function finishes the HMAC operation, and writes * \brief This function finishes the HMAC operation, and writes
@ -425,7 +424,7 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output); int mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, unsigned char *output);
/** /**
* \brief This function prepares to authenticate a new message with * \brief This function prepares to authenticate a new message with
@ -443,7 +442,7 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output);
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); int mbedtls_md_hmac_reset(mbedtls_md_context_t *ctx);
/** /**
* \brief This function calculates the full generic HMAC * \brief This function calculates the full generic HMAC
@ -468,13 +467,13 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output ); unsigned char *output);
/* Internal use */ /* Internal use */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ); int mbedtls_md_process(mbedtls_md_context_t *ctx, const unsigned char *data);
#ifdef __cplusplus #ifdef __cplusplus
} }

31
include/mbedtls/md5.h
View File

@ -48,8 +48,7 @@ extern "C" {
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
typedef struct mbedtls_md5_context typedef struct mbedtls_md5_context {
{
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */ uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */
uint32_t MBEDTLS_PRIVATE(state)[4]; /*!< intermediate digest state */ uint32_t MBEDTLS_PRIVATE(state)[4]; /*!< intermediate digest state */
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */ unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */
@ -70,7 +69,7 @@ mbedtls_md5_context;
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
void mbedtls_md5_init( mbedtls_md5_context *ctx ); void mbedtls_md5_init(mbedtls_md5_context *ctx);
/** /**
* \brief Clear MD5 context * \brief Clear MD5 context
@ -82,7 +81,7 @@ void mbedtls_md5_init( mbedtls_md5_context *ctx );
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
void mbedtls_md5_free( mbedtls_md5_context *ctx ); void mbedtls_md5_free(mbedtls_md5_context *ctx);
/** /**
* \brief Clone (the state of) an MD5 context * \brief Clone (the state of) an MD5 context
@ -95,8 +94,8 @@ void mbedtls_md5_free( mbedtls_md5_context *ctx );
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
void mbedtls_md5_clone( mbedtls_md5_context *dst, void mbedtls_md5_clone(mbedtls_md5_context *dst,
const mbedtls_md5_context *src ); const mbedtls_md5_context *src);
/** /**
* \brief MD5 context setup * \brief MD5 context setup
@ -110,7 +109,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
int mbedtls_md5_starts( mbedtls_md5_context *ctx ); int mbedtls_md5_starts(mbedtls_md5_context *ctx);
/** /**
* \brief MD5 process buffer * \brief MD5 process buffer
@ -126,9 +125,9 @@ int mbedtls_md5_starts( mbedtls_md5_context *ctx );
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
int mbedtls_md5_update( mbedtls_md5_context *ctx, int mbedtls_md5_update(mbedtls_md5_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief MD5 final digest * \brief MD5 final digest
@ -143,8 +142,8 @@ int mbedtls_md5_update( mbedtls_md5_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
int mbedtls_md5_finish( mbedtls_md5_context *ctx, int mbedtls_md5_finish(mbedtls_md5_context *ctx,
unsigned char output[16] ); unsigned char output[16]);
/** /**
* \brief MD5 process data block (internal use only) * \brief MD5 process data block (internal use only)
@ -159,8 +158,8 @@ int mbedtls_md5_finish( mbedtls_md5_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, int mbedtls_internal_md5_process(mbedtls_md5_context *ctx,
const unsigned char data[64] ); const unsigned char data[64]);
/** /**
* \brief Output = MD5( input buffer ) * \brief Output = MD5( input buffer )
@ -176,9 +175,9 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
int mbedtls_md5( const unsigned char *input, int mbedtls_md5(const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char output[16] ); unsigned char output[16]);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -192,7 +191,7 @@ int mbedtls_md5( const unsigned char *input,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
int mbedtls_md5_self_test( int verbose ); int mbedtls_md5_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

23
include/mbedtls/memory_buffer_alloc.h
View File

@ -43,7 +43,8 @@
#define MBEDTLS_MEMORY_VERIFY_NONE 0 #define MBEDTLS_MEMORY_VERIFY_NONE 0
#define MBEDTLS_MEMORY_VERIFY_ALLOC (1 << 0) #define MBEDTLS_MEMORY_VERIFY_ALLOC (1 << 0)
#define MBEDTLS_MEMORY_VERIFY_FREE (1 << 1) #define MBEDTLS_MEMORY_VERIFY_FREE (1 << 1)
#define MBEDTLS_MEMORY_VERIFY_ALWAYS (MBEDTLS_MEMORY_VERIFY_ALLOC | MBEDTLS_MEMORY_VERIFY_FREE) #define MBEDTLS_MEMORY_VERIFY_ALWAYS (MBEDTLS_MEMORY_VERIFY_ALLOC | \
MBEDTLS_MEMORY_VERIFY_FREE)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -64,12 +65,12 @@ extern "C" {
* \param buf buffer to use as heap * \param buf buffer to use as heap
* \param len size of the buffer * \param len size of the buffer
*/ */
void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len ); void mbedtls_memory_buffer_alloc_init(unsigned char *buf, size_t len);
/** /**
* \brief Free the mutex for thread-safety and clear remaining memory * \brief Free the mutex for thread-safety and clear remaining memory
*/ */
void mbedtls_memory_buffer_alloc_free( void ); void mbedtls_memory_buffer_alloc_free(void);
/** /**
* \brief Determine when the allocator should automatically verify the state * \brief Determine when the allocator should automatically verify the state
@ -79,7 +80,7 @@ void mbedtls_memory_buffer_alloc_free( void );
* \param verify One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC, * \param verify One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC,
* MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS * MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS
*/ */
void mbedtls_memory_buffer_set_verify( int verify ); void mbedtls_memory_buffer_set_verify(int verify);
#if defined(MBEDTLS_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
/** /**
@ -88,7 +89,7 @@ void mbedtls_memory_buffer_set_verify( int verify );
* Prints out a list of 'still allocated' blocks and their stack * Prints out a list of 'still allocated' blocks and their stack
* trace if MBEDTLS_MEMORY_BACKTRACE is defined. * trace if MBEDTLS_MEMORY_BACKTRACE is defined.
*/ */
void mbedtls_memory_buffer_alloc_status( void ); void mbedtls_memory_buffer_alloc_status(void);
/** /**
* \brief Get the number of alloc/free so far. * \brief Get the number of alloc/free so far.
@ -96,7 +97,7 @@ void mbedtls_memory_buffer_alloc_status( void );
* \param alloc_count Number of allocations. * \param alloc_count Number of allocations.
* \param free_count Number of frees. * \param free_count Number of frees.
*/ */
void mbedtls_memory_buffer_alloc_count_get( size_t *alloc_count, size_t *free_count ); void mbedtls_memory_buffer_alloc_count_get(size_t *alloc_count, size_t *free_count);
/** /**
* \brief Get the peak heap usage so far * \brief Get the peak heap usage so far
@ -106,12 +107,12 @@ void mbedtls_memory_buffer_alloc_count_get( size_t *alloc_count, size_t *free_co
* into smaller blocks but larger than the requested size. * into smaller blocks but larger than the requested size.
* \param max_blocks Peak number of blocks in use, including free and used * \param max_blocks Peak number of blocks in use, including free and used
*/ */
void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ); void mbedtls_memory_buffer_alloc_max_get(size_t *max_used, size_t *max_blocks);
/** /**
* \brief Reset peak statistics * \brief Reset peak statistics
*/ */
void mbedtls_memory_buffer_alloc_max_reset( void ); void mbedtls_memory_buffer_alloc_max_reset(void);
/** /**
* \brief Get the current heap usage * \brief Get the current heap usage
@ -121,7 +122,7 @@ void mbedtls_memory_buffer_alloc_max_reset( void );
* into smaller blocks but larger than the requested size. * into smaller blocks but larger than the requested size.
* \param cur_blocks Current number of blocks in use, including free and used * \param cur_blocks Current number of blocks in use, including free and used
*/ */
void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ); void mbedtls_memory_buffer_alloc_cur_get(size_t *cur_used, size_t *cur_blocks);
#endif /* MBEDTLS_MEMORY_DEBUG */ #endif /* MBEDTLS_MEMORY_DEBUG */
/** /**
@ -135,7 +136,7 @@ void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks )
* *
* \return 0 if verified, 1 otherwise * \return 0 if verified, 1 otherwise
*/ */
int mbedtls_memory_buffer_alloc_verify( void ); int mbedtls_memory_buffer_alloc_verify(void);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
@ -143,7 +144,7 @@ int mbedtls_memory_buffer_alloc_verify( void );
* *
* \return 0 if successful, or 1 if a test failed * \return 0 if successful, or 1 if a test failed
*/ */
int mbedtls_memory_buffer_alloc_self_test( int verbose ); int mbedtls_memory_buffer_alloc_self_test(int verbose);
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

33
include/mbedtls/net_sockets.h
View File

@ -92,8 +92,7 @@ extern "C" {
* (eg two file descriptors for combined IPv4 + IPv6 support, or additional * (eg two file descriptors for combined IPv4 + IPv6 support, or additional
* structures for hand-made UDP demultiplexing). * structures for hand-made UDP demultiplexing).
*/ */
typedef struct mbedtls_net_context typedef struct mbedtls_net_context {
{
/** The underlying file descriptor. /** The underlying file descriptor.
* *
* This field is only guaranteed to be present on POSIX/Unix-like platforms. * This field is only guaranteed to be present on POSIX/Unix-like platforms.
@ -110,7 +109,7 @@ mbedtls_net_context;
* *
* \param ctx Context to initialize * \param ctx Context to initialize
*/ */
void mbedtls_net_init( mbedtls_net_context *ctx ); void mbedtls_net_init(mbedtls_net_context *ctx);
/** /**
* \brief Initiate a connection with host:port in the given protocol * \brief Initiate a connection with host:port in the given protocol
@ -127,7 +126,7 @@ void mbedtls_net_init( mbedtls_net_context *ctx );
* *
* \note Sets the socket in connected mode even with UDP. * \note Sets the socket in connected mode even with UDP.
*/ */
int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto ); int mbedtls_net_connect(mbedtls_net_context *ctx, const char *host, const char *port, int proto);
/** /**
* \brief Create a receiving socket on bind_ip:port in the chosen * \brief Create a receiving socket on bind_ip:port in the chosen
@ -147,7 +146,7 @@ int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char
* \note Regardless of the protocol, opens the sockets and binds it. * \note Regardless of the protocol, opens the sockets and binds it.
* In addition, make the socket listening if protocol is TCP. * In addition, make the socket listening if protocol is TCP.
*/ */
int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ); int mbedtls_net_bind(mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto);
/** /**
* \brief Accept a connection from a remote client * \brief Accept a connection from a remote client
@ -167,9 +166,9 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char
* MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to * MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to
* non-blocking and accept() would block. * non-blocking and accept() would block.
*/ */
int mbedtls_net_accept( mbedtls_net_context *bind_ctx, int mbedtls_net_accept(mbedtls_net_context *bind_ctx,
mbedtls_net_context *client_ctx, mbedtls_net_context *client_ctx,
void *client_ip, size_t buf_size, size_t *ip_len ); void *client_ip, size_t buf_size, size_t *ip_len);
/** /**
* \brief Check and wait for the context to be ready for read/write * \brief Check and wait for the context to be ready for read/write
@ -196,7 +195,7 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
* \return Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE * \return Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE
* on success or timeout, or a negative return code otherwise. * on success or timeout, or a negative return code otherwise.
*/ */
int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ); int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout);
/** /**
* \brief Set the socket blocking * \brief Set the socket blocking
@ -205,7 +204,7 @@ int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout );
* *
* \return 0 if successful, or a non-zero error code * \return 0 if successful, or a non-zero error code
*/ */
int mbedtls_net_set_block( mbedtls_net_context *ctx ); int mbedtls_net_set_block(mbedtls_net_context *ctx);
/** /**
* \brief Set the socket non-blocking * \brief Set the socket non-blocking
@ -214,7 +213,7 @@ int mbedtls_net_set_block( mbedtls_net_context *ctx );
* *
* \return 0 if successful, or a non-zero error code * \return 0 if successful, or a non-zero error code
*/ */
int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ); int mbedtls_net_set_nonblock(mbedtls_net_context *ctx);
/** /**
* \brief Portable usleep helper * \brief Portable usleep helper
@ -224,7 +223,7 @@ int mbedtls_net_set_nonblock( mbedtls_net_context *ctx );
* \note Real amount of time slept will not be less than * \note Real amount of time slept will not be less than
* select()'s timeout granularity (typically, 10ms). * select()'s timeout granularity (typically, 10ms).
*/ */
void mbedtls_net_usleep( unsigned long usec ); void mbedtls_net_usleep(unsigned long usec);
/** /**
* \brief Read at most 'len' characters. If no error occurs, * \brief Read at most 'len' characters. If no error occurs,
@ -238,7 +237,7 @@ void mbedtls_net_usleep( unsigned long usec );
* or a non-zero error code; with a non-blocking socket, * or a non-zero error code; with a non-blocking socket,
* MBEDTLS_ERR_SSL_WANT_READ indicates read() would block. * MBEDTLS_ERR_SSL_WANT_READ indicates read() would block.
*/ */
int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ); int mbedtls_net_recv(void *ctx, unsigned char *buf, size_t len);
/** /**
* \brief Write at most 'len' characters. If no error occurs, * \brief Write at most 'len' characters. If no error occurs,
@ -252,7 +251,7 @@ int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len );
* or a non-zero error code; with a non-blocking socket, * or a non-zero error code; with a non-blocking socket,
* MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block. * MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block.
*/ */
int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ); int mbedtls_net_send(void *ctx, const unsigned char *buf, size_t len);
/** /**
* \brief Read at most 'len' characters, blocking for at most * \brief Read at most 'len' characters, blocking for at most
@ -280,22 +279,22 @@ int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len );
* non-blocking. Handling timeouts with non-blocking reads * non-blocking. Handling timeouts with non-blocking reads
* requires a different strategy. * requires a different strategy.
*/ */
int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len, int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, size_t len,
uint32_t timeout ); uint32_t timeout);
/** /**
* \brief Closes down the connection and free associated data * \brief Closes down the connection and free associated data
* *
* \param ctx The context to close * \param ctx The context to close
*/ */
void mbedtls_net_close( mbedtls_net_context *ctx ); void mbedtls_net_close(mbedtls_net_context *ctx);
/** /**
* \brief Gracefully shutdown the connection and free associated data * \brief Gracefully shutdown the connection and free associated data
* *
* \param ctx The context to free * \param ctx The context to free
*/ */
void mbedtls_net_free( mbedtls_net_context *ctx ); void mbedtls_net_free(mbedtls_net_context *ctx);
#ifdef __cplusplus #ifdef __cplusplus
} }

21
include/mbedtls/nist_kw.h
View File

@ -44,8 +44,7 @@
extern "C" { extern "C" {
#endif #endif
typedef enum typedef enum {
{
MBEDTLS_KW_MODE_KW = 0, MBEDTLS_KW_MODE_KW = 0,
MBEDTLS_KW_MODE_KWP = 1 MBEDTLS_KW_MODE_KWP = 1
} mbedtls_nist_kw_mode_t; } mbedtls_nist_kw_mode_t;
@ -77,7 +76,7 @@ typedef struct {
* \param ctx The key wrapping context to initialize. * \param ctx The key wrapping context to initialize.
* *
*/ */
void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx ); void mbedtls_nist_kw_init(mbedtls_nist_kw_context *ctx);
/** /**
* \brief This function initializes the key wrapping context set in the * \brief This function initializes the key wrapping context set in the
@ -95,11 +94,11 @@ void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx );
* which are not supported. * which are not supported.
* \return cipher-specific error code on failure of the underlying cipher. * \return cipher-specific error code on failure of the underlying cipher.
*/ */
int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx,
mbedtls_cipher_id_t cipher, mbedtls_cipher_id_t cipher,
const unsigned char *key, const unsigned char *key,
unsigned int keybits, unsigned int keybits,
const int is_wrap ); const int is_wrap);
/** /**
* \brief This function releases and clears the specified key wrapping context * \brief This function releases and clears the specified key wrapping context
@ -107,7 +106,7 @@ int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx,
* *
* \param ctx The key wrapping context to clear. * \param ctx The key wrapping context to clear.
*/ */
void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx ); void mbedtls_nist_kw_free(mbedtls_nist_kw_context *ctx);
/** /**
* \brief This function encrypts a buffer using key wrapping. * \brief This function encrypts a buffer using key wrapping.
@ -130,9 +129,9 @@ void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx );
* \return \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length. * \return \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length.
* \return cipher-specific error code on failure of the underlying cipher. * \return cipher-specific error code on failure of the underlying cipher.
*/ */
int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode, int mbedtls_nist_kw_wrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
const unsigned char *input, size_t in_len, const unsigned char *input, size_t in_len,
unsigned char *output, size_t* out_len, size_t out_size ); unsigned char *output, size_t *out_len, size_t out_size);
/** /**
* \brief This function decrypts a buffer using key wrapping. * \brief This function decrypts a buffer using key wrapping.
@ -157,9 +156,9 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t m
* \return \c MBEDTLS_ERR_CIPHER_AUTH_FAILED for verification failure of the ciphertext. * \return \c MBEDTLS_ERR_CIPHER_AUTH_FAILED for verification failure of the ciphertext.
* \return cipher-specific error code on failure of the underlying cipher. * \return cipher-specific error code on failure of the underlying cipher.
*/ */
int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode, int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
const unsigned char *input, size_t in_len, const unsigned char *input, size_t in_len,
unsigned char *output, size_t* out_len, size_t out_size); unsigned char *output, size_t *out_len, size_t out_size);
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
@ -169,7 +168,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_nist_kw_self_test( int verbose ); int mbedtls_nist_kw_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
#ifdef __cplusplus #ifdef __cplusplus

65
include/mbedtls/oid.h
View File

@ -91,15 +91,18 @@
#define MBEDTLS_OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG "\x02" #define MBEDTLS_OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG "\x02"
#define MBEDTLS_OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_ALG "\x1a" #define MBEDTLS_OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_ALG "\x1a"
#define MBEDTLS_OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */ #define MBEDTLS_OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */
#define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_CERTICOM #define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG \
MBEDTLS_OID_ORG_CERTICOM
#define MBEDTLS_OID_ORG_TELETRUST "\x24" /* teletrust(36) */ #define MBEDTLS_OID_ORG_TELETRUST "\x24" /* teletrust(36) */
#define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_TELETRUST #define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG \
MBEDTLS_OID_ORG_TELETRUST
/* /*
* ISO ITU OID parts * ISO ITU OID parts
*/ */
#define MBEDTLS_OID_ORGANIZATION "\x01" /* {organization(1)} */ #define MBEDTLS_OID_ORGANIZATION "\x01" /* {organization(1)} */
#define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */ #define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US \
MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */
#define MBEDTLS_OID_ORG_GOV "\x65" /* {gov(101)} */ #define MBEDTLS_OID_ORG_GOV "\x65" /* {gov(101)} */
#define MBEDTLS_OID_GOV MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */ #define MBEDTLS_OID_GOV MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */
@ -117,7 +120,8 @@
* { iso(1) identified-organization(3) dod(6) internet(1) * { iso(1) identified-organization(3) dod(6) internet(1)
* security(5) mechanisms(5) pkix(7) } * security(5) mechanisms(5) pkix(7) }
*/ */
#define MBEDTLS_OID_INTERNET MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01" #define MBEDTLS_OID_INTERNET MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD \
"\x01"
#define MBEDTLS_OID_PKIX MBEDTLS_OID_INTERNET "\x05\x05\x07" #define MBEDTLS_OID_PKIX MBEDTLS_OID_INTERNET "\x05\x05\x07"
/* /*
@ -247,7 +251,8 @@
* Digest algorithms * Digest algorithms
*/ */
#define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */ #define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG \
MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA256 MBEDTLS_OID_NIST_ALG "\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA256 MBEDTLS_OID_NIST_ALG "\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */
@ -270,7 +275,8 @@
/* /*
* Encryption algorithms * Encryption algorithms
*/ */
#define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */ #define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG \
MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */
#define MBEDTLS_OID_DES_EDE3_CBC MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */ #define MBEDTLS_OID_DES_EDE3_CBC MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */
#define MBEDTLS_OID_AES MBEDTLS_OID_NIST_ALG "\x01" /** aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1 } */ #define MBEDTLS_OID_AES MBEDTLS_OID_NIST_ALG "\x01" /** aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1 } */
@ -438,8 +444,7 @@ extern "C" {
/** /**
* \brief Base OID descriptor structure * \brief Base OID descriptor structure
*/ */
typedef struct mbedtls_oid_descriptor_t typedef struct mbedtls_oid_descriptor_t {
{
const char *MBEDTLS_PRIVATE(asn1); /*!< OID ASN.1 representation */ const char *MBEDTLS_PRIVATE(asn1); /*!< OID ASN.1 representation */
size_t MBEDTLS_PRIVATE(asn1_len); /*!< length of asn1 */ size_t MBEDTLS_PRIVATE(asn1_len); /*!< length of asn1 */
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
@ -459,7 +464,7 @@ typedef struct mbedtls_oid_descriptor_t
* \return Length of the string written (excluding final NULL) or * \return Length of the string written (excluding final NULL) or
* MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error * MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error
*/ */
int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid ); int mbedtls_oid_get_numeric_string(char *buf, size_t size, const mbedtls_asn1_buf *oid);
/** /**
* \brief Translate an X.509 extension OID into local values * \brief Translate an X.509 extension OID into local values
@ -469,7 +474,7 @@ int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_b
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type ); int mbedtls_oid_get_x509_ext_type(const mbedtls_asn1_buf *oid, int *ext_type);
/** /**
* \brief Translate an X.509 attribute type OID into the short name * \brief Translate an X.509 attribute type OID into the short name
@ -480,7 +485,7 @@ int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type );
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **short_name ); int mbedtls_oid_get_attr_short_name(const mbedtls_asn1_buf *oid, const char **short_name);
/** /**
* \brief Translate PublicKeyAlgorithm OID into pk_type * \brief Translate PublicKeyAlgorithm OID into pk_type
@ -490,7 +495,7 @@ int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **s
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg ); int mbedtls_oid_get_pk_alg(const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg);
/** /**
* \brief Translate pk_type into PublicKeyAlgorithm OID * \brief Translate pk_type into PublicKeyAlgorithm OID
@ -501,8 +506,8 @@ int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_a
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg, int mbedtls_oid_get_oid_by_pk_alg(mbedtls_pk_type_t pk_alg,
const char **oid, size_t *olen ); const char **oid, size_t *olen);
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_C)
/** /**
@ -513,7 +518,7 @@ int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg,
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id ); int mbedtls_oid_get_ec_grp(const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id);
/** /**
* \brief Translate EC group identifier into NamedCurve OID * \brief Translate EC group identifier into NamedCurve OID
@ -524,8 +529,8 @@ int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *g
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id, int mbedtls_oid_get_oid_by_ec_grp(mbedtls_ecp_group_id grp_id,
const char **oid, size_t *olen ); const char **oid, size_t *olen);
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
/** /**
@ -537,8 +542,8 @@ int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id,
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid, int mbedtls_oid_get_sig_alg(const mbedtls_asn1_buf *oid,
mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg ); mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg);
/** /**
* \brief Translate SignatureAlgorithm OID into description * \brief Translate SignatureAlgorithm OID into description
@ -548,7 +553,7 @@ int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid,
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc ); int mbedtls_oid_get_sig_alg_desc(const mbedtls_asn1_buf *oid, const char **desc);
/** /**
* \brief Translate md_type and pk_type into SignatureAlgorithm OID * \brief Translate md_type and pk_type into SignatureAlgorithm OID
@ -560,8 +565,8 @@ int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, int mbedtls_oid_get_oid_by_sig_alg(mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
const char **oid, size_t *olen ); const char **oid, size_t *olen);
/** /**
* \brief Translate hmac algorithm OID into md_type * \brief Translate hmac algorithm OID into md_type
@ -571,7 +576,7 @@ int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac ); int mbedtls_oid_get_md_hmac(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac);
/** /**
* \brief Translate hash algorithm OID into md_type * \brief Translate hash algorithm OID into md_type
@ -581,7 +586,7 @@ int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg ); int mbedtls_oid_get_md_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg);
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
/** /**
@ -592,7 +597,7 @@ int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_a
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc ); int mbedtls_oid_get_extended_key_usage(const mbedtls_asn1_buf *oid, const char **desc);
#endif #endif
/** /**
@ -603,7 +608,7 @@ int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const char **desc ); int mbedtls_oid_get_certificate_policies(const mbedtls_asn1_buf *oid, const char **desc);
/** /**
* \brief Translate md_type into hash algorithm OID * \brief Translate md_type into hash algorithm OID
@ -614,7 +619,7 @@ int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const cha
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_t *olen ); int mbedtls_oid_get_oid_by_md(mbedtls_md_type_t md_alg, const char **oid, size_t *olen);
#if defined(MBEDTLS_CIPHER_C) #if defined(MBEDTLS_CIPHER_C)
/** /**
@ -625,7 +630,7 @@ int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg ); int mbedtls_oid_get_cipher_alg(const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg);
#endif /* MBEDTLS_CIPHER_C */ #endif /* MBEDTLS_CIPHER_C */
#if defined(MBEDTLS_PKCS12_C) #if defined(MBEDTLS_PKCS12_C)
@ -639,8 +644,8 @@ int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_pkcs12_pbe_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg, int mbedtls_oid_get_pkcs12_pbe_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg,
mbedtls_cipher_type_t *cipher_alg ); mbedtls_cipher_type_t *cipher_alg);
#endif /* MBEDTLS_PKCS12_C */ #endif /* MBEDTLS_PKCS12_C */
#ifdef __cplusplus #ifdef __cplusplus

19
include/mbedtls/pem.h
View File

@ -61,8 +61,7 @@ extern "C" {
/** /**
* \brief PEM context structure * \brief PEM context structure
*/ */
typedef struct mbedtls_pem_context typedef struct mbedtls_pem_context {
{
unsigned char *MBEDTLS_PRIVATE(buf); /*!< buffer for decoded data */ unsigned char *MBEDTLS_PRIVATE(buf); /*!< buffer for decoded data */
size_t MBEDTLS_PRIVATE(buflen); /*!< length of the buffer */ size_t MBEDTLS_PRIVATE(buflen); /*!< length of the buffer */
unsigned char *MBEDTLS_PRIVATE(info); /*!< buffer for extra header information */ unsigned char *MBEDTLS_PRIVATE(info); /*!< buffer for extra header information */
@ -74,7 +73,7 @@ mbedtls_pem_context;
* *
* \param ctx context to be initialized * \param ctx context to be initialized
*/ */
void mbedtls_pem_init( mbedtls_pem_context *ctx ); void mbedtls_pem_init(mbedtls_pem_context *ctx);
/** /**
* \brief Read a buffer for PEM information and store the resulting * \brief Read a buffer for PEM information and store the resulting
@ -102,10 +101,10 @@ void mbedtls_pem_init( mbedtls_pem_context *ctx );
* *
* \return 0 on success, or a specific PEM error code * \return 0 on success, or a specific PEM error code
*/ */
int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer, int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const char *footer,
const unsigned char *data, const unsigned char *data,
const unsigned char *pwd, const unsigned char *pwd,
size_t pwdlen, size_t *use_len ); size_t pwdlen, size_t *use_len);
/** /**
* \brief Get the pointer to the decoded binary data in a PEM context. * \brief Get the pointer to the decoded binary data in a PEM context.
@ -119,10 +118,10 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
* \note The returned pointer remains valid only until \p ctx is * \note The returned pointer remains valid only until \p ctx is
modified or freed. modified or freed.
*/ */
static inline const unsigned char *mbedtls_pem_get_buffer( mbedtls_pem_context *ctx, size_t *buflen ) static inline const unsigned char *mbedtls_pem_get_buffer(mbedtls_pem_context *ctx, size_t *buflen)
{ {
*buflen = ctx->MBEDTLS_PRIVATE(buflen); *buflen = ctx->MBEDTLS_PRIVATE(buflen);
return( ctx->MBEDTLS_PRIVATE(buf) ); return ctx->MBEDTLS_PRIVATE(buf);
} }
@ -131,7 +130,7 @@ static inline const unsigned char *mbedtls_pem_get_buffer( mbedtls_pem_context *
* *
* \param ctx context to be freed * \param ctx context to be freed
*/ */
void mbedtls_pem_free( mbedtls_pem_context *ctx ); void mbedtls_pem_free(mbedtls_pem_context *ctx);
#endif /* MBEDTLS_PEM_PARSE_C */ #endif /* MBEDTLS_PEM_PARSE_C */
#if defined(MBEDTLS_PEM_WRITE_C) #if defined(MBEDTLS_PEM_WRITE_C)
@ -161,9 +160,9 @@ void mbedtls_pem_free( mbedtls_pem_context *ctx );
* the required minimum size of \p buf. * the required minimum size of \p buf.
* \return Another PEM or BASE64 error code on other kinds of failure. * \return Another PEM or BASE64 error code on other kinds of failure.
*/ */
int mbedtls_pem_write_buffer( const char *header, const char *footer, int mbedtls_pem_write_buffer(const char *header, const char *footer,
const unsigned char *der_data, size_t der_len, const unsigned char *der_data, size_t der_len,
unsigned char *buf, size_t buf_len, size_t *olen ); unsigned char *buf, size_t buf_len, size_t *olen);
#endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#ifdef __cplusplus #ifdef __cplusplus

168
include/mbedtls/pk.h
View File

@ -97,8 +97,7 @@ typedef enum {
* \brief Options for RSASSA-PSS signature verification. * \brief Options for RSASSA-PSS signature verification.
* See \c mbedtls_rsa_rsassa_pss_verify_ext() * See \c mbedtls_rsa_rsassa_pss_verify_ext()
*/ */
typedef struct mbedtls_pk_rsassa_pss_options typedef struct mbedtls_pk_rsassa_pss_options {
{
mbedtls_md_type_t MBEDTLS_PRIVATE(mgf1_hash_id); mbedtls_md_type_t MBEDTLS_PRIVATE(mgf1_hash_id);
int MBEDTLS_PRIVATE(expected_salt_len); int MBEDTLS_PRIVATE(expected_salt_len);
@ -118,7 +117,7 @@ typedef struct mbedtls_pk_rsassa_pss_options
*/ */
#define MBEDTLS_PK_SIGNATURE_MAX_SIZE 0 #define MBEDTLS_PK_SIGNATURE_MAX_SIZE 0
#if ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT) ) && \ #if (defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT)) && \
MBEDTLS_MPI_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE
/* For RSA, the signature can be as large as the bignum module allows. /* For RSA, the signature can be as large as the bignum module allows.
* For RSA_ALT, the signature size is not necessarily tied to what the * For RSA_ALT, the signature size is not necessarily tied to what the
@ -152,15 +151,14 @@ typedef struct mbedtls_pk_rsassa_pss_options
* types, lengths (represented by up to 2 bytes), and potential leading * types, lengths (represented by up to 2 bytes), and potential leading
* zeros of the INTEGERs and the SEQUENCE. */ * zeros of the INTEGERs and the SEQUENCE. */
#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE #undef MBEDTLS_PK_SIGNATURE_MAX_SIZE
#define MBEDTLS_PK_SIGNATURE_MAX_SIZE ( PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11 ) #define MBEDTLS_PK_SIGNATURE_MAX_SIZE (PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11)
#endif #endif
#endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */ #endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */
/** /**
* \brief Types for interfacing with the debug module * \brief Types for interfacing with the debug module
*/ */
typedef enum typedef enum {
{
MBEDTLS_PK_DEBUG_NONE = 0, MBEDTLS_PK_DEBUG_NONE = 0,
MBEDTLS_PK_DEBUG_MPI, MBEDTLS_PK_DEBUG_MPI,
MBEDTLS_PK_DEBUG_ECP, MBEDTLS_PK_DEBUG_ECP,
@ -169,8 +167,7 @@ typedef enum
/** /**
* \brief Item to send to the debug module * \brief Item to send to the debug module
*/ */
typedef struct mbedtls_pk_debug_item typedef struct mbedtls_pk_debug_item {
{
mbedtls_pk_debug_type MBEDTLS_PRIVATE(type); mbedtls_pk_debug_type MBEDTLS_PRIVATE(type);
const char *MBEDTLS_PRIVATE(name); const char *MBEDTLS_PRIVATE(name);
void *MBEDTLS_PRIVATE(value); void *MBEDTLS_PRIVATE(value);
@ -191,20 +188,18 @@ typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;
/** /**
* \brief Public key container * \brief Public key container
*/ */
typedef struct mbedtls_pk_context typedef struct mbedtls_pk_context {
{ const mbedtls_pk_info_t *MBEDTLS_PRIVATE(pk_info); /**< Public key information */
const mbedtls_pk_info_t * MBEDTLS_PRIVATE(pk_info); /**< Public key information */ void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
void * MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
} mbedtls_pk_context; } mbedtls_pk_context;
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
* \brief Context for resuming operations * \brief Context for resuming operations
*/ */
typedef struct typedef struct {
{ const mbedtls_pk_info_t *MBEDTLS_PRIVATE(pk_info); /**< Public key information */
const mbedtls_pk_info_t * MBEDTLS_PRIVATE(pk_info); /**< Public key information */ void *MBEDTLS_PRIVATE(rs_ctx); /**< Underlying restart context */
void * MBEDTLS_PRIVATE(rs_ctx); /**< Underlying restart context */
} mbedtls_pk_restart_ctx; } mbedtls_pk_restart_ctx;
#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
/* Now we can declare functions that take a pointer to that */ /* Now we can declare functions that take a pointer to that */
@ -215,14 +210,15 @@ typedef void mbedtls_pk_restart_ctx;
/** /**
* \brief Types for RSA-alt abstraction * \brief Types for RSA-alt abstraction
*/ */
typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, size_t *olen, typedef int (*mbedtls_pk_rsa_alt_decrypt_func)(void *ctx, size_t *olen,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
size_t output_max_len ); size_t output_max_len);
typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx, typedef int (*mbedtls_pk_rsa_alt_sign_func)(void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
mbedtls_md_type_t md_alg, unsigned int hashlen, mbedtls_md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig ); const unsigned char *hash, unsigned char *sig);
typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx ); typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)(void *ctx);
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
/** /**
@ -232,7 +228,7 @@ typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
* *
* \return The PK info associated with the type or NULL if not found. * \return The PK info associated with the type or NULL if not found.
*/ */
const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ); const mbedtls_pk_info_t *mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type);
/** /**
* \brief Initialize a #mbedtls_pk_context (as NONE). * \brief Initialize a #mbedtls_pk_context (as NONE).
@ -240,7 +236,7 @@ const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
* \param ctx The context to initialize. * \param ctx The context to initialize.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_pk_init( mbedtls_pk_context *ctx ); void mbedtls_pk_init(mbedtls_pk_context *ctx);
/** /**
* \brief Free the components of a #mbedtls_pk_context. * \brief Free the components of a #mbedtls_pk_context.
@ -253,7 +249,7 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx );
* PSA key and you still need to call psa_destroy_key() * PSA key and you still need to call psa_destroy_key()
* independently if you want to destroy that key. * independently if you want to destroy that key.
*/ */
void mbedtls_pk_free( mbedtls_pk_context *ctx ); void mbedtls_pk_free(mbedtls_pk_context *ctx);
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
@ -262,7 +258,7 @@ void mbedtls_pk_free( mbedtls_pk_context *ctx );
* \param ctx The context to initialize. * \param ctx The context to initialize.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ); void mbedtls_pk_restart_init(mbedtls_pk_restart_ctx *ctx);
/** /**
* \brief Free the components of a restart context * \brief Free the components of a restart context
@ -270,7 +266,7 @@ void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx );
* \param ctx The context to clear. It must have been initialized. * \param ctx The context to clear. It must have been initialized.
* If this is \c NULL, this function does nothing. * If this is \c NULL, this function does nothing.
*/ */
void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ); void mbedtls_pk_restart_free(mbedtls_pk_restart_ctx *ctx);
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
/** /**
@ -288,7 +284,7 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );
* \note For contexts holding an RSA-alt key, use * \note For contexts holding an RSA-alt key, use
* \c mbedtls_pk_setup_rsa_alt() instead. * \c mbedtls_pk_setup_rsa_alt() instead.
*/ */
int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info);
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
/** /**
@ -319,8 +315,8 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
* ECC key pair. * ECC key pair.
* \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. * \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
*/ */
int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx,
const mbedtls_svc_key_id_t key ); const mbedtls_svc_key_id_t key);
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
@ -339,10 +335,10 @@ int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx,
* *
* \note This function replaces \c mbedtls_pk_setup() for RSA-alt. * \note This function replaces \c mbedtls_pk_setup() for RSA-alt.
*/ */
int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, int mbedtls_pk_setup_rsa_alt(mbedtls_pk_context *ctx, void *key,
mbedtls_pk_rsa_alt_decrypt_func decrypt_func, mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
mbedtls_pk_rsa_alt_sign_func sign_func, mbedtls_pk_rsa_alt_sign_func sign_func,
mbedtls_pk_rsa_alt_key_len_func key_len_func ); mbedtls_pk_rsa_alt_key_len_func key_len_func);
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
/** /**
@ -352,7 +348,7 @@ int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
* *
* \return Key size in bits, or 0 on error * \return Key size in bits, or 0 on error
*/ */
size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ); size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx);
/** /**
* \brief Get the length in bytes of the underlying key * \brief Get the length in bytes of the underlying key
@ -361,9 +357,9 @@ size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx );
* *
* \return Key length in bytes, or 0 on error * \return Key length in bytes, or 0 on error
*/ */
static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx ) static inline size_t mbedtls_pk_get_len(const mbedtls_pk_context *ctx)
{ {
return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 ); return (mbedtls_pk_get_bitlen(ctx) + 7) / 8;
} }
/** /**
@ -378,7 +374,7 @@ static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )
* been initialized but not set up, or that has been * been initialized but not set up, or that has been
* cleared with mbedtls_pk_free(). * cleared with mbedtls_pk_free().
*/ */
int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ); int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type);
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
/** /**
@ -408,8 +404,8 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );
* for a context that has been initialized but not set up * for a context that has been initialized but not set up
* or that has been cleared with mbedtls_pk_free(). * or that has been cleared with mbedtls_pk_free().
*/ */
int mbedtls_pk_can_do_ext( const mbedtls_pk_context *ctx, psa_algorithm_t alg, int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg,
psa_key_usage_t usage ); psa_key_usage_t usage);
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
/** /**
@ -439,9 +435,9 @@ int mbedtls_pk_can_do_ext( const mbedtls_pk_context *ctx, psa_algorithm_t alg,
* Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... ) * Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... )
* to verify RSASSA_PSS signatures. * to verify RSASSA_PSS signatures.
*/ */
int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len ); const unsigned char *sig, size_t sig_len);
/** /**
* \brief Restartable version of \c mbedtls_pk_verify() * \brief Restartable version of \c mbedtls_pk_verify()
@ -463,11 +459,11 @@ int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
*/ */
int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len, const unsigned char *sig, size_t sig_len,
mbedtls_pk_restart_ctx *rs_ctx ); mbedtls_pk_restart_ctx *rs_ctx);
/** /**
* \brief Verify signature, with options. * \brief Verify signature, with options.
@ -500,10 +496,10 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
* #MBEDTLS_USE_PSA_CRYPTO is defined, the salt length is not * #MBEDTLS_USE_PSA_CRYPTO is defined, the salt length is not
* verified as PSA_ALG_RSA_PSS_ANY_SALT is used. * verified as PSA_ALG_RSA_PSS_ANY_SALT is used.
*/ */
int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options,
mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len ); const unsigned char *sig, size_t sig_len);
/** /**
* \brief Make signature, including padding if relevant. * \brief Make signature, including padding if relevant.
@ -533,10 +529,10 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
* \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0. * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE. * For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
*/ */
int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t sig_size, size_t *sig_len, unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
#if defined(MBEDTLS_PSA_CRYPTO_C) #if defined(MBEDTLS_PSA_CRYPTO_C)
/** /**
@ -568,13 +564,13 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE. * For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
* *
*/ */
int mbedtls_pk_sign_ext( mbedtls_pk_type_t pk_type, int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type,
mbedtls_pk_context *ctx, mbedtls_pk_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t sig_size, size_t *sig_len, unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_PSA_CRYPTO_C */
/** /**
@ -606,12 +602,12 @@ int mbedtls_pk_sign_ext( mbedtls_pk_type_t pk_type,
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
*/ */
int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t sig_size, size_t *sig_len, unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_pk_restart_ctx *rs_ctx ); mbedtls_pk_restart_ctx *rs_ctx);
/** /**
* \brief Decrypt message (including padding if relevant). * \brief Decrypt message (including padding if relevant).
@ -630,10 +626,10 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
* *
* \return 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
*/ */
int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, int mbedtls_pk_decrypt(mbedtls_pk_context *ctx,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize, unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** /**
* \brief Encrypt message (including padding if relevant). * \brief Encrypt message (including padding if relevant).
@ -653,10 +649,10 @@ int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
* *
* \return 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
*/ */
int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, int mbedtls_pk_encrypt(mbedtls_pk_context *ctx,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize, unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** /**
* \brief Check if a public-private pair of keys matches. * \brief Check if a public-private pair of keys matches.
@ -672,10 +668,10 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
* \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid. * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.
* \return Another non-zero value if the keys do not match. * \return Another non-zero value if the keys do not match.
*/ */
int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, int mbedtls_pk_check_pair(const mbedtls_pk_context *pub,
const mbedtls_pk_context *prv, const mbedtls_pk_context *prv,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Export debug information * \brief Export debug information
@ -685,7 +681,7 @@ int mbedtls_pk_check_pair( const mbedtls_pk_context *pub,
* *
* \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
*/ */
int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items ); int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items);
/** /**
* \brief Access the type name * \brief Access the type name
@ -694,7 +690,7 @@ int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *item
* *
* \return Type name on success, or "invalid PK" * \return Type name on success, or "invalid PK"
*/ */
const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx ); const char *mbedtls_pk_get_name(const mbedtls_pk_context *ctx);
/** /**
* \brief Get the key type * \brief Get the key type
@ -704,7 +700,7 @@ const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
* \return Type on success. * \return Type on success.
* \return #MBEDTLS_PK_NONE for a context that has not been set up. * \return #MBEDTLS_PK_NONE for a context that has not been set up.
*/ */
mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx);
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
/** /**
@ -717,14 +713,13 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
* *
* \return The internal RSA context held by the PK context, or NULL. * \return The internal RSA context held by the PK context, or NULL.
*/ */
static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) static inline mbedtls_rsa_context *mbedtls_pk_rsa(const mbedtls_pk_context pk)
{ {
switch( mbedtls_pk_get_type( &pk ) ) switch (mbedtls_pk_get_type(&pk)) {
{
case MBEDTLS_PK_RSA: case MBEDTLS_PK_RSA:
return( (mbedtls_rsa_context *) (pk).MBEDTLS_PRIVATE(pk_ctx) ); return (mbedtls_rsa_context *) (pk).MBEDTLS_PRIVATE(pk_ctx);
default: default:
return( NULL ); return NULL;
} }
} }
#endif /* MBEDTLS_RSA_C */ #endif /* MBEDTLS_RSA_C */
@ -741,16 +736,15 @@ static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )
* *
* \return The internal EC context held by the PK context, or NULL. * \return The internal EC context held by the PK context, or NULL.
*/ */
static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) static inline mbedtls_ecp_keypair *mbedtls_pk_ec(const mbedtls_pk_context pk)
{ {
switch( mbedtls_pk_get_type( &pk ) ) switch (mbedtls_pk_get_type(&pk)) {
{
case MBEDTLS_PK_ECKEY: case MBEDTLS_PK_ECKEY:
case MBEDTLS_PK_ECKEY_DH: case MBEDTLS_PK_ECKEY_DH:
case MBEDTLS_PK_ECDSA: case MBEDTLS_PK_ECDSA:
return( (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx) ); return (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx);
default: default:
return( NULL ); return NULL;
} }
} }
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
@ -787,10 +781,10 @@ static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )
* *
* \return 0 if successful, or a specific PK or PEM error code * \return 0 if successful, or a specific PK or PEM error code
*/ */
int mbedtls_pk_parse_key( mbedtls_pk_context *ctx, int mbedtls_pk_parse_key(mbedtls_pk_context *ctx,
const unsigned char *key, size_t keylen, const unsigned char *key, size_t keylen,
const unsigned char *pwd, size_t pwdlen, const unsigned char *pwd, size_t pwdlen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** \ingroup pk_module */ /** \ingroup pk_module */
/** /**
@ -814,8 +808,8 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
* *
* \return 0 if successful, or a specific PK or PEM error code * \return 0 if successful, or a specific PK or PEM error code
*/ */
int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx,
const unsigned char *key, size_t keylen ); const unsigned char *key, size_t keylen);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** \ingroup pk_module */ /** \ingroup pk_module */
@ -841,9 +835,9 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
* *
* \return 0 if successful, or a specific PK or PEM error code * \return 0 if successful, or a specific PK or PEM error code
*/ */
int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx,
const char *path, const char *password, const char *path, const char *password,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** \ingroup pk_module */ /** \ingroup pk_module */
/** /**
@ -862,7 +856,7 @@ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
* *
* \return 0 if successful, or a specific PK or PEM error code * \return 0 if successful, or a specific PK or PEM error code
*/ */
int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ); int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_PK_PARSE_C */ #endif /* MBEDTLS_PK_PARSE_C */
@ -880,7 +874,7 @@ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path )
* \return length of data written if successful, or a specific * \return length of data written if successful, or a specific
* error code * error code
*/ */
int mbedtls_pk_write_key_der( const mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); int mbedtls_pk_write_key_der(const mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
/** /**
* \brief Write a public key to a SubjectPublicKeyInfo DER structure * \brief Write a public key to a SubjectPublicKeyInfo DER structure
@ -895,7 +889,7 @@ int mbedtls_pk_write_key_der( const mbedtls_pk_context *ctx, unsigned char *buf,
* \return length of data written if successful, or a specific * \return length of data written if successful, or a specific
* error code * error code
*/ */
int mbedtls_pk_write_pubkey_der( const mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
#if defined(MBEDTLS_PEM_WRITE_C) #if defined(MBEDTLS_PEM_WRITE_C)
/** /**
@ -908,7 +902,7 @@ int mbedtls_pk_write_pubkey_der( const mbedtls_pk_context *ctx, unsigned char *b
* *
* \return 0 if successful, or a specific error code * \return 0 if successful, or a specific error code
*/ */
int mbedtls_pk_write_pubkey_pem( const mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); int mbedtls_pk_write_pubkey_pem(const mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
/** /**
* \brief Write a private key to a PKCS#1 or SEC1 PEM string * \brief Write a private key to a PKCS#1 or SEC1 PEM string
@ -920,7 +914,7 @@ int mbedtls_pk_write_pubkey_pem( const mbedtls_pk_context *ctx, unsigned char *b
* *
* \return 0 if successful, or a specific error code * \return 0 if successful, or a specific error code
*/ */
int mbedtls_pk_write_key_pem( const mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); int mbedtls_pk_write_key_pem(const mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
#endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_PK_WRITE_C */ #endif /* MBEDTLS_PK_WRITE_C */
@ -940,8 +934,8 @@ int mbedtls_pk_write_key_pem( const mbedtls_pk_context *ctx, unsigned char *buf,
* *
* \return 0 if successful, or a specific PK error code * \return 0 if successful, or a specific PK error code
*/ */
int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end,
mbedtls_pk_context *pk ); mbedtls_pk_context *pk);
#endif /* MBEDTLS_PK_PARSE_C */ #endif /* MBEDTLS_PK_PARSE_C */
#if defined(MBEDTLS_PK_WRITE_C) #if defined(MBEDTLS_PK_WRITE_C)
@ -955,8 +949,8 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
const mbedtls_pk_context *key ); const mbedtls_pk_context *key);
#endif /* MBEDTLS_PK_WRITE_C */ #endif /* MBEDTLS_PK_WRITE_C */
/* /*
@ -964,7 +958,7 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
* know you do. * know you do.
*/ */
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n);
#endif #endif
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
@ -987,11 +981,11 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return An Mbed TLS error code otherwise. * \return An Mbed TLS error code otherwise.
*/ */
int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
mbedtls_svc_key_id_t *key, mbedtls_svc_key_id_t *key,
psa_algorithm_t alg, psa_algorithm_t alg,
psa_key_usage_t usage, psa_key_usage_t usage,
psa_algorithm_t alg2 ); psa_algorithm_t alg2);
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
#ifdef __cplusplus #ifdef __cplusplus

8
include/mbedtls/pkcs12.h
View File

@ -70,11 +70,11 @@ extern "C" {
* *
* \return 0 if successful, or a MBEDTLS_ERR_XXX code * \return 0 if successful, or a MBEDTLS_ERR_XXX code
*/ */
int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode,
mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
const unsigned char *pwd, size_t pwdlen, const unsigned char *pwd, size_t pwdlen,
const unsigned char *input, size_t len, const unsigned char *input, size_t len,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_ASN1_PARSE_C */ #endif /* MBEDTLS_ASN1_PARSE_C */
@ -105,10 +105,10 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
* *
* \return 0 if successful, or a MD, BIGNUM type error. * \return 0 if successful, or a MD, BIGNUM type error.
*/ */
int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen,
const unsigned char *pwd, size_t pwdlen, const unsigned char *pwd, size_t pwdlen,
const unsigned char *salt, size_t saltlen, const unsigned char *salt, size_t saltlen,
mbedtls_md_type_t mbedtls_md, int id, int iterations ); mbedtls_md_type_t mbedtls_md, int id, int iterations);
#ifdef __cplusplus #ifdef __cplusplus
} }

19
include/mbedtls/pkcs5.h
View File

@ -63,10 +63,10 @@ extern "C" {
* *
* \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/ */
int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode,
const unsigned char *pwd, size_t pwdlen, const unsigned char *pwd, size_t pwdlen,
const unsigned char *data, size_t datalen, const unsigned char *data, size_t datalen,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_ASN1_PARSE_C */ #endif /* MBEDTLS_ASN1_PARSE_C */
@ -84,11 +84,11 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
* *
* \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/ */
int mbedtls_pkcs5_pbkdf2_hmac_ext( mbedtls_md_type_t md_type, int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_type,
const unsigned char *password, const unsigned char *password,
size_t plen, const unsigned char *salt, size_t slen, size_t plen, const unsigned char *salt, size_t slen,
unsigned int iteration_count, unsigned int iteration_count,
uint32_t key_length, unsigned char *output ); uint32_t key_length, unsigned char *output);
#if defined(MBEDTLS_MD_C) #if defined(MBEDTLS_MD_C)
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
@ -108,11 +108,14 @@ int mbedtls_pkcs5_pbkdf2_hmac_ext( mbedtls_md_type_t md_type,
* *
* \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/ */
int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx,
const unsigned char *password, const unsigned char *password,
size_t plen, const unsigned char *salt, size_t slen, size_t plen,
const unsigned char *salt,
size_t slen,
unsigned int iteration_count, unsigned int iteration_count,
uint32_t key_length, unsigned char *output ); uint32_t key_length,
unsigned char *output);
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_MD_C */ #endif /* MBEDTLS_MD_C */
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -122,7 +125,7 @@ int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int mbedtls_pkcs5_self_test( int verbose ); int mbedtls_pkcs5_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

26
include/mbedtls/pkcs7.h
View File

@ -121,8 +121,7 @@ mbedtls_pkcs7_type;
/** /**
* Structure holding PKCS7 signer info * Structure holding PKCS7 signer info
*/ */
typedef struct mbedtls_pkcs7_signer_info typedef struct mbedtls_pkcs7_signer_info {
{
int MBEDTLS_PRIVATE(version); int MBEDTLS_PRIVATE(version);
mbedtls_x509_buf MBEDTLS_PRIVATE(serial); mbedtls_x509_buf MBEDTLS_PRIVATE(serial);
mbedtls_x509_name MBEDTLS_PRIVATE(issuer); mbedtls_x509_name MBEDTLS_PRIVATE(issuer);
@ -137,8 +136,7 @@ mbedtls_pkcs7_signer_info;
/** /**
* Structure holding attached data as part of PKCS7 signed data format * Structure holding attached data as part of PKCS7 signed data format
*/ */
typedef struct mbedtls_pkcs7_data typedef struct mbedtls_pkcs7_data {
{
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(oid); mbedtls_pkcs7_buf MBEDTLS_PRIVATE(oid);
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(data); mbedtls_pkcs7_buf MBEDTLS_PRIVATE(data);
} }
@ -147,8 +145,7 @@ mbedtls_pkcs7_data;
/** /**
* Structure holding the signed data section * Structure holding the signed data section
*/ */
typedef struct mbedtls_pkcs7_signed_data typedef struct mbedtls_pkcs7_signed_data {
{
int MBEDTLS_PRIVATE(version); int MBEDTLS_PRIVATE(version);
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(digest_alg_identifiers); mbedtls_pkcs7_buf MBEDTLS_PRIVATE(digest_alg_identifiers);
struct mbedtls_pkcs7_data MBEDTLS_PRIVATE(content); struct mbedtls_pkcs7_data MBEDTLS_PRIVATE(content);
@ -164,8 +161,7 @@ mbedtls_pkcs7_signed_data;
/** /**
* Structure holding PKCS7 structure, only signed data for now * Structure holding PKCS7 structure, only signed data for now
*/ */
typedef struct mbedtls_pkcs7 typedef struct mbedtls_pkcs7 {
{
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(raw); mbedtls_pkcs7_buf MBEDTLS_PRIVATE(raw);
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(content_type_oid); mbedtls_pkcs7_buf MBEDTLS_PRIVATE(content_type_oid);
mbedtls_pkcs7_signed_data MBEDTLS_PRIVATE(signed_data); mbedtls_pkcs7_signed_data MBEDTLS_PRIVATE(signed_data);
@ -177,7 +173,7 @@ mbedtls_pkcs7;
* *
* \param pkcs7 pkcs7 structure. * \param pkcs7 pkcs7 structure.
*/ */
void mbedtls_pkcs7_init( mbedtls_pkcs7 *pkcs7 ); void mbedtls_pkcs7_init(mbedtls_pkcs7 *pkcs7);
/** /**
* \brief Parse a single DER formatted pkcs7 content. * \brief Parse a single DER formatted pkcs7 content.
@ -193,8 +189,8 @@ void mbedtls_pkcs7_init( mbedtls_pkcs7 *pkcs7 );
* \return The \c mbedtls_pkcs7_type of \p buf, if successful. * \return The \c mbedtls_pkcs7_type of \p buf, if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_pkcs7_parse_der( mbedtls_pkcs7 *pkcs7, const unsigned char *buf, int mbedtls_pkcs7_parse_der(mbedtls_pkcs7 *pkcs7, const unsigned char *buf,
const size_t buflen ); const size_t buflen);
/** /**
* \brief Verification of PKCS7 signature against a caller-supplied * \brief Verification of PKCS7 signature against a caller-supplied
@ -220,10 +216,10 @@ int mbedtls_pkcs7_parse_der( mbedtls_pkcs7 *pkcs7, const unsigned char *buf,
* *
* \return 0 if the signature verifies, or a negative error code on failure. * \return 0 if the signature verifies, or a negative error code on failure.
*/ */
int mbedtls_pkcs7_signed_data_verify( mbedtls_pkcs7 *pkcs7, int mbedtls_pkcs7_signed_data_verify(mbedtls_pkcs7 *pkcs7,
const mbedtls_x509_crt *cert, const mbedtls_x509_crt *cert,
const unsigned char *data, const unsigned char *data,
size_t datalen ); size_t datalen);
/** /**
* \brief Verification of PKCS7 signature against a caller-supplied * \brief Verification of PKCS7 signature against a caller-supplied
@ -249,7 +245,7 @@ int mbedtls_pkcs7_signed_data_verify( mbedtls_pkcs7 *pkcs7,
* *
* \return 0 if the signature verifies, or a negative error code on failure. * \return 0 if the signature verifies, or a negative error code on failure.
*/ */
int mbedtls_pkcs7_signed_hash_verify( mbedtls_pkcs7 *pkcs7, int mbedtls_pkcs7_signed_hash_verify(mbedtls_pkcs7 *pkcs7,
const mbedtls_x509_crt *cert, const mbedtls_x509_crt *cert,
const unsigned char *hash, size_t hashlen); const unsigned char *hash, size_t hashlen);
@ -259,7 +255,7 @@ int mbedtls_pkcs7_signed_hash_verify( mbedtls_pkcs7 *pkcs7,
* *
* \param pkcs7 PKCS7 structure to free. * \param pkcs7 PKCS7 structure to free.
*/ */
void mbedtls_pkcs7_free( mbedtls_pkcs7 *pkcs7 ); void mbedtls_pkcs7_free(mbedtls_pkcs7 *pkcs7);
#ifdef __cplusplus #ifdef __cplusplus
} }

63
include/mbedtls/platform.h
View File

@ -144,8 +144,8 @@ extern "C" {
#else #else
/* For size_t */ /* For size_t */
#include <stddef.h> #include <stddef.h>
extern void *mbedtls_calloc( size_t n, size_t size ); extern void *mbedtls_calloc(size_t n, size_t size);
extern void mbedtls_free( void *ptr ); extern void mbedtls_free(void *ptr);
/** /**
* \brief This function dynamically sets the memory-management * \brief This function dynamically sets the memory-management
@ -156,8 +156,8 @@ extern void mbedtls_free( void *ptr );
* *
* \return \c 0. * \return \c 0.
*/ */
int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t),
void (*free_func)( void * ) ); void (*free_func)(void *));
#endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */ #endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */
#else /* !MBEDTLS_PLATFORM_MEMORY */ #else /* !MBEDTLS_PLATFORM_MEMORY */
#define mbedtls_free free #define mbedtls_free free
@ -170,7 +170,7 @@ int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ),
#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) #if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
/* We need FILE * */ /* We need FILE * */
#include <stdio.h> #include <stdio.h>
extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... ); extern int (*mbedtls_fprintf)(FILE *stream, const char *format, ...);
/** /**
* \brief This function dynamically configures the fprintf * \brief This function dynamically configures the fprintf
@ -181,8 +181,8 @@ extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... );
* *
* \return \c 0. * \return \c 0.
*/ */
int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *, int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *,
... ) ); ...));
#else #else
#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
#define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO #define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO
@ -195,7 +195,7 @@ int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char
* The function pointers for printf * The function pointers for printf
*/ */
#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) #if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
extern int (*mbedtls_printf)( const char *format, ... ); extern int (*mbedtls_printf)(const char *format, ...);
/** /**
* \brief This function dynamically configures the snprintf * \brief This function dynamically configures the snprintf
@ -206,7 +206,7 @@ extern int (*mbedtls_printf)( const char *format, ... );
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ); int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...));
#else /* !MBEDTLS_PLATFORM_PRINTF_ALT */ #else /* !MBEDTLS_PLATFORM_PRINTF_ALT */
#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
#define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO #define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO
@ -226,11 +226,11 @@ int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) );
*/ */
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF) #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
/* For Windows (inc. MSYS2), we provide our own fixed implementation */ /* For Windows (inc. MSYS2), we provide our own fixed implementation */
int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ); int mbedtls_platform_win32_snprintf(char *s, size_t n, const char *fmt, ...);
#endif #endif
#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) #if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... ); extern int (*mbedtls_snprintf)(char *s, size_t n, const char *format, ...);
/** /**
* \brief This function allows configuring a custom * \brief This function allows configuring a custom
@ -240,8 +240,8 @@ extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... );
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n,
const char * format, ... ) ); const char *format, ...));
#else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ #else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
#define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO #define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO
@ -262,12 +262,12 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF) #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
#include <stdarg.h> #include <stdarg.h>
/* For Older Windows (inc. MSYS2), we provide our own fixed implementation */ /* For Older Windows (inc. MSYS2), we provide our own fixed implementation */
int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg ); int mbedtls_platform_win32_vsnprintf(char *s, size_t n, const char *fmt, va_list arg);
#endif #endif
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) #if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
#include <stdarg.h> #include <stdarg.h>
extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_list arg ); extern int (*mbedtls_vsnprintf)(char *s, size_t n, const char *format, va_list arg);
/** /**
* \brief Set your own snprintf function pointer * \brief Set your own snprintf function pointer
@ -276,8 +276,8 @@ extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_lis
* *
* \return \c 0 * \return \c 0
*/ */
int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n, int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n,
const char * format, va_list arg ) ); const char *format, va_list arg));
#else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ #else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
#define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO #define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO
@ -307,7 +307,7 @@ int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
* The library always calls this function with * The library always calls this function with
* `buf` equal to `NULL`. * `buf` equal to `NULL`.
*/ */
extern void (*mbedtls_setbuf)( FILE *stream, char *buf ); extern void (*mbedtls_setbuf)(FILE *stream, char *buf);
/** /**
* \brief Dynamically configure the function that is called * \brief Dynamically configure the function that is called
@ -318,8 +318,8 @@ extern void (*mbedtls_setbuf)( FILE *stream, char *buf );
* *
* \return \c 0 * \return \c 0
*/ */
int mbedtls_platform_set_setbuf( void (*setbuf_func)( int mbedtls_platform_set_setbuf(void (*setbuf_func)(
FILE *stream, char *buf ) ); FILE *stream, char *buf));
#elif defined(MBEDTLS_PLATFORM_SETBUF_MACRO) #elif defined(MBEDTLS_PLATFORM_SETBUF_MACRO)
/** /**
* \brief Macro defining the function for the library to * \brief Macro defining the function for the library to
@ -340,7 +340,7 @@ int mbedtls_platform_set_setbuf( void (*setbuf_func)(
* The function pointers for exit * The function pointers for exit
*/ */
#if defined(MBEDTLS_PLATFORM_EXIT_ALT) #if defined(MBEDTLS_PLATFORM_EXIT_ALT)
extern void (*mbedtls_exit)( int status ); extern void (*mbedtls_exit)(int status);
/** /**
* \brief This function dynamically configures the exit * \brief This function dynamically configures the exit
@ -351,7 +351,7 @@ extern void (*mbedtls_exit)( int status );
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_platform_set_exit( void (*exit_func)( int status ) ); int mbedtls_platform_set_exit(void (*exit_func)(int status));
#else #else
#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) #if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
#define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO #define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO
@ -383,13 +383,13 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) );
#if defined(MBEDTLS_ENTROPY_NV_SEED) #if defined(MBEDTLS_ENTROPY_NV_SEED)
#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO) #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO)
/* Internal standard platform definitions */ /* Internal standard platform definitions */
int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len ); int mbedtls_platform_std_nv_seed_read(unsigned char *buf, size_t buf_len);
int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len ); int mbedtls_platform_std_nv_seed_write(unsigned char *buf, size_t buf_len);
#endif #endif
#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) #if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
extern int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ); extern int (*mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len);
extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ); extern int (*mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len);
/** /**
* \brief This function allows configuring custom seed file writing and * \brief This function allows configuring custom seed file writing and
@ -401,8 +401,8 @@ extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len );
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_platform_set_nv_seed( int mbedtls_platform_set_nv_seed(
int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ), int (*nv_seed_read_func)(unsigned char *buf, size_t buf_len),
int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len ) int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len)
); );
#else #else
#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \ #if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \
@ -424,8 +424,7 @@ int mbedtls_platform_set_nv_seed(
* \note This structure may be used to assist platform-specific * \note This structure may be used to assist platform-specific
* setup or teardown operations. * setup or teardown operations.
*/ */
typedef struct mbedtls_platform_context typedef struct mbedtls_platform_context {
{
char MBEDTLS_PRIVATE(dummy); /**< A placeholder member, as empty structs are not portable. */ char MBEDTLS_PRIVATE(dummy); /**< A placeholder member, as empty structs are not portable. */
} }
mbedtls_platform_context; mbedtls_platform_context;
@ -449,7 +448,7 @@ mbedtls_platform_context;
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_platform_setup( mbedtls_platform_context *ctx ); int mbedtls_platform_setup(mbedtls_platform_context *ctx);
/** /**
* \brief This function performs any platform teardown operations. * \brief This function performs any platform teardown operations.
* *
@ -464,7 +463,7 @@ int mbedtls_platform_setup( mbedtls_platform_context *ctx );
* \param ctx The platform context. * \param ctx The platform context.
* *
*/ */
void mbedtls_platform_teardown( mbedtls_platform_context *ctx ); void mbedtls_platform_teardown(mbedtls_platform_context *ctx);
#ifdef __cplusplus #ifdef __cplusplus
} }

4
include/mbedtls/platform_time.h
View File

@ -43,7 +43,7 @@ typedef time_t mbedtls_time_t;
* The function pointers for time * The function pointers for time
*/ */
#if defined(MBEDTLS_PLATFORM_TIME_ALT) #if defined(MBEDTLS_PLATFORM_TIME_ALT)
extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time ); extern mbedtls_time_t (*mbedtls_time)(mbedtls_time_t *time);
/** /**
* \brief Set your own time function pointer * \brief Set your own time function pointer
@ -52,7 +52,7 @@ extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time );
* *
* \return 0 * \return 0
*/ */
int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time ) ); int mbedtls_platform_set_time(mbedtls_time_t (*time_func)(mbedtls_time_t *time));
#else #else
#if defined(MBEDTLS_PLATFORM_TIME_MACRO) #if defined(MBEDTLS_PLATFORM_TIME_MACRO)
#define mbedtls_time MBEDTLS_PLATFORM_TIME_MACRO #define mbedtls_time MBEDTLS_PLATFORM_TIME_MACRO

26
include/mbedtls/platform_util.h
View File

@ -36,23 +36,23 @@ extern "C" {
#endif #endif
/* Internal macros meant to be called only from within the library. */ /* Internal macros meant to be called only from within the library. */
#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) do { } while( 0 ) #define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret) do { } while (0)
#define MBEDTLS_INTERNAL_VALIDATE( cond ) do { } while( 0 ) #define MBEDTLS_INTERNAL_VALIDATE(cond) do { } while (0)
/* Internal helper macros for deprecating API constants. */ /* Internal helper macros for deprecating API constants. */
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING) #if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated)) #define MBEDTLS_DEPRECATED __attribute__((deprecated))
MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_string_constant_t; MBEDTLS_DEPRECATED typedef char const *mbedtls_deprecated_string_constant_t;
#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) \ #define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL) \
( (mbedtls_deprecated_string_constant_t) ( VAL ) ) ((mbedtls_deprecated_string_constant_t) (VAL))
MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) \ #define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL) \
( (mbedtls_deprecated_numeric_constant_t) ( VAL ) ) ((mbedtls_deprecated_numeric_constant_t) (VAL))
#else /* MBEDTLS_DEPRECATED_WARNING */ #else /* MBEDTLS_DEPRECATED_WARNING */
#define MBEDTLS_DEPRECATED #define MBEDTLS_DEPRECATED
#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) VAL #define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL) VAL
#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) VAL #define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL) VAL
#endif /* MBEDTLS_DEPRECATED_WARNING */ #endif /* MBEDTLS_DEPRECATED_WARNING */
#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
@ -142,7 +142,7 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
* https://stackoverflow.com/questions/40576003/ignoring-warning-wunused-result * https://stackoverflow.com/questions/40576003/ignoring-warning-wunused-result
* https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c34 * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c34
*/ */
#define MBEDTLS_IGNORE_RETURN(result) ( (void) !( result ) ) #define MBEDTLS_IGNORE_RETURN(result) ((void) !(result))
#endif #endif
/** /**
@ -167,7 +167,7 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
* \param len Length of the buffer in bytes * \param len Length of the buffer in bytes
* *
*/ */
void mbedtls_platform_zeroize( void *buf, size_t len ); void mbedtls_platform_zeroize(void *buf, size_t len);
#if defined(MBEDTLS_HAVE_TIME_DATE) #if defined(MBEDTLS_HAVE_TIME_DATE)
/** /**
@ -196,8 +196,8 @@ void mbedtls_platform_zeroize( void *buf, size_t len );
* \return Pointer to an object of type struct tm on success, otherwise * \return Pointer to an object of type struct tm on success, otherwise
* NULL * NULL
*/ */
struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt, struct tm *mbedtls_platform_gmtime_r(const mbedtls_time_t *tt,
struct tm *tm_buf ); struct tm *tm_buf);
#endif /* MBEDTLS_HAVE_TIME_DATE */ #endif /* MBEDTLS_HAVE_TIME_DATE */
#ifdef __cplusplus #ifdef __cplusplus

25
include/mbedtls/poly1305.h
View File

@ -47,8 +47,7 @@ extern "C" {
#if !defined(MBEDTLS_POLY1305_ALT) #if !defined(MBEDTLS_POLY1305_ALT)
typedef struct mbedtls_poly1305_context typedef struct mbedtls_poly1305_context {
{
uint32_t MBEDTLS_PRIVATE(r)[4]; /** The value for 'r' (low 128 bits of the key). */ uint32_t MBEDTLS_PRIVATE(r)[4]; /** The value for 'r' (low 128 bits of the key). */
uint32_t MBEDTLS_PRIVATE(s)[4]; /** The value for 's' (high 128 bits of the key). */ uint32_t MBEDTLS_PRIVATE(s)[4]; /** The value for 's' (high 128 bits of the key). */
uint32_t MBEDTLS_PRIVATE(acc)[5]; /** The accumulator number. */ uint32_t MBEDTLS_PRIVATE(acc)[5]; /** The accumulator number. */
@ -76,7 +75,7 @@ mbedtls_poly1305_context;
* \param ctx The Poly1305 context to initialize. This must * \param ctx The Poly1305 context to initialize. This must
* not be \c NULL. * not be \c NULL.
*/ */
void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ); void mbedtls_poly1305_init(mbedtls_poly1305_context *ctx);
/** /**
* \brief This function releases and clears the specified * \brief This function releases and clears the specified
@ -86,7 +85,7 @@ void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx );
* case this function is a no-op. If it is not \c NULL, it must * case this function is a no-op. If it is not \c NULL, it must
* point to an initialized Poly1305 context. * point to an initialized Poly1305 context.
*/ */
void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx ); void mbedtls_poly1305_free(mbedtls_poly1305_context *ctx);
/** /**
* \brief This function sets the one-time authentication key. * \brief This function sets the one-time authentication key.
@ -101,8 +100,8 @@ void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, int mbedtls_poly1305_starts(mbedtls_poly1305_context *ctx,
const unsigned char key[32] ); const unsigned char key[32]);
/** /**
* \brief This functions feeds an input buffer into an ongoing * \brief This functions feeds an input buffer into an ongoing
@ -122,9 +121,9 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, int mbedtls_poly1305_update(mbedtls_poly1305_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief This function generates the Poly1305 Message * \brief This function generates the Poly1305 Message
@ -138,8 +137,8 @@ int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, int mbedtls_poly1305_finish(mbedtls_poly1305_context *ctx,
unsigned char mac[16] ); unsigned char mac[16]);
/** /**
* \brief This function calculates the Poly1305 MAC of the input * \brief This function calculates the Poly1305 MAC of the input
@ -159,10 +158,10 @@ int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_poly1305_mac( const unsigned char key[32], int mbedtls_poly1305_mac(const unsigned char key[32],
const unsigned char *input, const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char mac[16] ); unsigned char mac[16]);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
@ -171,7 +170,7 @@ int mbedtls_poly1305_mac( const unsigned char key[32],
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_poly1305_self_test( int verbose ); int mbedtls_poly1305_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus

2
include/mbedtls/private_access.h
View File

@ -1,4 +1,4 @@
/** /**
* \file private_access.h * \file private_access.h
* *
* \brief Macro wrapper for struct's members. * \brief Macro wrapper for struct's members.

133
include/mbedtls/psa_util.h
View File

@ -44,10 +44,9 @@
/* Translations for symmetric crypto. */ /* Translations for symmetric crypto. */
static inline psa_key_type_t mbedtls_psa_translate_cipher_type( static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
mbedtls_cipher_type_t cipher ) mbedtls_cipher_type_t cipher)
{ {
switch( cipher ) switch (cipher) {
{
case MBEDTLS_CIPHER_AES_128_CCM: case MBEDTLS_CIPHER_AES_128_CCM:
case MBEDTLS_CIPHER_AES_192_CCM: case MBEDTLS_CIPHER_AES_192_CCM:
case MBEDTLS_CIPHER_AES_256_CCM: case MBEDTLS_CIPHER_AES_256_CCM:
@ -63,7 +62,7 @@ static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
case MBEDTLS_CIPHER_AES_128_ECB: case MBEDTLS_CIPHER_AES_128_ECB:
case MBEDTLS_CIPHER_AES_192_ECB: case MBEDTLS_CIPHER_AES_192_ECB:
case MBEDTLS_CIPHER_AES_256_ECB: case MBEDTLS_CIPHER_AES_256_ECB:
return( PSA_KEY_TYPE_AES ); return PSA_KEY_TYPE_AES;
/* ARIA not yet supported in PSA. */ /* ARIA not yet supported in PSA. */
/* case MBEDTLS_CIPHER_ARIA_128_CCM: /* case MBEDTLS_CIPHER_ARIA_128_CCM:
@ -81,44 +80,43 @@ static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
return( PSA_KEY_TYPE_ARIA ); */ return( PSA_KEY_TYPE_ARIA ); */
default: default:
return( 0 ); return 0;
} }
} }
static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode( static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
mbedtls_cipher_mode_t mode, size_t taglen ) mbedtls_cipher_mode_t mode, size_t taglen)
{ {
switch( mode ) switch (mode) {
{
case MBEDTLS_MODE_ECB: case MBEDTLS_MODE_ECB:
return( PSA_ALG_ECB_NO_PADDING ); return PSA_ALG_ECB_NO_PADDING;
case MBEDTLS_MODE_GCM: case MBEDTLS_MODE_GCM:
return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, taglen ) ); return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, taglen);
case MBEDTLS_MODE_CCM: case MBEDTLS_MODE_CCM:
return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) ); return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen);
case MBEDTLS_MODE_CCM_STAR_NO_TAG: case MBEDTLS_MODE_CCM_STAR_NO_TAG:
return PSA_ALG_CCM_STAR_NO_TAG; return PSA_ALG_CCM_STAR_NO_TAG;
case MBEDTLS_MODE_CBC: case MBEDTLS_MODE_CBC:
if( taglen == 0 ) if (taglen == 0) {
return( PSA_ALG_CBC_NO_PADDING ); return PSA_ALG_CBC_NO_PADDING;
else } else {
return( 0 ); return 0;
}
default: default:
return( 0 ); return 0;
} }
} }
static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation( static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
mbedtls_operation_t op ) mbedtls_operation_t op)
{ {
switch( op ) switch (op) {
{
case MBEDTLS_ENCRYPT: case MBEDTLS_ENCRYPT:
return( PSA_KEY_USAGE_ENCRYPT ); return PSA_KEY_USAGE_ENCRYPT;
case MBEDTLS_DECRYPT: case MBEDTLS_DECRYPT:
return( PSA_KEY_USAGE_DECRYPT ); return PSA_KEY_USAGE_DECRYPT;
default: default:
return( 0 ); return 0;
} }
} }
@ -127,42 +125,41 @@ static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
/* Note: this function should not be used from inside the library, use /* Note: this function should not be used from inside the library, use
* mbedtls_hash_info_psa_from_md() from the internal hash_info.h instead. * mbedtls_hash_info_psa_from_md() from the internal hash_info.h instead.
* It is kept only for compatibility in case applications were using it. */ * It is kept only for compatibility in case applications were using it. */
static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg ) static inline psa_algorithm_t mbedtls_psa_translate_md(mbedtls_md_type_t md_alg)
{ {
switch( md_alg ) switch (md_alg) {
{
#if defined(MBEDTLS_MD5_C) || defined(PSA_WANT_ALG_MD5) #if defined(MBEDTLS_MD5_C) || defined(PSA_WANT_ALG_MD5)
case MBEDTLS_MD_MD5: case MBEDTLS_MD_MD5:
return( PSA_ALG_MD5 ); return PSA_ALG_MD5;
#endif #endif
#if defined(MBEDTLS_SHA1_C) || defined(PSA_WANT_ALG_SHA_1) #if defined(MBEDTLS_SHA1_C) || defined(PSA_WANT_ALG_SHA_1)
case MBEDTLS_MD_SHA1: case MBEDTLS_MD_SHA1:
return( PSA_ALG_SHA_1 ); return PSA_ALG_SHA_1;
#endif #endif
#if defined(MBEDTLS_SHA224_C) || defined(PSA_WANT_ALG_SHA_224) #if defined(MBEDTLS_SHA224_C) || defined(PSA_WANT_ALG_SHA_224)
case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA224:
return( PSA_ALG_SHA_224 ); return PSA_ALG_SHA_224;
#endif #endif
#if defined(MBEDTLS_SHA256_C) || defined(PSA_WANT_ALG_SHA_256) #if defined(MBEDTLS_SHA256_C) || defined(PSA_WANT_ALG_SHA_256)
case MBEDTLS_MD_SHA256: case MBEDTLS_MD_SHA256:
return( PSA_ALG_SHA_256 ); return PSA_ALG_SHA_256;
#endif #endif
#if defined(MBEDTLS_SHA384_C) || defined(PSA_WANT_ALG_SHA_384) #if defined(MBEDTLS_SHA384_C) || defined(PSA_WANT_ALG_SHA_384)
case MBEDTLS_MD_SHA384: case MBEDTLS_MD_SHA384:
return( PSA_ALG_SHA_384 ); return PSA_ALG_SHA_384;
#endif #endif
#if defined(MBEDTLS_SHA512_C) || defined(PSA_WANT_ALG_SHA_512) #if defined(MBEDTLS_SHA512_C) || defined(PSA_WANT_ALG_SHA_512)
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
return( PSA_ALG_SHA_512 ); return PSA_ALG_SHA_512;
#endif #endif
#if defined(MBEDTLS_RIPEMD160_C) || defined(PSA_WANT_ALG_RIPEMD160) #if defined(MBEDTLS_RIPEMD160_C) || defined(PSA_WANT_ALG_RIPEMD160)
case MBEDTLS_MD_RIPEMD160: case MBEDTLS_MD_RIPEMD160:
return( PSA_ALG_RIPEMD160 ); return PSA_ALG_RIPEMD160;
#endif #endif
case MBEDTLS_MD_NONE: case MBEDTLS_MD_NONE:
return( 0 ); return 0;
default: default:
return( 0 ); return 0;
} }
} }
@ -170,99 +167,95 @@ static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg
static inline int mbedtls_psa_get_ecc_oid_from_id( static inline int mbedtls_psa_get_ecc_oid_from_id(
psa_ecc_family_t curve, size_t bits, psa_ecc_family_t curve, size_t bits,
char const **oid, size_t *oid_len ) char const **oid, size_t *oid_len)
{ {
switch( curve ) switch (curve) {
{
case PSA_ECC_FAMILY_SECP_R1: case PSA_ECC_FAMILY_SECP_R1:
switch( bits ) switch (bits) {
{
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
case 192: case 192:
*oid = MBEDTLS_OID_EC_GRP_SECP192R1; *oid = MBEDTLS_OID_EC_GRP_SECP192R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
case 224: case 224:
*oid = MBEDTLS_OID_EC_GRP_SECP224R1; *oid = MBEDTLS_OID_EC_GRP_SECP224R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
case 256: case 256:
*oid = MBEDTLS_OID_EC_GRP_SECP256R1; *oid = MBEDTLS_OID_EC_GRP_SECP256R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
case 384: case 384:
*oid = MBEDTLS_OID_EC_GRP_SECP384R1; *oid = MBEDTLS_OID_EC_GRP_SECP384R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP384R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
case 521: case 521:
*oid = MBEDTLS_OID_EC_GRP_SECP521R1; *oid = MBEDTLS_OID_EC_GRP_SECP521R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP521R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
} }
break; break;
case PSA_ECC_FAMILY_SECP_K1: case PSA_ECC_FAMILY_SECP_K1:
switch( bits ) switch (bits) {
{
#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
case 192: case 192:
*oid = MBEDTLS_OID_EC_GRP_SECP192K1; *oid = MBEDTLS_OID_EC_GRP_SECP192K1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192K1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
case 224: case 224:
*oid = MBEDTLS_OID_EC_GRP_SECP224K1; *oid = MBEDTLS_OID_EC_GRP_SECP224K1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224K1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
case 256: case 256:
*oid = MBEDTLS_OID_EC_GRP_SECP256K1; *oid = MBEDTLS_OID_EC_GRP_SECP256K1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256K1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
} }
break; break;
case PSA_ECC_FAMILY_BRAINPOOL_P_R1: case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
switch( bits ) switch (bits) {
{
#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
case 256: case 256:
*oid = MBEDTLS_OID_EC_GRP_BP256R1; *oid = MBEDTLS_OID_EC_GRP_BP256R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP256R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
case 384: case 384:
*oid = MBEDTLS_OID_EC_GRP_BP384R1; *oid = MBEDTLS_OID_EC_GRP_BP384R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP384R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
case 512: case 512:
*oid = MBEDTLS_OID_EC_GRP_BP512R1; *oid = MBEDTLS_OID_EC_GRP_BP512R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP512R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
} }
break; break;
} }
(void) oid; (void) oid;
(void) oid_len; (void) oid_len;
return( -1 ); return -1;
} }
#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \ #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \
PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE( PSA_VENDOR_ECC_MAX_CURVE_BITS ) PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
/* Expose whatever RNG the PSA subsystem uses to applications using the /* Expose whatever RNG the PSA subsystem uses to applications using the
* mbedtls_xxx API. The declarations and definitions here need to be * mbedtls_xxx API. The declarations and definitions here need to be
@ -276,7 +269,7 @@ static inline int mbedtls_psa_get_ecc_oid_from_id(
* This type name is not part of the Mbed TLS stable API. It may be renamed * This type name is not part of the Mbed TLS stable API. It may be renamed
* or moved without warning. * or moved without warning.
*/ */
typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_size ); typedef int mbedtls_f_rng_t(void *p_rng, unsigned char *output, size_t output_size);
#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
@ -315,9 +308,9 @@ typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_s
* `MBEDTLS_ERR_CTR_DRBG_xxx` or * `MBEDTLS_ERR_CTR_DRBG_xxx` or
* `MBEDTLS_ERR_HMAC_DRBG_xxx` on error. * `MBEDTLS_ERR_HMAC_DRBG_xxx` on error.
*/ */
int mbedtls_psa_get_random( void *p_rng, int mbedtls_psa_get_random(void *p_rng,
unsigned char *output, unsigned char *output,
size_t output_size ); size_t output_size);
/** The random generator state for the PSA subsystem. /** The random generator state for the PSA subsystem.
* *

31
include/mbedtls/ripemd160.h
View File

@ -39,8 +39,7 @@ extern "C" {
/** /**
* \brief RIPEMD-160 context structure * \brief RIPEMD-160 context structure
*/ */
typedef struct mbedtls_ripemd160_context typedef struct mbedtls_ripemd160_context {
{
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */ uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */
uint32_t MBEDTLS_PRIVATE(state)[5]; /*!< intermediate digest state */ uint32_t MBEDTLS_PRIVATE(state)[5]; /*!< intermediate digest state */
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */ unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */
@ -56,14 +55,14 @@ mbedtls_ripemd160_context;
* *
* \param ctx RIPEMD-160 context to be initialized * \param ctx RIPEMD-160 context to be initialized
*/ */
void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx ); void mbedtls_ripemd160_init(mbedtls_ripemd160_context *ctx);
/** /**
* \brief Clear RIPEMD-160 context * \brief Clear RIPEMD-160 context
* *
* \param ctx RIPEMD-160 context to be cleared * \param ctx RIPEMD-160 context to be cleared
*/ */
void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx ); void mbedtls_ripemd160_free(mbedtls_ripemd160_context *ctx);
/** /**
* \brief Clone (the state of) a RIPEMD-160 context * \brief Clone (the state of) a RIPEMD-160 context
@ -71,8 +70,8 @@ void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx );
* \param dst The destination context * \param dst The destination context
* \param src The context to be cloned * \param src The context to be cloned
*/ */
void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, void mbedtls_ripemd160_clone(mbedtls_ripemd160_context *dst,
const mbedtls_ripemd160_context *src ); const mbedtls_ripemd160_context *src);
/** /**
* \brief RIPEMD-160 context setup * \brief RIPEMD-160 context setup
@ -81,7 +80,7 @@ void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx ); int mbedtls_ripemd160_starts(mbedtls_ripemd160_context *ctx);
/** /**
* \brief RIPEMD-160 process buffer * \brief RIPEMD-160 process buffer
@ -92,9 +91,9 @@ int mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx );
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx, int mbedtls_ripemd160_update(mbedtls_ripemd160_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief RIPEMD-160 final digest * \brief RIPEMD-160 final digest
@ -104,8 +103,8 @@ int mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, int mbedtls_ripemd160_finish(mbedtls_ripemd160_context *ctx,
unsigned char output[20] ); unsigned char output[20]);
/** /**
* \brief RIPEMD-160 process data block (internal use only) * \brief RIPEMD-160 process data block (internal use only)
@ -115,8 +114,8 @@ int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx,
const unsigned char data[64] ); const unsigned char data[64]);
/** /**
* \brief Output = RIPEMD-160( input buffer ) * \brief Output = RIPEMD-160( input buffer )
@ -127,9 +126,9 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_ripemd160( const unsigned char *input, int mbedtls_ripemd160(const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char output[20] ); unsigned char output[20]);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -138,7 +137,7 @@ int mbedtls_ripemd160( const unsigned char *input,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int mbedtls_ripemd160_self_test( int verbose ); int mbedtls_ripemd160_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

115
include/mbedtls/rsa.h
View File

@ -88,8 +88,7 @@ extern "C" {
/** /**
* \brief The RSA context structure. * \brief The RSA context structure.
*/ */
typedef struct mbedtls_rsa_context typedef struct mbedtls_rsa_context {
{
int MBEDTLS_PRIVATE(ver); /*!< Reserved for internal purposes. int MBEDTLS_PRIVATE(ver); /*!< Reserved for internal purposes.
* Do not set this field in application * Do not set this field in application
* code. Its meaning might change without * code. Its meaning might change without
@ -143,7 +142,7 @@ mbedtls_rsa_context;
* *
* \param ctx The RSA context to initialize. This must not be \c NULL. * \param ctx The RSA context to initialize. This must not be \c NULL.
*/ */
void mbedtls_rsa_init( mbedtls_rsa_context *ctx ); void mbedtls_rsa_init(mbedtls_rsa_context *ctx);
/** /**
* \brief This function sets padding for an already initialized RSA * \brief This function sets padding for an already initialized RSA
@ -179,8 +178,8 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx );
* \return #MBEDTLS_ERR_RSA_INVALID_PADDING failure: * \return #MBEDTLS_ERR_RSA_INVALID_PADDING failure:
* \p padding or \p hash_id is invalid. * \p padding or \p hash_id is invalid.
*/ */
int mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding,
mbedtls_md_type_t hash_id ); mbedtls_md_type_t hash_id);
/** /**
* \brief This function imports a set of core parameters into an * \brief This function imports a set of core parameters into an
@ -211,10 +210,10 @@ int mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_rsa_import( mbedtls_rsa_context *ctx, int mbedtls_rsa_import(mbedtls_rsa_context *ctx,
const mbedtls_mpi *N, const mbedtls_mpi *N,
const mbedtls_mpi *P, const mbedtls_mpi *Q, const mbedtls_mpi *P, const mbedtls_mpi *Q,
const mbedtls_mpi *D, const mbedtls_mpi *E ); const mbedtls_mpi *D, const mbedtls_mpi *E);
/** /**
* \brief This function imports core RSA parameters, in raw big-endian * \brief This function imports core RSA parameters, in raw big-endian
@ -250,12 +249,12 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx,
unsigned char const *N, size_t N_len, unsigned char const *N, size_t N_len,
unsigned char const *P, size_t P_len, unsigned char const *P, size_t P_len,
unsigned char const *Q, size_t Q_len, unsigned char const *Q, size_t Q_len,
unsigned char const *D, size_t D_len, unsigned char const *D, size_t D_len,
unsigned char const *E, size_t E_len ); unsigned char const *E, size_t E_len);
/** /**
* \brief This function completes an RSA context from * \brief This function completes an RSA context from
@ -289,7 +288,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
* failed. * failed.
* *
*/ */
int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ); int mbedtls_rsa_complete(mbedtls_rsa_context *ctx);
/** /**
* \brief This function exports the core parameters of an RSA key. * \brief This function exports the core parameters of an RSA key.
@ -331,9 +330,9 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx );
* \return A non-zero return code on any other failure. * \return A non-zero return code on any other failure.
* *
*/ */
int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, int mbedtls_rsa_export(const mbedtls_rsa_context *ctx,
mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
mbedtls_mpi *D, mbedtls_mpi *E ); mbedtls_mpi *D, mbedtls_mpi *E);
/** /**
* \brief This function exports core parameters of an RSA key * \brief This function exports core parameters of an RSA key
@ -382,12 +381,12 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
* functionality or because of security policies. * functionality or because of security policies.
* \return A non-zero return code on any other failure. * \return A non-zero return code on any other failure.
*/ */
int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx, int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx,
unsigned char *N, size_t N_len, unsigned char *N, size_t N_len,
unsigned char *P, size_t P_len, unsigned char *P, size_t P_len,
unsigned char *Q, size_t Q_len, unsigned char *Q, size_t Q_len,
unsigned char *D, size_t D_len, unsigned char *D, size_t D_len,
unsigned char *E, size_t E_len ); unsigned char *E, size_t E_len);
/** /**
* \brief This function exports CRT parameters of a private RSA key. * \brief This function exports CRT parameters of a private RSA key.
@ -408,8 +407,8 @@ int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
* *
*/ */
int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx,
mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP ); mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP);
/** /**
* \brief This function retrieves the length of RSA modulus in Bytes. * \brief This function retrieves the length of RSA modulus in Bytes.
@ -419,7 +418,7 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
* \return The length of the RSA modulus in Bytes. * \return The length of the RSA modulus in Bytes.
* *
*/ */
size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ); size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx);
/** /**
* \brief This function generates an RSA keypair. * \brief This function generates an RSA keypair.
@ -439,10 +438,10 @@ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
unsigned int nbits, int exponent ); unsigned int nbits, int exponent);
/** /**
* \brief This function checks if a context contains at least an RSA * \brief This function checks if a context contains at least an RSA
@ -458,7 +457,7 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
* *
*/ */
int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ); int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx);
/** /**
* \brief This function checks if a context contains an RSA private key * \brief This function checks if a context contains an RSA private key
@ -496,7 +495,7 @@ int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ); int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx);
/** /**
* \brief This function checks a public-private RSA key pair. * \brief This function checks a public-private RSA key pair.
@ -509,8 +508,8 @@ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub,
const mbedtls_rsa_context *prv ); const mbedtls_rsa_context *prv);
/** /**
* \brief This function performs an RSA public key operation. * \brief This function performs an RSA public key operation.
@ -531,9 +530,9 @@ int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_public( mbedtls_rsa_context *ctx, int mbedtls_rsa_public(mbedtls_rsa_context *ctx,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function performs an RSA private key operation. * \brief This function performs an RSA private key operation.
@ -564,11 +563,11 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
* *
*/ */
int mbedtls_rsa_private( mbedtls_rsa_context *ctx, int mbedtls_rsa_private(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function adds the message padding, then performs an RSA * \brief This function adds the message padding, then performs an RSA
@ -593,12 +592,12 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
size_t ilen, size_t ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function performs a PKCS#1 v1.5 encryption operation * \brief This function performs a PKCS#1 v1.5 encryption operation
@ -620,12 +619,12 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
size_t ilen, size_t ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function performs a PKCS#1 v2.1 OAEP encryption * \brief This function performs a PKCS#1 v2.1 OAEP encryption
@ -654,13 +653,13 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
const unsigned char *label, size_t label_len, const unsigned char *label, size_t label_len,
size_t ilen, size_t ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function performs an RSA operation, then removes the * \brief This function performs an RSA operation, then removes the
@ -693,13 +692,13 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
size_t *olen, size_t *olen,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
size_t output_max_len ); size_t output_max_len);
/** /**
* \brief This function performs a PKCS#1 v1.5 decryption * \brief This function performs a PKCS#1 v1.5 decryption
@ -730,13 +729,13 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
* *
*/ */
int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
size_t *olen, size_t *olen,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
size_t output_max_len ); size_t output_max_len);
/** /**
* \brief This function performs a PKCS#1 v2.1 OAEP decryption * \brief This function performs a PKCS#1 v2.1 OAEP decryption
@ -771,14 +770,14 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
const unsigned char *label, size_t label_len, const unsigned char *label, size_t label_len,
size_t *olen, size_t *olen,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
size_t output_max_len ); size_t output_max_len);
/** /**
* \brief This function performs a private RSA operation to sign * \brief This function performs a private RSA operation to sign
@ -814,13 +813,13 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
* \return \c 0 if the signing operation was successful. * \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig);
/** /**
* \brief This function performs a PKCS#1 v1.5 signature * \brief This function performs a PKCS#1 v1.5 signature
@ -846,13 +845,13 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
* \return \c 0 if the signing operation was successful. * \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig);
/** /**
* \brief This function performs a PKCS#1 v2.1 PSS signature * \brief This function performs a PKCS#1 v2.1 PSS signature
@ -897,14 +896,14 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
* \return \c 0 if the signing operation was successful. * \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
int saltlen, int saltlen,
unsigned char *sig ); unsigned char *sig);
/** /**
* \brief This function performs a PKCS#1 v2.1 PSS signature * \brief This function performs a PKCS#1 v2.1 PSS signature
@ -947,13 +946,13 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
* \return \c 0 if the signing operation was successful. * \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig);
/** /**
* \brief This function performs a public RSA operation and checks * \brief This function performs a public RSA operation and checks
@ -981,11 +980,11 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
* \return \c 0 if the verify operation was successful. * \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
const unsigned char *sig ); const unsigned char *sig);
/** /**
* \brief This function performs a PKCS#1 v1.5 verification * \brief This function performs a PKCS#1 v1.5 verification
@ -1006,11 +1005,11 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
* \return \c 0 if the verify operation was successful. * \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
const unsigned char *sig ); const unsigned char *sig);
/** /**
* \brief This function performs a PKCS#1 v2.1 PSS verification * \brief This function performs a PKCS#1 v2.1 PSS verification
@ -1041,11 +1040,11 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
* \return \c 0 if the verify operation was successful. * \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
const unsigned char *sig ); const unsigned char *sig);
/** /**
* \brief This function performs a PKCS#1 v2.1 PSS verification * \brief This function performs a PKCS#1 v2.1 PSS verification
@ -1081,13 +1080,13 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
* \return \c 0 if the verify operation was successful. * \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
mbedtls_md_type_t mgf1_hash_id, mbedtls_md_type_t mgf1_hash_id,
int expected_salt_len, int expected_salt_len,
const unsigned char *sig ); const unsigned char *sig);
/** /**
* \brief This function copies the components of an RSA context. * \brief This function copies the components of an RSA context.
@ -1098,7 +1097,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure.
*/ */
int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ); int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src);
/** /**
* \brief This function frees the components of an RSA key. * \brief This function frees the components of an RSA key.
@ -1107,7 +1106,7 @@ int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src )
* this function is a no-op. If it is not \c NULL, it must * this function is a no-op. If it is not \c NULL, it must
* point to an initialized RSA context. * point to an initialized RSA context.
*/ */
void mbedtls_rsa_free( mbedtls_rsa_context *ctx ); void mbedtls_rsa_free(mbedtls_rsa_context *ctx);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -1117,7 +1116,7 @@ void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_rsa_self_test( int verbose ); int mbedtls_rsa_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

31
include/mbedtls/sha1.h
View File

@ -54,8 +54,7 @@ extern "C" {
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
typedef struct mbedtls_sha1_context typedef struct mbedtls_sha1_context {
{
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */ uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */
uint32_t MBEDTLS_PRIVATE(state)[5]; /*!< The intermediate digest state. */ uint32_t MBEDTLS_PRIVATE(state)[5]; /*!< The intermediate digest state. */
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */ unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */
@ -77,7 +76,7 @@ mbedtls_sha1_context;
* This must not be \c NULL. * This must not be \c NULL.
* *
*/ */
void mbedtls_sha1_init( mbedtls_sha1_context *ctx ); void mbedtls_sha1_init(mbedtls_sha1_context *ctx);
/** /**
* \brief This function clears a SHA-1 context. * \brief This function clears a SHA-1 context.
@ -92,7 +91,7 @@ void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
* SHA-1 context. * SHA-1 context.
* *
*/ */
void mbedtls_sha1_free( mbedtls_sha1_context *ctx ); void mbedtls_sha1_free(mbedtls_sha1_context *ctx);
/** /**
* \brief This function clones the state of a SHA-1 context. * \brief This function clones the state of a SHA-1 context.
@ -105,8 +104,8 @@ void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
* \param src The SHA-1 context to clone from. This must be initialized. * \param src The SHA-1 context to clone from. This must be initialized.
* *
*/ */
void mbedtls_sha1_clone( mbedtls_sha1_context *dst, void mbedtls_sha1_clone(mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src ); const mbedtls_sha1_context *src);
/** /**
* \brief This function starts a SHA-1 checksum calculation. * \brief This function starts a SHA-1 checksum calculation.
@ -121,7 +120,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
* \return A negative error code on failure. * \return A negative error code on failure.
* *
*/ */
int mbedtls_sha1_starts( mbedtls_sha1_context *ctx ); int mbedtls_sha1_starts(mbedtls_sha1_context *ctx);
/** /**
* \brief This function feeds an input buffer into an ongoing SHA-1 * \brief This function feeds an input buffer into an ongoing SHA-1
@ -140,9 +139,9 @@ int mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha1_update( mbedtls_sha1_context *ctx, int mbedtls_sha1_update(mbedtls_sha1_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief This function finishes the SHA-1 operation, and writes * \brief This function finishes the SHA-1 operation, and writes
@ -160,8 +159,8 @@ int mbedtls_sha1_update( mbedtls_sha1_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, int mbedtls_sha1_finish(mbedtls_sha1_context *ctx,
unsigned char output[20] ); unsigned char output[20]);
/** /**
* \brief SHA-1 process data block (internal use only). * \brief SHA-1 process data block (internal use only).
@ -178,8 +177,8 @@ int mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
* \return A negative error code on failure. * \return A negative error code on failure.
* *
*/ */
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx,
const unsigned char data[64] ); const unsigned char data[64]);
/** /**
* \brief This function calculates the SHA-1 checksum of a buffer. * \brief This function calculates the SHA-1 checksum of a buffer.
@ -204,9 +203,9 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
* \return A negative error code on failure. * \return A negative error code on failure.
* *
*/ */
int mbedtls_sha1( const unsigned char *input, int mbedtls_sha1(const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char output[20] ); unsigned char output[20]);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -221,7 +220,7 @@ int mbedtls_sha1( const unsigned char *input,
* \return \c 1 on failure. * \return \c 1 on failure.
* *
*/ */
int mbedtls_sha1_self_test( int verbose ); int mbedtls_sha1_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

33
include/mbedtls/sha256.h
View File

@ -49,8 +49,7 @@ extern "C" {
* checksum calculations. The choice between these two is * checksum calculations. The choice between these two is
* made in the call to mbedtls_sha256_starts(). * made in the call to mbedtls_sha256_starts().
*/ */
typedef struct mbedtls_sha256_context typedef struct mbedtls_sha256_context {
{
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */ uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */
uint32_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */ uint32_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */ unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */
@ -68,7 +67,7 @@ mbedtls_sha256_context;
* *
* \param ctx The SHA-256 context to initialize. This must not be \c NULL. * \param ctx The SHA-256 context to initialize. This must not be \c NULL.
*/ */
void mbedtls_sha256_init( mbedtls_sha256_context *ctx ); void mbedtls_sha256_init(mbedtls_sha256_context *ctx);
/** /**
* \brief This function clears a SHA-256 context. * \brief This function clears a SHA-256 context.
@ -77,7 +76,7 @@ void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
* case this function returns immediately. If it is not \c NULL, * case this function returns immediately. If it is not \c NULL,
* it must point to an initialized SHA-256 context. * it must point to an initialized SHA-256 context.
*/ */
void mbedtls_sha256_free( mbedtls_sha256_context *ctx ); void mbedtls_sha256_free(mbedtls_sha256_context *ctx);
/** /**
* \brief This function clones the state of a SHA-256 context. * \brief This function clones the state of a SHA-256 context.
@ -85,8 +84,8 @@ void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
* \param dst The destination context. This must be initialized. * \param dst The destination context. This must be initialized.
* \param src The context to clone. This must be initialized. * \param src The context to clone. This must be initialized.
*/ */
void mbedtls_sha256_clone( mbedtls_sha256_context *dst, void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src ); const mbedtls_sha256_context *src);
/** /**
* \brief This function starts a SHA-224 or SHA-256 checksum * \brief This function starts a SHA-224 or SHA-256 checksum
@ -103,7 +102,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ); int mbedtls_sha256_starts(mbedtls_sha256_context *ctx, int is224);
/** /**
* \brief This function feeds an input buffer into an ongoing * \brief This function feeds an input buffer into an ongoing
@ -118,9 +117,9 @@ int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 );
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha256_update( mbedtls_sha256_context *ctx, int mbedtls_sha256_update(mbedtls_sha256_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief This function finishes the SHA-256 operation, and writes * \brief This function finishes the SHA-256 operation, and writes
@ -135,8 +134,8 @@ int mbedtls_sha256_update( mbedtls_sha256_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha256_finish( mbedtls_sha256_context *ctx, int mbedtls_sha256_finish(mbedtls_sha256_context *ctx,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function processes a single data block within * \brief This function processes a single data block within
@ -150,8 +149,8 @@ int mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx,
const unsigned char data[64] ); const unsigned char data[64]);
/** /**
* \brief This function calculates the SHA-224 or SHA-256 * \brief This function calculates the SHA-224 or SHA-256
@ -175,10 +174,10 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha256( const unsigned char *input, int mbedtls_sha256(const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char *output, unsigned char *output,
int is224 ); int is224);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -189,7 +188,7 @@ int mbedtls_sha256( const unsigned char *input,
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_sha224_self_test( int verbose ); int mbedtls_sha224_self_test(int verbose);
#endif /* MBEDTLS_SHA224_C */ #endif /* MBEDTLS_SHA224_C */
#if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_SHA256_C)
@ -199,7 +198,7 @@ int mbedtls_sha224_self_test( int verbose );
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_sha256_self_test( int verbose ); int mbedtls_sha256_self_test(int verbose);
#endif /* MBEDTLS_SHA256_C */ #endif /* MBEDTLS_SHA256_C */
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

37
include/mbedtls/sha512.h
View File

@ -48,8 +48,7 @@ extern "C" {
* checksum calculations. The choice between these two is * checksum calculations. The choice between these two is
* made in the call to mbedtls_sha512_starts(). * made in the call to mbedtls_sha512_starts().
*/ */
typedef struct mbedtls_sha512_context typedef struct mbedtls_sha512_context {
{
uint64_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */ uint64_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */
uint64_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */ uint64_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */
unsigned char MBEDTLS_PRIVATE(buffer)[128]; /*!< The data block being processed. */ unsigned char MBEDTLS_PRIVATE(buffer)[128]; /*!< The data block being processed. */
@ -70,7 +69,7 @@ mbedtls_sha512_context;
* \param ctx The SHA-512 context to initialize. This must * \param ctx The SHA-512 context to initialize. This must
* not be \c NULL. * not be \c NULL.
*/ */
void mbedtls_sha512_init( mbedtls_sha512_context *ctx ); void mbedtls_sha512_init(mbedtls_sha512_context *ctx);
/** /**
* \brief This function clears a SHA-512 context. * \brief This function clears a SHA-512 context.
@ -80,7 +79,7 @@ void mbedtls_sha512_init( mbedtls_sha512_context *ctx );
* is not \c NULL, it must point to an initialized * is not \c NULL, it must point to an initialized
* SHA-512 context. * SHA-512 context.
*/ */
void mbedtls_sha512_free( mbedtls_sha512_context *ctx ); void mbedtls_sha512_free(mbedtls_sha512_context *ctx);
/** /**
* \brief This function clones the state of a SHA-512 context. * \brief This function clones the state of a SHA-512 context.
@ -88,8 +87,8 @@ void mbedtls_sha512_free( mbedtls_sha512_context *ctx );
* \param dst The destination context. This must be initialized. * \param dst The destination context. This must be initialized.
* \param src The context to clone. This must be initialized. * \param src The context to clone. This must be initialized.
*/ */
void mbedtls_sha512_clone( mbedtls_sha512_context *dst, void mbedtls_sha512_clone(mbedtls_sha512_context *dst,
const mbedtls_sha512_context *src ); const mbedtls_sha512_context *src);
/** /**
* \brief This function starts a SHA-384 or SHA-512 checksum * \brief This function starts a SHA-384 or SHA-512 checksum
@ -106,7 +105,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ); int mbedtls_sha512_starts(mbedtls_sha512_context *ctx, int is384);
/** /**
* \brief This function feeds an input buffer into an ongoing * \brief This function feeds an input buffer into an ongoing
@ -121,9 +120,9 @@ int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 );
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha512_update( mbedtls_sha512_context *ctx, int mbedtls_sha512_update(mbedtls_sha512_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief This function finishes the SHA-512 operation, and writes * \brief This function finishes the SHA-512 operation, and writes
@ -138,8 +137,8 @@ int mbedtls_sha512_update( mbedtls_sha512_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha512_finish( mbedtls_sha512_context *ctx, int mbedtls_sha512_finish(mbedtls_sha512_context *ctx,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function processes a single data block within * \brief This function processes a single data block within
@ -153,8 +152,8 @@ int mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx,
const unsigned char data[128] ); const unsigned char data[128]);
/** /**
* \brief This function calculates the SHA-512 or SHA-384 * \brief This function calculates the SHA-512 or SHA-384
@ -185,31 +184,31 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha512( const unsigned char *input, int mbedtls_sha512(const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char *output, unsigned char *output,
int is384 ); int is384);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_SHA384_C)
/** /**
* \brief The SHA-384 checkup routine. * \brief The SHA-384 checkup routine.
* *
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_sha384_self_test( int verbose ); int mbedtls_sha384_self_test(int verbose);
#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_SHA384_C */
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C)
/** /**
* \brief The SHA-512 checkup routine. * \brief The SHA-512 checkup routine.
* *
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_sha512_self_test( int verbose ); int mbedtls_sha512_self_test(int verbose);
#endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_SHA512_C */
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

631
include/mbedtls/ssl.h
View File

File diff suppressed because it is too large Load Diff

22
include/mbedtls/ssl_cache.h
View File

@ -59,8 +59,7 @@ typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry;
/** /**
* \brief This structure is used for storing cache entries * \brief This structure is used for storing cache entries
*/ */
struct mbedtls_ssl_cache_entry struct mbedtls_ssl_cache_entry {
{
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
mbedtls_time_t MBEDTLS_PRIVATE(timestamp); /*!< entry timestamp */ mbedtls_time_t MBEDTLS_PRIVATE(timestamp); /*!< entry timestamp */
#endif #endif
@ -77,8 +76,7 @@ struct mbedtls_ssl_cache_entry
/** /**
* \brief Cache context * \brief Cache context
*/ */
struct mbedtls_ssl_cache_context struct mbedtls_ssl_cache_context {
{
mbedtls_ssl_cache_entry *MBEDTLS_PRIVATE(chain); /*!< start of the chain */ mbedtls_ssl_cache_entry *MBEDTLS_PRIVATE(chain); /*!< start of the chain */
int MBEDTLS_PRIVATE(timeout); /*!< cache entry timeout */ int MBEDTLS_PRIVATE(timeout); /*!< cache entry timeout */
int MBEDTLS_PRIVATE(max_entries); /*!< maximum entries */ int MBEDTLS_PRIVATE(max_entries); /*!< maximum entries */
@ -92,7 +90,7 @@ struct mbedtls_ssl_cache_context
* *
* \param cache SSL cache context * \param cache SSL cache context
*/ */
void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ); void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache);
/** /**
* \brief Cache get callback implementation * \brief Cache get callback implementation
@ -105,10 +103,10 @@ void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache );
* \param session The address at which to store the session * \param session The address at which to store the session
* associated with \p session_id, if present. * associated with \p session_id, if present.
*/ */
int mbedtls_ssl_cache_get( void *data, int mbedtls_ssl_cache_get(void *data,
unsigned char const *session_id, unsigned char const *session_id,
size_t session_id_len, size_t session_id_len,
mbedtls_ssl_session *session ); mbedtls_ssl_session *session);
/** /**
* \brief Cache set callback implementation * \brief Cache set callback implementation
@ -120,10 +118,10 @@ int mbedtls_ssl_cache_get( void *data,
* \param session_id_len The length of \p session_id in bytes. * \param session_id_len The length of \p session_id in bytes.
* \param session The session to store. * \param session The session to store.
*/ */
int mbedtls_ssl_cache_set( void *data, int mbedtls_ssl_cache_set(void *data,
unsigned char const *session_id, unsigned char const *session_id,
size_t session_id_len, size_t session_id_len,
const mbedtls_ssl_session *session ); const mbedtls_ssl_session *session);
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
/** /**
@ -135,7 +133,7 @@ int mbedtls_ssl_cache_set( void *data,
* \param cache SSL cache context * \param cache SSL cache context
* \param timeout cache entry timeout in seconds * \param timeout cache entry timeout in seconds
*/ */
void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ); void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout);
#endif /* MBEDTLS_HAVE_TIME */ #endif /* MBEDTLS_HAVE_TIME */
/** /**
@ -145,14 +143,14 @@ void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeou
* \param cache SSL cache context * \param cache SSL cache context
* \param max cache entry maximum * \param max cache entry maximum
*/ */
void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ); void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max);
/** /**
* \brief Free referenced items in a cache context and clear memory * \brief Free referenced items in a cache context and clear memory
* *
* \param cache SSL cache context * \param cache SSL cache context
*/ */
void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ); void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache);
#ifdef __cplusplus #ifdef __cplusplus
} }

100
include/mbedtls/ssl_ciphersuites.h
View File

@ -378,10 +378,9 @@ typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
* in order to pack structure and reduce memory usage by internal * in order to pack structure and reduce memory usage by internal
* \c ciphersuite_definitions[] * \c ciphersuite_definitions[]
*/ */
struct mbedtls_ssl_ciphersuite_t struct mbedtls_ssl_ciphersuite_t {
{
int MBEDTLS_PRIVATE(id); int MBEDTLS_PRIVATE(id);
const char * MBEDTLS_PRIVATE(name); const char *MBEDTLS_PRIVATE(name);
uint8_t MBEDTLS_PRIVATE(cipher); /* mbedtls_cipher_type_t */ uint8_t MBEDTLS_PRIVATE(cipher); /* mbedtls_cipher_type_t */
uint8_t MBEDTLS_PRIVATE(mac); /* mbedtls_md_type_t */ uint8_t MBEDTLS_PRIVATE(mac); /* mbedtls_md_type_t */
@ -392,103 +391,98 @@ struct mbedtls_ssl_ciphersuite_t
uint16_t MBEDTLS_PRIVATE(max_tls_version); /* mbedtls_ssl_protocol_version */ uint16_t MBEDTLS_PRIVATE(max_tls_version); /* mbedtls_ssl_protocol_version */
}; };
const int *mbedtls_ssl_list_ciphersuites( void ); const int *mbedtls_ssl_list_ciphersuites(void);
const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name ); const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(const char *ciphersuite_name);
const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id ); const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite_id);
#if defined(MBEDTLS_PK_C) #if defined(MBEDTLS_PK_C)
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ); mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info);
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg( const mbedtls_ssl_ciphersuite_t *info ); psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info);
psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage( const mbedtls_ssl_ciphersuite_t *info ); psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info);
#endif #endif
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ); mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info);
#endif #endif
int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ); int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info);
int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ); int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info);
static inline const char *mbedtls_ssl_ciphersuite_get_name( const mbedtls_ssl_ciphersuite_t *info ) static inline const char *mbedtls_ssl_ciphersuite_get_name(const mbedtls_ssl_ciphersuite_t *info)
{ {
return info->MBEDTLS_PRIVATE(name); return info->MBEDTLS_PRIVATE(name);
} }
size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen( const mbedtls_ssl_ciphersuite_t *info ); size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen(const mbedtls_ssl_ciphersuite_t *info);
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED)
static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_DHE_PSK: case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
case MBEDTLS_KEY_EXCHANGE_ECJPAKE: case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_PSK: case MBEDTLS_KEY_EXCHANGE_PSK:
case MBEDTLS_KEY_EXCHANGE_RSA_PSK: case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_RSA_PSK: case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
@ -496,56 +490,54 @@ static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphe
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED)
static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_DHE_PSK: case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_uses_server_signature(
const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */

13
include/mbedtls/ssl_cookie.h
View File

@ -53,8 +53,7 @@ extern "C" {
/** /**
* \brief Context for the default cookie functions. * \brief Context for the default cookie functions.
*/ */
typedef struct mbedtls_ssl_cookie_ctx typedef struct mbedtls_ssl_cookie_ctx {
{
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psa_hmac_key); /*!< key id for the HMAC portion */ mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psa_hmac_key); /*!< key id for the HMAC portion */
psa_algorithm_t MBEDTLS_PRIVATE(psa_hmac_alg); /*!< key algorithm for the HMAC portion */ psa_algorithm_t MBEDTLS_PRIVATE(psa_hmac_alg); /*!< key algorithm for the HMAC portion */
@ -77,14 +76,14 @@ typedef struct mbedtls_ssl_cookie_ctx
/** /**
* \brief Initialize cookie context * \brief Initialize cookie context
*/ */
void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ); void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx);
/** /**
* \brief Setup cookie context (generate keys) * \brief Setup cookie context (generate keys)
*/ */
int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Set expiration delay for cookies * \brief Set expiration delay for cookies
@ -95,12 +94,12 @@ int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
* issued in the meantime. * issued in the meantime.
* 0 to disable expiration (NOT recommended) * 0 to disable expiration (NOT recommended)
*/ */
void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ); void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay);
/** /**
* \brief Free cookie context * \brief Free cookie context
*/ */
void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ); void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx);
/** /**
* \brief Generate cookie, see \c mbedtls_ssl_cookie_write_t * \brief Generate cookie, see \c mbedtls_ssl_cookie_write_t

20
include/mbedtls/ssl_ticket.h
View File

@ -56,8 +56,7 @@ extern "C" {
/** /**
* \brief Information for session ticket protection * \brief Information for session ticket protection
*/ */
typedef struct mbedtls_ssl_ticket_key typedef struct mbedtls_ssl_ticket_key {
{
unsigned char MBEDTLS_PRIVATE(name)[MBEDTLS_SSL_TICKET_KEY_NAME_BYTES]; unsigned char MBEDTLS_PRIVATE(name)[MBEDTLS_SSL_TICKET_KEY_NAME_BYTES];
/*!< random key identifier */ /*!< random key identifier */
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
@ -77,15 +76,14 @@ mbedtls_ssl_ticket_key;
/** /**
* \brief Context for session ticket handling functions * \brief Context for session ticket handling functions
*/ */
typedef struct mbedtls_ssl_ticket_context typedef struct mbedtls_ssl_ticket_context {
{
mbedtls_ssl_ticket_key MBEDTLS_PRIVATE(keys)[2]; /*!< ticket protection keys */ mbedtls_ssl_ticket_key MBEDTLS_PRIVATE(keys)[2]; /*!< ticket protection keys */
unsigned char MBEDTLS_PRIVATE(active); /*!< index of the currently active key */ unsigned char MBEDTLS_PRIVATE(active); /*!< index of the currently active key */
uint32_t MBEDTLS_PRIVATE(ticket_lifetime); /*!< lifetime of tickets in seconds */ uint32_t MBEDTLS_PRIVATE(ticket_lifetime); /*!< lifetime of tickets in seconds */
/** Callback for getting (pseudo-)random numbers */ /** Callback for getting (pseudo-)random numbers */
int (*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t); int(*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_rng); /*!< context for the RNG function */ void *MBEDTLS_PRIVATE(p_rng); /*!< context for the RNG function */
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
@ -101,7 +99,7 @@ mbedtls_ssl_ticket_context;
* *
* \param ctx Context to be initialized * \param ctx Context to be initialized
*/ */
void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ); void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx);
/** /**
* \brief Prepare context to be actually used * \brief Prepare context to be actually used
@ -125,10 +123,10 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx );
* \return 0 if successful, * \return 0 if successful,
* or a specific MBEDTLS_ERR_XXX error code * or a specific MBEDTLS_ERR_XXX error code
*/ */
int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_cipher_type_t cipher, mbedtls_cipher_type_t cipher,
uint32_t lifetime ); uint32_t lifetime);
/** /**
* \brief Rotate session ticket encryption key to new specified key. * \brief Rotate session ticket encryption key to new specified key.
@ -162,10 +160,10 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
* \return 0 if successful, * \return 0 if successful,
* or a specific MBEDTLS_ERR_XXX error code * or a specific MBEDTLS_ERR_XXX error code
*/ */
int mbedtls_ssl_ticket_rotate( mbedtls_ssl_ticket_context *ctx, int mbedtls_ssl_ticket_rotate(mbedtls_ssl_ticket_context *ctx,
const unsigned char *name, size_t nlength, const unsigned char *name, size_t nlength,
const unsigned char *k, size_t klength, const unsigned char *k, size_t klength,
uint32_t lifetime ); uint32_t lifetime);
/** /**
* \brief Implementation of the ticket write callback * \brief Implementation of the ticket write callback
@ -186,7 +184,7 @@ mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
* *
* \param ctx Context to be cleaned up * \param ctx Context to be cleaned up
*/ */
void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx ); void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx);
#ifdef __cplusplus #ifdef __cplusplus
} }

21
include/mbedtls/threading.h
View File

@ -38,8 +38,7 @@ extern "C" {
#if defined(MBEDTLS_THREADING_PTHREAD) #if defined(MBEDTLS_THREADING_PTHREAD)
#include <pthread.h> #include <pthread.h>
typedef struct mbedtls_threading_mutex_t typedef struct mbedtls_threading_mutex_t {
{
pthread_mutex_t MBEDTLS_PRIVATE(mutex); pthread_mutex_t MBEDTLS_PRIVATE(mutex);
/* is_valid is 0 after a failed init or a free, and nonzero after a /* is_valid is 0 after a failed init or a free, and nonzero after a
* successful init. This field is not considered part of the public * successful init. This field is not considered part of the public
@ -70,15 +69,15 @@ typedef struct mbedtls_threading_mutex_t
* \param mutex_lock the lock function implementation * \param mutex_lock the lock function implementation
* \param mutex_unlock the unlock function implementation * \param mutex_unlock the unlock function implementation
*/ */
void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ), void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *),
void (*mutex_free)( mbedtls_threading_mutex_t * ), void (*mutex_free)(mbedtls_threading_mutex_t *),
int (*mutex_lock)( mbedtls_threading_mutex_t * ), int (*mutex_lock)(mbedtls_threading_mutex_t *),
int (*mutex_unlock)( mbedtls_threading_mutex_t * ) ); int (*mutex_unlock)(mbedtls_threading_mutex_t *));
/** /**
* \brief Free global mutexes. * \brief Free global mutexes.
*/ */
void mbedtls_threading_free_alt( void ); void mbedtls_threading_free_alt(void);
#endif /* MBEDTLS_THREADING_ALT */ #endif /* MBEDTLS_THREADING_ALT */
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
@ -87,10 +86,10 @@ void mbedtls_threading_free_alt( void );
* *
* All these functions are expected to work or the result will be undefined. * All these functions are expected to work or the result will be undefined.
*/ */
extern void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t *mutex ); extern void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *mutex);
extern void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t *mutex ); extern void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *mutex);
extern int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t *mutex ); extern int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *mutex);
extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex ); extern int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *mutex);
/* /*
* Global mutexes * Global mutexes

14
include/mbedtls/timing.h
View File

@ -38,16 +38,14 @@ extern "C" {
/** /**
* \brief timer structure * \brief timer structure
*/ */
struct mbedtls_timing_hr_time struct mbedtls_timing_hr_time {
{
unsigned char MBEDTLS_PRIVATE(opaque)[32]; unsigned char MBEDTLS_PRIVATE(opaque)[32];
}; };
/** /**
* \brief Context for mbedtls_timing_set/get_delay() * \brief Context for mbedtls_timing_set/get_delay()
*/ */
typedef struct mbedtls_timing_delay_context typedef struct mbedtls_timing_delay_context {
{
struct mbedtls_timing_hr_time MBEDTLS_PRIVATE(timer); struct mbedtls_timing_hr_time MBEDTLS_PRIVATE(timer);
uint32_t MBEDTLS_PRIVATE(int_ms); uint32_t MBEDTLS_PRIVATE(int_ms);
uint32_t MBEDTLS_PRIVATE(fin_ms); uint32_t MBEDTLS_PRIVATE(fin_ms);
@ -58,7 +56,7 @@ typedef struct mbedtls_timing_delay_context
#endif /* MBEDTLS_TIMING_ALT */ #endif /* MBEDTLS_TIMING_ALT */
/* Internal use */ /* Internal use */
unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ); unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset);
/** /**
* \brief Set a pair of delays to watch * \brief Set a pair of delays to watch
@ -74,7 +72,7 @@ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int
* \note To set a single delay, either use \c mbedtls_timing_set_timer * \note To set a single delay, either use \c mbedtls_timing_set_timer
* directly or use this function with int_ms == fin_ms. * directly or use this function with int_ms == fin_ms.
*/ */
void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ); void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms);
/** /**
* \brief Get the status of delays * \brief Get the status of delays
@ -88,7 +86,7 @@ void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms );
* 1 if only the intermediate delay is passed, * 1 if only the intermediate delay is passed,
* 2 if the final delay is passed. * 2 if the final delay is passed.
*/ */
int mbedtls_timing_get_delay( void *data ); int mbedtls_timing_get_delay(void *data);
/** /**
* \brief Get the final timing delay * \brief Get the final timing delay
@ -99,7 +97,7 @@ int mbedtls_timing_get_delay( void *data );
* \return Final timing delay in milliseconds. * \return Final timing delay in milliseconds.
*/ */
uint32_t mbedtls_timing_get_final_delay( uint32_t mbedtls_timing_get_final_delay(
const mbedtls_timing_delay_context *data ); const mbedtls_timing_delay_context *data);
#ifdef __cplusplus #ifdef __cplusplus
} }

8
include/mbedtls/version.h
View File

@ -41,7 +41,7 @@ extern "C" {
* \return The constructed version number in the format * \return The constructed version number in the format
* MMNNPP00 (Major, Minor, Patch). * MMNNPP00 (Major, Minor, Patch).
*/ */
unsigned int mbedtls_version_get_number( void ); unsigned int mbedtls_version_get_number(void);
/** /**
* Get the version string ("x.y.z"). * Get the version string ("x.y.z").
@ -49,7 +49,7 @@ unsigned int mbedtls_version_get_number( void );
* \param string The string that will receive the value. * \param string The string that will receive the value.
* (Should be at least 9 bytes in size) * (Should be at least 9 bytes in size)
*/ */
void mbedtls_version_get_string( char *string ); void mbedtls_version_get_string(char *string);
/** /**
* Get the full version string ("mbed TLS x.y.z"). * Get the full version string ("mbed TLS x.y.z").
@ -60,7 +60,7 @@ void mbedtls_version_get_string( char *string );
* (So the buffer should be at least 18 bytes to receive this * (So the buffer should be at least 18 bytes to receive this
* version string). * version string).
*/ */
void mbedtls_version_get_string_full( char *string ); void mbedtls_version_get_string_full(char *string);
/** /**
* \brief Check if support for a feature was compiled into this * \brief Check if support for a feature was compiled into this
@ -79,7 +79,7 @@ void mbedtls_version_get_string_full( char *string );
* -2 if support for feature checking as a whole was not * -2 if support for feature checking as a whole was not
* compiled in. * compiled in.
*/ */
int mbedtls_version_check_feature( const char *feature ); int mbedtls_version_check_feature(const char *feature);
#ifdef __cplusplus #ifdef __cplusplus
} }

84
include/mbedtls/x509.h
View File

@ -244,8 +244,7 @@ typedef mbedtls_asn1_named_data mbedtls_x509_name;
typedef mbedtls_asn1_sequence mbedtls_x509_sequence; typedef mbedtls_asn1_sequence mbedtls_x509_sequence;
/** Container for date and time (precision in seconds). */ /** Container for date and time (precision in seconds). */
typedef struct mbedtls_x509_time typedef struct mbedtls_x509_time {
{
int year, mon, day; /**< Date. */ int year, mon, day; /**< Date. */
int hour, min, sec; /**< Time. */ int hour, min, sec; /**< Time. */
} }
@ -264,7 +263,7 @@ mbedtls_x509_time;
* \return The length of the string written (not including the * \return The length of the string written (not including the
* terminated nul byte), or a negative error code. * terminated nul byte), or a negative error code.
*/ */
int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ); int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn);
/** /**
* \brief Return the next relative DN in an X509 name. * \brief Return the next relative DN in an X509 name.
@ -277,12 +276,13 @@ int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn );
* \return Pointer to the first attribute-value pair of the * \return Pointer to the first attribute-value pair of the
* next RDN in sequence, or NULL if end is reached. * next RDN in sequence, or NULL if end is reached.
*/ */
static inline mbedtls_x509_name * mbedtls_x509_dn_get_next( static inline mbedtls_x509_name *mbedtls_x509_dn_get_next(
mbedtls_x509_name * dn ) mbedtls_x509_name *dn)
{ {
while( dn->MBEDTLS_PRIVATE(next_merged) && dn->next != NULL ) while (dn->MBEDTLS_PRIVATE(next_merged) && dn->next != NULL) {
dn = dn->next; dn = dn->next;
return( dn->next ); }
return dn->next;
} }
/** /**
@ -296,7 +296,7 @@ static inline mbedtls_x509_name * mbedtls_x509_dn_get_next(
* \return The length of the string written (not including the * \return The length of the string written (not including the
* terminated nul byte), or a negative error code. * terminated nul byte), or a negative error code.
*/ */
int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ); int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial);
/** /**
* \brief Check a given mbedtls_x509_time against the system time * \brief Check a given mbedtls_x509_time against the system time
@ -310,7 +310,7 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se
* \return 1 if the given time is in the past or an error occurred, * \return 1 if the given time is in the past or an error occurred,
* 0 otherwise. * 0 otherwise.
*/ */
int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ); int mbedtls_x509_time_is_past(const mbedtls_x509_time *to);
/** /**
* \brief Check a given mbedtls_x509_time against the system time * \brief Check a given mbedtls_x509_time against the system time
@ -324,7 +324,7 @@ int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
* \return 1 if the given time is in the future or an error occurred, * \return 1 if the given time is in the future or an error occurred,
* 0 otherwise. * 0 otherwise.
*/ */
int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ); int mbedtls_x509_time_is_future(const mbedtls_x509_time *from);
/** \} addtogroup x509_module */ /** \} addtogroup x509_module */
@ -332,53 +332,53 @@ int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
* Internal module functions. You probably do not want to use these unless you * Internal module functions. You probably do not want to use these unless you
* know you do. * know you do.
*/ */
int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end,
mbedtls_x509_name *cur ); mbedtls_x509_name *cur);
int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *alg ); mbedtls_x509_buf *alg);
int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *alg, mbedtls_x509_buf *params ); mbedtls_x509_buf *alg, mbedtls_x509_buf *params);
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params,
mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
int *salt_len ); int *salt_len);
#endif #endif
int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ); int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig);
int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
void **sig_opts ); void **sig_opts);
int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end,
mbedtls_x509_time *t ); mbedtls_x509_time *t);
int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *serial ); mbedtls_x509_buf *serial);
int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *ext, int tag ); mbedtls_x509_buf *ext, int tag);
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
const void *sig_opts ); const void *sig_opts);
#endif #endif
int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ); int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name);
int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ); int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name);
int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
int critical, const unsigned char *val, int critical, const unsigned char *val,
size_t val_len ); size_t val_len);
int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start, int mbedtls_x509_write_extensions(unsigned char **p, unsigned char *start,
mbedtls_asn1_named_data *first ); mbedtls_asn1_named_data *first);
int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, int mbedtls_x509_write_names(unsigned char **p, unsigned char *start,
mbedtls_asn1_named_data *first ); mbedtls_asn1_named_data *first);
int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start, int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
unsigned char *sig, size_t size ); unsigned char *sig, size_t size);
#define MBEDTLS_X509_SAFE_SNPRINTF \ #define MBEDTLS_X509_SAFE_SNPRINTF \
do { \ do { \
if( ret < 0 || (size_t) ret >= n ) \ if (ret < 0 || (size_t) ret >= n) \
return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); \ return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; \
\ \
n -= (size_t) ret; \ n -= (size_t) ret; \
p += (size_t) ret; \ p += (size_t) ret; \
} while( 0 ) } while (0)
#ifdef __cplusplus #ifdef __cplusplus
} }

22
include/mbedtls/x509_crl.h
View File

@ -48,8 +48,7 @@ extern "C" {
* them except via Mbed TLS library functions: the effect of modifying * them except via Mbed TLS library functions: the effect of modifying
* those fields or the data that those fields points to is unspecified. * those fields or the data that those fields points to is unspecified.
*/ */
typedef struct mbedtls_x509_crl_entry typedef struct mbedtls_x509_crl_entry {
{
/** Direct access to the whole entry inside the containing buffer. */ /** Direct access to the whole entry inside the containing buffer. */
mbedtls_x509_buf raw; mbedtls_x509_buf raw;
/** The serial number of the revoked certificate. */ /** The serial number of the revoked certificate. */
@ -74,8 +73,7 @@ mbedtls_x509_crl_entry;
* Certificate revocation list structure. * Certificate revocation list structure.
* Every CRL may have multiple entries. * Every CRL may have multiple entries.
*/ */
typedef struct mbedtls_x509_crl typedef struct mbedtls_x509_crl {
{
mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ mbedtls_x509_buf raw; /**< The raw certificate data (DER). */
mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
@ -116,8 +114,8 @@ mbedtls_x509_crl;
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain,
const unsigned char *buf, size_t buflen ); const unsigned char *buf, size_t buflen);
/** /**
* \brief Parse one or more CRLs and append them to the chained list * \brief Parse one or more CRLs and append them to the chained list
* *
@ -130,7 +128,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ); int mbedtls_x509_crl_parse(mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -143,7 +141,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
@ -158,8 +156,8 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path );
* \return The length of the string written (not including the * \return The length of the string written (not including the
* terminated nul byte), or a negative error code. * terminated nul byte), or a negative error code.
*/ */
int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, int mbedtls_x509_crl_info(char *buf, size_t size, const char *prefix,
const mbedtls_x509_crl *crl ); const mbedtls_x509_crl *crl);
#endif /* !MBEDTLS_X509_REMOVE_INFO */ #endif /* !MBEDTLS_X509_REMOVE_INFO */
/** /**
@ -167,14 +165,14 @@ int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
* *
* \param crl CRL chain to initialize * \param crl CRL chain to initialize
*/ */
void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ); void mbedtls_x509_crl_init(mbedtls_x509_crl *crl);
/** /**
* \brief Unallocate all CRL data * \brief Unallocate all CRL data
* *
* \param crl CRL chain to free * \param crl CRL chain to free
*/ */
void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ); void mbedtls_x509_crl_free(mbedtls_x509_crl *crl);
/** \} name Structures and functions for parsing CRLs */ /** \} name Structures and functions for parsing CRLs */
/** \} addtogroup x509_module */ /** \} addtogroup x509_module */

247
include/mbedtls/x509_crt.h
View File

@ -51,8 +51,7 @@ extern "C" {
* them except via Mbed TLS library functions: the effect of modifying * them except via Mbed TLS library functions: the effect of modifying
* those fields or the data that those fields points to is unspecified. * those fields or the data that those fields points to is unspecified.
*/ */
typedef struct mbedtls_x509_crt typedef struct mbedtls_x509_crt {
{
int MBEDTLS_PRIVATE(own_buffer); /**< Indicates if \c raw is owned int MBEDTLS_PRIVATE(own_buffer); /**< Indicates if \c raw is owned
* by the structure or not. */ * by the structure or not. */
mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ mbedtls_x509_buf raw; /**< The raw certificate data (DER). */
@ -112,24 +111,21 @@ mbedtls_x509_crt;
* Future versions of the library may add new fields to this structure or * Future versions of the library may add new fields to this structure or
* to its embedded union and structure. * to its embedded union and structure.
*/ */
typedef struct mbedtls_x509_san_other_name typedef struct mbedtls_x509_san_other_name {
{
/** /**
* The type_id is an OID as defined in RFC 5280. * The type_id is an OID as defined in RFC 5280.
* To check the value of the type id, you should use * To check the value of the type id, you should use
* \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf. * \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf.
*/ */
mbedtls_x509_buf type_id; /**< The type id. */ mbedtls_x509_buf type_id; /**< The type id. */
union union {
{
/** /**
* From RFC 4108 section 5: * From RFC 4108 section 5:
* HardwareModuleName ::= SEQUENCE { * HardwareModuleName ::= SEQUENCE {
* hwType OBJECT IDENTIFIER, * hwType OBJECT IDENTIFIER,
* hwSerialNum OCTET STRING } * hwSerialNum OCTET STRING }
*/ */
struct struct {
{
mbedtls_x509_buf oid; /**< The object identifier. */ mbedtls_x509_buf oid; /**< The object identifier. */
mbedtls_x509_buf val; /**< The named value. */ mbedtls_x509_buf val; /**< The named value. */
} }
@ -146,8 +142,7 @@ mbedtls_x509_san_other_name;
* Future versions of the library may add new fields to this structure or * Future versions of the library may add new fields to this structure or
* to its embedded union and structure. * to its embedded union and structure.
*/ */
typedef struct mbedtls_x509_subject_alternative_name typedef struct mbedtls_x509_subject_alternative_name {
{
int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */ int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */
union { union {
mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */ mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */
@ -161,7 +156,7 @@ mbedtls_x509_subject_alternative_name;
* Build flag from an algorithm/curve identifier (pk, md, ecp) * Build flag from an algorithm/curve identifier (pk, md, ecp)
* Since 0 is always XXX_NONE, ignore it. * Since 0 is always XXX_NONE, ignore it.
*/ */
#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( (id) - 1 ) ) #define MBEDTLS_X509_ID_FLAG(id) (1 << ((id) - 1))
/** /**
* Security profile for certificate verification. * Security profile for certificate verification.
@ -188,8 +183,7 @@ mbedtls_x509_subject_alternative_name;
* my_profile.allowed_pks = MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA ); * my_profile.allowed_pks = MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA );
* my_profile.rsa_min_bitlen = 3072; * my_profile.rsa_min_bitlen = 3072;
*/ */
typedef struct mbedtls_x509_crt_profile typedef struct mbedtls_x509_crt_profile {
{
uint32_t allowed_mds; /**< MDs for signatures */ uint32_t allowed_mds; /**< MDs for signatures */
uint32_t allowed_pks; /**< PK algs for public keys; uint32_t allowed_pks; /**< PK algs for public keys;
* this applies to all certificates * this applies to all certificates
@ -206,7 +200,7 @@ mbedtls_x509_crt_profile;
#define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32 #define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32
#define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15 #define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15
#if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN ) #if !defined(MBEDTLS_X509_MAX_FILE_PATH_LEN)
#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 #define MBEDTLS_X509_MAX_FILE_PATH_LEN 512
#endif #endif
@ -217,72 +211,71 @@ mbedtls_x509_crt_profile;
* where X509_CRT_ERROR_INFO is defined by the user. * where X509_CRT_ERROR_INFO is defined by the user.
* See x509_crt.c for an example of how to use this. */ * See x509_crt.c for an example of how to use this. */
#define MBEDTLS_X509_CRT_ERROR_INFO_LIST \ #define MBEDTLS_X509_CRT_ERROR_INFO_LIST \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_EXPIRED, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_EXPIRED, \
"MBEDTLS_X509_BADCERT_EXPIRED", \ "MBEDTLS_X509_BADCERT_EXPIRED", \
"The certificate validity has expired" ) \ "The certificate validity has expired") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_REVOKED, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_REVOKED, \
"MBEDTLS_X509_BADCERT_REVOKED", \ "MBEDTLS_X509_BADCERT_REVOKED", \
"The certificate has been revoked (is on a CRL)" ) \ "The certificate has been revoked (is on a CRL)") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_CN_MISMATCH, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_CN_MISMATCH, \
"MBEDTLS_X509_BADCERT_CN_MISMATCH", \ "MBEDTLS_X509_BADCERT_CN_MISMATCH", \
"The certificate Common Name (CN) does not match with the expected CN" ) \ "The certificate Common Name (CN) does not match with the expected CN") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_NOT_TRUSTED, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_NOT_TRUSTED, \
"MBEDTLS_X509_BADCERT_NOT_TRUSTED", \ "MBEDTLS_X509_BADCERT_NOT_TRUSTED", \
"The certificate is not correctly signed by the trusted CA" ) \ "The certificate is not correctly signed by the trusted CA") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_NOT_TRUSTED, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_NOT_TRUSTED, \
"MBEDTLS_X509_BADCRL_NOT_TRUSTED", \ "MBEDTLS_X509_BADCRL_NOT_TRUSTED", \
"The CRL is not correctly signed by the trusted CA" ) \ "The CRL is not correctly signed by the trusted CA") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_EXPIRED, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_EXPIRED, \
"MBEDTLS_X509_BADCRL_EXPIRED", \ "MBEDTLS_X509_BADCRL_EXPIRED", \
"The CRL is expired" ) \ "The CRL is expired") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_MISSING, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_MISSING, \
"MBEDTLS_X509_BADCERT_MISSING", \ "MBEDTLS_X509_BADCERT_MISSING", \
"Certificate was missing" ) \ "Certificate was missing") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_SKIP_VERIFY, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_SKIP_VERIFY, \
"MBEDTLS_X509_BADCERT_SKIP_VERIFY", \ "MBEDTLS_X509_BADCERT_SKIP_VERIFY", \
"Certificate verification was skipped" ) \ "Certificate verification was skipped") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_OTHER, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_OTHER, \
"MBEDTLS_X509_BADCERT_OTHER", \ "MBEDTLS_X509_BADCERT_OTHER", \
"Other reason (can be used by verify callback)" ) \ "Other reason (can be used by verify callback)") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_FUTURE, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_FUTURE, \
"MBEDTLS_X509_BADCERT_FUTURE", \ "MBEDTLS_X509_BADCERT_FUTURE", \
"The certificate validity starts in the future" ) \ "The certificate validity starts in the future") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_FUTURE, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_FUTURE, \
"MBEDTLS_X509_BADCRL_FUTURE", \ "MBEDTLS_X509_BADCRL_FUTURE", \
"The CRL is from the future" ) \ "The CRL is from the future") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_KEY_USAGE, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_KEY_USAGE, \
"MBEDTLS_X509_BADCERT_KEY_USAGE", \ "MBEDTLS_X509_BADCERT_KEY_USAGE", \
"Usage does not match the keyUsage extension" ) \ "Usage does not match the keyUsage extension") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, \
"MBEDTLS_X509_BADCERT_EXT_KEY_USAGE", \ "MBEDTLS_X509_BADCERT_EXT_KEY_USAGE", \
"Usage does not match the extendedKeyUsage extension" ) \ "Usage does not match the extendedKeyUsage extension") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_NS_CERT_TYPE, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_NS_CERT_TYPE, \
"MBEDTLS_X509_BADCERT_NS_CERT_TYPE", \ "MBEDTLS_X509_BADCERT_NS_CERT_TYPE", \
"Usage does not match the nsCertType extension" ) \ "Usage does not match the nsCertType extension") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_MD, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_BAD_MD, \
"MBEDTLS_X509_BADCERT_BAD_MD", \ "MBEDTLS_X509_BADCERT_BAD_MD", \
"The certificate is signed with an unacceptable hash." ) \ "The certificate is signed with an unacceptable hash.") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_PK, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_BAD_PK, \
"MBEDTLS_X509_BADCERT_BAD_PK", \ "MBEDTLS_X509_BADCERT_BAD_PK", \
"The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." ) \ "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA).") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_KEY, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_BAD_KEY, \
"MBEDTLS_X509_BADCERT_BAD_KEY", \ "MBEDTLS_X509_BADCERT_BAD_KEY", \
"The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." ) \ "The certificate is signed with an unacceptable key (eg bad curve, RSA too short).") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_MD, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_BAD_MD, \
"MBEDTLS_X509_BADCRL_BAD_MD", \ "MBEDTLS_X509_BADCRL_BAD_MD", \
"The CRL is signed with an unacceptable hash." ) \ "The CRL is signed with an unacceptable hash.") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_PK, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_BAD_PK, \
"MBEDTLS_X509_BADCRL_BAD_PK", \ "MBEDTLS_X509_BADCRL_BAD_PK", \
"The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." ) \ "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA).") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_KEY, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_BAD_KEY, \
"MBEDTLS_X509_BADCRL_BAD_KEY", \ "MBEDTLS_X509_BADCRL_BAD_KEY", \
"The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." ) "The CRL is signed with an unacceptable key (eg bad curve, RSA too short).")
/** /**
* Container for writing a certificate (CRT) * Container for writing a certificate (CRT)
*/ */
typedef struct mbedtls_x509write_cert typedef struct mbedtls_x509write_cert {
{
int MBEDTLS_PRIVATE(version); int MBEDTLS_PRIVATE(version);
mbedtls_mpi MBEDTLS_PRIVATE(serial); mbedtls_mpi MBEDTLS_PRIVATE(serial);
mbedtls_pk_context *MBEDTLS_PRIVATE(subject_key); mbedtls_pk_context *MBEDTLS_PRIVATE(subject_key);
@ -307,13 +300,12 @@ typedef struct {
/** /**
* Max size of verification chain: end-entity + intermediates + trusted root * Max size of verification chain: end-entity + intermediates + trusted root
*/ */
#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) #define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE (MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2)
/** /**
* Verification chain as built by \c mbedtls_crt_verify_chain() * Verification chain as built by \c mbedtls_crt_verify_chain()
*/ */
typedef struct typedef struct {
{
mbedtls_x509_crt_verify_chain_item MBEDTLS_PRIVATE(items)[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE]; mbedtls_x509_crt_verify_chain_item MBEDTLS_PRIVATE(items)[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE];
unsigned MBEDTLS_PRIVATE(len); unsigned MBEDTLS_PRIVATE(len);
@ -331,8 +323,7 @@ typedef struct
/** /**
* \brief Context for resuming X.509 verify operations * \brief Context for resuming X.509 verify operations
*/ */
typedef struct typedef struct {
{
/* for check_signature() */ /* for check_signature() */
mbedtls_pk_restart_ctx MBEDTLS_PRIVATE(pk); mbedtls_pk_restart_ctx MBEDTLS_PRIVATE(pk);
@ -415,9 +406,9 @@ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_none;
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, int mbedtls_x509_crt_parse_der(mbedtls_x509_crt *chain,
const unsigned char *buf, const unsigned char *buf,
size_t buflen ); size_t buflen);
/** /**
* \brief The type of certificate extension callbacks. * \brief The type of certificate extension callbacks.
@ -449,12 +440,12 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx, typedef int (*mbedtls_x509_crt_ext_cb_t)(void *p_ctx,
mbedtls_x509_crt const *crt, mbedtls_x509_crt const *crt,
mbedtls_x509_buf const *oid, mbedtls_x509_buf const *oid,
int critical, int critical,
const unsigned char *p, const unsigned char *p,
const unsigned char *end ); const unsigned char *end);
/** /**
* \brief Parse a single DER formatted certificate and add it * \brief Parse a single DER formatted certificate and add it
@ -496,12 +487,12 @@ typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain, int mbedtls_x509_crt_parse_der_with_ext_cb(mbedtls_x509_crt *chain,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
int make_copy, int make_copy,
mbedtls_x509_crt_ext_cb_t cb, mbedtls_x509_crt_ext_cb_t cb,
void *p_ctx ); void *p_ctx);
/** /**
* \brief Parse a single DER formatted certificate and add it * \brief Parse a single DER formatted certificate and add it
@ -530,9 +521,9 @@ int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, int mbedtls_x509_crt_parse_der_nocopy(mbedtls_x509_crt *chain,
const unsigned char *buf, const unsigned char *buf,
size_t buflen ); size_t buflen);
/** /**
* \brief Parse one DER-encoded or one or more concatenated PEM-encoded * \brief Parse one DER-encoded or one or more concatenated PEM-encoded
@ -564,7 +555,7 @@ int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain,
* \return A negative X509 or PEM error code otherwise. * \return A negative X509 or PEM error code otherwise.
* *
*/ */
int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ); int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -580,7 +571,7 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, s
* \return 0 if all certificates parsed successfully, a positive number * \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code * if partly successful or a specific X509 or PEM error code
*/ */
int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ); int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path);
/** /**
* \brief Load one or more certificate files from a path and add them * \brief Load one or more certificate files from a path and add them
@ -595,7 +586,7 @@ int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path );
* \return 0 if all certificates parsed successfully, a positive number * \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code * if partly successful or a specific X509 or PEM error code
*/ */
int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
/** /**
@ -625,8 +616,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
* SAN type. * SAN type.
* \return Another negative value for any other failure. * \return Another negative value for any other failure.
*/ */
int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf,
mbedtls_x509_subject_alternative_name *san ); mbedtls_x509_subject_alternative_name *san);
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
/** /**
@ -641,8 +632,8 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf,
* \return The length of the string written (not including the * \return The length of the string written (not including the
* terminated nul byte), or a negative error code. * terminated nul byte), or a negative error code.
*/ */
int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix,
const mbedtls_x509_crt *crt ); const mbedtls_x509_crt *crt);
/** /**
* \brief Returns an informational string about the * \brief Returns an informational string about the
@ -656,8 +647,8 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
* \return The length of the string written (not including the * \return The length of the string written (not including the
* terminated nul byte), or a negative error code. * terminated nul byte), or a negative error code.
*/ */
int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, int mbedtls_x509_crt_verify_info(char *buf, size_t size, const char *prefix,
uint32_t flags ); uint32_t flags);
#endif /* !MBEDTLS_X509_REMOVE_INFO */ #endif /* !MBEDTLS_X509_REMOVE_INFO */
/** /**
@ -726,12 +717,12 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
* \return Another negative error code in case of a fatal error * \return Another negative error code in case of a fatal error
* encountered during the verification process. * encountered during the verification process.
*/ */
int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt,
mbedtls_x509_crt *trust_ca, mbedtls_x509_crt *trust_ca,
mbedtls_x509_crl *ca_crl, mbedtls_x509_crl *ca_crl,
const char *cn, uint32_t *flags, const char *cn, uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy ); void *p_vrfy);
/** /**
* \brief Verify a chain of certificates with respect to * \brief Verify a chain of certificates with respect to
@ -767,13 +758,13 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
* \return Another negative error code in case of a fatal error * \return Another negative error code in case of a fatal error
* encountered during the verification process. * encountered during the verification process.
*/ */
int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, int mbedtls_x509_crt_verify_with_profile(mbedtls_x509_crt *crt,
mbedtls_x509_crt *trust_ca, mbedtls_x509_crt *trust_ca,
mbedtls_x509_crl *ca_crl, mbedtls_x509_crl *ca_crl,
const mbedtls_x509_crt_profile *profile, const mbedtls_x509_crt_profile *profile,
const char *cn, uint32_t *flags, const char *cn, uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy ); void *p_vrfy);
/** /**
* \brief Restartable version of \c mbedtls_crt_verify_with_profile() * \brief Restartable version of \c mbedtls_crt_verify_with_profile()
@ -801,14 +792,14 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
*/ */
int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt,
mbedtls_x509_crt *trust_ca, mbedtls_x509_crt *trust_ca,
mbedtls_x509_crl *ca_crl, mbedtls_x509_crl *ca_crl,
const mbedtls_x509_crt_profile *profile, const mbedtls_x509_crt_profile *profile,
const char *cn, uint32_t *flags, const char *cn, uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy, void *p_vrfy,
mbedtls_x509_crt_restart_ctx *rs_ctx ); mbedtls_x509_crt_restart_ctx *rs_ctx);
/** /**
* \brief The type of trusted certificate callbacks. * \brief The type of trusted certificate callbacks.
@ -840,9 +831,9 @@ int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
* to the caller. * to the caller.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx, typedef int (*mbedtls_x509_crt_ca_cb_t)(void *p_ctx,
mbedtls_x509_crt const *child, mbedtls_x509_crt const *child,
mbedtls_x509_crt **candidate_cas ); mbedtls_x509_crt **candidate_cas);
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
/** /**
@ -867,13 +858,13 @@ typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx,
* *
* \return See \c mbedtls_crt_verify_with_profile(). * \return See \c mbedtls_crt_verify_with_profile().
*/ */
int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, int mbedtls_x509_crt_verify_with_ca_cb(mbedtls_x509_crt *crt,
mbedtls_x509_crt_ca_cb_t f_ca_cb, mbedtls_x509_crt_ca_cb_t f_ca_cb,
void *p_ca_cb, void *p_ca_cb,
const mbedtls_x509_crt_profile *profile, const mbedtls_x509_crt_profile *profile,
const char *cn, uint32_t *flags, const char *cn, uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy ); void *p_vrfy);
#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
@ -898,8 +889,8 @@ int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt,
* (intermediate) CAs the keyUsage extension is automatically * (intermediate) CAs the keyUsage extension is automatically
* checked by \c mbedtls_x509_crt_verify(). * checked by \c mbedtls_x509_crt_verify().
*/ */
int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, int mbedtls_x509_crt_check_key_usage(const mbedtls_x509_crt *crt,
unsigned int usage ); unsigned int usage);
/** /**
* \brief Check usage of certificate against extendedKeyUsage. * \brief Check usage of certificate against extendedKeyUsage.
@ -914,9 +905,9 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
* *
* \note Usually only makes sense on leaf certificates. * \note Usually only makes sense on leaf certificates.
*/ */
int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, int mbedtls_x509_crt_check_extended_key_usage(const mbedtls_x509_crt *crt,
const char *usage_oid, const char *usage_oid,
size_t usage_len ); size_t usage_len);
#if defined(MBEDTLS_X509_CRL_PARSE_C) #if defined(MBEDTLS_X509_CRL_PARSE_C)
/** /**
@ -928,7 +919,7 @@ int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
* \return 1 if the certificate is revoked, 0 otherwise * \return 1 if the certificate is revoked, 0 otherwise
* *
*/ */
int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ); int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl);
#endif /* MBEDTLS_X509_CRL_PARSE_C */ #endif /* MBEDTLS_X509_CRL_PARSE_C */
/** /**
@ -936,25 +927,25 @@ int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509
* *
* \param crt Certificate chain to initialize * \param crt Certificate chain to initialize
*/ */
void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ); void mbedtls_x509_crt_init(mbedtls_x509_crt *crt);
/** /**
* \brief Unallocate all certificate data * \brief Unallocate all certificate data
* *
* \param crt Certificate chain to free * \param crt Certificate chain to free
*/ */
void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ); void mbedtls_x509_crt_free(mbedtls_x509_crt *crt);
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
* \brief Initialize a restart context * \brief Initialize a restart context
*/ */
void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ); void mbedtls_x509_crt_restart_init(mbedtls_x509_crt_restart_ctx *ctx);
/** /**
* \brief Free the components of a restart context * \brief Free the components of a restart context
*/ */
void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ); void mbedtls_x509_crt_restart_free(mbedtls_x509_crt_restart_ctx *ctx);
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
#endif /* MBEDTLS_X509_CRT_PARSE_C */ #endif /* MBEDTLS_X509_CRT_PARSE_C */
@ -969,8 +960,8 @@ void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx );
* \return 0 if the given extension type is not present, * \return 0 if the given extension type is not present,
* non-zero otherwise * non-zero otherwise
*/ */
static inline int mbedtls_x509_crt_has_ext_type( const mbedtls_x509_crt *ctx, static inline int mbedtls_x509_crt_has_ext_type(const mbedtls_x509_crt *ctx,
int ext_type ) int ext_type)
{ {
return ctx->MBEDTLS_PRIVATE(ext_types) & ext_type; return ctx->MBEDTLS_PRIVATE(ext_types) & ext_type;
} }
@ -983,7 +974,7 @@ static inline int mbedtls_x509_crt_has_ext_type( const mbedtls_x509_crt *ctx,
* *
* \param ctx CRT context to initialize * \param ctx CRT context to initialize
*/ */
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ); void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx);
/** /**
* \brief Set the version for a Certificate * \brief Set the version for a Certificate
@ -993,7 +984,7 @@ void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx );
* \param version version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or * \param version version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or
* MBEDTLS_X509_CRT_VERSION_3) * MBEDTLS_X509_CRT_VERSION_3)
*/ */
void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version ); void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx, int version);
/** /**
* \brief Set the serial number for a Certificate. * \brief Set the serial number for a Certificate.
@ -1003,7 +994,7 @@ void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial ); int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial);
/** /**
* \brief Set the validity period for a Certificate * \brief Set the validity period for a Certificate
@ -1019,8 +1010,8 @@ int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls
* \return 0 if timestamp was parsed successfully, or * \return 0 if timestamp was parsed successfully, or
* a specific error code * a specific error code
*/ */
int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before, int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, const char *not_before,
const char *not_after ); const char *not_after);
/** /**
* \brief Set the issuer name for a Certificate * \brief Set the issuer name for a Certificate
@ -1034,8 +1025,8 @@ int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char
* \return 0 if issuer name was parsed successfully, or * \return 0 if issuer name was parsed successfully, or
* a specific error code * a specific error code
*/ */
int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx,
const char *issuer_name ); const char *issuer_name);
/** /**
* \brief Set the subject name for a Certificate * \brief Set the subject name for a Certificate
@ -1049,8 +1040,8 @@ int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
* \return 0 if subject name was parsed successfully, or * \return 0 if subject name was parsed successfully, or
* a specific error code * a specific error code
*/ */
int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_subject_name(mbedtls_x509write_cert *ctx,
const char *subject_name ); const char *subject_name);
/** /**
* \brief Set the subject public key for the certificate * \brief Set the subject public key for the certificate
@ -1058,7 +1049,7 @@ int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
* \param ctx CRT context to use * \param ctx CRT context to use
* \param key public key to include * \param key public key to include
*/ */
void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); void mbedtls_x509write_crt_set_subject_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key);
/** /**
* \brief Set the issuer key used for signing the certificate * \brief Set the issuer key used for signing the certificate
@ -1066,7 +1057,7 @@ void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls
* \param ctx CRT context to use * \param ctx CRT context to use
* \param key private key to sign with * \param key private key to sign with
*/ */
void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); void mbedtls_x509write_crt_set_issuer_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key);
/** /**
* \brief Set the MD algorithm to use for the signature * \brief Set the MD algorithm to use for the signature
@ -1075,7 +1066,7 @@ void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_
* \param ctx CRT context to use * \param ctx CRT context to use
* \param md_alg MD algorithm to use * \param md_alg MD algorithm to use
*/ */
void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg ); void mbedtls_x509write_crt_set_md_alg(mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg);
/** /**
* \brief Generic function to add to or replace an extension in the * \brief Generic function to add to or replace an extension in the
@ -1090,10 +1081,10 @@ void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_t
* *
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
int critical, int critical,
const unsigned char *val, size_t val_len ); const unsigned char *val, size_t val_len);
/** /**
* \brief Set the basicConstraints extension for a CRT * \brief Set the basicConstraints extension for a CRT
@ -1106,8 +1097,8 @@ int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
* *
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx,
int is_ca, int max_pathlen ); int is_ca, int max_pathlen);
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA) #if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
/** /**
@ -1119,7 +1110,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
* *
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ); int mbedtls_x509write_crt_set_subject_key_identifier(mbedtls_x509write_cert *ctx);
/** /**
* \brief Set the authorityKeyIdentifier extension for a CRT * \brief Set the authorityKeyIdentifier extension for a CRT
@ -1130,7 +1121,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct
* *
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ); int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *ctx);
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */ #endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
/** /**
@ -1142,8 +1133,8 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *
* *
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx,
unsigned int key_usage ); unsigned int key_usage);
/** /**
* \brief Set the Extended Key Usage Extension * \brief Set the Extended Key Usage Extension
@ -1155,8 +1146,8 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
* *
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_ext_key_usage( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_ext_key_usage(mbedtls_x509write_cert *ctx,
const mbedtls_asn1_sequence *exts ); const mbedtls_asn1_sequence *exts);
/** /**
* \brief Set the Netscape Cert Type flags * \brief Set the Netscape Cert Type flags
@ -1167,15 +1158,15 @@ int mbedtls_x509write_crt_set_ext_key_usage( mbedtls_x509write_cert *ctx,
* *
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_ns_cert_type(mbedtls_x509write_cert *ctx,
unsigned char ns_cert_type ); unsigned char ns_cert_type);
/** /**
* \brief Free the contents of a CRT write context * \brief Free the contents of a CRT write context
* *
* \param ctx CRT context to free * \param ctx CRT context to free
*/ */
void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ); void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx);
/** /**
* \brief Write a built up certificate to a X509 DER structure * \brief Write a built up certificate to a X509 DER structure
@ -1194,9 +1185,9 @@ void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx );
* *
* \note \p f_rng is used for the signature operation. * \note \p f_rng is used for the signature operation.
*/ */
int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#if defined(MBEDTLS_PEM_WRITE_C) #if defined(MBEDTLS_PEM_WRITE_C)
/** /**
@ -1212,9 +1203,9 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf,
* *
* \note \p f_rng is used for the signature operation. * \note \p f_rng is used for the signature operation.
*/ */
int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_X509_CRT_WRITE_C */ #endif /* MBEDTLS_X509_CRT_WRITE_C */

52
include/mbedtls/x509_csr.h
View File

@ -47,8 +47,7 @@ extern "C" {
* them except via Mbed TLS library functions: the effect of modifying * them except via Mbed TLS library functions: the effect of modifying
* those fields or the data that those fields point to is unspecified. * those fields or the data that those fields point to is unspecified.
*/ */
typedef struct mbedtls_x509_csr typedef struct mbedtls_x509_csr {
{
mbedtls_x509_buf raw; /**< The raw CSR data (DER). */ mbedtls_x509_buf raw; /**< The raw CSR data (DER). */
mbedtls_x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */ mbedtls_x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */
@ -70,8 +69,7 @@ mbedtls_x509_csr;
/** /**
* Container for writing a CSR * Container for writing a CSR
*/ */
typedef struct mbedtls_x509write_csr typedef struct mbedtls_x509write_csr {
{
mbedtls_pk_context *MBEDTLS_PRIVATE(key); mbedtls_pk_context *MBEDTLS_PRIVATE(key);
mbedtls_asn1_named_data *MBEDTLS_PRIVATE(subject); mbedtls_asn1_named_data *MBEDTLS_PRIVATE(subject);
mbedtls_md_type_t MBEDTLS_PRIVATE(md_alg); mbedtls_md_type_t MBEDTLS_PRIVATE(md_alg);
@ -91,8 +89,8 @@ mbedtls_x509write_csr;
* *
* \return 0 if successful, or a specific X509 error code * \return 0 if successful, or a specific X509 error code
*/ */
int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr,
const unsigned char *buf, size_t buflen ); const unsigned char *buf, size_t buflen);
/** /**
* \brief Load a Certificate Signing Request (CSR), DER or PEM format * \brief Load a Certificate Signing Request (CSR), DER or PEM format
@ -106,7 +104,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ); int mbedtls_x509_csr_parse(mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -119,7 +117,7 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); int mbedtls_x509_csr_parse_file(mbedtls_x509_csr *csr, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
@ -135,8 +133,8 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path );
* \return The length of the string written (not including the * \return The length of the string written (not including the
* terminated nul byte), or a negative error code. * terminated nul byte), or a negative error code.
*/ */
int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, int mbedtls_x509_csr_info(char *buf, size_t size, const char *prefix,
const mbedtls_x509_csr *csr ); const mbedtls_x509_csr *csr);
#endif /* !MBEDTLS_X509_REMOVE_INFO */ #endif /* !MBEDTLS_X509_REMOVE_INFO */
/** /**
@ -144,14 +142,14 @@ int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
* *
* \param csr CSR to initialize * \param csr CSR to initialize
*/ */
void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ); void mbedtls_x509_csr_init(mbedtls_x509_csr *csr);
/** /**
* \brief Unallocate all CSR data * \brief Unallocate all CSR data
* *
* \param csr CSR to free * \param csr CSR to free
*/ */
void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ); void mbedtls_x509_csr_free(mbedtls_x509_csr *csr);
#endif /* MBEDTLS_X509_CSR_PARSE_C */ #endif /* MBEDTLS_X509_CSR_PARSE_C */
/** \} name Structures and functions for X.509 Certificate Signing Requests (CSR) */ /** \} name Structures and functions for X.509 Certificate Signing Requests (CSR) */
@ -162,7 +160,7 @@ void mbedtls_x509_csr_free( mbedtls_x509_csr *csr );
* *
* \param ctx CSR context to initialize * \param ctx CSR context to initialize
*/ */
void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ); void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx);
/** /**
* \brief Set the subject name for a CSR * \brief Set the subject name for a CSR
@ -176,8 +174,8 @@ void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx );
* \return 0 if subject name was parsed successfully, or * \return 0 if subject name was parsed successfully, or
* a specific error code * a specific error code
*/ */
int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, int mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr *ctx,
const char *subject_name ); const char *subject_name);
/** /**
* \brief Set the key for a CSR (public key will be included, * \brief Set the key for a CSR (public key will be included,
@ -186,7 +184,7 @@ int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
* \param ctx CSR context to use * \param ctx CSR context to use
* \param key Asymmetric key to include * \param key Asymmetric key to include
*/ */
void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ); void mbedtls_x509write_csr_set_key(mbedtls_x509write_csr *ctx, mbedtls_pk_context *key);
/** /**
* \brief Set the MD algorithm to use for the signature * \brief Set the MD algorithm to use for the signature
@ -195,7 +193,7 @@ void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_conte
* \param ctx CSR context to use * \param ctx CSR context to use
* \param md_alg MD algorithm to use * \param md_alg MD algorithm to use
*/ */
void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ); void mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg);
/** /**
* \brief Set the Key Usage Extension flags * \brief Set the Key Usage Extension flags
@ -214,7 +212,7 @@ void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_ty
* #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this * #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this
* function. * function.
*/ */
int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ); int mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr *ctx, unsigned char key_usage);
/** /**
* \brief Set the Netscape Cert Type flags * \brief Set the Netscape Cert Type flags
@ -225,8 +223,8 @@ int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned ch
* *
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, int mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr *ctx,
unsigned char ns_cert_type ); unsigned char ns_cert_type);
/** /**
* \brief Generic function to add to or replace an extension in the * \brief Generic function to add to or replace an extension in the
@ -241,17 +239,17 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
* *
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, int mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr *ctx,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
int critical, int critical,
const unsigned char *val, size_t val_len ); const unsigned char *val, size_t val_len);
/** /**
* \brief Free the contents of a CSR context * \brief Free the contents of a CSR context
* *
* \param ctx CSR context to free * \param ctx CSR context to free
*/ */
void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ); void mbedtls_x509write_csr_free(mbedtls_x509write_csr *ctx);
/** /**
* \brief Write a CSR (Certificate Signing Request) to a * \brief Write a CSR (Certificate Signing Request) to a
@ -271,9 +269,9 @@ void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx );
* *
* \note \p f_rng is used for the signature operation. * \note \p f_rng is used for the signature operation.
*/ */
int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#if defined(MBEDTLS_PEM_WRITE_C) #if defined(MBEDTLS_PEM_WRITE_C)
/** /**
@ -290,9 +288,9 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s
* *
* \note \p f_rng is used for the signature operation. * \note \p f_rng is used for the signature operation.
*/ */
int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_X509_CSR_WRITE_C */ #endif /* MBEDTLS_X509_CSR_WRITE_C */

26
include/psa/crypto.h
View File

@ -137,8 +137,8 @@ static psa_key_attributes_t psa_key_attributes_init(void);
* \param[out] attributes The attribute structure to write to. * \param[out] attributes The attribute structure to write to.
* \param key The persistent identifier for the key. * \param key The persistent identifier for the key.
*/ */
static void psa_set_key_id( psa_key_attributes_t *attributes, static void psa_set_key_id(psa_key_attributes_t *attributes,
mbedtls_svc_key_id_t key ); mbedtls_svc_key_id_t key);
#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
/** Set the owner identifier of a key. /** Set the owner identifier of a key.
@ -155,8 +155,8 @@ static void psa_set_key_id( psa_key_attributes_t *attributes,
* \param[out] attributes The attribute structure to write to. * \param[out] attributes The attribute structure to write to.
* \param owner The key owner identifier. * \param owner The key owner identifier.
*/ */
static void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, static void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
mbedtls_key_owner_id_t owner ); mbedtls_key_owner_id_t owner);
#endif #endif
/** Set the location of a persistent key. /** Set the location of a persistent key.
@ -2884,13 +2884,13 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, psa_status_t psa_sign_message(mbedtls_svc_key_id_t key,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t * input, const uint8_t *input,
size_t input_length, size_t input_length,
uint8_t * signature, uint8_t *signature,
size_t signature_size, size_t signature_size,
size_t * signature_length ); size_t *signature_length);
/** \brief Verify the signature of a message with a public key, using /** \brief Verify the signature of a message with a public key, using
* a hash-and-sign verification algorithm. * a hash-and-sign verification algorithm.
@ -2936,12 +2936,12 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, psa_status_t psa_verify_message(mbedtls_svc_key_id_t key,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t * input, const uint8_t *input,
size_t input_length, size_t input_length,
const uint8_t * signature, const uint8_t *signature,
size_t signature_length ); size_t signature_length);
/** /**
* \brief Sign a hash or short message with a private key. * \brief Sign a hash or short message with a private key.
@ -3336,7 +3336,7 @@ psa_status_t psa_key_derivation_set_capacity(
* The value of the maximum possible capacity depends on the key derivation * The value of the maximum possible capacity depends on the key derivation
* algorithm. * algorithm.
*/ */
#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1)) #define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t) (-1))
/** Provide an input for key derivation or key agreement. /** Provide an input for key derivation or key agreement.
* *

21
include/psa/crypto_builtin_composites.h
View File

@ -45,8 +45,7 @@
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST) #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
typedef struct typedef struct {
{
/** The HMAC algorithm in use */ /** The HMAC algorithm in use */
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
/** The hash context. */ /** The hash context. */
@ -55,16 +54,14 @@ typedef struct
uint8_t MBEDTLS_PRIVATE(opad)[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; uint8_t MBEDTLS_PRIVATE(opad)[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
} mbedtls_psa_hmac_operation_t; } mbedtls_psa_hmac_operation_t;
#define MBEDTLS_PSA_HMAC_OPERATION_INIT {0, PSA_HASH_OPERATION_INIT, {0}} #define MBEDTLS_PSA_HMAC_OPERATION_INIT { 0, PSA_HASH_OPERATION_INIT, { 0 } }
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
#include "mbedtls/cmac.h" #include "mbedtls/cmac.h"
typedef struct typedef struct {
{
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
union union {
{
unsigned MBEDTLS_PRIVATE(dummy); /* Make the union non-empty even with no supported algorithms. */ unsigned MBEDTLS_PRIVATE(dummy); /* Make the union non-empty even with no supported algorithms. */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST) #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
mbedtls_psa_hmac_operation_t MBEDTLS_PRIVATE(hmac); mbedtls_psa_hmac_operation_t MBEDTLS_PRIVATE(hmac);
@ -75,7 +72,7 @@ typedef struct
} MBEDTLS_PRIVATE(ctx); } MBEDTLS_PRIVATE(ctx);
} mbedtls_psa_mac_operation_t; } mbedtls_psa_mac_operation_t;
#define MBEDTLS_PSA_MAC_OPERATION_INIT {0, {0}} #define MBEDTLS_PSA_MAC_OPERATION_INIT { 0, { 0 } }
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) || \
@ -84,8 +81,7 @@ typedef struct
#endif #endif
/* Context structure for the Mbed TLS AEAD implementation. */ /* Context structure for the Mbed TLS AEAD implementation. */
typedef struct typedef struct {
{
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
psa_key_type_t MBEDTLS_PRIVATE(key_type); psa_key_type_t MBEDTLS_PRIVATE(key_type);
@ -93,8 +89,7 @@ typedef struct
uint8_t MBEDTLS_PRIVATE(tag_length); uint8_t MBEDTLS_PRIVATE(tag_length);
union union {
{
unsigned dummy; /* Enable easier initializing of the union. */ unsigned dummy; /* Enable easier initializing of the union. */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
mbedtls_ccm_context MBEDTLS_PRIVATE(ccm); mbedtls_ccm_context MBEDTLS_PRIVATE(ccm);
@ -110,6 +105,6 @@ typedef struct
} mbedtls_psa_aead_operation_t; } mbedtls_psa_aead_operation_t;
#define MBEDTLS_PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, {0}} #define MBEDTLS_PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, { 0 } }
#endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */ #endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */

10
include/psa/crypto_builtin_primitives.h
View File

@ -56,11 +56,9 @@
#define MBEDTLS_PSA_BUILTIN_HASH #define MBEDTLS_PSA_BUILTIN_HASH
#endif #endif
typedef struct typedef struct {
{
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
union union {
{
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
mbedtls_md5_context md5; mbedtls_md5_context md5;
@ -82,7 +80,7 @@ typedef struct
} MBEDTLS_PRIVATE(ctx); } MBEDTLS_PRIVATE(ctx);
} mbedtls_psa_hash_operation_t; } mbedtls_psa_hash_operation_t;
#define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}} #define MBEDTLS_PSA_HASH_OPERATION_INIT { 0, { 0 } }
/* /*
* Cipher multi-part operation definitions. * Cipher multi-part operation definitions.
@ -111,6 +109,6 @@ typedef struct {
} MBEDTLS_PRIVATE(ctx); } MBEDTLS_PRIVATE(ctx);
} mbedtls_psa_cipher_operation_t; } mbedtls_psa_cipher_operation_t;
#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}} #define MBEDTLS_PSA_CIPHER_OPERATION_INIT { 0, 0, 0, { 0 } }
#endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */ #endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */

8
include/psa/crypto_compat.h
View File

@ -50,9 +50,9 @@ typedef mbedtls_svc_key_id_t psa_key_handle_t;
* *
* \return Non-zero if the handle is null, zero otherwise. * \return Non-zero if the handle is null, zero otherwise.
*/ */
static inline int psa_key_handle_is_null( psa_key_handle_t handle ) static inline int psa_key_handle_is_null(psa_key_handle_t handle)
{ {
return( mbedtls_svc_key_id_is_null( handle ) ); return mbedtls_svc_key_id_is_null(handle);
} }
/** Open a handle to an existing persistent key. /** Open a handle to an existing persistent key.
@ -115,8 +115,8 @@ static inline int psa_key_handle_is_null( psa_key_handle_t handle )
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_status_t psa_open_key(mbedtls_svc_key_id_t key,
psa_key_handle_t *handle ); psa_key_handle_t *handle);
/** Close a key handle. /** Close a key handle.
* *

242
include/psa/crypto_extra.h
View File

@ -85,7 +85,7 @@ static inline void psa_set_key_enrollment_algorithm(
static inline psa_algorithm_t psa_get_key_enrollment_algorithm( static inline psa_algorithm_t psa_get_key_enrollment_algorithm(
const psa_key_attributes_t *attributes) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2);
} }
#if defined(MBEDTLS_PSA_CRYPTO_SE_C) #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
@ -114,7 +114,7 @@ static inline psa_algorithm_t psa_get_key_enrollment_algorithm(
*/ */
psa_status_t psa_get_key_slot_number( psa_status_t psa_get_key_slot_number(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
psa_key_slot_number_t *slot_number ); psa_key_slot_number_t *slot_number);
/** Choose the slot number where a key is stored. /** Choose the slot number where a key is stored.
* *
@ -141,7 +141,7 @@ psa_status_t psa_get_key_slot_number(
*/ */
static inline void psa_set_key_slot_number( static inline void psa_set_key_slot_number(
psa_key_attributes_t *attributes, psa_key_attributes_t *attributes,
psa_key_slot_number_t slot_number ) psa_key_slot_number_t slot_number)
{ {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
attributes->MBEDTLS_PRIVATE(slot_number) = slot_number; attributes->MBEDTLS_PRIVATE(slot_number) = slot_number;
@ -154,9 +154,10 @@ static inline void psa_set_key_slot_number(
* \param[out] attributes The attribute structure to write to. * \param[out] attributes The attribute structure to write to.
*/ */
static inline void psa_clear_key_slot_number( static inline void psa_clear_key_slot_number(
psa_key_attributes_t *attributes ) psa_key_attributes_t *attributes)
{ {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) &=
~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
} }
/** Register a key that is already present in a secure element. /** Register a key that is already present in a secure element.
@ -214,7 +215,7 @@ psa_status_t mbedtls_psa_register_se_key(
* *
* This is an Mbed TLS extension. * This is an Mbed TLS extension.
*/ */
void mbedtls_psa_crypto_free( void ); void mbedtls_psa_crypto_free(void);
/** \brief Statistics about /** \brief Statistics about
* resource consumption related to the PSA keystore. * resource consumption related to the PSA keystore.
@ -222,8 +223,7 @@ void mbedtls_psa_crypto_free( void );
* \note The content of this structure is not part of the stable API and ABI * \note The content of this structure is not part of the stable API and ABI
* of Mbed Crypto and may change arbitrarily from version to version. * of Mbed Crypto and may change arbitrarily from version to version.
*/ */
typedef struct mbedtls_psa_stats_s typedef struct mbedtls_psa_stats_s {
{
/** Number of slots containing key material for a volatile key. */ /** Number of slots containing key material for a volatile key. */
size_t MBEDTLS_PRIVATE(volatile_slots); size_t MBEDTLS_PRIVATE(volatile_slots);
/** Number of slots containing key material for a key which is in /** Number of slots containing key material for a key which is in
@ -254,7 +254,7 @@ typedef struct mbedtls_psa_stats_s
* between the application and the keystore, the service may or * between the application and the keystore, the service may or
* may not expose this function. * may not expose this function.
*/ */
void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ); void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats);
/** /**
* \brief Inject an initial entropy seed for the random generator into * \brief Inject an initial entropy seed for the random generator into
@ -339,7 +339,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
* string. The length of the byte string is the length of the base prime `p` * string. The length of the byte string is the length of the base prime `p`
* in bytes. * in bytes.
*/ */
#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x4002) #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t) 0x4002)
/** DSA key pair (private and public key). /** DSA key pair (private and public key).
* *
@ -357,13 +357,13 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
* Add 1 to the resulting integer and use this as the private key *x*. * Add 1 to the resulting integer and use this as the private key *x*.
* *
*/ */
#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002) #define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t) 0x7002)
/** Whether a key type is a DSA key (pair or public-only). */ /** Whether a key type is a DSA key (pair or public-only). */
#define PSA_KEY_TYPE_IS_DSA(type) \ #define PSA_KEY_TYPE_IS_DSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x06000400) #define PSA_ALG_DSA_BASE ((psa_algorithm_t) 0x06000400)
/** DSA signature with hashing. /** DSA signature with hashing.
* *
* This is the signature scheme defined by FIPS 186-4, * This is the signature scheme defined by FIPS 186-4,
@ -380,7 +380,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
*/ */
#define PSA_ALG_DSA(hash_alg) \ #define PSA_ALG_DSA(hash_alg) \
(PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x06000500) #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t) 0x06000500)
#define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
/** Deterministic DSA signature with hashing. /** Deterministic DSA signature with hashing.
* *
@ -587,53 +587,52 @@ psa_status_t psa_get_key_domain_parameters(
* (`PSA_ECC_FAMILY_xxx`). * (`PSA_ECC_FAMILY_xxx`).
* \return \c 0 on failure (\p grpid is not recognized). * \return \c 0 on failure (\p grpid is not recognized).
*/ */
static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, static inline psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid,
size_t *bits ) size_t *bits)
{ {
switch( grpid ) switch (grpid) {
{
case MBEDTLS_ECP_DP_SECP192R1: case MBEDTLS_ECP_DP_SECP192R1:
*bits = 192; *bits = 192;
return( PSA_ECC_FAMILY_SECP_R1 ); return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_SECP224R1: case MBEDTLS_ECP_DP_SECP224R1:
*bits = 224; *bits = 224;
return( PSA_ECC_FAMILY_SECP_R1 ); return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_SECP256R1: case MBEDTLS_ECP_DP_SECP256R1:
*bits = 256; *bits = 256;
return( PSA_ECC_FAMILY_SECP_R1 ); return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_SECP384R1: case MBEDTLS_ECP_DP_SECP384R1:
*bits = 384; *bits = 384;
return( PSA_ECC_FAMILY_SECP_R1 ); return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_SECP521R1: case MBEDTLS_ECP_DP_SECP521R1:
*bits = 521; *bits = 521;
return( PSA_ECC_FAMILY_SECP_R1 ); return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_BP256R1: case MBEDTLS_ECP_DP_BP256R1:
*bits = 256; *bits = 256;
return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
case MBEDTLS_ECP_DP_BP384R1: case MBEDTLS_ECP_DP_BP384R1:
*bits = 384; *bits = 384;
return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
case MBEDTLS_ECP_DP_BP512R1: case MBEDTLS_ECP_DP_BP512R1:
*bits = 512; *bits = 512;
return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
case MBEDTLS_ECP_DP_CURVE25519: case MBEDTLS_ECP_DP_CURVE25519:
*bits = 255; *bits = 255;
return( PSA_ECC_FAMILY_MONTGOMERY ); return PSA_ECC_FAMILY_MONTGOMERY;
case MBEDTLS_ECP_DP_SECP192K1: case MBEDTLS_ECP_DP_SECP192K1:
*bits = 192; *bits = 192;
return( PSA_ECC_FAMILY_SECP_K1 ); return PSA_ECC_FAMILY_SECP_K1;
case MBEDTLS_ECP_DP_SECP224K1: case MBEDTLS_ECP_DP_SECP224K1:
*bits = 224; *bits = 224;
return( PSA_ECC_FAMILY_SECP_K1 ); return PSA_ECC_FAMILY_SECP_K1;
case MBEDTLS_ECP_DP_SECP256K1: case MBEDTLS_ECP_DP_SECP256K1:
*bits = 256; *bits = 256;
return( PSA_ECC_FAMILY_SECP_K1 ); return PSA_ECC_FAMILY_SECP_K1;
case MBEDTLS_ECP_DP_CURVE448: case MBEDTLS_ECP_DP_CURVE448:
*bits = 448; *bits = 448;
return( PSA_ECC_FAMILY_MONTGOMERY ); return PSA_ECC_FAMILY_MONTGOMERY;
default: default:
*bits = 0; *bits = 0;
return( 0 ); return 0;
} }
} }
@ -656,9 +655,9 @@ static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id gr
* \return #MBEDTLS_ECP_DP_NONE if \p bits is not * \return #MBEDTLS_ECP_DP_NONE if \p bits is not
* correct for \p curve. * correct for \p curve.
*/ */
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve,
size_t bits, size_t bits,
int bits_is_sloppy ); int bits_is_sloppy);
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
/**@}*/ /**@}*/
@ -709,7 +708,7 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve,
*/ */
psa_status_t mbedtls_psa_external_get_random( psa_status_t mbedtls_psa_external_get_random(
mbedtls_psa_external_random_context_t *context, mbedtls_psa_external_random_context_t *context,
uint8_t *output, size_t output_size, size_t *output_length ); uint8_t *output, size_t output_size, size_t *output_length);
#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
/**@}*/ /**@}*/
@ -729,14 +728,14 @@ psa_status_t mbedtls_psa_external_get_random(
* This value is part of the library's ABI since changing it would invalidate * This value is part of the library's ABI since changing it would invalidate
* the values of built-in key identifiers in applications. * the values of built-in key identifiers in applications.
*/ */
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t)0x7fff0000) #define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t) 0x7fff0000)
/** The maximum value for a key identifier that is built into the /** The maximum value for a key identifier that is built into the
* implementation. * implementation.
* *
* See #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information. * See #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information.
*/ */
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t)0x7fffefff) #define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t) 0x7fffefff)
/** A slot number identifying a key in a driver. /** A slot number identifying a key in a driver.
* *
@ -754,10 +753,10 @@ typedef uint64_t psa_drv_slot_number_t;
* \retval 0 * \retval 0
* The key identifier is not a builtin key identifier. * The key identifier is not a builtin key identifier.
*/ */
static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) static inline int psa_key_id_is_builtin(psa_key_id_t key_id)
{ {
return( ( key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ) && return (key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN) &&
( key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ) ); (key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX);
} }
/** Platform function to obtain the location and slot number of a built-in key. /** Platform function to obtain the location and slot number of a built-in key.
@ -807,7 +806,7 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id )
psa_status_t mbedtls_psa_platform_get_builtin_key( psa_status_t mbedtls_psa_platform_get_builtin_key(
mbedtls_svc_key_id_t key_id, mbedtls_svc_key_id_t key_id,
psa_key_lifetime_t *lifetime, psa_key_lifetime_t *lifetime,
psa_drv_slot_number_t *slot_number ); psa_drv_slot_number_t *slot_number);
#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
/** @} */ /** @} */
@ -816,7 +815,7 @@ psa_status_t mbedtls_psa_platform_get_builtin_key(
* @{ * @{
*/ */
#define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t)0x0a000000) #define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t) 0x0a000000)
/** Whether the specified algorithm is a password-authenticated key exchange. /** Whether the specified algorithm is a password-authenticated key exchange.
* *
@ -945,7 +944,7 @@ psa_status_t mbedtls_psa_platform_get_builtin_key(
* of RFC 8236 for two examples. * of RFC 8236 for two examples.
* *
*/ */
#define PSA_ALG_JPAKE ((psa_algorithm_t)0x0a000100) #define PSA_ALG_JPAKE ((psa_algorithm_t) 0x0a000100)
/** @} */ /** @} */
@ -1004,7 +1003,7 @@ typedef uint32_t psa_pake_primitive_t;
* This value can be used in a call to psa_pake_set_role() for symmetric PAKE * This value can be used in a call to psa_pake_set_role() for symmetric PAKE
* algorithms which do not assign roles. * algorithms which do not assign roles.
*/ */
#define PSA_PAKE_ROLE_NONE ((psa_pake_role_t)0x00) #define PSA_PAKE_ROLE_NONE ((psa_pake_role_t) 0x00)
/** The first peer in a balanced PAKE. /** The first peer in a balanced PAKE.
* *
@ -1013,7 +1012,7 @@ typedef uint32_t psa_pake_primitive_t;
* need this, both #PSA_PAKE_ROLE_FIRST and #PSA_PAKE_ROLE_SECOND are * need this, both #PSA_PAKE_ROLE_FIRST and #PSA_PAKE_ROLE_SECOND are
* accepted. * accepted.
*/ */
#define PSA_PAKE_ROLE_FIRST ((psa_pake_role_t)0x01) #define PSA_PAKE_ROLE_FIRST ((psa_pake_role_t) 0x01)
/** The second peer in a balanced PAKE. /** The second peer in a balanced PAKE.
* *
@ -1022,19 +1021,19 @@ typedef uint32_t psa_pake_primitive_t;
* need this, either #PSA_PAKE_ROLE_FIRST or #PSA_PAKE_ROLE_SECOND are * need this, either #PSA_PAKE_ROLE_FIRST or #PSA_PAKE_ROLE_SECOND are
* accepted. * accepted.
*/ */
#define PSA_PAKE_ROLE_SECOND ((psa_pake_role_t)0x02) #define PSA_PAKE_ROLE_SECOND ((psa_pake_role_t) 0x02)
/** The client in an augmented PAKE. /** The client in an augmented PAKE.
* *
* Augmented PAKE algorithms need to differentiate between client and server. * Augmented PAKE algorithms need to differentiate between client and server.
*/ */
#define PSA_PAKE_ROLE_CLIENT ((psa_pake_role_t)0x11) #define PSA_PAKE_ROLE_CLIENT ((psa_pake_role_t) 0x11)
/** The server in an augmented PAKE. /** The server in an augmented PAKE.
* *
* Augmented PAKE algorithms need to differentiate between client and server. * Augmented PAKE algorithms need to differentiate between client and server.
*/ */
#define PSA_PAKE_ROLE_SERVER ((psa_pake_role_t)0x12) #define PSA_PAKE_ROLE_SERVER ((psa_pake_role_t) 0x12)
/** The PAKE primitive type indicating the use of elliptic curves. /** The PAKE primitive type indicating the use of elliptic curves.
* *
@ -1054,7 +1053,7 @@ typedef uint32_t psa_pake_primitive_t;
* curve would be. For more information, consult the documentation of * curve would be. For more information, consult the documentation of
* psa_export_key(). * psa_export_key().
*/ */
#define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t)0x01) #define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t) 0x01)
/** The PAKE primitive type indicating the use of Diffie-Hellman groups. /** The PAKE primitive type indicating the use of Diffie-Hellman groups.
* *
@ -1074,7 +1073,7 @@ typedef uint32_t psa_pake_primitive_t;
* group would be. For more information, consult the documentation of * group would be. For more information, consult the documentation of
* psa_export_key(). * psa_export_key().
*/ */
#define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t)0x02) #define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t) 0x02)
/** Construct a PAKE primitive from type, family and bit-size. /** Construct a PAKE primitive from type, family and bit-size.
* *
@ -1112,7 +1111,7 @@ typedef uint32_t psa_pake_primitive_t;
* For information regarding how the group is determined, consult the * For information regarding how the group is determined, consult the
* documentation #PSA_PAKE_PRIMITIVE. * documentation #PSA_PAKE_PRIMITIVE.
*/ */
#define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t)0x01) #define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t) 0x01)
/** A Schnorr NIZKP public key. /** A Schnorr NIZKP public key.
* *
@ -1129,7 +1128,7 @@ typedef uint32_t psa_pake_primitive_t;
* For information regarding how the group is determined, consult the * For information regarding how the group is determined, consult the
* documentation #PSA_PAKE_PRIMITIVE. * documentation #PSA_PAKE_PRIMITIVE.
*/ */
#define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t)0x02) #define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t) 0x02)
/** A Schnorr NIZKP proof. /** A Schnorr NIZKP proof.
* *
@ -1150,7 +1149,7 @@ typedef uint32_t psa_pake_primitive_t;
* For information regarding how the group is determined, consult the * For information regarding how the group is determined, consult the
* documentation #PSA_PAKE_PRIMITIVE. * documentation #PSA_PAKE_PRIMITIVE.
*/ */
#define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t)0x03) #define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t) 0x03)
/** The type of the data structure for PAKE cipher suites. /** The type of the data structure for PAKE cipher suites.
* *
@ -1162,7 +1161,7 @@ typedef struct psa_pake_cipher_suite_s psa_pake_cipher_suite_t;
/** Return an initial value for a PAKE cipher suite object. /** Return an initial value for a PAKE cipher suite object.
*/ */
static psa_pake_cipher_suite_t psa_pake_cipher_suite_init( void ); static psa_pake_cipher_suite_t psa_pake_cipher_suite_init(void);
/** Retrieve the PAKE algorithm from a PAKE cipher suite. /** Retrieve the PAKE algorithm from a PAKE cipher suite.
* *
@ -1171,7 +1170,7 @@ static psa_pake_cipher_suite_t psa_pake_cipher_suite_init( void );
* \return The PAKE algorithm stored in the cipher suite structure. * \return The PAKE algorithm stored in the cipher suite structure.
*/ */
static psa_algorithm_t psa_pake_cs_get_algorithm( static psa_algorithm_t psa_pake_cs_get_algorithm(
const psa_pake_cipher_suite_t *cipher_suite ); const psa_pake_cipher_suite_t *cipher_suite);
/** Declare the PAKE algorithm for the cipher suite. /** Declare the PAKE algorithm for the cipher suite.
* *
@ -1185,8 +1184,8 @@ static psa_algorithm_t psa_pake_cs_get_algorithm(
* If this is 0, the PAKE algorithm in * If this is 0, the PAKE algorithm in
* \p cipher_suite becomes unspecified. * \p cipher_suite becomes unspecified.
*/ */
static void psa_pake_cs_set_algorithm( psa_pake_cipher_suite_t *cipher_suite, static void psa_pake_cs_set_algorithm(psa_pake_cipher_suite_t *cipher_suite,
psa_algorithm_t algorithm ); psa_algorithm_t algorithm);
/** Retrieve the primitive from a PAKE cipher suite. /** Retrieve the primitive from a PAKE cipher suite.
* *
@ -1195,7 +1194,7 @@ static void psa_pake_cs_set_algorithm( psa_pake_cipher_suite_t *cipher_suite,
* \return The primitive stored in the cipher suite structure. * \return The primitive stored in the cipher suite structure.
*/ */
static psa_pake_primitive_t psa_pake_cs_get_primitive( static psa_pake_primitive_t psa_pake_cs_get_primitive(
const psa_pake_cipher_suite_t *cipher_suite ); const psa_pake_cipher_suite_t *cipher_suite);
/** Declare the primitive for a PAKE cipher suite. /** Declare the primitive for a PAKE cipher suite.
* *
@ -1206,8 +1205,8 @@ static psa_pake_primitive_t psa_pake_cs_get_primitive(
* primitive type in \p cipher_suite becomes * primitive type in \p cipher_suite becomes
* unspecified. * unspecified.
*/ */
static void psa_pake_cs_set_primitive( psa_pake_cipher_suite_t *cipher_suite, static void psa_pake_cs_set_primitive(psa_pake_cipher_suite_t *cipher_suite,
psa_pake_primitive_t primitive ); psa_pake_primitive_t primitive);
/** Retrieve the PAKE family from a PAKE cipher suite. /** Retrieve the PAKE family from a PAKE cipher suite.
* *
@ -1216,7 +1215,7 @@ static void psa_pake_cs_set_primitive( psa_pake_cipher_suite_t *cipher_suite,
* \return The PAKE family stored in the cipher suite structure. * \return The PAKE family stored in the cipher suite structure.
*/ */
static psa_pake_family_t psa_pake_cs_get_family( static psa_pake_family_t psa_pake_cs_get_family(
const psa_pake_cipher_suite_t *cipher_suite ); const psa_pake_cipher_suite_t *cipher_suite);
/** Retrieve the PAKE primitive bit-size from a PAKE cipher suite. /** Retrieve the PAKE primitive bit-size from a PAKE cipher suite.
* *
@ -1225,7 +1224,7 @@ static psa_pake_family_t psa_pake_cs_get_family(
* \return The PAKE primitive bit-size stored in the cipher suite structure. * \return The PAKE primitive bit-size stored in the cipher suite structure.
*/ */
static uint16_t psa_pake_cs_get_bits( static uint16_t psa_pake_cs_get_bits(
const psa_pake_cipher_suite_t *cipher_suite ); const psa_pake_cipher_suite_t *cipher_suite);
/** Retrieve the hash algorithm from a PAKE cipher suite. /** Retrieve the hash algorithm from a PAKE cipher suite.
* *
@ -1236,7 +1235,7 @@ static uint16_t psa_pake_cs_get_bits(
* the hash algorithm is not set. * the hash algorithm is not set.
*/ */
static psa_algorithm_t psa_pake_cs_get_hash( static psa_algorithm_t psa_pake_cs_get_hash(
const psa_pake_cipher_suite_t *cipher_suite ); const psa_pake_cipher_suite_t *cipher_suite);
/** Declare the hash algorithm for a PAKE cipher suite. /** Declare the hash algorithm for a PAKE cipher suite.
* *
@ -1254,8 +1253,8 @@ static psa_algorithm_t psa_pake_cs_get_hash(
* If this is 0, the hash algorithm in * If this is 0, the hash algorithm in
* \p cipher_suite becomes unspecified. * \p cipher_suite becomes unspecified.
*/ */
static void psa_pake_cs_set_hash( psa_pake_cipher_suite_t *cipher_suite, static void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite,
psa_algorithm_t hash ); psa_algorithm_t hash);
/** The type of the state data structure for PAKE operations. /** The type of the state data structure for PAKE operations.
* *
@ -1289,7 +1288,7 @@ typedef struct psa_pake_operation_s psa_pake_operation_t;
/** Return an initial value for a PAKE operation object. /** Return an initial value for a PAKE operation object.
*/ */
static psa_pake_operation_t psa_pake_operation_init( void ); static psa_pake_operation_t psa_pake_operation_init(void);
/** Set the session information for a password-authenticated key exchange. /** Set the session information for a password-authenticated key exchange.
* *
@ -1361,8 +1360,8 @@ static psa_pake_operation_t psa_pake_operation_init( void );
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_setup( psa_pake_operation_t *operation, psa_status_t psa_pake_setup(psa_pake_operation_t *operation,
const psa_pake_cipher_suite_t *cipher_suite ); const psa_pake_cipher_suite_t *cipher_suite);
/** Set the password for a password-authenticated key exchange from key ID. /** Set the password for a password-authenticated key exchange from key ID.
* *
@ -1409,8 +1408,8 @@ psa_status_t psa_pake_setup( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_set_password_key( psa_pake_operation_t *operation, psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation,
mbedtls_svc_key_id_t password ); mbedtls_svc_key_id_t password);
/** Set the user ID for a password-authenticated key exchange. /** Set the user ID for a password-authenticated key exchange.
* *
@ -1449,9 +1448,9 @@ psa_status_t psa_pake_set_password_key( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_set_user( psa_pake_operation_t *operation, psa_status_t psa_pake_set_user(psa_pake_operation_t *operation,
const uint8_t *user_id, const uint8_t *user_id,
size_t user_id_len ); size_t user_id_len);
/** Set the peer ID for a password-authenticated key exchange. /** Set the peer ID for a password-authenticated key exchange.
* *
@ -1491,9 +1490,9 @@ psa_status_t psa_pake_set_user( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_set_peer( psa_pake_operation_t *operation, psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation,
const uint8_t *peer_id, const uint8_t *peer_id,
size_t peer_id_len ); size_t peer_id_len);
/** Set the application role for a password-authenticated key exchange. /** Set the application role for a password-authenticated key exchange.
* *
@ -1533,8 +1532,8 @@ psa_status_t psa_pake_set_peer( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_set_role( psa_pake_operation_t *operation, psa_status_t psa_pake_set_role(psa_pake_operation_t *operation,
psa_pake_role_t role ); psa_pake_role_t role);
/** Get output for a step of a password-authenticated key exchange. /** Get output for a step of a password-authenticated key exchange.
* *
@ -1591,11 +1590,11 @@ psa_status_t psa_pake_set_role( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_output( psa_pake_operation_t *operation, psa_status_t psa_pake_output(psa_pake_operation_t *operation,
psa_pake_step_t step, psa_pake_step_t step,
uint8_t *output, uint8_t *output,
size_t output_size, size_t output_size,
size_t *output_length ); size_t *output_length);
/** Provide input for a step of a password-authenticated key exchange. /** Provide input for a step of a password-authenticated key exchange.
* *
@ -1646,10 +1645,10 @@ psa_status_t psa_pake_output( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_input( psa_pake_operation_t *operation, psa_status_t psa_pake_input(psa_pake_operation_t *operation,
psa_pake_step_t step, psa_pake_step_t step,
const uint8_t *input, const uint8_t *input,
size_t input_length ); size_t input_length);
/** Get implicitly confirmed shared secret from a PAKE. /** Get implicitly confirmed shared secret from a PAKE.
* *
@ -1709,8 +1708,8 @@ psa_status_t psa_pake_input( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_get_implicit_key( psa_pake_operation_t *operation, psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation,
psa_key_derivation_operation_t *output ); psa_key_derivation_operation_t *output);
/** Abort a PAKE operation. /** Abort a PAKE operation.
* *
@ -1736,7 +1735,7 @@ psa_status_t psa_pake_get_implicit_key( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_abort( psa_pake_operation_t * operation ); psa_status_t psa_pake_abort(psa_pake_operation_t *operation);
/**@}*/ /**@}*/
@ -1761,7 +1760,7 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
* return 0. * return 0.
*/ */
#define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) \ #define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) \
( alg == PSA_ALG_JPAKE && \ (alg == PSA_ALG_JPAKE && \
primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \ primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
PSA_ECC_FAMILY_SECP_R1, 256) ? \ PSA_ECC_FAMILY_SECP_R1, 256) ? \
( \ ( \
@ -1769,7 +1768,7 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
output_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \ output_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
32 \ 32 \
) : \ ) : \
0 ) 0)
/** A sufficient input buffer size for psa_pake_input(). /** A sufficient input buffer size for psa_pake_input().
* *
@ -1791,7 +1790,7 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
* the parameters are incompatible, return 0. * the parameters are incompatible, return 0.
*/ */
#define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) \ #define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) \
( alg == PSA_ALG_JPAKE && \ (alg == PSA_ALG_JPAKE && \
primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \ primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
PSA_ECC_FAMILY_SECP_R1, 256) ? \ PSA_ECC_FAMILY_SECP_R1, 256) ? \
( \ ( \
@ -1799,7 +1798,7 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
input_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \ input_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
32 \ 32 \
) : \ ) : \
0 ) 0)
/** Output buffer size for psa_pake_output() for any of the supported PAKE /** Output buffer size for psa_pake_output() for any of the supported PAKE
* algorithm and primitive suites and output step. * algorithm and primitive suites and output step.
@ -1822,22 +1821,21 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
/** Returns a suitable initializer for a PAKE cipher suite object of type /** Returns a suitable initializer for a PAKE cipher suite object of type
* psa_pake_cipher_suite_t. * psa_pake_cipher_suite_t.
*/ */
#define PSA_PAKE_CIPHER_SUITE_INIT {PSA_ALG_NONE, 0, 0, 0, PSA_ALG_NONE} #define PSA_PAKE_CIPHER_SUITE_INIT { PSA_ALG_NONE, 0, 0, 0, PSA_ALG_NONE }
/** Returns a suitable initializer for a PAKE operation object of type /** Returns a suitable initializer for a PAKE operation object of type
* psa_pake_operation_t. * psa_pake_operation_t.
*/ */
#if defined(MBEDTLS_PSA_BUILTIN_PAKE) #if defined(MBEDTLS_PSA_BUILTIN_PAKE)
#define PSA_PAKE_OPERATION_INIT {PSA_ALG_NONE, 0, 0, 0, 0, \ #define PSA_PAKE_OPERATION_INIT { PSA_ALG_NONE, 0, 0, 0, 0, \
NULL, 0 , \ NULL, 0, \
PSA_PAKE_ROLE_NONE, {0}, 0, 0, \ PSA_PAKE_ROLE_NONE, { 0 }, 0, 0, \
{.dummy = 0}} { .dummy = 0 } }
#else #else
#define PSA_PAKE_OPERATION_INIT {PSA_ALG_NONE, 0, 0, {0}} #define PSA_PAKE_OPERATION_INIT { PSA_ALG_NONE, 0, 0, { 0 } }
#endif #endif
struct psa_pake_cipher_suite_s struct psa_pake_cipher_suite_s {
{
psa_algorithm_t algorithm; psa_algorithm_t algorithm;
psa_pake_primitive_type_t type; psa_pake_primitive_type_t type;
psa_pake_family_t family; psa_pake_family_t family;
@ -1846,31 +1844,32 @@ struct psa_pake_cipher_suite_s
}; };
static inline psa_algorithm_t psa_pake_cs_get_algorithm( static inline psa_algorithm_t psa_pake_cs_get_algorithm(
const psa_pake_cipher_suite_t *cipher_suite ) const psa_pake_cipher_suite_t *cipher_suite)
{ {
return( cipher_suite->algorithm ); return cipher_suite->algorithm;
} }
static inline void psa_pake_cs_set_algorithm( static inline void psa_pake_cs_set_algorithm(
psa_pake_cipher_suite_t *cipher_suite, psa_pake_cipher_suite_t *cipher_suite,
psa_algorithm_t algorithm) psa_algorithm_t algorithm)
{ {
if( !PSA_ALG_IS_PAKE( algorithm ) ) if (!PSA_ALG_IS_PAKE(algorithm)) {
cipher_suite->algorithm = 0; cipher_suite->algorithm = 0;
else } else {
cipher_suite->algorithm = algorithm; cipher_suite->algorithm = algorithm;
}
} }
static inline psa_pake_primitive_t psa_pake_cs_get_primitive( static inline psa_pake_primitive_t psa_pake_cs_get_primitive(
const psa_pake_cipher_suite_t *cipher_suite ) const psa_pake_cipher_suite_t *cipher_suite)
{ {
return( PSA_PAKE_PRIMITIVE( cipher_suite->type, cipher_suite->family, return PSA_PAKE_PRIMITIVE(cipher_suite->type, cipher_suite->family,
cipher_suite->bits ) ); cipher_suite->bits);
} }
static inline void psa_pake_cs_set_primitive( static inline void psa_pake_cs_set_primitive(
psa_pake_cipher_suite_t *cipher_suite, psa_pake_cipher_suite_t *cipher_suite,
psa_pake_primitive_t primitive ) psa_pake_primitive_t primitive)
{ {
cipher_suite->type = (psa_pake_primitive_type_t) (primitive >> 24); cipher_suite->type = (psa_pake_primitive_type_t) (primitive >> 24);
cipher_suite->family = (psa_pake_family_t) (0xFF & (primitive >> 16)); cipher_suite->family = (psa_pake_family_t) (0xFF & (primitive >> 16));
@ -1878,30 +1877,31 @@ static inline void psa_pake_cs_set_primitive(
} }
static inline psa_pake_family_t psa_pake_cs_get_family( static inline psa_pake_family_t psa_pake_cs_get_family(
const psa_pake_cipher_suite_t *cipher_suite ) const psa_pake_cipher_suite_t *cipher_suite)
{ {
return( cipher_suite->family ); return cipher_suite->family;
} }
static inline uint16_t psa_pake_cs_get_bits( static inline uint16_t psa_pake_cs_get_bits(
const psa_pake_cipher_suite_t *cipher_suite ) const psa_pake_cipher_suite_t *cipher_suite)
{ {
return( cipher_suite->bits ); return cipher_suite->bits;
} }
static inline psa_algorithm_t psa_pake_cs_get_hash( static inline psa_algorithm_t psa_pake_cs_get_hash(
const psa_pake_cipher_suite_t *cipher_suite ) const psa_pake_cipher_suite_t *cipher_suite)
{ {
return( cipher_suite->hash ); return cipher_suite->hash;
} }
static inline void psa_pake_cs_set_hash( psa_pake_cipher_suite_t *cipher_suite, static inline void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite,
psa_algorithm_t hash ) psa_algorithm_t hash)
{ {
if( !PSA_ALG_IS_HASH( hash ) ) if (!PSA_ALG_IS_HASH(hash)) {
cipher_suite->hash = 0; cipher_suite->hash = 0;
else } else {
cipher_suite->hash = hash; cipher_suite->hash = hash;
}
} }
#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) #if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE)
@ -1909,26 +1909,24 @@ static inline void psa_pake_cs_set_hash( psa_pake_cipher_suite_t *cipher_suite,
/* Note: the format for mbedtls_ecjpake_read/write function has an extra /* Note: the format for mbedtls_ecjpake_read/write function has an extra
* length byte for each step, plus an extra 3 bytes for ECParameters in the * length byte for each step, plus an extra 3 bytes for ECParameters in the
* server's 2nd round. */ * server's 2nd round. */
#define MBEDTLS_PSA_PAKE_BUFFER_SIZE ( ( 3 + 1 + 65 + 1 + 65 + 1 + 32 ) * 2 ) #define MBEDTLS_PSA_PAKE_BUFFER_SIZE ((3 + 1 + 65 + 1 + 65 + 1 + 32) * 2)
#endif #endif
struct psa_pake_operation_s struct psa_pake_operation_s {
{
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
unsigned int MBEDTLS_PRIVATE(state); unsigned int MBEDTLS_PRIVATE(state);
unsigned int MBEDTLS_PRIVATE(sequence); unsigned int MBEDTLS_PRIVATE(sequence);
#if defined(MBEDTLS_PSA_BUILTIN_PAKE) #if defined(MBEDTLS_PSA_BUILTIN_PAKE)
unsigned int MBEDTLS_PRIVATE(input_step); unsigned int MBEDTLS_PRIVATE(input_step);
unsigned int MBEDTLS_PRIVATE(output_step); unsigned int MBEDTLS_PRIVATE(output_step);
uint8_t* MBEDTLS_PRIVATE(password); uint8_t *MBEDTLS_PRIVATE(password);
size_t MBEDTLS_PRIVATE(password_len); size_t MBEDTLS_PRIVATE(password_len);
psa_pake_role_t MBEDTLS_PRIVATE(role); psa_pake_role_t MBEDTLS_PRIVATE(role);
uint8_t MBEDTLS_PRIVATE(buffer[MBEDTLS_PSA_PAKE_BUFFER_SIZE]); uint8_t MBEDTLS_PRIVATE(buffer[MBEDTLS_PSA_PAKE_BUFFER_SIZE]);
size_t MBEDTLS_PRIVATE(buffer_length); size_t MBEDTLS_PRIVATE(buffer_length);
size_t MBEDTLS_PRIVATE(buffer_offset); size_t MBEDTLS_PRIVATE(buffer_offset);
#endif #endif
union union {
{
#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) #if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE)
mbedtls_ecjpake_context ecjpake; mbedtls_ecjpake_context ecjpake;
#endif #endif
@ -1937,16 +1935,16 @@ struct psa_pake_operation_s
} MBEDTLS_PRIVATE(ctx); } MBEDTLS_PRIVATE(ctx);
}; };
static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite_init( void ) static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite_init(void)
{ {
const struct psa_pake_cipher_suite_s v = PSA_PAKE_CIPHER_SUITE_INIT; const struct psa_pake_cipher_suite_s v = PSA_PAKE_CIPHER_SUITE_INIT;
return( v ); return v;
} }
static inline struct psa_pake_operation_s psa_pake_operation_init( void ) static inline struct psa_pake_operation_s psa_pake_operation_init(void)
{ {
const struct psa_pake_operation_s v = PSA_PAKE_OPERATION_INIT; const struct psa_pake_operation_s v = PSA_PAKE_OPERATION_INIT;
return( v ); return v;
} }
#ifdef __cplusplus #ifdef __cplusplus

6
include/psa/crypto_platform.h
View File

@ -65,10 +65,10 @@ typedef int32_t mbedtls_key_owner_id_t;
* *
* \return Non-zero if the two key owner identifiers are equal, zero otherwise. * \return Non-zero if the two key owner identifiers are equal, zero otherwise.
*/ */
static inline int mbedtls_key_owner_id_equal( mbedtls_key_owner_id_t id1, static inline int mbedtls_key_owner_id_equal(mbedtls_key_owner_id_t id1,
mbedtls_key_owner_id_t id2 ) mbedtls_key_owner_id_t id2)
{ {
return( id1 == id2 ); return id1 == id2;
} }
#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ #endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */

3
include/psa/crypto_se_driver.h
View File

@ -815,8 +815,7 @@ typedef struct {
/** An enumeration indicating how a key is created. /** An enumeration indicating how a key is created.
*/ */
typedef enum typedef enum {
{
PSA_KEY_CREATION_IMPORT, /**< During psa_import_key() */ PSA_KEY_CREATION_IMPORT, /**< During psa_import_key() */
PSA_KEY_CREATION_GENERATE, /**< During psa_generate_key() */ PSA_KEY_CREATION_GENERATE, /**< During psa_generate_key() */
PSA_KEY_CREATION_DERIVE, /**< During psa_key_derivation_output_key() */ PSA_KEY_CREATION_DERIVE, /**< During psa_key_derivation_output_key() */

8
include/psa/crypto_sizes.h
View File

@ -276,7 +276,7 @@
((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \ ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \
PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) : \ PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) : \
PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
((void)(key_type), (void)(key_bits), 0)) ((void) (key_type), (void) (key_bits), 0))
/** The maximum size of the output of psa_aead_encrypt(), in bytes. /** The maximum size of the output of psa_aead_encrypt(), in bytes.
* *
@ -591,9 +591,9 @@
* return value is unspecified. * return value is unspecified.
*/ */
#define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ #define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \
(PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \
PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
((void)alg, 0)) ((void) alg, 0))
#define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \ #define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \
PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
@ -637,7 +637,7 @@
*/ */
#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \
(PSA_KEY_TYPE_IS_RSA(key_type) ? \ (PSA_KEY_TYPE_IS_RSA(key_type) ? \
((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \
0) 0)
/** A sufficient output buffer size for psa_asymmetric_encrypt(), for any /** A sufficient output buffer size for psa_asymmetric_encrypt(), for any

161
include/psa/crypto_struct.h
View File

@ -79,8 +79,7 @@ extern "C" {
* algorithms. */ * algorithms. */
#include "psa/crypto_driver_contexts_primitives.h" #include "psa/crypto_driver_contexts_primitives.h"
struct psa_hash_operation_s struct psa_hash_operation_s {
{
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -92,14 +91,13 @@ struct psa_hash_operation_s
}; };
#define PSA_HASH_OPERATION_INIT { 0, { 0 } } #define PSA_HASH_OPERATION_INIT { 0, { 0 } }
static inline struct psa_hash_operation_s psa_hash_operation_init( void ) static inline struct psa_hash_operation_s psa_hash_operation_init(void)
{ {
const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT;
return( v ); return v;
} }
struct psa_cipher_operation_s struct psa_cipher_operation_s {
{
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -117,18 +115,17 @@ struct psa_cipher_operation_s
}; };
#define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } } #define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } }
static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) static inline struct psa_cipher_operation_s psa_cipher_operation_init(void)
{ {
const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT;
return( v ); return v;
} }
/* Include the context definition for the compiled-in drivers for the composite /* Include the context definition for the compiled-in drivers for the composite
* algorithms. */ * algorithms. */
#include "psa/crypto_driver_contexts_composites.h" #include "psa/crypto_driver_contexts_composites.h"
struct psa_mac_operation_s struct psa_mac_operation_s {
{
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -142,14 +139,13 @@ struct psa_mac_operation_s
}; };
#define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } } #define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } }
static inline struct psa_mac_operation_s psa_mac_operation_init( void ) static inline struct psa_mac_operation_s psa_mac_operation_init(void)
{ {
const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
return( v ); return v;
} }
struct psa_aead_operation_s struct psa_aead_operation_s {
{
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
@ -174,18 +170,17 @@ struct psa_aead_operation_s
psa_driver_aead_context_t MBEDTLS_PRIVATE(ctx); psa_driver_aead_context_t MBEDTLS_PRIVATE(ctx);
}; };
#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, {0}} #define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, { 0 } }
static inline struct psa_aead_operation_s psa_aead_operation_init( void ) static inline struct psa_aead_operation_s psa_aead_operation_init(void)
{ {
const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT;
return( v ); return v;
} }
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
typedef struct typedef struct {
{
uint8_t *MBEDTLS_PRIVATE(info); uint8_t *MBEDTLS_PRIVATE(info);
size_t MBEDTLS_PRIVATE(info_length); size_t MBEDTLS_PRIVATE(info_length);
#if PSA_HASH_MAX_SIZE > 0xff #if PSA_HASH_MAX_SIZE > 0xff
@ -203,16 +198,14 @@ typedef struct
MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT || MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT ||
MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */ MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
typedef struct typedef struct {
{
uint8_t MBEDTLS_PRIVATE(data)[PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE]; uint8_t MBEDTLS_PRIVATE(data)[PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE];
} psa_tls12_ecjpake_to_pms_t; } psa_tls12_ecjpake_to_pms_t;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
typedef enum typedef enum {
{
PSA_TLS12_PRF_STATE_INIT, /* no input provided */ PSA_TLS12_PRF_STATE_INIT, /* no input provided */
PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */ PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */
PSA_TLS12_PRF_STATE_OTHER_KEY_SET, /* other key has been set - optional */ PSA_TLS12_PRF_STATE_OTHER_KEY_SET, /* other key has been set - optional */
@ -221,8 +214,7 @@ typedef enum
PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */ PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */
} psa_tls12_prf_key_derivation_state_t; } psa_tls12_prf_key_derivation_state_t;
typedef struct psa_tls12_prf_key_derivation_s typedef struct psa_tls12_prf_key_derivation_s {
{
#if PSA_HASH_MAX_SIZE > 0xff #if PSA_HASH_MAX_SIZE > 0xff
#error "PSA_HASH_MAX_SIZE does not fit in uint8_t" #error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
#endif #endif
@ -255,13 +247,11 @@ typedef struct psa_tls12_prf_key_derivation_s
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
struct psa_key_derivation_s struct psa_key_derivation_s {
{
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
unsigned int MBEDTLS_PRIVATE(can_output_key) : 1; unsigned int MBEDTLS_PRIVATE(can_output_key) : 1;
size_t MBEDTLS_PRIVATE(capacity); size_t MBEDTLS_PRIVATE(capacity);
union union {
{
/* Make the union non-empty even with no supported algorithms. */ /* Make the union non-empty even with no supported algorithms. */
uint8_t MBEDTLS_PRIVATE(dummy); uint8_t MBEDTLS_PRIVATE(dummy);
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
@ -282,14 +272,13 @@ struct psa_key_derivation_s
/* This only zeroes out the first byte in the union, the rest is unspecified. */ /* This only zeroes out the first byte in the union, the rest is unspecified. */
#define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } } #define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } }
static inline struct psa_key_derivation_s psa_key_derivation_operation_init( static inline struct psa_key_derivation_s psa_key_derivation_operation_init(
void ) void)
{ {
const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT;
return( v ); return v;
} }
struct psa_key_policy_s struct psa_key_policy_s {
{
psa_key_usage_t MBEDTLS_PRIVATE(usage); psa_key_usage_t MBEDTLS_PRIVATE(usage);
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
psa_algorithm_t MBEDTLS_PRIVATE(alg2); psa_algorithm_t MBEDTLS_PRIVATE(alg2);
@ -297,10 +286,10 @@ struct psa_key_policy_s
typedef struct psa_key_policy_s psa_key_policy_t; typedef struct psa_key_policy_s psa_key_policy_t;
#define PSA_KEY_POLICY_INIT { 0, 0, 0 } #define PSA_KEY_POLICY_INIT { 0, 0, 0 }
static inline struct psa_key_policy_s psa_key_policy_init( void ) static inline struct psa_key_policy_s psa_key_policy_init(void)
{ {
const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT;
return( v ); return v;
} }
/* The type used internally for key sizes. /* The type used internally for key sizes.
@ -308,7 +297,7 @@ static inline struct psa_key_policy_s psa_key_policy_init( void )
typedef uint16_t psa_key_bits_t; typedef uint16_t psa_key_bits_t;
/* The maximum value of the type used to represent bit-sizes. /* The maximum value of the type used to represent bit-sizes.
* This is used to mark an invalid key size. */ * This is used to mark an invalid key size. */
#define PSA_KEY_BITS_TOO_LARGE ( ( psa_key_bits_t ) -1 ) #define PSA_KEY_BITS_TOO_LARGE ((psa_key_bits_t) -1)
/* The maximum size of a key in bits. /* The maximum size of a key in bits.
* Currently defined as the maximum that can be represented, rounded down * Currently defined as the maximum that can be represented, rounded down
* to a whole number of bytes. * to a whole number of bytes.
@ -326,21 +315,20 @@ typedef uint16_t psa_key_bits_t;
typedef uint16_t psa_key_attributes_flag_t; typedef uint16_t psa_key_attributes_flag_t;
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \ #define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \
( (psa_key_attributes_flag_t) 0x0001 ) ((psa_key_attributes_flag_t) 0x0001)
/* A mask of key attribute flags used externally only. /* A mask of key attribute flags used externally only.
* Only meant for internal checks inside the library. */ * Only meant for internal checks inside the library. */
#define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \ #define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \
MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \ MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \
0 ) 0)
/* A mask of key attribute flags used both internally and externally. /* A mask of key attribute flags used both internally and externally.
* Currently there aren't any. */ * Currently there aren't any. */
#define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \ #define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \
0 ) 0)
typedef struct typedef struct {
{
psa_key_type_t MBEDTLS_PRIVATE(type); psa_key_type_t MBEDTLS_PRIVATE(type);
psa_key_bits_t MBEDTLS_PRIVATE(bits); psa_key_bits_t MBEDTLS_PRIVATE(bits);
psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime); psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime);
@ -354,8 +342,7 @@ typedef struct
MBEDTLS_SVC_KEY_ID_INIT, \ MBEDTLS_SVC_KEY_ID_INIT, \
PSA_KEY_POLICY_INIT, 0 } PSA_KEY_POLICY_INIT, 0 }
struct psa_key_attributes_s struct psa_key_attributes_s {
{
psa_core_key_attributes_t MBEDTLS_PRIVATE(core); psa_core_key_attributes_t MBEDTLS_PRIVATE(core);
#if defined(MBEDTLS_PSA_CRYPTO_SE_C) #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number); psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number);
@ -370,48 +357,46 @@ struct psa_key_attributes_s
#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0 } #define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0 }
#endif #endif
static inline struct psa_key_attributes_s psa_key_attributes_init( void ) static inline struct psa_key_attributes_s psa_key_attributes_init(void)
{ {
const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT;
return( v ); return v;
} }
static inline void psa_set_key_id( psa_key_attributes_t *attributes, static inline void psa_set_key_id(psa_key_attributes_t *attributes,
mbedtls_svc_key_id_t key ) mbedtls_svc_key_id_t key)
{ {
psa_key_lifetime_t lifetime = attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime); psa_key_lifetime_t lifetime = attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime);
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = key; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = key;
if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
{
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) = attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) =
PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
PSA_KEY_LIFETIME_PERSISTENT, PSA_KEY_LIFETIME_PERSISTENT,
PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) ); PSA_KEY_LIFETIME_GET_LOCATION(lifetime));
} }
} }
static inline mbedtls_svc_key_id_t psa_get_key_id( static inline mbedtls_svc_key_id_t psa_get_key_id(
const psa_key_attributes_t *attributes ) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id);
} }
#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, static inline void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
mbedtls_key_owner_id_t owner ) mbedtls_key_owner_id_t owner)
{ {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(owner) = owner; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(owner) = owner;
} }
#endif #endif
static inline void psa_set_key_lifetime( psa_key_attributes_t *attributes, static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
psa_key_lifetime_t lifetime ) psa_key_lifetime_t lifetime)
{ {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) = lifetime; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) = lifetime;
if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
{
#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(key_id) = 0; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(key_id) = 0;
#else #else
@ -421,89 +406,89 @@ static inline void psa_set_key_lifetime( psa_key_attributes_t *attributes,
} }
static inline psa_key_lifetime_t psa_get_key_lifetime( static inline psa_key_lifetime_t psa_get_key_lifetime(
const psa_key_attributes_t *attributes ) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime);
} }
static inline void psa_extend_key_usage_flags( psa_key_usage_t *usage_flags ) static inline void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags)
{ {
if( *usage_flags & PSA_KEY_USAGE_SIGN_HASH ) if (*usage_flags & PSA_KEY_USAGE_SIGN_HASH) {
*usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE; *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
}
if( *usage_flags & PSA_KEY_USAGE_VERIFY_HASH ) if (*usage_flags & PSA_KEY_USAGE_VERIFY_HASH) {
*usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE; *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
}
} }
static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
psa_key_usage_t usage_flags) psa_key_usage_t usage_flags)
{ {
psa_extend_key_usage_flags( &usage_flags ); psa_extend_key_usage_flags(&usage_flags);
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags;
} }
static inline psa_key_usage_t psa_get_key_usage_flags( static inline psa_key_usage_t psa_get_key_usage_flags(
const psa_key_attributes_t *attributes ) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage);
} }
static inline void psa_set_key_algorithm( psa_key_attributes_t *attributes, static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
psa_algorithm_t alg ) psa_algorithm_t alg)
{ {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) = alg; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) = alg;
} }
static inline psa_algorithm_t psa_get_key_algorithm( static inline psa_algorithm_t psa_get_key_algorithm(
const psa_key_attributes_t *attributes ) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg);
} }
/* This function is declared in crypto_extra.h, which comes after this /* This function is declared in crypto_extra.h, which comes after this
* header file, but we need the function here, so repeat the declaration. */ * header file, but we need the function here, so repeat the declaration. */
psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes, psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
psa_key_type_t type, psa_key_type_t type,
const uint8_t *data, const uint8_t *data,
size_t data_length ); size_t data_length);
static inline void psa_set_key_type( psa_key_attributes_t *attributes, static inline void psa_set_key_type(psa_key_attributes_t *attributes,
psa_key_type_t type ) psa_key_type_t type)
{ {
if( attributes->MBEDTLS_PRIVATE(domain_parameters) == NULL ) if (attributes->MBEDTLS_PRIVATE(domain_parameters) == NULL) {
{
/* Common case: quick path */ /* Common case: quick path */
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) = type; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) = type;
} } else {
else
{
/* Call the bigger function to free the old domain parameters. /* Call the bigger function to free the old domain parameters.
* Ignore any errors which may arise due to type requiring * Ignore any errors which may arise due to type requiring
* non-default domain parameters, since this function can't * non-default domain parameters, since this function can't
* report errors. */ * report errors. */
(void) psa_set_key_domain_parameters( attributes, type, NULL, 0 ); (void) psa_set_key_domain_parameters(attributes, type, NULL, 0);
} }
} }
static inline psa_key_type_t psa_get_key_type( static inline psa_key_type_t psa_get_key_type(
const psa_key_attributes_t *attributes ) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type);
} }
static inline void psa_set_key_bits( psa_key_attributes_t *attributes, static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
size_t bits ) size_t bits)
{ {
if( bits > PSA_MAX_KEY_BITS ) if (bits > PSA_MAX_KEY_BITS) {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = PSA_KEY_BITS_TOO_LARGE; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = PSA_KEY_BITS_TOO_LARGE;
else } else {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = (psa_key_bits_t) bits; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = (psa_key_bits_t) bits;
}
} }
static inline size_t psa_get_key_bits( static inline size_t psa_get_key_bits(
const psa_key_attributes_t *attributes ) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits);
} }
#ifdef __cplusplus #ifdef __cplusplus

5
include/psa/crypto_types.h
View File

@ -291,7 +291,7 @@ typedef uint32_t psa_key_id_t;
* Any changes to existing values will require bumping the storage * Any changes to existing values will require bumping the storage
* format version and providing a translation when reading the old * format version and providing a translation when reading the old
* format. * format.
*/ */
#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
typedef psa_key_id_t mbedtls_svc_key_id_t; typedef psa_key_id_t mbedtls_svc_key_id_t;
@ -301,8 +301,7 @@ typedef psa_key_id_t mbedtls_svc_key_id_t;
* client and encodes the client identity in the key identifier argument of * client and encodes the client identity in the key identifier argument of
* functions such as psa_open_key(). * functions such as psa_open_key().
*/ */
typedef struct typedef struct {
{
psa_key_id_t MBEDTLS_PRIVATE(key_id); psa_key_id_t MBEDTLS_PRIVATE(key_id);
mbedtls_key_owner_id_t MBEDTLS_PRIVATE(owner); mbedtls_key_owner_id_t MBEDTLS_PRIVATE(owner);
} mbedtls_svc_key_id_t; } mbedtls_svc_key_id_t;

322
include/psa/crypto_values.h
View File

@ -353,7 +353,7 @@
* *
* Zero is not the encoding of any key type. * Zero is not the encoding of any key type.
*/ */
#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x0000) #define PSA_KEY_TYPE_NONE ((psa_key_type_t) 0x0000)
/** Vendor-defined key type flag. /** Vendor-defined key type flag.
* *
@ -362,15 +362,15 @@
* must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should
* respect the bitwise structure used by standard encodings whenever practical. * respect the bitwise structure used by standard encodings whenever practical.
*/ */
#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x8000) #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t) 0x8000)
#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7000) #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t) 0x7000)
#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x1000) #define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t) 0x1000)
#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x2000) #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t) 0x2000)
#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x4000) #define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t) 0x4000)
#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x7000) #define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t) 0x7000)
#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x3000) #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t) 0x3000)
/** Whether a key type is vendor-defined. /** Whether a key type is vendor-defined.
* *
@ -428,7 +428,7 @@
* *
* A "key" of this type cannot be used for any cryptographic operation. * A "key" of this type cannot be used for any cryptographic operation.
* Applications may use this type to store arbitrary data in the keystore. */ * Applications may use this type to store arbitrary data in the keystore. */
#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x1001) #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t) 0x1001)
/** HMAC key. /** HMAC key.
* *
@ -438,7 +438,7 @@
* HMAC keys should generally have the same size as the underlying hash. * HMAC keys should generally have the same size as the underlying hash.
* This size can be calculated with #PSA_HASH_LENGTH(\c alg) where * This size can be calculated with #PSA_HASH_LENGTH(\c alg) where
* \c alg is the HMAC algorithm or the underlying hash algorithm. */ * \c alg is the HMAC algorithm or the underlying hash algorithm. */
#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100) #define PSA_KEY_TYPE_HMAC ((psa_key_type_t) 0x1100)
/** A secret for key derivation. /** A secret for key derivation.
* *
@ -451,7 +451,7 @@
* The key policy determines which key derivation algorithm the key * The key policy determines which key derivation algorithm the key
* can be used for. * can be used for.
*/ */
#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x1200) #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t) 0x1200)
/** A low-entropy secret for password hashing or key derivation. /** A low-entropy secret for password hashing or key derivation.
* *
@ -474,7 +474,7 @@
* The key policy determines which key derivation algorithm the key can be * The key policy determines which key derivation algorithm the key can be
* used for, among the permissible subset defined above. * used for, among the permissible subset defined above.
*/ */
#define PSA_KEY_TYPE_PASSWORD ((psa_key_type_t)0x1203) #define PSA_KEY_TYPE_PASSWORD ((psa_key_type_t) 0x1203)
/** A secret value that can be used to verify a password hash. /** A secret value that can be used to verify a password hash.
* *
@ -482,25 +482,25 @@
* can be used for, among the same permissible subset as for * can be used for, among the same permissible subset as for
* #PSA_KEY_TYPE_PASSWORD. * #PSA_KEY_TYPE_PASSWORD.
*/ */
#define PSA_KEY_TYPE_PASSWORD_HASH ((psa_key_type_t)0x1205) #define PSA_KEY_TYPE_PASSWORD_HASH ((psa_key_type_t) 0x1205)
/** A secret value that can be used in when computing a password hash. /** A secret value that can be used in when computing a password hash.
* *
* The key policy determines which key derivation algorithm the key * The key policy determines which key derivation algorithm the key
* can be used for, among the subset of algorithms that can use pepper. * can be used for, among the subset of algorithms that can use pepper.
*/ */
#define PSA_KEY_TYPE_PEPPER ((psa_key_type_t)0x1206) #define PSA_KEY_TYPE_PEPPER ((psa_key_type_t) 0x1206)
/** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher. /** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher.
* *
* The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or
* 32 bytes (AES-256). * 32 bytes (AES-256).
*/ */
#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x2400) #define PSA_KEY_TYPE_AES ((psa_key_type_t) 0x2400)
/** Key for a cipher, AEAD or MAC algorithm based on the /** Key for a cipher, AEAD or MAC algorithm based on the
* ARIA block cipher. */ * ARIA block cipher. */
#define PSA_KEY_TYPE_ARIA ((psa_key_type_t)0x2406) #define PSA_KEY_TYPE_ARIA ((psa_key_type_t) 0x2406)
/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
* *
@ -511,11 +511,11 @@
* deprecated and should only be used to decrypt legacy data. 3-key 3DES * deprecated and should only be used to decrypt legacy data. 3-key 3DES
* is weak and deprecated and should only be used in legacy protocols. * is weak and deprecated and should only be used in legacy protocols.
*/ */
#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x2301) #define PSA_KEY_TYPE_DES ((psa_key_type_t) 0x2301)
/** Key for a cipher, AEAD or MAC algorithm based on the /** Key for a cipher, AEAD or MAC algorithm based on the
* Camellia block cipher. */ * Camellia block cipher. */
#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403) #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t) 0x2403)
/** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. /** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm.
* *
@ -528,25 +528,25 @@
* with the initial counter value 1, you can process and discard a * with the initial counter value 1, you can process and discard a
* 64-byte block before the real data. * 64-byte block before the real data.
*/ */
#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004) #define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t) 0x2004)
/** RSA public key. /** RSA public key.
* *
* The size of an RSA key is the bit size of the modulus. * The size of an RSA key is the bit size of the modulus.
*/ */
#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x4001) #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t) 0x4001)
/** RSA key pair (private and public key). /** RSA key pair (private and public key).
* *
* The size of an RSA key is the bit size of the modulus. * The size of an RSA key is the bit size of the modulus.
*/ */
#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7001) #define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t) 0x7001)
/** Whether a key type is an RSA key (pair or public-only). */ /** Whether a key type is an RSA key (pair or public-only). */
#define PSA_KEY_TYPE_IS_RSA(type) \ #define PSA_KEY_TYPE_IS_RSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x4100) #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4100)
#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x7100) #define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t) 0x7100)
#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t) 0x00ff)
/** Elliptic curve key pair. /** Elliptic curve key pair.
* *
* The size of an elliptic curve key is the bit size associated with the curve, * The size of an elliptic curve key is the bit size associated with the curve,
@ -681,9 +681,9 @@
*/ */
#define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42) #define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42)
#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x4200) #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4200)
#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200) #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t) 0x7200)
#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff) #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t) 0x00ff)
/** Diffie-Hellman key pair. /** Diffie-Hellman key pair.
* *
* \param group A value of type ::psa_dh_family_t that identifies the * \param group A value of type ::psa_dh_family_t that identifies the
@ -763,17 +763,17 @@
* the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure * the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure
* used by standard encodings whenever practical. * used by standard encodings whenever practical.
*/ */
#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t) 0x80000000)
#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t) 0x7f000000)
#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x02000000) #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t) 0x02000000)
#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x03000000) #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t) 0x03000000)
#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t) 0x04000000)
#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x05000000) #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t) 0x05000000)
#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x06000000) #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t) 0x06000000)
#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000) #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t) 0x07000000)
#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000) #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t) 0x08000000)
#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000) #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t) 0x09000000)
/** Whether an algorithm is vendor-defined. /** Whether an algorithm is vendor-defined.
* *
@ -896,40 +896,40 @@
#define PSA_ALG_NONE ((psa_algorithm_t)0) #define PSA_ALG_NONE ((psa_algorithm_t)0)
/* *INDENT-ON* */ /* *INDENT-ON* */
#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) #define PSA_ALG_HASH_MASK ((psa_algorithm_t) 0x000000ff)
/** MD5 */ /** MD5 */
#define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003) #define PSA_ALG_MD5 ((psa_algorithm_t) 0x02000003)
/** PSA_ALG_RIPEMD160 */ /** PSA_ALG_RIPEMD160 */
#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x02000004) #define PSA_ALG_RIPEMD160 ((psa_algorithm_t) 0x02000004)
/** SHA1 */ /** SHA1 */
#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x02000005) #define PSA_ALG_SHA_1 ((psa_algorithm_t) 0x02000005)
/** SHA2-224 */ /** SHA2-224 */
#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x02000008) #define PSA_ALG_SHA_224 ((psa_algorithm_t) 0x02000008)
/** SHA2-256 */ /** SHA2-256 */
#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x02000009) #define PSA_ALG_SHA_256 ((psa_algorithm_t) 0x02000009)
/** SHA2-384 */ /** SHA2-384 */
#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0200000a) #define PSA_ALG_SHA_384 ((psa_algorithm_t) 0x0200000a)
/** SHA2-512 */ /** SHA2-512 */
#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0200000b) #define PSA_ALG_SHA_512 ((psa_algorithm_t) 0x0200000b)
/** SHA2-512/224 */ /** SHA2-512/224 */
#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0200000c) #define PSA_ALG_SHA_512_224 ((psa_algorithm_t) 0x0200000c)
/** SHA2-512/256 */ /** SHA2-512/256 */
#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0200000d) #define PSA_ALG_SHA_512_256 ((psa_algorithm_t) 0x0200000d)
/** SHA3-224 */ /** SHA3-224 */
#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x02000010) #define PSA_ALG_SHA3_224 ((psa_algorithm_t) 0x02000010)
/** SHA3-256 */ /** SHA3-256 */
#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x02000011) #define PSA_ALG_SHA3_256 ((psa_algorithm_t) 0x02000011)
/** SHA3-384 */ /** SHA3-384 */
#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x02000012) #define PSA_ALG_SHA3_384 ((psa_algorithm_t) 0x02000012)
/** SHA3-512 */ /** SHA3-512 */
#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x02000013) #define PSA_ALG_SHA3_512 ((psa_algorithm_t) 0x02000013)
/** The first 512 bits (64 bytes) of the SHAKE256 output. /** The first 512 bits (64 bytes) of the SHAKE256 output.
* *
* This is the prehashing for Ed448ph (see #PSA_ALG_ED448PH). For other * This is the prehashing for Ed448ph (see #PSA_ALG_ED448PH). For other
* scenarios where a hash function based on SHA3/SHAKE is desired, SHA3-512 * scenarios where a hash function based on SHA3/SHAKE is desired, SHA3-512
* has the same output size and a (theoretically) higher security strength. * has the same output size and a (theoretically) higher security strength.
*/ */
#define PSA_ALG_SHAKE256_512 ((psa_algorithm_t)0x02000015) #define PSA_ALG_SHAKE256_512 ((psa_algorithm_t) 0x02000015)
/** In a hash-and-sign algorithm policy, allow any hash algorithm. /** In a hash-and-sign algorithm policy, allow any hash algorithm.
* *
@ -964,10 +964,10 @@
* This value may not be used to build an algorithm specification to * This value may not be used to build an algorithm specification to
* perform an operation. It is only valid to build policies. * perform an operation. It is only valid to build policies.
*/ */
#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x020000ff) #define PSA_ALG_ANY_HASH ((psa_algorithm_t) 0x020000ff)
#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t) 0x00c00000)
#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x03800000) #define PSA_ALG_HMAC_BASE ((psa_algorithm_t) 0x03800000)
/** Macro to build an HMAC algorithm. /** Macro to build an HMAC algorithm.
* *
* For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256.
@ -1006,7 +1006,7 @@
* reach up to 63; the largest MAC is 64 bytes so its trivial truncation * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
* to full length is correctly encoded as 0 and any non-trivial truncation * to full length is correctly encoded as 0 and any non-trivial truncation
* is correctly encoded as a value between 1 and 63. */ * is correctly encoded as a value between 1 and 63. */
#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x003f0000) #define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t) 0x003f0000)
#define PSA_MAC_TRUNCATION_OFFSET 16 #define PSA_MAC_TRUNCATION_OFFSET 16
/* In the encoding of a MAC algorithm, the bit corresponding to /* In the encoding of a MAC algorithm, the bit corresponding to
@ -1015,7 +1015,7 @@
* algorithm policy can be used with any algorithm corresponding to the * algorithm policy can be used with any algorithm corresponding to the
* same base class and having a (potentially truncated) MAC length greater or * same base class and having a (potentially truncated) MAC length greater or
* equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */ * equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */
#define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000) #define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
/** Macro to build a truncated MAC algorithm. /** Macro to build a truncated MAC algorithm.
* *
@ -1110,18 +1110,18 @@
* too large for the specified MAC algorithm. * too large for the specified MAC algorithm.
*/ */
#define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \ #define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \
( PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \ (PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)
#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x03c00000) #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t) 0x03c00000)
/** The CBC-MAC construction over a block cipher /** The CBC-MAC construction over a block cipher
* *
* \warning CBC-MAC is insecure in many cases. * \warning CBC-MAC is insecure in many cases.
* A more secure mode, such as #PSA_ALG_CMAC, is recommended. * A more secure mode, such as #PSA_ALG_CMAC, is recommended.
*/ */
#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100) #define PSA_ALG_CBC_MAC ((psa_algorithm_t) 0x03c00100)
/** The CMAC construction over a block cipher */ /** The CMAC construction over a block cipher */
#define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200) #define PSA_ALG_CMAC ((psa_algorithm_t) 0x03c00200)
/** Whether the specified algorithm is a MAC algorithm based on a block cipher. /** Whether the specified algorithm is a MAC algorithm based on a block cipher.
* *
@ -1135,8 +1135,8 @@
(((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
PSA_ALG_CIPHER_MAC_BASE) PSA_ALG_CIPHER_MAC_BASE)
#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) #define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t) 0x00800000)
#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) #define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
/** Whether the specified algorithm is a stream cipher. /** Whether the specified algorithm is a stream cipher.
* *
@ -1159,7 +1159,7 @@
* The underlying stream cipher is determined by the key type. * The underlying stream cipher is determined by the key type.
* - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20. * - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20.
*/ */
#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100) #define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t) 0x04800100)
/** The CTR stream cipher mode. /** The CTR stream cipher mode.
* *
@ -1168,19 +1168,19 @@
* For example, to use AES-128-CTR, use this algorithm with * For example, to use AES-128-CTR, use this algorithm with
* a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
*/ */
#define PSA_ALG_CTR ((psa_algorithm_t)0x04c01000) #define PSA_ALG_CTR ((psa_algorithm_t) 0x04c01000)
/** The CFB stream cipher mode. /** The CFB stream cipher mode.
* *
* The underlying block cipher is determined by the key type. * The underlying block cipher is determined by the key type.
*/ */
#define PSA_ALG_CFB ((psa_algorithm_t)0x04c01100) #define PSA_ALG_CFB ((psa_algorithm_t) 0x04c01100)
/** The OFB stream cipher mode. /** The OFB stream cipher mode.
* *
* The underlying block cipher is determined by the key type. * The underlying block cipher is determined by the key type.
*/ */
#define PSA_ALG_OFB ((psa_algorithm_t)0x04c01200) #define PSA_ALG_OFB ((psa_algorithm_t) 0x04c01200)
/** The XTS cipher mode. /** The XTS cipher mode.
* *
@ -1188,7 +1188,7 @@
* least one full block of input, but beyond this minimum the input * least one full block of input, but beyond this minimum the input
* does not need to be a whole number of blocks. * does not need to be a whole number of blocks.
*/ */
#define PSA_ALG_XTS ((psa_algorithm_t)0x0440ff00) #define PSA_ALG_XTS ((psa_algorithm_t) 0x0440ff00)
/** The Electronic Code Book (ECB) mode of a block cipher, with no padding. /** The Electronic Code Book (ECB) mode of a block cipher, with no padding.
* *
@ -1208,7 +1208,7 @@
* multi-part cipher operation with this algorithm, psa_cipher_generate_iv() * multi-part cipher operation with this algorithm, psa_cipher_generate_iv()
* and psa_cipher_set_iv() must not be called. * and psa_cipher_set_iv() must not be called.
*/ */
#define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t)0x04404400) #define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t) 0x04404400)
/** The CBC block cipher chaining mode, with no padding. /** The CBC block cipher chaining mode, with no padding.
* *
@ -1217,7 +1217,7 @@
* This symmetric cipher mode can only be used with messages whose lengths * This symmetric cipher mode can only be used with messages whose lengths
* are whole number of blocks for the chosen block cipher. * are whole number of blocks for the chosen block cipher.
*/ */
#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04404000) #define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t) 0x04404000)
/** The CBC block cipher chaining mode with PKCS#7 padding. /** The CBC block cipher chaining mode with PKCS#7 padding.
* *
@ -1225,9 +1225,9 @@
* *
* This is the padding method defined by PKCS#7 (RFC 2315) &sect;10.3. * This is the padding method defined by PKCS#7 (RFC 2315) &sect;10.3.
*/ */
#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04404100) #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t) 0x04404100)
#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) #define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
/** Whether the specified algorithm is an AEAD mode on a block cipher. /** Whether the specified algorithm is an AEAD mode on a block cipher.
* *
@ -1246,7 +1246,7 @@
* *
* The underlying block cipher is determined by the key type. * The underlying block cipher is determined by the key type.
*/ */
#define PSA_ALG_CCM ((psa_algorithm_t)0x05500100) #define PSA_ALG_CCM ((psa_algorithm_t) 0x05500100)
/** The CCM* cipher mode without authentication. /** The CCM* cipher mode without authentication.
* *
@ -1257,13 +1257,13 @@
* *
* Currently only 13-byte long IV's are supported. * Currently only 13-byte long IV's are supported.
*/ */
#define PSA_ALG_CCM_STAR_NO_TAG ((psa_algorithm_t)0x04c01300) #define PSA_ALG_CCM_STAR_NO_TAG ((psa_algorithm_t) 0x04c01300)
/** The GCM authenticated encryption algorithm. /** The GCM authenticated encryption algorithm.
* *
* The underlying block cipher is determined by the key type. * The underlying block cipher is determined by the key type.
*/ */
#define PSA_ALG_GCM ((psa_algorithm_t)0x05500200) #define PSA_ALG_GCM ((psa_algorithm_t) 0x05500200)
/** The Chacha20-Poly1305 AEAD algorithm. /** The Chacha20-Poly1305 AEAD algorithm.
* *
@ -1274,13 +1274,13 @@
* *
* Implementations must support 16-byte tags and should reject other sizes. * Implementations must support 16-byte tags and should reject other sizes.
*/ */
#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500) #define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t) 0x05100500)
/* In the encoding of an AEAD algorithm, the bits corresponding to /* In the encoding of an AEAD algorithm, the bits corresponding to
* PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
* The constants for default lengths follow this encoding. * The constants for default lengths follow this encoding.
*/ */
#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x003f0000) #define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t) 0x003f0000)
#define PSA_AEAD_TAG_LENGTH_OFFSET 16 #define PSA_AEAD_TAG_LENGTH_OFFSET 16
/* In the encoding of an AEAD algorithm, the bit corresponding to /* In the encoding of an AEAD algorithm, the bit corresponding to
@ -1289,7 +1289,7 @@
* algorithm policy can be used with any algorithm corresponding to the * algorithm policy can be used with any algorithm corresponding to the
* same base class and having a tag length greater than or equal to the one * same base class and having a tag length greater than or equal to the one
* encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */ * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */
#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000) #define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
/** Macro to build a shortened AEAD algorithm. /** Macro to build a shortened AEAD algorithm.
* *
@ -1327,7 +1327,7 @@
*/ */
#define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \ #define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \
(((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \ (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \
PSA_AEAD_TAG_LENGTH_OFFSET ) PSA_AEAD_TAG_LENGTH_OFFSET)
/** Calculate the corresponding AEAD algorithm with the default tag length. /** Calculate the corresponding AEAD algorithm with the default tag length.
* *
@ -1373,10 +1373,10 @@
* or too large for the specified AEAD algorithm. * or too large for the specified AEAD algorithm.
*/ */
#define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \ #define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
( PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \ (PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)
#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x06000200) #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t) 0x06000200)
/** RSA PKCS#1 v1.5 signature with hashing. /** RSA PKCS#1 v1.5 signature with hashing.
* *
* This is the signature scheme defined by RFC 8017 * This is the signature scheme defined by RFC 8017
@ -1404,8 +1404,8 @@
#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x06000300) #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t) 0x06000300)
#define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t)0x06001300) #define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t) 0x06001300)
/** RSA PSS signature with hashing. /** RSA PSS signature with hashing.
* *
* This is the signature scheme defined by RFC 8017 * This is the signature scheme defined by RFC 8017
@ -1494,7 +1494,7 @@
(PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \ (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \
PSA_ALG_IS_RSA_PSS_ANY_SALT(alg)) PSA_ALG_IS_RSA_PSS_ANY_SALT(alg))
#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x06000600) #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t) 0x06000600)
/** ECDSA signature with hashing. /** ECDSA signature with hashing.
* *
* This is the ECDSA signature scheme defined by ANSI X9.62, * This is the ECDSA signature scheme defined by ANSI X9.62,
@ -1527,7 +1527,7 @@
* the curve size. * the curve size.
*/ */
#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x06000700) #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t) 0x06000700)
/** Deterministic ECDSA signature with hashing. /** Deterministic ECDSA signature with hashing.
* *
* This is the deterministic ECDSA signature scheme defined by RFC 6979. * This is the deterministic ECDSA signature scheme defined by RFC 6979.
@ -1552,7 +1552,7 @@
*/ */
#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
(PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00000100) #define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t) 0x00000100)
#define PSA_ALG_IS_ECDSA(alg) \ #define PSA_ALG_IS_ECDSA(alg) \
(((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \ (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
PSA_ALG_ECDSA_BASE) PSA_ALG_ECDSA_BASE)
@ -1591,9 +1591,9 @@
* RFC 8032 §5.1.6 and §5.2.6 (a 64-byte string for Ed25519, a 114-byte * RFC 8032 §5.1.6 and §5.2.6 (a 64-byte string for Ed25519, a 114-byte
* string for Ed448). * string for Ed448).
*/ */
#define PSA_ALG_PURE_EDDSA ((psa_algorithm_t)0x06000800) #define PSA_ALG_PURE_EDDSA ((psa_algorithm_t) 0x06000800)
#define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t)0x06000900) #define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t) 0x06000900)
#define PSA_ALG_IS_HASH_EDDSA(alg) \ #define PSA_ALG_IS_HASH_EDDSA(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE) (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE)
@ -1685,7 +1685,7 @@
* supported algorithm identifier. * supported algorithm identifier.
*/ */
#define PSA_ALG_IS_SIGN_MESSAGE(alg) \ #define PSA_ALG_IS_SIGN_MESSAGE(alg) \
(PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA ) (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA)
/** Whether the specified algorithm is a hash-and-sign algorithm. /** Whether the specified algorithm is a hash-and-sign algorithm.
* *
@ -1742,9 +1742,9 @@
/** RSA PKCS#1 v1.5 encryption. /** RSA PKCS#1 v1.5 encryption.
*/ */
#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x07000200) #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t) 0x07000200)
#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x07000300) #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t) 0x07000300)
/** RSA OAEP encryption. /** RSA OAEP encryption.
* *
* This is the encryption scheme defined by RFC 8017 * This is the encryption scheme defined by RFC 8017
@ -1768,7 +1768,7 @@
((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
0) 0)
#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x08000100) #define PSA_ALG_HKDF_BASE ((psa_algorithm_t) 0x08000100)
/** Macro to build an HKDF algorithm. /** Macro to build an HKDF algorithm.
* *
* For example, `PSA_ALG_HKDF(PSA_ALG_SHA_256)` is HKDF using HMAC-SHA-256. * For example, `PSA_ALG_HKDF(PSA_ALG_SHA_256)` is HKDF using HMAC-SHA-256.
@ -1813,7 +1813,7 @@
#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_HKDF_EXTRACT_BASE ((psa_algorithm_t)0x08000400) #define PSA_ALG_HKDF_EXTRACT_BASE ((psa_algorithm_t) 0x08000400)
/** Macro to build an HKDF-Extract algorithm. /** Macro to build an HKDF-Extract algorithm.
* *
* For example, `PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256)` is * For example, `PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256)` is
@ -1862,7 +1862,7 @@
#define PSA_ALG_IS_HKDF_EXTRACT(alg) \ #define PSA_ALG_IS_HKDF_EXTRACT(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE) (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE)
#define PSA_ALG_HKDF_EXPAND_BASE ((psa_algorithm_t)0x08000500) #define PSA_ALG_HKDF_EXPAND_BASE ((psa_algorithm_t) 0x08000500)
/** Macro to build an HKDF-Expand algorithm. /** Macro to build an HKDF-Expand algorithm.
* *
* For example, `PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256)` is * For example, `PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256)` is
@ -1919,7 +1919,7 @@
((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE || \ ((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE || \
((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXPAND_BASE) ((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXPAND_BASE)
#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x08000200) #define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t) 0x08000200)
/** Macro to build a TLS-1.2 PRF algorithm. /** Macro to build a TLS-1.2 PRF algorithm.
* *
* TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
@ -1962,7 +1962,7 @@
#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x08000300) #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t) 0x08000300)
/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. /** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
* *
* In a pure-PSK handshake in TLS 1.2, the master secret is derived * In a pure-PSK handshake in TLS 1.2, the master secret is derived
@ -2044,7 +2044,7 @@
* The output has to be read as a single chunk of 32 bytes, defined as * The output has to be read as a single chunk of 32 bytes, defined as
* PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE. * PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE.
*/ */
#define PSA_ALG_TLS12_ECJPAKE_TO_PMS ((psa_algorithm_t)0x08000609) #define PSA_ALG_TLS12_ECJPAKE_TO_PMS ((psa_algorithm_t) 0x08000609)
/* This flag indicates whether the key derivation algorithm is suitable for /* This flag indicates whether the key derivation algorithm is suitable for
* use on low-entropy secrets such as password - these algorithms are also * use on low-entropy secrets such as password - these algorithms are also
@ -2053,9 +2053,9 @@
* *
* Those algorithms cannot be combined with a key agreement algorithm. * Those algorithms cannot be combined with a key agreement algorithm.
*/ */
#define PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG ((psa_algorithm_t)0x00800000) #define PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG ((psa_algorithm_t) 0x00800000)
#define PSA_ALG_PBKDF2_HMAC_BASE ((psa_algorithm_t)0x08800100) #define PSA_ALG_PBKDF2_HMAC_BASE ((psa_algorithm_t) 0x08800100)
/** Macro to build a PBKDF2-HMAC password hashing / key stretching algorithm. /** Macro to build a PBKDF2-HMAC password hashing / key stretching algorithm.
* *
* PBKDF2 is defined by PKCS#5, republished as RFC 8018 (section 5.2). * PBKDF2 is defined by PKCS#5, republished as RFC 8018 (section 5.2).
@ -2105,10 +2105,10 @@
* This key derivation algorithm uses the same inputs as * This key derivation algorithm uses the same inputs as
* #PSA_ALG_PBKDF2_HMAC() with the same constraints. * #PSA_ALG_PBKDF2_HMAC() with the same constraints.
*/ */
#define PSA_ALG_PBKDF2_AES_CMAC_PRF_128 ((psa_algorithm_t)0x08800200) #define PSA_ALG_PBKDF2_AES_CMAC_PRF_128 ((psa_algorithm_t) 0x08800200)
#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff) #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t) 0xfe00ffff)
#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000) #define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t) 0xffff0000)
/** Macro to build a combined algorithm that chains a key agreement with /** Macro to build a combined algorithm that chains a key agreement with
* a key derivation. * a key derivation.
@ -2161,7 +2161,7 @@
* It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p`
* in bits. * in bits.
*/ */
#define PSA_ALG_FFDH ((psa_algorithm_t)0x09010000) #define PSA_ALG_FFDH ((psa_algorithm_t) 0x09010000)
/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. /** Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
* *
@ -2203,7 +2203,7 @@
* in big-endian byte order. * in big-endian byte order.
* The bit size is `m` for the field `F_{2^m}`. * The bit size is `m` for the field `F_{2^m}`.
*/ */
#define PSA_ALG_ECDH ((psa_algorithm_t)0x09020000) #define PSA_ALG_ECDH ((psa_algorithm_t) 0x09020000)
/** Whether the specified algorithm is an elliptic curve Diffie-Hellman /** Whether the specified algorithm is an elliptic curve Diffie-Hellman
* algorithm. * algorithm.
@ -2254,7 +2254,7 @@
* \return \c 0 if alg is not a composite algorithm that uses a hash. * \return \c 0 if alg is not a composite algorithm that uses a hash.
*/ */
#define PSA_ALG_GET_HASH(alg) \ #define PSA_ALG_GET_HASH(alg) \
(((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t)0) : 0x02000000 | ((alg) & 0x000000ff)) (((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t) 0) : 0x02000000 | ((alg) & 0x000000ff))
/**@}*/ /**@}*/
@ -2278,7 +2278,7 @@
* it must release all the resources associated with the key and erase the * it must release all the resources associated with the key and erase the
* key material if the calling application terminates. * key material if the calling application terminates.
*/ */
#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t) 0x00000000)
/** The default lifetime for persistent keys. /** The default lifetime for persistent keys.
* *
@ -2292,31 +2292,31 @@
* application. Integrations of Mbed TLS may support other persistent lifetimes. * application. Integrations of Mbed TLS may support other persistent lifetimes.
* See ::psa_key_lifetime_t for more information. * See ::psa_key_lifetime_t for more information.
*/ */
#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t) 0x00000001)
/** The persistence level of volatile keys. /** The persistence level of volatile keys.
* *
* See ::psa_key_persistence_t for more information. * See ::psa_key_persistence_t for more information.
*/ */
#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00) #define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t) 0x00)
/** The default persistence level for persistent keys. /** The default persistence level for persistent keys.
* *
* See ::psa_key_persistence_t for more information. * See ::psa_key_persistence_t for more information.
*/ */
#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01) #define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t) 0x01)
/** A persistence level indicating that a key is never destroyed. /** A persistence level indicating that a key is never destroyed.
* *
* See ::psa_key_persistence_t for more information. * See ::psa_key_persistence_t for more information.
*/ */
#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) #define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t) 0xff)
#define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \ #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \
((psa_key_persistence_t)((lifetime) & 0x000000ff)) ((psa_key_persistence_t) ((lifetime) & 0x000000ff))
#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \ #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \
((psa_key_location_t)((lifetime) >> 8)) ((psa_key_location_t) ((lifetime) >> 8))
/** Whether a key lifetime indicates that the key is volatile. /** Whether a key lifetime indicates that the key is volatile.
* *
@ -2378,9 +2378,9 @@
* *
* See ::psa_key_location_t for more information. * See ::psa_key_location_t for more information.
*/ */
#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000) #define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t) 0x000000)
#define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000) #define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t) 0x800000)
/* Note that key identifier values are embedded in the /* Note that key identifier values are embedded in the
* persistent key store, as part of key metadata. As a consequence, they * persistent key store, as part of key metadata. As a consequence, they
@ -2394,23 +2394,23 @@
/* *INDENT-ON* */ /* *INDENT-ON* */
/** The minimum value for a key identifier chosen by the application. /** The minimum value for a key identifier chosen by the application.
*/ */
#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) #define PSA_KEY_ID_USER_MIN ((psa_key_id_t) 0x00000001)
/** The maximum value for a key identifier chosen by the application. /** The maximum value for a key identifier chosen by the application.
*/ */
#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) #define PSA_KEY_ID_USER_MAX ((psa_key_id_t) 0x3fffffff)
/** The minimum value for a key identifier chosen by the implementation. /** The minimum value for a key identifier chosen by the implementation.
*/ */
#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) #define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t) 0x40000000)
/** The maximum value for a key identifier chosen by the implementation. /** The maximum value for a key identifier chosen by the implementation.
*/ */
#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) #define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t) 0x7fffffff)
#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
#define MBEDTLS_SVC_KEY_ID_INIT ( (psa_key_id_t)0 ) #define MBEDTLS_SVC_KEY_ID_INIT ((psa_key_id_t) 0)
#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( id ) #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) (id)
#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( 0 ) #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) (0)
/** Utility to initialize a key identifier at runtime. /** Utility to initialize a key identifier at runtime.
* *
@ -2418,11 +2418,11 @@
* \param key_id Identifier of the key. * \param key_id Identifier of the key.
*/ */
static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
unsigned int unused, psa_key_id_t key_id ) unsigned int unused, psa_key_id_t key_id)
{ {
(void)unused; (void) unused;
return( key_id ); return key_id;
} }
/** Compare two key identifiers. /** Compare two key identifiers.
@ -2432,10 +2432,10 @@ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
* *
* \return Non-zero if the two key identifier are equal, zero otherwise. * \return Non-zero if the two key identifier are equal, zero otherwise.
*/ */
static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1,
mbedtls_svc_key_id_t id2 ) mbedtls_svc_key_id_t id2)
{ {
return( id1 == id2 ); return id1 == id2;
} }
/** Check whether a key identifier is null. /** Check whether a key identifier is null.
@ -2444,16 +2444,16 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1,
* *
* \return Non-zero if the key identifier is null, zero otherwise. * \return Non-zero if the key identifier is null, zero otherwise.
*/ */
static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
{ {
return( key == 0 ); return key == 0;
} }
#else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ #else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
#define MBEDTLS_SVC_KEY_ID_INIT ( (mbedtls_svc_key_id_t){ 0, 0 } ) #define MBEDTLS_SVC_KEY_ID_INIT ((mbedtls_svc_key_id_t){ 0, 0 })
#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( ( id ).MBEDTLS_PRIVATE(key_id) ) #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) ((id).MBEDTLS_PRIVATE(key_id))
#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( ( id ).MBEDTLS_PRIVATE(owner) ) #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) ((id).MBEDTLS_PRIVATE(owner))
/** Utility to initialize a key identifier at runtime. /** Utility to initialize a key identifier at runtime.
* *
@ -2461,10 +2461,10 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* \param key_id Identifier of the key. * \param key_id Identifier of the key.
*/ */
static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id ) mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id)
{ {
return( (mbedtls_svc_key_id_t){ .MBEDTLS_PRIVATE(key_id) = key_id, return (mbedtls_svc_key_id_t){ .MBEDTLS_PRIVATE(key_id) = key_id,
.MBEDTLS_PRIVATE(owner) = owner_id } ); .MBEDTLS_PRIVATE(owner) = owner_id };
} }
/** Compare two key identifiers. /** Compare two key identifiers.
@ -2474,11 +2474,11 @@ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
* *
* \return Non-zero if the two key identifier are equal, zero otherwise. * \return Non-zero if the two key identifier are equal, zero otherwise.
*/ */
static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1,
mbedtls_svc_key_id_t id2 ) mbedtls_svc_key_id_t id2)
{ {
return( ( id1.MBEDTLS_PRIVATE(key_id) == id2.MBEDTLS_PRIVATE(key_id) ) && return (id1.MBEDTLS_PRIVATE(key_id) == id2.MBEDTLS_PRIVATE(key_id)) &&
mbedtls_key_owner_id_equal( id1.MBEDTLS_PRIVATE(owner), id2.MBEDTLS_PRIVATE(owner) ) ); mbedtls_key_owner_id_equal(id1.MBEDTLS_PRIVATE(owner), id2.MBEDTLS_PRIVATE(owner));
} }
/** Check whether a key identifier is null. /** Check whether a key identifier is null.
@ -2487,9 +2487,9 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1,
* *
* \return Non-zero if the key identifier is null, zero otherwise. * \return Non-zero if the key identifier is null, zero otherwise.
*/ */
static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
{ {
return( key.MBEDTLS_PRIVATE(key_id) == 0 ); return key.MBEDTLS_PRIVATE(key_id) == 0;
} }
#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
@ -2516,7 +2516,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* The key may however be exportable in a wrapped form, i.e. in a form * The key may however be exportable in a wrapped form, i.e. in a form
* where it is encrypted by another key. * where it is encrypted by another key.
*/ */
#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t) 0x00000001)
/** Whether the key may be copied. /** Whether the key may be copied.
* *
@ -2532,7 +2532,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY
* is sufficient to permit the copy. * is sufficient to permit the copy.
*/ */
#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002) #define PSA_KEY_USAGE_COPY ((psa_key_usage_t) 0x00000002)
/** Whether the key may be used to encrypt a message. /** Whether the key may be used to encrypt a message.
* *
@ -2543,7 +2543,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the public key. * For a key pair, this concerns the public key.
*/ */
#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t) 0x00000100)
/** Whether the key may be used to decrypt a message. /** Whether the key may be used to decrypt a message.
* *
@ -2554,7 +2554,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the private key. * For a key pair, this concerns the private key.
*/ */
#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t) 0x00000200)
/** Whether the key may be used to sign a message. /** Whether the key may be used to sign a message.
* *
@ -2564,7 +2564,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the private key. * For a key pair, this concerns the private key.
*/ */
#define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t)0x00000400) #define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t) 0x00000400)
/** Whether the key may be used to verify a message. /** Whether the key may be used to verify a message.
* *
@ -2574,7 +2574,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the public key. * For a key pair, this concerns the public key.
*/ */
#define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t)0x00000800) #define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t) 0x00000800)
/** Whether the key may be used to sign a message. /** Whether the key may be used to sign a message.
* *
@ -2584,7 +2584,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the private key. * For a key pair, this concerns the private key.
*/ */
#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00001000) #define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t) 0x00001000)
/** Whether the key may be used to verify a message signature. /** Whether the key may be used to verify a message signature.
* *
@ -2594,7 +2594,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the public key. * For a key pair, this concerns the public key.
*/ */
#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00002000) #define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t) 0x00002000)
/** Whether the key may be used to derive other keys or produce a password /** Whether the key may be used to derive other keys or produce a password
* hash. * hash.
@ -2608,7 +2608,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* permits calling psa_key_derivation_output_bytes() or * permits calling psa_key_derivation_output_bytes() or
* psa_key_derivation_output_key() at the end of the operation. * psa_key_derivation_output_key() at the end of the operation.
*/ */
#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000) #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t) 0x00004000)
/** Whether the key may be used to verify the result of a key derivation, /** Whether the key may be used to verify the result of a key derivation,
* including password hashing. * including password hashing.
@ -2623,7 +2623,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* permits calling psa_key_derivation_verify_bytes() or * permits calling psa_key_derivation_verify_bytes() or
* psa_key_derivation_verify_key() at the end of the operation. * psa_key_derivation_verify_key() at the end of the operation.
*/ */
#define PSA_KEY_USAGE_VERIFY_DERIVATION ((psa_key_usage_t)0x00008000) #define PSA_KEY_USAGE_VERIFY_DERIVATION ((psa_key_usage_t) 0x00008000)
/**@}*/ /**@}*/
@ -2649,7 +2649,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* psa_key_derivation_verify_key(), but not * psa_key_derivation_verify_key(), but not
* psa_key_derivation_output_key(). * psa_key_derivation_output_key().
*/ */
#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) #define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101)
/** A low-entropy secret input for password hashing / key stretching. /** A low-entropy secret input for password hashing / key stretching.
* *
@ -2667,7 +2667,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* psa_key_derivation_verify_key(), but not * psa_key_derivation_verify_key(), but not
* psa_key_derivation_output_key(). * psa_key_derivation_output_key().
*/ */
#define PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t)0x0102) #define PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t) 0x0102)
/** A high-entropy additional secret input for key derivation. /** A high-entropy additional secret input for key derivation.
* *
@ -2677,14 +2677,14 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* a direct input passed to `psa_key_derivation_input_bytes()`. * a direct input passed to `psa_key_derivation_input_bytes()`.
*/ */
#define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET \ #define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET \
((psa_key_derivation_step_t)0x0103) ((psa_key_derivation_step_t) 0x0103)
/** A label for key derivation. /** A label for key derivation.
* *
* This should be a direct input. * This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/ */
#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) #define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201)
/** A salt for key derivation. /** A salt for key derivation.
* *
@ -2692,27 +2692,27 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA or * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA or
* #PSA_KEY_TYPE_PEPPER. * #PSA_KEY_TYPE_PEPPER.
*/ */
#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) #define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202)
/** An information string for key derivation. /** An information string for key derivation.
* *
* This should be a direct input. * This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/ */
#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) #define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203)
/** A seed for key derivation. /** A seed for key derivation.
* *
* This should be a direct input. * This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/ */
#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) #define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204)
/** A cost parameter for password hashing / key stretching. /** A cost parameter for password hashing / key stretching.
* *
* This must be a direct input, passed to psa_key_derivation_input_integer(). * This must be a direct input, passed to psa_key_derivation_input_integer().
*/ */
#define PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t)0x0205) #define PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t) 0x0205)
/**@}*/ /**@}*/

1421
library/aes.c
View File

File diff suppressed because it is too large Load Diff

94
library/aesni.c
View File

@ -28,7 +28,8 @@
#if defined(__has_feature) #if defined(__has_feature)
#if __has_feature(memory_sanitizer) #if __has_feature(memory_sanitizer)
#warning "MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code." #warning \
"MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code."
#endif #endif
#endif #endif
@ -47,22 +48,21 @@
/* /*
* AES-NI support detection routine * AES-NI support detection routine
*/ */
int mbedtls_aesni_has_support( unsigned int what ) int mbedtls_aesni_has_support(unsigned int what)
{ {
static int done = 0; static int done = 0;
static unsigned int c = 0; static unsigned int c = 0;
if( ! done ) if (!done) {
{ asm ("movl $1, %%eax \n\t"
asm( "movl $1, %%eax \n\t"
"cpuid \n\t" "cpuid \n\t"
: "=c" (c) : "=c" (c)
: :
: "eax", "ebx", "edx" ); : "eax", "ebx", "edx");
done = 1; done = 1;
} }
return( ( c & what ) != 0 ); return (c & what) != 0;
} }
/* /*
@ -94,12 +94,12 @@ int mbedtls_aesni_has_support( unsigned int what )
/* /*
* AES-NI AES-ECB block en(de)cryption * AES-NI AES-ECB block en(de)cryption
*/ */
int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16])
{ {
asm( "movdqu (%3), %%xmm0 \n\t" // load input asm ("movdqu (%3), %%xmm0 \n\t" // load input
"movdqu (%1), %%xmm1 \n\t" // load round key 0 "movdqu (%1), %%xmm1 \n\t" // load round key 0
"pxor %%xmm1, %%xmm0 \n\t" // round 0 "pxor %%xmm1, %%xmm0 \n\t" // round 0
"add $16, %1 \n\t" // point to next round key "add $16, %1 \n\t" // point to next round key
@ -130,31 +130,30 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
"movdqu %%xmm0, (%4) \n\t" // export output "movdqu %%xmm0, (%4) \n\t" // export output
: :
: "r" (ctx->nr), "r" (ctx->buf + ctx->rk_offset), "r" (mode), "r" (input), "r" (output) : "r" (ctx->nr), "r" (ctx->buf + ctx->rk_offset), "r" (mode), "r" (input), "r" (output)
: "memory", "cc", "xmm0", "xmm1" ); : "memory", "cc", "xmm0", "xmm1");
return( 0 ); return 0;
} }
/* /*
* GCM multiplication: c = a times b in GF(2^128) * GCM multiplication: c = a times b in GF(2^128)
* Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5. * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5.
*/ */
void mbedtls_aesni_gcm_mult( unsigned char c[16], void mbedtls_aesni_gcm_mult(unsigned char c[16],
const unsigned char a[16], const unsigned char a[16],
const unsigned char b[16] ) const unsigned char b[16])
{ {
unsigned char aa[16], bb[16], cc[16]; unsigned char aa[16], bb[16], cc[16];
size_t i; size_t i;
/* The inputs are in big-endian order, so byte-reverse them */ /* The inputs are in big-endian order, so byte-reverse them */
for( i = 0; i < 16; i++ ) for (i = 0; i < 16; i++) {
{
aa[i] = a[15 - i]; aa[i] = a[15 - i];
bb[i] = b[15 - i]; bb[i] = b[15 - i];
} }
asm( "movdqu (%0), %%xmm0 \n\t" // a1:a0 asm ("movdqu (%0), %%xmm0 \n\t" // a1:a0
"movdqu (%1), %%xmm1 \n\t" // b1:b0 "movdqu (%1), %%xmm1 \n\t" // b1:b0
/* /*
@ -239,11 +238,12 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
"movdqu %%xmm0, (%2) \n\t" // done "movdqu %%xmm0, (%2) \n\t" // done
: :
: "r" (aa), "r" (bb), "r" (cc) : "r" (aa), "r" (bb), "r" (cc)
: "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5" ); : "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5");
/* Now byte-reverse the outputs */ /* Now byte-reverse the outputs */
for( i = 0; i < 16; i++ ) for (i = 0; i < 16; i++) {
c[i] = cc[15 - i]; c[i] = cc[15 - i];
}
return; return;
} }
@ -251,32 +251,33 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
/* /*
* Compute decryption round keys from encryption round keys * Compute decryption round keys from encryption round keys
*/ */
void mbedtls_aesni_inverse_key( unsigned char *invkey, void mbedtls_aesni_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey, int nr ) const unsigned char *fwdkey, int nr)
{ {
unsigned char *ik = invkey; unsigned char *ik = invkey;
const unsigned char *fk = fwdkey + 16 * nr; const unsigned char *fk = fwdkey + 16 * nr;
memcpy( ik, fk, 16 ); memcpy(ik, fk, 16);
for( fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16 ) for (fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16) {
asm( "movdqu (%0), %%xmm0 \n\t" asm ("movdqu (%0), %%xmm0 \n\t"
AESIMC xmm0_xmm0 "\n\t" AESIMC xmm0_xmm0 "\n\t"
"movdqu %%xmm0, (%1) \n\t" "movdqu %%xmm0, (%1) \n\t"
: :
: "r" (fk), "r" (ik) : "r" (fk), "r" (ik)
: "memory", "xmm0" ); : "memory", "xmm0");
}
memcpy( ik, fk, 16 ); memcpy(ik, fk, 16);
} }
/* /*
* Key expansion, 128-bit case * Key expansion, 128-bit case
*/ */
static void aesni_setkey_enc_128( unsigned char *rk, static void aesni_setkey_enc_128(unsigned char *rk,
const unsigned char *key ) const unsigned char *key)
{ {
asm( "movdqu (%1), %%xmm0 \n\t" // copy the original key asm ("movdqu (%1), %%xmm0 \n\t" // copy the original key
"movdqu %%xmm0, (%0) \n\t" // as round key 0 "movdqu %%xmm0, (%0) \n\t" // as round key 0
"jmp 2f \n\t" // skip auxiliary routine "jmp 2f \n\t" // skip auxiliary routine
@ -317,16 +318,16 @@ static void aesni_setkey_enc_128( unsigned char *rk,
AESKEYGENA xmm0_xmm1 ",0x36 \n\tcall 1b \n\t" AESKEYGENA xmm0_xmm1 ",0x36 \n\tcall 1b \n\t"
: :
: "r" (rk), "r" (key) : "r" (rk), "r" (key)
: "memory", "cc", "0" ); : "memory", "cc", "0");
} }
/* /*
* Key expansion, 192-bit case * Key expansion, 192-bit case
*/ */
static void aesni_setkey_enc_192( unsigned char *rk, static void aesni_setkey_enc_192(unsigned char *rk,
const unsigned char *key ) const unsigned char *key)
{ {
asm( "movdqu (%1), %%xmm0 \n\t" // copy original round key asm ("movdqu (%1), %%xmm0 \n\t" // copy original round key
"movdqu %%xmm0, (%0) \n\t" "movdqu %%xmm0, (%0) \n\t"
"add $16, %0 \n\t" "add $16, %0 \n\t"
"movq 16(%1), %%xmm1 \n\t" "movq 16(%1), %%xmm1 \n\t"
@ -374,16 +375,16 @@ static void aesni_setkey_enc_192( unsigned char *rk,
: :
: "r" (rk), "r" (key) : "r" (rk), "r" (key)
: "memory", "cc", "0" ); : "memory", "cc", "0");
} }
/* /*
* Key expansion, 256-bit case * Key expansion, 256-bit case
*/ */
static void aesni_setkey_enc_256( unsigned char *rk, static void aesni_setkey_enc_256(unsigned char *rk,
const unsigned char *key ) const unsigned char *key)
{ {
asm( "movdqu (%1), %%xmm0 \n\t" asm ("movdqu (%1), %%xmm0 \n\t"
"movdqu %%xmm0, (%0) \n\t" "movdqu %%xmm0, (%0) \n\t"
"add $16, %0 \n\t" "add $16, %0 \n\t"
"movdqu 16(%1), %%xmm1 \n\t" "movdqu 16(%1), %%xmm1 \n\t"
@ -440,25 +441,24 @@ static void aesni_setkey_enc_256( unsigned char *rk,
AESKEYGENA xmm1_xmm2 ",0x40 \n\tcall 1b \n\t" AESKEYGENA xmm1_xmm2 ",0x40 \n\tcall 1b \n\t"
: :
: "r" (rk), "r" (key) : "r" (rk), "r" (key)
: "memory", "cc", "0" ); : "memory", "cc", "0");
} }
/* /*
* Key expansion, wrapper * Key expansion, wrapper
*/ */
int mbedtls_aesni_setkey_enc( unsigned char *rk, int mbedtls_aesni_setkey_enc(unsigned char *rk,
const unsigned char *key, const unsigned char *key,
size_t bits ) size_t bits)
{ {
switch( bits ) switch (bits) {
{ case 128: aesni_setkey_enc_128(rk, key); break;
case 128: aesni_setkey_enc_128( rk, key ); break; case 192: aesni_setkey_enc_192(rk, key); break;
case 192: aesni_setkey_enc_192( rk, key ); break; case 256: aesni_setkey_enc_256(rk, key); break;
case 256: aesni_setkey_enc_256( rk, key ); break; default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
} }
return( 0 ); return 0;
} }
#endif /* MBEDTLS_HAVE_X86_64 */ #endif /* MBEDTLS_HAVE_X86_64 */

22
library/aesni.h
View File

@ -33,8 +33,8 @@
#define MBEDTLS_AESNI_CLMUL 0x00000002u #define MBEDTLS_AESNI_CLMUL 0x00000002u
#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \ #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
( defined(__amd64__) || defined(__x86_64__) ) && \ (defined(__amd64__) || defined(__x86_64__)) && \
! defined(MBEDTLS_HAVE_X86_64) !defined(MBEDTLS_HAVE_X86_64)
#define MBEDTLS_HAVE_X86_64 #define MBEDTLS_HAVE_X86_64
#endif #endif
@ -55,7 +55,7 @@ extern "C" {
* *
* \return 1 if CPU has support for the feature, 0 otherwise * \return 1 if CPU has support for the feature, 0 otherwise
*/ */
int mbedtls_aesni_has_support( unsigned int what ); int mbedtls_aesni_has_support(unsigned int what);
/** /**
* \brief Internal AES-NI AES-ECB block encryption and decryption * \brief Internal AES-NI AES-ECB block encryption and decryption
@ -70,10 +70,10 @@ int mbedtls_aesni_has_support( unsigned int what );
* *
* \return 0 on success (cannot fail) * \return 0 on success (cannot fail)
*/ */
int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
/** /**
* \brief Internal GCM multiplication: c = a * b in GF(2^128) * \brief Internal GCM multiplication: c = a * b in GF(2^128)
@ -88,9 +88,9 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
* \note Both operands and result are bit strings interpreted as * \note Both operands and result are bit strings interpreted as
* elements of GF(2^128) as per the GCM spec. * elements of GF(2^128) as per the GCM spec.
*/ */
void mbedtls_aesni_gcm_mult( unsigned char c[16], void mbedtls_aesni_gcm_mult(unsigned char c[16],
const unsigned char a[16], const unsigned char a[16],
const unsigned char b[16] ); const unsigned char b[16]);
/** /**
* \brief Internal round key inversion. This function computes * \brief Internal round key inversion. This function computes
@ -103,9 +103,9 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
* \param fwdkey Original round keys (for encryption) * \param fwdkey Original round keys (for encryption)
* \param nr Number of rounds (that is, number of round keys minus one) * \param nr Number of rounds (that is, number of round keys minus one)
*/ */
void mbedtls_aesni_inverse_key( unsigned char *invkey, void mbedtls_aesni_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey, const unsigned char *fwdkey,
int nr ); int nr);
/** /**
* \brief Internal key expansion for encryption * \brief Internal key expansion for encryption
@ -119,9 +119,9 @@ void mbedtls_aesni_inverse_key( unsigned char *invkey,
* *
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/ */
int mbedtls_aesni_setkey_enc( unsigned char *rk, int mbedtls_aesni_setkey_enc(unsigned char *rk,
const unsigned char *key, const unsigned char *key,
size_t bits ); size_t bits);
#ifdef __cplusplus #ifdef __cplusplus
} }

217
library/alignment.h
View File

@ -36,10 +36,10 @@
* \param p pointer to 2 bytes of data * \param p pointer to 2 bytes of data
* \return Data at the given address * \return Data at the given address
*/ */
inline uint16_t mbedtls_get_unaligned_uint16( const void *p ) inline uint16_t mbedtls_get_unaligned_uint16(const void *p)
{ {
uint16_t r; uint16_t r;
memcpy( &r, p, sizeof( r ) ); memcpy(&r, p, sizeof(r));
return r; return r;
} }
@ -50,9 +50,9 @@ inline uint16_t mbedtls_get_unaligned_uint16( const void *p )
* \param p pointer to 2 bytes of data * \param p pointer to 2 bytes of data
* \param x data to write * \param x data to write
*/ */
inline void mbedtls_put_unaligned_uint16( void *p, uint16_t x ) inline void mbedtls_put_unaligned_uint16(void *p, uint16_t x)
{ {
memcpy( p, &x, sizeof( x ) ); memcpy(p, &x, sizeof(x));
} }
/** /**
@ -62,10 +62,10 @@ inline void mbedtls_put_unaligned_uint16( void *p, uint16_t x )
* \param p pointer to 4 bytes of data * \param p pointer to 4 bytes of data
* \return Data at the given address * \return Data at the given address
*/ */
inline uint32_t mbedtls_get_unaligned_uint32( const void *p ) inline uint32_t mbedtls_get_unaligned_uint32(const void *p)
{ {
uint32_t r; uint32_t r;
memcpy( &r, p, sizeof( r ) ); memcpy(&r, p, sizeof(r));
return r; return r;
} }
@ -76,9 +76,9 @@ inline uint32_t mbedtls_get_unaligned_uint32( const void *p )
* \param p pointer to 4 bytes of data * \param p pointer to 4 bytes of data
* \param x data to write * \param x data to write
*/ */
inline void mbedtls_put_unaligned_uint32( void *p, uint32_t x ) inline void mbedtls_put_unaligned_uint32(void *p, uint32_t x)
{ {
memcpy( p, &x, sizeof( x ) ); memcpy(p, &x, sizeof(x));
} }
/** /**
@ -88,10 +88,10 @@ inline void mbedtls_put_unaligned_uint32( void *p, uint32_t x )
* \param p pointer to 8 bytes of data * \param p pointer to 8 bytes of data
* \return Data at the given address * \return Data at the given address
*/ */
inline uint64_t mbedtls_get_unaligned_uint64( const void *p ) inline uint64_t mbedtls_get_unaligned_uint64(const void *p)
{ {
uint64_t r; uint64_t r;
memcpy( &r, p, sizeof( r ) ); memcpy(&r, p, sizeof(r));
return r; return r;
} }
@ -102,9 +102,9 @@ inline uint64_t mbedtls_get_unaligned_uint64( const void *p )
* \param p pointer to 8 bytes of data * \param p pointer to 8 bytes of data
* \param x data to write * \param x data to write
*/ */
inline void mbedtls_put_unaligned_uint64( void *p, uint64_t x ) inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x)
{ {
memcpy( p, &x, sizeof( x ) ); memcpy(p, &x, sizeof(x));
} }
/** Byte Reading Macros /** Byte Reading Macros
@ -112,23 +112,23 @@ inline void mbedtls_put_unaligned_uint64( void *p, uint64_t x )
* Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th
* byte from x, where byte 0 is the least significant byte. * byte from x, where byte 0 is the least significant byte.
*/ */
#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) #define MBEDTLS_BYTE_0(x) ((uint8_t) ((x) & 0xff))
#define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) #define MBEDTLS_BYTE_1(x) ((uint8_t) (((x) >> 8) & 0xff))
#define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define MBEDTLS_BYTE_2(x) ((uint8_t) (((x) >> 16) & 0xff))
#define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) #define MBEDTLS_BYTE_3(x) ((uint8_t) (((x) >> 24) & 0xff))
#define MBEDTLS_BYTE_4( x ) ( (uint8_t) ( ( ( x ) >> 32 ) & 0xff ) ) #define MBEDTLS_BYTE_4(x) ((uint8_t) (((x) >> 32) & 0xff))
#define MBEDTLS_BYTE_5( x ) ( (uint8_t) ( ( ( x ) >> 40 ) & 0xff ) ) #define MBEDTLS_BYTE_5(x) ((uint8_t) (((x) >> 40) & 0xff))
#define MBEDTLS_BYTE_6( x ) ( (uint8_t) ( ( ( x ) >> 48 ) & 0xff ) ) #define MBEDTLS_BYTE_6(x) ((uint8_t) (((x) >> 48) & 0xff))
#define MBEDTLS_BYTE_7( x ) ( (uint8_t) ( ( ( x ) >> 56 ) & 0xff ) ) #define MBEDTLS_BYTE_7(x) ((uint8_t) (((x) >> 56) & 0xff))
/* /*
* Detect GCC built-in byteswap routines * Detect GCC built-in byteswap routines
*/ */
#if defined(__GNUC__) && defined(__GNUC_PREREQ) #if defined(__GNUC__) && defined(__GNUC_PREREQ)
#if __GNUC_PREREQ(4,8) #if __GNUC_PREREQ(4, 8)
#define MBEDTLS_BSWAP16 __builtin_bswap16 #define MBEDTLS_BSWAP16 __builtin_bswap16
#endif /* __GNUC_PREREQ(4,8) */ #endif /* __GNUC_PREREQ(4,8) */
#if __GNUC_PREREQ(4,3) #if __GNUC_PREREQ(4, 3)
#define MBEDTLS_BSWAP32 __builtin_bswap32 #define MBEDTLS_BSWAP32 __builtin_bswap32
#define MBEDTLS_BSWAP64 __builtin_bswap64 #define MBEDTLS_BSWAP64 __builtin_bswap64
#endif /* __GNUC_PREREQ(4,3) */ #endif /* __GNUC_PREREQ(4,3) */
@ -169,36 +169,39 @@ inline void mbedtls_put_unaligned_uint64( void *p, uint64_t x )
* similar instruction. * similar instruction.
*/ */
#if !defined(MBEDTLS_BSWAP16) #if !defined(MBEDTLS_BSWAP16)
static inline uint16_t mbedtls_bswap16( uint16_t x ) { static inline uint16_t mbedtls_bswap16(uint16_t x)
{
return return
( x & 0x00ff ) << 8 | (x & 0x00ff) << 8 |
( x & 0xff00 ) >> 8; (x & 0xff00) >> 8;
} }
#define MBEDTLS_BSWAP16 mbedtls_bswap16 #define MBEDTLS_BSWAP16 mbedtls_bswap16
#endif /* !defined(MBEDTLS_BSWAP16) */ #endif /* !defined(MBEDTLS_BSWAP16) */
#if !defined(MBEDTLS_BSWAP32) #if !defined(MBEDTLS_BSWAP32)
static inline uint32_t mbedtls_bswap32( uint32_t x ) { static inline uint32_t mbedtls_bswap32(uint32_t x)
{
return return
( x & 0x000000ff ) << 24 | (x & 0x000000ff) << 24 |
( x & 0x0000ff00 ) << 8 | (x & 0x0000ff00) << 8 |
( x & 0x00ff0000 ) >> 8 | (x & 0x00ff0000) >> 8 |
( x & 0xff000000 ) >> 24; (x & 0xff000000) >> 24;
} }
#define MBEDTLS_BSWAP32 mbedtls_bswap32 #define MBEDTLS_BSWAP32 mbedtls_bswap32
#endif /* !defined(MBEDTLS_BSWAP32) */ #endif /* !defined(MBEDTLS_BSWAP32) */
#if !defined(MBEDTLS_BSWAP64) #if !defined(MBEDTLS_BSWAP64)
static inline uint64_t mbedtls_bswap64( uint64_t x ) { static inline uint64_t mbedtls_bswap64(uint64_t x)
{
return return
( x & 0x00000000000000ff ) << 56 | (x & 0x00000000000000ff) << 56 |
( x & 0x000000000000ff00 ) << 40 | (x & 0x000000000000ff00) << 40 |
( x & 0x0000000000ff0000 ) << 24 | (x & 0x0000000000ff0000) << 24 |
( x & 0x00000000ff000000 ) << 8 | (x & 0x00000000ff000000) << 8 |
( x & 0x000000ff00000000 ) >> 8 | (x & 0x000000ff00000000) >> 8 |
( x & 0x0000ff0000000000 ) >> 24 | (x & 0x0000ff0000000000) >> 24 |
( x & 0x00ff000000000000 ) >> 40 | (x & 0x00ff000000000000) >> 40 |
( x & 0xff00000000000000 ) >> 56; (x & 0xff00000000000000) >> 56;
} }
#define MBEDTLS_BSWAP64 mbedtls_bswap64 #define MBEDTLS_BSWAP64 mbedtls_bswap64
#endif /* !defined(MBEDTLS_BSWAP64) */ #endif /* !defined(MBEDTLS_BSWAP64) */
@ -219,8 +222,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the four bytes to build the 32 bits unsigned * byte of the four bytes to build the 32 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT32_BE( data, offset ) \ #define MBEDTLS_GET_UINT32_BE(data, offset) \
( ( MBEDTLS_IS_BIG_ENDIAN ) \ ((MBEDTLS_IS_BIG_ENDIAN) \
? mbedtls_get_unaligned_uint32((data) + (offset)) \ ? mbedtls_get_unaligned_uint32((data) + (offset)) \
: MBEDTLS_BSWAP32(mbedtls_get_unaligned_uint32((data) + (offset))) \ : MBEDTLS_BSWAP32(mbedtls_get_unaligned_uint32((data) + (offset))) \
) )
@ -234,17 +237,17 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the most significant * \param offset Offset from \p data where to put the most significant
* byte of the 32 bits unsigned integer \p n. * byte of the 32 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ #define MBEDTLS_PUT_UINT32_BE(n, data, offset) \
{ \
if ( MBEDTLS_IS_BIG_ENDIAN ) \
{ \ { \
mbedtls_put_unaligned_uint32((data) + (offset), (uint32_t)(n)); \ if (MBEDTLS_IS_BIG_ENDIAN) \
{ \
mbedtls_put_unaligned_uint32((data) + (offset), (uint32_t) (n)); \
} \ } \
else \ else \
{ \ { \
mbedtls_put_unaligned_uint32((data) + (offset), MBEDTLS_BSWAP32((uint32_t)(n))); \ mbedtls_put_unaligned_uint32((data) + (offset), MBEDTLS_BSWAP32((uint32_t) (n))); \
} \ } \
} }
/** /**
* Get the unsigned 32 bits integer corresponding to four bytes in * Get the unsigned 32 bits integer corresponding to four bytes in
@ -255,8 +258,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the four bytes to build the 32 bits unsigned * byte of the four bytes to build the 32 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT32_LE( data, offset ) \ #define MBEDTLS_GET_UINT32_LE(data, offset) \
( ( MBEDTLS_IS_BIG_ENDIAN ) \ ((MBEDTLS_IS_BIG_ENDIAN) \
? MBEDTLS_BSWAP32(mbedtls_get_unaligned_uint32((data) + (offset))) \ ? MBEDTLS_BSWAP32(mbedtls_get_unaligned_uint32((data) + (offset))) \
: mbedtls_get_unaligned_uint32((data) + (offset)) \ : mbedtls_get_unaligned_uint32((data) + (offset)) \
) )
@ -271,17 +274,17 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the least significant * \param offset Offset from \p data where to put the least significant
* byte of the 32 bits unsigned integer \p n. * byte of the 32 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ #define MBEDTLS_PUT_UINT32_LE(n, data, offset) \
{ \
if ( MBEDTLS_IS_BIG_ENDIAN ) \
{ \ { \
mbedtls_put_unaligned_uint32((data) + (offset), MBEDTLS_BSWAP32((uint32_t)(n))); \ if (MBEDTLS_IS_BIG_ENDIAN) \
{ \
mbedtls_put_unaligned_uint32((data) + (offset), MBEDTLS_BSWAP32((uint32_t) (n))); \
} \ } \
else \ else \
{ \ { \
mbedtls_put_unaligned_uint32((data) + (offset), ((uint32_t)(n))); \ mbedtls_put_unaligned_uint32((data) + (offset), ((uint32_t) (n))); \
} \ } \
} }
/** /**
* Get the unsigned 16 bits integer corresponding to two bytes in * Get the unsigned 16 bits integer corresponding to two bytes in
@ -292,8 +295,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the two bytes to build the 16 bits unsigned * byte of the two bytes to build the 16 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT16_LE( data, offset ) \ #define MBEDTLS_GET_UINT16_LE(data, offset) \
( ( MBEDTLS_IS_BIG_ENDIAN ) \ ((MBEDTLS_IS_BIG_ENDIAN) \
? MBEDTLS_BSWAP16(mbedtls_get_unaligned_uint16((data) + (offset))) \ ? MBEDTLS_BSWAP16(mbedtls_get_unaligned_uint16((data) + (offset))) \
: mbedtls_get_unaligned_uint16((data) + (offset)) \ : mbedtls_get_unaligned_uint16((data) + (offset)) \
) )
@ -307,17 +310,17 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the least significant * \param offset Offset from \p data where to put the least significant
* byte of the 16 bits unsigned integer \p n. * byte of the 16 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ #define MBEDTLS_PUT_UINT16_LE(n, data, offset) \
{ \
if ( MBEDTLS_IS_BIG_ENDIAN ) \
{ \ { \
mbedtls_put_unaligned_uint16((data) + (offset), MBEDTLS_BSWAP16((uint16_t)(n))); \ if (MBEDTLS_IS_BIG_ENDIAN) \
{ \
mbedtls_put_unaligned_uint16((data) + (offset), MBEDTLS_BSWAP16((uint16_t) (n))); \
} \ } \
else \ else \
{ \ { \
mbedtls_put_unaligned_uint16((data) + (offset), (uint16_t)(n)); \ mbedtls_put_unaligned_uint16((data) + (offset), (uint16_t) (n)); \
} \ } \
} }
/** /**
* Get the unsigned 16 bits integer corresponding to two bytes in * Get the unsigned 16 bits integer corresponding to two bytes in
@ -328,8 +331,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the two bytes to build the 16 bits unsigned * byte of the two bytes to build the 16 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT16_BE( data, offset ) \ #define MBEDTLS_GET_UINT16_BE(data, offset) \
( ( MBEDTLS_IS_BIG_ENDIAN ) \ ((MBEDTLS_IS_BIG_ENDIAN) \
? mbedtls_get_unaligned_uint16((data) + (offset)) \ ? mbedtls_get_unaligned_uint16((data) + (offset)) \
: MBEDTLS_BSWAP16(mbedtls_get_unaligned_uint16((data) + (offset))) \ : MBEDTLS_BSWAP16(mbedtls_get_unaligned_uint16((data) + (offset))) \
) )
@ -343,17 +346,17 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the most significant * \param offset Offset from \p data where to put the most significant
* byte of the 16 bits unsigned integer \p n. * byte of the 16 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ #define MBEDTLS_PUT_UINT16_BE(n, data, offset) \
{ \
if ( MBEDTLS_IS_BIG_ENDIAN ) \
{ \ { \
mbedtls_put_unaligned_uint16((data) + (offset), (uint16_t)(n)); \ if (MBEDTLS_IS_BIG_ENDIAN) \
{ \
mbedtls_put_unaligned_uint16((data) + (offset), (uint16_t) (n)); \
} \ } \
else \ else \
{ \ { \
mbedtls_put_unaligned_uint16((data) + (offset), MBEDTLS_BSWAP16((uint16_t)(n))); \ mbedtls_put_unaligned_uint16((data) + (offset), MBEDTLS_BSWAP16((uint16_t) (n))); \
} \ } \
} }
/** /**
* Get the unsigned 24 bits integer corresponding to three bytes in * Get the unsigned 24 bits integer corresponding to three bytes in
@ -364,11 +367,11 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the three bytes to build the 24 bits unsigned * byte of the three bytes to build the 24 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT24_BE( data , offset ) \ #define MBEDTLS_GET_UINT24_BE(data, offset) \
( \ ( \
( (uint32_t) ( data )[( offset ) ] << 16 ) \ ((uint32_t) (data)[(offset)] << 16) \
| ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ | ((uint32_t) (data)[(offset) + 1] << 8) \
| ( (uint32_t) ( data )[( offset ) + 2] ) \ | ((uint32_t) (data)[(offset) + 2]) \
) )
/** /**
@ -380,12 +383,12 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the most significant * \param offset Offset from \p data where to put the most significant
* byte of the 24 bits unsigned integer \p n. * byte of the 24 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT24_BE( n, data, offset ) \ #define MBEDTLS_PUT_UINT24_BE(n, data, offset) \
{ \ { \
( data )[( offset ) ] = MBEDTLS_BYTE_2( n ); \ (data)[(offset)] = MBEDTLS_BYTE_2(n); \
( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ (data)[(offset) + 1] = MBEDTLS_BYTE_1(n); \
( data )[( offset ) + 2] = MBEDTLS_BYTE_0( n ); \ (data)[(offset) + 2] = MBEDTLS_BYTE_0(n); \
} }
/** /**
* Get the unsigned 24 bits integer corresponding to three bytes in * Get the unsigned 24 bits integer corresponding to three bytes in
@ -396,11 +399,11 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the three bytes to build the 24 bits unsigned * byte of the three bytes to build the 24 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT24_LE( data, offset ) \ #define MBEDTLS_GET_UINT24_LE(data, offset) \
( \ ( \
( (uint32_t) ( data )[( offset ) ] ) \ ((uint32_t) (data)[(offset)]) \
| ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ | ((uint32_t) (data)[(offset) + 1] << 8) \
| ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ | ((uint32_t) (data)[(offset) + 2] << 16) \
) )
/** /**
@ -412,12 +415,12 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the least significant * \param offset Offset from \p data where to put the least significant
* byte of the 24 bits unsigned integer \p n. * byte of the 24 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT24_LE( n, data, offset ) \ #define MBEDTLS_PUT_UINT24_LE(n, data, offset) \
{ \ { \
( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ (data)[(offset)] = MBEDTLS_BYTE_0(n); \
( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ (data)[(offset) + 1] = MBEDTLS_BYTE_1(n); \
( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ (data)[(offset) + 2] = MBEDTLS_BYTE_2(n); \
} }
/** /**
* Get the unsigned 64 bits integer corresponding to eight bytes in * Get the unsigned 64 bits integer corresponding to eight bytes in
@ -428,8 +431,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the eight bytes to build the 64 bits unsigned * byte of the eight bytes to build the 64 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT64_BE( data, offset ) \ #define MBEDTLS_GET_UINT64_BE(data, offset) \
( ( MBEDTLS_IS_BIG_ENDIAN ) \ ((MBEDTLS_IS_BIG_ENDIAN) \
? mbedtls_get_unaligned_uint64((data) + (offset)) \ ? mbedtls_get_unaligned_uint64((data) + (offset)) \
: MBEDTLS_BSWAP64(mbedtls_get_unaligned_uint64((data) + (offset))) \ : MBEDTLS_BSWAP64(mbedtls_get_unaligned_uint64((data) + (offset))) \
) )
@ -443,17 +446,17 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the most significant * \param offset Offset from \p data where to put the most significant
* byte of the 64 bits unsigned integer \p n. * byte of the 64 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ #define MBEDTLS_PUT_UINT64_BE(n, data, offset) \
{ \
if ( MBEDTLS_IS_BIG_ENDIAN ) \
{ \ { \
mbedtls_put_unaligned_uint64((data) + (offset), (uint64_t)(n)); \ if (MBEDTLS_IS_BIG_ENDIAN) \
{ \
mbedtls_put_unaligned_uint64((data) + (offset), (uint64_t) (n)); \
} \ } \
else \ else \
{ \ { \
mbedtls_put_unaligned_uint64((data) + (offset), MBEDTLS_BSWAP64((uint64_t)(n))); \ mbedtls_put_unaligned_uint64((data) + (offset), MBEDTLS_BSWAP64((uint64_t) (n))); \
} \ } \
} }
/** /**
* Get the unsigned 64 bits integer corresponding to eight bytes in * Get the unsigned 64 bits integer corresponding to eight bytes in
@ -464,8 +467,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the eight bytes to build the 64 bits unsigned * byte of the eight bytes to build the 64 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT64_LE( data, offset ) \ #define MBEDTLS_GET_UINT64_LE(data, offset) \
( ( MBEDTLS_IS_BIG_ENDIAN ) \ ((MBEDTLS_IS_BIG_ENDIAN) \
? MBEDTLS_BSWAP64(mbedtls_get_unaligned_uint64((data) + (offset))) \ ? MBEDTLS_BSWAP64(mbedtls_get_unaligned_uint64((data) + (offset))) \
: mbedtls_get_unaligned_uint64((data) + (offset)) \ : mbedtls_get_unaligned_uint64((data) + (offset)) \
) )
@ -479,16 +482,16 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the least significant * \param offset Offset from \p data where to put the least significant
* byte of the 64 bits unsigned integer \p n. * byte of the 64 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ #define MBEDTLS_PUT_UINT64_LE(n, data, offset) \
{ \
if ( MBEDTLS_IS_BIG_ENDIAN ) \
{ \ { \
mbedtls_put_unaligned_uint64((data) + (offset), MBEDTLS_BSWAP64((uint64_t)(n))); \ if (MBEDTLS_IS_BIG_ENDIAN) \
{ \
mbedtls_put_unaligned_uint64((data) + (offset), MBEDTLS_BSWAP64((uint64_t) (n))); \
} \ } \
else \ else \
{ \ { \
mbedtls_put_unaligned_uint64((data) + (offset), (uint64_t)(n)); \ mbedtls_put_unaligned_uint64((data) + (offset), (uint64_t) (n)); \
} \ } \
} }
#endif /* MBEDTLS_LIBRARY_ALIGNMENT_H */ #endif /* MBEDTLS_LIBRARY_ALIGNMENT_H */

610
library/aria.c
View File

@ -38,10 +38,10 @@
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
/* Parameter validation macros */ /* Parameter validation macros */
#define ARIA_VALIDATE_RET( cond ) \ #define ARIA_VALIDATE_RET(cond) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ) MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA)
#define ARIA_VALIDATE( cond ) \ #define ARIA_VALIDATE(cond) \
MBEDTLS_INTERNAL_VALIDATE( cond ) MBEDTLS_INTERNAL_VALIDATE(cond)
/* /*
* modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes * modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes
@ -55,30 +55,30 @@
#if defined(__arm__) /* rev16 available from v6 up */ #if defined(__arm__) /* rev16 available from v6 up */
/* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */ /* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
#if defined(__GNUC__) && \ #if defined(__GNUC__) && \
( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) && \ (!defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000) && \
__ARM_ARCH >= 6 __ARM_ARCH >= 6
static inline uint32_t aria_p1( uint32_t x ) static inline uint32_t aria_p1(uint32_t x)
{ {
uint32_t r; uint32_t r;
__asm( "rev16 %0, %1" : "=l" (r) : "l" (x) ); __asm("rev16 %0, %1" : "=l" (r) : "l" (x));
return( r ); return r;
} }
#define ARIA_P1 aria_p1 #define ARIA_P1 aria_p1
#elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \ #elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \
( __TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3 ) (__TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3)
static inline uint32_t aria_p1( uint32_t x ) static inline uint32_t aria_p1(uint32_t x)
{ {
uint32_t r; uint32_t r;
__asm( "rev16 r, x" ); __asm("rev16 r, x");
return( r ); return r;
} }
#define ARIA_P1 aria_p1 #define ARIA_P1 aria_p1
#endif #endif
#endif /* arm */ #endif /* arm */
#if defined(__GNUC__) && \ #if defined(__GNUC__) && \
defined(__i386__) || defined(__amd64__) || defined( __x86_64__) defined(__i386__) || defined(__amd64__) || defined(__x86_64__)
/* I couldn't find an Intel equivalent of rev16, so two instructions */ /* I couldn't find an Intel equivalent of rev16, so two instructions */
#define ARIA_P1(x) ARIA_P2( ARIA_P3( x ) ) #define ARIA_P1(x) ARIA_P2(ARIA_P3(x))
#endif /* x86 gnuc */ #endif /* x86 gnuc */
#endif /* MBEDTLS_HAVE_ASM && GNUC */ #endif /* MBEDTLS_HAVE_ASM && GNUC */
#if !defined(ARIA_P1) #if !defined(ARIA_P1)
@ -124,28 +124,28 @@ static inline uint32_t aria_p1( uint32_t x )
* half of App. B.1 in [1] in terms of 4-byte operators P1, P2, P3 and P4. * half of App. B.1 in [1] in terms of 4-byte operators P1, P2, P3 and P4.
* The implementation below uses only P1 and P2 as they are sufficient. * The implementation below uses only P1 and P2 as they are sufficient.
*/ */
static inline void aria_a( uint32_t *a, uint32_t *b, static inline void aria_a(uint32_t *a, uint32_t *b,
uint32_t *c, uint32_t *d ) uint32_t *c, uint32_t *d)
{ {
uint32_t ta, tb, tc; uint32_t ta, tb, tc;
ta = *b; // 4567 ta = *b; // 4567
*b = *a; // 0123 *b = *a; // 0123
*a = ARIA_P2( ta ); // 6745 *a = ARIA_P2(ta); // 6745
tb = ARIA_P2( *d ); // efcd tb = ARIA_P2(*d); // efcd
*d = ARIA_P1( *c ); // 98ba *d = ARIA_P1(*c); // 98ba
*c = ARIA_P1( tb ); // fedc *c = ARIA_P1(tb); // fedc
ta ^= *d; // 4567+98ba ta ^= *d; // 4567+98ba
tc = ARIA_P2( *b ); // 2301 tc = ARIA_P2(*b); // 2301
ta = ARIA_P1( ta ) ^ tc ^ *c; // 2301+5476+89ab+fedc ta = ARIA_P1(ta) ^ tc ^ *c; // 2301+5476+89ab+fedc
tb ^= ARIA_P2( *d ); // ba98+efcd tb ^= ARIA_P2(*d); // ba98+efcd
tc ^= ARIA_P1( *a ); // 2301+7654 tc ^= ARIA_P1(*a); // 2301+7654
*b ^= ta ^ tb; // 0123+2301+5476+89ab+ba98+efcd+fedc OUT *b ^= ta ^ tb; // 0123+2301+5476+89ab+ba98+efcd+fedc OUT
tb = ARIA_P2( tb ) ^ ta; // 2301+5476+89ab+98ba+cdef+fedc tb = ARIA_P2(tb) ^ ta; // 2301+5476+89ab+98ba+cdef+fedc
*a ^= ARIA_P1( tb ); // 3210+4567+6745+89ab+98ba+dcfe+efcd OUT *a ^= ARIA_P1(tb); // 3210+4567+6745+89ab+98ba+dcfe+efcd OUT
ta = ARIA_P2( ta ); // 0123+7654+ab89+dcfe ta = ARIA_P2(ta); // 0123+7654+ab89+dcfe
*d ^= ARIA_P1( ta ) ^ tc; // 1032+2301+6745+7654+98ba+ba98+cdef OUT *d ^= ARIA_P1(ta) ^ tc; // 1032+2301+6745+7654+98ba+ba98+cdef OUT
tc = ARIA_P2( tc ); // 0123+5476 tc = ARIA_P2(tc); // 0123+5476
*c ^= ARIA_P1( tc ) ^ ta; // 0123+1032+4567+7654+ab89+dcfe+fedc OUT *c ^= ARIA_P1(tc) ^ ta; // 0123+1032+4567+7654+ab89+dcfe+fedc OUT
} }
/* /*
@ -156,27 +156,27 @@ static inline void aria_a( uint32_t *a, uint32_t *b,
* By passing sb1, sb2, is1, is2 as S-Boxes you get SL1 * By passing sb1, sb2, is1, is2 as S-Boxes you get SL1
* By passing is1, is2, sb1, sb2 as S-Boxes you get SL2 * By passing is1, is2, sb1, sb2 as S-Boxes you get SL2
*/ */
static inline void aria_sl( uint32_t *a, uint32_t *b, static inline void aria_sl(uint32_t *a, uint32_t *b,
uint32_t *c, uint32_t *d, uint32_t *c, uint32_t *d,
const uint8_t sa[256], const uint8_t sb[256], const uint8_t sa[256], const uint8_t sb[256],
const uint8_t sc[256], const uint8_t sd[256] ) const uint8_t sc[256], const uint8_t sd[256])
{ {
*a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ] ) ^ *a = ((uint32_t) sa[MBEDTLS_BYTE_0(*a)]) ^
(((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) << 8) ^ (((uint32_t) sb[MBEDTLS_BYTE_1(*a)]) << 8) ^
(((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^ (((uint32_t) sc[MBEDTLS_BYTE_2(*a)]) << 16) ^
(((uint32_t) sd[ MBEDTLS_BYTE_3( *a ) ]) << 24); (((uint32_t) sd[MBEDTLS_BYTE_3(*a)]) << 24);
*b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ] ) ^ *b = ((uint32_t) sa[MBEDTLS_BYTE_0(*b)]) ^
(((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) << 8) ^ (((uint32_t) sb[MBEDTLS_BYTE_1(*b)]) << 8) ^
(((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^ (((uint32_t) sc[MBEDTLS_BYTE_2(*b)]) << 16) ^
(((uint32_t) sd[ MBEDTLS_BYTE_3( *b ) ]) << 24); (((uint32_t) sd[MBEDTLS_BYTE_3(*b)]) << 24);
*c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ] ) ^ *c = ((uint32_t) sa[MBEDTLS_BYTE_0(*c)]) ^
(((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) << 8) ^ (((uint32_t) sb[MBEDTLS_BYTE_1(*c)]) << 8) ^
(((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^ (((uint32_t) sc[MBEDTLS_BYTE_2(*c)]) << 16) ^
(((uint32_t) sd[ MBEDTLS_BYTE_3( *c ) ]) << 24); (((uint32_t) sd[MBEDTLS_BYTE_3(*c)]) << 24);
*d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ] ) ^ *d = ((uint32_t) sa[MBEDTLS_BYTE_0(*d)]) ^
(((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) << 8) ^ (((uint32_t) sb[MBEDTLS_BYTE_1(*d)]) << 8) ^
(((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^ (((uint32_t) sc[MBEDTLS_BYTE_2(*d)]) << 16) ^
(((uint32_t) sd[ MBEDTLS_BYTE_3( *d ) ]) << 24); (((uint32_t) sd[MBEDTLS_BYTE_3(*d)]) << 24);
} }
/* /*
@ -289,8 +289,8 @@ static const uint8_t aria_is2[256] =
/* /*
* Helper for key schedule: r = FO( p, k ) ^ x * Helper for key schedule: r = FO( p, k ) ^ x
*/ */
static void aria_fo_xor( uint32_t r[4], const uint32_t p[4], static void aria_fo_xor(uint32_t r[4], const uint32_t p[4],
const uint32_t k[4], const uint32_t x[4] ) const uint32_t k[4], const uint32_t x[4])
{ {
uint32_t a, b, c, d; uint32_t a, b, c, d;
@ -299,8 +299,8 @@ static void aria_fo_xor( uint32_t r[4], const uint32_t p[4],
c = p[2] ^ k[2]; c = p[2] ^ k[2];
d = p[3] ^ k[3]; d = p[3] ^ k[3];
aria_sl( &a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2 ); aria_sl(&a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2);
aria_a( &a, &b, &c, &d ); aria_a(&a, &b, &c, &d);
r[0] = a ^ x[0]; r[0] = a ^ x[0];
r[1] = b ^ x[1]; r[1] = b ^ x[1];
@ -311,8 +311,8 @@ static void aria_fo_xor( uint32_t r[4], const uint32_t p[4],
/* /*
* Helper for key schedule: r = FE( p, k ) ^ x * Helper for key schedule: r = FE( p, k ) ^ x
*/ */
static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], static void aria_fe_xor(uint32_t r[4], const uint32_t p[4],
const uint32_t k[4], const uint32_t x[4] ) const uint32_t k[4], const uint32_t x[4])
{ {
uint32_t a, b, c, d; uint32_t a, b, c, d;
@ -321,8 +321,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4],
c = p[2] ^ k[2]; c = p[2] ^ k[2];
d = p[3] ^ k[3]; d = p[3] ^ k[3];
aria_sl( &a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2 ); aria_sl(&a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2);
aria_a( &a, &b, &c, &d ); aria_a(&a, &b, &c, &d);
r[0] = a ^ x[0]; r[0] = a ^ x[0];
r[1] = b ^ x[1]; r[1] = b ^ x[1];
@ -337,8 +337,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4],
* MBEDTLS_GET_UINT32_LE / MBEDTLS_PUT_UINT32_LE ) so we need to reverse * MBEDTLS_GET_UINT32_LE / MBEDTLS_PUT_UINT32_LE ) so we need to reverse
* bytes here. * bytes here.
*/ */
static void aria_rot128( uint32_t r[4], const uint32_t a[4], static void aria_rot128(uint32_t r[4], const uint32_t a[4],
const uint32_t b[4], uint8_t n ) const uint32_t b[4], uint8_t n)
{ {
uint8_t i, j; uint8_t i, j;
uint32_t t, u; uint32_t t, u;
@ -346,15 +346,14 @@ static void aria_rot128( uint32_t r[4], const uint32_t a[4],
const uint8_t n1 = n % 32; // bit offset const uint8_t n1 = n % 32; // bit offset
const uint8_t n2 = n1 ? 32 - n1 : 0; // reverse bit offset const uint8_t n2 = n1 ? 32 - n1 : 0; // reverse bit offset
j = ( n / 32 ) % 4; // initial word offset j = (n / 32) % 4; // initial word offset
t = ARIA_P3( b[j] ); // big endian t = ARIA_P3(b[j]); // big endian
for( i = 0; i < 4; i++ ) for (i = 0; i < 4; i++) {
{ j = (j + 1) % 4; // get next word, big endian
j = ( j + 1 ) % 4; // get next word, big endian u = ARIA_P3(b[j]);
u = ARIA_P3( b[j] );
t <<= n1; // rotate t <<= n1; // rotate
t |= u >> n2; t |= u >> n2;
t = ARIA_P3( t ); // back to little endian t = ARIA_P3(t); // back to little endian
r[i] = a[i] ^ t; // store r[i] = a[i] ^ t; // store
t = u; // move to next word t = u; // move to next word
} }
@ -363,8 +362,8 @@ static void aria_rot128( uint32_t r[4], const uint32_t a[4],
/* /*
* Set encryption key * Set encryption key
*/ */
int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx,
const unsigned char *key, unsigned int keybits ) const unsigned char *key, unsigned int keybits)
{ {
/* round constant masks */ /* round constant masks */
const uint32_t rc[3][4] = const uint32_t rc[3][4] =
@ -376,74 +375,71 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
int i; int i;
uint32_t w[4][4], *w2; uint32_t w[4][4], *w2;
ARIA_VALIDATE_RET( ctx != NULL ); ARIA_VALIDATE_RET(ctx != NULL);
ARIA_VALIDATE_RET( key != NULL ); ARIA_VALIDATE_RET(key != NULL);
if( keybits != 128 && keybits != 192 && keybits != 256 ) if (keybits != 128 && keybits != 192 && keybits != 256) {
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA;
}
/* Copy key to W0 (and potential remainder to W1) */ /* Copy key to W0 (and potential remainder to W1) */
w[0][0] = MBEDTLS_GET_UINT32_LE( key, 0 ); w[0][0] = MBEDTLS_GET_UINT32_LE(key, 0);
w[0][1] = MBEDTLS_GET_UINT32_LE( key, 4 ); w[0][1] = MBEDTLS_GET_UINT32_LE(key, 4);
w[0][2] = MBEDTLS_GET_UINT32_LE( key, 8 ); w[0][2] = MBEDTLS_GET_UINT32_LE(key, 8);
w[0][3] = MBEDTLS_GET_UINT32_LE( key, 12 ); w[0][3] = MBEDTLS_GET_UINT32_LE(key, 12);
memset( w[1], 0, 16 ); memset(w[1], 0, 16);
if( keybits >= 192 ) if (keybits >= 192) {
{ w[1][0] = MBEDTLS_GET_UINT32_LE(key, 16); // 192 bit key
w[1][0] = MBEDTLS_GET_UINT32_LE( key, 16 ); // 192 bit key w[1][1] = MBEDTLS_GET_UINT32_LE(key, 20);
w[1][1] = MBEDTLS_GET_UINT32_LE( key, 20 );
} }
if( keybits == 256 ) if (keybits == 256) {
{ w[1][2] = MBEDTLS_GET_UINT32_LE(key, 24); // 256 bit key
w[1][2] = MBEDTLS_GET_UINT32_LE( key, 24 ); // 256 bit key w[1][3] = MBEDTLS_GET_UINT32_LE(key, 28);
w[1][3] = MBEDTLS_GET_UINT32_LE( key, 28 );
} }
i = ( keybits - 128 ) >> 6; // index: 0, 1, 2 i = (keybits - 128) >> 6; // index: 0, 1, 2
ctx->nr = 12 + 2 * i; // no. rounds: 12, 14, 16 ctx->nr = 12 + 2 * i; // no. rounds: 12, 14, 16
aria_fo_xor( w[1], w[0], rc[i], w[1] ); // W1 = FO(W0, CK1) ^ KR aria_fo_xor(w[1], w[0], rc[i], w[1]); // W1 = FO(W0, CK1) ^ KR
i = i < 2 ? i + 1 : 0; i = i < 2 ? i + 1 : 0;
aria_fe_xor( w[2], w[1], rc[i], w[0] ); // W2 = FE(W1, CK2) ^ W0 aria_fe_xor(w[2], w[1], rc[i], w[0]); // W2 = FE(W1, CK2) ^ W0
i = i < 2 ? i + 1 : 0; i = i < 2 ? i + 1 : 0;
aria_fo_xor( w[3], w[2], rc[i], w[1] ); // W3 = FO(W2, CK3) ^ W1 aria_fo_xor(w[3], w[2], rc[i], w[1]); // W3 = FO(W2, CK3) ^ W1
for( i = 0; i < 4; i++ ) // create round keys for (i = 0; i < 4; i++) { // create round keys
{
w2 = w[(i + 1) & 3]; w2 = w[(i + 1) & 3];
aria_rot128( ctx->rk[i ], w[i], w2, 128 - 19 ); aria_rot128(ctx->rk[i], w[i], w2, 128 - 19);
aria_rot128( ctx->rk[i + 4], w[i], w2, 128 - 31 ); aria_rot128(ctx->rk[i + 4], w[i], w2, 128 - 31);
aria_rot128( ctx->rk[i + 8], w[i], w2, 61 ); aria_rot128(ctx->rk[i + 8], w[i], w2, 61);
aria_rot128( ctx->rk[i + 12], w[i], w2, 31 ); aria_rot128(ctx->rk[i + 12], w[i], w2, 31);
} }
aria_rot128( ctx->rk[16], w[0], w[1], 19 ); aria_rot128(ctx->rk[16], w[0], w[1], 19);
/* w holds enough info to reconstruct the round keys */ /* w holds enough info to reconstruct the round keys */
mbedtls_platform_zeroize( w, sizeof( w ) ); mbedtls_platform_zeroize(w, sizeof(w));
return( 0 ); return 0;
} }
/* /*
* Set decryption key * Set decryption key
*/ */
int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
const unsigned char *key, unsigned int keybits ) const unsigned char *key, unsigned int keybits)
{ {
int i, j, k, ret; int i, j, k, ret;
ARIA_VALIDATE_RET( ctx != NULL ); ARIA_VALIDATE_RET(ctx != NULL);
ARIA_VALIDATE_RET( key != NULL ); ARIA_VALIDATE_RET(key != NULL);
ret = mbedtls_aria_setkey_enc( ctx, key, keybits ); ret = mbedtls_aria_setkey_enc(ctx, key, keybits);
if( ret != 0 ) if (ret != 0) {
return( ret ); return ret;
}
/* flip the order of round keys */ /* flip the order of round keys */
for( i = 0, j = ctx->nr; i < j; i++, j-- ) for (i = 0, j = ctx->nr; i < j; i++, j--) {
{ for (k = 0; k < 4; k++) {
for( k = 0; k < 4; k++ )
{
uint32_t t = ctx->rk[i][k]; uint32_t t = ctx->rk[i][k];
ctx->rk[i][k] = ctx->rk[j][k]; ctx->rk[i][k] = ctx->rk[j][k];
ctx->rk[j][k] = t; ctx->rk[j][k] = t;
@ -451,45 +447,43 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
} }
/* apply affine transform to middle keys */ /* apply affine transform to middle keys */
for( i = 1; i < ctx->nr; i++ ) for (i = 1; i < ctx->nr; i++) {
{ aria_a(&ctx->rk[i][0], &ctx->rk[i][1],
aria_a( &ctx->rk[i][0], &ctx->rk[i][1], &ctx->rk[i][2], &ctx->rk[i][3]);
&ctx->rk[i][2], &ctx->rk[i][3] );
} }
return( 0 ); return 0;
} }
/* /*
* Encrypt a block * Encrypt a block
*/ */
int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx,
const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] ) unsigned char output[MBEDTLS_ARIA_BLOCKSIZE])
{ {
int i; int i;
uint32_t a, b, c, d; uint32_t a, b, c, d;
ARIA_VALIDATE_RET( ctx != NULL ); ARIA_VALIDATE_RET(ctx != NULL);
ARIA_VALIDATE_RET( input != NULL ); ARIA_VALIDATE_RET(input != NULL);
ARIA_VALIDATE_RET( output != NULL ); ARIA_VALIDATE_RET(output != NULL);
a = MBEDTLS_GET_UINT32_LE( input, 0 ); a = MBEDTLS_GET_UINT32_LE(input, 0);
b = MBEDTLS_GET_UINT32_LE( input, 4 ); b = MBEDTLS_GET_UINT32_LE(input, 4);
c = MBEDTLS_GET_UINT32_LE( input, 8 ); c = MBEDTLS_GET_UINT32_LE(input, 8);
d = MBEDTLS_GET_UINT32_LE( input, 12 ); d = MBEDTLS_GET_UINT32_LE(input, 12);
i = 0; i = 0;
while( 1 ) while (1) {
{
a ^= ctx->rk[i][0]; a ^= ctx->rk[i][0];
b ^= ctx->rk[i][1]; b ^= ctx->rk[i][1];
c ^= ctx->rk[i][2]; c ^= ctx->rk[i][2];
d ^= ctx->rk[i][3]; d ^= ctx->rk[i][3];
i++; i++;
aria_sl( &a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2 ); aria_sl(&a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2);
aria_a( &a, &b, &c, &d ); aria_a(&a, &b, &c, &d);
a ^= ctx->rk[i][0]; a ^= ctx->rk[i][0];
b ^= ctx->rk[i][1]; b ^= ctx->rk[i][1];
@ -497,10 +491,11 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
d ^= ctx->rk[i][3]; d ^= ctx->rk[i][3];
i++; i++;
aria_sl( &a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2 ); aria_sl(&a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2);
if( i >= ctx->nr ) if (i >= ctx->nr) {
break; break;
aria_a( &a, &b, &c, &d ); }
aria_a(&a, &b, &c, &d);
} }
/* final key mixing */ /* final key mixing */
@ -509,77 +504,74 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
c ^= ctx->rk[i][2]; c ^= ctx->rk[i][2];
d ^= ctx->rk[i][3]; d ^= ctx->rk[i][3];
MBEDTLS_PUT_UINT32_LE( a, output, 0 ); MBEDTLS_PUT_UINT32_LE(a, output, 0);
MBEDTLS_PUT_UINT32_LE( b, output, 4 ); MBEDTLS_PUT_UINT32_LE(b, output, 4);
MBEDTLS_PUT_UINT32_LE( c, output, 8 ); MBEDTLS_PUT_UINT32_LE(c, output, 8);
MBEDTLS_PUT_UINT32_LE( d, output, 12 ); MBEDTLS_PUT_UINT32_LE(d, output, 12);
return( 0 ); return 0;
} }
/* Initialize context */ /* Initialize context */
void mbedtls_aria_init( mbedtls_aria_context *ctx ) void mbedtls_aria_init(mbedtls_aria_context *ctx)
{ {
ARIA_VALIDATE( ctx != NULL ); ARIA_VALIDATE(ctx != NULL);
memset( ctx, 0, sizeof( mbedtls_aria_context ) ); memset(ctx, 0, sizeof(mbedtls_aria_context));
} }
/* Clear context */ /* Clear context */
void mbedtls_aria_free( mbedtls_aria_context *ctx ) void mbedtls_aria_free(mbedtls_aria_context *ctx)
{ {
if( ctx == NULL ) if (ctx == NULL) {
return; return;
}
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aria_context ) ); mbedtls_platform_zeroize(ctx, sizeof(mbedtls_aria_context));
} }
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/* /*
* ARIA-CBC buffer encryption/decryption * ARIA-CBC buffer encryption/decryption
*/ */
int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE]; unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE];
ARIA_VALIDATE_RET( ctx != NULL ); ARIA_VALIDATE_RET(ctx != NULL);
ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT || ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT ||
mode == MBEDTLS_ARIA_DECRYPT ); mode == MBEDTLS_ARIA_DECRYPT);
ARIA_VALIDATE_RET( length == 0 || input != NULL ); ARIA_VALIDATE_RET(length == 0 || input != NULL);
ARIA_VALIDATE_RET( length == 0 || output != NULL ); ARIA_VALIDATE_RET(length == 0 || output != NULL);
ARIA_VALIDATE_RET( iv != NULL ); ARIA_VALIDATE_RET(iv != NULL);
if( length % MBEDTLS_ARIA_BLOCKSIZE ) if (length % MBEDTLS_ARIA_BLOCKSIZE) {
return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH ); return MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH;
}
if( mode == MBEDTLS_ARIA_DECRYPT ) if (mode == MBEDTLS_ARIA_DECRYPT) {
{ while (length > 0) {
while( length > 0 ) memcpy(temp, input, MBEDTLS_ARIA_BLOCKSIZE);
{ mbedtls_aria_crypt_ecb(ctx, input, output);
memcpy( temp, input, MBEDTLS_ARIA_BLOCKSIZE );
mbedtls_aria_crypt_ecb( ctx, input, output );
mbedtls_xor( output, output, iv, MBEDTLS_ARIA_BLOCKSIZE ); mbedtls_xor(output, output, iv, MBEDTLS_ARIA_BLOCKSIZE);
memcpy( iv, temp, MBEDTLS_ARIA_BLOCKSIZE ); memcpy(iv, temp, MBEDTLS_ARIA_BLOCKSIZE);
input += MBEDTLS_ARIA_BLOCKSIZE; input += MBEDTLS_ARIA_BLOCKSIZE;
output += MBEDTLS_ARIA_BLOCKSIZE; output += MBEDTLS_ARIA_BLOCKSIZE;
length -= MBEDTLS_ARIA_BLOCKSIZE; length -= MBEDTLS_ARIA_BLOCKSIZE;
} }
} } else {
else while (length > 0) {
{ mbedtls_xor(output, input, iv, MBEDTLS_ARIA_BLOCKSIZE);
while( length > 0 )
{
mbedtls_xor( output, input, iv, MBEDTLS_ARIA_BLOCKSIZE );
mbedtls_aria_crypt_ecb( ctx, output, output ); mbedtls_aria_crypt_ecb(ctx, output, output);
memcpy( iv, output, MBEDTLS_ARIA_BLOCKSIZE ); memcpy(iv, output, MBEDTLS_ARIA_BLOCKSIZE);
input += MBEDTLS_ARIA_BLOCKSIZE; input += MBEDTLS_ARIA_BLOCKSIZE;
output += MBEDTLS_ARIA_BLOCKSIZE; output += MBEDTLS_ARIA_BLOCKSIZE;
@ -587,7 +579,7 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
} }
} }
return( 0 ); return 0;
} }
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
@ -595,63 +587,61 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
/* /*
* ARIA-CFB128 buffer encryption/decryption * ARIA-CFB128 buffer encryption/decryption
*/ */
int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
unsigned char c; unsigned char c;
size_t n; size_t n;
ARIA_VALIDATE_RET( ctx != NULL ); ARIA_VALIDATE_RET(ctx != NULL);
ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT || ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT ||
mode == MBEDTLS_ARIA_DECRYPT ); mode == MBEDTLS_ARIA_DECRYPT);
ARIA_VALIDATE_RET( length == 0 || input != NULL ); ARIA_VALIDATE_RET(length == 0 || input != NULL);
ARIA_VALIDATE_RET( length == 0 || output != NULL ); ARIA_VALIDATE_RET(length == 0 || output != NULL);
ARIA_VALIDATE_RET( iv != NULL ); ARIA_VALIDATE_RET(iv != NULL);
ARIA_VALIDATE_RET( iv_off != NULL ); ARIA_VALIDATE_RET(iv_off != NULL);
n = *iv_off; n = *iv_off;
/* An overly large value of n can lead to an unlimited /* An overly large value of n can lead to an unlimited
* buffer overflow. Therefore, guard against this * buffer overflow. Therefore, guard against this
* outside of parameter validation. */ * outside of parameter validation. */
if( n >= MBEDTLS_ARIA_BLOCKSIZE ) if (n >= MBEDTLS_ARIA_BLOCKSIZE) {
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA;
}
if( mode == MBEDTLS_ARIA_DECRYPT ) if (mode == MBEDTLS_ARIA_DECRYPT) {
{ while (length--) {
while( length-- ) if (n == 0) {
{ mbedtls_aria_crypt_ecb(ctx, iv, iv);
if( n == 0 ) }
mbedtls_aria_crypt_ecb( ctx, iv, iv );
c = *input++; c = *input++;
*output++ = c ^ iv[n]; *output++ = c ^ iv[n];
iv[n] = c; iv[n] = c;
n = ( n + 1 ) & 0x0F; n = (n + 1) & 0x0F;
} }
} else {
while (length--) {
if (n == 0) {
mbedtls_aria_crypt_ecb(ctx, iv, iv);
} }
else
{
while( length-- )
{
if( n == 0 )
mbedtls_aria_crypt_ecb( ctx, iv, iv );
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++);
n = ( n + 1 ) & 0x0F; n = (n + 1) & 0x0F;
} }
} }
*iv_off = n; *iv_off = n;
return( 0 ); return 0;
} }
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
@ -659,50 +649,52 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
/* /*
* ARIA-CTR buffer encryption/decryption * ARIA-CTR buffer encryption/decryption
*/ */
int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE], unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE], unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
int c, i; int c, i;
size_t n; size_t n;
ARIA_VALIDATE_RET( ctx != NULL ); ARIA_VALIDATE_RET(ctx != NULL);
ARIA_VALIDATE_RET( length == 0 || input != NULL ); ARIA_VALIDATE_RET(length == 0 || input != NULL);
ARIA_VALIDATE_RET( length == 0 || output != NULL ); ARIA_VALIDATE_RET(length == 0 || output != NULL);
ARIA_VALIDATE_RET( nonce_counter != NULL ); ARIA_VALIDATE_RET(nonce_counter != NULL);
ARIA_VALIDATE_RET( stream_block != NULL ); ARIA_VALIDATE_RET(stream_block != NULL);
ARIA_VALIDATE_RET( nc_off != NULL ); ARIA_VALIDATE_RET(nc_off != NULL);
n = *nc_off; n = *nc_off;
/* An overly large value of n can lead to an unlimited /* An overly large value of n can lead to an unlimited
* buffer overflow. Therefore, guard against this * buffer overflow. Therefore, guard against this
* outside of parameter validation. */ * outside of parameter validation. */
if( n >= MBEDTLS_ARIA_BLOCKSIZE ) if (n >= MBEDTLS_ARIA_BLOCKSIZE) {
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA;
}
while( length-- ) while (length--) {
{ if (n == 0) {
if( n == 0 ) { mbedtls_aria_crypt_ecb(ctx, nonce_counter,
mbedtls_aria_crypt_ecb( ctx, nonce_counter, stream_block);
stream_block );
for( i = MBEDTLS_ARIA_BLOCKSIZE; i > 0; i-- ) for (i = MBEDTLS_ARIA_BLOCKSIZE; i > 0; i--) {
if( ++nonce_counter[i - 1] != 0 ) if (++nonce_counter[i - 1] != 0) {
break; break;
} }
}
}
c = *input++; c = *input++;
*output++ = (unsigned char)( c ^ stream_block[n] ); *output++ = (unsigned char) (c ^ stream_block[n]);
n = ( n + 1 ) & 0x0F; n = (n + 1) & 0x0F;
} }
*nc_off = n; *nc_off = n;
return( 0 ); return 0;
} }
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#endif /* !MBEDTLS_ARIA_ALT */ #endif /* !MBEDTLS_ARIA_ALT */
@ -841,22 +833,22 @@ static const uint8_t aria_test2_ctr_ct[3][48] = // CTR ciphertext
}; };
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#define ARIA_SELF_TEST_ASSERT( cond ) \ #define ARIA_SELF_TEST_ASSERT(cond) \
do { \ do { \
if( cond ) { \ if (cond) { \
if( verbose ) \ if (verbose) \
mbedtls_printf( "failed\n" ); \ mbedtls_printf("failed\n"); \
goto exit; \ goto exit; \
} else { \ } else { \
if( verbose ) \ if (verbose) \
mbedtls_printf( "passed\n" ); \ mbedtls_printf("passed\n"); \
} \ } \
} while( 0 ) } while (0)
/* /*
* Checkup routine * Checkup routine
*/ */
int mbedtls_aria_self_test( int verbose ) int mbedtls_aria_self_test(int verbose)
{ {
int i; int i;
uint8_t blk[MBEDTLS_ARIA_BLOCKSIZE]; uint8_t blk[MBEDTLS_ARIA_BLOCKSIZE];
@ -873,129 +865,137 @@ int mbedtls_aria_self_test( int verbose )
uint8_t buf[48], iv[MBEDTLS_ARIA_BLOCKSIZE]; uint8_t buf[48], iv[MBEDTLS_ARIA_BLOCKSIZE];
#endif #endif
mbedtls_aria_init( &ctx ); mbedtls_aria_init(&ctx);
/* /*
* Test set 1 * Test set 1
*/ */
for( i = 0; i < 3; i++ ) for (i = 0; i < 3; i++) {
{
/* test ECB encryption */ /* test ECB encryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-ECB-%d (enc): ", 128 + 64 * i ); mbedtls_printf(" ARIA-ECB-%d (enc): ", 128 + 64 * i);
mbedtls_aria_setkey_enc( &ctx, aria_test1_ecb_key, 128 + 64 * i ); }
mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_pt, blk ); mbedtls_aria_setkey_enc(&ctx, aria_test1_ecb_key, 128 + 64 * i);
mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_pt, blk);
ARIA_SELF_TEST_ASSERT( ARIA_SELF_TEST_ASSERT(
memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE ) memcmp(blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE)
!= 0 ); != 0);
/* test ECB decryption */ /* test ECB decryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-ECB-%d (dec): ", 128 + 64 * i ); mbedtls_printf(" ARIA-ECB-%d (dec): ", 128 + 64 * i);
mbedtls_aria_setkey_dec( &ctx, aria_test1_ecb_key, 128 + 64 * i ); }
mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_ct[i], blk ); mbedtls_aria_setkey_dec(&ctx, aria_test1_ecb_key, 128 + 64 * i);
ARIA_SELF_TEST_ASSERT( mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_ct[i], blk);
memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE ) ARIA_SELF_TEST_ASSERT(
!= 0 ); memcmp(blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE)
!= 0);
}
if (verbose) {
mbedtls_printf("\n");
} }
if( verbose )
mbedtls_printf( "\n" );
/* /*
* Test set 2 * Test set 2
*/ */
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
for( i = 0; i < 3; i++ ) for (i = 0; i < 3; i++) {
{
/* Test CBC encryption */ /* Test CBC encryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-CBC-%d (enc): ", 128 + 64 * i ); mbedtls_printf(" ARIA-CBC-%d (enc): ", 128 + 64 * i);
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); }
memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
memset( buf, 0x55, sizeof( buf ) ); memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv, memset(buf, 0x55, sizeof(buf));
aria_test2_pt, buf ); mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv,
ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_cbc_ct[i], 48 ) aria_test2_pt, buf);
!= 0 ); ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_cbc_ct[i], 48)
!= 0);
/* Test CBC decryption */ /* Test CBC decryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-CBC-%d (dec): ", 128 + 64 * i ); mbedtls_printf(" ARIA-CBC-%d (dec): ", 128 + 64 * i);
mbedtls_aria_setkey_dec( &ctx, aria_test2_key, 128 + 64 * i ); }
memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); mbedtls_aria_setkey_dec(&ctx, aria_test2_key, 128 + 64 * i);
memset( buf, 0xAA, sizeof( buf ) ); memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, 48, iv, memset(buf, 0xAA, sizeof(buf));
aria_test2_cbc_ct[i], buf ); mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_DECRYPT, 48, iv,
ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 ); aria_test2_cbc_ct[i], buf);
ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0);
}
if (verbose) {
mbedtls_printf("\n");
} }
if( verbose )
mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
for( i = 0; i < 3; i++ ) for (i = 0; i < 3; i++) {
{
/* Test CFB encryption */ /* Test CFB encryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-CFB-%d (enc): ", 128 + 64 * i ); mbedtls_printf(" ARIA-CFB-%d (enc): ", 128 + 64 * i);
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); }
memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
memset( buf, 0x55, sizeof( buf ) ); memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
memset(buf, 0x55, sizeof(buf));
j = 0; j = 0;
mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv, mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv,
aria_test2_pt, buf ); aria_test2_pt, buf);
ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_cfb_ct[i], 48 ) != 0 ); ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_cfb_ct[i], 48) != 0);
/* Test CFB decryption */ /* Test CFB decryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-CFB-%d (dec): ", 128 + 64 * i ); mbedtls_printf(" ARIA-CFB-%d (dec): ", 128 + 64 * i);
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); }
memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
memset( buf, 0xAA, sizeof( buf ) ); memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
j = 0; memset(buf, 0xAA, sizeof(buf));
mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, 48, &j, j = 0;
iv, aria_test2_cfb_ct[i], buf ); mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_DECRYPT, 48, &j,
ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 ); iv, aria_test2_cfb_ct[i], buf);
ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0);
}
if (verbose) {
mbedtls_printf("\n");
} }
if( verbose )
mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
for( i = 0; i < 3; i++ ) for (i = 0; i < 3; i++) {
{
/* Test CTR encryption */ /* Test CTR encryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-CTR-%d (enc): ", 128 + 64 * i ); mbedtls_printf(" ARIA-CTR-%d (enc): ", 128 + 64 * i);
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); }
memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
memset( buf, 0x55, sizeof( buf ) ); memset(iv, 0, MBEDTLS_ARIA_BLOCKSIZE); // IV = 0
memset(buf, 0x55, sizeof(buf));
j = 0; j = 0;
mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk, mbedtls_aria_crypt_ctr(&ctx, 48, &j, iv, blk,
aria_test2_pt, buf ); aria_test2_pt, buf);
ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_ctr_ct[i], 48 ) != 0 ); ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_ctr_ct[i], 48) != 0);
/* Test CTR decryption */ /* Test CTR decryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-CTR-%d (dec): ", 128 + 64 * i ); mbedtls_printf(" ARIA-CTR-%d (dec): ", 128 + 64 * i);
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); }
memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
memset( buf, 0xAA, sizeof( buf ) ); memset(iv, 0, MBEDTLS_ARIA_BLOCKSIZE); // IV = 0
j = 0; memset(buf, 0xAA, sizeof(buf));
mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk, j = 0;
aria_test2_ctr_ct[i], buf ); mbedtls_aria_crypt_ctr(&ctx, 48, &j, iv, blk,
ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 ); aria_test2_ctr_ct[i], buf);
ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0);
}
if (verbose) {
mbedtls_printf("\n");
} }
if( verbose )
mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
ret = 0; ret = 0;
exit: exit:
mbedtls_aria_free( &ctx ); mbedtls_aria_free(&ctx);
return( ret ); return ret;
} }
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

386
library/asn1parse.c
View File

@ -36,203 +36,219 @@
/* /*
* ASN.1 DER decoding routines * ASN.1 DER decoding routines
*/ */
int mbedtls_asn1_get_len( unsigned char **p, int mbedtls_asn1_get_len(unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len ) size_t *len)
{ {
if( ( end - *p ) < 1 ) if ((end - *p) < 1) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
if( ( **p & 0x80 ) == 0 ) if ((**p & 0x80) == 0) {
*len = *(*p)++; *len = *(*p)++;
else } else {
{ switch (**p & 0x7F) {
switch( **p & 0x7F )
{
case 1: case 1:
if( ( end - *p ) < 2 ) if ((end - *p) < 2) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
*len = (*p)[1]; *len = (*p)[1];
(*p) += 2; (*p) += 2;
break; break;
case 2: case 2:
if( ( end - *p ) < 3 ) if ((end - *p) < 3) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
*len = ( (size_t)(*p)[1] << 8 ) | (*p)[2]; *len = ((size_t) (*p)[1] << 8) | (*p)[2];
(*p) += 3; (*p) += 3;
break; break;
case 3: case 3:
if( ( end - *p ) < 4 ) if ((end - *p) < 4) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
*len = ( (size_t)(*p)[1] << 16 ) | *len = ((size_t) (*p)[1] << 16) |
( (size_t)(*p)[2] << 8 ) | (*p)[3]; ((size_t) (*p)[2] << 8) | (*p)[3];
(*p) += 4; (*p) += 4;
break; break;
case 4: case 4:
if( ( end - *p ) < 5 ) if ((end - *p) < 5) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
*len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) | *len = ((size_t) (*p)[1] << 24) | ((size_t) (*p)[2] << 16) |
( (size_t)(*p)[3] << 8 ) | (*p)[4]; ((size_t) (*p)[3] << 8) | (*p)[4];
(*p) += 5; (*p) += 5;
break; break;
default: default:
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
} }
} }
if( *len > (size_t) ( end - *p ) ) if (*len > (size_t) (end - *p)) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
return( 0 ); return 0;
} }
int mbedtls_asn1_get_tag( unsigned char **p, int mbedtls_asn1_get_tag(unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len, int tag ) size_t *len, int tag)
{ {
if( ( end - *p ) < 1 ) if ((end - *p) < 1) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
if( **p != tag ) if (**p != tag) {
return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG;
}
(*p)++; (*p)++;
return( mbedtls_asn1_get_len( p, end, len ) ); return mbedtls_asn1_get_len(p, end, len);
} }
int mbedtls_asn1_get_bool( unsigned char **p, int mbedtls_asn1_get_bool(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ) int *val)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len; size_t len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 ) if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_BOOLEAN)) != 0) {
return( ret ); return ret;
}
if( len != 1 ) if (len != 1) {
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
}
*val = ( **p != 0 ) ? 1 : 0; *val = (**p != 0) ? 1 : 0;
(*p)++; (*p)++;
return( 0 ); return 0;
} }
static int asn1_get_tagged_int( unsigned char **p, static int asn1_get_tagged_int(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int tag, int *val ) int tag, int *val)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len; size_t len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, tag ) ) != 0 ) if ((ret = mbedtls_asn1_get_tag(p, end, &len, tag)) != 0) {
return( ret ); return ret;
}
/* /*
* len==0 is malformed (0 must be represented as 020100 for INTEGER, * len==0 is malformed (0 must be represented as 020100 for INTEGER,
* or 0A0100 for ENUMERATED tags * or 0A0100 for ENUMERATED tags
*/ */
if( len == 0 ) if (len == 0) {
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
}
/* This is a cryptography library. Reject negative integers. */ /* This is a cryptography library. Reject negative integers. */
if( ( **p & 0x80 ) != 0 ) if ((**p & 0x80) != 0) {
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
}
/* Skip leading zeros. */ /* Skip leading zeros. */
while( len > 0 && **p == 0 ) while (len > 0 && **p == 0) {
{ ++(*p);
++( *p );
--len; --len;
} }
/* Reject integers that don't fit in an int. This code assumes that /* Reject integers that don't fit in an int. This code assumes that
* the int type has no padding bit. */ * the int type has no padding bit. */
if( len > sizeof( int ) ) if (len > sizeof(int)) {
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
if( len == sizeof( int ) && ( **p & 0x80 ) != 0 ) }
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); if (len == sizeof(int) && (**p & 0x80) != 0) {
return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
}
*val = 0; *val = 0;
while( len-- > 0 ) while (len-- > 0) {
{ *val = (*val << 8) | **p;
*val = ( *val << 8 ) | **p;
(*p)++; (*p)++;
} }
return( 0 ); return 0;
} }
int mbedtls_asn1_get_int( unsigned char **p, int mbedtls_asn1_get_int(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ) int *val)
{ {
return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_INTEGER, val) ); return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_INTEGER, val);
} }
int mbedtls_asn1_get_enum( unsigned char **p, int mbedtls_asn1_get_enum(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ) int *val)
{ {
return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_ENUMERATED, val) ); return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_ENUMERATED, val);
} }
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
int mbedtls_asn1_get_mpi( unsigned char **p, int mbedtls_asn1_get_mpi(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_mpi *X ) mbedtls_mpi *X)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len; size_t len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) {
return( ret ); return ret;
}
ret = mbedtls_mpi_read_binary( X, *p, len ); ret = mbedtls_mpi_read_binary(X, *p, len);
*p += len; *p += len;
return( ret ); return ret;
} }
#endif /* MBEDTLS_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end,
mbedtls_asn1_bitstring *bs) mbedtls_asn1_bitstring *bs)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* Certificate type is a single byte bitstring */ /* Certificate type is a single byte bitstring */
if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) if ((ret = mbedtls_asn1_get_tag(p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING)) != 0) {
return( ret ); return ret;
}
/* Check length, subtract one for actual bit string length */ /* Check length, subtract one for actual bit string length */
if( bs->len < 1 ) if (bs->len < 1) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
bs->len -= 1; bs->len -= 1;
/* Get number of unused bits, ensure unused bits <= 7 */ /* Get number of unused bits, ensure unused bits <= 7 */
bs->unused_bits = **p; bs->unused_bits = **p;
if( bs->unused_bits > 7 ) if (bs->unused_bits > 7) {
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
}
(*p)++; (*p)++;
/* Get actual bitstring */ /* Get actual bitstring */
bs->p = *p; bs->p = *p;
*p += bs->len; *p += bs->len;
if( *p != end ) if (*p != end) {
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
}
return( 0 ); return 0;
} }
/* /*
@ -244,104 +260,105 @@ int mbedtls_asn1_traverse_sequence_of(
const unsigned char *end, const unsigned char *end,
unsigned char tag_must_mask, unsigned char tag_must_val, unsigned char tag_must_mask, unsigned char tag_must_val,
unsigned char tag_may_mask, unsigned char tag_may_val, unsigned char tag_may_mask, unsigned char tag_may_val,
int (*cb)( void *ctx, int tag, int (*cb)(void *ctx, int tag,
unsigned char *start, size_t len ), unsigned char *start, size_t len),
void *ctx ) void *ctx)
{ {
int ret; int ret;
size_t len; size_t len;
/* Get main sequence tag */ /* Get main sequence tag */
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, if ((ret = mbedtls_asn1_get_tag(p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
{ return ret;
return( ret );
} }
if( *p + len != end ) if (*p + len != end) {
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
}
while( *p < end ) while (*p < end) {
{
unsigned char const tag = *(*p)++; unsigned char const tag = *(*p)++;
if( ( tag & tag_must_mask ) != tag_must_val ) if ((tag & tag_must_mask) != tag_must_val) {
return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG;
}
if( ( ret = mbedtls_asn1_get_len( p, end, &len ) ) != 0 ) if ((ret = mbedtls_asn1_get_len(p, end, &len)) != 0) {
return( ret ); return ret;
}
if( ( tag & tag_may_mask ) == tag_may_val ) if ((tag & tag_may_mask) == tag_may_val) {
{ if (cb != NULL) {
if( cb != NULL ) ret = cb(ctx, tag, *p, len);
{ if (ret != 0) {
ret = cb( ctx, tag, *p, len ); return ret;
if( ret != 0 ) }
return( ret );
} }
} }
*p += len; *p += len;
} }
return( 0 ); return 0;
} }
/* /*
* Get a bit string without unused bits * Get a bit string without unused bits
*/ */
int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, int mbedtls_asn1_get_bitstring_null(unsigned char **p, const unsigned char *end,
size_t *len ) size_t *len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) if ((ret = mbedtls_asn1_get_tag(p, end, len, MBEDTLS_ASN1_BIT_STRING)) != 0) {
return( ret ); return ret;
}
if( *len == 0 ) if (*len == 0) {
return( MBEDTLS_ERR_ASN1_INVALID_DATA ); return MBEDTLS_ERR_ASN1_INVALID_DATA;
--( *len ); }
--(*len);
if( **p != 0 ) if (**p != 0) {
return( MBEDTLS_ERR_ASN1_INVALID_DATA ); return MBEDTLS_ERR_ASN1_INVALID_DATA;
++( *p ); }
++(*p);
return( 0 ); return 0;
} }
void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ) void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq)
{ {
while( seq != NULL ) while (seq != NULL) {
{
mbedtls_asn1_sequence *next = seq->next; mbedtls_asn1_sequence *next = seq->next;
mbedtls_free( seq ); mbedtls_free(seq);
seq = next; seq = next;
} }
} }
typedef struct typedef struct {
{
int tag; int tag;
mbedtls_asn1_sequence *cur; mbedtls_asn1_sequence *cur;
} asn1_get_sequence_of_cb_ctx_t; } asn1_get_sequence_of_cb_ctx_t;
static int asn1_get_sequence_of_cb( void *ctx, static int asn1_get_sequence_of_cb(void *ctx,
int tag, int tag,
unsigned char *start, unsigned char *start,
size_t len ) size_t len)
{ {
asn1_get_sequence_of_cb_ctx_t *cb_ctx = asn1_get_sequence_of_cb_ctx_t *cb_ctx =
(asn1_get_sequence_of_cb_ctx_t *) ctx; (asn1_get_sequence_of_cb_ctx_t *) ctx;
mbedtls_asn1_sequence *cur = mbedtls_asn1_sequence *cur =
cb_ctx->cur; cb_ctx->cur;
if( cur->buf.p != NULL ) if (cur->buf.p != NULL) {
{
cur->next = cur->next =
mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence));
if( cur->next == NULL ) if (cur->next == NULL) {
return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); return MBEDTLS_ERR_ASN1_ALLOC_FAILED;
}
cur = cur->next; cur = cur->next;
} }
@ -351,136 +368,139 @@ static int asn1_get_sequence_of_cb( void *ctx,
cur->buf.tag = tag; cur->buf.tag = tag;
cb_ctx->cur = cur; cb_ctx->cur = cur;
return( 0 ); return 0;
} }
/* /*
* Parses and splits an ASN.1 "SEQUENCE OF <tag>" * Parses and splits an ASN.1 "SEQUENCE OF <tag>"
*/ */
int mbedtls_asn1_get_sequence_of( unsigned char **p, int mbedtls_asn1_get_sequence_of(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_asn1_sequence *cur, mbedtls_asn1_sequence *cur,
int tag) int tag)
{ {
asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur }; asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur };
memset( cur, 0, sizeof( mbedtls_asn1_sequence ) ); memset(cur, 0, sizeof(mbedtls_asn1_sequence));
return( mbedtls_asn1_traverse_sequence_of( return mbedtls_asn1_traverse_sequence_of(
p, end, 0xFF, tag, 0, 0, p, end, 0xFF, tag, 0, 0,
asn1_get_sequence_of_cb, &cb_ctx ) ); asn1_get_sequence_of_cb, &cb_ctx);
} }
int mbedtls_asn1_get_alg( unsigned char **p, int mbedtls_asn1_get_alg(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ) mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len; size_t len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, if ((ret = mbedtls_asn1_get_tag(p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
return( ret ); return ret;
}
if( ( end - *p ) < 1 ) if ((end - *p) < 1) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
alg->tag = **p; alg->tag = **p;
end = *p + len; end = *p + len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &alg->len, MBEDTLS_ASN1_OID ) ) != 0 ) if ((ret = mbedtls_asn1_get_tag(p, end, &alg->len, MBEDTLS_ASN1_OID)) != 0) {
return( ret ); return ret;
}
alg->p = *p; alg->p = *p;
*p += alg->len; *p += alg->len;
if( *p == end ) if (*p == end) {
{ mbedtls_platform_zeroize(params, sizeof(mbedtls_asn1_buf));
mbedtls_platform_zeroize( params, sizeof(mbedtls_asn1_buf) ); return 0;
return( 0 );
} }
params->tag = **p; params->tag = **p;
(*p)++; (*p)++;
if( ( ret = mbedtls_asn1_get_len( p, end, &params->len ) ) != 0 ) if ((ret = mbedtls_asn1_get_len(p, end, &params->len)) != 0) {
return( ret ); return ret;
}
params->p = *p; params->p = *p;
*p += params->len; *p += params->len;
if( *p != end ) if (*p != end) {
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
}
return( 0 ); return 0;
} }
int mbedtls_asn1_get_alg_null( unsigned char **p, int mbedtls_asn1_get_alg_null(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_asn1_buf *alg ) mbedtls_asn1_buf *alg)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_asn1_buf params; mbedtls_asn1_buf params;
memset( &params, 0, sizeof(mbedtls_asn1_buf) ); memset(&params, 0, sizeof(mbedtls_asn1_buf));
if( ( ret = mbedtls_asn1_get_alg( p, end, alg, &params ) ) != 0 ) if ((ret = mbedtls_asn1_get_alg(p, end, alg, &params)) != 0) {
return( ret ); return ret;
}
if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 ) if ((params.tag != MBEDTLS_ASN1_NULL && params.tag != 0) || params.len != 0) {
return( MBEDTLS_ERR_ASN1_INVALID_DATA ); return MBEDTLS_ERR_ASN1_INVALID_DATA;
}
return( 0 ); return 0;
} }
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur ) void mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *cur)
{ {
if( cur == NULL ) if (cur == NULL) {
return; return;
}
mbedtls_free( cur->oid.p ); mbedtls_free(cur->oid.p);
mbedtls_free( cur->val.p ); mbedtls_free(cur->val.p);
mbedtls_platform_zeroize( cur, sizeof( mbedtls_asn1_named_data ) ); mbedtls_platform_zeroize(cur, sizeof(mbedtls_asn1_named_data));
} }
#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ) void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head)
{ {
mbedtls_asn1_named_data *cur; mbedtls_asn1_named_data *cur;
while( ( cur = *head ) != NULL ) while ((cur = *head) != NULL) {
{
*head = cur->next; *head = cur->next;
mbedtls_free( cur->oid.p ); mbedtls_free(cur->oid.p);
mbedtls_free( cur->val.p ); mbedtls_free(cur->val.p);
mbedtls_free( cur ); mbedtls_free(cur);
} }
} }
void mbedtls_asn1_free_named_data_list_shallow( mbedtls_asn1_named_data *name ) void mbedtls_asn1_free_named_data_list_shallow(mbedtls_asn1_named_data *name)
{ {
for( mbedtls_asn1_named_data *next; name != NULL; name = next ) for (mbedtls_asn1_named_data *next; name != NULL; name = next) {
{
next = name->next; next = name->next;
mbedtls_free( name ); mbedtls_free(name);
} }
} }
const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( const mbedtls_asn1_named_data *list, const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(const mbedtls_asn1_named_data *list,
const char *oid, size_t len ) const char *oid, size_t len)
{ {
while( list != NULL ) while (list != NULL) {
{ if (list->oid.len == len &&
if( list->oid.len == len && memcmp(list->oid.p, oid, len) == 0) {
memcmp( list->oid.p, oid, len ) == 0 )
{
break; break;
} }
list = list->next; list = list->next;
} }
return( list ); return list;
} }
#endif /* MBEDTLS_ASN1_PARSE_C */ #endif /* MBEDTLS_ASN1_PARSE_C */

406
library/asn1write.c
View File

@ -28,363 +28,372 @@
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_t len ) int mbedtls_asn1_write_len(unsigned char **p, const unsigned char *start, size_t len)
{ {
if( len < 0x80 ) if (len < 0x80) {
{ if (*p - start < 1) {
if( *p - start < 1 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (unsigned char) len;
return( 1 );
} }
if( len <= 0xFF ) *--(*p) = (unsigned char) len;
{ return 1;
if( *p - start < 2 ) }
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
if (len <= 0xFF) {
if (*p - start < 2) {
return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
}
*--(*p) = (unsigned char) len; *--(*p) = (unsigned char) len;
*--(*p) = 0x81; *--(*p) = 0x81;
return( 2 ); return 2;
} }
if( len <= 0xFFFF ) if (len <= 0xFFFF) {
{ if (*p - start < 3) {
if( *p - start < 3 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
*--(*p) = MBEDTLS_BYTE_0( len ); *--(*p) = MBEDTLS_BYTE_0(len);
*--(*p) = MBEDTLS_BYTE_1( len ); *--(*p) = MBEDTLS_BYTE_1(len);
*--(*p) = 0x82; *--(*p) = 0x82;
return( 3 ); return 3;
} }
if( len <= 0xFFFFFF ) if (len <= 0xFFFFFF) {
{ if (*p - start < 4) {
if( *p - start < 4 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
*--(*p) = MBEDTLS_BYTE_0( len ); *--(*p) = MBEDTLS_BYTE_0(len);
*--(*p) = MBEDTLS_BYTE_1( len ); *--(*p) = MBEDTLS_BYTE_1(len);
*--(*p) = MBEDTLS_BYTE_2( len ); *--(*p) = MBEDTLS_BYTE_2(len);
*--(*p) = 0x83; *--(*p) = 0x83;
return( 4 ); return 4;
} }
int len_is_valid = 1; int len_is_valid = 1;
#if SIZE_MAX > 0xFFFFFFFF #if SIZE_MAX > 0xFFFFFFFF
len_is_valid = ( len <= 0xFFFFFFFF ); len_is_valid = (len <= 0xFFFFFFFF);
#endif #endif
if( len_is_valid ) if (len_is_valid) {
{ if (*p - start < 5) {
if( *p - start < 5 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = MBEDTLS_BYTE_0( len );
*--(*p) = MBEDTLS_BYTE_1( len );
*--(*p) = MBEDTLS_BYTE_2( len );
*--(*p) = MBEDTLS_BYTE_3( len );
*--(*p) = 0x84;
return( 5 );
} }
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); *--(*p) = MBEDTLS_BYTE_0(len);
*--(*p) = MBEDTLS_BYTE_1(len);
*--(*p) = MBEDTLS_BYTE_2(len);
*--(*p) = MBEDTLS_BYTE_3(len);
*--(*p) = 0x84;
return 5;
}
return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
} }
int mbedtls_asn1_write_tag( unsigned char **p, const unsigned char *start, unsigned char tag ) int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start, unsigned char tag)
{ {
if( *p - start < 1 ) if (*p - start < 1) {
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
}
*--(*p) = tag; *--(*p) = tag;
return( 1 ); return 1;
} }
int mbedtls_asn1_write_raw_buffer( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_raw_buffer(unsigned char **p, const unsigned char *start,
const unsigned char *buf, size_t size ) const unsigned char *buf, size_t size)
{ {
size_t len = 0; size_t len = 0;
if( *p < start || (size_t)( *p - start ) < size ) if (*p < start || (size_t) (*p - start) < size) {
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
}
len = size; len = size;
(*p) -= len; (*p) -= len;
memcpy( *p, buf, len ); memcpy(*p, buf, len);
return( (int) len ); return (int) len;
} }
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
int mbedtls_asn1_write_mpi( unsigned char **p, const unsigned char *start, const mbedtls_mpi *X ) int mbedtls_asn1_write_mpi(unsigned char **p, const unsigned char *start, const mbedtls_mpi *X)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
// Write the MPI // Write the MPI
// //
len = mbedtls_mpi_size( X ); len = mbedtls_mpi_size(X);
/* DER represents 0 with a sign bit (0=nonnegative) and 7 value bits, not /* DER represents 0 with a sign bit (0=nonnegative) and 7 value bits, not
* as 0 digits. We need to end up with 020100, not with 0200. */ * as 0 digits. We need to end up with 020100, not with 0200. */
if( len == 0 ) if (len == 0) {
len = 1; len = 1;
}
if( *p < start || (size_t)( *p - start ) < len ) if (*p < start || (size_t) (*p - start) < len) {
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
}
(*p) -= len; (*p) -= len;
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, *p, len ) ); MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(X, *p, len));
// DER format assumes 2s complement for numbers, so the leftmost bit // DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers. // should be 0 for positive numbers and 1 for negative numbers.
// //
if( X->s ==1 && **p & 0x80 ) if (X->s == 1 && **p & 0x80) {
{ if (*p - start < 1) {
if( *p - start < 1 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
*--(*p) = 0x00; *--(*p) = 0x00;
len += 1; len += 1;
} }
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_INTEGER));
ret = (int) len; ret = (int) len;
cleanup: cleanup:
return( ret ); return ret;
} }
#endif /* MBEDTLS_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
int mbedtls_asn1_write_null( unsigned char **p, const unsigned char *start ) int mbedtls_asn1_write_null(unsigned char **p, const unsigned char *start)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
// Write NULL // Write NULL
// //
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, 0) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, 0));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_NULL ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_NULL));
return( (int) len ); return (int) len;
} }
int mbedtls_asn1_write_oid( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_oid(unsigned char **p, const unsigned char *start,
const char *oid, size_t oid_len ) const char *oid, size_t oid_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start,
(const unsigned char *) oid, oid_len ) ); (const unsigned char *) oid, oid_len));
MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OID));
return( (int) len ); return (int) len;
} }
int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_algorithm_identifier(unsigned char **p, const unsigned char *start,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
size_t par_len ) size_t par_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
if( par_len == 0 ) if (par_len == 0) {
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_null(p, start));
else } else {
len += par_len; len += par_len;
}
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE));
return( (int) len ); return (int) len;
} }
int mbedtls_asn1_write_bool( unsigned char **p, const unsigned char *start, int boolean ) int mbedtls_asn1_write_bool(unsigned char **p, const unsigned char *start, int boolean)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
if( *p - start < 1 ) if (*p - start < 1) {
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
}
*--(*p) = (boolean) ? 255 : 0; *--(*p) = (boolean) ? 255 : 0;
len++; len++;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BOOLEAN ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BOOLEAN));
return( (int) len ); return (int) len;
} }
static int asn1_write_tagged_int( unsigned char **p, const unsigned char *start, int val, int tag ) static int asn1_write_tagged_int(unsigned char **p, const unsigned char *start, int val, int tag)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
do do {
{ if (*p - start < 1) {
if( *p - start < 1 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
len += 1; len += 1;
*--(*p) = val & 0xff; *--(*p) = val & 0xff;
val >>= 8; val >>= 8;
} } while (val > 0);
while( val > 0 );
if( **p & 0x80 ) if (**p & 0x80) {
{ if (*p - start < 1) {
if( *p - start < 1 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
*--(*p) = 0x00; *--(*p) = 0x00;
len += 1; len += 1;
} }
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag));
return( (int) len ); return (int) len;
} }
int mbedtls_asn1_write_int( unsigned char **p, const unsigned char *start, int val ) int mbedtls_asn1_write_int(unsigned char **p, const unsigned char *start, int val)
{ {
return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_INTEGER ) ); return asn1_write_tagged_int(p, start, val, MBEDTLS_ASN1_INTEGER);
} }
int mbedtls_asn1_write_enum( unsigned char **p, const unsigned char *start, int val ) int mbedtls_asn1_write_enum(unsigned char **p, const unsigned char *start, int val)
{ {
return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_ENUMERATED ) ); return asn1_write_tagged_int(p, start, val, MBEDTLS_ASN1_ENUMERATED);
} }
int mbedtls_asn1_write_tagged_string( unsigned char **p, const unsigned char *start, int tag, int mbedtls_asn1_write_tagged_string(unsigned char **p, const unsigned char *start, int tag,
const char *text, size_t text_len ) const char *text, size_t text_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start,
(const unsigned char *) text, text_len ) ); (const unsigned char *) text,
text_len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag));
return( (int) len ); return (int) len;
} }
int mbedtls_asn1_write_utf8_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_utf8_string(unsigned char **p, const unsigned char *start,
const char *text, size_t text_len ) const char *text, size_t text_len)
{ {
return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len) ); return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len);
} }
int mbedtls_asn1_write_printable_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_printable_string(unsigned char **p, const unsigned char *start,
const char *text, size_t text_len ) const char *text, size_t text_len)
{ {
return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text, text_len) ); return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text,
text_len);
} }
int mbedtls_asn1_write_ia5_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_ia5_string(unsigned char **p, const unsigned char *start,
const char *text, size_t text_len ) const char *text, size_t text_len)
{ {
return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len) ); return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len);
} }
int mbedtls_asn1_write_named_bitstring( unsigned char **p, int mbedtls_asn1_write_named_bitstring(unsigned char **p,
const unsigned char *start, const unsigned char *start,
const unsigned char *buf, const unsigned char *buf,
size_t bits ) size_t bits)
{ {
size_t unused_bits, byte_len; size_t unused_bits, byte_len;
const unsigned char *cur_byte; const unsigned char *cur_byte;
unsigned char cur_byte_shifted; unsigned char cur_byte_shifted;
unsigned char bit; unsigned char bit;
byte_len = ( bits + 7 ) / 8; byte_len = (bits + 7) / 8;
unused_bits = ( byte_len * 8 ) - bits; unused_bits = (byte_len * 8) - bits;
/* /*
* Named bitstrings require that trailing 0s are excluded in the encoding * Named bitstrings require that trailing 0s are excluded in the encoding
* of the bitstring. Trailing 0s are considered part of the 'unused' bits * of the bitstring. Trailing 0s are considered part of the 'unused' bits
* when encoding this value in the first content octet * when encoding this value in the first content octet
*/ */
if( bits != 0 ) if (bits != 0) {
{
cur_byte = buf + byte_len - 1; cur_byte = buf + byte_len - 1;
cur_byte_shifted = *cur_byte >> unused_bits; cur_byte_shifted = *cur_byte >> unused_bits;
for( ; ; ) for (;;) {
{
bit = cur_byte_shifted & 0x1; bit = cur_byte_shifted & 0x1;
cur_byte_shifted >>= 1; cur_byte_shifted >>= 1;
if( bit != 0 ) if (bit != 0) {
break; break;
}
bits--; bits--;
if( bits == 0 ) if (bits == 0) {
break; break;
}
if( bits % 8 == 0 ) if (bits % 8 == 0) {
cur_byte_shifted = *--cur_byte; cur_byte_shifted = *--cur_byte;
} }
} }
}
return( mbedtls_asn1_write_bitstring( p, start, buf, bits ) ); return mbedtls_asn1_write_bitstring(p, start, buf, bits);
} }
int mbedtls_asn1_write_bitstring( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_bitstring(unsigned char **p, const unsigned char *start,
const unsigned char *buf, size_t bits ) const unsigned char *buf, size_t bits)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
size_t unused_bits, byte_len; size_t unused_bits, byte_len;
byte_len = ( bits + 7 ) / 8; byte_len = (bits + 7) / 8;
unused_bits = ( byte_len * 8 ) - bits; unused_bits = (byte_len * 8) - bits;
if( *p < start || (size_t)( *p - start ) < byte_len + 1 ) if (*p < start || (size_t) (*p - start) < byte_len + 1) {
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
}
len = byte_len + 1; len = byte_len + 1;
/* Write the bitstring. Ensure the unused bits are zeroed */ /* Write the bitstring. Ensure the unused bits are zeroed */
if( byte_len > 0 ) if (byte_len > 0) {
{
byte_len--; byte_len--;
*--( *p ) = buf[byte_len] & ~( ( 0x1 << unused_bits ) - 1 ); *--(*p) = buf[byte_len] & ~((0x1 << unused_bits) - 1);
( *p ) -= byte_len; (*p) -= byte_len;
memcpy( *p, buf, byte_len ); memcpy(*p, buf, byte_len);
} }
/* Write unused bits */ /* Write unused bits */
*--( *p ) = (unsigned char)unused_bits; *--(*p) = (unsigned char) unused_bits;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BIT_STRING));
return( (int) len ); return (int) len;
} }
int mbedtls_asn1_write_octet_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_octet_string(unsigned char **p, const unsigned char *start,
const unsigned char *buf, size_t size ) const unsigned char *buf, size_t size)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, buf, size));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OCTET_STRING));
return( (int) len ); return (int) len;
} }
@ -392,88 +401,81 @@ int mbedtls_asn1_write_octet_string( unsigned char **p, const unsigned char *sta
* which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */ * which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */
static mbedtls_asn1_named_data *asn1_find_named_data( static mbedtls_asn1_named_data *asn1_find_named_data(
mbedtls_asn1_named_data *list, mbedtls_asn1_named_data *list,
const char *oid, size_t len ) const char *oid, size_t len)
{ {
while( list != NULL ) while (list != NULL) {
{ if (list->oid.len == len &&
if( list->oid.len == len && memcmp(list->oid.p, oid, len) == 0) {
memcmp( list->oid.p, oid, len ) == 0 )
{
break; break;
} }
list = list->next; list = list->next;
} }
return( list ); return list;
} }
mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(
mbedtls_asn1_named_data **head, mbedtls_asn1_named_data **head,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
const unsigned char *val, const unsigned char *val,
size_t val_len ) size_t val_len)
{ {
mbedtls_asn1_named_data *cur; mbedtls_asn1_named_data *cur;
if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL ) if ((cur = asn1_find_named_data(*head, oid, oid_len)) == NULL) {
{
// Add new entry if not present yet based on OID // Add new entry if not present yet based on OID
// //
cur = (mbedtls_asn1_named_data*)mbedtls_calloc( 1, cur = (mbedtls_asn1_named_data *) mbedtls_calloc(1,
sizeof(mbedtls_asn1_named_data) ); sizeof(mbedtls_asn1_named_data));
if( cur == NULL ) if (cur == NULL) {
return( NULL ); return NULL;
cur->oid.len = oid_len;
cur->oid.p = mbedtls_calloc( 1, oid_len );
if( cur->oid.p == NULL )
{
mbedtls_free( cur );
return( NULL );
} }
memcpy( cur->oid.p, oid, oid_len ); cur->oid.len = oid_len;
cur->oid.p = mbedtls_calloc(1, oid_len);
if (cur->oid.p == NULL) {
mbedtls_free(cur);
return NULL;
}
memcpy(cur->oid.p, oid, oid_len);
cur->val.len = val_len; cur->val.len = val_len;
if( val_len != 0 ) if (val_len != 0) {
{ cur->val.p = mbedtls_calloc(1, val_len);
cur->val.p = mbedtls_calloc( 1, val_len ); if (cur->val.p == NULL) {
if( cur->val.p == NULL ) mbedtls_free(cur->oid.p);
{ mbedtls_free(cur);
mbedtls_free( cur->oid.p ); return NULL;
mbedtls_free( cur );
return( NULL );
} }
} }
cur->next = *head; cur->next = *head;
*head = cur; *head = cur;
} } else if (val_len == 0) {
else if( val_len == 0 ) mbedtls_free(cur->val.p);
{
mbedtls_free( cur->val.p );
cur->val.p = NULL; cur->val.p = NULL;
} } else if (cur->val.len != val_len) {
else if( cur->val.len != val_len )
{
/* /*
* Enlarge existing value buffer if needed * Enlarge existing value buffer if needed
* Preserve old data until the allocation succeeded, to leave list in * Preserve old data until the allocation succeeded, to leave list in
* a consistent state in case allocation fails. * a consistent state in case allocation fails.
*/ */
void *p = mbedtls_calloc( 1, val_len ); void *p = mbedtls_calloc(1, val_len);
if( p == NULL ) if (p == NULL) {
return( NULL ); return NULL;
}
mbedtls_free( cur->val.p ); mbedtls_free(cur->val.p);
cur->val.p = p; cur->val.p = p;
cur->val.len = val_len; cur->val.len = val_len;
} }
if( val != NULL && val_len != 0 ) if (val != NULL && val_len != 0) {
memcpy( cur->val.p, val, val_len ); memcpy(cur->val.p, val, val_len);
}
return( cur ); return cur;
} }
#endif /* MBEDTLS_ASN1_WRITE_C */ #endif /* MBEDTLS_ASN1_WRITE_C */

203
library/base64.c
View File

@ -31,68 +31,65 @@
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#define BASE64_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */ #define BASE64_SIZE_T_MAX ((size_t) -1) /* SIZE_T_MAX is not standard */
/* /*
* Encode a buffer into base64 format * Encode a buffer into base64 format
*/ */
int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen ) const unsigned char *src, size_t slen)
{ {
size_t i, n; size_t i, n;
int C1, C2, C3; int C1, C2, C3;
unsigned char *p; unsigned char *p;
if( slen == 0 ) if (slen == 0) {
{
*olen = 0; *olen = 0;
return( 0 ); return 0;
} }
n = slen / 3 + ( slen % 3 != 0 ); n = slen / 3 + (slen % 3 != 0);
if( n > ( BASE64_SIZE_T_MAX - 1 ) / 4 ) if (n > (BASE64_SIZE_T_MAX - 1) / 4) {
{
*olen = BASE64_SIZE_T_MAX; *olen = BASE64_SIZE_T_MAX;
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
} }
n *= 4; n *= 4;
if( ( dlen < n + 1 ) || ( NULL == dst ) ) if ((dlen < n + 1) || (NULL == dst)) {
{
*olen = n + 1; *olen = n + 1;
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
} }
n = ( slen / 3 ) * 3; n = (slen / 3) * 3;
for( i = 0, p = dst; i < n; i += 3 ) for (i = 0, p = dst; i < n; i += 3) {
{
C1 = *src++; C1 = *src++;
C2 = *src++; C2 = *src++;
C3 = *src++; C3 = *src++;
*p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F ); *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F);
*p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) *p++ = mbedtls_ct_base64_enc_char((((C1 & 3) << 4) + (C2 >> 4))
& 0x3F ); & 0x3F);
*p++ = mbedtls_ct_base64_enc_char( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) ) *p++ = mbedtls_ct_base64_enc_char((((C2 & 15) << 2) + (C3 >> 6))
& 0x3F ); & 0x3F);
*p++ = mbedtls_ct_base64_enc_char( C3 & 0x3F ); *p++ = mbedtls_ct_base64_enc_char(C3 & 0x3F);
} }
if( i < slen ) if (i < slen) {
{
C1 = *src++; C1 = *src++;
C2 = ( ( i + 1 ) < slen ) ? *src++ : 0; C2 = ((i + 1) < slen) ? *src++ : 0;
*p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F ); *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F);
*p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) *p++ = mbedtls_ct_base64_enc_char((((C1 & 3) << 4) + (C2 >> 4))
& 0x3F ); & 0x3F);
if( ( i + 1 ) < slen ) if ((i + 1) < slen) {
*p++ = mbedtls_ct_base64_enc_char( ( ( C2 & 15 ) << 2 ) & 0x3F ); *p++ = mbedtls_ct_base64_enc_char(((C2 & 15) << 2) & 0x3F);
else *p++ = '='; } else {
*p++ = '=';
}
*p++ = '='; *p++ = '=';
} }
@ -100,14 +97,14 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
*olen = p - dst; *olen = p - dst;
*p = 0; *p = 0;
return( 0 ); return 0;
} }
/* /*
* Decode a base64-formatted buffer * Decode a base64-formatted buffer
*/ */
int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen ) const unsigned char *src, size_t slen)
{ {
size_t i; /* index in source */ size_t i; /* index in source */
size_t n; /* number of digits or trailing = in source */ size_t n; /* number of digits or trailing = in source */
@ -118,92 +115,97 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
unsigned char *p; unsigned char *p;
/* First pass: check for validity and get output length */ /* First pass: check for validity and get output length */
for( i = n = 0; i < slen; i++ ) for (i = n = 0; i < slen; i++) {
{
/* Skip spaces before checking for EOL */ /* Skip spaces before checking for EOL */
spaces_present = 0; spaces_present = 0;
while( i < slen && src[i] == ' ' ) while (i < slen && src[i] == ' ') {
{
++i; ++i;
spaces_present = 1; spaces_present = 1;
} }
/* Spaces at end of buffer are OK */ /* Spaces at end of buffer are OK */
if( i == slen ) if (i == slen) {
break; break;
}
if( ( slen - i ) >= 2 && if ((slen - i) >= 2 &&
src[i] == '\r' && src[i + 1] == '\n' ) src[i] == '\r' && src[i + 1] == '\n') {
continue; continue;
}
if( src[i] == '\n' ) if (src[i] == '\n') {
continue; continue;
}
/* Space inside a line is an error */ /* Space inside a line is an error */
if( spaces_present ) if (spaces_present) {
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
}
if( src[i] > 127 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); if (src[i] > 127) {
return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
if( src[i] == '=' ) }
{
if( ++equals > 2 ) if (src[i] == '=') {
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); if (++equals > 2) {
return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
}
} else {
if (equals != 0) {
return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
}
if (mbedtls_ct_base64_dec_value(src[i]) < 0) {
return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
} }
else
{
if( equals != 0 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
if( mbedtls_ct_base64_dec_value( src[i] ) < 0 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
} }
n++; n++;
} }
if( n == 0 ) if (n == 0) {
{
*olen = 0; *olen = 0;
return( 0 ); return 0;
} }
/* The following expression is to calculate the following formula without /* The following expression is to calculate the following formula without
* risk of integer overflow in n: * risk of integer overflow in n:
* n = ( ( n * 6 ) + 7 ) >> 3; * n = ( ( n * 6 ) + 7 ) >> 3;
*/ */
n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 ); n = (6 * (n >> 3)) + ((6 * (n & 0x7) + 7) >> 3);
n -= equals; n -= equals;
if( dst == NULL || dlen < n ) if (dst == NULL || dlen < n) {
{
*olen = n; *olen = n;
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
} }
equals = 0; equals = 0;
for( x = 0, p = dst; i > 0; i--, src++ ) for (x = 0, p = dst; i > 0; i--, src++) {
{ if (*src == '\r' || *src == '\n' || *src == ' ') {
if( *src == '\r' || *src == '\n' || *src == ' ' )
continue; continue;
}
x = x << 6; x = x << 6;
if( *src == '=' ) if (*src == '=') {
++equals; ++equals;
else } else {
x |= mbedtls_ct_base64_dec_value( *src ); x |= mbedtls_ct_base64_dec_value(*src);
}
if( ++accumulated_digits == 4 ) if (++accumulated_digits == 4) {
{
accumulated_digits = 0; accumulated_digits = 0;
*p++ = MBEDTLS_BYTE_2( x ); *p++ = MBEDTLS_BYTE_2(x);
if( equals <= 1 ) *p++ = MBEDTLS_BYTE_1( x ); if (equals <= 1) {
if( equals <= 0 ) *p++ = MBEDTLS_BYTE_0( x ); *p++ = MBEDTLS_BYTE_1(x);
}
if (equals <= 0) {
*p++ = MBEDTLS_BYTE_0(x);
}
} }
} }
*olen = p - dst; *olen = p - dst;
return( 0 ); return 0;
} }
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -227,44 +229,47 @@ static const unsigned char base64_test_enc[] =
/* /*
* Checkup routine * Checkup routine
*/ */
int mbedtls_base64_self_test( int verbose ) int mbedtls_base64_self_test(int verbose)
{ {
size_t len; size_t len;
const unsigned char *src; const unsigned char *src;
unsigned char buffer[128]; unsigned char buffer[128];
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( " Base64 encoding test: " ); mbedtls_printf(" Base64 encoding test: ");
}
src = base64_test_dec; src = base64_test_dec;
if( mbedtls_base64_encode( buffer, sizeof( buffer ), &len, src, 64 ) != 0 || if (mbedtls_base64_encode(buffer, sizeof(buffer), &len, src, 64) != 0 ||
memcmp( base64_test_enc, buffer, 88 ) != 0 ) memcmp(base64_test_enc, buffer, 88) != 0) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf("failed\n");
mbedtls_printf( "failed\n" );
return( 1 );
} }
if( verbose != 0 ) return 1;
mbedtls_printf( "passed\n Base64 decoding test: " ); }
if (verbose != 0) {
mbedtls_printf("passed\n Base64 decoding test: ");
}
src = base64_test_enc; src = base64_test_enc;
if( mbedtls_base64_decode( buffer, sizeof( buffer ), &len, src, 88 ) != 0 || if (mbedtls_base64_decode(buffer, sizeof(buffer), &len, src, 88) != 0 ||
memcmp( base64_test_dec, buffer, 64 ) != 0 ) memcmp(base64_test_dec, buffer, 64) != 0) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf("failed\n");
mbedtls_printf( "failed\n" );
return( 1 );
} }
if( verbose != 0 ) return 1;
mbedtls_printf( "passed\n\n" ); }
return( 0 ); if (verbose != 0) {
mbedtls_printf("passed\n\n");
}
return 0;
} }
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

2082
library/bignum.c
View File

File diff suppressed because it is too large Load Diff

536
library/bignum_core.c
View File

File diff suppressed because it is too large Load Diff

118
library/bignum_core.h
View File

@ -86,19 +86,19 @@
#include "mbedtls/bignum.h" #include "mbedtls/bignum.h"
#endif #endif
#define ciL ( sizeof(mbedtls_mpi_uint) ) /** chars in limb */ #define ciL (sizeof(mbedtls_mpi_uint)) /** chars in limb */
#define biL ( ciL << 3 ) /** bits in limb */ #define biL (ciL << 3) /** bits in limb */
#define biH ( ciL << 2 ) /** half limb size */ #define biH (ciL << 2) /** half limb size */
/* /*
* Convert between bits/chars and number of limbs * Convert between bits/chars and number of limbs
* Divide first in order to avoid potential overflows * Divide first in order to avoid potential overflows
*/ */
#define BITS_TO_LIMBS(i) ( (i) / biL + ( (i) % biL != 0 ) ) #define BITS_TO_LIMBS(i) ((i) / biL + ((i) % biL != 0))
#define CHARS_TO_LIMBS(i) ( (i) / ciL + ( (i) % ciL != 0 ) ) #define CHARS_TO_LIMBS(i) ((i) / ciL + ((i) % ciL != 0))
/* Get a specific byte, without range checks. */ /* Get a specific byte, without range checks. */
#define GET_BYTE( X, i ) \ #define GET_BYTE(X, i) \
( ( (X)[(i) / ciL] >> ( ( (i) % ciL ) * 8 ) ) & 0xff ) (((X)[(i) / ciL] >> (((i) % ciL) * 8)) & 0xff)
/** Count leading zero bits in a given integer. /** Count leading zero bits in a given integer.
* *
@ -106,7 +106,7 @@
* *
* \return The number of leading zero bits in \p a. * \return The number of leading zero bits in \p a.
*/ */
size_t mbedtls_mpi_core_clz( mbedtls_mpi_uint a ); size_t mbedtls_mpi_core_clz(mbedtls_mpi_uint a);
/** Return the minimum number of bits required to represent the value held /** Return the minimum number of bits required to represent the value held
* in the MPI. * in the MPI.
@ -118,7 +118,7 @@ size_t mbedtls_mpi_core_clz( mbedtls_mpi_uint a );
* *
* \return The number of bits in \p A. * \return The number of bits in \p A.
*/ */
size_t mbedtls_mpi_core_bitlen( const mbedtls_mpi_uint *A, size_t A_limbs ); size_t mbedtls_mpi_core_bitlen(const mbedtls_mpi_uint *A, size_t A_limbs);
/** Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint /** Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint
* into the storage form used by mbedtls_mpi. * into the storage form used by mbedtls_mpi.
@ -126,8 +126,8 @@ size_t mbedtls_mpi_core_bitlen( const mbedtls_mpi_uint *A, size_t A_limbs );
* \param[in,out] A The address of the MPI. * \param[in,out] A The address of the MPI.
* \param A_limbs The number of limbs of \p A. * \param A_limbs The number of limbs of \p A.
*/ */
void mbedtls_mpi_core_bigendian_to_host( mbedtls_mpi_uint *A, void mbedtls_mpi_core_bigendian_to_host(mbedtls_mpi_uint *A,
size_t A_limbs ); size_t A_limbs);
/** \brief Compare a machine integer with an MPI. /** \brief Compare a machine integer with an MPI.
* *
@ -141,9 +141,9 @@ void mbedtls_mpi_core_bigendian_to_host( mbedtls_mpi_uint *A,
* *
* \return 1 if \p min is less than or equal to \p A, otherwise 0. * \return 1 if \p min is less than or equal to \p A, otherwise 0.
*/ */
unsigned mbedtls_mpi_core_uint_le_mpi( mbedtls_mpi_uint min, unsigned mbedtls_mpi_core_uint_le_mpi(mbedtls_mpi_uint min,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
size_t A_limbs ); size_t A_limbs);
/** /**
* \brief Perform a safe conditional copy of an MPI which doesn't reveal * \brief Perform a safe conditional copy of an MPI which doesn't reveal
@ -166,10 +166,10 @@ unsigned mbedtls_mpi_core_uint_le_mpi( mbedtls_mpi_uint min,
* is indeterminate, and the resulting value in \p X might be * is indeterminate, and the resulting value in \p X might be
* neither its original value nor the value in \p A. * neither its original value nor the value in \p A.
*/ */
void mbedtls_mpi_core_cond_assign( mbedtls_mpi_uint *X, void mbedtls_mpi_core_cond_assign(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
size_t limbs, size_t limbs,
unsigned char assign ); unsigned char assign);
/** /**
* \brief Perform a safe conditional swap of two MPIs which doesn't reveal * \brief Perform a safe conditional swap of two MPIs which doesn't reveal
@ -192,10 +192,10 @@ void mbedtls_mpi_core_cond_assign( mbedtls_mpi_uint *X,
* is indeterminate, and both \p X and \p Y might end up with * is indeterminate, and both \p X and \p Y might end up with
* values different to either of the original ones. * values different to either of the original ones.
*/ */
void mbedtls_mpi_core_cond_swap( mbedtls_mpi_uint *X, void mbedtls_mpi_core_cond_swap(mbedtls_mpi_uint *X,
mbedtls_mpi_uint *Y, mbedtls_mpi_uint *Y,
size_t limbs, size_t limbs,
unsigned char swap ); unsigned char swap);
/** Import X from unsigned binary data, little-endian. /** Import X from unsigned binary data, little-endian.
* *
@ -211,10 +211,10 @@ void mbedtls_mpi_core_cond_swap( mbedtls_mpi_uint *X,
* \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p X isn't * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p X isn't
* large enough to hold the value in \p input. * large enough to hold the value in \p input.
*/ */
int mbedtls_mpi_core_read_le( mbedtls_mpi_uint *X, int mbedtls_mpi_core_read_le(mbedtls_mpi_uint *X,
size_t X_limbs, size_t X_limbs,
const unsigned char *input, const unsigned char *input,
size_t input_length ); size_t input_length);
/** Import X from unsigned binary data, big-endian. /** Import X from unsigned binary data, big-endian.
* *
@ -233,10 +233,10 @@ int mbedtls_mpi_core_read_le( mbedtls_mpi_uint *X,
* \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p X isn't * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p X isn't
* large enough to hold the value in \p input. * large enough to hold the value in \p input.
*/ */
int mbedtls_mpi_core_read_be( mbedtls_mpi_uint *X, int mbedtls_mpi_core_read_be(mbedtls_mpi_uint *X,
size_t X_limbs, size_t X_limbs,
const unsigned char *input, const unsigned char *input,
size_t input_length ); size_t input_length);
/** Export A into unsigned binary data, little-endian. /** Export A into unsigned binary data, little-endian.
* *
@ -253,10 +253,10 @@ int mbedtls_mpi_core_read_be( mbedtls_mpi_uint *X,
* \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p output isn't * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p output isn't
* large enough to hold the value of \p A. * large enough to hold the value of \p A.
*/ */
int mbedtls_mpi_core_write_le( const mbedtls_mpi_uint *A, int mbedtls_mpi_core_write_le(const mbedtls_mpi_uint *A,
size_t A_limbs, size_t A_limbs,
unsigned char *output, unsigned char *output,
size_t output_length ); size_t output_length);
/** Export A into unsigned binary data, big-endian. /** Export A into unsigned binary data, big-endian.
* *
@ -273,10 +273,10 @@ int mbedtls_mpi_core_write_le( const mbedtls_mpi_uint *A,
* \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p output isn't * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p output isn't
* large enough to hold the value of \p A. * large enough to hold the value of \p A.
*/ */
int mbedtls_mpi_core_write_be( const mbedtls_mpi_uint *A, int mbedtls_mpi_core_write_be(const mbedtls_mpi_uint *A,
size_t A_limbs, size_t A_limbs,
unsigned char *output, unsigned char *output,
size_t output_length ); size_t output_length);
/** \brief Shift an MPI right in place by a number of bits. /** \brief Shift an MPI right in place by a number of bits.
* *
@ -290,8 +290,8 @@ int mbedtls_mpi_core_write_be( const mbedtls_mpi_uint *A,
* \param limbs The number of limbs of \p X. This must be at least 1. * \param limbs The number of limbs of \p X. This must be at least 1.
* \param count The number of bits to shift by. * \param count The number of bits to shift by.
*/ */
void mbedtls_mpi_core_shift_r( mbedtls_mpi_uint *X, size_t limbs, void mbedtls_mpi_core_shift_r(mbedtls_mpi_uint *X, size_t limbs,
size_t count ); size_t count);
/** /**
* \brief Add two fixed-size large unsigned integers, returning the carry. * \brief Add two fixed-size large unsigned integers, returning the carry.
@ -310,10 +310,10 @@ void mbedtls_mpi_core_shift_r( mbedtls_mpi_uint *X, size_t limbs,
* *
* \return 1 if `A + B >= 2^(biL*limbs)`, 0 otherwise. * \return 1 if `A + B >= 2^(biL*limbs)`, 0 otherwise.
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_add( mbedtls_mpi_uint *X, mbedtls_mpi_uint mbedtls_mpi_core_add(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
size_t limbs ); size_t limbs);
/** /**
* \brief Conditional addition of two fixed-size large unsigned integers, * \brief Conditional addition of two fixed-size large unsigned integers,
@ -345,10 +345,10 @@ mbedtls_mpi_uint mbedtls_mpi_core_add( mbedtls_mpi_uint *X,
* *
* \return 1 if `X + cond * A >= 2^(biL*limbs)`, 0 otherwise. * \return 1 if `X + cond * A >= 2^(biL*limbs)`, 0 otherwise.
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_add_if( mbedtls_mpi_uint *X, mbedtls_mpi_uint mbedtls_mpi_core_add_if(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
size_t limbs, size_t limbs,
unsigned cond ); unsigned cond);
/** /**
* \brief Subtract two fixed-size large unsigned integers, returning the borrow. * \brief Subtract two fixed-size large unsigned integers, returning the borrow.
@ -368,10 +368,10 @@ mbedtls_mpi_uint mbedtls_mpi_core_add_if( mbedtls_mpi_uint *X,
* \return 1 if `A < B`. * \return 1 if `A < B`.
* 0 if `A >= B`. * 0 if `A >= B`.
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_sub( mbedtls_mpi_uint *X, mbedtls_mpi_uint mbedtls_mpi_core_sub(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
size_t limbs ); size_t limbs);
/** /**
* \brief Perform a fixed-size multiply accumulate operation: X += b * A * \brief Perform a fixed-size multiply accumulate operation: X += b * A
@ -394,9 +394,9 @@ mbedtls_mpi_uint mbedtls_mpi_core_sub( mbedtls_mpi_uint *X,
* *
* \return The carry at the end of the operation. * \return The carry at the end of the operation.
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_mla( mbedtls_mpi_uint *X, size_t X_limbs, mbedtls_mpi_uint mbedtls_mpi_core_mla(mbedtls_mpi_uint *X, size_t X_limbs,
const mbedtls_mpi_uint *A, size_t A_limbs, const mbedtls_mpi_uint *A, size_t A_limbs,
mbedtls_mpi_uint b ); mbedtls_mpi_uint b);
/** /**
* \brief Calculate initialisation value for fast Montgomery modular * \brief Calculate initialisation value for fast Montgomery modular
@ -407,7 +407,7 @@ mbedtls_mpi_uint mbedtls_mpi_core_mla( mbedtls_mpi_uint *X, size_t X_limbs,
* *
* \return The initialisation value for fast Montgomery modular multiplication * \return The initialisation value for fast Montgomery modular multiplication
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_montmul_init( const mbedtls_mpi_uint *N ); mbedtls_mpi_uint mbedtls_mpi_core_montmul_init(const mbedtls_mpi_uint *N);
/** /**
* \brief Montgomery multiplication: X = A * B * R^-1 mod N (HAC 14.36) * \brief Montgomery multiplication: X = A * B * R^-1 mod N (HAC 14.36)
@ -444,11 +444,11 @@ mbedtls_mpi_uint mbedtls_mpi_core_montmul_init( const mbedtls_mpi_uint *N );
* It must not alias or otherwise overlap any of the * It must not alias or otherwise overlap any of the
* other parameters. * other parameters.
*/ */
void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X, void mbedtls_mpi_core_montmul(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, size_t B_limbs, const mbedtls_mpi_uint *B, size_t B_limbs,
const mbedtls_mpi_uint *N, size_t AN_limbs, const mbedtls_mpi_uint *N, size_t AN_limbs,
mbedtls_mpi_uint mm, mbedtls_mpi_uint *T ); mbedtls_mpi_uint mm, mbedtls_mpi_uint *T);
/** /**
* \brief Calculate the square of the Montgomery constant. (Needed * \brief Calculate the square of the Montgomery constant. (Needed
@ -465,8 +465,8 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
* \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p N modulus is zero. * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p N modulus is zero.
* \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p N modulus is negative. * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p N modulus is negative.
*/ */
int mbedtls_mpi_core_get_mont_r2_unsafe( mbedtls_mpi *X, int mbedtls_mpi_core_get_mont_r2_unsafe(mbedtls_mpi *X,
const mbedtls_mpi *N ); const mbedtls_mpi *N);
#if defined(MBEDTLS_TEST_HOOKS) #if defined(MBEDTLS_TEST_HOOKS)
/** /**
@ -481,11 +481,11 @@ int mbedtls_mpi_core_get_mont_r2_unsafe( mbedtls_mpi *X,
* \param index The (secret) table index to look up. This must be in the * \param index The (secret) table index to look up. This must be in the
* range `0 .. count-1`. * range `0 .. count-1`.
*/ */
void mbedtls_mpi_core_ct_uint_table_lookup( mbedtls_mpi_uint *dest, void mbedtls_mpi_core_ct_uint_table_lookup(mbedtls_mpi_uint *dest,
const mbedtls_mpi_uint *table, const mbedtls_mpi_uint *table,
size_t limbs, size_t limbs,
size_t count, size_t count,
size_t index ); size_t index);
#endif /* MBEDTLS_TEST_HOOKS */ #endif /* MBEDTLS_TEST_HOOKS */
/** /**
@ -507,10 +507,10 @@ void mbedtls_mpi_core_ct_uint_table_lookup( mbedtls_mpi_uint *dest,
* as a big-endian representation of an MPI; this can * as a big-endian representation of an MPI; this can
* be relevant in applications like deterministic ECDSA. * be relevant in applications like deterministic ECDSA.
*/ */
int mbedtls_mpi_core_fill_random( mbedtls_mpi_uint *X, size_t X_limbs, int mbedtls_mpi_core_fill_random(mbedtls_mpi_uint *X, size_t X_limbs,
size_t bytes, size_t bytes,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** Generate a random number uniformly in a range. /** Generate a random number uniformly in a range.
* *
@ -542,12 +542,12 @@ int mbedtls_mpi_core_fill_random( mbedtls_mpi_uint *X, size_t X_limbs,
* is significantly larger than \p min, which is the case * is significantly larger than \p min, which is the case
* for all usual cryptographic applications. * for all usual cryptographic applications.
*/ */
int mbedtls_mpi_core_random( mbedtls_mpi_uint *X, int mbedtls_mpi_core_random(mbedtls_mpi_uint *X,
mbedtls_mpi_uint min, mbedtls_mpi_uint min,
const mbedtls_mpi_uint *N, const mbedtls_mpi_uint *N,
size_t limbs, size_t limbs,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/* BEGIN MERGE SLOT 1 */ /* BEGIN MERGE SLOT 1 */
@ -568,7 +568,7 @@ int mbedtls_mpi_core_random( mbedtls_mpi_uint *X,
* \return The number of limbs of working memory required by * \return The number of limbs of working memory required by
* `mbedtls_mpi_core_exp_mod()`. * `mbedtls_mpi_core_exp_mod()`.
*/ */
size_t mbedtls_mpi_core_exp_mod_working_limbs( size_t AN_limbs, size_t E_limbs ); size_t mbedtls_mpi_core_exp_mod_working_limbs(size_t AN_limbs, size_t E_limbs);
/** /**
* \brief Perform a modular exponentiation with secret exponent: * \brief Perform a modular exponentiation with secret exponent:
@ -597,12 +597,12 @@ size_t mbedtls_mpi_core_exp_mod_working_limbs( size_t AN_limbs, size_t E_limbs )
* longer needed, and before freeing it if it was dynamically * longer needed, and before freeing it if it was dynamically
* allocated. * allocated.
*/ */
void mbedtls_mpi_core_exp_mod( mbedtls_mpi_uint *X, void mbedtls_mpi_core_exp_mod(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *N, size_t AN_limbs, const mbedtls_mpi_uint *N, size_t AN_limbs,
const mbedtls_mpi_uint *E, size_t E_limbs, const mbedtls_mpi_uint *E, size_t E_limbs,
const mbedtls_mpi_uint *RR, const mbedtls_mpi_uint *RR,
mbedtls_mpi_uint *T ); mbedtls_mpi_uint *T);
/* END MERGE SLOT 1 */ /* END MERGE SLOT 1 */
@ -624,10 +624,10 @@ void mbedtls_mpi_core_exp_mod( mbedtls_mpi_uint *X,
* \return 1 if `A < b`. * \return 1 if `A < b`.
* 0 if `A >= b`. * 0 if `A >= b`.
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_sub_int( mbedtls_mpi_uint *X, mbedtls_mpi_uint mbedtls_mpi_core_sub_int(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
mbedtls_mpi_uint b, mbedtls_mpi_uint b,
size_t limbs ); size_t limbs);
/** /**
* \brief Determine if a given MPI has the value \c 0 in constant time with * \brief Determine if a given MPI has the value \c 0 in constant time with
@ -639,8 +639,8 @@ mbedtls_mpi_uint mbedtls_mpi_core_sub_int( mbedtls_mpi_uint *X,
* \return 0 if `A == 0` * \return 0 if `A == 0`
* non-0 (may be any value) if `A != 0`. * non-0 (may be any value) if `A != 0`.
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_check_zero_ct( const mbedtls_mpi_uint *A, mbedtls_mpi_uint mbedtls_mpi_core_check_zero_ct(const mbedtls_mpi_uint *A,
size_t limbs ); size_t limbs);
/** /**
* \brief Returns the number of limbs of working memory required for * \brief Returns the number of limbs of working memory required for
@ -654,9 +654,9 @@ mbedtls_mpi_uint mbedtls_mpi_core_check_zero_ct( const mbedtls_mpi_uint *A,
* \return The number of limbs of working memory required by * \return The number of limbs of working memory required by
* `mbedtls_mpi_core_montmul()` (or other similar function). * `mbedtls_mpi_core_montmul()` (or other similar function).
*/ */
static inline size_t mbedtls_mpi_core_montmul_working_limbs( size_t AN_limbs ) static inline size_t mbedtls_mpi_core_montmul_working_limbs(size_t AN_limbs)
{ {
return( 2 * AN_limbs + 1 ); return 2 * AN_limbs + 1;
} }
/** Convert an MPI into Montgomery form. /** Convert an MPI into Montgomery form.
@ -690,13 +690,13 @@ static inline size_t mbedtls_mpi_core_montmul_working_limbs( size_t AN_limbs )
* It must not alias or otherwise overlap any of the * It must not alias or otherwise overlap any of the
* other parameters. * other parameters.
*/ */
void mbedtls_mpi_core_to_mont_rep( mbedtls_mpi_uint *X, void mbedtls_mpi_core_to_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *N, const mbedtls_mpi_uint *N,
size_t AN_limbs, size_t AN_limbs,
mbedtls_mpi_uint mm, mbedtls_mpi_uint mm,
const mbedtls_mpi_uint *rr, const mbedtls_mpi_uint *rr,
mbedtls_mpi_uint *T ); mbedtls_mpi_uint *T);
/** Convert an MPI from Montgomery form. /** Convert an MPI from Montgomery form.
* *
@ -727,12 +727,12 @@ void mbedtls_mpi_core_to_mont_rep( mbedtls_mpi_uint *X,
* It must not alias or otherwise overlap any of the * It must not alias or otherwise overlap any of the
* other parameters. * other parameters.
*/ */
void mbedtls_mpi_core_from_mont_rep( mbedtls_mpi_uint *X, void mbedtls_mpi_core_from_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *N, const mbedtls_mpi_uint *N,
size_t AN_limbs, size_t AN_limbs,
mbedtls_mpi_uint mm, mbedtls_mpi_uint mm,
mbedtls_mpi_uint *T ); mbedtls_mpi_uint *T);
/* END MERGE SLOT 3 */ /* END MERGE SLOT 3 */

302
library/bignum_mod.c
View File

@ -34,33 +34,36 @@
#include "bignum_mod_raw.h" #include "bignum_mod_raw.h"
#include "constant_time_internal.h" #include "constant_time_internal.h"
int mbedtls_mpi_mod_residue_setup( mbedtls_mpi_mod_residue *r, int mbedtls_mpi_mod_residue_setup(mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
mbedtls_mpi_uint *p, mbedtls_mpi_uint *p,
size_t p_limbs ) size_t p_limbs)
{ {
if( p_limbs != m->limbs || !mbedtls_mpi_core_lt_ct( p, m->p, m->limbs ) ) if (p_limbs != m->limbs || !mbedtls_mpi_core_lt_ct(p, m->p, m->limbs)) {
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
r->limbs = m->limbs; r->limbs = m->limbs;
r->p = p; r->p = p;
return( 0 ); return 0;
} }
void mbedtls_mpi_mod_residue_release( mbedtls_mpi_mod_residue *r ) void mbedtls_mpi_mod_residue_release(mbedtls_mpi_mod_residue *r)
{ {
if( r == NULL ) if (r == NULL) {
return; return;
}
r->limbs = 0; r->limbs = 0;
r->p = NULL; r->p = NULL;
} }
void mbedtls_mpi_mod_modulus_init( mbedtls_mpi_mod_modulus *m ) void mbedtls_mpi_mod_modulus_init(mbedtls_mpi_mod_modulus *m)
{ {
if( m == NULL ) if (m == NULL) {
return; return;
}
m->p = NULL; m->p = NULL;
m->limbs = 0; m->limbs = 0;
@ -68,25 +71,24 @@ void mbedtls_mpi_mod_modulus_init( mbedtls_mpi_mod_modulus *m )
m->int_rep = MBEDTLS_MPI_MOD_REP_INVALID; m->int_rep = MBEDTLS_MPI_MOD_REP_INVALID;
} }
void mbedtls_mpi_mod_modulus_free( mbedtls_mpi_mod_modulus *m ) void mbedtls_mpi_mod_modulus_free(mbedtls_mpi_mod_modulus *m)
{ {
if( m == NULL ) if (m == NULL) {
return; return;
}
switch( m->int_rep ) switch (m->int_rep) {
{
case MBEDTLS_MPI_MOD_REP_MONTGOMERY: case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
if (m->rep.mont.rr != NULL) if (m->rep.mont.rr != NULL) {
{ mbedtls_platform_zeroize((mbedtls_mpi_uint *) m->rep.mont.rr,
mbedtls_platform_zeroize( (mbedtls_mpi_uint *) m->rep.mont.rr, m->limbs * sizeof(mbedtls_mpi_uint));
m->limbs * sizeof(mbedtls_mpi_uint) ); mbedtls_free((mbedtls_mpi_uint *) m->rep.mont.rr);
mbedtls_free( (mbedtls_mpi_uint *)m->rep.mont.rr );
m->rep.mont.rr = NULL; m->rep.mont.rr = NULL;
} }
m->rep.mont.mm = 0; m->rep.mont.mm = 0;
break; break;
case MBEDTLS_MPI_MOD_REP_OPT_RED: case MBEDTLS_MPI_MOD_REP_OPT_RED:
mbedtls_free( m->rep.ored ); mbedtls_free(m->rep.ored);
break; break;
case MBEDTLS_MPI_MOD_REP_INVALID: case MBEDTLS_MPI_MOD_REP_INVALID:
break; break;
@ -98,30 +100,31 @@ void mbedtls_mpi_mod_modulus_free( mbedtls_mpi_mod_modulus *m )
m->int_rep = MBEDTLS_MPI_MOD_REP_INVALID; m->int_rep = MBEDTLS_MPI_MOD_REP_INVALID;
} }
static int set_mont_const_square( const mbedtls_mpi_uint **X, static int set_mont_const_square(const mbedtls_mpi_uint **X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
size_t limbs ) size_t limbs)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_mpi N; mbedtls_mpi N;
mbedtls_mpi RR; mbedtls_mpi RR;
*X = NULL; *X = NULL;
mbedtls_mpi_init( &N ); mbedtls_mpi_init(&N);
mbedtls_mpi_init( &RR ); mbedtls_mpi_init(&RR);
if( A == NULL || limbs == 0 || limbs >= ( MBEDTLS_MPI_MAX_LIMBS / 2 ) - 2 ) if (A == NULL || limbs == 0 || limbs >= (MBEDTLS_MPI_MAX_LIMBS / 2) - 2) {
goto cleanup; goto cleanup;
}
if( mbedtls_mpi_grow( &N, limbs ) ) if (mbedtls_mpi_grow(&N, limbs)) {
goto cleanup; goto cleanup;
}
memcpy( N.p, A, sizeof(mbedtls_mpi_uint) * limbs ); memcpy(N.p, A, sizeof(mbedtls_mpi_uint) * limbs);
ret = mbedtls_mpi_core_get_mont_r2_unsafe(&RR, &N); ret = mbedtls_mpi_core_get_mont_r2_unsafe(&RR, &N);
if( ret == 0 ) if (ret == 0) {
{
*X = RR.p; *X = RR.p;
RR.p = NULL; RR.p = NULL;
} }
@ -129,27 +132,26 @@ static int set_mont_const_square( const mbedtls_mpi_uint **X,
cleanup: cleanup:
mbedtls_mpi_free(&N); mbedtls_mpi_free(&N);
mbedtls_mpi_free(&RR); mbedtls_mpi_free(&RR);
ret = ( ret != 0 ) ? MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED : 0; ret = (ret != 0) ? MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED : 0;
return( ret ); return ret;
} }
int mbedtls_mpi_mod_modulus_setup( mbedtls_mpi_mod_modulus *m, int mbedtls_mpi_mod_modulus_setup(mbedtls_mpi_mod_modulus *m,
const mbedtls_mpi_uint *p, const mbedtls_mpi_uint *p,
size_t p_limbs, size_t p_limbs,
mbedtls_mpi_mod_rep_selector int_rep ) mbedtls_mpi_mod_rep_selector int_rep)
{ {
int ret = 0; int ret = 0;
m->p = p; m->p = p;
m->limbs = p_limbs; m->limbs = p_limbs;
m->bits = mbedtls_mpi_core_bitlen( p, p_limbs ); m->bits = mbedtls_mpi_core_bitlen(p, p_limbs);
switch( int_rep ) switch (int_rep) {
{
case MBEDTLS_MPI_MOD_REP_MONTGOMERY: case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
m->int_rep = int_rep; m->int_rep = int_rep;
m->rep.mont.mm = mbedtls_mpi_core_montmul_init( m->p ); m->rep.mont.mm = mbedtls_mpi_core_montmul_init(m->p);
ret = set_mont_const_square( &m->rep.mont.rr, m->p, m->limbs ); ret = set_mont_const_square(&m->rep.mont.rr, m->p, m->limbs);
break; break;
case MBEDTLS_MPI_MOD_REP_OPT_RED: case MBEDTLS_MPI_MOD_REP_OPT_RED:
m->int_rep = int_rep; m->int_rep = int_rep;
@ -162,12 +164,11 @@ int mbedtls_mpi_mod_modulus_setup( mbedtls_mpi_mod_modulus *m,
exit: exit:
if( ret != 0 ) if (ret != 0) {
{ mbedtls_mpi_mod_modulus_free(m);
mbedtls_mpi_mod_modulus_free( m );
} }
return( ret ); return ret;
} }
/* BEGIN MERGE SLOT 1 */ /* BEGIN MERGE SLOT 1 */
@ -176,129 +177,135 @@ exit:
/* BEGIN MERGE SLOT 2 */ /* BEGIN MERGE SLOT 2 */
int mbedtls_mpi_mod_mul( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_mul(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
if( N->limbs == 0 ) if (N->limbs == 0) {
return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
if( X->limbs != N->limbs || A->limbs != N->limbs || B->limbs != N->limbs ) if (X->limbs != N->limbs || A->limbs != N->limbs || B->limbs != N->limbs) {
return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
mbedtls_mpi_uint *T = mbedtls_calloc( N->limbs * 2 + 1, ciL ); mbedtls_mpi_uint *T = mbedtls_calloc(N->limbs * 2 + 1, ciL);
if( T == NULL ) if (T == NULL) {
return MBEDTLS_ERR_MPI_ALLOC_FAILED; return MBEDTLS_ERR_MPI_ALLOC_FAILED;
}
mbedtls_mpi_mod_raw_mul( X->p, A->p, B->p, N, T ); mbedtls_mpi_mod_raw_mul(X->p, A->p, B->p, N, T);
mbedtls_free( T ); mbedtls_free(T);
return( 0 ); return 0;
} }
/* END MERGE SLOT 2 */ /* END MERGE SLOT 2 */
/* BEGIN MERGE SLOT 3 */ /* BEGIN MERGE SLOT 3 */
int mbedtls_mpi_mod_sub( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_sub(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
if( X->limbs != N->limbs || A->limbs != N->limbs || B->limbs != N->limbs ) if (X->limbs != N->limbs || A->limbs != N->limbs || B->limbs != N->limbs) {
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
mbedtls_mpi_mod_raw_sub( X->p, A->p, B->p, N ); mbedtls_mpi_mod_raw_sub(X->p, A->p, B->p, N);
return( 0 ); return 0;
} }
static int mbedtls_mpi_mod_inv_mont( mbedtls_mpi_mod_residue *X, static int mbedtls_mpi_mod_inv_mont(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
mbedtls_mpi_uint *working_memory ) mbedtls_mpi_uint *working_memory)
{ {
/* Input already in Montgomery form, so there's little to do */ /* Input already in Montgomery form, so there's little to do */
mbedtls_mpi_mod_raw_inv_prime( X->p, A->p, mbedtls_mpi_mod_raw_inv_prime(X->p, A->p,
N->p, N->limbs, N->p, N->limbs,
N->rep.mont.rr, N->rep.mont.rr,
working_memory ); working_memory);
return( 0 ); return 0;
} }
static int mbedtls_mpi_mod_inv_non_mont( mbedtls_mpi_mod_residue *X, static int mbedtls_mpi_mod_inv_non_mont(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
mbedtls_mpi_uint *working_memory ) mbedtls_mpi_uint *working_memory)
{ {
/* Need to convert input into Montgomery form */ /* Need to convert input into Montgomery form */
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_mpi_mod_modulus Nmont; mbedtls_mpi_mod_modulus Nmont;
mbedtls_mpi_mod_modulus_init( &Nmont ); mbedtls_mpi_mod_modulus_init(&Nmont);
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_modulus_setup( &Nmont, N->p, N->limbs, MBEDTLS_MPI_CHK(mbedtls_mpi_mod_modulus_setup(&Nmont, N->p, N->limbs,
MBEDTLS_MPI_MOD_REP_MONTGOMERY ) ); MBEDTLS_MPI_MOD_REP_MONTGOMERY));
/* We'll use X->p to hold the Montgomery form of the input A->p */ /* We'll use X->p to hold the Montgomery form of the input A->p */
mbedtls_mpi_core_to_mont_rep( X->p, A->p, Nmont.p, Nmont.limbs, mbedtls_mpi_core_to_mont_rep(X->p, A->p, Nmont.p, Nmont.limbs,
Nmont.rep.mont.mm, Nmont.rep.mont.rr, Nmont.rep.mont.mm, Nmont.rep.mont.rr,
working_memory ); working_memory);
mbedtls_mpi_mod_raw_inv_prime( X->p, X->p, mbedtls_mpi_mod_raw_inv_prime(X->p, X->p,
Nmont.p, Nmont.limbs, Nmont.p, Nmont.limbs,
Nmont.rep.mont.rr, Nmont.rep.mont.rr,
working_memory ); working_memory);
/* And convert back from Montgomery form */ /* And convert back from Montgomery form */
mbedtls_mpi_core_from_mont_rep( X->p, X->p, Nmont.p, Nmont.limbs, mbedtls_mpi_core_from_mont_rep(X->p, X->p, Nmont.p, Nmont.limbs,
Nmont.rep.mont.mm, working_memory ); Nmont.rep.mont.mm, working_memory);
cleanup: cleanup:
mbedtls_mpi_mod_modulus_free( &Nmont ); mbedtls_mpi_mod_modulus_free(&Nmont);
return( ret ); return ret;
} }
int mbedtls_mpi_mod_inv( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_inv(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
if( X->limbs != N->limbs || A->limbs != N->limbs ) if (X->limbs != N->limbs || A->limbs != N->limbs) {
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
/* Zero has the same value regardless of Montgomery form or not */ /* Zero has the same value regardless of Montgomery form or not */
if( mbedtls_mpi_core_check_zero_ct( A->p, A->limbs ) == 0 ) if (mbedtls_mpi_core_check_zero_ct(A->p, A->limbs) == 0) {
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
size_t working_limbs = size_t working_limbs =
mbedtls_mpi_mod_raw_inv_prime_working_limbs( N->limbs ); mbedtls_mpi_mod_raw_inv_prime_working_limbs(N->limbs);
mbedtls_mpi_uint *working_memory = mbedtls_calloc( working_limbs, mbedtls_mpi_uint *working_memory = mbedtls_calloc(working_limbs,
sizeof(mbedtls_mpi_uint) ); sizeof(mbedtls_mpi_uint));
if( working_memory == NULL ) if (working_memory == NULL) {
return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); return MBEDTLS_ERR_MPI_ALLOC_FAILED;
}
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
switch( N->int_rep ) switch (N->int_rep) {
{
case MBEDTLS_MPI_MOD_REP_MONTGOMERY: case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
ret = mbedtls_mpi_mod_inv_mont( X, A, N, working_memory ); ret = mbedtls_mpi_mod_inv_mont(X, A, N, working_memory);
break; break;
case MBEDTLS_MPI_MOD_REP_OPT_RED: case MBEDTLS_MPI_MOD_REP_OPT_RED:
ret = mbedtls_mpi_mod_inv_non_mont( X, A, N, working_memory ); ret = mbedtls_mpi_mod_inv_non_mont(X, A, N, working_memory);
break; break;
default: default:
ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
break; break;
} }
mbedtls_platform_zeroize( working_memory, mbedtls_platform_zeroize(working_memory,
working_limbs * sizeof(mbedtls_mpi_uint) ); working_limbs * sizeof(mbedtls_mpi_uint));
mbedtls_free( working_memory ); mbedtls_free(working_memory);
return ret; return ret;
} }
@ -309,99 +316,106 @@ int mbedtls_mpi_mod_inv( mbedtls_mpi_mod_residue *X,
/* END MERGE SLOT 4 */ /* END MERGE SLOT 4 */
/* BEGIN MERGE SLOT 5 */ /* BEGIN MERGE SLOT 5 */
int mbedtls_mpi_mod_add( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_add(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
if( X->limbs != N->limbs || A->limbs != N->limbs || B->limbs != N->limbs ) if (X->limbs != N->limbs || A->limbs != N->limbs || B->limbs != N->limbs) {
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
mbedtls_mpi_mod_raw_add(X->p, A->p, B->p, N); mbedtls_mpi_mod_raw_add(X->p, A->p, B->p, N);
return( 0 ); return 0;
} }
/* END MERGE SLOT 5 */ /* END MERGE SLOT 5 */
/* BEGIN MERGE SLOT 6 */ /* BEGIN MERGE SLOT 6 */
int mbedtls_mpi_mod_random( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_random(mbedtls_mpi_mod_residue *X,
mbedtls_mpi_uint min, mbedtls_mpi_uint min,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng)
{ {
if( X->limbs != N->limbs ) if (X->limbs != N->limbs) {
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
return( mbedtls_mpi_mod_raw_random( X->p, min, N, f_rng, p_rng ) ); }
return mbedtls_mpi_mod_raw_random(X->p, min, N, f_rng, p_rng);
} }
/* END MERGE SLOT 6 */ /* END MERGE SLOT 6 */
/* BEGIN MERGE SLOT 7 */ /* BEGIN MERGE SLOT 7 */
int mbedtls_mpi_mod_read( mbedtls_mpi_mod_residue *r, int mbedtls_mpi_mod_read(mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
mbedtls_mpi_mod_ext_rep ext_rep ) mbedtls_mpi_mod_ext_rep ext_rep)
{ {
int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
/* Do our best to check if r and m have been set up */ /* Do our best to check if r and m have been set up */
if( r->limbs == 0 || m->limbs == 0 ) if (r->limbs == 0 || m->limbs == 0) {
goto cleanup; goto cleanup;
if( r->limbs != m->limbs ) }
goto cleanup; if (r->limbs != m->limbs) {
ret = mbedtls_mpi_mod_raw_read( r->p, m, buf, buflen, ext_rep );
if( ret != 0 )
goto cleanup;
r->limbs = m->limbs;
ret = mbedtls_mpi_mod_raw_canonical_to_modulus_rep( r->p, m );
cleanup:
return ( ret );
}
int mbedtls_mpi_mod_write( const mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m,
unsigned char *buf,
size_t buflen,
mbedtls_mpi_mod_ext_rep ext_rep )
{
int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
/* Do our best to check if r and m have been set up */
if( r->limbs == 0 || m->limbs == 0 )
goto cleanup;
if( r->limbs != m->limbs )
goto cleanup;
if( m->int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY )
{
ret = mbedtls_mpi_mod_raw_from_mont_rep( r->p, m );
if( ret != 0 )
goto cleanup; goto cleanup;
} }
ret = mbedtls_mpi_mod_raw_write( r->p, m, buf, buflen, ext_rep ); ret = mbedtls_mpi_mod_raw_read(r->p, m, buf, buflen, ext_rep);
if (ret != 0) {
goto cleanup;
}
if( m->int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY ) r->limbs = m->limbs;
{
ret = mbedtls_mpi_mod_raw_canonical_to_modulus_rep(r->p, m);
cleanup:
return ret;
}
int mbedtls_mpi_mod_write(const mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m,
unsigned char *buf,
size_t buflen,
mbedtls_mpi_mod_ext_rep ext_rep)
{
int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
/* Do our best to check if r and m have been set up */
if (r->limbs == 0 || m->limbs == 0) {
goto cleanup;
}
if (r->limbs != m->limbs) {
goto cleanup;
}
if (m->int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY) {
ret = mbedtls_mpi_mod_raw_from_mont_rep(r->p, m);
if (ret != 0) {
goto cleanup;
}
}
ret = mbedtls_mpi_mod_raw_write(r->p, m, buf, buflen, ext_rep);
if (m->int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY) {
/* If this fails, the value of r is corrupted and we want to return /* If this fails, the value of r is corrupted and we want to return
* this error (as opposed to the error code from the write above) to * this error (as opposed to the error code from the write above) to
* let the caller know. If it succeeds, we want to return the error * let the caller know. If it succeeds, we want to return the error
* code from write above. */ * code from write above. */
int conv_ret = mbedtls_mpi_mod_raw_to_mont_rep( r->p, m ); int conv_ret = mbedtls_mpi_mod_raw_to_mont_rep(r->p, m);
if( ret == 0 ) if (ret == 0) {
ret = conv_ret; ret = conv_ret;
} }
}
cleanup: cleanup:
return ( ret ); return ret;
} }
/* END MERGE SLOT 7 */ /* END MERGE SLOT 7 */

54
library/bignum_mod.h
View File

@ -92,8 +92,7 @@
* This also determines which fields of the modulus structure are valid and * This also determines which fields of the modulus structure are valid and
* what their contents are (see #mbedtls_mpi_mod_modulus). * what their contents are (see #mbedtls_mpi_mod_modulus).
*/ */
typedef enum typedef enum {
{
/** Representation not chosen (makes the modulus structure invalid). */ /** Representation not chosen (makes the modulus structure invalid). */
MBEDTLS_MPI_MOD_REP_INVALID = 0, MBEDTLS_MPI_MOD_REP_INVALID = 0,
/* Skip 1 as it is slightly easier to accidentally pass to functions. */ /* Skip 1 as it is slightly easier to accidentally pass to functions. */
@ -108,15 +107,13 @@ typedef enum
/* Make mbedtls_mpi_mod_rep_selector and mbedtls_mpi_mod_ext_rep disjoint to /* Make mbedtls_mpi_mod_rep_selector and mbedtls_mpi_mod_ext_rep disjoint to
* make it easier to catch when they are accidentally swapped. */ * make it easier to catch when they are accidentally swapped. */
typedef enum typedef enum {
{
MBEDTLS_MPI_MOD_EXT_REP_INVALID = 0, MBEDTLS_MPI_MOD_EXT_REP_INVALID = 0,
MBEDTLS_MPI_MOD_EXT_REP_LE = 8, MBEDTLS_MPI_MOD_EXT_REP_LE = 8,
MBEDTLS_MPI_MOD_EXT_REP_BE MBEDTLS_MPI_MOD_EXT_REP_BE
} mbedtls_mpi_mod_ext_rep; } mbedtls_mpi_mod_ext_rep;
typedef struct typedef struct {
{
mbedtls_mpi_uint *p; mbedtls_mpi_uint *p;
size_t limbs; size_t limbs;
} mbedtls_mpi_mod_residue; } mbedtls_mpi_mod_residue;
@ -133,8 +130,7 @@ typedef struct {
size_t limbs; // number of limbs size_t limbs; // number of limbs
size_t bits; // bitlen of p size_t bits; // bitlen of p
mbedtls_mpi_mod_rep_selector int_rep; // selector to signal the active member of the union mbedtls_mpi_mod_rep_selector int_rep; // selector to signal the active member of the union
union rep union rep {
{
/* if int_rep == #MBEDTLS_MPI_MOD_REP_MONTGOMERY */ /* if int_rep == #MBEDTLS_MPI_MOD_REP_MONTGOMERY */
mbedtls_mpi_mont_struct mont; mbedtls_mpi_mont_struct mont;
/* if int_rep == #MBEDTLS_MPI_MOD_REP_OPT_RED */ /* if int_rep == #MBEDTLS_MPI_MOD_REP_OPT_RED */
@ -170,10 +166,10 @@ typedef struct {
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p p_limbs is less than the * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p p_limbs is less than the
* limbs in \p m or if \p p is not less than \p m. * limbs in \p m or if \p p is not less than \p m.
*/ */
int mbedtls_mpi_mod_residue_setup( mbedtls_mpi_mod_residue *r, int mbedtls_mpi_mod_residue_setup(mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
mbedtls_mpi_uint *p, mbedtls_mpi_uint *p,
size_t p_limbs ); size_t p_limbs);
/** Unbind elements of a residue structure. /** Unbind elements of a residue structure.
* *
@ -185,13 +181,13 @@ int mbedtls_mpi_mod_residue_setup( mbedtls_mpi_mod_residue *r,
* *
* \param[out] r The address of residue to release. * \param[out] r The address of residue to release.
*/ */
void mbedtls_mpi_mod_residue_release( mbedtls_mpi_mod_residue *r ); void mbedtls_mpi_mod_residue_release(mbedtls_mpi_mod_residue *r);
/** Initialize a modulus structure. /** Initialize a modulus structure.
* *
* \param[out] m The address of the modulus structure to initialize. * \param[out] m The address of the modulus structure to initialize.
*/ */
void mbedtls_mpi_mod_modulus_init( mbedtls_mpi_mod_modulus *m ); void mbedtls_mpi_mod_modulus_init(mbedtls_mpi_mod_modulus *m);
/** Setup a modulus structure. /** Setup a modulus structure.
* *
@ -207,10 +203,10 @@ void mbedtls_mpi_mod_modulus_init( mbedtls_mpi_mod_modulus *m );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p int_rep is invalid. * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p int_rep is invalid.
*/ */
int mbedtls_mpi_mod_modulus_setup( mbedtls_mpi_mod_modulus *m, int mbedtls_mpi_mod_modulus_setup(mbedtls_mpi_mod_modulus *m,
const mbedtls_mpi_uint *p, const mbedtls_mpi_uint *p,
size_t p_limbs, size_t p_limbs,
mbedtls_mpi_mod_rep_selector int_rep ); mbedtls_mpi_mod_rep_selector int_rep);
/** Free elements of a modulus structure. /** Free elements of a modulus structure.
* *
@ -222,7 +218,7 @@ int mbedtls_mpi_mod_modulus_setup( mbedtls_mpi_mod_modulus *m,
* *
* \param[in,out] m The address of the modulus structure to free. * \param[in,out] m The address of the modulus structure to free.
*/ */
void mbedtls_mpi_mod_modulus_free( mbedtls_mpi_mod_modulus *m ); void mbedtls_mpi_mod_modulus_free(mbedtls_mpi_mod_modulus *m);
/* BEGIN MERGE SLOT 1 */ /* BEGIN MERGE SLOT 1 */
@ -259,10 +255,10 @@ void mbedtls_mpi_mod_modulus_free( mbedtls_mpi_mod_modulus *m );
* have the same number of limbs or \p N is invalid. * have the same number of limbs or \p N is invalid.
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
*/ */
int mbedtls_mpi_mod_mul( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_mul(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/* END MERGE SLOT 2 */ /* END MERGE SLOT 2 */
@ -292,10 +288,10 @@ int mbedtls_mpi_mod_mul( mbedtls_mpi_mod_residue *X,
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the given MPIs do not * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the given MPIs do not
* have the correct number of limbs. * have the correct number of limbs.
*/ */
int mbedtls_mpi_mod_sub( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_sub(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/** /**
* \brief Perform modular inversion of an MPI with respect to a modulus \p N. * \brief Perform modular inversion of an MPI with respect to a modulus \p N.
@ -322,9 +318,9 @@ int mbedtls_mpi_mod_sub( mbedtls_mpi_mod_residue *X,
* by the inversion calculation itself). * by the inversion calculation itself).
*/ */
int mbedtls_mpi_mod_inv( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_inv(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/* END MERGE SLOT 3 */ /* END MERGE SLOT 3 */
/* BEGIN MERGE SLOT 4 */ /* BEGIN MERGE SLOT 4 */
@ -358,10 +354,10 @@ int mbedtls_mpi_mod_inv( mbedtls_mpi_mod_residue *X,
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the given MPIs do not * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the given MPIs do not
* have the correct number of limbs. * have the correct number of limbs.
*/ */
int mbedtls_mpi_mod_add( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_add(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/* END MERGE SLOT 5 */ /* END MERGE SLOT 5 */
/* BEGIN MERGE SLOT 6 */ /* BEGIN MERGE SLOT 6 */
@ -393,11 +389,11 @@ int mbedtls_mpi_mod_add( mbedtls_mpi_mod_residue *X,
* is significantly larger than \p min, which is the case * is significantly larger than \p min, which is the case
* for all usual cryptographic applications. * for all usual cryptographic applications.
*/ */
int mbedtls_mpi_mod_random( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_random(mbedtls_mpi_mod_residue *X,
mbedtls_mpi_uint min, mbedtls_mpi_uint min,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/* END MERGE SLOT 6 */ /* END MERGE SLOT 6 */
@ -425,11 +421,11 @@ int mbedtls_mpi_mod_random( mbedtls_mpi_mod_residue *X,
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p ext_rep * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p ext_rep
* is invalid or the value in the buffer is not less than \p m. * is invalid or the value in the buffer is not less than \p m.
*/ */
int mbedtls_mpi_mod_read( mbedtls_mpi_mod_residue *r, int mbedtls_mpi_mod_read(mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
mbedtls_mpi_mod_ext_rep ext_rep ); mbedtls_mpi_mod_ext_rep ext_rep);
/** Write a residue into a byte buffer. /** Write a residue into a byte buffer.
* *
@ -463,11 +459,11 @@ int mbedtls_mpi_mod_read( mbedtls_mpi_mod_residue *r,
* memory for conversion. Can occur only for moduli with * memory for conversion. Can occur only for moduli with
* MBEDTLS_MPI_MOD_REP_MONTGOMERY. * MBEDTLS_MPI_MOD_REP_MONTGOMERY.
*/ */
int mbedtls_mpi_mod_write( const mbedtls_mpi_mod_residue *r, int mbedtls_mpi_mod_write(const mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
unsigned char *buf, unsigned char *buf,
size_t buflen, size_t buflen,
mbedtls_mpi_mod_ext_rep ext_rep ); mbedtls_mpi_mod_ext_rep ext_rep);
/* END MERGE SLOT 7 */ /* END MERGE SLOT 7 */
/* BEGIN MERGE SLOT 8 */ /* BEGIN MERGE SLOT 8 */

181
library/bignum_mod_raw.c
View File

@ -33,74 +33,72 @@
#include "bignum_mod.h" #include "bignum_mod.h"
#include "constant_time_internal.h" #include "constant_time_internal.h"
void mbedtls_mpi_mod_raw_cond_assign( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_cond_assign(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
unsigned char assign ) unsigned char assign)
{ {
mbedtls_mpi_core_cond_assign( X, A, N->limbs, assign ); mbedtls_mpi_core_cond_assign(X, A, N->limbs, assign);
} }
void mbedtls_mpi_mod_raw_cond_swap( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_cond_swap(mbedtls_mpi_uint *X,
mbedtls_mpi_uint *Y, mbedtls_mpi_uint *Y,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
unsigned char swap ) unsigned char swap)
{ {
mbedtls_mpi_core_cond_swap( X, Y, N->limbs, swap ); mbedtls_mpi_core_cond_swap(X, Y, N->limbs, swap);
} }
int mbedtls_mpi_mod_raw_read( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_read(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
const unsigned char *input, const unsigned char *input,
size_t input_length, size_t input_length,
mbedtls_mpi_mod_ext_rep ext_rep ) mbedtls_mpi_mod_ext_rep ext_rep)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
switch( ext_rep ) switch (ext_rep) {
{
case MBEDTLS_MPI_MOD_EXT_REP_LE: case MBEDTLS_MPI_MOD_EXT_REP_LE:
ret = mbedtls_mpi_core_read_le( X, m->limbs, ret = mbedtls_mpi_core_read_le(X, m->limbs,
input, input_length ); input, input_length);
break; break;
case MBEDTLS_MPI_MOD_EXT_REP_BE: case MBEDTLS_MPI_MOD_EXT_REP_BE:
ret = mbedtls_mpi_core_read_be( X, m->limbs, ret = mbedtls_mpi_core_read_be(X, m->limbs,
input, input_length ); input, input_length);
break; break;
default: default:
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
} }
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
if( !mbedtls_mpi_core_lt_ct( X, m->p, m->limbs ) ) if (!mbedtls_mpi_core_lt_ct(X, m->p, m->limbs)) {
{
ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
goto cleanup; goto cleanup;
} }
cleanup: cleanup:
return( ret ); return ret;
} }
int mbedtls_mpi_mod_raw_write( const mbedtls_mpi_uint *A, int mbedtls_mpi_mod_raw_write(const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
unsigned char *output, unsigned char *output,
size_t output_length, size_t output_length,
mbedtls_mpi_mod_ext_rep ext_rep ) mbedtls_mpi_mod_ext_rep ext_rep)
{ {
switch( ext_rep ) switch (ext_rep) {
{
case MBEDTLS_MPI_MOD_EXT_REP_LE: case MBEDTLS_MPI_MOD_EXT_REP_LE:
return( mbedtls_mpi_core_write_le( A, m->limbs, return mbedtls_mpi_core_write_le(A, m->limbs,
output, output_length ) ); output, output_length);
case MBEDTLS_MPI_MOD_EXT_REP_BE: case MBEDTLS_MPI_MOD_EXT_REP_BE:
return( mbedtls_mpi_core_write_be( A, m->limbs, return mbedtls_mpi_core_write_be(A, m->limbs,
output, output_length ) ); output, output_length);
default: default:
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
} }
} }
@ -110,45 +108,45 @@ int mbedtls_mpi_mod_raw_write( const mbedtls_mpi_uint *A,
/* BEGIN MERGE SLOT 2 */ /* BEGIN MERGE SLOT 2 */
void mbedtls_mpi_mod_raw_sub( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_sub(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
mbedtls_mpi_uint c = mbedtls_mpi_core_sub( X, A, B, N->limbs ); mbedtls_mpi_uint c = mbedtls_mpi_core_sub(X, A, B, N->limbs);
(void) mbedtls_mpi_core_add_if( X, N->p, N->limbs, (unsigned) c ); (void) mbedtls_mpi_core_add_if(X, N->p, N->limbs, (unsigned) c);
} }
void mbedtls_mpi_mod_raw_mul( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_mul(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
mbedtls_mpi_uint *T ) mbedtls_mpi_uint *T)
{ {
mbedtls_mpi_core_montmul( X, A, B, N->limbs, N->p, N->limbs, mbedtls_mpi_core_montmul(X, A, B, N->limbs, N->p, N->limbs,
N->rep.mont.mm, T ); N->rep.mont.mm, T);
} }
/* END MERGE SLOT 2 */ /* END MERGE SLOT 2 */
/* BEGIN MERGE SLOT 3 */ /* BEGIN MERGE SLOT 3 */
size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs( size_t AN_limbs ) size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs(size_t AN_limbs)
{ {
/* mbedtls_mpi_mod_raw_inv_prime() needs a temporary for the exponent, /* mbedtls_mpi_mod_raw_inv_prime() needs a temporary for the exponent,
* which will be the same size as the modulus and input (AN_limbs), * which will be the same size as the modulus and input (AN_limbs),
* and additional space to pass to mbedtls_mpi_core_exp_mod(). */ * and additional space to pass to mbedtls_mpi_core_exp_mod(). */
return( AN_limbs + return AN_limbs +
mbedtls_mpi_core_exp_mod_working_limbs( AN_limbs, AN_limbs ) ); mbedtls_mpi_core_exp_mod_working_limbs(AN_limbs, AN_limbs);
} }
void mbedtls_mpi_mod_raw_inv_prime( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_inv_prime(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *N, const mbedtls_mpi_uint *N,
size_t AN_limbs, size_t AN_limbs,
const mbedtls_mpi_uint *RR, const mbedtls_mpi_uint *RR,
mbedtls_mpi_uint *T ) mbedtls_mpi_uint *T)
{ {
/* Inversion by power: g^|G| = 1 => g^(-1) = g^(|G|-1), and /* Inversion by power: g^|G| = 1 => g^(-1) = g^(|G|-1), and
* |G| = N - 1, so we want * |G| = N - 1, so we want
@ -157,12 +155,12 @@ void mbedtls_mpi_mod_raw_inv_prime( mbedtls_mpi_uint *X,
/* Use the first AN_limbs of T to hold N - 2 */ /* Use the first AN_limbs of T to hold N - 2 */
mbedtls_mpi_uint *Nminus2 = T; mbedtls_mpi_uint *Nminus2 = T;
(void) mbedtls_mpi_core_sub_int( Nminus2, N, 2, AN_limbs ); (void) mbedtls_mpi_core_sub_int(Nminus2, N, 2, AN_limbs);
/* Rest of T is given to exp_mod for its working space */ /* Rest of T is given to exp_mod for its working space */
mbedtls_mpi_core_exp_mod( X, mbedtls_mpi_core_exp_mod(X,
A, N, AN_limbs, Nminus2, AN_limbs, A, N, AN_limbs, Nminus2, AN_limbs,
RR, T + AN_limbs ); RR, T + AN_limbs);
} }
/* END MERGE SLOT 3 */ /* END MERGE SLOT 3 */
@ -172,15 +170,15 @@ void mbedtls_mpi_mod_raw_inv_prime( mbedtls_mpi_uint *X,
/* END MERGE SLOT 4 */ /* END MERGE SLOT 4 */
/* BEGIN MERGE SLOT 5 */ /* BEGIN MERGE SLOT 5 */
void mbedtls_mpi_mod_raw_add( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_add(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
mbedtls_mpi_uint carry, borrow; mbedtls_mpi_uint carry, borrow;
carry = mbedtls_mpi_core_add( X, A, B, N->limbs ); carry = mbedtls_mpi_core_add(X, A, B, N->limbs);
borrow = mbedtls_mpi_core_sub( X, X, N->p, N->limbs ); borrow = mbedtls_mpi_core_sub(X, X, N->p, N->limbs);
(void) mbedtls_mpi_core_add_if( X, N->p, N->limbs, (unsigned) ( carry ^ borrow ) ); (void) mbedtls_mpi_core_add_if(X, N->p, N->limbs, (unsigned) (carry ^ borrow));
} }
/* END MERGE SLOT 5 */ /* END MERGE SLOT 5 */
@ -188,92 +186,93 @@ void mbedtls_mpi_mod_raw_add( mbedtls_mpi_uint *X,
int mbedtls_mpi_mod_raw_canonical_to_modulus_rep( int mbedtls_mpi_mod_raw_canonical_to_modulus_rep(
mbedtls_mpi_uint *X, mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
switch( N->int_rep ) switch (N->int_rep) {
{
case MBEDTLS_MPI_MOD_REP_MONTGOMERY: case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
return( mbedtls_mpi_mod_raw_to_mont_rep( X, N ) ); return mbedtls_mpi_mod_raw_to_mont_rep(X, N);
case MBEDTLS_MPI_MOD_REP_OPT_RED: case MBEDTLS_MPI_MOD_REP_OPT_RED:
return( 0 ); return 0;
default: default:
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
} }
} }
int mbedtls_mpi_mod_raw_modulus_to_canonical_rep( int mbedtls_mpi_mod_raw_modulus_to_canonical_rep(
mbedtls_mpi_uint *X, mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
switch( N->int_rep ) switch (N->int_rep) {
{
case MBEDTLS_MPI_MOD_REP_MONTGOMERY: case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
return( mbedtls_mpi_mod_raw_from_mont_rep( X, N ) ); return mbedtls_mpi_mod_raw_from_mont_rep(X, N);
case MBEDTLS_MPI_MOD_REP_OPT_RED: case MBEDTLS_MPI_MOD_REP_OPT_RED:
return( 0 ); return 0;
default: default:
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
} }
} }
int mbedtls_mpi_mod_raw_random( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_random(mbedtls_mpi_uint *X,
mbedtls_mpi_uint min, mbedtls_mpi_uint min,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng)
{ {
int ret = mbedtls_mpi_core_random( X, min, N->p, N->limbs, f_rng, p_rng ); int ret = mbedtls_mpi_core_random(X, min, N->p, N->limbs, f_rng, p_rng);
if( ret != 0 ) if (ret != 0) {
return( ret ); return ret;
return( mbedtls_mpi_mod_raw_canonical_to_modulus_rep( X, N ) ); }
return mbedtls_mpi_mod_raw_canonical_to_modulus_rep(X, N);
} }
/* END MERGE SLOT 6 */ /* END MERGE SLOT 6 */
/* BEGIN MERGE SLOT 7 */ /* BEGIN MERGE SLOT 7 */
int mbedtls_mpi_mod_raw_to_mont_rep( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_to_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *m ) const mbedtls_mpi_mod_modulus *m)
{ {
mbedtls_mpi_uint *T; mbedtls_mpi_uint *T;
const size_t t_limbs = mbedtls_mpi_core_montmul_working_limbs( m->limbs ); const size_t t_limbs = mbedtls_mpi_core_montmul_working_limbs(m->limbs);
if( ( T = (mbedtls_mpi_uint *) mbedtls_calloc( t_limbs, ciL ) ) == NULL ) if ((T = (mbedtls_mpi_uint *) mbedtls_calloc(t_limbs, ciL)) == NULL) {
return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); return MBEDTLS_ERR_MPI_ALLOC_FAILED;
}
mbedtls_mpi_core_to_mont_rep( X, X, m->p, m->limbs, mbedtls_mpi_core_to_mont_rep(X, X, m->p, m->limbs,
m->rep.mont.mm, m->rep.mont.rr, T ); m->rep.mont.mm, m->rep.mont.rr, T);
mbedtls_platform_zeroize( T, t_limbs * ciL ); mbedtls_platform_zeroize(T, t_limbs * ciL);
mbedtls_free( T ); mbedtls_free(T);
return( 0 ); return 0;
} }
int mbedtls_mpi_mod_raw_from_mont_rep( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_from_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *m ) const mbedtls_mpi_mod_modulus *m)
{ {
const size_t t_limbs = mbedtls_mpi_core_montmul_working_limbs( m->limbs ); const size_t t_limbs = mbedtls_mpi_core_montmul_working_limbs(m->limbs);
mbedtls_mpi_uint *T; mbedtls_mpi_uint *T;
if( ( T = (mbedtls_mpi_uint *) mbedtls_calloc( t_limbs, ciL ) ) == NULL ) if ((T = (mbedtls_mpi_uint *) mbedtls_calloc(t_limbs, ciL)) == NULL) {
return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); return MBEDTLS_ERR_MPI_ALLOC_FAILED;
}
mbedtls_mpi_core_from_mont_rep( X, X, m->p, m->limbs, m->rep.mont.mm, T ); mbedtls_mpi_core_from_mont_rep(X, X, m->p, m->limbs, m->rep.mont.mm, T);
mbedtls_platform_zeroize( T, t_limbs * ciL ); mbedtls_platform_zeroize(T, t_limbs * ciL);
mbedtls_free( T ); mbedtls_free(T);
return( 0 ); return 0;
} }
void mbedtls_mpi_mod_raw_neg( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_neg(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *m ) const mbedtls_mpi_mod_modulus *m)
{ {
mbedtls_mpi_core_sub( X, m->p, A, m->limbs ); mbedtls_mpi_core_sub(X, m->p, A, m->limbs);
/* If A=0 initially, then X=N now. Detect this by /* If A=0 initially, then X=N now. Detect this by
* subtracting N and catching the carry. */ * subtracting N and catching the carry. */
mbedtls_mpi_uint borrow = mbedtls_mpi_core_sub( X, X, m->p, m->limbs ); mbedtls_mpi_uint borrow = mbedtls_mpi_core_sub(X, X, m->p, m->limbs);
(void) mbedtls_mpi_core_add_if( X, m->p, m->limbs, (unsigned) borrow ); (void) mbedtls_mpi_core_add_if(X, m->p, m->limbs, (unsigned) borrow);
} }
/* END MERGE SLOT 7 */ /* END MERGE SLOT 7 */

52
library/bignum_mod_raw.h
View File

@ -109,10 +109,10 @@
* is indeterminate, and the resulting value in \p X might be * is indeterminate, and the resulting value in \p X might be
* neither its original value nor the value in \p A. * neither its original value nor the value in \p A.
*/ */
void mbedtls_mpi_mod_raw_cond_assign( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_cond_assign(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
unsigned char assign ); unsigned char assign);
/** /**
* \brief Perform a safe conditional swap of two MPIs which doesn't reveal * \brief Perform a safe conditional swap of two MPIs which doesn't reveal
@ -135,10 +135,10 @@ void mbedtls_mpi_mod_raw_cond_assign( mbedtls_mpi_uint *X,
* is indeterminate, and both \p X and \p Y might end up with * is indeterminate, and both \p X and \p Y might end up with
* values different to either of the original ones. * values different to either of the original ones.
*/ */
void mbedtls_mpi_mod_raw_cond_swap( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_cond_swap(mbedtls_mpi_uint *X,
mbedtls_mpi_uint *Y, mbedtls_mpi_uint *Y,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
unsigned char swap ); unsigned char swap);
/** Import X from unsigned binary data. /** Import X from unsigned binary data.
* *
@ -159,11 +159,11 @@ void mbedtls_mpi_mod_raw_cond_swap( mbedtls_mpi_uint *X,
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the external representation * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the external representation
* of \p m is invalid or \p X is not less than \p m. * of \p m is invalid or \p X is not less than \p m.
*/ */
int mbedtls_mpi_mod_raw_read( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_read(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
const unsigned char *input, const unsigned char *input,
size_t input_length, size_t input_length,
mbedtls_mpi_mod_ext_rep ext_rep ); mbedtls_mpi_mod_ext_rep ext_rep);
/** Export A into unsigned binary data. /** Export A into unsigned binary data.
* *
@ -181,11 +181,11 @@ int mbedtls_mpi_mod_raw_read( mbedtls_mpi_uint *X,
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the external representation * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the external representation
* of \p m is invalid. * of \p m is invalid.
*/ */
int mbedtls_mpi_mod_raw_write( const mbedtls_mpi_uint *A, int mbedtls_mpi_mod_raw_write(const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
unsigned char *output, unsigned char *output,
size_t output_length, size_t output_length,
mbedtls_mpi_mod_ext_rep ext_rep ); mbedtls_mpi_mod_ext_rep ext_rep);
/* BEGIN MERGE SLOT 1 */ /* BEGIN MERGE SLOT 1 */
@ -210,10 +210,10 @@ int mbedtls_mpi_mod_raw_write( const mbedtls_mpi_uint *A,
* \param[in] N The address of the modulus. Used to perform a modulo * \param[in] N The address of the modulus. Used to perform a modulo
* operation on the result of the subtraction. * operation on the result of the subtraction.
*/ */
void mbedtls_mpi_mod_raw_sub( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_sub(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/** \brief Multiply two MPIs, returning the residue modulo the specified /** \brief Multiply two MPIs, returning the residue modulo the specified
* modulus. * modulus.
@ -244,11 +244,11 @@ void mbedtls_mpi_mod_raw_sub( mbedtls_mpi_uint *X,
* It must not alias or otherwise overlap any of the * It must not alias or otherwise overlap any of the
* other parameters. * other parameters.
*/ */
void mbedtls_mpi_mod_raw_mul( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_mul(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
mbedtls_mpi_uint *T ); mbedtls_mpi_uint *T);
/* END MERGE SLOT 2 */ /* END MERGE SLOT 2 */
@ -269,7 +269,7 @@ void mbedtls_mpi_mod_raw_mul( mbedtls_mpi_uint *X,
* \return The number of limbs of working memory required by * \return The number of limbs of working memory required by
* `mbedtls_mpi_mod_raw_inv_prime()`. * `mbedtls_mpi_mod_raw_inv_prime()`.
*/ */
size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs( size_t AN_limbs ); size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs(size_t AN_limbs);
/** /**
* \brief Perform fixed-width modular inversion of a Montgomery-form MPI with * \brief Perform fixed-width modular inversion of a Montgomery-form MPI with
@ -296,12 +296,12 @@ size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs( size_t AN_limbs );
* longer needed, and before freeing it if it was dynamically * longer needed, and before freeing it if it was dynamically
* allocated. * allocated.
*/ */
void mbedtls_mpi_mod_raw_inv_prime( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_inv_prime(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *N, const mbedtls_mpi_uint *N,
size_t AN_limbs, size_t AN_limbs,
const mbedtls_mpi_uint *RR, const mbedtls_mpi_uint *RR,
mbedtls_mpi_uint *T ); mbedtls_mpi_uint *T);
/* END MERGE SLOT 3 */ /* END MERGE SLOT 3 */
@ -328,10 +328,10 @@ void mbedtls_mpi_mod_raw_inv_prime( mbedtls_mpi_uint *X,
* must be smaller than \p N. * must be smaller than \p N.
* \param[in] N The address of the modulus. * \param[in] N The address of the modulus.
*/ */
void mbedtls_mpi_mod_raw_add( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_add(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/* END MERGE SLOT 5 */ /* END MERGE SLOT 5 */
/* BEGIN MERGE SLOT 6 */ /* BEGIN MERGE SLOT 6 */
@ -351,7 +351,7 @@ void mbedtls_mpi_mod_raw_add( mbedtls_mpi_uint *X,
*/ */
int mbedtls_mpi_mod_raw_canonical_to_modulus_rep( int mbedtls_mpi_mod_raw_canonical_to_modulus_rep(
mbedtls_mpi_uint *X, mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/** Convert an MPI from the representation associated with the modulus /** Convert an MPI from the representation associated with the modulus
* to canonical representation (little-endian limb array). * to canonical representation (little-endian limb array).
@ -368,7 +368,7 @@ int mbedtls_mpi_mod_raw_canonical_to_modulus_rep(
*/ */
int mbedtls_mpi_mod_raw_modulus_to_canonical_rep( int mbedtls_mpi_mod_raw_modulus_to_canonical_rep(
mbedtls_mpi_uint *X, mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/** Generate a random number uniformly in a range. /** Generate a random number uniformly in a range.
* *
@ -398,11 +398,11 @@ int mbedtls_mpi_mod_raw_modulus_to_canonical_rep(
* is significantly larger than \p min, which is the case * is significantly larger than \p min, which is the case
* for all usual cryptographic applications. * for all usual cryptographic applications.
*/ */
int mbedtls_mpi_mod_raw_random( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_random(mbedtls_mpi_uint *X,
mbedtls_mpi_uint min, mbedtls_mpi_uint min,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/* END MERGE SLOT 6 */ /* END MERGE SLOT 6 */
@ -416,8 +416,8 @@ int mbedtls_mpi_mod_raw_random( mbedtls_mpi_uint *X,
* *
* \return \c 0 if successful. * \return \c 0 if successful.
*/ */
int mbedtls_mpi_mod_raw_to_mont_rep( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_to_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *m ); const mbedtls_mpi_mod_modulus *m);
/** Convert an MPI back from Montgomery representation. /** Convert an MPI back from Montgomery representation.
* *
@ -428,8 +428,8 @@ int mbedtls_mpi_mod_raw_to_mont_rep( mbedtls_mpi_uint *X,
* *
* \return \c 0 if successful. * \return \c 0 if successful.
*/ */
int mbedtls_mpi_mod_raw_from_mont_rep( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_from_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *m ); const mbedtls_mpi_mod_modulus *m);
/** \brief Perform fixed width modular negation. /** \brief Perform fixed width modular negation.
* *
@ -444,7 +444,7 @@ int mbedtls_mpi_mod_raw_from_mont_rep( mbedtls_mpi_uint *X,
* must be less than or equal to \p m. * must be less than or equal to \p m.
* \param[in] m The modulus to use. * \param[in] m The modulus to use.
*/ */
void mbedtls_mpi_mod_raw_neg( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_neg(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *m); const mbedtls_mpi_mod_modulus *m);
/* END MERGE SLOT 7 */ /* END MERGE SLOT 7 */

46
library/bn_mul.h
View File

@ -47,36 +47,36 @@
*/ */
#if defined(MBEDTLS_HAVE_INT32) #if defined(MBEDTLS_HAVE_INT32)
#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \ #define MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d) \
( (mbedtls_mpi_uint) (a) << 0 ) | \ ((mbedtls_mpi_uint) (a) << 0) | \
( (mbedtls_mpi_uint) (b) << 8 ) | \ ((mbedtls_mpi_uint) (b) << 8) | \
( (mbedtls_mpi_uint) (c) << 16 ) | \ ((mbedtls_mpi_uint) (c) << 16) | \
( (mbedtls_mpi_uint) (d) << 24 ) ((mbedtls_mpi_uint) (d) << 24)
#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \ #define MBEDTLS_BYTES_TO_T_UINT_2(a, b) \
MBEDTLS_BYTES_TO_T_UINT_4( a, b, 0, 0 ) MBEDTLS_BYTES_TO_T_UINT_4(a, b, 0, 0)
#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ #define MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, e, f, g, h) \
MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ), \ MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d), \
MBEDTLS_BYTES_TO_T_UINT_4( e, f, g, h ) MBEDTLS_BYTES_TO_T_UINT_4(e, f, g, h)
#else /* 64-bits */ #else /* 64-bits */
#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ #define MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, e, f, g, h) \
( (mbedtls_mpi_uint) (a) << 0 ) | \ ((mbedtls_mpi_uint) (a) << 0) | \
( (mbedtls_mpi_uint) (b) << 8 ) | \ ((mbedtls_mpi_uint) (b) << 8) | \
( (mbedtls_mpi_uint) (c) << 16 ) | \ ((mbedtls_mpi_uint) (c) << 16) | \
( (mbedtls_mpi_uint) (d) << 24 ) | \ ((mbedtls_mpi_uint) (d) << 24) | \
( (mbedtls_mpi_uint) (e) << 32 ) | \ ((mbedtls_mpi_uint) (e) << 32) | \
( (mbedtls_mpi_uint) (f) << 40 ) | \ ((mbedtls_mpi_uint) (f) << 40) | \
( (mbedtls_mpi_uint) (g) << 48 ) | \ ((mbedtls_mpi_uint) (g) << 48) | \
( (mbedtls_mpi_uint) (h) << 56 ) ((mbedtls_mpi_uint) (h) << 56)
#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \ #define MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d) \
MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 ) MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, 0, 0, 0, 0)
#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \ #define MBEDTLS_BYTES_TO_T_UINT_2(a, b) \
MBEDTLS_BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 ) MBEDTLS_BYTES_TO_T_UINT_8(a, b, 0, 0, 0, 0, 0, 0)
#endif /* bits in mbedtls_mpi_uint */ #endif /* bits in mbedtls_mpi_uint */

531
library/camellia.c
View File

@ -50,27 +50,27 @@ static const unsigned char SIGMA_CHARS[6][8] =
static const unsigned char FSb[256] = static const unsigned char FSb[256] =
{ {
112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65, 112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65,
35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189, 35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189,
134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26, 134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26,
166,225, 57,202,213, 71, 93, 61,217, 1, 90,214, 81, 86,108, 77, 166, 225, 57, 202, 213, 71, 93, 61, 217, 1, 90, 214, 81, 86, 108, 77,
139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153, 139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153,
223, 76,203,194, 52,126,118, 5,109,183,169, 49,209, 23, 4,215, 223, 76, 203, 194, 52, 126, 118, 5, 109, 183, 169, 49, 209, 23, 4, 215,
20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34, 20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34,
254, 68,207,178,195,181,122,145, 36, 8,232,168, 96,252,105, 80, 254, 68, 207, 178, 195, 181, 122, 145, 36, 8, 232, 168, 96, 252, 105, 80,
170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210, 170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210,
16,196, 0, 72,163,247,117,219,138, 3,230,218, 9, 63,221,148, 16, 196, 0, 72, 163, 247, 117, 219, 138, 3, 230, 218, 9, 63, 221, 148,
135, 92,131, 2,205, 74,144, 51,115,103,246,243,157,127,191,226, 135, 92, 131, 2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226,
82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46, 82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46,
233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89, 233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89,
120,152, 6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250, 120, 152, 6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250,
114, 7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164, 114, 7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164,
64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158 64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158
}; };
#define SBOX1(n) FSb[(n)] #define SBOX1(n) FSb[(n)]
#define SBOX2(n) (unsigned char)((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff) #define SBOX2(n) (unsigned char) ((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff)
#define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff) #define SBOX3(n) (unsigned char) ((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff)
#define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff] #define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff]
#else /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ #else /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
@ -222,57 +222,57 @@ static const signed char transposes[2][20] =
/* Shift macro for 128 bit strings with rotation smaller than 32 bits (!) */ /* Shift macro for 128 bit strings with rotation smaller than 32 bits (!) */
#define ROTL(DEST, SRC, SHIFT) \ #define ROTL(DEST, SRC, SHIFT) \
{ \ { \
(DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT)); \ (DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT)); \
(DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT)); \ (DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT)); \
(DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT)); \ (DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT)); \
(DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT)); \ (DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT)); \
} }
#define FL(XL, XR, KL, KR) \ #define FL(XL, XR, KL, KR) \
{ \ { \
(XR) = ((((XL) & (KL)) << 1) | (((XL) & (KL)) >> 31)) ^ (XR); \ (XR) = ((((XL) &(KL)) << 1) | (((XL) &(KL)) >> 31)) ^ (XR); \
(XL) = ((XR) | (KR)) ^ (XL); \ (XL) = ((XR) | (KR)) ^ (XL); \
} }
#define FLInv(YL, YR, KL, KR) \ #define FLInv(YL, YR, KL, KR) \
{ \ { \
(YL) = ((YR) | (KR)) ^ (YL); \ (YL) = ((YR) | (KR)) ^ (YL); \
(YR) = ((((YL) & (KL)) << 1) | (((YL) & (KL)) >> 31)) ^ (YR); \ (YR) = ((((YL) &(KL)) << 1) | (((YL) &(KL)) >> 31)) ^ (YR); \
} }
#define SHIFT_AND_PLACE(INDEX, OFFSET) \ #define SHIFT_AND_PLACE(INDEX, OFFSET) \
{ \ { \
TK[0] = KC[(OFFSET) * 4 + 0]; \ TK[0] = KC[(OFFSET) * 4 + 0]; \
TK[1] = KC[(OFFSET) * 4 + 1]; \ TK[1] = KC[(OFFSET) * 4 + 1]; \
TK[2] = KC[(OFFSET) * 4 + 2]; \ TK[2] = KC[(OFFSET) * 4 + 2]; \
TK[3] = KC[(OFFSET) * 4 + 3]; \ TK[3] = KC[(OFFSET) * 4 + 3]; \
\ \
for( i = 1; i <= 4; i++ ) \ for (i = 1; i <= 4; i++) \
if( shifts[(INDEX)][(OFFSET)][i -1] ) \ if (shifts[(INDEX)][(OFFSET)][i -1]) \
ROTL(TK + i * 4, TK, ( 15 * i ) % 32); \ ROTL(TK + i * 4, TK, (15 * i) % 32); \
\ \
for( i = 0; i < 20; i++ ) \ for (i = 0; i < 20; i++) \
if( indexes[(INDEX)][(OFFSET)][i] != -1 ) { \ if (indexes[(INDEX)][(OFFSET)][i] != -1) { \
RK[indexes[(INDEX)][(OFFSET)][i]] = TK[ i ]; \ RK[indexes[(INDEX)][(OFFSET)][i]] = TK[i]; \
} \ } \
} }
static void camellia_feistel( const uint32_t x[2], const uint32_t k[2], static void camellia_feistel(const uint32_t x[2], const uint32_t k[2],
uint32_t z[2]) uint32_t z[2])
{ {
uint32_t I0, I1; uint32_t I0, I1;
I0 = x[0] ^ k[0]; I0 = x[0] ^ k[0];
I1 = x[1] ^ k[1]; I1 = x[1] ^ k[1];
I0 = ((uint32_t) SBOX1( MBEDTLS_BYTE_3( I0 )) << 24) | I0 = ((uint32_t) SBOX1(MBEDTLS_BYTE_3(I0)) << 24) |
((uint32_t) SBOX2( MBEDTLS_BYTE_2( I0 )) << 16) | ((uint32_t) SBOX2(MBEDTLS_BYTE_2(I0)) << 16) |
((uint32_t) SBOX3( MBEDTLS_BYTE_1( I0 )) << 8) | ((uint32_t) SBOX3(MBEDTLS_BYTE_1(I0)) << 8) |
((uint32_t) SBOX4( MBEDTLS_BYTE_0( I0 )) ); ((uint32_t) SBOX4(MBEDTLS_BYTE_0(I0)));
I1 = ((uint32_t) SBOX2( MBEDTLS_BYTE_3( I1 )) << 24) | I1 = ((uint32_t) SBOX2(MBEDTLS_BYTE_3(I1)) << 24) |
((uint32_t) SBOX3( MBEDTLS_BYTE_2( I1 )) << 16) | ((uint32_t) SBOX3(MBEDTLS_BYTE_2(I1)) << 16) |
((uint32_t) SBOX4( MBEDTLS_BYTE_1( I1 )) << 8) | ((uint32_t) SBOX4(MBEDTLS_BYTE_1(I1)) << 8) |
((uint32_t) SBOX1( MBEDTLS_BYTE_0( I1 )) ); ((uint32_t) SBOX1(MBEDTLS_BYTE_0(I1)));
I0 ^= (I1 << 8) | (I1 >> 24); I0 ^= (I1 << 8) | (I1 >> 24);
I1 ^= (I0 << 16) | (I0 >> 16); I1 ^= (I0 << 16) | (I0 >> 16);
@ -283,25 +283,26 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2],
z[1] ^= I0; z[1] ^= I0;
} }
void mbedtls_camellia_init( mbedtls_camellia_context *ctx ) void mbedtls_camellia_init(mbedtls_camellia_context *ctx)
{ {
memset( ctx, 0, sizeof( mbedtls_camellia_context ) ); memset(ctx, 0, sizeof(mbedtls_camellia_context));
} }
void mbedtls_camellia_free( mbedtls_camellia_context *ctx ) void mbedtls_camellia_free(mbedtls_camellia_context *ctx)
{ {
if( ctx == NULL ) if (ctx == NULL) {
return; return;
}
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_camellia_context ) ); mbedtls_platform_zeroize(ctx, sizeof(mbedtls_camellia_context));
} }
/* /*
* Camellia key schedule (encryption) * Camellia key schedule (encryption)
*/ */
int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ) unsigned int keybits)
{ {
int idx; int idx;
size_t i; size_t i;
@ -313,63 +314,68 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
RK = ctx->rk; RK = ctx->rk;
memset( t, 0, 64 ); memset(t, 0, 64);
memset( RK, 0, sizeof(ctx->rk) ); memset(RK, 0, sizeof(ctx->rk));
switch( keybits ) switch (keybits) {
{
case 128: ctx->nr = 3; idx = 0; break; case 128: ctx->nr = 3; idx = 0; break;
case 192: case 192:
case 256: ctx->nr = 4; idx = 1; break; case 256: ctx->nr = 4; idx = 1; break;
default : return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ); default: return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA;
} }
for( i = 0; i < keybits / 8; ++i ) for (i = 0; i < keybits / 8; ++i) {
t[i] = key[i]; t[i] = key[i];
}
if( keybits == 192 ) { if (keybits == 192) {
for( i = 0; i < 8; i++ ) for (i = 0; i < 8; i++) {
t[24 + i] = ~t[16 + i]; t[24 + i] = ~t[16 + i];
} }
}
/* /*
* Prepare SIGMA values * Prepare SIGMA values
*/ */
for( i = 0; i < 6; i++ ) { for (i = 0; i < 6; i++) {
SIGMA[i][0] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 0 ); SIGMA[i][0] = MBEDTLS_GET_UINT32_BE(SIGMA_CHARS[i], 0);
SIGMA[i][1] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 4 ); SIGMA[i][1] = MBEDTLS_GET_UINT32_BE(SIGMA_CHARS[i], 4);
} }
/* /*
* Key storage in KC * Key storage in KC
* Order: KL, KR, KA, KB * Order: KL, KR, KA, KB
*/ */
memset( KC, 0, sizeof(KC) ); memset(KC, 0, sizeof(KC));
/* Store KL, KR */ /* Store KL, KR */
for( i = 0; i < 8; i++ ) for (i = 0; i < 8; i++) {
KC[i] = MBEDTLS_GET_UINT32_BE( t, i * 4 ); KC[i] = MBEDTLS_GET_UINT32_BE(t, i * 4);
}
/* Generate KA */ /* Generate KA */
for( i = 0; i < 4; ++i ) for (i = 0; i < 4; ++i) {
KC[8 + i] = KC[i] ^ KC[4 + i]; KC[8 + i] = KC[i] ^ KC[4 + i];
}
camellia_feistel( KC + 8, SIGMA[0], KC + 10 ); camellia_feistel(KC + 8, SIGMA[0], KC + 10);
camellia_feistel( KC + 10, SIGMA[1], KC + 8 ); camellia_feistel(KC + 10, SIGMA[1], KC + 8);
for( i = 0; i < 4; ++i ) for (i = 0; i < 4; ++i) {
KC[8 + i] ^= KC[i]; KC[8 + i] ^= KC[i];
}
camellia_feistel( KC + 8, SIGMA[2], KC + 10 ); camellia_feistel(KC + 8, SIGMA[2], KC + 10);
camellia_feistel( KC + 10, SIGMA[3], KC + 8 ); camellia_feistel(KC + 10, SIGMA[3], KC + 8);
if( keybits > 128 ) { if (keybits > 128) {
/* Generate KB */ /* Generate KB */
for( i = 0; i < 4; ++i ) for (i = 0; i < 4; ++i) {
KC[12 + i] = KC[4 + i] ^ KC[8 + i]; KC[12 + i] = KC[4 + i] ^ KC[8 + i];
}
camellia_feistel( KC + 12, SIGMA[4], KC + 14 ); camellia_feistel(KC + 12, SIGMA[4], KC + 14);
camellia_feistel( KC + 14, SIGMA[5], KC + 12 ); camellia_feistel(KC + 14, SIGMA[5], KC + 12);
} }
/* /*
@ -377,37 +383,37 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
*/ */
/* Manipulating KL */ /* Manipulating KL */
SHIFT_AND_PLACE( idx, 0 ); SHIFT_AND_PLACE(idx, 0);
/* Manipulating KR */ /* Manipulating KR */
if( keybits > 128 ) { if (keybits > 128) {
SHIFT_AND_PLACE( idx, 1 ); SHIFT_AND_PLACE(idx, 1);
} }
/* Manipulating KA */ /* Manipulating KA */
SHIFT_AND_PLACE( idx, 2 ); SHIFT_AND_PLACE(idx, 2);
/* Manipulating KB */ /* Manipulating KB */
if( keybits > 128 ) { if (keybits > 128) {
SHIFT_AND_PLACE( idx, 3 ); SHIFT_AND_PLACE(idx, 3);
} }
/* Do transpositions */ /* Do transpositions */
for( i = 0; i < 20; i++ ) { for (i = 0; i < 20; i++) {
if( transposes[idx][i] != -1 ) { if (transposes[idx][i] != -1) {
RK[32 + 12 * idx + i] = RK[transposes[idx][i]]; RK[32 + 12 * idx + i] = RK[transposes[idx][i]];
} }
} }
return( 0 ); return 0;
} }
/* /*
* Camellia key schedule (decryption) * Camellia key schedule (decryption)
*/ */
int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ) unsigned int keybits)
{ {
int idx, ret; int idx, ret;
size_t i; size_t i;
@ -415,14 +421,15 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
uint32_t *RK; uint32_t *RK;
uint32_t *SK; uint32_t *SK;
mbedtls_camellia_init( &cty ); mbedtls_camellia_init(&cty);
/* Also checks keybits */ /* Also checks keybits */
if( ( ret = mbedtls_camellia_setkey_enc( &cty, key, keybits ) ) != 0 ) if ((ret = mbedtls_camellia_setkey_enc(&cty, key, keybits)) != 0) {
goto exit; goto exit;
}
ctx->nr = cty.nr; ctx->nr = cty.nr;
idx = ( ctx->nr == 4 ); idx = (ctx->nr == 4);
RK = ctx->rk; RK = ctx->rk;
SK = cty.rk + 24 * 2 + 8 * idx * 2; SK = cty.rk + 24 * 2 + 8 * idx * 2;
@ -432,8 +439,7 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
*RK++ = *SK++; *RK++ = *SK++;
*RK++ = *SK++; *RK++ = *SK++;
for( i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4 ) for (i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4) {
{
*RK++ = *SK++; *RK++ = *SK++;
*RK++ = *SK++; *RK++ = *SK++;
} }
@ -446,55 +452,56 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
*RK++ = *SK++; *RK++ = *SK++;
exit: exit:
mbedtls_camellia_free( &cty ); mbedtls_camellia_free(&cty);
return( ret ); return ret;
} }
/* /*
* Camellia-ECB block encryption/decryption * Camellia-ECB block encryption/decryption
*/ */
int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16])
{ {
int NR; int NR;
uint32_t *RK, X[4]; uint32_t *RK, X[4];
if( mode != MBEDTLS_CAMELLIA_ENCRYPT && mode != MBEDTLS_CAMELLIA_DECRYPT ) if (mode != MBEDTLS_CAMELLIA_ENCRYPT && mode != MBEDTLS_CAMELLIA_DECRYPT) {
return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA; return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA;
}
( (void) mode ); ((void) mode);
NR = ctx->nr; NR = ctx->nr;
RK = ctx->rk; RK = ctx->rk;
X[0] = MBEDTLS_GET_UINT32_BE( input, 0 ); X[0] = MBEDTLS_GET_UINT32_BE(input, 0);
X[1] = MBEDTLS_GET_UINT32_BE( input, 4 ); X[1] = MBEDTLS_GET_UINT32_BE(input, 4);
X[2] = MBEDTLS_GET_UINT32_BE( input, 8 ); X[2] = MBEDTLS_GET_UINT32_BE(input, 8);
X[3] = MBEDTLS_GET_UINT32_BE( input, 12 ); X[3] = MBEDTLS_GET_UINT32_BE(input, 12);
X[0] ^= *RK++; X[0] ^= *RK++;
X[1] ^= *RK++; X[1] ^= *RK++;
X[2] ^= *RK++; X[2] ^= *RK++;
X[3] ^= *RK++; X[3] ^= *RK++;
while( NR ) { while (NR) {
--NR; --NR;
camellia_feistel( X, RK, X + 2 ); camellia_feistel(X, RK, X + 2);
RK += 2; RK += 2;
camellia_feistel( X + 2, RK, X ); camellia_feistel(X + 2, RK, X);
RK += 2; RK += 2;
camellia_feistel( X, RK, X + 2 ); camellia_feistel(X, RK, X + 2);
RK += 2; RK += 2;
camellia_feistel( X + 2, RK, X ); camellia_feistel(X + 2, RK, X);
RK += 2; RK += 2;
camellia_feistel( X, RK, X + 2 ); camellia_feistel(X, RK, X + 2);
RK += 2; RK += 2;
camellia_feistel( X + 2, RK, X ); camellia_feistel(X + 2, RK, X);
RK += 2; RK += 2;
if( NR ) { if (NR) {
FL(X[0], X[1], RK[0], RK[1]); FL(X[0], X[1], RK[0], RK[1]);
RK += 2; RK += 2;
FLInv(X[2], X[3], RK[0], RK[1]); FLInv(X[2], X[3], RK[0], RK[1]);
@ -507,56 +514,53 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
X[0] ^= *RK++; X[0] ^= *RK++;
X[1] ^= *RK++; X[1] ^= *RK++;
MBEDTLS_PUT_UINT32_BE( X[2], output, 0 ); MBEDTLS_PUT_UINT32_BE(X[2], output, 0);
MBEDTLS_PUT_UINT32_BE( X[3], output, 4 ); MBEDTLS_PUT_UINT32_BE(X[3], output, 4);
MBEDTLS_PUT_UINT32_BE( X[0], output, 8 ); MBEDTLS_PUT_UINT32_BE(X[0], output, 8);
MBEDTLS_PUT_UINT32_BE( X[1], output, 12 ); MBEDTLS_PUT_UINT32_BE(X[1], output, 12);
return( 0 ); return 0;
} }
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/* /*
* Camellia-CBC buffer encryption/decryption * Camellia-CBC buffer encryption/decryption
*/ */
int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, int mbedtls_camellia_crypt_cbc(mbedtls_camellia_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
unsigned char temp[16]; unsigned char temp[16];
if( mode != MBEDTLS_CAMELLIA_ENCRYPT && mode != MBEDTLS_CAMELLIA_DECRYPT ) if (mode != MBEDTLS_CAMELLIA_ENCRYPT && mode != MBEDTLS_CAMELLIA_DECRYPT) {
return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA; return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA;
}
if( length % 16 ) if (length % 16) {
return( MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH ); return MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH;
}
if( mode == MBEDTLS_CAMELLIA_DECRYPT ) if (mode == MBEDTLS_CAMELLIA_DECRYPT) {
{ while (length > 0) {
while( length > 0 ) memcpy(temp, input, 16);
{ mbedtls_camellia_crypt_ecb(ctx, mode, input, output);
memcpy( temp, input, 16 );
mbedtls_camellia_crypt_ecb( ctx, mode, input, output );
mbedtls_xor( output, output, iv, 16 ); mbedtls_xor(output, output, iv, 16);
memcpy( iv, temp, 16 ); memcpy(iv, temp, 16);
input += 16; input += 16;
output += 16; output += 16;
length -= 16; length -= 16;
} }
} } else {
else while (length > 0) {
{ mbedtls_xor(output, input, iv, 16);
while( length > 0 )
{
mbedtls_xor( output, input, iv, 16 );
mbedtls_camellia_crypt_ecb( ctx, mode, output, output ); mbedtls_camellia_crypt_ecb(ctx, mode, output, output);
memcpy( iv, output, 16 ); memcpy(iv, output, 16);
input += 16; input += 16;
output += 16; output += 16;
@ -564,7 +568,7 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
} }
} }
return( 0 ); return 0;
} }
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
@ -572,53 +576,52 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
/* /*
* Camellia-CFB128 buffer encryption/decryption * Camellia-CFB128 buffer encryption/decryption
*/ */
int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
int c; int c;
size_t n; size_t n;
if( mode != MBEDTLS_CAMELLIA_ENCRYPT && mode != MBEDTLS_CAMELLIA_DECRYPT ) if (mode != MBEDTLS_CAMELLIA_ENCRYPT && mode != MBEDTLS_CAMELLIA_DECRYPT) {
return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA; return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA;
}
n = *iv_off; n = *iv_off;
if( n >= 16 ) if (n >= 16) {
return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ); return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA;
}
if( mode == MBEDTLS_CAMELLIA_DECRYPT ) if (mode == MBEDTLS_CAMELLIA_DECRYPT) {
{ while (length--) {
while( length-- ) if (n == 0) {
{ mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv);
if( n == 0 ) }
mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv );
c = *input++; c = *input++;
*output++ = (unsigned char)( c ^ iv[n] ); *output++ = (unsigned char) (c ^ iv[n]);
iv[n] = (unsigned char) c; iv[n] = (unsigned char) c;
n = ( n + 1 ) & 0x0F; n = (n + 1) & 0x0F;
} }
} else {
while (length--) {
if (n == 0) {
mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv);
} }
else
{
while( length-- )
{
if( n == 0 )
mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv );
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++);
n = ( n + 1 ) & 0x0F; n = (n + 1) & 0x0F;
} }
} }
*iv_off = n; *iv_off = n;
return( 0 ); return 0;
} }
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
@ -626,40 +629,42 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
/* /*
* Camellia-CTR buffer encryption/decryption * Camellia-CTR buffer encryption/decryption
*/ */
int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, int mbedtls_camellia_crypt_ctr(mbedtls_camellia_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[16], unsigned char nonce_counter[16],
unsigned char stream_block[16], unsigned char stream_block[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
int c, i; int c, i;
size_t n; size_t n;
n = *nc_off; n = *nc_off;
if( n >= 16 ) if (n >= 16) {
return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ); return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA;
}
while( length-- ) while (length--) {
{ if (n == 0) {
if( n == 0 ) { mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter,
mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter, stream_block);
stream_block );
for( i = 16; i > 0; i-- ) for (i = 16; i > 0; i--) {
if( ++nonce_counter[i - 1] != 0 ) if (++nonce_counter[i - 1] != 0) {
break; break;
} }
}
}
c = *input++; c = *input++;
*output++ = (unsigned char)( c ^ stream_block[n] ); *output++ = (unsigned char) (c ^ stream_block[n]);
n = ( n + 1 ) & 0x0F; n = (n + 1) & 0x0F;
} }
*nc_off = n; *nc_off = n;
return( 0 ); return 0;
} }
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#endif /* !MBEDTLS_CAMELLIA_ALT */ #endif /* !MBEDTLS_CAMELLIA_ALT */
@ -754,7 +759,7 @@ static const unsigned char camellia_test_cbc_key[3][32] =
static const unsigned char camellia_test_cbc_iv[16] = static const unsigned char camellia_test_cbc_iv[16] =
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F } 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }
; ;
@ -858,13 +863,13 @@ static const unsigned char camellia_test_ctr_ct[3][48] =
}; };
static const int camellia_test_ctr_len[3] = static const int camellia_test_ctr_len[3] =
{ 16, 32, 36 }; { 16, 32, 36 };
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
/* /*
* Checkup routine * Checkup routine
*/ */
int mbedtls_camellia_self_test( int verbose ) int mbedtls_camellia_self_test(int verbose)
{ {
int i, j, u, v; int i, j, u, v;
unsigned char key[32]; unsigned char key[32];
@ -883,163 +888,167 @@ int mbedtls_camellia_self_test( int verbose )
mbedtls_camellia_context ctx; mbedtls_camellia_context ctx;
mbedtls_camellia_init( &ctx ); mbedtls_camellia_init(&ctx);
memset( key, 0, 32 ); memset(key, 0, 32);
for( j = 0; j < 6; j++ ) { for (j = 0; j < 6; j++) {
u = j >> 1; u = j >> 1;
v = j & 1; v = j & 1;
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64, mbedtls_printf(" CAMELLIA-ECB-%3d (%s): ", 128 + u * 64,
(v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
for( i = 0; i < CAMELLIA_TESTS_ECB; i++ ) {
memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u );
if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 );
memcpy( src, camellia_test_ecb_cipher[u][i], 16 );
memcpy( dst, camellia_test_ecb_plain[i], 16 );
} else { /* MBEDTLS_CAMELLIA_ENCRYPT */
mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 );
memcpy( src, camellia_test_ecb_plain[i], 16 );
memcpy( dst, camellia_test_ecb_cipher[u][i], 16 );
} }
mbedtls_camellia_crypt_ecb( &ctx, v, src, buf ); for (i = 0; i < CAMELLIA_TESTS_ECB; i++) {
memcpy(key, camellia_test_ecb_key[u][i], 16 + 8 * u);
if( memcmp( buf, dst, 16 ) != 0 ) if (v == MBEDTLS_CAMELLIA_DECRYPT) {
{ mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64);
if( verbose != 0 ) memcpy(src, camellia_test_ecb_cipher[u][i], 16);
mbedtls_printf( "failed\n" ); memcpy(dst, camellia_test_ecb_plain[i], 16);
} else { /* MBEDTLS_CAMELLIA_ENCRYPT */
mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64);
memcpy(src, camellia_test_ecb_plain[i], 16);
memcpy(dst, camellia_test_ecb_cipher[u][i], 16);
}
mbedtls_camellia_crypt_ecb(&ctx, v, src, buf);
if (memcmp(buf, dst, 16) != 0) {
if (verbose != 0) {
mbedtls_printf("failed\n");
}
goto exit; goto exit;
} }
} }
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "passed\n" ); mbedtls_printf("passed\n");
}
} }
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "\n" ); mbedtls_printf("\n");
}
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/* /*
* CBC mode * CBC mode
*/ */
for( j = 0; j < 6; j++ ) for (j = 0; j < 6; j++) {
{
u = j >> 1; u = j >> 1;
v = j & 1; v = j & 1;
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64, mbedtls_printf(" CAMELLIA-CBC-%3d (%s): ", 128 + u * 64,
( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" ); (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
}
memcpy( src, camellia_test_cbc_iv, 16 ); memcpy(src, camellia_test_cbc_iv, 16);
memcpy( dst, camellia_test_cbc_iv, 16 ); memcpy(dst, camellia_test_cbc_iv, 16);
memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u ); memcpy(key, camellia_test_cbc_key[u], 16 + 8 * u);
if( v == MBEDTLS_CAMELLIA_DECRYPT ) { if (v == MBEDTLS_CAMELLIA_DECRYPT) {
mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 ); mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64);
} else { } else {
mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 ); mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64);
} }
for( i = 0; i < CAMELLIA_TESTS_CBC; i++ ) { for (i = 0; i < CAMELLIA_TESTS_CBC; i++) {
if( v == MBEDTLS_CAMELLIA_DECRYPT ) { if (v == MBEDTLS_CAMELLIA_DECRYPT) {
memcpy( iv , src, 16 ); memcpy(iv, src, 16);
memcpy( src, camellia_test_cbc_cipher[u][i], 16 ); memcpy(src, camellia_test_cbc_cipher[u][i], 16);
memcpy( dst, camellia_test_cbc_plain[i], 16 ); memcpy(dst, camellia_test_cbc_plain[i], 16);
} else { /* MBEDTLS_CAMELLIA_ENCRYPT */ } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
memcpy( iv , dst, 16 ); memcpy(iv, dst, 16);
memcpy( src, camellia_test_cbc_plain[i], 16 ); memcpy(src, camellia_test_cbc_plain[i], 16);
memcpy( dst, camellia_test_cbc_cipher[u][i], 16 ); memcpy(dst, camellia_test_cbc_cipher[u][i], 16);
} }
mbedtls_camellia_crypt_cbc( &ctx, v, 16, iv, src, buf ); mbedtls_camellia_crypt_cbc(&ctx, v, 16, iv, src, buf);
if( memcmp( buf, dst, 16 ) != 0 ) if (memcmp(buf, dst, 16) != 0) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf("failed\n");
mbedtls_printf( "failed\n" ); }
goto exit; goto exit;
} }
} }
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "passed\n" ); mbedtls_printf("passed\n");
}
} }
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "\n" ); mbedtls_printf("\n");
}
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/* /*
* CTR mode * CTR mode
*/ */
for( i = 0; i < 6; i++ ) for (i = 0; i < 6; i++) {
{
u = i >> 1; u = i >> 1;
v = i & 1; v = i & 1;
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( " CAMELLIA-CTR-128 (%s): ", mbedtls_printf(" CAMELLIA-CTR-128 (%s): ",
( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" ); (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
}
memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 ); memcpy(nonce_counter, camellia_test_ctr_nonce_counter[u], 16);
memcpy( key, camellia_test_ctr_key[u], 16 ); memcpy(key, camellia_test_ctr_key[u], 16);
offset = 0; offset = 0;
mbedtls_camellia_setkey_enc( &ctx, key, 128 ); mbedtls_camellia_setkey_enc(&ctx, key, 128);
if( v == MBEDTLS_CAMELLIA_DECRYPT ) if (v == MBEDTLS_CAMELLIA_DECRYPT) {
{
len = camellia_test_ctr_len[u]; len = camellia_test_ctr_len[u];
memcpy( buf, camellia_test_ctr_ct[u], len ); memcpy(buf, camellia_test_ctr_ct[u], len);
mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, mbedtls_camellia_crypt_ctr(&ctx, len, &offset, nonce_counter, stream_block,
buf, buf ); buf, buf);
if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 ) if (memcmp(buf, camellia_test_ctr_pt[u], len) != 0) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf("failed\n");
mbedtls_printf( "failed\n" ); }
goto exit; goto exit;
} }
} } else {
else
{
len = camellia_test_ctr_len[u]; len = camellia_test_ctr_len[u];
memcpy( buf, camellia_test_ctr_pt[u], len ); memcpy(buf, camellia_test_ctr_pt[u], len);
mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, mbedtls_camellia_crypt_ctr(&ctx, len, &offset, nonce_counter, stream_block,
buf, buf ); buf, buf);
if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 ) if (memcmp(buf, camellia_test_ctr_ct[u], len) != 0) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf("failed\n");
mbedtls_printf( "failed\n" ); }
goto exit; goto exit;
} }
} }
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "passed\n" ); mbedtls_printf("passed\n");
}
} }
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "\n" ); mbedtls_printf("\n");
}
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
ret = 0; ret = 0;
exit: exit:
mbedtls_camellia_free( &ctx ); mbedtls_camellia_free(&ctx);
return( ret ); return ret;
} }
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

482
library/ccm.c
View File

@ -51,50 +51,53 @@
/* /*
* Initialize context * Initialize context
*/ */
void mbedtls_ccm_init( mbedtls_ccm_context *ctx ) void mbedtls_ccm_init(mbedtls_ccm_context *ctx)
{ {
memset( ctx, 0, sizeof( mbedtls_ccm_context ) ); memset(ctx, 0, sizeof(mbedtls_ccm_context));
} }
int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx,
mbedtls_cipher_id_t cipher, mbedtls_cipher_id_t cipher,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ) unsigned int keybits)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const mbedtls_cipher_info_t *cipher_info; const mbedtls_cipher_info_t *cipher_info;
cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, cipher_info = mbedtls_cipher_info_from_values(cipher, keybits,
MBEDTLS_MODE_ECB ); MBEDTLS_MODE_ECB);
if( cipher_info == NULL ) if (cipher_info == NULL) {
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return MBEDTLS_ERR_CCM_BAD_INPUT;
if( cipher_info->block_size != 16 )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
mbedtls_cipher_free( &ctx->cipher_ctx );
if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 )
return( ret );
if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits,
MBEDTLS_ENCRYPT ) ) != 0 )
{
return( ret );
} }
return( 0 ); if (cipher_info->block_size != 16) {
return MBEDTLS_ERR_CCM_BAD_INPUT;
}
mbedtls_cipher_free(&ctx->cipher_ctx);
if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) {
return ret;
}
if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits,
MBEDTLS_ENCRYPT)) != 0) {
return ret;
}
return 0;
} }
/* /*
* Free context * Free context
*/ */
void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) void mbedtls_ccm_free(mbedtls_ccm_context *ctx)
{ {
if( ctx == NULL ) if (ctx == NULL) {
return; return;
mbedtls_cipher_free( &ctx->cipher_ctx ); }
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ccm_context ) ); mbedtls_cipher_free(&ctx->cipher_ctx);
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ccm_context));
} }
#define CCM_STATE__CLEAR 0 #define CCM_STATE__CLEAR 0
@ -107,33 +110,33 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx )
/* /*
* Encrypt or decrypt a partial block with CTR * Encrypt or decrypt a partial block with CTR
*/ */
static int mbedtls_ccm_crypt( mbedtls_ccm_context *ctx, static int mbedtls_ccm_crypt(mbedtls_ccm_context *ctx,
size_t offset, size_t use_len, size_t offset, size_t use_len,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
size_t olen = 0; size_t olen = 0;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char tmp_buf[16] = {0}; unsigned char tmp_buf[16] = { 0 };
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf,
&olen ) ) != 0 ) &olen)) != 0) {
{
ctx->state |= CCM_STATE__ERROR; ctx->state |= CCM_STATE__ERROR;
mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf));
return ret; return ret;
} }
mbedtls_xor( output, input, tmp_buf + offset, use_len ); mbedtls_xor(output, input, tmp_buf + offset, use_len);
mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf));
return ret; return ret;
} }
static void mbedtls_ccm_clear_state(mbedtls_ccm_context *ctx) { static void mbedtls_ccm_clear_state(mbedtls_ccm_context *ctx)
{
ctx->state = CCM_STATE__CLEAR; ctx->state = CCM_STATE__CLEAR;
memset( ctx->y, 0, 16); memset(ctx->y, 0, 16);
memset( ctx->ctr, 0, 16); memset(ctx->ctr, 0, 16);
} }
static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx)
@ -145,21 +148,18 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx)
/* length calculation can be done only after both /* length calculation can be done only after both
* mbedtls_ccm_starts() and mbedtls_ccm_set_lengths() have been executed * mbedtls_ccm_starts() and mbedtls_ccm_set_lengths() have been executed
*/ */
if( !(ctx->state & CCM_STATE__STARTED) || !(ctx->state & CCM_STATE__LENGTHS_SET) ) if (!(ctx->state & CCM_STATE__STARTED) || !(ctx->state & CCM_STATE__LENGTHS_SET)) {
return 0; return 0;
}
/* CCM expects non-empty tag. /* CCM expects non-empty tag.
* CCM* allows empty tag. For CCM* without tag, ignore plaintext length. * CCM* allows empty tag. For CCM* without tag, ignore plaintext length.
*/ */
if( ctx->tag_len == 0 ) if (ctx->tag_len == 0) {
{ if (ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT || ctx->mode == MBEDTLS_CCM_STAR_DECRYPT) {
if( ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT || ctx->mode == MBEDTLS_CCM_STAR_DECRYPT )
{
ctx->plaintext_len = 0; ctx->plaintext_len = 0;
} } else {
else return MBEDTLS_ERR_CCM_BAD_INPUT;
{
return( MBEDTLS_ERR_CCM_BAD_INPUT );
} }
} }
@ -175,37 +175,37 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx)
* 5 .. 3 (t - 2) / 2 * 5 .. 3 (t - 2) / 2
* 2 .. 0 q - 1 * 2 .. 0 q - 1
*/ */
ctx->y[0] |= ( ctx->add_len > 0 ) << 6; ctx->y[0] |= (ctx->add_len > 0) << 6;
ctx->y[0] |= ( ( ctx->tag_len - 2 ) / 2 ) << 3; ctx->y[0] |= ((ctx->tag_len - 2) / 2) << 3;
ctx->y[0] |= ctx->q - 1; ctx->y[0] |= ctx->q - 1;
for( i = 0, len_left = ctx->plaintext_len; i < ctx->q; i++, len_left >>= 8 ) for (i = 0, len_left = ctx->plaintext_len; i < ctx->q; i++, len_left >>= 8) {
ctx->y[15-i] = MBEDTLS_BYTE_0( len_left ); ctx->y[15-i] = MBEDTLS_BYTE_0(len_left);
}
if( len_left > 0 ) if (len_left > 0) {
{
ctx->state |= CCM_STATE__ERROR; ctx->state |= CCM_STATE__ERROR;
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
/* Start CBC-MAC with first block*/ /* Start CBC-MAC with first block*/
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) {
{
ctx->state |= CCM_STATE__ERROR; ctx->state |= CCM_STATE__ERROR;
return( ret ); return ret;
} }
return (0); return 0;
} }
int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, int mbedtls_ccm_starts(mbedtls_ccm_context *ctx,
int mode, int mode,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len ) size_t iv_len)
{ {
/* Also implies q is within bounds */ /* Also implies q is within bounds */
if( iv_len < 7 || iv_len > 13 ) if (iv_len < 7 || iv_len > 13) {
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return MBEDTLS_ERR_CCM_BAD_INPUT;
}
ctx->mode = mode; ctx->mode = mode;
ctx->q = 16 - 1 - (unsigned char) iv_len; ctx->q = 16 - 1 - (unsigned char) iv_len;
@ -220,25 +220,25 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx,
* 7 .. 3 0 * 7 .. 3 0
* 2 .. 0 q - 1 * 2 .. 0 q - 1
*/ */
memset( ctx->ctr, 0, 16); memset(ctx->ctr, 0, 16);
ctx->ctr[0] = ctx->q - 1; ctx->ctr[0] = ctx->q - 1;
memcpy( ctx->ctr + 1, iv, iv_len ); memcpy(ctx->ctr + 1, iv, iv_len);
memset( ctx->ctr + 1 + iv_len, 0, ctx->q ); memset(ctx->ctr + 1 + iv_len, 0, ctx->q);
ctx->ctr[15] = 1; ctx->ctr[15] = 1;
/* /*
* See ccm_calculate_first_block_if_ready() for block layout description * See ccm_calculate_first_block_if_ready() for block layout description
*/ */
memcpy( ctx->y + 1, iv, iv_len ); memcpy(ctx->y + 1, iv, iv_len);
ctx->state |= CCM_STATE__STARTED; ctx->state |= CCM_STATE__STARTED;
return ccm_calculate_first_block_if_ready(ctx); return ccm_calculate_first_block_if_ready(ctx);
} }
int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, int mbedtls_ccm_set_lengths(mbedtls_ccm_context *ctx,
size_t total_ad_len, size_t total_ad_len,
size_t plaintext_len, size_t plaintext_len,
size_t tag_len ) size_t tag_len)
{ {
/* /*
* Check length requirements: SP800-38C A.1 * Check length requirements: SP800-38C A.1
@ -247,11 +247,13 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx,
* *
* Also, loosen the requirements to enable support for CCM* (IEEE 802.15.4). * Also, loosen the requirements to enable support for CCM* (IEEE 802.15.4).
*/ */
if( tag_len == 2 || tag_len > 16 || tag_len % 2 != 0 ) if (tag_len == 2 || tag_len > 16 || tag_len % 2 != 0) {
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return MBEDTLS_ERR_CCM_BAD_INPUT;
}
if( total_ad_len >= 0xFF00 ) if (total_ad_len >= 0xFF00) {
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return MBEDTLS_ERR_CCM_BAD_INPUT;
}
ctx->plaintext_len = plaintext_len; ctx->plaintext_len = plaintext_len;
ctx->add_len = total_ad_len; ctx->add_len = total_ad_len;
@ -262,81 +264,72 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx,
return ccm_calculate_first_block_if_ready(ctx); return ccm_calculate_first_block_if_ready(ctx);
} }
int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx,
const unsigned char *add, const unsigned char *add,
size_t add_len ) size_t add_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t olen, use_len, offset; size_t olen, use_len, offset;
if( ctx->state & CCM_STATE__ERROR ) if (ctx->state & CCM_STATE__ERROR) {
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
if( add_len > 0 ) if (add_len > 0) {
{ if (ctx->state & CCM_STATE__AUTH_DATA_FINISHED) {
if( ctx->state & CCM_STATE__AUTH_DATA_FINISHED )
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
if( !(ctx->state & CCM_STATE__AUTH_DATA_STARTED) ) if (!(ctx->state & CCM_STATE__AUTH_DATA_STARTED)) {
{ if (add_len > ctx->add_len) {
if ( add_len > ctx->add_len )
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
ctx->y[0] ^= (unsigned char)( ( ctx->add_len >> 8 ) & 0xFF ); ctx->y[0] ^= (unsigned char) ((ctx->add_len >> 8) & 0xFF);
ctx->y[1] ^= (unsigned char)( ( ctx->add_len ) & 0xFF ); ctx->y[1] ^= (unsigned char) ((ctx->add_len) & 0xFF);
ctx->state |= CCM_STATE__AUTH_DATA_STARTED; ctx->state |= CCM_STATE__AUTH_DATA_STARTED;
} } else if (ctx->processed + add_len > ctx->add_len) {
else if ( ctx->processed + add_len > ctx->add_len )
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
while( add_len > 0 ) while (add_len > 0) {
{
offset = (ctx->processed + 2) % 16; /* account for y[0] and y[1] offset = (ctx->processed + 2) % 16; /* account for y[0] and y[1]
* holding total auth data length */ * holding total auth data length */
use_len = 16 - offset; use_len = 16 - offset;
if( use_len > add_len ) if (use_len > add_len) {
use_len = add_len; use_len = add_len;
}
mbedtls_xor( ctx->y + offset, ctx->y + offset, add, use_len ); mbedtls_xor(ctx->y + offset, ctx->y + offset, add, use_len);
ctx->processed += use_len; ctx->processed += use_len;
add_len -= use_len; add_len -= use_len;
add += use_len; add += use_len;
if( use_len + offset == 16 || ctx->processed == ctx->add_len ) if (use_len + offset == 16 || ctx->processed == ctx->add_len) {
{ if ((ret =
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) {
{
ctx->state |= CCM_STATE__ERROR; ctx->state |= CCM_STATE__ERROR;
return( ret ); return ret;
} }
} }
} }
if( ctx->processed == ctx->add_len ) if (ctx->processed == ctx->add_len) {
{
ctx->state |= CCM_STATE__AUTH_DATA_FINISHED; ctx->state |= CCM_STATE__AUTH_DATA_FINISHED;
ctx->processed = 0; // prepare for mbedtls_ccm_update() ctx->processed = 0; // prepare for mbedtls_ccm_update()
} }
} }
return (0); return 0;
} }
int mbedtls_ccm_update( mbedtls_ccm_context *ctx, int mbedtls_ccm_update(mbedtls_ccm_context *ctx,
const unsigned char *input, size_t input_len, const unsigned char *input, size_t input_len,
unsigned char *output, size_t output_size, unsigned char *output, size_t output_size,
size_t *output_len ) size_t *output_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char i; unsigned char i;
@ -344,89 +337,87 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx,
unsigned char local_output[16]; unsigned char local_output[16];
if( ctx->state & CCM_STATE__ERROR ) if (ctx->state & CCM_STATE__ERROR) {
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
/* Check against plaintext length only if performing operation with /* Check against plaintext length only if performing operation with
* authentication * authentication
*/ */
if( ctx->tag_len != 0 && ctx->processed + input_len > ctx->plaintext_len ) if (ctx->tag_len != 0 && ctx->processed + input_len > ctx->plaintext_len) {
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
if( output_size < input_len ) if (output_size < input_len) {
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return MBEDTLS_ERR_CCM_BAD_INPUT;
}
*output_len = input_len; *output_len = input_len;
ret = 0; ret = 0;
while ( input_len > 0 ) while (input_len > 0) {
{
offset = ctx->processed % 16; offset = ctx->processed % 16;
use_len = 16 - offset; use_len = 16 - offset;
if( use_len > input_len ) if (use_len > input_len) {
use_len = input_len; use_len = input_len;
}
ctx->processed += use_len; ctx->processed += use_len;
if( ctx->mode == MBEDTLS_CCM_ENCRYPT || \ if (ctx->mode == MBEDTLS_CCM_ENCRYPT || \
ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT ) ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT) {
{ mbedtls_xor(ctx->y + offset, ctx->y + offset, input, use_len);
mbedtls_xor( ctx->y + offset, ctx->y + offset, input, use_len );
if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) {
{ if ((ret =
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) {
{
ctx->state |= CCM_STATE__ERROR; ctx->state |= CCM_STATE__ERROR;
goto exit; goto exit;
} }
} }
ret = mbedtls_ccm_crypt( ctx, offset, use_len, input, output ); ret = mbedtls_ccm_crypt(ctx, offset, use_len, input, output);
if( ret != 0 ) if (ret != 0) {
goto exit; goto exit;
} }
}
if( ctx->mode == MBEDTLS_CCM_DECRYPT || \ if (ctx->mode == MBEDTLS_CCM_DECRYPT || \
ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) ctx->mode == MBEDTLS_CCM_STAR_DECRYPT) {
{
/* Since output may be in shared memory, we cannot be sure that /* Since output may be in shared memory, we cannot be sure that
* it will contain what we wrote to it. Therefore, we should avoid using * it will contain what we wrote to it. Therefore, we should avoid using
* it as input to any operations. * it as input to any operations.
* Write decrypted data to local_output to avoid using output variable as * Write decrypted data to local_output to avoid using output variable as
* input in the XOR operation for Y. * input in the XOR operation for Y.
*/ */
ret = mbedtls_ccm_crypt( ctx, offset, use_len, input, local_output ); ret = mbedtls_ccm_crypt(ctx, offset, use_len, input, local_output);
if( ret != 0 ) if (ret != 0) {
goto exit; goto exit;
}
mbedtls_xor( ctx->y + offset, ctx->y + offset, local_output, use_len ); mbedtls_xor(ctx->y + offset, ctx->y + offset, local_output, use_len);
memcpy( output, local_output, use_len ); memcpy(output, local_output, use_len);
mbedtls_platform_zeroize( local_output, 16 ); mbedtls_platform_zeroize(local_output, 16);
if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) {
{ if ((ret =
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) {
{
ctx->state |= CCM_STATE__ERROR; ctx->state |= CCM_STATE__ERROR;
goto exit; goto exit;
} }
} }
} }
if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) {
{ for (i = 0; i < ctx->q; i++) {
for( i = 0; i < ctx->q; i++ ) if (++(ctx->ctr)[15-i] != 0) {
if( ++(ctx->ctr)[15-i] != 0 )
break; break;
} }
}
}
input_len -= use_len; input_len -= use_len;
input += use_len; input += use_len;
@ -434,167 +425,172 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx,
} }
exit: exit:
mbedtls_platform_zeroize( local_output, 16 ); mbedtls_platform_zeroize(local_output, 16);
return ret; return ret;
} }
int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, int mbedtls_ccm_finish(mbedtls_ccm_context *ctx,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char i; unsigned char i;
if( ctx->state & CCM_STATE__ERROR ) if (ctx->state & CCM_STATE__ERROR) {
{
return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
} }
if( ctx->add_len > 0 && !( ctx->state & CCM_STATE__AUTH_DATA_FINISHED ) ) if (ctx->add_len > 0 && !(ctx->state & CCM_STATE__AUTH_DATA_FINISHED)) {
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
if( ctx->plaintext_len > 0 && ctx->processed != ctx->plaintext_len ) if (ctx->plaintext_len > 0 && ctx->processed != ctx->plaintext_len) {
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
/* /*
* Authentication: reset counter and crypt/mask internal tag * Authentication: reset counter and crypt/mask internal tag
*/ */
for( i = 0; i < ctx->q; i++ ) for (i = 0; i < ctx->q; i++) {
ctx->ctr[15-i] = 0; ctx->ctr[15-i] = 0;
}
ret = mbedtls_ccm_crypt( ctx, 0, 16, ctx->y, ctx->y ); ret = mbedtls_ccm_crypt(ctx, 0, 16, ctx->y, ctx->y);
if( ret != 0 ) if (ret != 0) {
return ret; return ret;
if( tag != NULL ) }
memcpy( tag, ctx->y, tag_len ); if (tag != NULL) {
memcpy(tag, ctx->y, tag_len);
}
mbedtls_ccm_clear_state(ctx); mbedtls_ccm_clear_state(ctx);
return( 0 ); return 0;
} }
/* /*
* Authenticated encryption or decryption * Authenticated encryption or decryption
*/ */
static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, static int ccm_auth_crypt(mbedtls_ccm_context *ctx, int mode, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t olen; size_t olen;
if( ( ret = mbedtls_ccm_starts( ctx, mode, iv, iv_len ) ) != 0 ) if ((ret = mbedtls_ccm_starts(ctx, mode, iv, iv_len)) != 0) {
return( ret ); return ret;
}
if( ( ret = mbedtls_ccm_set_lengths( ctx, add_len, length, tag_len ) ) != 0 ) if ((ret = mbedtls_ccm_set_lengths(ctx, add_len, length, tag_len)) != 0) {
return( ret ); return ret;
}
if( ( ret = mbedtls_ccm_update_ad( ctx, add, add_len ) ) != 0 ) if ((ret = mbedtls_ccm_update_ad(ctx, add, add_len)) != 0) {
return( ret ); return ret;
}
if( ( ret = mbedtls_ccm_update( ctx, input, length, if ((ret = mbedtls_ccm_update(ctx, input, length,
output, length, &olen ) ) != 0 ) output, length, &olen)) != 0) {
return( ret ); return ret;
}
if( ( ret = mbedtls_ccm_finish( ctx, tag, tag_len ) ) != 0 ) if ((ret = mbedtls_ccm_finish(ctx, tag, tag_len)) != 0) {
return( ret ); return ret;
}
return( 0 ); return 0;
} }
/* /*
* Authenticated encryption * Authenticated encryption
*/ */
int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len)
{ {
return( ccm_auth_crypt( ctx, MBEDTLS_CCM_STAR_ENCRYPT, length, iv, iv_len, return ccm_auth_crypt(ctx, MBEDTLS_CCM_STAR_ENCRYPT, length, iv, iv_len,
add, add_len, input, output, tag, tag_len ) ); add, add_len, input, output, tag, tag_len);
} }
int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len)
{ {
return( ccm_auth_crypt( ctx, MBEDTLS_CCM_ENCRYPT, length, iv, iv_len, return ccm_auth_crypt(ctx, MBEDTLS_CCM_ENCRYPT, length, iv, iv_len,
add, add_len, input, output, tag, tag_len ) ); add, add_len, input, output, tag, tag_len);
} }
/* /*
* Authenticated decryption * Authenticated decryption
*/ */
static int mbedtls_ccm_compare_tags(const unsigned char *tag1, const unsigned char *tag2, size_t tag_len) static int mbedtls_ccm_compare_tags(const unsigned char *tag1,
const unsigned char *tag2,
size_t tag_len)
{ {
unsigned char i; unsigned char i;
int diff; int diff;
/* Check tag in "constant-time" */ /* Check tag in "constant-time" */
for( diff = 0, i = 0; i < tag_len; i++ ) for (diff = 0, i = 0; i < tag_len; i++) {
diff |= tag1[i] ^ tag2[i]; diff |= tag1[i] ^ tag2[i];
if( diff != 0 )
{
return( MBEDTLS_ERR_CCM_AUTH_FAILED );
} }
return( 0 ); if (diff != 0) {
return MBEDTLS_ERR_CCM_AUTH_FAILED;
}
return 0;
} }
static int ccm_auth_decrypt( mbedtls_ccm_context *ctx, int mode, size_t length, static int ccm_auth_decrypt(mbedtls_ccm_context *ctx, int mode, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len ) const unsigned char *tag, size_t tag_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char check_tag[16]; unsigned char check_tag[16];
if( ( ret = ccm_auth_crypt( ctx, mode, length, if ((ret = ccm_auth_crypt(ctx, mode, length,
iv, iv_len, add, add_len, iv, iv_len, add, add_len,
input, output, check_tag, tag_len ) ) != 0 ) input, output, check_tag, tag_len)) != 0) {
{ return ret;
return( ret );
} }
if( ( ret = mbedtls_ccm_compare_tags( tag, check_tag, tag_len ) ) != 0 ) if ((ret = mbedtls_ccm_compare_tags(tag, check_tag, tag_len)) != 0) {
{ mbedtls_platform_zeroize(output, length);
mbedtls_platform_zeroize( output, length ); return ret;
return( ret );
} }
return( 0 ); return 0;
} }
int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len ) const unsigned char *tag, size_t tag_len)
{ {
return ccm_auth_decrypt( ctx, MBEDTLS_CCM_STAR_DECRYPT, length, return ccm_auth_decrypt(ctx, MBEDTLS_CCM_STAR_DECRYPT, length,
iv, iv_len, add, add_len, iv, iv_len, add, add_len,
input, output, tag, tag_len ); input, output, tag, tag_len);
} }
int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len ) const unsigned char *tag, size_t tag_len)
{ {
return ccm_auth_decrypt( ctx, MBEDTLS_CCM_DECRYPT, length, return ccm_auth_decrypt(ctx, MBEDTLS_CCM_DECRYPT, length,
iv, iv_len, add, add_len, iv, iv_len, add, add_len,
input, output, tag, tag_len ); input, output, tag, tag_len);
} }
#endif /* !MBEDTLS_CCM_ALT */ #endif /* !MBEDTLS_CCM_ALT */
@ -631,7 +627,7 @@ static const unsigned char msg_test_data[CCM_SELFTEST_PT_MAX_LEN] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
}; };
static const size_t iv_len_test_data [NB_TESTS] = { 7, 8, 12 }; static const size_t iv_len_test_data[NB_TESTS] = { 7, 8, 12 };
static const size_t add_len_test_data[NB_TESTS] = { 8, 16, 20 }; static const size_t add_len_test_data[NB_TESTS] = { 8, 16, 20 };
static const size_t msg_len_test_data[NB_TESTS] = { 4, 16, 24 }; static const size_t msg_len_test_data[NB_TESTS] = { 4, 16, 24 };
static const size_t tag_len_test_data[NB_TESTS] = { 4, 6, 8 }; static const size_t tag_len_test_data[NB_TESTS] = { 4, 6, 8 };
@ -647,7 +643,7 @@ static const unsigned char res_test_data[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = {
0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 } 0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 }
}; };
int mbedtls_ccm_self_test( int verbose ) int mbedtls_ccm_self_test(int verbose)
{ {
mbedtls_ccm_context ctx; mbedtls_ccm_context ctx;
/* /*
@ -660,70 +656,72 @@ int mbedtls_ccm_self_test( int verbose )
size_t i; size_t i;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ccm_init( &ctx ); mbedtls_ccm_init(&ctx);
if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key_test_data, if (mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key_test_data,
8 * sizeof key_test_data ) != 0 ) 8 * sizeof key_test_data) != 0) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf(" CCM: setup failed");
mbedtls_printf( " CCM: setup failed" );
return( 1 );
} }
for( i = 0; i < NB_TESTS; i++ ) return 1;
{ }
if( verbose != 0 )
mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 );
memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); for (i = 0; i < NB_TESTS; i++) {
memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN ); if (verbose != 0) {
memcpy( plaintext, msg_test_data, msg_len_test_data[i] ); mbedtls_printf(" CCM-AES #%u: ", (unsigned int) i + 1);
}
ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len_test_data[i], memset(plaintext, 0, CCM_SELFTEST_PT_MAX_LEN);
memset(ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN);
memcpy(plaintext, msg_test_data, msg_len_test_data[i]);
ret = mbedtls_ccm_encrypt_and_tag(&ctx, msg_len_test_data[i],
iv_test_data, iv_len_test_data[i], iv_test_data, iv_len_test_data[i],
ad_test_data, add_len_test_data[i], ad_test_data, add_len_test_data[i],
plaintext, ciphertext, plaintext, ciphertext,
ciphertext + msg_len_test_data[i], ciphertext + msg_len_test_data[i],
tag_len_test_data[i] ); tag_len_test_data[i]);
if( ret != 0 || if (ret != 0 ||
memcmp( ciphertext, res_test_data[i], memcmp(ciphertext, res_test_data[i],
msg_len_test_data[i] + tag_len_test_data[i] ) != 0 ) msg_len_test_data[i] + tag_len_test_data[i]) != 0) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf("failed\n");
mbedtls_printf( "failed\n" );
return( 1 );
} }
memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len_test_data[i], return 1;
}
memset(plaintext, 0, CCM_SELFTEST_PT_MAX_LEN);
ret = mbedtls_ccm_auth_decrypt(&ctx, msg_len_test_data[i],
iv_test_data, iv_len_test_data[i], iv_test_data, iv_len_test_data[i],
ad_test_data, add_len_test_data[i], ad_test_data, add_len_test_data[i],
ciphertext, plaintext, ciphertext, plaintext,
ciphertext + msg_len_test_data[i], ciphertext + msg_len_test_data[i],
tag_len_test_data[i] ); tag_len_test_data[i]);
if( ret != 0 || if (ret != 0 ||
memcmp( plaintext, msg_test_data, msg_len_test_data[i] ) != 0 ) memcmp(plaintext, msg_test_data, msg_len_test_data[i]) != 0) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf("failed\n");
mbedtls_printf( "failed\n" );
return( 1 );
} }
if( verbose != 0 ) return 1;
mbedtls_printf( "passed\n" );
} }
mbedtls_ccm_free( &ctx ); if (verbose != 0) {
mbedtls_printf("passed\n");
}
}
if( verbose != 0 ) mbedtls_ccm_free(&ctx);
mbedtls_printf( "\n" );
return( 0 ); if (verbose != 0) {
mbedtls_printf("\n");
}
return 0;
} }
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */

214
library/chacha20.c
View File

@ -36,12 +36,12 @@
#if !defined(MBEDTLS_CHACHA20_ALT) #if !defined(MBEDTLS_CHACHA20_ALT)
#define ROTL32( value, amount ) \ #define ROTL32(value, amount) \
( (uint32_t) ( (value) << (amount) ) | ( (value) >> ( 32 - (amount) ) ) ) ((uint32_t) ((value) << (amount)) | ((value) >> (32 - (amount))))
#define CHACHA20_CTR_INDEX ( 12U ) #define CHACHA20_CTR_INDEX (12U)
#define CHACHA20_BLOCK_SIZE_BYTES ( 4U * 16U ) #define CHACHA20_BLOCK_SIZE_BYTES (4U * 16U)
/** /**
* \brief ChaCha20 quarter round operation. * \brief ChaCha20 quarter round operation.
@ -58,31 +58,31 @@
* \param c The index of 'c' in the state. * \param c The index of 'c' in the state.
* \param d The index of 'd' in the state. * \param d The index of 'd' in the state.
*/ */
static inline void chacha20_quarter_round( uint32_t state[16], static inline void chacha20_quarter_round(uint32_t state[16],
size_t a, size_t a,
size_t b, size_t b,
size_t c, size_t c,
size_t d ) size_t d)
{ {
/* a += b; d ^= a; d <<<= 16; */ /* a += b; d ^= a; d <<<= 16; */
state[a] += state[b]; state[a] += state[b];
state[d] ^= state[a]; state[d] ^= state[a];
state[d] = ROTL32( state[d], 16 ); state[d] = ROTL32(state[d], 16);
/* c += d; b ^= c; b <<<= 12 */ /* c += d; b ^= c; b <<<= 12 */
state[c] += state[d]; state[c] += state[d];
state[b] ^= state[c]; state[b] ^= state[c];
state[b] = ROTL32( state[b], 12 ); state[b] = ROTL32(state[b], 12);
/* a += b; d ^= a; d <<<= 8; */ /* a += b; d ^= a; d <<<= 8; */
state[a] += state[b]; state[a] += state[b];
state[d] ^= state[a]; state[d] ^= state[a];
state[d] = ROTL32( state[d], 8 ); state[d] = ROTL32(state[d], 8);
/* c += d; b ^= c; b <<<= 7; */ /* c += d; b ^= c; b <<<= 7; */
state[c] += state[d]; state[c] += state[d];
state[b] ^= state[c]; state[b] ^= state[c];
state[b] = ROTL32( state[b], 7 ); state[b] = ROTL32(state[b], 7);
} }
/** /**
@ -93,17 +93,17 @@ static inline void chacha20_quarter_round( uint32_t state[16],
* *
* \param state The ChaCha20 state to update. * \param state The ChaCha20 state to update.
*/ */
static void chacha20_inner_block( uint32_t state[16] ) static void chacha20_inner_block(uint32_t state[16])
{ {
chacha20_quarter_round( state, 0, 4, 8, 12 ); chacha20_quarter_round(state, 0, 4, 8, 12);
chacha20_quarter_round( state, 1, 5, 9, 13 ); chacha20_quarter_round(state, 1, 5, 9, 13);
chacha20_quarter_round( state, 2, 6, 10, 14 ); chacha20_quarter_round(state, 2, 6, 10, 14);
chacha20_quarter_round( state, 3, 7, 11, 15 ); chacha20_quarter_round(state, 3, 7, 11, 15);
chacha20_quarter_round( state, 0, 5, 10, 15 ); chacha20_quarter_round(state, 0, 5, 10, 15);
chacha20_quarter_round( state, 1, 6, 11, 12 ); chacha20_quarter_round(state, 1, 6, 11, 12);
chacha20_quarter_round( state, 2, 7, 8, 13 ); chacha20_quarter_round(state, 2, 7, 8, 13);
chacha20_quarter_round( state, 3, 4, 9, 14 ); chacha20_quarter_round(state, 3, 4, 9, 14);
} }
/** /**
@ -112,29 +112,30 @@ static void chacha20_inner_block( uint32_t state[16] )
* \param initial_state The initial ChaCha20 state (key, nonce, counter). * \param initial_state The initial ChaCha20 state (key, nonce, counter).
* \param keystream Generated keystream bytes are written to this buffer. * \param keystream Generated keystream bytes are written to this buffer.
*/ */
static void chacha20_block( const uint32_t initial_state[16], static void chacha20_block(const uint32_t initial_state[16],
unsigned char keystream[64] ) unsigned char keystream[64])
{ {
uint32_t working_state[16]; uint32_t working_state[16];
size_t i; size_t i;
memcpy( working_state, memcpy(working_state,
initial_state, initial_state,
CHACHA20_BLOCK_SIZE_BYTES ); CHACHA20_BLOCK_SIZE_BYTES);
for( i = 0U; i < 10U; i++ ) for (i = 0U; i < 10U; i++) {
chacha20_inner_block( working_state ); chacha20_inner_block(working_state);
}
working_state[ 0] += initial_state[ 0]; working_state[0] += initial_state[0];
working_state[ 1] += initial_state[ 1]; working_state[1] += initial_state[1];
working_state[ 2] += initial_state[ 2]; working_state[2] += initial_state[2];
working_state[ 3] += initial_state[ 3]; working_state[3] += initial_state[3];
working_state[ 4] += initial_state[ 4]; working_state[4] += initial_state[4];
working_state[ 5] += initial_state[ 5]; working_state[5] += initial_state[5];
working_state[ 6] += initial_state[ 6]; working_state[6] += initial_state[6];
working_state[ 7] += initial_state[ 7]; working_state[7] += initial_state[7];
working_state[ 8] += initial_state[ 8]; working_state[8] += initial_state[8];
working_state[ 9] += initial_state[ 9]; working_state[9] += initial_state[9];
working_state[10] += initial_state[10]; working_state[10] += initial_state[10];
working_state[11] += initial_state[11]; working_state[11] += initial_state[11];
working_state[12] += initial_state[12]; working_state[12] += initial_state[12];
@ -142,35 +143,33 @@ static void chacha20_block( const uint32_t initial_state[16],
working_state[14] += initial_state[14]; working_state[14] += initial_state[14];
working_state[15] += initial_state[15]; working_state[15] += initial_state[15];
for( i = 0U; i < 16; i++ ) for (i = 0U; i < 16; i++) {
{
size_t offset = i * 4U; size_t offset = i * 4U;
MBEDTLS_PUT_UINT32_LE(working_state[i], keystream, offset); MBEDTLS_PUT_UINT32_LE(working_state[i], keystream, offset);
} }
mbedtls_platform_zeroize( working_state, sizeof( working_state ) ); mbedtls_platform_zeroize(working_state, sizeof(working_state));
} }
void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx ) void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx)
{ {
mbedtls_platform_zeroize( ctx->state, sizeof( ctx->state ) ); mbedtls_platform_zeroize(ctx->state, sizeof(ctx->state));
mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); mbedtls_platform_zeroize(ctx->keystream8, sizeof(ctx->keystream8));
/* Initially, there's no keystream bytes available */ /* Initially, there's no keystream bytes available */
ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES; ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES;
} }
void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ) void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx)
{ {
if( ctx != NULL ) if (ctx != NULL) {
{ mbedtls_platform_zeroize(ctx, sizeof(mbedtls_chacha20_context));
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_chacha20_context ) );
} }
} }
int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx,
const unsigned char key[32] ) const unsigned char key[32])
{ {
/* ChaCha20 constants - the string "expand 32-byte k" */ /* ChaCha20 constants - the string "expand 32-byte k" */
ctx->state[0] = 0x61707865; ctx->state[0] = 0x61707865;
@ -179,48 +178,47 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
ctx->state[3] = 0x6b206574; ctx->state[3] = 0x6b206574;
/* Set key */ /* Set key */
ctx->state[4] = MBEDTLS_GET_UINT32_LE( key, 0 ); ctx->state[4] = MBEDTLS_GET_UINT32_LE(key, 0);
ctx->state[5] = MBEDTLS_GET_UINT32_LE( key, 4 ); ctx->state[5] = MBEDTLS_GET_UINT32_LE(key, 4);
ctx->state[6] = MBEDTLS_GET_UINT32_LE( key, 8 ); ctx->state[6] = MBEDTLS_GET_UINT32_LE(key, 8);
ctx->state[7] = MBEDTLS_GET_UINT32_LE( key, 12 ); ctx->state[7] = MBEDTLS_GET_UINT32_LE(key, 12);
ctx->state[8] = MBEDTLS_GET_UINT32_LE( key, 16 ); ctx->state[8] = MBEDTLS_GET_UINT32_LE(key, 16);
ctx->state[9] = MBEDTLS_GET_UINT32_LE( key, 20 ); ctx->state[9] = MBEDTLS_GET_UINT32_LE(key, 20);
ctx->state[10] = MBEDTLS_GET_UINT32_LE( key, 24 ); ctx->state[10] = MBEDTLS_GET_UINT32_LE(key, 24);
ctx->state[11] = MBEDTLS_GET_UINT32_LE( key, 28 ); ctx->state[11] = MBEDTLS_GET_UINT32_LE(key, 28);
return( 0 ); return 0;
} }
int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx,
const unsigned char nonce[12], const unsigned char nonce[12],
uint32_t counter ) uint32_t counter)
{ {
/* Counter */ /* Counter */
ctx->state[12] = counter; ctx->state[12] = counter;
/* Nonce */ /* Nonce */
ctx->state[13] = MBEDTLS_GET_UINT32_LE( nonce, 0 ); ctx->state[13] = MBEDTLS_GET_UINT32_LE(nonce, 0);
ctx->state[14] = MBEDTLS_GET_UINT32_LE( nonce, 4 ); ctx->state[14] = MBEDTLS_GET_UINT32_LE(nonce, 4);
ctx->state[15] = MBEDTLS_GET_UINT32_LE( nonce, 8 ); ctx->state[15] = MBEDTLS_GET_UINT32_LE(nonce, 8);
mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); mbedtls_platform_zeroize(ctx->keystream8, sizeof(ctx->keystream8));
/* Initially, there's no keystream bytes available */ /* Initially, there's no keystream bytes available */
ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES; ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES;
return( 0 ); return 0;
} }
int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx,
size_t size, size_t size,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
size_t offset = 0U; size_t offset = 0U;
/* Use leftover keystream bytes, if available */ /* Use leftover keystream bytes, if available */
while( size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES ) while (size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES) {
{
output[offset] = input[offset] output[offset] = input[offset]
^ ctx->keystream8[ctx->keystream_bytes_used]; ^ ctx->keystream8[ctx->keystream_bytes_used];
@ -230,59 +228,59 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
} }
/* Process full blocks */ /* Process full blocks */
while( size >= CHACHA20_BLOCK_SIZE_BYTES ) while (size >= CHACHA20_BLOCK_SIZE_BYTES) {
{
/* Generate new keystream block and increment counter */ /* Generate new keystream block and increment counter */
chacha20_block( ctx->state, ctx->keystream8 ); chacha20_block(ctx->state, ctx->keystream8);
ctx->state[CHACHA20_CTR_INDEX]++; ctx->state[CHACHA20_CTR_INDEX]++;
mbedtls_xor( output + offset, input + offset, ctx->keystream8, 64U ); mbedtls_xor(output + offset, input + offset, ctx->keystream8, 64U);
offset += CHACHA20_BLOCK_SIZE_BYTES; offset += CHACHA20_BLOCK_SIZE_BYTES;
size -= CHACHA20_BLOCK_SIZE_BYTES; size -= CHACHA20_BLOCK_SIZE_BYTES;
} }
/* Last (partial) block */ /* Last (partial) block */
if( size > 0U ) if (size > 0U) {
{
/* Generate new keystream block and increment counter */ /* Generate new keystream block and increment counter */
chacha20_block( ctx->state, ctx->keystream8 ); chacha20_block(ctx->state, ctx->keystream8);
ctx->state[CHACHA20_CTR_INDEX]++; ctx->state[CHACHA20_CTR_INDEX]++;
mbedtls_xor( output + offset, input + offset, ctx->keystream8, size ); mbedtls_xor(output + offset, input + offset, ctx->keystream8, size);
ctx->keystream_bytes_used = size; ctx->keystream_bytes_used = size;
} }
return( 0 ); return 0;
} }
int mbedtls_chacha20_crypt( const unsigned char key[32], int mbedtls_chacha20_crypt(const unsigned char key[32],
const unsigned char nonce[12], const unsigned char nonce[12],
uint32_t counter, uint32_t counter,
size_t data_len, size_t data_len,
const unsigned char* input, const unsigned char *input,
unsigned char* output ) unsigned char *output)
{ {
mbedtls_chacha20_context ctx; mbedtls_chacha20_context ctx;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_chacha20_init( &ctx ); mbedtls_chacha20_init(&ctx);
ret = mbedtls_chacha20_setkey( &ctx, key ); ret = mbedtls_chacha20_setkey(&ctx, key);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
ret = mbedtls_chacha20_starts( &ctx, nonce, counter ); ret = mbedtls_chacha20_starts(&ctx, nonce, counter);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
ret = mbedtls_chacha20_update( &ctx, data_len, input, output ); ret = mbedtls_chacha20_update(&ctx, data_len, input, output);
cleanup: cleanup:
mbedtls_chacha20_free( &ctx ); mbedtls_chacha20_free(&ctx);
return( ret ); return ret;
} }
#endif /* !MBEDTLS_CHACHA20_ALT */ #endif /* !MBEDTLS_CHACHA20_ALT */
@ -458,50 +456,52 @@ static const size_t test_lengths[2] =
/* Make sure no other definition is already present. */ /* Make sure no other definition is already present. */
#undef ASSERT #undef ASSERT
#define ASSERT( cond, args ) \ #define ASSERT(cond, args) \
do \ do \
{ \ { \
if( ! ( cond ) ) \ if (!(cond)) \
{ \ { \
if( verbose != 0 ) \ if (verbose != 0) \
mbedtls_printf args; \ mbedtls_printf args; \
\ \
return( -1 ); \ return -1; \
} \ } \
} \ } \
while( 0 ) while (0)
int mbedtls_chacha20_self_test( int verbose ) int mbedtls_chacha20_self_test(int verbose)
{ {
unsigned char output[381]; unsigned char output[381];
unsigned i; unsigned i;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
for( i = 0U; i < 2U; i++ ) for (i = 0U; i < 2U; i++) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf(" ChaCha20 test %u ", i);
mbedtls_printf( " ChaCha20 test %u ", i ); }
ret = mbedtls_chacha20_crypt( test_keys[i], ret = mbedtls_chacha20_crypt(test_keys[i],
test_nonces[i], test_nonces[i],
test_counters[i], test_counters[i],
test_lengths[i], test_lengths[i],
test_input[i], test_input[i],
output ); output);
ASSERT( 0 == ret, ( "error code: %i\n", ret ) ); ASSERT(0 == ret, ("error code: %i\n", ret));
ASSERT( 0 == memcmp( output, test_output[i], test_lengths[i] ), ASSERT(0 == memcmp(output, test_output[i], test_lengths[i]),
( "failed (output)\n" ) ); ("failed (output)\n"));
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "passed\n" ); mbedtls_printf("passed\n");
}
} }
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "\n" ); mbedtls_printf("\n");
}
return( 0 ); return 0;
} }
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

310
library/chachapoly.c
View File

@ -32,29 +32,30 @@
#if !defined(MBEDTLS_CHACHAPOLY_ALT) #if !defined(MBEDTLS_CHACHAPOLY_ALT)
#define CHACHAPOLY_STATE_INIT ( 0 ) #define CHACHAPOLY_STATE_INIT (0)
#define CHACHAPOLY_STATE_AAD ( 1 ) #define CHACHAPOLY_STATE_AAD (1)
#define CHACHAPOLY_STATE_CIPHERTEXT ( 2 ) /* Encrypting or decrypting */ #define CHACHAPOLY_STATE_CIPHERTEXT (2) /* Encrypting or decrypting */
#define CHACHAPOLY_STATE_FINISHED ( 3 ) #define CHACHAPOLY_STATE_FINISHED (3)
/** /**
* \brief Adds nul bytes to pad the AAD for Poly1305. * \brief Adds nul bytes to pad the AAD for Poly1305.
* *
* \param ctx The ChaCha20-Poly1305 context. * \param ctx The ChaCha20-Poly1305 context.
*/ */
static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx ) static int chachapoly_pad_aad(mbedtls_chachapoly_context *ctx)
{ {
uint32_t partial_block_len = (uint32_t) ( ctx->aad_len % 16U ); uint32_t partial_block_len = (uint32_t) (ctx->aad_len % 16U);
unsigned char zeroes[15]; unsigned char zeroes[15];
if( partial_block_len == 0U ) if (partial_block_len == 0U) {
return( 0 ); return 0;
}
memset( zeroes, 0, sizeof( zeroes ) ); memset(zeroes, 0, sizeof(zeroes));
return( mbedtls_poly1305_update( &ctx->poly1305_ctx, return mbedtls_poly1305_update(&ctx->poly1305_ctx,
zeroes, zeroes,
16U - partial_block_len ) ); 16U - partial_block_len);
} }
/** /**
@ -62,80 +63,83 @@ static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx )
* *
* \param ctx The ChaCha20-Poly1305 context. * \param ctx The ChaCha20-Poly1305 context.
*/ */
static int chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx ) static int chachapoly_pad_ciphertext(mbedtls_chachapoly_context *ctx)
{ {
uint32_t partial_block_len = (uint32_t) ( ctx->ciphertext_len % 16U ); uint32_t partial_block_len = (uint32_t) (ctx->ciphertext_len % 16U);
unsigned char zeroes[15]; unsigned char zeroes[15];
if( partial_block_len == 0U ) if (partial_block_len == 0U) {
return( 0 ); return 0;
}
memset( zeroes, 0, sizeof( zeroes ) ); memset(zeroes, 0, sizeof(zeroes));
return( mbedtls_poly1305_update( &ctx->poly1305_ctx, return mbedtls_poly1305_update(&ctx->poly1305_ctx,
zeroes, zeroes,
16U - partial_block_len ) ); 16U - partial_block_len);
} }
void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ) void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx)
{ {
mbedtls_chacha20_init( &ctx->chacha20_ctx ); mbedtls_chacha20_init(&ctx->chacha20_ctx);
mbedtls_poly1305_init( &ctx->poly1305_ctx ); mbedtls_poly1305_init(&ctx->poly1305_ctx);
ctx->aad_len = 0U; ctx->aad_len = 0U;
ctx->ciphertext_len = 0U; ctx->ciphertext_len = 0U;
ctx->state = CHACHAPOLY_STATE_INIT; ctx->state = CHACHAPOLY_STATE_INIT;
ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT;
} }
void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ) void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx)
{ {
if( ctx == NULL ) if (ctx == NULL) {
return; return;
}
mbedtls_chacha20_free( &ctx->chacha20_ctx ); mbedtls_chacha20_free(&ctx->chacha20_ctx);
mbedtls_poly1305_free( &ctx->poly1305_ctx ); mbedtls_poly1305_free(&ctx->poly1305_ctx);
ctx->aad_len = 0U; ctx->aad_len = 0U;
ctx->ciphertext_len = 0U; ctx->ciphertext_len = 0U;
ctx->state = CHACHAPOLY_STATE_INIT; ctx->state = CHACHAPOLY_STATE_INIT;
ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT;
} }
int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx,
const unsigned char key[32] ) const unsigned char key[32])
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
ret = mbedtls_chacha20_setkey( &ctx->chacha20_ctx, key ); ret = mbedtls_chacha20_setkey(&ctx->chacha20_ctx, key);
return( ret ); return ret;
} }
int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx,
const unsigned char nonce[12], const unsigned char nonce[12],
mbedtls_chachapoly_mode_t mode ) mbedtls_chachapoly_mode_t mode)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char poly1305_key[64]; unsigned char poly1305_key[64];
/* Set counter = 0, will be update to 1 when generating Poly1305 key */ /* Set counter = 0, will be update to 1 when generating Poly1305 key */
ret = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 0U ); ret = mbedtls_chacha20_starts(&ctx->chacha20_ctx, nonce, 0U);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
/* Generate the Poly1305 key by getting the ChaCha20 keystream output with /* Generate the Poly1305 key by getting the ChaCha20 keystream output with
* counter = 0. This is the same as encrypting a buffer of zeroes. * counter = 0. This is the same as encrypting a buffer of zeroes.
* Only the first 256-bits (32 bytes) of the key is used for Poly1305. * Only the first 256-bits (32 bytes) of the key is used for Poly1305.
* The other 256 bits are discarded. * The other 256 bits are discarded.
*/ */
memset( poly1305_key, 0, sizeof( poly1305_key ) ); memset(poly1305_key, 0, sizeof(poly1305_key));
ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, sizeof( poly1305_key ), ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, sizeof(poly1305_key),
poly1305_key, poly1305_key ); poly1305_key, poly1305_key);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
ret = mbedtls_poly1305_starts( &ctx->poly1305_ctx, poly1305_key ); ret = mbedtls_poly1305_starts(&ctx->poly1305_ctx, poly1305_key);
if( ret == 0 ) if (ret == 0) {
{
ctx->aad_len = 0U; ctx->aad_len = 0U;
ctx->ciphertext_len = 0U; ctx->ciphertext_len = 0U;
ctx->state = CHACHAPOLY_STATE_AAD; ctx->state = CHACHAPOLY_STATE_AAD;
@ -143,92 +147,91 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
} }
cleanup: cleanup:
mbedtls_platform_zeroize( poly1305_key, 64U ); mbedtls_platform_zeroize(poly1305_key, 64U);
return( ret ); return ret;
} }
int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx,
const unsigned char *aad, const unsigned char *aad,
size_t aad_len ) size_t aad_len)
{ {
if( ctx->state != CHACHAPOLY_STATE_AAD ) if (ctx->state != CHACHAPOLY_STATE_AAD) {
return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE;
}
ctx->aad_len += aad_len; ctx->aad_len += aad_len;
return( mbedtls_poly1305_update( &ctx->poly1305_ctx, aad, aad_len ) ); return mbedtls_poly1305_update(&ctx->poly1305_ctx, aad, aad_len);
} }
int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx,
size_t len, size_t len,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if( ( ctx->state != CHACHAPOLY_STATE_AAD ) && if ((ctx->state != CHACHAPOLY_STATE_AAD) &&
( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) ) (ctx->state != CHACHAPOLY_STATE_CIPHERTEXT)) {
{ return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE;
return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
} }
if( ctx->state == CHACHAPOLY_STATE_AAD ) if (ctx->state == CHACHAPOLY_STATE_AAD) {
{
ctx->state = CHACHAPOLY_STATE_CIPHERTEXT; ctx->state = CHACHAPOLY_STATE_CIPHERTEXT;
ret = chachapoly_pad_aad( ctx ); ret = chachapoly_pad_aad(ctx);
if( ret != 0 ) if (ret != 0) {
return( ret ); return ret;
}
} }
ctx->ciphertext_len += len; ctx->ciphertext_len += len;
if( ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT ) if (ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT) {
{ ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, len, input, output);
ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output ); if (ret != 0) {
if( ret != 0 ) return ret;
return( ret );
ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, output, len );
if( ret != 0 )
return( ret );
}
else /* DECRYPT */
{
ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, input, len );
if( ret != 0 )
return( ret );
ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output );
if( ret != 0 )
return( ret );
} }
return( 0 ); ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, output, len);
if (ret != 0) {
return ret;
}
} else { /* DECRYPT */
ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, input, len);
if (ret != 0) {
return ret;
}
ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, len, input, output);
if (ret != 0) {
return ret;
}
}
return 0;
} }
int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx,
unsigned char mac[16] ) unsigned char mac[16])
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char len_block[16]; unsigned char len_block[16];
if( ctx->state == CHACHAPOLY_STATE_INIT ) if (ctx->state == CHACHAPOLY_STATE_INIT) {
{ return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE;
return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
} }
if( ctx->state == CHACHAPOLY_STATE_AAD ) if (ctx->state == CHACHAPOLY_STATE_AAD) {
{ ret = chachapoly_pad_aad(ctx);
ret = chachapoly_pad_aad( ctx ); if (ret != 0) {
if( ret != 0 ) return ret;
return( ret ); }
} else if (ctx->state == CHACHAPOLY_STATE_CIPHERTEXT) {
ret = chachapoly_pad_ciphertext(ctx);
if (ret != 0) {
return ret;
} }
else if( ctx->state == CHACHAPOLY_STATE_CIPHERTEXT )
{
ret = chachapoly_pad_ciphertext( ctx );
if( ret != 0 )
return( ret );
} }
ctx->state = CHACHAPOLY_STATE_FINISHED; ctx->state = CHACHAPOLY_STATE_FINISHED;
@ -239,16 +242,17 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
MBEDTLS_PUT_UINT64_LE(ctx->aad_len, len_block, 0); MBEDTLS_PUT_UINT64_LE(ctx->aad_len, len_block, 0);
MBEDTLS_PUT_UINT64_LE(ctx->ciphertext_len, len_block, 8); MBEDTLS_PUT_UINT64_LE(ctx->ciphertext_len, len_block, 8);
ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U ); ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, len_block, 16U);
if( ret != 0 ) if (ret != 0) {
return( ret ); return ret;
}
ret = mbedtls_poly1305_finish( &ctx->poly1305_ctx, mac ); ret = mbedtls_poly1305_finish(&ctx->poly1305_ctx, mac);
return( ret ); return ret;
} }
static int chachapoly_crypt_and_tag( mbedtls_chachapoly_context *ctx, static int chachapoly_crypt_and_tag(mbedtls_chachapoly_context *ctx,
mbedtls_chachapoly_mode_t mode, mbedtls_chachapoly_mode_t mode,
size_t length, size_t length,
const unsigned char nonce[12], const unsigned char nonce[12],
@ -256,74 +260,76 @@ static int chachapoly_crypt_and_tag( mbedtls_chachapoly_context *ctx,
size_t aad_len, size_t aad_len,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
unsigned char tag[16] ) unsigned char tag[16])
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
ret = mbedtls_chachapoly_starts( ctx, nonce, mode ); ret = mbedtls_chachapoly_starts(ctx, nonce, mode);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
ret = mbedtls_chachapoly_update_aad( ctx, aad, aad_len ); ret = mbedtls_chachapoly_update_aad(ctx, aad, aad_len);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
ret = mbedtls_chachapoly_update( ctx, length, input, output ); ret = mbedtls_chachapoly_update(ctx, length, input, output);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
ret = mbedtls_chachapoly_finish( ctx, tag ); ret = mbedtls_chachapoly_finish(ctx, tag);
cleanup: cleanup:
return( ret ); return ret;
} }
int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx,
size_t length, size_t length,
const unsigned char nonce[12], const unsigned char nonce[12],
const unsigned char *aad, const unsigned char *aad,
size_t aad_len, size_t aad_len,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
unsigned char tag[16] ) unsigned char tag[16])
{ {
return( chachapoly_crypt_and_tag( ctx, MBEDTLS_CHACHAPOLY_ENCRYPT, return chachapoly_crypt_and_tag(ctx, MBEDTLS_CHACHAPOLY_ENCRYPT,
length, nonce, aad, aad_len, length, nonce, aad, aad_len,
input, output, tag ) ); input, output, tag);
} }
int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx,
size_t length, size_t length,
const unsigned char nonce[12], const unsigned char nonce[12],
const unsigned char *aad, const unsigned char *aad,
size_t aad_len, size_t aad_len,
const unsigned char tag[16], const unsigned char tag[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char check_tag[16]; unsigned char check_tag[16];
size_t i; size_t i;
int diff; int diff;
if( ( ret = chachapoly_crypt_and_tag( ctx, if ((ret = chachapoly_crypt_and_tag(ctx,
MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce, MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce,
aad, aad_len, input, output, check_tag ) ) != 0 ) aad, aad_len, input, output, check_tag)) != 0) {
{ return ret;
return( ret );
} }
/* Check tag in "constant-time" */ /* Check tag in "constant-time" */
for( diff = 0, i = 0; i < sizeof( check_tag ); i++ ) for (diff = 0, i = 0; i < sizeof(check_tag); i++) {
diff |= tag[i] ^ check_tag[i]; diff |= tag[i] ^ check_tag[i];
if( diff != 0 )
{
mbedtls_platform_zeroize( output, length );
return( MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED );
} }
return( 0 ); if (diff != 0) {
mbedtls_platform_zeroize(output, length);
return MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED;
}
return 0;
} }
#endif /* MBEDTLS_CHACHAPOLY_ALT */ #endif /* MBEDTLS_CHACHAPOLY_ALT */
@ -419,20 +425,20 @@ static const unsigned char test_mac[1][16] =
/* Make sure no other definition is already present. */ /* Make sure no other definition is already present. */
#undef ASSERT #undef ASSERT
#define ASSERT( cond, args ) \ #define ASSERT(cond, args) \
do \ do \
{ \ { \
if( ! ( cond ) ) \ if (!(cond)) \
{ \ { \
if( verbose != 0 ) \ if (verbose != 0) \
mbedtls_printf args; \ mbedtls_printf args; \
\ \
return( -1 ); \ return -1; \
} \ } \
} \ } \
while( 0 ) while (0)
int mbedtls_chachapoly_self_test( int verbose ) int mbedtls_chachapoly_self_test(int verbose)
{ {
mbedtls_chachapoly_context ctx; mbedtls_chachapoly_context ctx;
unsigned i; unsigned i;
@ -440,43 +446,45 @@ int mbedtls_chachapoly_self_test( int verbose )
unsigned char output[200]; unsigned char output[200];
unsigned char mac[16]; unsigned char mac[16];
for( i = 0U; i < 1U; i++ ) for (i = 0U; i < 1U; i++) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf(" ChaCha20-Poly1305 test %u ", i);
mbedtls_printf( " ChaCha20-Poly1305 test %u ", i ); }
mbedtls_chachapoly_init( &ctx ); mbedtls_chachapoly_init(&ctx);
ret = mbedtls_chachapoly_setkey( &ctx, test_key[i] ); ret = mbedtls_chachapoly_setkey(&ctx, test_key[i]);
ASSERT( 0 == ret, ( "setkey() error code: %i\n", ret ) ); ASSERT(0 == ret, ("setkey() error code: %i\n", ret));
ret = mbedtls_chachapoly_encrypt_and_tag( &ctx, ret = mbedtls_chachapoly_encrypt_and_tag(&ctx,
test_input_len[i], test_input_len[i],
test_nonce[i], test_nonce[i],
test_aad[i], test_aad[i],
test_aad_len[i], test_aad_len[i],
test_input[i], test_input[i],
output, output,
mac ); mac);
ASSERT( 0 == ret, ( "crypt_and_tag() error code: %i\n", ret ) ); ASSERT(0 == ret, ("crypt_and_tag() error code: %i\n", ret));
ASSERT( 0 == memcmp( output, test_output[i], test_input_len[i] ), ASSERT(0 == memcmp(output, test_output[i], test_input_len[i]),
( "failure (wrong output)\n" ) ); ("failure (wrong output)\n"));
ASSERT( 0 == memcmp( mac, test_mac[i], 16U ), ASSERT(0 == memcmp(mac, test_mac[i], 16U),
( "failure (wrong MAC)\n" ) ); ("failure (wrong MAC)\n"));
mbedtls_chachapoly_free( &ctx ); mbedtls_chachapoly_free(&ctx);
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "passed\n" ); mbedtls_printf("passed\n");
}
} }
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "\n" ); mbedtls_printf("\n");
}
return( 0 ); return 0;
} }
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

38
library/check_crypto_config.h
View File

@ -29,57 +29,57 @@
#define MBEDTLS_CHECK_CRYPTO_CONFIG_H #define MBEDTLS_CHECK_CRYPTO_CONFIG_H
#if defined(PSA_WANT_ALG_CCM) && \ #if defined(PSA_WANT_ALG_CCM) && \
!( defined(PSA_WANT_KEY_TYPE_AES) || \ !(defined(PSA_WANT_KEY_TYPE_AES) || \
defined(PSA_WANT_KEY_TYPE_CAMELLIA) ) defined(PSA_WANT_KEY_TYPE_CAMELLIA))
#error "PSA_WANT_ALG_CCM defined, but not all prerequisites" #error "PSA_WANT_ALG_CCM defined, but not all prerequisites"
#endif #endif
#if defined(PSA_WANT_ALG_CMAC) && \ #if defined(PSA_WANT_ALG_CMAC) && \
!( defined(PSA_WANT_KEY_TYPE_AES) || \ !(defined(PSA_WANT_KEY_TYPE_AES) || \
defined(PSA_WANT_KEY_TYPE_CAMELLIA) || \ defined(PSA_WANT_KEY_TYPE_CAMELLIA) || \
defined(PSA_WANT_KEY_TYPE_DES) ) defined(PSA_WANT_KEY_TYPE_DES))
#error "PSA_WANT_ALG_CMAC defined, but not all prerequisites" #error "PSA_WANT_ALG_CMAC defined, but not all prerequisites"
#endif #endif
#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \ #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \
!( defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \ !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \
defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) ) defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY))
#error "PSA_WANT_ALG_DETERMINISTIC_ECDSA defined, but not all prerequisites" #error "PSA_WANT_ALG_DETERMINISTIC_ECDSA defined, but not all prerequisites"
#endif #endif
#if defined(PSA_WANT_ALG_ECDSA) && \ #if defined(PSA_WANT_ALG_ECDSA) && \
!( defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \ !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \
defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) ) defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY))
#error "PSA_WANT_ALG_ECDSA defined, but not all prerequisites" #error "PSA_WANT_ALG_ECDSA defined, but not all prerequisites"
#endif #endif
#if defined(PSA_WANT_ALG_GCM) && \ #if defined(PSA_WANT_ALG_GCM) && \
!( defined(PSA_WANT_KEY_TYPE_AES) || \ !(defined(PSA_WANT_KEY_TYPE_AES) || \
defined(PSA_WANT_KEY_TYPE_CAMELLIA) ) defined(PSA_WANT_KEY_TYPE_CAMELLIA))
#error "PSA_WANT_ALG_GCM defined, but not all prerequisites" #error "PSA_WANT_ALG_GCM defined, but not all prerequisites"
#endif #endif
#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) && \ #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) && \
!( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) ) defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY))
#error "PSA_WANT_ALG_RSA_PKCS1V15_CRYPT defined, but not all prerequisites" #error "PSA_WANT_ALG_RSA_PKCS1V15_CRYPT defined, but not all prerequisites"
#endif #endif
#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) && \ #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) && \
!( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) ) defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY))
#error "PSA_WANT_ALG_RSA_PKCS1V15_SIGN defined, but not all prerequisites" #error "PSA_WANT_ALG_RSA_PKCS1V15_SIGN defined, but not all prerequisites"
#endif #endif
#if defined(PSA_WANT_ALG_RSA_OAEP) && \ #if defined(PSA_WANT_ALG_RSA_OAEP) && \
!( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) ) defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY))
#error "PSA_WANT_ALG_RSA_OAEP defined, but not all prerequisites" #error "PSA_WANT_ALG_RSA_OAEP defined, but not all prerequisites"
#endif #endif
#if defined(PSA_WANT_ALG_RSA_PSS) && \ #if defined(PSA_WANT_ALG_RSA_PSS) && \
!( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) ) defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY))
#error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites" #error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites"
#endif #endif
@ -89,7 +89,7 @@
#endif #endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_USE_PSA_CRYPTO) && \
!( defined(PSA_WANT_ALG_SHA_1) || defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_512) ) !(defined(PSA_WANT_ALG_SHA_1) || defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_512))
#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites" #error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
#endif #endif

1186
library/cipher.c
View File

File diff suppressed because it is too large Load Diff

562
library/cipher_wrap.c
View File

@ -72,100 +72,101 @@
#if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_GCM_C)
/* shared by all GCM ciphers */ /* shared by all GCM ciphers */
static void *gcm_ctx_alloc( void ) static void *gcm_ctx_alloc(void)
{ {
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_gcm_context ) ); void *ctx = mbedtls_calloc(1, sizeof(mbedtls_gcm_context));
if( ctx != NULL ) if (ctx != NULL) {
mbedtls_gcm_init( (mbedtls_gcm_context *) ctx ); mbedtls_gcm_init((mbedtls_gcm_context *) ctx);
}
return( ctx ); return ctx;
} }
static void gcm_ctx_free( void *ctx ) static void gcm_ctx_free(void *ctx)
{ {
mbedtls_gcm_free( ctx ); mbedtls_gcm_free(ctx);
mbedtls_free( ctx ); mbedtls_free(ctx);
} }
#endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CCM_C) #if defined(MBEDTLS_CCM_C)
/* shared by all CCM ciphers */ /* shared by all CCM ciphers */
static void *ccm_ctx_alloc( void ) static void *ccm_ctx_alloc(void)
{ {
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ccm_context ) ); void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ccm_context));
if( ctx != NULL ) if (ctx != NULL) {
mbedtls_ccm_init( (mbedtls_ccm_context *) ctx ); mbedtls_ccm_init((mbedtls_ccm_context *) ctx);
}
return( ctx ); return ctx;
} }
static void ccm_ctx_free( void *ctx ) static void ccm_ctx_free(void *ctx)
{ {
mbedtls_ccm_free( ctx ); mbedtls_ccm_free(ctx);
mbedtls_free( ctx ); mbedtls_free(ctx);
} }
#endif /* MBEDTLS_CCM_C */ #endif /* MBEDTLS_CCM_C */
#if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_AES_C)
static int aes_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, static int aes_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
return mbedtls_aes_crypt_ecb( (mbedtls_aes_context *) ctx, operation, input, output ); return mbedtls_aes_crypt_ecb((mbedtls_aes_context *) ctx, operation, input, output);
} }
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
static int aes_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, static int aes_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output ) unsigned char *iv, const unsigned char *input, unsigned char *output)
{ {
return mbedtls_aes_crypt_cbc( (mbedtls_aes_context *) ctx, operation, length, iv, input, return mbedtls_aes_crypt_cbc((mbedtls_aes_context *) ctx, operation, length, iv, input,
output ); output);
} }
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
static int aes_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, static int aes_crypt_cfb128_wrap(void *ctx, mbedtls_operation_t operation,
size_t length, size_t *iv_off, unsigned char *iv, size_t length, size_t *iv_off, unsigned char *iv,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
return mbedtls_aes_crypt_cfb128( (mbedtls_aes_context *) ctx, operation, length, iv_off, iv, return mbedtls_aes_crypt_cfb128((mbedtls_aes_context *) ctx, operation, length, iv_off, iv,
input, output ); input, output);
} }
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_OFB) #if defined(MBEDTLS_CIPHER_MODE_OFB)
static int aes_crypt_ofb_wrap( void *ctx, size_t length, size_t *iv_off, static int aes_crypt_ofb_wrap(void *ctx, size_t length, size_t *iv_off,
unsigned char *iv, const unsigned char *input, unsigned char *output ) unsigned char *iv, const unsigned char *input, unsigned char *output)
{ {
return mbedtls_aes_crypt_ofb( (mbedtls_aes_context *) ctx, length, iv_off, return mbedtls_aes_crypt_ofb((mbedtls_aes_context *) ctx, length, iv_off,
iv, input, output ); iv, input, output);
} }
#endif /* MBEDTLS_CIPHER_MODE_OFB */ #endif /* MBEDTLS_CIPHER_MODE_OFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
static int aes_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, static int aes_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off,
unsigned char *nonce_counter, unsigned char *stream_block, unsigned char *nonce_counter, unsigned char *stream_block,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
return mbedtls_aes_crypt_ctr( (mbedtls_aes_context *) ctx, length, nc_off, nonce_counter, return mbedtls_aes_crypt_ctr((mbedtls_aes_context *) ctx, length, nc_off, nonce_counter,
stream_block, input, output ); stream_block, input, output);
} }
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(MBEDTLS_CIPHER_MODE_XTS) #if defined(MBEDTLS_CIPHER_MODE_XTS)
static int aes_crypt_xts_wrap( void *ctx, mbedtls_operation_t operation, static int aes_crypt_xts_wrap(void *ctx, mbedtls_operation_t operation,
size_t length, size_t length,
const unsigned char data_unit[16], const unsigned char data_unit[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
mbedtls_aes_xts_context *xts_ctx = ctx; mbedtls_aes_xts_context *xts_ctx = ctx;
int mode; int mode;
switch( operation ) switch (operation) {
{
case MBEDTLS_ENCRYPT: case MBEDTLS_ENCRYPT:
mode = MBEDTLS_AES_ENCRYPT; mode = MBEDTLS_AES_ENCRYPT;
break; break;
@ -176,39 +177,40 @@ static int aes_crypt_xts_wrap( void *ctx, mbedtls_operation_t operation,
return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
} }
return mbedtls_aes_crypt_xts( xts_ctx, mode, length, return mbedtls_aes_crypt_xts(xts_ctx, mode, length,
data_unit, input, output ); data_unit, input, output);
} }
#endif /* MBEDTLS_CIPHER_MODE_XTS */ #endif /* MBEDTLS_CIPHER_MODE_XTS */
static int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, static int aes_setkey_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_aes_setkey_dec( (mbedtls_aes_context *) ctx, key, key_bitlen ); return mbedtls_aes_setkey_dec((mbedtls_aes_context *) ctx, key, key_bitlen);
} }
static int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, static int aes_setkey_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_aes_setkey_enc( (mbedtls_aes_context *) ctx, key, key_bitlen ); return mbedtls_aes_setkey_enc((mbedtls_aes_context *) ctx, key, key_bitlen);
} }
static void * aes_ctx_alloc( void ) static void *aes_ctx_alloc(void)
{ {
mbedtls_aes_context *aes = mbedtls_calloc( 1, sizeof( mbedtls_aes_context ) ); mbedtls_aes_context *aes = mbedtls_calloc(1, sizeof(mbedtls_aes_context));
if( aes == NULL ) if (aes == NULL) {
return( NULL ); return NULL;
}
mbedtls_aes_init( aes ); mbedtls_aes_init(aes);
return( aes ); return aes;
} }
static void aes_ctx_free( void *ctx ) static void aes_ctx_free(void *ctx)
{ {
mbedtls_aes_free( (mbedtls_aes_context *) ctx ); mbedtls_aes_free((mbedtls_aes_context *) ctx);
mbedtls_free( ctx ); mbedtls_free(ctx);
} }
static const mbedtls_cipher_base_t aes_info = { static const mbedtls_cipher_base_t aes_info = {
@ -412,39 +414,41 @@ static const mbedtls_cipher_info_t aes_256_ctr_info = {
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(MBEDTLS_CIPHER_MODE_XTS) #if defined(MBEDTLS_CIPHER_MODE_XTS)
static int xts_aes_setkey_enc_wrap( void *ctx, const unsigned char *key, static int xts_aes_setkey_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
mbedtls_aes_xts_context *xts_ctx = ctx; mbedtls_aes_xts_context *xts_ctx = ctx;
return( mbedtls_aes_xts_setkey_enc( xts_ctx, key, key_bitlen ) ); return mbedtls_aes_xts_setkey_enc(xts_ctx, key, key_bitlen);
} }
static int xts_aes_setkey_dec_wrap( void *ctx, const unsigned char *key, static int xts_aes_setkey_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
mbedtls_aes_xts_context *xts_ctx = ctx; mbedtls_aes_xts_context *xts_ctx = ctx;
return( mbedtls_aes_xts_setkey_dec( xts_ctx, key, key_bitlen ) ); return mbedtls_aes_xts_setkey_dec(xts_ctx, key, key_bitlen);
} }
static void *xts_aes_ctx_alloc( void ) static void *xts_aes_ctx_alloc(void)
{ {
mbedtls_aes_xts_context *xts_ctx = mbedtls_calloc( 1, sizeof( *xts_ctx ) ); mbedtls_aes_xts_context *xts_ctx = mbedtls_calloc(1, sizeof(*xts_ctx));
if( xts_ctx != NULL ) if (xts_ctx != NULL) {
mbedtls_aes_xts_init( xts_ctx ); mbedtls_aes_xts_init(xts_ctx);
}
return( xts_ctx ); return xts_ctx;
} }
static void xts_aes_ctx_free( void *ctx ) static void xts_aes_ctx_free(void *ctx)
{ {
mbedtls_aes_xts_context *xts_ctx = ctx; mbedtls_aes_xts_context *xts_ctx = ctx;
if( xts_ctx == NULL ) if (xts_ctx == NULL) {
return; return;
}
mbedtls_aes_xts_free( xts_ctx ); mbedtls_aes_xts_free(xts_ctx);
mbedtls_free( xts_ctx ); mbedtls_free(xts_ctx);
} }
static const mbedtls_cipher_base_t xts_aes_info = { static const mbedtls_cipher_base_t xts_aes_info = {
@ -498,11 +502,11 @@ static const mbedtls_cipher_info_t aes_256_xts_info = {
#endif /* MBEDTLS_CIPHER_MODE_XTS */ #endif /* MBEDTLS_CIPHER_MODE_XTS */
#if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_GCM_C)
static int gcm_aes_setkey_wrap( void *ctx, const unsigned char *key, static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES, return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
key, key_bitlen ); key, key_bitlen);
} }
static const mbedtls_cipher_base_t gcm_aes_info = { static const mbedtls_cipher_base_t gcm_aes_info = {
@ -567,11 +571,11 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = {
#endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CCM_C) #if defined(MBEDTLS_CCM_C)
static int ccm_aes_setkey_wrap( void *ctx, const unsigned char *key, static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES, return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
key, key_bitlen ); key, key_bitlen);
} }
static const mbedtls_cipher_base_t ccm_aes_info = { static const mbedtls_cipher_base_t ccm_aes_info = {
@ -672,72 +676,73 @@ static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = {
#if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CAMELLIA_C)
static int camellia_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, static int camellia_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
return mbedtls_camellia_crypt_ecb( (mbedtls_camellia_context *) ctx, operation, input, return mbedtls_camellia_crypt_ecb((mbedtls_camellia_context *) ctx, operation, input,
output ); output);
} }
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
static int camellia_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, static int camellia_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation,
size_t length, unsigned char *iv, size_t length, unsigned char *iv,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
return mbedtls_camellia_crypt_cbc( (mbedtls_camellia_context *) ctx, operation, length, iv, return mbedtls_camellia_crypt_cbc((mbedtls_camellia_context *) ctx, operation, length, iv,
input, output ); input, output);
} }
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
static int camellia_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, static int camellia_crypt_cfb128_wrap(void *ctx, mbedtls_operation_t operation,
size_t length, size_t *iv_off, unsigned char *iv, size_t length, size_t *iv_off, unsigned char *iv,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
return mbedtls_camellia_crypt_cfb128( (mbedtls_camellia_context *) ctx, operation, length, return mbedtls_camellia_crypt_cfb128((mbedtls_camellia_context *) ctx, operation, length,
iv_off, iv, input, output ); iv_off, iv, input, output);
} }
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
static int camellia_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, static int camellia_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off,
unsigned char *nonce_counter, unsigned char *stream_block, unsigned char *nonce_counter, unsigned char *stream_block,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
return mbedtls_camellia_crypt_ctr( (mbedtls_camellia_context *) ctx, length, nc_off, return mbedtls_camellia_crypt_ctr((mbedtls_camellia_context *) ctx, length, nc_off,
nonce_counter, stream_block, input, output ); nonce_counter, stream_block, input, output);
} }
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
static int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, static int camellia_setkey_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_camellia_setkey_dec( (mbedtls_camellia_context *) ctx, key, key_bitlen ); return mbedtls_camellia_setkey_dec((mbedtls_camellia_context *) ctx, key, key_bitlen);
} }
static int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, static int camellia_setkey_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_camellia_setkey_enc( (mbedtls_camellia_context *) ctx, key, key_bitlen ); return mbedtls_camellia_setkey_enc((mbedtls_camellia_context *) ctx, key, key_bitlen);
} }
static void * camellia_ctx_alloc( void ) static void *camellia_ctx_alloc(void)
{ {
mbedtls_camellia_context *ctx; mbedtls_camellia_context *ctx;
ctx = mbedtls_calloc( 1, sizeof( mbedtls_camellia_context ) ); ctx = mbedtls_calloc(1, sizeof(mbedtls_camellia_context));
if( ctx == NULL ) if (ctx == NULL) {
return( NULL ); return NULL;
}
mbedtls_camellia_init( ctx ); mbedtls_camellia_init(ctx);
return( ctx ); return ctx;
} }
static void camellia_ctx_free( void *ctx ) static void camellia_ctx_free(void *ctx)
{ {
mbedtls_camellia_free( (mbedtls_camellia_context *) ctx ); mbedtls_camellia_free((mbedtls_camellia_context *) ctx);
mbedtls_free( ctx ); mbedtls_free(ctx);
} }
static const mbedtls_cipher_base_t camellia_info = { static const mbedtls_cipher_base_t camellia_info = {
@ -906,11 +911,11 @@ static const mbedtls_cipher_info_t camellia_256_ctr_info = {
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_GCM_C)
static int gcm_camellia_setkey_wrap( void *ctx, const unsigned char *key, static int gcm_camellia_setkey_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
key, key_bitlen ); key, key_bitlen);
} }
static const mbedtls_cipher_base_t gcm_camellia_info = { static const mbedtls_cipher_base_t gcm_camellia_info = {
@ -975,11 +980,11 @@ static const mbedtls_cipher_info_t camellia_256_gcm_info = {
#endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CCM_C) #if defined(MBEDTLS_CCM_C)
static int ccm_camellia_setkey_wrap( void *ctx, const unsigned char *key, static int ccm_camellia_setkey_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
key, key_bitlen ); key, key_bitlen);
} }
static const mbedtls_cipher_base_t ccm_camellia_info = { static const mbedtls_cipher_base_t ccm_camellia_info = {
@ -1080,73 +1085,74 @@ static const mbedtls_cipher_info_t camellia_256_ccm_star_no_tag_info = {
#if defined(MBEDTLS_ARIA_C) #if defined(MBEDTLS_ARIA_C)
static int aria_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, static int aria_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
(void) operation; (void) operation;
return mbedtls_aria_crypt_ecb( (mbedtls_aria_context *) ctx, input, return mbedtls_aria_crypt_ecb((mbedtls_aria_context *) ctx, input,
output ); output);
} }
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
static int aria_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, static int aria_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation,
size_t length, unsigned char *iv, size_t length, unsigned char *iv,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
return mbedtls_aria_crypt_cbc( (mbedtls_aria_context *) ctx, operation, length, iv, return mbedtls_aria_crypt_cbc((mbedtls_aria_context *) ctx, operation, length, iv,
input, output ); input, output);
} }
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
static int aria_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, static int aria_crypt_cfb128_wrap(void *ctx, mbedtls_operation_t operation,
size_t length, size_t *iv_off, unsigned char *iv, size_t length, size_t *iv_off, unsigned char *iv,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
return mbedtls_aria_crypt_cfb128( (mbedtls_aria_context *) ctx, operation, length, return mbedtls_aria_crypt_cfb128((mbedtls_aria_context *) ctx, operation, length,
iv_off, iv, input, output ); iv_off, iv, input, output);
} }
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
static int aria_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, static int aria_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off,
unsigned char *nonce_counter, unsigned char *stream_block, unsigned char *nonce_counter, unsigned char *stream_block,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
return mbedtls_aria_crypt_ctr( (mbedtls_aria_context *) ctx, length, nc_off, return mbedtls_aria_crypt_ctr((mbedtls_aria_context *) ctx, length, nc_off,
nonce_counter, stream_block, input, output ); nonce_counter, stream_block, input, output);
} }
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
static int aria_setkey_dec_wrap( void *ctx, const unsigned char *key, static int aria_setkey_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_aria_setkey_dec( (mbedtls_aria_context *) ctx, key, key_bitlen ); return mbedtls_aria_setkey_dec((mbedtls_aria_context *) ctx, key, key_bitlen);
} }
static int aria_setkey_enc_wrap( void *ctx, const unsigned char *key, static int aria_setkey_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_aria_setkey_enc( (mbedtls_aria_context *) ctx, key, key_bitlen ); return mbedtls_aria_setkey_enc((mbedtls_aria_context *) ctx, key, key_bitlen);
} }
static void * aria_ctx_alloc( void ) static void *aria_ctx_alloc(void)
{ {
mbedtls_aria_context *ctx; mbedtls_aria_context *ctx;
ctx = mbedtls_calloc( 1, sizeof( mbedtls_aria_context ) ); ctx = mbedtls_calloc(1, sizeof(mbedtls_aria_context));
if( ctx == NULL ) if (ctx == NULL) {
return( NULL ); return NULL;
}
mbedtls_aria_init( ctx ); mbedtls_aria_init(ctx);
return( ctx ); return ctx;
} }
static void aria_ctx_free( void *ctx ) static void aria_ctx_free(void *ctx)
{ {
mbedtls_aria_free( (mbedtls_aria_context *) ctx ); mbedtls_aria_free((mbedtls_aria_context *) ctx);
mbedtls_free( ctx ); mbedtls_free(ctx);
} }
static const mbedtls_cipher_base_t aria_info = { static const mbedtls_cipher_base_t aria_info = {
@ -1315,11 +1321,11 @@ static const mbedtls_cipher_info_t aria_256_ctr_info = {
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_GCM_C)
static int gcm_aria_setkey_wrap( void *ctx, const unsigned char *key, static int gcm_aria_setkey_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA, return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA,
key, key_bitlen ); key, key_bitlen);
} }
static const mbedtls_cipher_base_t gcm_aria_info = { static const mbedtls_cipher_base_t gcm_aria_info = {
@ -1384,11 +1390,11 @@ static const mbedtls_cipher_info_t aria_256_gcm_info = {
#endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CCM_C) #if defined(MBEDTLS_CCM_C)
static int ccm_aria_setkey_wrap( void *ctx, const unsigned char *key, static int ccm_aria_setkey_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA, return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA,
key, key_bitlen ); key, key_bitlen);
} }
static const mbedtls_cipher_base_t ccm_aria_info = { static const mbedtls_cipher_base_t ccm_aria_info = {
@ -1489,121 +1495,123 @@ static const mbedtls_cipher_info_t aria_256_ccm_star_no_tag_info = {
#if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_DES_C)
static int des_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, static int des_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
((void) operation); ((void) operation);
return mbedtls_des_crypt_ecb( (mbedtls_des_context *) ctx, input, output ); return mbedtls_des_crypt_ecb((mbedtls_des_context *) ctx, input, output);
} }
static int des3_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, static int des3_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation,
const unsigned char *input, unsigned char *output ) const unsigned char *input, unsigned char *output)
{ {
((void) operation); ((void) operation);
return mbedtls_des3_crypt_ecb( (mbedtls_des3_context *) ctx, input, output ); return mbedtls_des3_crypt_ecb((mbedtls_des3_context *) ctx, input, output);
} }
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
static int des_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, static int des_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output ) unsigned char *iv, const unsigned char *input, unsigned char *output)
{ {
return mbedtls_des_crypt_cbc( (mbedtls_des_context *) ctx, operation, length, iv, input, return mbedtls_des_crypt_cbc((mbedtls_des_context *) ctx, operation, length, iv, input,
output ); output);
} }
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
static int des3_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, static int des3_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *output ) unsigned char *iv, const unsigned char *input, unsigned char *output)
{ {
return mbedtls_des3_crypt_cbc( (mbedtls_des3_context *) ctx, operation, length, iv, input, return mbedtls_des3_crypt_cbc((mbedtls_des3_context *) ctx, operation, length, iv, input,
output ); output);
} }
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
static int des_setkey_dec_wrap( void *ctx, const unsigned char *key, static int des_setkey_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
((void) key_bitlen); ((void) key_bitlen);
return mbedtls_des_setkey_dec( (mbedtls_des_context *) ctx, key ); return mbedtls_des_setkey_dec((mbedtls_des_context *) ctx, key);
} }
static int des_setkey_enc_wrap( void *ctx, const unsigned char *key, static int des_setkey_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
((void) key_bitlen); ((void) key_bitlen);
return mbedtls_des_setkey_enc( (mbedtls_des_context *) ctx, key ); return mbedtls_des_setkey_enc((mbedtls_des_context *) ctx, key);
} }
static int des3_set2key_dec_wrap( void *ctx, const unsigned char *key, static int des3_set2key_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
((void) key_bitlen); ((void) key_bitlen);
return mbedtls_des3_set2key_dec( (mbedtls_des3_context *) ctx, key ); return mbedtls_des3_set2key_dec((mbedtls_des3_context *) ctx, key);
} }
static int des3_set2key_enc_wrap( void *ctx, const unsigned char *key, static int des3_set2key_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
((void) key_bitlen); ((void) key_bitlen);
return mbedtls_des3_set2key_enc( (mbedtls_des3_context *) ctx, key ); return mbedtls_des3_set2key_enc((mbedtls_des3_context *) ctx, key);
} }
static int des3_set3key_dec_wrap( void *ctx, const unsigned char *key, static int des3_set3key_dec_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
((void) key_bitlen); ((void) key_bitlen);
return mbedtls_des3_set3key_dec( (mbedtls_des3_context *) ctx, key ); return mbedtls_des3_set3key_dec((mbedtls_des3_context *) ctx, key);
} }
static int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, static int des3_set3key_enc_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
((void) key_bitlen); ((void) key_bitlen);
return mbedtls_des3_set3key_enc( (mbedtls_des3_context *) ctx, key ); return mbedtls_des3_set3key_enc((mbedtls_des3_context *) ctx, key);
} }
static void * des_ctx_alloc( void ) static void *des_ctx_alloc(void)
{ {
mbedtls_des_context *des = mbedtls_calloc( 1, sizeof( mbedtls_des_context ) ); mbedtls_des_context *des = mbedtls_calloc(1, sizeof(mbedtls_des_context));
if( des == NULL ) if (des == NULL) {
return( NULL ); return NULL;
}
mbedtls_des_init( des ); mbedtls_des_init(des);
return( des ); return des;
} }
static void des_ctx_free( void *ctx ) static void des_ctx_free(void *ctx)
{ {
mbedtls_des_free( (mbedtls_des_context *) ctx ); mbedtls_des_free((mbedtls_des_context *) ctx);
mbedtls_free( ctx ); mbedtls_free(ctx);
} }
static void * des3_ctx_alloc( void ) static void *des3_ctx_alloc(void)
{ {
mbedtls_des3_context *des3; mbedtls_des3_context *des3;
des3 = mbedtls_calloc( 1, sizeof( mbedtls_des3_context ) ); des3 = mbedtls_calloc(1, sizeof(mbedtls_des3_context));
if( des3 == NULL ) if (des3 == NULL) {
return( NULL ); return NULL;
}
mbedtls_des3_init( des3 ); mbedtls_des3_init(des3);
return( des3 ); return des3;
} }
static void des3_ctx_free( void *ctx ) static void des3_ctx_free(void *ctx)
{ {
mbedtls_des3_free( (mbedtls_des3_context *) ctx ); mbedtls_des3_free((mbedtls_des3_context *) ctx);
mbedtls_free( ctx ); mbedtls_free(ctx);
} }
static const mbedtls_cipher_base_t des_info = { static const mbedtls_cipher_base_t des_info = {
@ -1761,48 +1769,52 @@ static const mbedtls_cipher_info_t des_ede3_cbc_info = {
#if defined(MBEDTLS_CHACHA20_C) #if defined(MBEDTLS_CHACHA20_C)
static int chacha20_setkey_wrap( void *ctx, const unsigned char *key, static int chacha20_setkey_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
if( key_bitlen != 256U ) if (key_bitlen != 256U) {
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
if ( 0 != mbedtls_chacha20_setkey( (mbedtls_chacha20_context*)ctx, key ) ) if (0 != mbedtls_chacha20_setkey((mbedtls_chacha20_context *) ctx, key)) {
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
return( 0 ); return 0;
} }
static int chacha20_stream_wrap( void *ctx, size_t length, static int chacha20_stream_wrap(void *ctx, size_t length,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
ret = mbedtls_chacha20_update( ctx, length, input, output ); ret = mbedtls_chacha20_update(ctx, length, input, output);
if( ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ) if (ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA) {
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
return( ret ); return ret;
} }
static void * chacha20_ctx_alloc( void ) static void *chacha20_ctx_alloc(void)
{ {
mbedtls_chacha20_context *ctx; mbedtls_chacha20_context *ctx;
ctx = mbedtls_calloc( 1, sizeof( mbedtls_chacha20_context ) ); ctx = mbedtls_calloc(1, sizeof(mbedtls_chacha20_context));
if( ctx == NULL ) if (ctx == NULL) {
return( NULL ); return NULL;
}
mbedtls_chacha20_init( ctx ); mbedtls_chacha20_init(ctx);
return( ctx ); return ctx;
} }
static void chacha20_ctx_free( void *ctx ) static void chacha20_ctx_free(void *ctx)
{ {
mbedtls_chacha20_free( (mbedtls_chacha20_context *) ctx ); mbedtls_chacha20_free((mbedtls_chacha20_context *) ctx);
mbedtls_free( ctx ); mbedtls_free(ctx);
} }
static const mbedtls_cipher_base_t chacha20_base_info = { static const mbedtls_cipher_base_t chacha20_base_info = {
@ -1845,36 +1857,39 @@ static const mbedtls_cipher_info_t chacha20_info = {
#if defined(MBEDTLS_CHACHAPOLY_C) #if defined(MBEDTLS_CHACHAPOLY_C)
static int chachapoly_setkey_wrap( void *ctx, static int chachapoly_setkey_wrap(void *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
if( key_bitlen != 256U ) if (key_bitlen != 256U) {
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
if ( 0 != mbedtls_chachapoly_setkey( (mbedtls_chachapoly_context*)ctx, key ) ) if (0 != mbedtls_chachapoly_setkey((mbedtls_chachapoly_context *) ctx, key)) {
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
}
return( 0 ); return 0;
} }
static void * chachapoly_ctx_alloc( void ) static void *chachapoly_ctx_alloc(void)
{ {
mbedtls_chachapoly_context *ctx; mbedtls_chachapoly_context *ctx;
ctx = mbedtls_calloc( 1, sizeof( mbedtls_chachapoly_context ) ); ctx = mbedtls_calloc(1, sizeof(mbedtls_chachapoly_context));
if( ctx == NULL ) if (ctx == NULL) {
return( NULL ); return NULL;
}
mbedtls_chachapoly_init( ctx ); mbedtls_chachapoly_init(ctx);
return( ctx ); return ctx;
} }
static void chachapoly_ctx_free( void *ctx ) static void chachapoly_ctx_free(void *ctx)
{ {
mbedtls_chachapoly_free( (mbedtls_chachapoly_context *) ctx ); mbedtls_chachapoly_free((mbedtls_chachapoly_context *) ctx);
mbedtls_free( ctx ); mbedtls_free(ctx);
} }
static const mbedtls_cipher_base_t chachapoly_base_info = { static const mbedtls_cipher_base_t chachapoly_base_info = {
@ -1916,31 +1931,31 @@ static const mbedtls_cipher_info_t chachapoly_info = {
#endif /* MBEDTLS_CHACHAPOLY_C */ #endif /* MBEDTLS_CHACHAPOLY_C */
#if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
static int null_crypt_stream( void *ctx, size_t length, static int null_crypt_stream(void *ctx, size_t length,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
((void) ctx); ((void) ctx);
memmove( output, input, length ); memmove(output, input, length);
return( 0 ); return 0;
} }
static int null_setkey( void *ctx, const unsigned char *key, static int null_setkey(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
((void) ctx); ((void) ctx);
((void) key); ((void) key);
((void) key_bitlen); ((void) key_bitlen);
return( 0 ); return 0;
} }
static void * null_ctx_alloc( void ) static void *null_ctx_alloc(void)
{ {
return( (void *) 1 ); return (void *) 1;
} }
static void null_ctx_free( void *ctx ) static void null_ctx_free(void *ctx)
{ {
((void) ctx); ((void) ctx);
} }
@ -1985,34 +2000,35 @@ static const mbedtls_cipher_info_t null_cipher_info = {
#endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */ #endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */
#if defined(MBEDTLS_NIST_KW_C) #if defined(MBEDTLS_NIST_KW_C)
static void *kw_ctx_alloc( void ) static void *kw_ctx_alloc(void)
{ {
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_nist_kw_context ) ); void *ctx = mbedtls_calloc(1, sizeof(mbedtls_nist_kw_context));
if( ctx != NULL ) if (ctx != NULL) {
mbedtls_nist_kw_init( (mbedtls_nist_kw_context *) ctx ); mbedtls_nist_kw_init((mbedtls_nist_kw_context *) ctx);
}
return( ctx ); return ctx;
} }
static void kw_ctx_free( void *ctx ) static void kw_ctx_free(void *ctx)
{ {
mbedtls_nist_kw_free( ctx ); mbedtls_nist_kw_free(ctx);
mbedtls_free( ctx ); mbedtls_free(ctx);
} }
static int kw_aes_setkey_wrap( void *ctx, const unsigned char *key, static int kw_aes_setkey_wrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_nist_kw_setkey( (mbedtls_nist_kw_context *) ctx, return mbedtls_nist_kw_setkey((mbedtls_nist_kw_context *) ctx,
MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 1 ); MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 1);
} }
static int kw_aes_setkey_unwrap( void *ctx, const unsigned char *key, static int kw_aes_setkey_unwrap(void *ctx, const unsigned char *key,
unsigned int key_bitlen ) unsigned int key_bitlen)
{ {
return mbedtls_nist_kw_setkey( (mbedtls_nist_kw_context *) ctx, return mbedtls_nist_kw_setkey((mbedtls_nist_kw_context *) ctx,
MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 0 ); MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 0);
} }
static const mbedtls_cipher_base_t kw_aes_info = { static const mbedtls_cipher_base_t kw_aes_info = {
@ -2257,8 +2273,8 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] =
{ MBEDTLS_CIPHER_NONE, NULL } { MBEDTLS_CIPHER_NONE, NULL }
}; };
#define NUM_CIPHERS ( sizeof(mbedtls_cipher_definitions) / \ #define NUM_CIPHERS (sizeof(mbedtls_cipher_definitions) / \
sizeof(mbedtls_cipher_definitions[0]) ) sizeof(mbedtls_cipher_definitions[0]))
int mbedtls_cipher_supported[NUM_CIPHERS]; int mbedtls_cipher_supported[NUM_CIPHERS];
#endif /* MBEDTLS_CIPHER_C */ #endif /* MBEDTLS_CIPHER_C */

50
library/cipher_wrap.h
View File

@ -39,82 +39,79 @@ extern "C" {
/** /**
* Base cipher information. The non-mode specific functions and values. * Base cipher information. The non-mode specific functions and values.
*/ */
struct mbedtls_cipher_base_t struct mbedtls_cipher_base_t {
{
/** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */ /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */
mbedtls_cipher_id_t cipher; mbedtls_cipher_id_t cipher;
/** Encrypt using ECB */ /** Encrypt using ECB */
int (*ecb_func)( void *ctx, mbedtls_operation_t mode, int (*ecb_func)(void *ctx, mbedtls_operation_t mode,
const unsigned char *input, unsigned char *output ); const unsigned char *input, unsigned char *output);
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** Encrypt using CBC */ /** Encrypt using CBC */
int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length, int (*cbc_func)(void *ctx, mbedtls_operation_t mode, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *iv, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif #endif
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
/** Encrypt using CFB (Full length) */ /** Encrypt using CFB (Full length) */
int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off, int (*cfb_func)(void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off,
unsigned char *iv, const unsigned char *input, unsigned char *iv, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif #endif
#if defined(MBEDTLS_CIPHER_MODE_OFB) #if defined(MBEDTLS_CIPHER_MODE_OFB)
/** Encrypt using OFB (Full length) */ /** Encrypt using OFB (Full length) */
int (*ofb_func)( void *ctx, size_t length, size_t *iv_off, int (*ofb_func)(void *ctx, size_t length, size_t *iv_off,
unsigned char *iv, unsigned char *iv,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif #endif
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/** Encrypt using CTR */ /** Encrypt using CTR */
int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, int (*ctr_func)(void *ctx, size_t length, size_t *nc_off,
unsigned char *nonce_counter, unsigned char *stream_block, unsigned char *nonce_counter, unsigned char *stream_block,
const unsigned char *input, unsigned char *output ); const unsigned char *input, unsigned char *output);
#endif #endif
#if defined(MBEDTLS_CIPHER_MODE_XTS) #if defined(MBEDTLS_CIPHER_MODE_XTS)
/** Encrypt or decrypt using XTS. */ /** Encrypt or decrypt using XTS. */
int (*xts_func)( void *ctx, mbedtls_operation_t mode, size_t length, int (*xts_func)(void *ctx, mbedtls_operation_t mode, size_t length,
const unsigned char data_unit[16], const unsigned char data_unit[16],
const unsigned char *input, unsigned char *output ); const unsigned char *input, unsigned char *output);
#endif #endif
#if defined(MBEDTLS_CIPHER_MODE_STREAM) #if defined(MBEDTLS_CIPHER_MODE_STREAM)
/** Encrypt using STREAM */ /** Encrypt using STREAM */
int (*stream_func)( void *ctx, size_t length, int (*stream_func)(void *ctx, size_t length,
const unsigned char *input, unsigned char *output ); const unsigned char *input, unsigned char *output);
#endif #endif
/** Set key for encryption purposes */ /** Set key for encryption purposes */
int (*setkey_enc_func)( void *ctx, const unsigned char *key, int (*setkey_enc_func)(void *ctx, const unsigned char *key,
unsigned int key_bitlen ); unsigned int key_bitlen);
/** Set key for decryption purposes */ /** Set key for decryption purposes */
int (*setkey_dec_func)( void *ctx, const unsigned char *key, int (*setkey_dec_func)(void *ctx, const unsigned char *key,
unsigned int key_bitlen); unsigned int key_bitlen);
/** Allocate a new context */ /** Allocate a new context */
void * (*ctx_alloc_func)( void ); void * (*ctx_alloc_func)(void);
/** Free the given context */ /** Free the given context */
void (*ctx_free_func)( void *ctx ); void (*ctx_free_func)(void *ctx);
}; };
typedef struct typedef struct {
{
mbedtls_cipher_type_t type; mbedtls_cipher_type_t type;
const mbedtls_cipher_info_t *info; const mbedtls_cipher_info_t *info;
} mbedtls_cipher_definition_t; } mbedtls_cipher_definition_t;
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
typedef enum typedef enum {
{
MBEDTLS_CIPHER_PSA_KEY_UNSET = 0, MBEDTLS_CIPHER_PSA_KEY_UNSET = 0,
MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */ MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */
/* use raw key material internally imported */ /* use raw key material internally imported */
@ -127,8 +124,7 @@ typedef enum
/* destroyed when the context is freed. */ /* destroyed when the context is freed. */
} mbedtls_cipher_psa_key_ownership; } mbedtls_cipher_psa_key_ownership;
typedef struct typedef struct {
{
psa_algorithm_t alg; psa_algorithm_t alg;
mbedtls_svc_key_id_t slot; mbedtls_svc_key_id_t slot;
mbedtls_cipher_psa_key_ownership slot_state; mbedtls_cipher_psa_key_ownership slot_state;

583
library/cmac.c
View File

File diff suppressed because it is too large Load Diff

Some files were not shown because too many files have changed in this diff Show More