lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Switch to the new code style

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
2023-01-11 14:50:10 +01:00
parent fd13a0f851
commit 449bd8303e
442 changed files with 86735 additions and 89438 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
configs/config-ccm-psk-dtls1_2.h
View File

@ -69,8 +69,8 @@
* save ROM and a few bytes of RAM by specifying our own ciphersuite list * save ROM and a few bytes of RAM by specifying our own ciphersuite list
*/ */
#define MBEDTLS_SSL_CIPHERSUITES \ #define MBEDTLS_SSL_CIPHERSUITES \
MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \ MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \
MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8
/* /*
* Save RAM at the expense of interoperability: do this only if you control * Save RAM at the expense of interoperability: do this only if you control

4
configs/config-ccm-psk-tls1_2.h
View File

@ -60,8 +60,8 @@
* save ROM and a few bytes of RAM by specifying our own ciphersuite list * save ROM and a few bytes of RAM by specifying our own ciphersuite list
*/ */
#define MBEDTLS_SSL_CIPHERSUITES \ #define MBEDTLS_SSL_CIPHERSUITES \
MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \ MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \
MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8
/* /*
* Save RAM at the expense of interoperability: do this only if you control * Save RAM at the expense of interoperability: do this only if you control

152
include/mbedtls/aes.h
View File

@ -72,19 +72,18 @@ extern "C" {
/** /**
* \brief The AES context-type definition. * \brief The AES context-type definition.
*/ */
typedef struct mbedtls_aes_context typedef struct mbedtls_aes_context {
{
int MBEDTLS_PRIVATE(nr); /*!< The number of rounds. */ int MBEDTLS_PRIVATE(nr); /*!< The number of rounds. */
size_t MBEDTLS_PRIVATE(rk_offset); /*!< The offset in array elements to AES size_t MBEDTLS_PRIVATE(rk_offset); /*!< The offset in array elements to AES
round keys in the buffer. */ round keys in the buffer. */
uint32_t MBEDTLS_PRIVATE(buf)[68]; /*!< Unaligned data buffer. This buffer can uint32_t MBEDTLS_PRIVATE(buf)[68]; /*!< Unaligned data buffer. This buffer can
hold 32 extra Bytes, which can be used for hold 32 extra Bytes, which can be used for
one of the following purposes: one of the following purposes:
<ul><li>Alignment if VIA padlock is <ul><li>Alignment if VIA padlock is
used.</li> used.</li>
<li>Simplifying key expansion in the 256-bit <li>Simplifying key expansion in the 256-bit
case by generating an extra round key. case by generating an extra round key.
</li></ul> */ </li></ul> */
} }
mbedtls_aes_context; mbedtls_aes_context;
@ -92,12 +91,11 @@ mbedtls_aes_context;
/** /**
* \brief The AES XTS context-type definition. * \brief The AES XTS context-type definition.
*/ */
typedef struct mbedtls_aes_xts_context typedef struct mbedtls_aes_xts_context {
{
mbedtls_aes_context MBEDTLS_PRIVATE(crypt); /*!< The AES context to use for AES block mbedtls_aes_context MBEDTLS_PRIVATE(crypt); /*!< The AES context to use for AES block
encryption or decryption. */ encryption or decryption. */
mbedtls_aes_context MBEDTLS_PRIVATE(tweak); /*!< The AES context used for tweak mbedtls_aes_context MBEDTLS_PRIVATE(tweak); /*!< The AES context used for tweak
computation. */ computation. */
} mbedtls_aes_xts_context; } mbedtls_aes_xts_context;
#endif /* MBEDTLS_CIPHER_MODE_XTS */ #endif /* MBEDTLS_CIPHER_MODE_XTS */
@ -113,7 +111,7 @@ typedef struct mbedtls_aes_xts_context
* *
* \param ctx The AES context to initialize. This must not be \c NULL. * \param ctx The AES context to initialize. This must not be \c NULL.
*/ */
void mbedtls_aes_init( mbedtls_aes_context *ctx ); void mbedtls_aes_init(mbedtls_aes_context *ctx);
/** /**
* \brief This function releases and clears the specified AES context. * \brief This function releases and clears the specified AES context.
@ -122,7 +120,7 @@ void mbedtls_aes_init( mbedtls_aes_context *ctx );
* If this is \c NULL, this function does nothing. * If this is \c NULL, this function does nothing.
* Otherwise, the context must have been at least initialized. * Otherwise, the context must have been at least initialized.
*/ */
void mbedtls_aes_free( mbedtls_aes_context *ctx ); void mbedtls_aes_free(mbedtls_aes_context *ctx);
#if defined(MBEDTLS_CIPHER_MODE_XTS) #if defined(MBEDTLS_CIPHER_MODE_XTS)
/** /**
@ -133,7 +131,7 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx );
* *
* \param ctx The AES XTS context to initialize. This must not be \c NULL. * \param ctx The AES XTS context to initialize. This must not be \c NULL.
*/ */
void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ); void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx);
/** /**
* \brief This function releases and clears the specified AES XTS context. * \brief This function releases and clears the specified AES XTS context.
@ -142,7 +140,7 @@ void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx );
* If this is \c NULL, this function does nothing. * If this is \c NULL, this function does nothing.
* Otherwise, the context must have been at least initialized. * Otherwise, the context must have been at least initialized.
*/ */
void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ); void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx);
#endif /* MBEDTLS_CIPHER_MODE_XTS */ #endif /* MBEDTLS_CIPHER_MODE_XTS */
/** /**
@ -161,8 +159,8 @@ void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx );
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief This function sets the decryption key. * \brief This function sets the decryption key.
@ -180,8 +178,8 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
#if defined(MBEDTLS_CIPHER_MODE_XTS) #if defined(MBEDTLS_CIPHER_MODE_XTS)
/** /**
@ -201,9 +199,9 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief This function prepares an XTS context for decryption and * \brief This function prepares an XTS context for decryption and
@ -222,9 +220,9 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
* \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
#endif /* MBEDTLS_CIPHER_MODE_XTS */ #endif /* MBEDTLS_CIPHER_MODE_XTS */
/** /**
@ -251,10 +249,10 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
@ -299,12 +297,12 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
* on failure. * on failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_XTS) #if defined(MBEDTLS_CIPHER_MODE_XTS)
@ -344,12 +342,12 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
* length is larger than 2^20 blocks (16 MiB). * length is larger than 2^20 blocks (16 MiB).
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx,
int mode, int mode,
size_t length, size_t length,
const unsigned char data_unit[16], const unsigned char data_unit[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_XTS */ #endif /* MBEDTLS_CIPHER_MODE_XTS */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
@ -393,13 +391,13 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function performs an AES-CFB8 encryption or decryption * \brief This function performs an AES-CFB8 encryption or decryption
@ -438,12 +436,12 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /*MBEDTLS_CIPHER_MODE_CFB */ #endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_OFB) #if defined(MBEDTLS_CIPHER_MODE_OFB)
@ -493,12 +491,12 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_OFB */ #endif /* MBEDTLS_CIPHER_MODE_OFB */
@ -576,13 +574,13 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[16], unsigned char nonce_counter[16],
unsigned char stream_block[16], unsigned char stream_block[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
/** /**
@ -597,9 +595,9 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
/** /**
* \brief Internal AES block decryption function. This is only * \brief Internal AES block decryption function. This is only
@ -613,9 +611,9 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
@ -625,7 +623,7 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
MBEDTLS_CHECK_RETURN_CRITICAL MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_aes_self_test( int verbose ); int mbedtls_aes_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

67
include/mbedtls/aria.h
View File

@ -61,8 +61,7 @@ extern "C" {
/** /**
* \brief The ARIA context-type definition. * \brief The ARIA context-type definition.
*/ */
typedef struct mbedtls_aria_context typedef struct mbedtls_aria_context {
{
unsigned char MBEDTLS_PRIVATE(nr); /*!< The number of rounds (12, 14 or 16) */ unsigned char MBEDTLS_PRIVATE(nr); /*!< The number of rounds (12, 14 or 16) */
/*! The ARIA round keys. */ /*! The ARIA round keys. */
uint32_t MBEDTLS_PRIVATE(rk)[MBEDTLS_ARIA_MAX_ROUNDS + 1][MBEDTLS_ARIA_BLOCKSIZE / 4]; uint32_t MBEDTLS_PRIVATE(rk)[MBEDTLS_ARIA_MAX_ROUNDS + 1][MBEDTLS_ARIA_BLOCKSIZE / 4];
@ -81,7 +80,7 @@ mbedtls_aria_context;
* *
* \param ctx The ARIA context to initialize. This must not be \c NULL. * \param ctx The ARIA context to initialize. This must not be \c NULL.
*/ */
void mbedtls_aria_init( mbedtls_aria_context *ctx ); void mbedtls_aria_init(mbedtls_aria_context *ctx);
/** /**
* \brief This function releases and clears the specified ARIA context. * \brief This function releases and clears the specified ARIA context.
@ -90,7 +89,7 @@ void mbedtls_aria_init( mbedtls_aria_context *ctx );
* case this function returns immediately. If it is not \c NULL, * case this function returns immediately. If it is not \c NULL,
* it must point to an initialized ARIA context. * it must point to an initialized ARIA context.
*/ */
void mbedtls_aria_free( mbedtls_aria_context *ctx ); void mbedtls_aria_free(mbedtls_aria_context *ctx);
/** /**
* \brief This function sets the encryption key. * \brief This function sets the encryption key.
@ -107,9 +106,9 @@ void mbedtls_aria_free( mbedtls_aria_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief This function sets the decryption key. * \brief This function sets the decryption key.
@ -126,9 +125,9 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief This function performs an ARIA single-block encryption or * \brief This function performs an ARIA single-block encryption or
@ -150,9 +149,9 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx,
const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] ); unsigned char output[MBEDTLS_ARIA_BLOCKSIZE]);
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
@ -196,12 +195,12 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
@ -246,13 +245,13 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
@ -333,13 +332,13 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE], unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE], unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -348,7 +347,7 @@ int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
* *
* \return \c 0 on success, or \c 1 on failure. * \return \c 0 on success, or \c 1 on failure.
*/ */
int mbedtls_aria_self_test( int verbose ); int mbedtls_aria_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus

122
include/mbedtls/asn1.h
View File

@ -96,15 +96,15 @@
/* Slightly smaller way to check if tag is a string tag /* Slightly smaller way to check if tag is a string tag
* compared to canonical implementation. */ * compared to canonical implementation. */
#define MBEDTLS_ASN1_IS_STRING_TAG( tag ) \ #define MBEDTLS_ASN1_IS_STRING_TAG(tag) \
( ( tag ) < 32u && ( \ ((tag) < 32u && ( \
( ( 1u << ( tag ) ) & ( ( 1u << MBEDTLS_ASN1_BMP_STRING ) | \ ((1u << (tag)) & ((1u << MBEDTLS_ASN1_BMP_STRING) | \
( 1u << MBEDTLS_ASN1_UTF8_STRING ) | \ (1u << MBEDTLS_ASN1_UTF8_STRING) | \
( 1u << MBEDTLS_ASN1_T61_STRING ) | \ (1u << MBEDTLS_ASN1_T61_STRING) | \
( 1u << MBEDTLS_ASN1_IA5_STRING ) | \ (1u << MBEDTLS_ASN1_IA5_STRING) | \
( 1u << MBEDTLS_ASN1_UNIVERSAL_STRING ) | \ (1u << MBEDTLS_ASN1_UNIVERSAL_STRING) | \
( 1u << MBEDTLS_ASN1_PRINTABLE_STRING ) | \ (1u << MBEDTLS_ASN1_PRINTABLE_STRING) | \
( 1u << MBEDTLS_ASN1_BIT_STRING ) ) ) != 0 ) ) (1u << MBEDTLS_ASN1_BIT_STRING))) != 0))
/* /*
* Bit masks for each of the components of an ASN.1 tag as specified in * Bit masks for each of the components of an ASN.1 tag as specified in
@ -132,12 +132,12 @@
* 'unsigned char *oid' here! * 'unsigned char *oid' here!
*/ */
#define MBEDTLS_OID_CMP(oid_str, oid_buf) \ #define MBEDTLS_OID_CMP(oid_str, oid_buf) \
( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) || \ ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len) || \
memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 ) memcmp((oid_str), (oid_buf)->p, (oid_buf)->len) != 0)
#define MBEDTLS_OID_CMP_RAW(oid_str, oid_buf, oid_buf_len) \ #define MBEDTLS_OID_CMP_RAW(oid_str, oid_buf, oid_buf_len) \
( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len) ) || \ ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len)) || \
memcmp( (oid_str), (oid_buf), (oid_buf_len) ) != 0 ) memcmp((oid_str), (oid_buf), (oid_buf_len)) != 0)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -151,8 +151,7 @@ extern "C" {
/** /**
* Type-length-value structure that allows for ASN1 using DER. * Type-length-value structure that allows for ASN1 using DER.
*/ */
typedef struct mbedtls_asn1_buf typedef struct mbedtls_asn1_buf {
{
int tag; /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */ int tag; /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */
size_t len; /**< ASN1 length, in octets. */ size_t len; /**< ASN1 length, in octets. */
unsigned char *p; /**< ASN1 data, e.g. in ASCII. */ unsigned char *p; /**< ASN1 data, e.g. in ASCII. */
@ -162,8 +161,7 @@ mbedtls_asn1_buf;
/** /**
* Container for ASN1 bit strings. * Container for ASN1 bit strings.
*/ */
typedef struct mbedtls_asn1_bitstring typedef struct mbedtls_asn1_bitstring {
{
size_t len; /**< ASN1 length, in octets. */ size_t len; /**< ASN1 length, in octets. */
unsigned char unused_bits; /**< Number of unused bits at the end of the string */ unsigned char unused_bits; /**< Number of unused bits at the end of the string */
unsigned char *p; /**< Raw ASN1 data for the bit string */ unsigned char *p; /**< Raw ASN1 data for the bit string */
@ -173,8 +171,7 @@ mbedtls_asn1_bitstring;
/** /**
* Container for a sequence of ASN.1 items * Container for a sequence of ASN.1 items
*/ */
typedef struct mbedtls_asn1_sequence typedef struct mbedtls_asn1_sequence {
{
mbedtls_asn1_buf buf; /**< Buffer containing the given ASN.1 item. */ mbedtls_asn1_buf buf; /**< Buffer containing the given ASN.1 item. */
/** The next entry in the sequence. /** The next entry in the sequence.
@ -191,8 +188,7 @@ mbedtls_asn1_sequence;
/** /**
* Container for a sequence or list of 'named' ASN.1 data items * Container for a sequence or list of 'named' ASN.1 data items
*/ */
typedef struct mbedtls_asn1_named_data typedef struct mbedtls_asn1_named_data {
{
mbedtls_asn1_buf oid; /**< The object identifier. */ mbedtls_asn1_buf oid; /**< The object identifier. */
mbedtls_asn1_buf val; /**< The named value. */ mbedtls_asn1_buf val; /**< The named value. */
@ -232,9 +228,9 @@ mbedtls_asn1_named_data;
* would end beyond \p end. * would end beyond \p end.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable. * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
*/ */
int mbedtls_asn1_get_len( unsigned char **p, int mbedtls_asn1_get_len(unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len ); size_t *len);
/** /**
* \brief Get the tag and length of the element. * \brief Get the tag and length of the element.
@ -257,9 +253,9 @@ int mbedtls_asn1_get_len( unsigned char **p,
* would end beyond \p end. * would end beyond \p end.
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable. * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
*/ */
int mbedtls_asn1_get_tag( unsigned char **p, int mbedtls_asn1_get_tag(unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len, int tag ); size_t *len, int tag);
/** /**
* \brief Retrieve a boolean ASN.1 tag and its value. * \brief Retrieve a boolean ASN.1 tag and its value.
@ -276,9 +272,9 @@ int mbedtls_asn1_get_tag( unsigned char **p,
* \return An ASN.1 error code if the input does not start with * \return An ASN.1 error code if the input does not start with
* a valid ASN.1 BOOLEAN. * a valid ASN.1 BOOLEAN.
*/ */
int mbedtls_asn1_get_bool( unsigned char **p, int mbedtls_asn1_get_bool(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ); int *val);
/** /**
* \brief Retrieve an integer ASN.1 tag and its value. * \brief Retrieve an integer ASN.1 tag and its value.
@ -297,9 +293,9 @@ int mbedtls_asn1_get_bool( unsigned char **p,
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
* not fit in an \c int. * not fit in an \c int.
*/ */
int mbedtls_asn1_get_int( unsigned char **p, int mbedtls_asn1_get_int(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ); int *val);
/** /**
* \brief Retrieve an enumerated ASN.1 tag and its value. * \brief Retrieve an enumerated ASN.1 tag and its value.
@ -318,9 +314,9 @@ int mbedtls_asn1_get_int( unsigned char **p,
* \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
* not fit in an \c int. * not fit in an \c int.
*/ */
int mbedtls_asn1_get_enum( unsigned char **p, int mbedtls_asn1_get_enum(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ); int *val);
/** /**
* \brief Retrieve a bitstring ASN.1 tag and its value. * \brief Retrieve a bitstring ASN.1 tag and its value.
@ -339,8 +335,8 @@ int mbedtls_asn1_get_enum( unsigned char **p,
* \return An ASN.1 error code if the input does not start with * \return An ASN.1 error code if the input does not start with
* a valid ASN.1 BIT STRING. * a valid ASN.1 BIT STRING.
*/ */
int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end,
mbedtls_asn1_bitstring *bs ); mbedtls_asn1_bitstring *bs);
/** /**
* \brief Retrieve a bitstring ASN.1 tag without unused bits and its * \brief Retrieve a bitstring ASN.1 tag without unused bits and its
@ -360,9 +356,9 @@ int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
* \return An ASN.1 error code if the input does not start with * \return An ASN.1 error code if the input does not start with
* a valid ASN.1 BIT STRING. * a valid ASN.1 BIT STRING.
*/ */
int mbedtls_asn1_get_bitstring_null( unsigned char **p, int mbedtls_asn1_get_bitstring_null(unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len ); size_t *len);
/** /**
* \brief Parses and splits an ASN.1 "SEQUENCE OF <tag>". * \brief Parses and splits an ASN.1 "SEQUENCE OF <tag>".
@ -411,10 +407,10 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p,
* \return An ASN.1 error code if the input does not start with * \return An ASN.1 error code if the input does not start with
* a valid ASN.1 SEQUENCE. * a valid ASN.1 SEQUENCE.
*/ */
int mbedtls_asn1_get_sequence_of( unsigned char **p, int mbedtls_asn1_get_sequence_of(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_asn1_sequence *cur, mbedtls_asn1_sequence *cur,
int tag ); int tag);
/** /**
* \brief Free a heap-allocated linked list presentation of * \brief Free a heap-allocated linked list presentation of
* an ASN.1 sequence, including the first element. * an ASN.1 sequence, including the first element.
@ -436,7 +432,7 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p,
* be \c NULL, in which case this functions returns * be \c NULL, in which case this functions returns
* immediately. * immediately.
*/ */
void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ); void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq);
/** /**
* \brief Traverse an ASN.1 SEQUENCE container and * \brief Traverse an ASN.1 SEQUENCE container and
@ -528,9 +524,9 @@ int mbedtls_asn1_traverse_sequence_of(
const unsigned char *end, const unsigned char *end,
unsigned char tag_must_mask, unsigned char tag_must_val, unsigned char tag_must_mask, unsigned char tag_must_val,
unsigned char tag_may_mask, unsigned char tag_may_val, unsigned char tag_may_mask, unsigned char tag_may_val,
int (*cb)( void *ctx, int tag, int (*cb)(void *ctx, int tag,
unsigned char* start, size_t len ), unsigned char *start, size_t len),
void *ctx ); void *ctx);
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
/** /**
@ -551,9 +547,9 @@ int mbedtls_asn1_traverse_sequence_of(
* not fit in an \c int. * not fit in an \c int.
* \return An MPI error code if the parsed value is too large. * \return An MPI error code if the parsed value is too large.
*/ */
int mbedtls_asn1_get_mpi( unsigned char **p, int mbedtls_asn1_get_mpi(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_mpi *X ); mbedtls_mpi *X);
#endif /* MBEDTLS_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
/** /**
@ -572,9 +568,9 @@ int mbedtls_asn1_get_mpi( unsigned char **p,
* *
* \return 0 if successful or a specific ASN.1 or MPI error code. * \return 0 if successful or a specific ASN.1 or MPI error code.
*/ */
int mbedtls_asn1_get_alg( unsigned char **p, int mbedtls_asn1_get_alg(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ); mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params);
/** /**
* \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no * \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no
@ -591,9 +587,9 @@ int mbedtls_asn1_get_alg( unsigned char **p,
* *
* \return 0 if successful or a specific ASN.1 or MPI error code. * \return 0 if successful or a specific ASN.1 or MPI error code.
*/ */
int mbedtls_asn1_get_alg_null( unsigned char **p, int mbedtls_asn1_get_alg_null(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_asn1_buf *alg ); mbedtls_asn1_buf *alg);
/** /**
* \brief Find a specific named_data entry in a sequence or list based on * \brief Find a specific named_data entry in a sequence or list based on
@ -605,8 +601,8 @@ int mbedtls_asn1_get_alg_null( unsigned char **p,
* *
* \return NULL if not found, or a pointer to the existing entry. * \return NULL if not found, or a pointer to the existing entry.
*/ */
const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( const mbedtls_asn1_named_data *list, const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(const mbedtls_asn1_named_data *list,
const char *oid, size_t len ); const char *oid, size_t len);
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
/** /**
@ -621,7 +617,7 @@ const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( const mbedtls_asn1_
* This function calls mbedtls_free() on * This function calls mbedtls_free() on
* `entry->oid.p` and `entry->val.p`. * `entry->oid.p` and `entry->val.p`.
*/ */
void MBEDTLS_DEPRECATED mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry ); void MBEDTLS_DEPRECATED mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *entry);
#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
/** /**
@ -632,7 +628,7 @@ void MBEDTLS_DEPRECATED mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *e
* `entry->oid.p` and `entry->val.p` and then on `entry` * `entry->oid.p` and `entry->val.p` and then on `entry`
* for each list entry, and sets \c *head to \c NULL. * for each list entry, and sets \c *head to \c NULL.
*/ */
void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ); void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head);
/** /**
* \brief Free all shallow entries in a mbedtls_asn1_named_data list, * \brief Free all shallow entries in a mbedtls_asn1_named_data list,
@ -641,7 +637,7 @@ void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head );
* \param name Head of the list of named data entries to free. * \param name Head of the list of named data entries to free.
* This function calls mbedtls_free() on each list element. * This function calls mbedtls_free() on each list element.
*/ */
void mbedtls_asn1_free_named_data_list_shallow( mbedtls_asn1_named_data *name ); void mbedtls_asn1_free_named_data_list_shallow(mbedtls_asn1_named_data *name);
/** \} name Functions to parse ASN.1 data structures */ /** \} name Functions to parse ASN.1 data structures */
/** \} addtogroup asn1_module */ /** \} addtogroup asn1_module */

90
include/mbedtls/asn1write.h
View File

@ -29,11 +29,11 @@
#define MBEDTLS_ASN1_CHK_ADD(g, f) \ #define MBEDTLS_ASN1_CHK_ADD(g, f) \
do \ do \
{ \ { \
if( ( ret = (f) ) < 0 ) \ if ((ret = (f)) < 0) \
return( ret ); \ return ret; \
else \ else \
(g) += ret; \ (g) += ret; \
} while( 0 ) } while (0)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -51,8 +51,8 @@ extern "C" {
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_len(unsigned char **p, const unsigned char *start,
size_t len ); size_t len);
/** /**
* \brief Write an ASN.1 tag in ASN.1 format. * \brief Write an ASN.1 tag in ASN.1 format.
* *
@ -65,8 +65,8 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_tag( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start,
unsigned char tag ); unsigned char tag);
/** /**
* \brief Write raw buffer data. * \brief Write raw buffer data.
@ -81,8 +81,8 @@ int mbedtls_asn1_write_tag( unsigned char **p, const unsigned char *start,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_raw_buffer( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_raw_buffer(unsigned char **p, const unsigned char *start,
const unsigned char *buf, size_t size ); const unsigned char *buf, size_t size);
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
/** /**
@ -99,8 +99,8 @@ int mbedtls_asn1_write_raw_buffer( unsigned char **p, const unsigned char *start
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_mpi( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_mpi(unsigned char **p, const unsigned char *start,
const mbedtls_mpi *X ); const mbedtls_mpi *X);
#endif /* MBEDTLS_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
/** /**
@ -115,7 +115,7 @@ int mbedtls_asn1_write_mpi( unsigned char **p, const unsigned char *start,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_null( unsigned char **p, const unsigned char *start ); int mbedtls_asn1_write_null(unsigned char **p, const unsigned char *start);
/** /**
* \brief Write an OID tag (#MBEDTLS_ASN1_OID) and data * \brief Write an OID tag (#MBEDTLS_ASN1_OID) and data
@ -131,8 +131,8 @@ int mbedtls_asn1_write_null( unsigned char **p, const unsigned char *start );
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_oid( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_oid(unsigned char **p, const unsigned char *start,
const char *oid, size_t oid_len ); const char *oid, size_t oid_len);
/** /**
* \brief Write an AlgorithmIdentifier sequence in ASN.1 format. * \brief Write an AlgorithmIdentifier sequence in ASN.1 format.
@ -149,10 +149,10 @@ int mbedtls_asn1_write_oid( unsigned char **p, const unsigned char *start,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, int mbedtls_asn1_write_algorithm_identifier(unsigned char **p,
const unsigned char *start, const unsigned char *start,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
size_t par_len ); size_t par_len);
/** /**
* \brief Write a boolean tag (#MBEDTLS_ASN1_BOOLEAN) and value * \brief Write a boolean tag (#MBEDTLS_ASN1_BOOLEAN) and value
@ -167,8 +167,8 @@ int mbedtls_asn1_write_algorithm_identifier( unsigned char **p,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_bool( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_bool(unsigned char **p, const unsigned char *start,
int boolean ); int boolean);
/** /**
* \brief Write an int tag (#MBEDTLS_ASN1_INTEGER) and value * \brief Write an int tag (#MBEDTLS_ASN1_INTEGER) and value
@ -184,7 +184,7 @@ int mbedtls_asn1_write_bool( unsigned char **p, const unsigned char *start,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_int( unsigned char **p, const unsigned char *start, int val ); int mbedtls_asn1_write_int(unsigned char **p, const unsigned char *start, int val);
/** /**
* \brief Write an enum tag (#MBEDTLS_ASN1_ENUMERATED) and value * \brief Write an enum tag (#MBEDTLS_ASN1_ENUMERATED) and value
@ -199,7 +199,7 @@ int mbedtls_asn1_write_int( unsigned char **p, const unsigned char *start, int v
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_asn1_write_enum( unsigned char **p, const unsigned char *start, int val ); int mbedtls_asn1_write_enum(unsigned char **p, const unsigned char *start, int val);
/** /**
* \brief Write a string in ASN.1 format using a specific * \brief Write a string in ASN.1 format using a specific
@ -218,9 +218,9 @@ int mbedtls_asn1_write_enum( unsigned char **p, const unsigned char *start, int
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_tagged_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_tagged_string(unsigned char **p, const unsigned char *start,
int tag, const char *text, int tag, const char *text,
size_t text_len ); size_t text_len);
/** /**
* \brief Write a string in ASN.1 format using the PrintableString * \brief Write a string in ASN.1 format using the PrintableString
@ -237,9 +237,9 @@ int mbedtls_asn1_write_tagged_string( unsigned char **p, const unsigned char *st
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_printable_string( unsigned char **p, int mbedtls_asn1_write_printable_string(unsigned char **p,
const unsigned char *start, const unsigned char *start,
const char *text, size_t text_len ); const char *text, size_t text_len);
/** /**
* \brief Write a UTF8 string in ASN.1 format using the UTF8String * \brief Write a UTF8 string in ASN.1 format using the UTF8String
@ -256,8 +256,8 @@ int mbedtls_asn1_write_printable_string( unsigned char **p,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_utf8_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_utf8_string(unsigned char **p, const unsigned char *start,
const char *text, size_t text_len ); const char *text, size_t text_len);
/** /**
* \brief Write a string in ASN.1 format using the IA5String * \brief Write a string in ASN.1 format using the IA5String
@ -274,8 +274,8 @@ int mbedtls_asn1_write_utf8_string( unsigned char **p, const unsigned char *star
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_ia5_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_ia5_string(unsigned char **p, const unsigned char *start,
const char *text, size_t text_len ); const char *text, size_t text_len);
/** /**
* \brief Write a bitstring tag (#MBEDTLS_ASN1_BIT_STRING) and * \brief Write a bitstring tag (#MBEDTLS_ASN1_BIT_STRING) and
@ -291,8 +291,8 @@ int mbedtls_asn1_write_ia5_string( unsigned char **p, const unsigned char *start
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_bitstring( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_bitstring(unsigned char **p, const unsigned char *start,
const unsigned char *buf, size_t bits ); const unsigned char *buf, size_t bits);
/** /**
* \brief This function writes a named bitstring tag * \brief This function writes a named bitstring tag
@ -311,10 +311,10 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, const unsigned char *start,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_named_bitstring( unsigned char **p, int mbedtls_asn1_write_named_bitstring(unsigned char **p,
const unsigned char *start, const unsigned char *start,
const unsigned char *buf, const unsigned char *buf,
size_t bits ); size_t bits);
/** /**
* \brief Write an octet string tag (#MBEDTLS_ASN1_OCTET_STRING) * \brief Write an octet string tag (#MBEDTLS_ASN1_OCTET_STRING)
@ -330,8 +330,8 @@ int mbedtls_asn1_write_named_bitstring( unsigned char **p,
* \return The number of bytes written to \p p on success. * \return The number of bytes written to \p p on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_asn1_write_octet_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_octet_string(unsigned char **p, const unsigned char *start,
const unsigned char *buf, size_t size ); const unsigned char *buf, size_t size);
/** /**
* \brief Create or find a specific named_data entry for writing in a * \brief Create or find a specific named_data entry for writing in a
@ -354,10 +354,10 @@ int mbedtls_asn1_write_octet_string( unsigned char **p, const unsigned char *sta
* \return A pointer to the new / existing entry on success. * \return A pointer to the new / existing entry on success.
* \return \c NULL if there was a memory allocation error. * \return \c NULL if there was a memory allocation error.
*/ */
mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list, mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data **list,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
const unsigned char *val, const unsigned char *val,
size_t val_len ); size_t val_len);
#ifdef __cplusplus #ifdef __cplusplus
} }

10
include/mbedtls/base64.h
View File

@ -54,8 +54,8 @@ extern "C" {
* \note Call this function with dlen = 0 to obtain the * \note Call this function with dlen = 0 to obtain the
* required buffer size in *olen * required buffer size in *olen
*/ */
int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen ); const unsigned char *src, size_t slen);
/** /**
* \brief Decode a base64-formatted buffer * \brief Decode a base64-formatted buffer
@ -74,8 +74,8 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
* \note Call this function with *dst = NULL or dlen = 0 to obtain * \note Call this function with *dst = NULL or dlen = 0 to obtain
* the required buffer size in *olen * the required buffer size in *olen
*/ */
int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen ); const unsigned char *src, size_t slen);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
@ -83,7 +83,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int mbedtls_base64_self_test( int verbose ); int mbedtls_base64_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

235
include/mbedtls/bignum.h
View File

@ -52,9 +52,9 @@
#define MBEDTLS_MPI_CHK(f) \ #define MBEDTLS_MPI_CHK(f) \
do \ do \
{ \ { \
if( ( ret = (f) ) != 0 ) \ if ((ret = (f)) != 0) \
goto cleanup; \ goto cleanup; \
} while( 0 ) } while (0)
/* /*
* Maximum size MPIs are allowed to grow to in number of limbs. * Maximum size MPIs are allowed to grow to in number of limbs.
@ -85,7 +85,7 @@
#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ #define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
#endif /* !MBEDTLS_MPI_MAX_SIZE */ #endif /* !MBEDTLS_MPI_MAX_SIZE */
#define MBEDTLS_MPI_MAX_BITS ( 8 * MBEDTLS_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */ #define MBEDTLS_MPI_MAX_BITS (8 * MBEDTLS_MPI_MAX_SIZE) /**< Maximum number of bits for usable MPIs. */
/* /*
* When reading from files with mbedtls_mpi_read_file() and writing to files with * When reading from files with mbedtls_mpi_read_file() and writing to files with
@ -105,9 +105,11 @@
* MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) + * MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) +
* LabelSize + 6 * LabelSize + 6
*/ */
#define MBEDTLS_MPI_MAX_BITS_SCALE100 ( 100 * MBEDTLS_MPI_MAX_BITS ) #define MBEDTLS_MPI_MAX_BITS_SCALE100 (100 * MBEDTLS_MPI_MAX_BITS)
#define MBEDTLS_LN_2_DIV_LN_10_SCALE100 332 #define MBEDTLS_LN_2_DIV_LN_10_SCALE100 332
#define MBEDTLS_MPI_RW_BUFFER_SIZE ( ((MBEDTLS_MPI_MAX_BITS_SCALE100 + MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6 ) #define MBEDTLS_MPI_RW_BUFFER_SIZE (((MBEDTLS_MPI_MAX_BITS_SCALE100 + \
MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / \
MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6)
/* /*
* Define the base integer type, architecture-wise. * Define the base integer type, architecture-wise.
@ -121,60 +123,60 @@
*/ */
#if !defined(MBEDTLS_HAVE_INT32) #if !defined(MBEDTLS_HAVE_INT32)
#if defined(_MSC_VER) && defined(_M_AMD64) #if defined(_MSC_VER) && defined(_M_AMD64)
/* Always choose 64-bit when using MSC */ /* Always choose 64-bit when using MSC */
#if !defined(MBEDTLS_HAVE_INT64) #if !defined(MBEDTLS_HAVE_INT64)
#define MBEDTLS_HAVE_INT64 #define MBEDTLS_HAVE_INT64
#endif /* !MBEDTLS_HAVE_INT64 */ #endif /* !MBEDTLS_HAVE_INT64 */
typedef int64_t mbedtls_mpi_sint; typedef int64_t mbedtls_mpi_sint;
typedef uint64_t mbedtls_mpi_uint; typedef uint64_t mbedtls_mpi_uint;
#elif defined(__GNUC__) && ( \ #elif defined(__GNUC__) && ( \
defined(__amd64__) || defined(__x86_64__) || \ defined(__amd64__) || defined(__x86_64__) || \
defined(__ppc64__) || defined(__powerpc64__) || \ defined(__ppc64__) || defined(__powerpc64__) || \
defined(__ia64__) || defined(__alpha__) || \ defined(__ia64__) || defined(__alpha__) || \
( defined(__sparc__) && defined(__arch64__) ) || \ (defined(__sparc__) && defined(__arch64__)) || \
defined(__s390x__) || defined(__mips64) || \ defined(__s390x__) || defined(__mips64) || \
defined(__aarch64__) ) defined(__aarch64__))
#if !defined(MBEDTLS_HAVE_INT64) #if !defined(MBEDTLS_HAVE_INT64)
#define MBEDTLS_HAVE_INT64 #define MBEDTLS_HAVE_INT64
#endif /* MBEDTLS_HAVE_INT64 */ #endif /* MBEDTLS_HAVE_INT64 */
typedef int64_t mbedtls_mpi_sint; typedef int64_t mbedtls_mpi_sint;
typedef uint64_t mbedtls_mpi_uint; typedef uint64_t mbedtls_mpi_uint;
#if !defined(MBEDTLS_NO_UDBL_DIVISION) #if !defined(MBEDTLS_NO_UDBL_DIVISION)
/* mbedtls_t_udbl defined as 128-bit unsigned int */ /* mbedtls_t_udbl defined as 128-bit unsigned int */
typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI))); typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI)));
#define MBEDTLS_HAVE_UDBL #define MBEDTLS_HAVE_UDBL
#endif /* !MBEDTLS_NO_UDBL_DIVISION */ #endif /* !MBEDTLS_NO_UDBL_DIVISION */
#elif defined(__ARMCC_VERSION) && defined(__aarch64__) #elif defined(__ARMCC_VERSION) && defined(__aarch64__)
/* /*
* __ARMCC_VERSION is defined for both armcc and armclang and * __ARMCC_VERSION is defined for both armcc and armclang and
* __aarch64__ is only defined by armclang when compiling 64-bit code * __aarch64__ is only defined by armclang when compiling 64-bit code
*/ */
#if !defined(MBEDTLS_HAVE_INT64) #if !defined(MBEDTLS_HAVE_INT64)
#define MBEDTLS_HAVE_INT64 #define MBEDTLS_HAVE_INT64
#endif /* !MBEDTLS_HAVE_INT64 */ #endif /* !MBEDTLS_HAVE_INT64 */
typedef int64_t mbedtls_mpi_sint; typedef int64_t mbedtls_mpi_sint;
typedef uint64_t mbedtls_mpi_uint; typedef uint64_t mbedtls_mpi_uint;
#if !defined(MBEDTLS_NO_UDBL_DIVISION) #if !defined(MBEDTLS_NO_UDBL_DIVISION)
/* mbedtls_t_udbl defined as 128-bit unsigned int */ /* mbedtls_t_udbl defined as 128-bit unsigned int */
typedef __uint128_t mbedtls_t_udbl; typedef __uint128_t mbedtls_t_udbl;
#define MBEDTLS_HAVE_UDBL #define MBEDTLS_HAVE_UDBL
#endif /* !MBEDTLS_NO_UDBL_DIVISION */ #endif /* !MBEDTLS_NO_UDBL_DIVISION */
#elif defined(MBEDTLS_HAVE_INT64) #elif defined(MBEDTLS_HAVE_INT64)
/* Force 64-bit integers with unknown compiler */ /* Force 64-bit integers with unknown compiler */
typedef int64_t mbedtls_mpi_sint; typedef int64_t mbedtls_mpi_sint;
typedef uint64_t mbedtls_mpi_uint; typedef uint64_t mbedtls_mpi_uint;
#endif #endif
#endif /* !MBEDTLS_HAVE_INT32 */ #endif /* !MBEDTLS_HAVE_INT32 */
#if !defined(MBEDTLS_HAVE_INT64) #if !defined(MBEDTLS_HAVE_INT64)
/* Default to 32-bit compilation */ /* Default to 32-bit compilation */
#if !defined(MBEDTLS_HAVE_INT32) #if !defined(MBEDTLS_HAVE_INT32)
#define MBEDTLS_HAVE_INT32 #define MBEDTLS_HAVE_INT32
#endif /* !MBEDTLS_HAVE_INT32 */ #endif /* !MBEDTLS_HAVE_INT32 */
typedef int32_t mbedtls_mpi_sint; typedef int32_t mbedtls_mpi_sint;
typedef uint32_t mbedtls_mpi_uint; typedef uint32_t mbedtls_mpi_uint;
#if !defined(MBEDTLS_NO_UDBL_DIVISION) #if !defined(MBEDTLS_NO_UDBL_DIVISION)
typedef uint64_t mbedtls_t_udbl; typedef uint64_t mbedtls_t_udbl;
#define MBEDTLS_HAVE_UDBL #define MBEDTLS_HAVE_UDBL
#endif /* !MBEDTLS_NO_UDBL_DIVISION */ #endif /* !MBEDTLS_NO_UDBL_DIVISION */
#endif /* !MBEDTLS_HAVE_INT64 */ #endif /* !MBEDTLS_HAVE_INT64 */
@ -200,8 +202,7 @@ extern "C" {
/** /**
* \brief MPI structure * \brief MPI structure
*/ */
typedef struct mbedtls_mpi typedef struct mbedtls_mpi {
{
/** Sign: -1 if the mpi is negative, 1 otherwise. /** Sign: -1 if the mpi is negative, 1 otherwise.
* *
* The number 0 must be represented with `s = +1`. Although many library * The number 0 must be represented with `s = +1`. Although many library
@ -234,7 +235,7 @@ mbedtls_mpi;
* *
* \param X The MPI context to initialize. This must not be \c NULL. * \param X The MPI context to initialize. This must not be \c NULL.
*/ */
void mbedtls_mpi_init( mbedtls_mpi *X ); void mbedtls_mpi_init(mbedtls_mpi *X);
/** /**
* \brief This function frees the components of an MPI context. * \brief This function frees the components of an MPI context.
@ -243,7 +244,7 @@ void mbedtls_mpi_init( mbedtls_mpi *X );
* in which case this function is a no-op. If it is * in which case this function is a no-op. If it is
* not \c NULL, it must point to an initialized MPI. * not \c NULL, it must point to an initialized MPI.
*/ */
void mbedtls_mpi_free( mbedtls_mpi *X ); void mbedtls_mpi_free(mbedtls_mpi *X);
/** /**
* \brief Enlarge an MPI to the specified number of limbs. * \brief Enlarge an MPI to the specified number of limbs.
@ -258,7 +259,7 @@ void mbedtls_mpi_free( mbedtls_mpi *X );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ); int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs);
/** /**
* \brief This function resizes an MPI downwards, keeping at least the * \brief This function resizes an MPI downwards, keeping at least the
@ -275,7 +276,7 @@ int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs );
* (this can only happen when resizing up). * (this can only happen when resizing up).
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ); int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs);
/** /**
* \brief Make a copy of an MPI. * \brief Make a copy of an MPI.
@ -290,7 +291,7 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ); int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y);
/** /**
* \brief Swap the contents of two MPIs. * \brief Swap the contents of two MPIs.
@ -298,7 +299,7 @@ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y );
* \param X The first MPI. It must be initialized. * \param X The first MPI. It must be initialized.
* \param Y The second MPI. It must be initialized. * \param Y The second MPI. It must be initialized.
*/ */
void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ); void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y);
/** /**
* \brief Perform a safe conditional copy of MPI which doesn't * \brief Perform a safe conditional copy of MPI which doesn't
@ -328,7 +329,7 @@ void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign ); int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign);
/** /**
* \brief Perform a safe conditional swap which doesn't * \brief Perform a safe conditional swap which doesn't
@ -357,7 +358,7 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
* *
*/ */
int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap ); int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap);
/** /**
* \brief Store integer value in MPI. * \brief Store integer value in MPI.
@ -369,7 +370,7 @@ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char sw
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ); int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z);
/** /**
* \brief Get a specific bit from an MPI. * \brief Get a specific bit from an MPI.
@ -381,7 +382,7 @@ int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z );
* of \c X is unset or set. * of \c X is unset or set.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos ); int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos);
/** /**
* \brief Modify a specific bit in an MPI. * \brief Modify a specific bit in an MPI.
@ -398,7 +399,7 @@ int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val ); int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val);
/** /**
* \brief Return the number of bits of value \c 0 before the * \brief Return the number of bits of value \c 0 before the
@ -412,7 +413,7 @@ int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val );
* \return The number of bits of value \c 0 before the least significant * \return The number of bits of value \c 0 before the least significant
* bit of value \c 1 in \p X. * bit of value \c 1 in \p X.
*/ */
size_t mbedtls_mpi_lsb( const mbedtls_mpi *X ); size_t mbedtls_mpi_lsb(const mbedtls_mpi *X);
/** /**
* \brief Return the number of bits up to and including the most * \brief Return the number of bits up to and including the most
@ -426,7 +427,7 @@ size_t mbedtls_mpi_lsb( const mbedtls_mpi *X );
* \return The number of bits up to and including the most * \return The number of bits up to and including the most
* significant bit of value \c 1. * significant bit of value \c 1.
*/ */
size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X ); size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X);
/** /**
* \brief Return the total size of an MPI value in bytes. * \brief Return the total size of an MPI value in bytes.
@ -441,7 +442,7 @@ size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X );
* \return The least number of bytes capable of storing * \return The least number of bytes capable of storing
* the absolute value of \p X. * the absolute value of \p X.
*/ */
size_t mbedtls_mpi_size( const mbedtls_mpi *X ); size_t mbedtls_mpi_size(const mbedtls_mpi *X);
/** /**
* \brief Import an MPI from an ASCII string. * \brief Import an MPI from an ASCII string.
@ -453,7 +454,7 @@ size_t mbedtls_mpi_size( const mbedtls_mpi *X );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ); int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s);
/** /**
* \brief Export an MPI to an ASCII string. * \brief Export an MPI to an ASCII string.
@ -477,8 +478,8 @@ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s );
* size of \p buf required for a successful call. * size of \p buf required for a successful call.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix,
char *buf, size_t buflen, size_t *olen ); char *buf, size_t buflen, size_t *olen);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -502,7 +503,7 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
* is too small. * is too small.
* \return Another negative error code on failure. * \return Another negative error code on failure.
*/ */
int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ); int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin);
/** /**
* \brief Export an MPI into an opened file. * \brief Export an MPI into an opened file.
@ -519,8 +520,8 @@ int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X,
int radix, FILE *fout ); int radix, FILE *fout);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
/** /**
@ -535,8 +536,8 @@ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf,
size_t buflen ); size_t buflen);
/** /**
* \brief Import X from unsigned binary data, little endian * \brief Import X from unsigned binary data, little endian
@ -550,8 +551,8 @@ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, int mbedtls_mpi_read_binary_le(mbedtls_mpi *X,
const unsigned char *buf, size_t buflen ); const unsigned char *buf, size_t buflen);
/** /**
* \brief Export X into unsigned binary data, big endian. * \brief Export X into unsigned binary data, big endian.
@ -568,8 +569,8 @@ int mbedtls_mpi_read_binary_le( mbedtls_mpi *X,
* large enough to hold the value of \p X. * large enough to hold the value of \p X.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf,
size_t buflen ); size_t buflen);
/** /**
* \brief Export X into unsigned binary data, little endian. * \brief Export X into unsigned binary data, little endian.
@ -586,8 +587,8 @@ int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf,
* large enough to hold the value of \p X. * large enough to hold the value of \p X.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X, int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X,
unsigned char *buf, size_t buflen ); unsigned char *buf, size_t buflen);
/** /**
* \brief Perform a left-shift on an MPI: X <<= count * \brief Perform a left-shift on an MPI: X <<= count
@ -599,7 +600,7 @@ int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ); int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count);
/** /**
* \brief Perform a right-shift on an MPI: X >>= count * \brief Perform a right-shift on an MPI: X >>= count
@ -611,7 +612,7 @@ int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ); int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count);
/** /**
* \brief Compare the absolute values of two MPIs. * \brief Compare the absolute values of two MPIs.
@ -623,7 +624,7 @@ int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count );
* \return \c -1 if `|X|` is lesser than `|Y|`. * \return \c -1 if `|X|` is lesser than `|Y|`.
* \return \c 0 if `|X|` is equal to `|Y|`. * \return \c 0 if `|X|` is equal to `|Y|`.
*/ */
int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ); int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y);
/** /**
* \brief Compare two MPIs. * \brief Compare two MPIs.
@ -635,7 +636,7 @@ int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y );
* \return \c -1 if \p X is lesser than \p Y. * \return \c -1 if \p X is lesser than \p Y.
* \return \c 0 if \p X is equal to \p Y. * \return \c 0 if \p X is equal to \p Y.
*/ */
int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ); int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y);
/** /**
* \brief Check if an MPI is less than the other in constant time. * \brief Check if an MPI is less than the other in constant time.
@ -652,8 +653,8 @@ int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y );
* \return MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of * \return MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of
* the two input MPIs is not the same. * the two input MPIs is not the same.
*/ */
int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, const mbedtls_mpi *Y,
unsigned *ret ); unsigned *ret);
/** /**
* \brief Compare an MPI with an integer. * \brief Compare an MPI with an integer.
@ -665,7 +666,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y,
* \return \c -1 if \p X is lesser than \p z. * \return \c -1 if \p X is lesser than \p z.
* \return \c 0 if \p X is equal to \p z. * \return \c 0 if \p X is equal to \p z.
*/ */
int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ); int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z);
/** /**
* \brief Perform an unsigned addition of MPIs: X = |A| + |B| * \brief Perform an unsigned addition of MPIs: X = |A| + |B|
@ -678,8 +679,8 @@ int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform an unsigned subtraction of MPIs: X = |A| - |B| * \brief Perform an unsigned subtraction of MPIs: X = |A| - |B|
@ -693,8 +694,8 @@ int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
* *
*/ */
int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform a signed addition of MPIs: X = A + B * \brief Perform a signed addition of MPIs: X = A + B
@ -707,8 +708,8 @@ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform a signed subtraction of MPIs: X = A - B * \brief Perform a signed subtraction of MPIs: X = A - B
@ -721,8 +722,8 @@ int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform a signed addition of an MPI and an integer: X = A + b * \brief Perform a signed addition of an MPI and an integer: X = A + b
@ -735,8 +736,8 @@ int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A,
mbedtls_mpi_sint b ); mbedtls_mpi_sint b);
/** /**
* \brief Perform a signed subtraction of an MPI and an integer: * \brief Perform a signed subtraction of an MPI and an integer:
@ -750,8 +751,8 @@ int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A,
mbedtls_mpi_sint b ); mbedtls_mpi_sint b);
/** /**
* \brief Perform a multiplication of two MPIs: X = A * B * \brief Perform a multiplication of two MPIs: X = A * B
@ -765,8 +766,8 @@ int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
* *
*/ */
int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform a multiplication of an MPI with an unsigned integer: * \brief Perform a multiplication of an MPI with an unsigned integer:
@ -781,8 +782,8 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
* *
*/ */
int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A,
mbedtls_mpi_uint b ); mbedtls_mpi_uint b);
/** /**
* \brief Perform a division with remainder of two MPIs: * \brief Perform a division with remainder of two MPIs:
@ -802,8 +803,8 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero. * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform a division with remainder of an MPI by an integer: * \brief Perform a division with remainder of an MPI by an integer:
@ -823,8 +824,8 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero. * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
mbedtls_mpi_sint b ); mbedtls_mpi_sint b);
/** /**
* \brief Perform a modular reduction. R = A mod B * \brief Perform a modular reduction. R = A mod B
@ -843,8 +844,8 @@ int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
* *
*/ */
int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Perform a modular reduction with respect to an integer. * \brief Perform a modular reduction with respect to an integer.
@ -862,8 +863,8 @@ int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative. * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A,
mbedtls_mpi_sint b ); mbedtls_mpi_sint b);
/** /**
* \brief Perform a sliding-window exponentiation: X = A^E mod N * \brief Perform a sliding-window exponentiation: X = A^E mod N
@ -892,9 +893,9 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A,
* \return Another negative error code on different kinds of failures. * \return Another negative error code on different kinds of failures.
* *
*/ */
int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *E, const mbedtls_mpi *N, const mbedtls_mpi *E, const mbedtls_mpi *N,
mbedtls_mpi *prec_RR ); mbedtls_mpi *prec_RR);
/** /**
* \brief Fill an MPI with a number of random bytes. * \brief Fill an MPI with a number of random bytes.
@ -913,9 +914,9 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
* as a big-endian representation of an MPI; this can * as a big-endian representation of an MPI; this can
* be relevant in applications like deterministic ECDSA. * be relevant in applications like deterministic ECDSA.
*/ */
int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** Generate a random number uniformly in a range. /** Generate a random number uniformly in a range.
* *
@ -949,11 +950,11 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
* for all usual cryptographic applications. * for all usual cryptographic applications.
* \return Another negative error code on failure. * \return Another negative error code on failure.
*/ */
int mbedtls_mpi_random( mbedtls_mpi *X, int mbedtls_mpi_random(mbedtls_mpi *X,
mbedtls_mpi_sint min, mbedtls_mpi_sint min,
const mbedtls_mpi *N, const mbedtls_mpi *N,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Compute the greatest common divisor: G = gcd(A, B) * \brief Compute the greatest common divisor: G = gcd(A, B)
@ -966,8 +967,8 @@ int mbedtls_mpi_random( mbedtls_mpi *X,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A,
const mbedtls_mpi *B ); const mbedtls_mpi *B);
/** /**
* \brief Compute the modular inverse: X = A^-1 mod N * \brief Compute the modular inverse: X = A^-1 mod N
@ -985,8 +986,8 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse
* with respect to \p N. * with respect to \p N.
*/ */
int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
const mbedtls_mpi *N ); const mbedtls_mpi *N);
/** /**
* \brief Miller-Rabin primality test. * \brief Miller-Rabin primality test.
@ -1015,9 +1016,9 @@ int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime. * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds, int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Flags for mbedtls_mpi_gen_prime() * \brief Flags for mbedtls_mpi_gen_prime()
* *
@ -1048,9 +1049,9 @@ typedef enum {
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between
* \c 3 and #MBEDTLS_MPI_MAX_BITS. * \c 3 and #MBEDTLS_MPI_MAX_BITS.
*/ */
int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -1059,7 +1060,7 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int mbedtls_mpi_self_test( int verbose ); int mbedtls_mpi_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

36
include/mbedtls/build_info.h
View File

@ -6,22 +6,22 @@
* Include this file if you need to depend on the * Include this file if you need to depend on the
* configuration options defined in mbedtls_config.h or MBEDTLS_CONFIG_FILE * configuration options defined in mbedtls_config.h or MBEDTLS_CONFIG_FILE
*/ */
/* /*
* Copyright The Mbed TLS Contributors * Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
* *
* Licensed under the Apache License, Version 2.0 (the "License"); you may * Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
* You may obtain a copy of the License at * You may obtain a copy of the License at
* *
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
* *
* Unless required by applicable law or agreed to in writing, software * Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
#ifndef MBEDTLS_BUILD_INFO_H #ifndef MBEDTLS_BUILD_INFO_H
#define MBEDTLS_BUILD_INFO_H #define MBEDTLS_BUILD_INFO_H
@ -54,7 +54,7 @@
#endif #endif
/* Define `inline` on some non-C99-compliant compilers. */ /* Define `inline` on some non-C99-compliant compilers. */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ #if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
!defined(inline) && !defined(__cplusplus) !defined(inline) && !defined(__cplusplus)
#define inline __inline #define inline __inline
#endif #endif
@ -67,7 +67,7 @@
#if defined(MBEDTLS_CONFIG_VERSION) && ( \ #if defined(MBEDTLS_CONFIG_VERSION) && ( \
MBEDTLS_CONFIG_VERSION < 0x03000000 || \ MBEDTLS_CONFIG_VERSION < 0x03000000 || \
MBEDTLS_CONFIG_VERSION > MBEDTLS_VERSION_NUMBER ) MBEDTLS_CONFIG_VERSION > MBEDTLS_VERSION_NUMBER)
#error "Invalid config version, defined value of MBEDTLS_CONFIG_VERSION is unsupported" #error "Invalid config version, defined value of MBEDTLS_CONFIG_VERSION is unsupported"
#endif #endif

69
include/mbedtls/camellia.h
View File

@ -50,8 +50,7 @@ extern "C" {
/** /**
* \brief CAMELLIA context structure * \brief CAMELLIA context structure
*/ */
typedef struct mbedtls_camellia_context typedef struct mbedtls_camellia_context {
{
int MBEDTLS_PRIVATE(nr); /*!< number of rounds */ int MBEDTLS_PRIVATE(nr); /*!< number of rounds */
uint32_t MBEDTLS_PRIVATE(rk)[68]; /*!< CAMELLIA round keys */ uint32_t MBEDTLS_PRIVATE(rk)[68]; /*!< CAMELLIA round keys */
} }
@ -67,7 +66,7 @@ mbedtls_camellia_context;
* \param ctx The CAMELLIA context to be initialized. * \param ctx The CAMELLIA context to be initialized.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_camellia_init( mbedtls_camellia_context *ctx ); void mbedtls_camellia_init(mbedtls_camellia_context *ctx);
/** /**
* \brief Clear a CAMELLIA context. * \brief Clear a CAMELLIA context.
@ -76,7 +75,7 @@ void mbedtls_camellia_init( mbedtls_camellia_context *ctx );
* in which case this function returns immediately. If it is not * in which case this function returns immediately. If it is not
* \c NULL, it must be initialized. * \c NULL, it must be initialized.
*/ */
void mbedtls_camellia_free( mbedtls_camellia_context *ctx ); void mbedtls_camellia_free(mbedtls_camellia_context *ctx);
/** /**
* \brief Perform a CAMELLIA key schedule operation for encryption. * \brief Perform a CAMELLIA key schedule operation for encryption.
@ -90,9 +89,9 @@ void mbedtls_camellia_free( mbedtls_camellia_context *ctx );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief Perform a CAMELLIA key schedule operation for decryption. * \brief Perform a CAMELLIA key schedule operation for decryption.
@ -106,9 +105,9 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief Perform a CAMELLIA-ECB block encryption/decryption operation. * \brief Perform a CAMELLIA-ECB block encryption/decryption operation.
@ -125,10 +124,10 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
@ -159,12 +158,12 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, int mbedtls_camellia_crypt_cbc(mbedtls_camellia_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
@ -205,13 +204,13 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
@ -289,13 +288,13 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, int mbedtls_camellia_crypt_ctr(mbedtls_camellia_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[16], unsigned char nonce_counter[16],
unsigned char stream_block[16], unsigned char stream_block[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -305,7 +304,7 @@ int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int mbedtls_camellia_self_test( int verbose ); int mbedtls_camellia_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

99
include/mbedtls/ccm.h
View File

@ -74,8 +74,7 @@ extern "C" {
* \brief The CCM context-type definition. The CCM context is passed * \brief The CCM context-type definition. The CCM context is passed
* to the APIs called. * to the APIs called.
*/ */
typedef struct mbedtls_ccm_context typedef struct mbedtls_ccm_context {
{
unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working buffer */ unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working buffer */
unsigned char MBEDTLS_PRIVATE(ctr)[16]; /*!< The counter buffer */ unsigned char MBEDTLS_PRIVATE(ctr)[16]; /*!< The counter buffer */
mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */
@ -90,10 +89,10 @@ typedef struct mbedtls_ccm_context
auth data input is finished. */ auth data input is finished. */
unsigned char MBEDTLS_PRIVATE(q); /*!< The Q working value */ unsigned char MBEDTLS_PRIVATE(q); /*!< The Q working value */
unsigned char MBEDTLS_PRIVATE(mode); /*!< The operation to perform: unsigned char MBEDTLS_PRIVATE(mode); /*!< The operation to perform:
#MBEDTLS_CCM_ENCRYPT or #MBEDTLS_CCM_ENCRYPT or
#MBEDTLS_CCM_DECRYPT or #MBEDTLS_CCM_DECRYPT or
#MBEDTLS_CCM_STAR_ENCRYPT or #MBEDTLS_CCM_STAR_ENCRYPT or
#MBEDTLS_CCM_STAR_DECRYPT. */ #MBEDTLS_CCM_STAR_DECRYPT. */
int MBEDTLS_PRIVATE(state); /*!< Working value holding context's int MBEDTLS_PRIVATE(state); /*!< Working value holding context's
state. Used for chunked data state. Used for chunked data
input */ input */
@ -111,7 +110,7 @@ mbedtls_ccm_context;
* *
* \param ctx The CCM context to initialize. This must not be \c NULL. * \param ctx The CCM context to initialize. This must not be \c NULL.
*/ */
void mbedtls_ccm_init( mbedtls_ccm_context *ctx ); void mbedtls_ccm_init(mbedtls_ccm_context *ctx);
/** /**
* \brief This function initializes the CCM context set in the * \brief This function initializes the CCM context set in the
@ -126,10 +125,10 @@ void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure. * \return A CCM or cipher-specific error code on failure.
*/ */
int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx,
mbedtls_cipher_id_t cipher, mbedtls_cipher_id_t cipher,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief This function releases and clears the specified CCM context * \brief This function releases and clears the specified CCM context
@ -138,7 +137,7 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
* \param ctx The CCM context to clear. If this is \c NULL, the function * \param ctx The CCM context to clear. If this is \c NULL, the function
* has no effect. Otherwise, this must be initialized. * has no effect. Otherwise, this must be initialized.
*/ */
void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); void mbedtls_ccm_free(mbedtls_ccm_context *ctx);
/** /**
* \brief This function encrypts a buffer using CCM. * \brief This function encrypts a buffer using CCM.
@ -176,11 +175,11 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure. * \return A CCM or cipher-specific error code on failure.
*/ */
int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len ); unsigned char *tag, size_t tag_len);
/** /**
* \brief This function encrypts a buffer using CCM*. * \brief This function encrypts a buffer using CCM*.
@ -225,11 +224,11 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
* \return \c 0 on success. * \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure. * \return A CCM or cipher-specific error code on failure.
*/ */
int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len ); unsigned char *tag, size_t tag_len);
/** /**
* \brief This function performs a CCM authenticated decryption of a * \brief This function performs a CCM authenticated decryption of a
@ -262,11 +261,11 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
* \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match. * \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
* \return A cipher-specific error code on calculation failure. * \return A cipher-specific error code on calculation failure.
*/ */
int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len ); const unsigned char *tag, size_t tag_len);
/** /**
* \brief This function performs a CCM* authenticated decryption of a * \brief This function performs a CCM* authenticated decryption of a
@ -308,11 +307,11 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
* \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match. * \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
* \return A cipher-specific error code on calculation failure. * \return A cipher-specific error code on calculation failure.
*/ */
int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len ); const unsigned char *tag, size_t tag_len);
/** /**
* \brief This function starts a CCM encryption or decryption * \brief This function starts a CCM encryption or decryption
@ -342,10 +341,10 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
* \p iv_len is invalid (lower than \c 7 or greater than * \p iv_len is invalid (lower than \c 7 or greater than
* \c 13). * \c 13).
*/ */
int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, int mbedtls_ccm_starts(mbedtls_ccm_context *ctx,
int mode, int mode,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len ); size_t iv_len);
/** /**
* \brief This function declares the lengths of the message * \brief This function declares the lengths of the message
@ -374,10 +373,10 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx,
* \p ctx is in an invalid state, * \p ctx is in an invalid state,
* \p total_ad_len is greater than \c 0xFF00. * \p total_ad_len is greater than \c 0xFF00.
*/ */
int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, int mbedtls_ccm_set_lengths(mbedtls_ccm_context *ctx,
size_t total_ad_len, size_t total_ad_len,
size_t plaintext_len, size_t plaintext_len,
size_t tag_len ); size_t tag_len);
/** /**
* \brief This function feeds an input buffer as associated data * \brief This function feeds an input buffer as associated data
@ -409,9 +408,9 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx,
* \p ctx is in an invalid state, * \p ctx is in an invalid state,
* total input length too long. * total input length too long.
*/ */
int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx,
const unsigned char *ad, const unsigned char *ad,
size_t ad_len ); size_t ad_len);
/** /**
* \brief This function feeds an input buffer into an ongoing CCM * \brief This function feeds an input buffer into an ongoing CCM
@ -476,10 +475,10 @@ int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx,
* total input length too long, * total input length too long,
* or \p output_size too small. * or \p output_size too small.
*/ */
int mbedtls_ccm_update( mbedtls_ccm_context *ctx, int mbedtls_ccm_update(mbedtls_ccm_context *ctx,
const unsigned char *input, size_t input_len, const unsigned char *input, size_t input_len,
unsigned char *output, size_t output_size, unsigned char *output, size_t output_size,
size_t *output_len ); size_t *output_len);
/** /**
* \brief This function finishes the CCM operation and generates * \brief This function finishes the CCM operation and generates
@ -512,8 +511,8 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx,
* mbedtls_ccm_update() was lower than the plaintext length * mbedtls_ccm_update() was lower than the plaintext length
* \c plaintext_len passed to mbedtls_ccm_set_lengths(). * \c plaintext_len passed to mbedtls_ccm_set_lengths().
*/ */
int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, int mbedtls_ccm_finish(mbedtls_ccm_context *ctx,
unsigned char *tag, size_t tag_len ); unsigned char *tag, size_t tag_len);
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
/** /**
@ -522,7 +521,7 @@ int mbedtls_ccm_finish( mbedtls_ccm_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_ccm_self_test( int verbose ); int mbedtls_ccm_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
#ifdef __cplusplus #ifdef __cplusplus

39
include/mbedtls/chacha20.h
View File

@ -47,8 +47,7 @@ extern "C" {
#if !defined(MBEDTLS_CHACHA20_ALT) #if !defined(MBEDTLS_CHACHA20_ALT)
typedef struct mbedtls_chacha20_context typedef struct mbedtls_chacha20_context {
{
uint32_t MBEDTLS_PRIVATE(state)[16]; /*! The state (before round operations). */ uint32_t MBEDTLS_PRIVATE(state)[16]; /*! The state (before round operations). */
uint8_t MBEDTLS_PRIVATE(keystream8)[64]; /*! Leftover keystream bytes. */ uint8_t MBEDTLS_PRIVATE(keystream8)[64]; /*! Leftover keystream bytes. */
size_t MBEDTLS_PRIVATE(keystream_bytes_used); /*! Number of keystream bytes already used. */ size_t MBEDTLS_PRIVATE(keystream_bytes_used); /*! Number of keystream bytes already used. */
@ -74,7 +73,7 @@ mbedtls_chacha20_context;
* \param ctx The ChaCha20 context to initialize. * \param ctx The ChaCha20 context to initialize.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx ); void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx);
/** /**
* \brief This function releases and clears the specified * \brief This function releases and clears the specified
@ -85,7 +84,7 @@ void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx );
* \c NULL, it must point to an initialized context. * \c NULL, it must point to an initialized context.
* *
*/ */
void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ); void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx);
/** /**
* \brief This function sets the encryption/decryption key. * \brief This function sets the encryption/decryption key.
@ -103,8 +102,8 @@ void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL. * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL.
*/ */
int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx,
const unsigned char key[32] ); const unsigned char key[32]);
/** /**
* \brief This function sets the nonce and initial counter value. * \brief This function sets the nonce and initial counter value.
@ -125,9 +124,9 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
* \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is
* NULL. * NULL.
*/ */
int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx,
const unsigned char nonce[12], const unsigned char nonce[12],
uint32_t counter ); uint32_t counter);
/** /**
* \brief This function encrypts or decrypts data. * \brief This function encrypts or decrypts data.
@ -158,10 +157,10 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx,
size_t size, size_t size,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function encrypts or decrypts data with ChaCha20 and * \brief This function encrypts or decrypts data with ChaCha20 and
@ -191,12 +190,12 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_chacha20_crypt( const unsigned char key[32], int mbedtls_chacha20_crypt(const unsigned char key[32],
const unsigned char nonce[12], const unsigned char nonce[12],
uint32_t counter, uint32_t counter,
size_t size, size_t size,
const unsigned char* input, const unsigned char *input,
unsigned char* output ); unsigned char *output);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
@ -205,7 +204,7 @@ int mbedtls_chacha20_crypt( const unsigned char key[32],
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_chacha20_self_test( int verbose ); int mbedtls_chacha20_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus

72
include/mbedtls/chachapoly.h
View File

@ -47,8 +47,7 @@
extern "C" { extern "C" {
#endif #endif
typedef enum typedef enum {
{
MBEDTLS_CHACHAPOLY_ENCRYPT, /**< The mode value for performing encryption. */ MBEDTLS_CHACHAPOLY_ENCRYPT, /**< The mode value for performing encryption. */
MBEDTLS_CHACHAPOLY_DECRYPT /**< The mode value for performing decryption. */ MBEDTLS_CHACHAPOLY_DECRYPT /**< The mode value for performing decryption. */
} }
@ -58,8 +57,7 @@ mbedtls_chachapoly_mode_t;
#include "mbedtls/chacha20.h" #include "mbedtls/chacha20.h"
typedef struct mbedtls_chachapoly_context typedef struct mbedtls_chachapoly_context {
{
mbedtls_chacha20_context MBEDTLS_PRIVATE(chacha20_ctx); /**< The ChaCha20 context. */ mbedtls_chacha20_context MBEDTLS_PRIVATE(chacha20_ctx); /**< The ChaCha20 context. */
mbedtls_poly1305_context MBEDTLS_PRIVATE(poly1305_ctx); /**< The Poly1305 context. */ mbedtls_poly1305_context MBEDTLS_PRIVATE(poly1305_ctx); /**< The Poly1305 context. */
uint64_t MBEDTLS_PRIVATE(aad_len); /**< The length (bytes) of the Additional Authenticated Data. */ uint64_t MBEDTLS_PRIVATE(aad_len); /**< The length (bytes) of the Additional Authenticated Data. */
@ -115,7 +113,7 @@ mbedtls_chachapoly_context;
* *
* \param ctx The ChachaPoly context to initialize. Must not be \c NULL. * \param ctx The ChachaPoly context to initialize. Must not be \c NULL.
*/ */
void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ); void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx);
/** /**
* \brief This function releases and clears the specified * \brief This function releases and clears the specified
@ -124,7 +122,7 @@ void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx );
* \param ctx The ChachaPoly context to clear. This may be \c NULL, in which * \param ctx The ChachaPoly context to clear. This may be \c NULL, in which
* case this function is a no-op. * case this function is a no-op.
*/ */
void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ); void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx);
/** /**
* \brief This function sets the ChaCha20-Poly1305 * \brief This function sets the ChaCha20-Poly1305
@ -137,8 +135,8 @@ void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx,
const unsigned char key[32] ); const unsigned char key[32]);
/** /**
* \brief This function starts a ChaCha20-Poly1305 encryption or * \brief This function starts a ChaCha20-Poly1305 encryption or
@ -165,9 +163,9 @@ int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx,
const unsigned char nonce[12], const unsigned char nonce[12],
mbedtls_chachapoly_mode_t mode ); mbedtls_chachapoly_mode_t mode);
/** /**
* \brief This function feeds additional data to be authenticated * \brief This function feeds additional data to be authenticated
@ -208,9 +206,9 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
* if the operations has not been started or has been * if the operations has not been started or has been
* finished, or if the AAD has been finished. * finished, or if the AAD has been finished.
*/ */
int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx,
const unsigned char *aad, const unsigned char *aad,
size_t aad_len ); size_t aad_len);
/** /**
* \brief Thus function feeds data to be encrypted or decrypted * \brief Thus function feeds data to be encrypted or decrypted
@ -243,10 +241,10 @@ int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
* finished. * finished.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx,
size_t len, size_t len,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function finished the ChaCha20-Poly1305 operation and * \brief This function finished the ChaCha20-Poly1305 operation and
@ -264,8 +262,8 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
* finished. * finished.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx,
unsigned char mac[16] ); unsigned char mac[16]);
/** /**
* \brief This function performs a complete ChaCha20-Poly1305 * \brief This function performs a complete ChaCha20-Poly1305
@ -296,14 +294,14 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx,
size_t length, size_t length,
const unsigned char nonce[12], const unsigned char nonce[12],
const unsigned char *aad, const unsigned char *aad,
size_t aad_len, size_t aad_len,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
unsigned char tag[16] ); unsigned char tag[16]);
/** /**
* \brief This function performs a complete ChaCha20-Poly1305 * \brief This function performs a complete ChaCha20-Poly1305
@ -330,14 +328,14 @@ int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
* if the data was not authentic. * if the data was not authentic.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx,
size_t length, size_t length,
const unsigned char nonce[12], const unsigned char nonce[12],
const unsigned char *aad, const unsigned char *aad,
size_t aad_len, size_t aad_len,
const unsigned char tag[16], const unsigned char tag[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
@ -346,7 +344,7 @@ int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_chachapoly_self_test( int verbose ); int mbedtls_chachapoly_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus

245
include/mbedtls/cipher.h
View File

@ -271,8 +271,7 @@ typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
* mbedtls_cipher_info_from_values(), * mbedtls_cipher_info_from_values(),
* mbedtls_cipher_info_from_psa(). * mbedtls_cipher_info_from_psa().
*/ */
typedef struct mbedtls_cipher_info_t typedef struct mbedtls_cipher_info_t {
{
/** Full cipher identifier. For example, /** Full cipher identifier. For example,
* MBEDTLS_CIPHER_AES_256_CBC. * MBEDTLS_CIPHER_AES_256_CBC.
*/ */
@ -288,7 +287,7 @@ typedef struct mbedtls_cipher_info_t
unsigned int MBEDTLS_PRIVATE(key_bitlen); unsigned int MBEDTLS_PRIVATE(key_bitlen);
/** Name of the cipher. */ /** Name of the cipher. */
const char * MBEDTLS_PRIVATE(name); const char *MBEDTLS_PRIVATE(name);
/** IV or nonce size, in Bytes. /** IV or nonce size, in Bytes.
* For ciphers that accept variable IV sizes, * For ciphers that accept variable IV sizes,
@ -313,8 +312,7 @@ typedef struct mbedtls_cipher_info_t
/** /**
* Generic cipher context. * Generic cipher context.
*/ */
typedef struct mbedtls_cipher_context_t typedef struct mbedtls_cipher_context_t {
{
/** Information about the associated cipher. */ /** Information about the associated cipher. */
const mbedtls_cipher_info_t *MBEDTLS_PRIVATE(cipher_info); const mbedtls_cipher_info_t *MBEDTLS_PRIVATE(cipher_info);
@ -330,8 +328,8 @@ typedef struct mbedtls_cipher_context_t
/** Padding functions to use, if relevant for /** Padding functions to use, if relevant for
* the specific cipher mode. * the specific cipher mode.
*/ */
void (*MBEDTLS_PRIVATE(add_padding))( unsigned char *output, size_t olen, size_t data_len ); void(*MBEDTLS_PRIVATE(add_padding))(unsigned char *output, size_t olen, size_t data_len);
int (*MBEDTLS_PRIVATE(get_padding))( unsigned char *input, size_t ilen, size_t *data_len ); int(*MBEDTLS_PRIVATE(get_padding))(unsigned char *input, size_t ilen, size_t *data_len);
#endif #endif
/** Buffer for input that has not been processed yet. */ /** Buffer for input that has not been processed yet. */
@ -381,7 +379,7 @@ typedef struct mbedtls_cipher_context_t
* \return A statically-allocated array of cipher identifiers * \return A statically-allocated array of cipher identifiers
* of type cipher_type_t. The last entry is zero. * of type cipher_type_t. The last entry is zero.
*/ */
const int *mbedtls_cipher_list( void ); const int *mbedtls_cipher_list(void);
/** /**
* \brief This function retrieves the cipher-information * \brief This function retrieves the cipher-information
@ -394,7 +392,7 @@ const int *mbedtls_cipher_list( void );
* given \p cipher_name. * given \p cipher_name.
* \return \c NULL if the associated cipher information is not found. * \return \c NULL if the associated cipher information is not found.
*/ */
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name ); const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string(const char *cipher_name);
/** /**
* \brief This function retrieves the cipher-information * \brief This function retrieves the cipher-information
@ -406,7 +404,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher
* given \p cipher_type. * given \p cipher_type.
* \return \c NULL if the associated cipher information is not found. * \return \c NULL if the associated cipher information is not found.
*/ */
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type ); const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type);
/** /**
* \brief This function retrieves the cipher-information * \brief This function retrieves the cipher-information
@ -422,9 +420,9 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher
* given \p cipher_id. * given \p cipher_id.
* \return \c NULL if the associated cipher information is not found. * \return \c NULL if the associated cipher information is not found.
*/ */
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id, const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id,
int key_bitlen, int key_bitlen,
const mbedtls_cipher_mode_t mode ); const mbedtls_cipher_mode_t mode);
/** /**
* \brief Retrieve the identifier for a cipher info structure. * \brief Retrieve the identifier for a cipher info structure.
@ -436,12 +434,13 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_ciph
* \return #MBEDTLS_CIPHER_NONE if \p info is \c NULL. * \return #MBEDTLS_CIPHER_NONE if \p info is \c NULL.
*/ */
static inline mbedtls_cipher_type_t mbedtls_cipher_info_get_type( static inline mbedtls_cipher_type_t mbedtls_cipher_info_get_type(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( MBEDTLS_CIPHER_NONE ); return MBEDTLS_CIPHER_NONE;
else } else {
return( info->MBEDTLS_PRIVATE(type) ); return info->MBEDTLS_PRIVATE(type);
}
} }
/** /**
@ -454,12 +453,13 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_info_get_type(
* \return #MBEDTLS_MODE_NONE if \p info is \c NULL. * \return #MBEDTLS_MODE_NONE if \p info is \c NULL.
*/ */
static inline mbedtls_cipher_mode_t mbedtls_cipher_info_get_mode( static inline mbedtls_cipher_mode_t mbedtls_cipher_info_get_mode(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( MBEDTLS_MODE_NONE ); return MBEDTLS_MODE_NONE;
else } else {
return( info->MBEDTLS_PRIVATE(mode) ); return info->MBEDTLS_PRIVATE(mode);
}
} }
/** /**
@ -474,12 +474,13 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_info_get_mode(
* \return \c 0 if \p info is \c NULL. * \return \c 0 if \p info is \c NULL.
*/ */
static inline size_t mbedtls_cipher_info_get_key_bitlen( static inline size_t mbedtls_cipher_info_get_key_bitlen(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( 0 ); return 0;
else } else {
return( info->MBEDTLS_PRIVATE(key_bitlen) ); return info->MBEDTLS_PRIVATE(key_bitlen);
}
} }
/** /**
@ -494,12 +495,13 @@ static inline size_t mbedtls_cipher_info_get_key_bitlen(
* \return \c NULL if \c info is \p NULL. * \return \c NULL if \c info is \p NULL.
*/ */
static inline const char *mbedtls_cipher_info_get_name( static inline const char *mbedtls_cipher_info_get_name(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( NULL ); return NULL;
else } else {
return( info->MBEDTLS_PRIVATE(name) ); return info->MBEDTLS_PRIVATE(name);
}
} }
/** /**
@ -513,12 +515,13 @@ static inline const char *mbedtls_cipher_info_get_name(
* \return \c 0 if \p info is \c NULL. * \return \c 0 if \p info is \c NULL.
*/ */
static inline size_t mbedtls_cipher_info_get_iv_size( static inline size_t mbedtls_cipher_info_get_iv_size(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( 0 ); return 0;
}
return( (size_t) info->MBEDTLS_PRIVATE(iv_size) ); return (size_t) info->MBEDTLS_PRIVATE(iv_size);
} }
/** /**
@ -532,12 +535,13 @@ static inline size_t mbedtls_cipher_info_get_iv_size(
* \return \c 0 if \p info is \c NULL. * \return \c 0 if \p info is \c NULL.
*/ */
static inline size_t mbedtls_cipher_info_get_block_size( static inline size_t mbedtls_cipher_info_get_block_size(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( 0 ); return 0;
}
return( (size_t) info->MBEDTLS_PRIVATE(block_size) ); return (size_t) info->MBEDTLS_PRIVATE(block_size);
} }
/** /**
@ -550,12 +554,13 @@ static inline size_t mbedtls_cipher_info_get_block_size(
* \return \c 0 if the given pointer is \c NULL. * \return \c 0 if the given pointer is \c NULL.
*/ */
static inline int mbedtls_cipher_info_has_variable_key_bitlen( static inline int mbedtls_cipher_info_has_variable_key_bitlen(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( 0 ); return 0;
}
return( info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ); return info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_KEY_LEN;
} }
/** /**
@ -568,12 +573,13 @@ static inline int mbedtls_cipher_info_has_variable_key_bitlen(
* \return \c 0 if the given pointer is \c NULL. * \return \c 0 if the given pointer is \c NULL.
*/ */
static inline int mbedtls_cipher_info_has_variable_iv_size( static inline int mbedtls_cipher_info_has_variable_iv_size(
const mbedtls_cipher_info_t *info ) const mbedtls_cipher_info_t *info)
{ {
if( info == NULL ) if (info == NULL) {
return( 0 ); return 0;
}
return( info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_IV_LEN ); return info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_IV_LEN;
} }
/** /**
@ -581,7 +587,7 @@ static inline int mbedtls_cipher_info_has_variable_iv_size(
* *
* \param ctx The context to be initialized. This must not be \c NULL. * \param ctx The context to be initialized. This must not be \c NULL.
*/ */
void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ); void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx);
/** /**
* \brief This function frees and clears the cipher-specific * \brief This function frees and clears the cipher-specific
@ -592,7 +598,7 @@ void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
* function has no effect, otherwise this must point to an * function has no effect, otherwise this must point to an
* initialized context. * initialized context.
*/ */
void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx);
/** /**
@ -621,8 +627,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
* \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the * \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
* cipher-specific context fails. * cipher-specific context fails.
*/ */
int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx,
const mbedtls_cipher_info_t *cipher_info ); const mbedtls_cipher_info_t *cipher_info);
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
@ -652,8 +658,9 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the * \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
* cipher-specific context fails. * cipher-specific context fails.
*/ */
int MBEDTLS_DEPRECATED mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, int MBEDTLS_DEPRECATED mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx,
const mbedtls_cipher_info_t *cipher_info, size_t taglen ); const mbedtls_cipher_info_t *cipher_info,
size_t taglen);
#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
@ -668,11 +675,12 @@ int MBEDTLS_DEPRECATED mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
* \return \c 0 if \p ctx has not been initialized. * \return \c 0 if \p ctx has not been initialized.
*/ */
static inline unsigned int mbedtls_cipher_get_block_size( static inline unsigned int mbedtls_cipher_get_block_size(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return 0; return 0;
}
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size); return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size);
} }
@ -687,11 +695,12 @@ static inline unsigned int mbedtls_cipher_get_block_size(
* \return #MBEDTLS_MODE_NONE if \p ctx has not been initialized. * \return #MBEDTLS_MODE_NONE if \p ctx has not been initialized.
*/ */
static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE ); MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, MBEDTLS_MODE_NONE);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return MBEDTLS_MODE_NONE; return MBEDTLS_MODE_NONE;
}
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode); return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode);
} }
@ -707,14 +716,16 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
* \return The actual size if an IV has been set. * \return The actual size if an IV has been set.
*/ */
static inline int mbedtls_cipher_get_iv_size( static inline int mbedtls_cipher_get_iv_size(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return 0; return 0;
}
if( ctx->MBEDTLS_PRIVATE(iv_size) != 0 ) if (ctx->MBEDTLS_PRIVATE(iv_size) != 0) {
return (int) ctx->MBEDTLS_PRIVATE(iv_size); return (int) ctx->MBEDTLS_PRIVATE(iv_size);
}
return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size); return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size);
} }
@ -728,12 +739,13 @@ static inline int mbedtls_cipher_get_iv_size(
* \return #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized. * \return #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized.
*/ */
static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( MBEDTLS_INTERNAL_VALIDATE_RET(
ctx != NULL, MBEDTLS_CIPHER_NONE ); ctx != NULL, MBEDTLS_CIPHER_NONE);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return MBEDTLS_CIPHER_NONE; return MBEDTLS_CIPHER_NONE;
}
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type); return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type);
} }
@ -748,11 +760,12 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
* \return NULL if \p ctx has not been not initialized. * \return NULL if \p ctx has not been not initialized.
*/ */
static inline const char *mbedtls_cipher_get_name( static inline const char *mbedtls_cipher_get_name(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return 0; return 0;
}
return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(name); return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(name);
} }
@ -767,12 +780,13 @@ static inline const char *mbedtls_cipher_get_name(
* initialized. * initialized.
*/ */
static inline int mbedtls_cipher_get_key_bitlen( static inline int mbedtls_cipher_get_key_bitlen(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( MBEDTLS_INTERNAL_VALIDATE_RET(
ctx != NULL, MBEDTLS_KEY_LENGTH_NONE ); ctx != NULL, MBEDTLS_KEY_LENGTH_NONE);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return MBEDTLS_KEY_LENGTH_NONE; return MBEDTLS_KEY_LENGTH_NONE;
}
return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen); return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen);
} }
@ -786,12 +800,13 @@ static inline int mbedtls_cipher_get_key_bitlen(
* \return #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized. * \return #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized.
*/ */
static inline mbedtls_operation_t mbedtls_cipher_get_operation( static inline mbedtls_operation_t mbedtls_cipher_get_operation(
const mbedtls_cipher_context_t *ctx ) const mbedtls_cipher_context_t *ctx)
{ {
MBEDTLS_INTERNAL_VALIDATE_RET( MBEDTLS_INTERNAL_VALIDATE_RET(
ctx != NULL, MBEDTLS_OPERATION_NONE ); ctx != NULL, MBEDTLS_OPERATION_NONE);
if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL ) if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) {
return MBEDTLS_OPERATION_NONE; return MBEDTLS_OPERATION_NONE;
}
return ctx->MBEDTLS_PRIVATE(operation); return ctx->MBEDTLS_PRIVATE(operation);
} }
@ -812,10 +827,10 @@ static inline mbedtls_operation_t mbedtls_cipher_get_operation(
* parameter-verification failure. * parameter-verification failure.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
const unsigned char *key, const unsigned char *key,
int key_bitlen, int key_bitlen,
const mbedtls_operation_t operation ); const mbedtls_operation_t operation);
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
/** /**
@ -834,8 +849,8 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
* does not support padding. * does not support padding.
*/ */
int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx,
mbedtls_cipher_padding_t mode ); mbedtls_cipher_padding_t mode);
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
/** /**
@ -862,9 +877,9 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
* parameter-verification failure. * parameter-verification failure.
*/ */
int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len ); size_t iv_len);
/** /**
* \brief This function resets the cipher state. * \brief This function resets the cipher state.
@ -898,7 +913,7 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
* parameter-verification failure. * parameter-verification failure.
*/ */
int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ); int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx);
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
/** /**
@ -913,8 +928,8 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A specific error code on failure. * \return A specific error code on failure.
*/ */
int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len ); const unsigned char *ad, size_t ad_len);
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
/** /**
@ -946,10 +961,10 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
* unsupported mode for a cipher. * unsupported mode for a cipher.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen, unsigned char *output, size_t ilen, unsigned char *output,
size_t *olen ); size_t *olen);
/** /**
* \brief The generic cipher finalization function. If data still * \brief The generic cipher finalization function. If data still
@ -973,8 +988,8 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx,
* while decrypting. * while decrypting.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx,
unsigned char *output, size_t *olen ); unsigned char *output, size_t *olen);
#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
/** /**
@ -993,8 +1008,8 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A specific error code on failure. * \return A specific error code on failure.
*/ */
int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx,
unsigned char *tag, size_t tag_len ); unsigned char *tag, size_t tag_len);
/** /**
* \brief This function checks the tag for AEAD ciphers. * \brief This function checks the tag for AEAD ciphers.
@ -1009,8 +1024,8 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A specific error code on failure. * \return A specific error code on failure.
*/ */
int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len ); const unsigned char *tag, size_t tag_len);
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
/** /**
@ -1046,10 +1061,10 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
* while decrypting. * while decrypting.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen ); unsigned char *output, size_t *olen);
#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
/** /**
@ -1096,12 +1111,12 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
* parameter-verification failure. * parameter-verification failure.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t output_len, unsigned char *output, size_t output_len,
size_t *olen, size_t tag_len ); size_t *olen, size_t tag_len);
/** /**
* \brief The authenticated encryption (AEAD/NIST_KW) function. * \brief The authenticated encryption (AEAD/NIST_KW) function.
@ -1152,12 +1167,12 @@ int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic. * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t output_len, unsigned char *output, size_t output_len,
size_t *olen, size_t tag_len ); size_t *olen, size_t tag_len);
#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ #endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
#ifdef __cplusplus #ifdef __cplusplus
} }

35
include/mbedtls/cmac.h
View File

@ -49,8 +49,7 @@ extern "C" {
/** /**
* The CMAC context structure. * The CMAC context structure.
*/ */
struct mbedtls_cmac_context_t struct mbedtls_cmac_context_t {
{
/** The internal state of the CMAC algorithm. */ /** The internal state of the CMAC algorithm. */
unsigned char MBEDTLS_PRIVATE(state)[MBEDTLS_CIPHER_BLKSIZE_MAX]; unsigned char MBEDTLS_PRIVATE(state)[MBEDTLS_CIPHER_BLKSIZE_MAX];
@ -96,8 +95,8 @@ struct mbedtls_cmac_context_t
* \return \c 0 on success. * \return \c 0 on success.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx,
const unsigned char *key, size_t keybits ); const unsigned char *key, size_t keybits);
/** /**
* \brief This function feeds an input buffer into an ongoing CMAC * \brief This function feeds an input buffer into an ongoing CMAC
@ -121,8 +120,8 @@ int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails. * if parameter verification fails.
*/ */
int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx,
const unsigned char *input, size_t ilen ); const unsigned char *input, size_t ilen);
/** /**
* \brief This function finishes an ongoing CMAC operation, and * \brief This function finishes an ongoing CMAC operation, and
@ -140,8 +139,8 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails. * if parameter verification fails.
*/ */
int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function starts a new CMAC operation with the same * \brief This function starts a new CMAC operation with the same
@ -159,7 +158,7 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails. * if parameter verification fails.
*/ */
int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); int mbedtls_cipher_cmac_reset(mbedtls_cipher_context_t *ctx);
/** /**
* \brief This function calculates the full generic CMAC * \brief This function calculates the full generic CMAC
@ -188,10 +187,10 @@ int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
* if parameter verification fails. * if parameter verification fails.
*/ */
int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, int mbedtls_cipher_cmac(const mbedtls_cipher_info_t *cipher_info,
const unsigned char *key, size_t keylen, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output ); unsigned char *output);
#if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_AES_C)
/** /**
@ -211,12 +210,12 @@ int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len, int mbedtls_aes_cmac_prf_128(const unsigned char *key, size_t key_len,
const unsigned char *input, size_t in_len, const unsigned char *input, size_t in_len,
unsigned char output[16] ); unsigned char output[16]);
#endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_AES_C */
#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) ) #if defined(MBEDTLS_SELF_TEST) && (defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C))
/** /**
* \brief The CMAC checkup routine. * \brief The CMAC checkup routine.
* *
@ -230,7 +229,7 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_cmac_self_test( int verbose ); int mbedtls_cmac_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
#ifdef __cplusplus #ifdef __cplusplus

4
include/mbedtls/config_psa.h
View File

@ -296,9 +296,9 @@ extern "C" {
(defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \ (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \
defined(PSA_WANT_ALG_ECB_NO_PADDING) || \ defined(PSA_WANT_ALG_ECB_NO_PADDING) || \
(defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
(defined(PSA_WANT_ALG_CBC_PKCS7) && \ (defined(PSA_WANT_ALG_CBC_PKCS7) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
(defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)) (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC))
#define PSA_HAVE_SOFT_BLOCK_MODE 1 #define PSA_HAVE_SOFT_BLOCK_MODE 1
#endif #endif

6
include/mbedtls/constant_time.h
View File

@ -39,8 +39,8 @@
* \return Zero if the content of the two buffer is the same, * \return Zero if the content of the two buffer is the same,
* otherwise non-zero. * otherwise non-zero.
*/ */
int mbedtls_ct_memcmp( const void *a, int mbedtls_ct_memcmp(const void *a,
const void *b, const void *b,
size_t n ); size_t n);
#endif /* MBEDTLS_CONSTANT_TIME_H */ #endif /* MBEDTLS_CONSTANT_TIME_H */

99
include/mbedtls/ctr_drbg.h
View File

@ -77,8 +77,8 @@
*/ */
#endif #endif
#define MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 ) /**< The key size for the DRBG operation, in bits. */ #define MBEDTLS_CTR_DRBG_KEYBITS (MBEDTLS_CTR_DRBG_KEYSIZE * 8) /**< The key size for the DRBG operation, in bits. */
#define MBEDTLS_CTR_DRBG_SEEDLEN ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE ) /**< The seed length, calculated as (counter + AES key). */ #define MBEDTLS_CTR_DRBG_SEEDLEN (MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE) /**< The seed length, calculated as (counter + AES key). */
/** /**
* \name SECTION: Module settings * \name SECTION: Module settings
@ -161,42 +161,41 @@ extern "C" {
* the entropy source does not provide enough material to form a nonce. * the entropy source does not provide enough material to form a nonce.
* See the documentation of mbedtls_ctr_drbg_seed() for more information. * See the documentation of mbedtls_ctr_drbg_seed() for more information.
*/ */
#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN ( MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1 ) / 2 #define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2
#endif #endif
/** /**
* \brief The CTR_DRBG context structure. * \brief The CTR_DRBG context structure.
*/ */
typedef struct mbedtls_ctr_drbg_context typedef struct mbedtls_ctr_drbg_context {
{
unsigned char MBEDTLS_PRIVATE(counter)[16]; /*!< The counter (V). */ unsigned char MBEDTLS_PRIVATE(counter)[16]; /*!< The counter (V). */
int MBEDTLS_PRIVATE(reseed_counter); /*!< The reseed counter. int MBEDTLS_PRIVATE(reseed_counter); /*!< The reseed counter.
* This is the number of requests that have * This is the number of requests that have
* been made since the last (re)seeding, * been made since the last (re)seeding,
* minus one. * minus one.
* Before the initial seeding, this field * Before the initial seeding, this field
* contains the amount of entropy in bytes * contains the amount of entropy in bytes
* to use as a nonce for the initial seeding, * to use as a nonce for the initial seeding,
* or -1 if no nonce length has been explicitly * or -1 if no nonce length has been explicitly
* set (see mbedtls_ctr_drbg_set_nonce_len()). * set (see mbedtls_ctr_drbg_set_nonce_len()).
*/ */
int MBEDTLS_PRIVATE(prediction_resistance); /*!< This determines whether prediction int MBEDTLS_PRIVATE(prediction_resistance); /*!< This determines whether prediction
resistance is enabled, that is resistance is enabled, that is
whether to systematically reseed before whether to systematically reseed before
each random generation. */ each random generation. */
size_t MBEDTLS_PRIVATE(entropy_len); /*!< The amount of entropy grabbed on each size_t MBEDTLS_PRIVATE(entropy_len); /*!< The amount of entropy grabbed on each
seed or reseed operation, in bytes. */ seed or reseed operation, in bytes. */
int MBEDTLS_PRIVATE(reseed_interval); /*!< The reseed interval. int MBEDTLS_PRIVATE(reseed_interval); /*!< The reseed interval.
* This is the maximum number of requests * This is the maximum number of requests
* that can be made between reseedings. */ * that can be made between reseedings. */
mbedtls_aes_context MBEDTLS_PRIVATE(aes_ctx); /*!< The AES context. */ mbedtls_aes_context MBEDTLS_PRIVATE(aes_ctx); /*!< The AES context. */
/* /*
* Callbacks (Entropy) * Callbacks (Entropy)
*/ */
int (*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t); int(*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t);
/*!< The entropy callback function. */ /*!< The entropy callback function. */
void *MBEDTLS_PRIVATE(p_entropy); /*!< The context for the entropy function. */ void *MBEDTLS_PRIVATE(p_entropy); /*!< The context for the entropy function. */
@ -225,7 +224,7 @@ mbedtls_ctr_drbg_context;
* *
* \param ctx The CTR_DRBG context to initialize. * \param ctx The CTR_DRBG context to initialize.
*/ */
void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx);
/** /**
* \brief This function seeds and sets up the CTR_DRBG * \brief This function seeds and sets up the CTR_DRBG
@ -326,11 +325,11 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
*/ */
int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx,
int (*f_entropy)(void *, unsigned char *, size_t), int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy, void *p_entropy,
const unsigned char *custom, const unsigned char *custom,
size_t len ); size_t len);
/** /**
* \brief This function resets CTR_DRBG context to the state immediately * \brief This function resets CTR_DRBG context to the state immediately
@ -338,7 +337,7 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
* *
* \param ctx The CTR_DRBG context to clear. * \param ctx The CTR_DRBG context to clear.
*/ */
void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ); void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx);
/** /**
* \brief This function turns prediction resistance on or off. * \brief This function turns prediction resistance on or off.
@ -353,8 +352,8 @@ void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx );
* \param ctx The CTR_DRBG context. * \param ctx The CTR_DRBG context.
* \param resistance #MBEDTLS_CTR_DRBG_PR_ON or #MBEDTLS_CTR_DRBG_PR_OFF. * \param resistance #MBEDTLS_CTR_DRBG_PR_ON or #MBEDTLS_CTR_DRBG_PR_OFF.
*/ */
void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx,
int resistance ); int resistance);
/** /**
* \brief This function sets the amount of entropy grabbed on each * \brief This function sets the amount of entropy grabbed on each
@ -380,8 +379,8 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
* and at most the maximum length accepted by the * and at most the maximum length accepted by the
* entropy function that is set in the context. * entropy function that is set in the context.
*/ */
void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx,
size_t len ); size_t len);
/** /**
* \brief This function sets the amount of entropy grabbed * \brief This function sets the amount of entropy grabbed
@ -402,8 +401,8 @@ void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
* if the initial seeding has already taken place. * if the initial seeding has already taken place.
*/ */
int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx, int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx,
size_t len ); size_t len);
/** /**
* \brief This function sets the reseed interval. * \brief This function sets the reseed interval.
@ -417,8 +416,8 @@ int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx,
* \param ctx The CTR_DRBG context. * \param ctx The CTR_DRBG context.
* \param interval The reseed interval. * \param interval The reseed interval.
*/ */
void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx,
int interval ); int interval);
/** /**
* \brief This function reseeds the CTR_DRBG context, that is * \brief This function reseeds the CTR_DRBG context, that is
@ -440,8 +439,8 @@ void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
*/ */
int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, size_t len ); const unsigned char *additional, size_t len);
/** /**
* \brief This function updates the state of the CTR_DRBG context. * \brief This function updates the state of the CTR_DRBG context.
@ -463,9 +462,9 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
* #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT.
* \return An error from the underlying AES cipher on failure. * \return An error from the underlying AES cipher on failure.
*/ */
int mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, int mbedtls_ctr_drbg_update(mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, const unsigned char *additional,
size_t add_len ); size_t add_len);
/** /**
* \brief This function updates a CTR_DRBG instance with additional * \brief This function updates a CTR_DRBG instance with additional
@ -498,9 +497,9 @@ int mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
* #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure. * #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
*/ */
int mbedtls_ctr_drbg_random_with_add( void *p_rng, int mbedtls_ctr_drbg_random_with_add(void *p_rng,
unsigned char *output, size_t output_len, unsigned char *output, size_t output_len,
const unsigned char *additional, size_t add_len ); const unsigned char *additional, size_t add_len);
/** /**
* \brief This function uses CTR_DRBG to generate random data. * \brief This function uses CTR_DRBG to generate random data.
@ -526,8 +525,8 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
* #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure. * #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
*/ */
int mbedtls_ctr_drbg_random( void *p_rng, int mbedtls_ctr_drbg_random(void *p_rng,
unsigned char *output, size_t output_len ); unsigned char *output, size_t output_len);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -541,7 +540,7 @@ int mbedtls_ctr_drbg_random( void *p_rng,
* \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on reseed * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on reseed
* failure. * failure.
*/ */
int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path);
/** /**
* \brief This function reads and updates a seed file. The seed * \brief This function reads and updates a seed file. The seed
@ -557,7 +556,7 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char
* \return #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if the existing * \return #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if the existing
* seed file is too large. * seed file is too large.
*/ */
int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -568,7 +567,7 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_ctr_drbg_self_test( int verbose ); int mbedtls_ctr_drbg_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

105
include/mbedtls/debug.h
View File

@ -32,51 +32,51 @@
#if defined(MBEDTLS_DEBUG_C) #if defined(MBEDTLS_DEBUG_C)
#define MBEDTLS_DEBUG_STRIP_PARENS( ... ) __VA_ARGS__ #define MBEDTLS_DEBUG_STRIP_PARENS(...) __VA_ARGS__
#define MBEDTLS_SSL_DEBUG_MSG( level, args ) \ #define MBEDTLS_SSL_DEBUG_MSG(level, args) \
mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__, \ mbedtls_debug_print_msg(ssl, level, __FILE__, __LINE__, \
MBEDTLS_DEBUG_STRIP_PARENS args ) MBEDTLS_DEBUG_STRIP_PARENS args)
#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) \ #define MBEDTLS_SSL_DEBUG_RET(level, text, ret) \
mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret ) mbedtls_debug_print_ret(ssl, level, __FILE__, __LINE__, text, ret)
#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) \ #define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len) \
mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len ) mbedtls_debug_print_buf(ssl, level, __FILE__, __LINE__, text, buf, len)
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) \ #define MBEDTLS_SSL_DEBUG_MPI(level, text, X) \
mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X ) mbedtls_debug_print_mpi(ssl, level, __FILE__, __LINE__, text, X)
#endif #endif
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_C)
#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) \ #define MBEDTLS_SSL_DEBUG_ECP(level, text, X) \
mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X ) mbedtls_debug_print_ecp(ssl, level, __FILE__, __LINE__, text, X)
#endif #endif
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \ #define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) \
mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ) mbedtls_debug_print_crt(ssl, level, __FILE__, __LINE__, text, crt)
#else #else
#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) do { } while (0)
#endif /* MBEDTLS_X509_REMOVE_INFO */ #endif /* MBEDTLS_X509_REMOVE_INFO */
#endif /* MBEDTLS_X509_CRT_PARSE_C */ #endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_ECDH_C) #if defined(MBEDTLS_ECDH_C)
#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) \ #define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) \
mbedtls_debug_printf_ecdh( ssl, level, __FILE__, __LINE__, ecdh, attr ) mbedtls_debug_printf_ecdh(ssl, level, __FILE__, __LINE__, ecdh, attr)
#endif #endif
#else /* MBEDTLS_DEBUG_C */ #else /* MBEDTLS_DEBUG_C */
#define MBEDTLS_SSL_DEBUG_MSG( level, args ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_MSG(level, args) do { } while (0)
#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_RET(level, text, ret) do { } while (0)
#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len) do { } while (0)
#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_MPI(level, text, X) do { } while (0)
#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_ECP(level, text, X) do { } while (0)
#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) do { } while (0)
#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) do { } while (0)
#endif /* MBEDTLS_DEBUG_C */ #endif /* MBEDTLS_DEBUG_C */
@ -96,7 +96,7 @@
#if __has_attribute(format) #if __has_attribute(format)
#if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 #if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1
#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \ #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \
__attribute__((__format__ (gnu_printf, string_index, first_to_check))) __attribute__((__format__(gnu_printf, string_index, first_to_check)))
#else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */ #else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */
#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \ #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \
__attribute__((format(printf, string_index, first_to_check))) __attribute__((format(printf, string_index, first_to_check)))
@ -124,10 +124,12 @@
#include <inttypes.h> #include <inttypes.h>
#define MBEDTLS_PRINTF_SIZET PRIuPTR #define MBEDTLS_PRINTF_SIZET PRIuPTR
#define MBEDTLS_PRINTF_LONGLONG "I64d" #define MBEDTLS_PRINTF_LONGLONG "I64d"
#else /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ #else \
/* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
#define MBEDTLS_PRINTF_SIZET "zu" #define MBEDTLS_PRINTF_SIZET "zu"
#define MBEDTLS_PRINTF_LONGLONG "lld" #define MBEDTLS_PRINTF_LONGLONG "lld"
#endif /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ #endif \
/* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -148,7 +150,7 @@ extern "C" {
* - 3 Informational * - 3 Informational
* - 4 Verbose * - 4 Verbose
*/ */
void mbedtls_debug_set_threshold( int threshold ); void mbedtls_debug_set_threshold(int threshold);
/** /**
* \brief Print a message to the debug output. This function is always used * \brief Print a message to the debug output. This function is always used
@ -165,9 +167,9 @@ void mbedtls_debug_set_threshold( int threshold );
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *format, ... ) MBEDTLS_PRINTF_ATTRIBUTE(5, 6); const char *format, ...) MBEDTLS_PRINTF_ATTRIBUTE(5, 6);
/** /**
* \brief Print the return value of a function to the debug output. This * \brief Print the return value of a function to the debug output. This
@ -184,9 +186,9 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, int ret ); const char *text, int ret);
/** /**
* \brief Output a buffer of size len bytes to the debug output. This function * \brief Output a buffer of size len bytes to the debug output. This function
@ -205,9 +207,9 @@ void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *text, const char *file, int line, const char *text,
const unsigned char *buf, size_t len ); const unsigned char *buf, size_t len);
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
/** /**
@ -226,9 +228,9 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const mbedtls_mpi *X ); const char *text, const mbedtls_mpi *X);
#endif #endif
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_C)
@ -248,9 +250,9 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const mbedtls_ecp_point *X ); const char *text, const mbedtls_ecp_point *X);
#endif #endif
#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO) #if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
@ -269,14 +271,13 @@ void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const mbedtls_x509_crt *crt ); const char *text, const mbedtls_x509_crt *crt);
#endif #endif
#if defined(MBEDTLS_ECDH_C) #if defined(MBEDTLS_ECDH_C)
typedef enum typedef enum {
{
MBEDTLS_DEBUG_ECDH_Q, MBEDTLS_DEBUG_ECDH_Q,
MBEDTLS_DEBUG_ECDH_QP, MBEDTLS_DEBUG_ECDH_QP,
MBEDTLS_DEBUG_ECDH_Z, MBEDTLS_DEBUG_ECDH_Z,
@ -298,10 +299,10 @@ typedef enum
* \attention This function is intended for INTERNAL usage within the * \attention This function is intended for INTERNAL usage within the
* library only. * library only.
*/ */
void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level, void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const mbedtls_ecdh_context *ecdh, const mbedtls_ecdh_context *ecdh,
mbedtls_debug_ecdh_attr attr ); mbedtls_debug_ecdh_attr attr);
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

82
include/mbedtls/des.h
View File

@ -57,8 +57,7 @@ extern "C" {
* security risk. We recommend considering stronger ciphers * security risk. We recommend considering stronger ciphers
* instead. * instead.
*/ */
typedef struct mbedtls_des_context typedef struct mbedtls_des_context {
{
uint32_t MBEDTLS_PRIVATE(sk)[32]; /*!< DES subkeys */ uint32_t MBEDTLS_PRIVATE(sk)[32]; /*!< DES subkeys */
} }
mbedtls_des_context; mbedtls_des_context;
@ -66,8 +65,7 @@ mbedtls_des_context;
/** /**
* \brief Triple-DES context structure * \brief Triple-DES context structure
*/ */
typedef struct mbedtls_des3_context typedef struct mbedtls_des3_context {
{
uint32_t MBEDTLS_PRIVATE(sk)[96]; /*!< 3DES subkeys */ uint32_t MBEDTLS_PRIVATE(sk)[96]; /*!< 3DES subkeys */
} }
mbedtls_des3_context; mbedtls_des3_context;
@ -85,7 +83,7 @@ mbedtls_des3_context;
* security risk. We recommend considering stronger ciphers * security risk. We recommend considering stronger ciphers
* instead. * instead.
*/ */
void mbedtls_des_init( mbedtls_des_context *ctx ); void mbedtls_des_init(mbedtls_des_context *ctx);
/** /**
* \brief Clear DES context * \brief Clear DES context
@ -96,21 +94,21 @@ void mbedtls_des_init( mbedtls_des_context *ctx );
* security risk. We recommend considering stronger ciphers * security risk. We recommend considering stronger ciphers
* instead. * instead.
*/ */
void mbedtls_des_free( mbedtls_des_context *ctx ); void mbedtls_des_free(mbedtls_des_context *ctx);
/** /**
* \brief Initialize Triple-DES context * \brief Initialize Triple-DES context
* *
* \param ctx DES3 context to be initialized * \param ctx DES3 context to be initialized
*/ */
void mbedtls_des3_init( mbedtls_des3_context *ctx ); void mbedtls_des3_init(mbedtls_des3_context *ctx);
/** /**
* \brief Clear Triple-DES context * \brief Clear Triple-DES context
* *
* \param ctx DES3 context to be cleared * \param ctx DES3 context to be cleared
*/ */
void mbedtls_des3_free( mbedtls_des3_context *ctx ); void mbedtls_des3_free(mbedtls_des3_context *ctx);
/** /**
* \brief Set key parity on the given key to odd. * \brief Set key parity on the given key to odd.
@ -124,7 +122,7 @@ void mbedtls_des3_free( mbedtls_des3_context *ctx );
* security risk. We recommend considering stronger ciphers * security risk. We recommend considering stronger ciphers
* instead. * instead.
*/ */
void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] ); void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/** /**
* \brief Check that key parity on the given key is odd. * \brief Check that key parity on the given key is odd.
@ -141,7 +139,7 @@ void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
* instead. * instead.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/** /**
* \brief Check that key is not a weak or semi-weak DES key * \brief Check that key is not a weak or semi-weak DES key
@ -155,7 +153,7 @@ int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SI
* instead. * instead.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/** /**
* \brief DES key schedule (56-bit, encryption) * \brief DES key schedule (56-bit, encryption)
@ -170,7 +168,7 @@ int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
* instead. * instead.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/** /**
* \brief DES key schedule (56-bit, decryption) * \brief DES key schedule (56-bit, decryption)
@ -185,7 +183,7 @@ int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MB
* instead. * instead.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
/** /**
* \brief Triple-DES key schedule (112-bit, encryption) * \brief Triple-DES key schedule (112-bit, encryption)
@ -196,8 +194,8 @@ int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MB
* \return 0 * \return 0
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx, int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
/** /**
* \brief Triple-DES key schedule (112-bit, decryption) * \brief Triple-DES key schedule (112-bit, decryption)
@ -208,8 +206,8 @@ int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
* \return 0 * \return 0
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx, int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
/** /**
* \brief Triple-DES key schedule (168-bit, encryption) * \brief Triple-DES key schedule (168-bit, encryption)
@ -220,8 +218,8 @@ int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
* \return 0 * \return 0
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx, int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
/** /**
* \brief Triple-DES key schedule (168-bit, decryption) * \brief Triple-DES key schedule (168-bit, decryption)
@ -232,8 +230,8 @@ int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
* \return 0 * \return 0
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx, int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
/** /**
* \brief DES-ECB block encryption/decryption * \brief DES-ECB block encryption/decryption
@ -249,9 +247,9 @@ int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
* instead. * instead.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx,
const unsigned char input[8], const unsigned char input[8],
unsigned char output[8] ); unsigned char output[8]);
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
@ -277,12 +275,12 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
* instead. * instead.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[8], unsigned char iv[8],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
/** /**
@ -295,9 +293,9 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
* \return 0 if successful * \return 0 if successful
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx,
const unsigned char input[8], const unsigned char input[8],
unsigned char output[8] ); unsigned char output[8]);
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
@ -321,12 +319,12 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
* \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH * \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx, int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[8], unsigned char iv[8],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
/** /**
@ -341,8 +339,8 @@ int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
* security risk. We recommend considering stronger ciphers * security risk. We recommend considering stronger ciphers
* instead. * instead.
*/ */
void mbedtls_des_setkey( uint32_t SK[32], void mbedtls_des_setkey(uint32_t SK[32],
const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -352,7 +350,7 @@ void mbedtls_des_setkey( uint32_t SK[32],
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
MBEDTLS_CHECK_RETURN_CRITICAL MBEDTLS_CHECK_RETURN_CRITICAL
int mbedtls_des_self_test( int verbose ); int mbedtls_des_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

1092
include/mbedtls/dhm.h
View File

File diff suppressed because it is too large Load Diff

95
include/mbedtls/ecdh.h
View File

@ -68,8 +68,7 @@ extern "C" {
/** /**
* Defines the source of the imported EC key. * Defines the source of the imported EC key.
*/ */
typedef enum typedef enum {
{
MBEDTLS_ECDH_OURS, /**< Our key. */ MBEDTLS_ECDH_OURS, /**< Our key. */
MBEDTLS_ECDH_THEIRS, /**< The key of the peer. */ MBEDTLS_ECDH_THEIRS, /**< The key of the peer. */
} mbedtls_ecdh_side; } mbedtls_ecdh_side;
@ -81,8 +80,7 @@ typedef enum
* Later versions of the library may add new variants, therefore users should * Later versions of the library may add new variants, therefore users should
* not make any assumptions about them. * not make any assumptions about them.
*/ */
typedef enum typedef enum {
{
MBEDTLS_ECDH_VARIANT_NONE = 0, /*!< Implementation not defined. */ MBEDTLS_ECDH_VARIANT_NONE = 0, /*!< Implementation not defined. */
MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0,/*!< The default Mbed TLS implementation */ MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0,/*!< The default Mbed TLS implementation */
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
@ -97,8 +95,7 @@ typedef enum
* should not make any assumptions about the structure of * should not make any assumptions about the structure of
* mbedtls_ecdh_context_mbed. * mbedtls_ecdh_context_mbed.
*/ */
typedef struct mbedtls_ecdh_context_mbed typedef struct mbedtls_ecdh_context_mbed {
{
mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */ mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */
mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */ mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */
mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< The public key. */ mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< The public key. */
@ -117,8 +114,7 @@ typedef struct mbedtls_ecdh_context_mbed
* should not be shared between multiple threads. * should not be shared between multiple threads.
* \brief The ECDH context structure. * \brief The ECDH context structure.
*/ */
typedef struct mbedtls_ecdh_context typedef struct mbedtls_ecdh_context {
{
#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */ mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */
mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */ mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */
@ -135,24 +131,23 @@ typedef struct mbedtls_ecdh_context
#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECP_RESTARTABLE */
#else #else
uint8_t MBEDTLS_PRIVATE(point_format); /*!< The format of point export in TLS messages uint8_t MBEDTLS_PRIVATE(point_format); /*!< The format of point export in TLS messages
as defined in RFC 4492. */ as defined in RFC 4492. */
mbedtls_ecp_group_id MBEDTLS_PRIVATE(grp_id);/*!< The elliptic curve used. */ mbedtls_ecp_group_id MBEDTLS_PRIVATE(grp_id);/*!< The elliptic curve used. */
mbedtls_ecdh_variant MBEDTLS_PRIVATE(var); /*!< The ECDH implementation/structure used. */ mbedtls_ecdh_variant MBEDTLS_PRIVATE(var); /*!< The ECDH implementation/structure used. */
union union {
{
mbedtls_ecdh_context_mbed MBEDTLS_PRIVATE(mbed_ecdh); mbedtls_ecdh_context_mbed MBEDTLS_PRIVATE(mbed_ecdh);
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
mbedtls_ecdh_context_everest MBEDTLS_PRIVATE(everest_ecdh); mbedtls_ecdh_context_everest MBEDTLS_PRIVATE(everest_ecdh);
#endif #endif
} MBEDTLS_PRIVATE(ctx); /*!< Implementation-specific context. The } MBEDTLS_PRIVATE(ctx); /*!< Implementation-specific context. The
context in use is specified by the \c var context in use is specified by the \c var
field. */ field. */
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
uint8_t MBEDTLS_PRIVATE(restart_enabled); /*!< The flag for restartable mode. Functions of uint8_t MBEDTLS_PRIVATE(restart_enabled); /*!< The flag for restartable mode. Functions of
an alternative implementation not supporting an alternative implementation not supporting
restartable mode must return restartable mode must return
MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error
if this flag is set. */ if this flag is set. */
#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECP_RESTARTABLE */
#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */ #endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */
} }
@ -165,7 +160,7 @@ mbedtls_ecdh_context;
* *
* \return \c 1 if the group can be used, \c 0 otherwise * \return \c 1 if the group can be used, \c 0 otherwise
*/ */
int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ); int mbedtls_ecdh_can_do(mbedtls_ecp_group_id gid);
/** /**
* \brief This function generates an ECDH keypair on an elliptic * \brief This function generates an ECDH keypair on an elliptic
@ -192,9 +187,9 @@ int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid );
* \return Another \c MBEDTLS_ERR_ECP_XXX or * \return Another \c MBEDTLS_ERR_ECP_XXX or
* \c MBEDTLS_MPI_XXX error code on failure. * \c MBEDTLS_MPI_XXX error code on failure.
*/ */
int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int mbedtls_ecdh_gen_public(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function computes the shared secret. * \brief This function computes the shared secret.
@ -227,17 +222,17 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp
* \return Another \c MBEDTLS_ERR_ECP_XXX or * \return Another \c MBEDTLS_ERR_ECP_XXX or
* \c MBEDTLS_MPI_XXX error code on failure. * \c MBEDTLS_MPI_XXX error code on failure.
*/ */
int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, int mbedtls_ecdh_compute_shared(mbedtls_ecp_group *grp, mbedtls_mpi *z,
const mbedtls_ecp_point *Q, const mbedtls_mpi *d, const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function initializes an ECDH context. * \brief This function initializes an ECDH context.
* *
* \param ctx The ECDH context to initialize. This must not be \c NULL. * \param ctx The ECDH context to initialize. This must not be \c NULL.
*/ */
void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ); void mbedtls_ecdh_init(mbedtls_ecdh_context *ctx);
/** /**
* \brief This function sets up the ECDH context with the information * \brief This function sets up the ECDH context with the information
@ -255,8 +250,8 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, int mbedtls_ecdh_setup(mbedtls_ecdh_context *ctx,
mbedtls_ecp_group_id grp_id ); mbedtls_ecp_group_id grp_id);
/** /**
* \brief This function frees a context. * \brief This function frees a context.
@ -265,7 +260,7 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx,
* case this function does nothing. If it is not \c NULL, * case this function does nothing. If it is not \c NULL,
* it must point to an initialized ECDH context. * it must point to an initialized ECDH context.
*/ */
void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ); void mbedtls_ecdh_free(mbedtls_ecdh_context *ctx);
/** /**
* \brief This function generates an EC key pair and exports its * \brief This function generates an EC key pair and exports its
@ -292,10 +287,10 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx );
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/ */
int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, int mbedtls_ecdh_make_params(mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen, unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function parses the ECDHE parameters in a * \brief This function parses the ECDHE parameters in a
@ -321,9 +316,9 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
* \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure.
* *
*/ */
int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx,
const unsigned char **buf, const unsigned char **buf,
const unsigned char *end ); const unsigned char *end);
/** /**
* \brief This function sets up an ECDH context from an EC key. * \brief This function sets up an ECDH context from an EC key.
@ -344,9 +339,9 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
* *
*/ */
int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, int mbedtls_ecdh_get_params(mbedtls_ecdh_context *ctx,
const mbedtls_ecp_keypair *key, const mbedtls_ecp_keypair *key,
mbedtls_ecdh_side side ); mbedtls_ecdh_side side);
/** /**
* \brief This function generates a public key and exports it * \brief This function generates a public key and exports it
@ -374,10 +369,10 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/ */
int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, int mbedtls_ecdh_make_public(mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen, unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function parses and processes the ECDHE payload of a * \brief This function parses and processes the ECDHE payload of a
@ -398,8 +393,8 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/ */
int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, int mbedtls_ecdh_read_public(mbedtls_ecdh_context *ctx,
const unsigned char *buf, size_t blen ); const unsigned char *buf, size_t blen);
/** /**
* \brief This function derives and exports the shared secret. * \brief This function derives and exports the shared secret.
@ -430,10 +425,10 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
*/ */
int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, int mbedtls_ecdh_calc_secret(mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen, unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
@ -448,7 +443,7 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
* *
* \param ctx The ECDH context to use. This must be initialized. * \param ctx The ECDH context to use. This must be initialized.
*/ */
void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx ); void mbedtls_ecdh_enable_restart(mbedtls_ecdh_context *ctx);
#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECP_RESTARTABLE */
#ifdef __cplusplus #ifdef __cplusplus

99
include/mbedtls/ecdsa.h
View File

@ -53,13 +53,13 @@
* *
* For each of r and s, the value (V) may include an extra initial "0" bit. * For each of r and s, the value (V) may include an extra initial "0" bit.
*/ */
#define MBEDTLS_ECDSA_MAX_SIG_LEN( bits ) \ #define MBEDTLS_ECDSA_MAX_SIG_LEN(bits) \
( /*T,L of SEQUENCE*/ ( ( bits ) >= 61 * 8 ? 3 : 2 ) + \ (/*T,L of SEQUENCE*/ ((bits) >= 61 * 8 ? 3 : 2) + \
/*T,L of r,s*/ 2 * ( ( ( bits ) >= 127 * 8 ? 3 : 2 ) + \ /*T,L of r,s*/ 2 * (((bits) >= 127 * 8 ? 3 : 2) + \
/*V of r,s*/ ( ( bits ) + 8 ) / 8 ) ) /*V of r,s*/ ((bits) + 8) / 8))
/** The maximal size of an ECDSA signature in Bytes. */ /** The maximal size of an ECDSA signature in Bytes. */
#define MBEDTLS_ECDSA_MAX_LEN MBEDTLS_ECDSA_MAX_SIG_LEN( MBEDTLS_ECP_MAX_BITS ) #define MBEDTLS_ECDSA_MAX_LEN MBEDTLS_ECDSA_MAX_SIG_LEN(MBEDTLS_ECP_MAX_BITS)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -102,10 +102,9 @@ typedef struct mbedtls_ecdsa_restart_det mbedtls_ecdsa_restart_det_ctx;
/** /**
* \brief General context for resuming ECDSA operations * \brief General context for resuming ECDSA operations
*/ */
typedef struct typedef struct {
{
mbedtls_ecp_restart_ctx MBEDTLS_PRIVATE(ecp); /*!< base context for ECP restart and mbedtls_ecp_restart_ctx MBEDTLS_PRIVATE(ecp); /*!< base context for ECP restart and
shared administrative info */ shared administrative info */
mbedtls_ecdsa_restart_ver_ctx *MBEDTLS_PRIVATE(ver); /*!< ecdsa_verify() sub-context */ mbedtls_ecdsa_restart_ver_ctx *MBEDTLS_PRIVATE(ver); /*!< ecdsa_verify() sub-context */
mbedtls_ecdsa_restart_sig_ctx *MBEDTLS_PRIVATE(sig); /*!< ecdsa_sign() sub-context */ mbedtls_ecdsa_restart_sig_ctx *MBEDTLS_PRIVATE(sig); /*!< ecdsa_sign() sub-context */
#if defined(MBEDTLS_ECDSA_DETERMINISTIC) #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
@ -128,7 +127,7 @@ typedef void mbedtls_ecdsa_restart_ctx;
* *
* \return \c 1 if the group can be used, \c 0 otherwise * \return \c 1 if the group can be used, \c 0 otherwise
*/ */
int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ); int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid);
/** /**
* \brief This function computes the ECDSA signature of a * \brief This function computes the ECDSA signature of a
@ -166,9 +165,9 @@ int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid );
* \return An \c MBEDTLS_ERR_ECP_XXX * \return An \c MBEDTLS_ERR_ECP_XXX
* or \c MBEDTLS_MPI_XXX error code on failure. * or \c MBEDTLS_MPI_XXX error code on failure.
*/ */
int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
const mbedtls_mpi *d, const unsigned char *buf, size_t blen, const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
#if defined(MBEDTLS_ECDSA_DETERMINISTIC) #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
/** /**
@ -210,12 +209,12 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
* error code on failure. * error code on failure.
*/ */
int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r,
mbedtls_mpi *s, const mbedtls_mpi *d, mbedtls_mpi *s, const mbedtls_mpi *d,
const unsigned char *buf, size_t blen, const unsigned char *buf, size_t blen,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
int (*f_rng_blind)(void *, unsigned char *, size_t), int (*f_rng_blind)(void *, unsigned char *, size_t),
void *p_rng_blind ); void *p_rng_blind);
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
/** /**
@ -248,10 +247,10 @@ int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
* error code on failure. * error code on failure.
*/ */
int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp,
const unsigned char *buf, size_t blen, const unsigned char *buf, size_t blen,
const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_ecp_point *Q, const mbedtls_mpi *r,
const mbedtls_mpi *s); const mbedtls_mpi *s);
/** /**
* \brief This function computes the ECDSA signature and writes it * \brief This function computes the ECDSA signature and writes it
@ -302,12 +301,12 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
* \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or * \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
* \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t sig_size, size_t *slen, unsigned char *sig, size_t sig_size, size_t *slen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function computes the ECDSA signature and writes it * \brief This function computes the ECDSA signature and writes it
@ -349,13 +348,13 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx,
* \return Another \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or * \return Another \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
* \c MBEDTLS_ERR_ASN1_XXX error code on failure. * \c MBEDTLS_ERR_ASN1_XXX error code on failure.
*/ */
int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t sig_size, size_t *slen, unsigned char *sig, size_t sig_size, size_t *slen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
mbedtls_ecdsa_restart_ctx *rs_ctx ); mbedtls_ecdsa_restart_ctx *rs_ctx);
/** /**
* \brief This function reads and verifies an ECDSA signature. * \brief This function reads and verifies an ECDSA signature.
@ -384,9 +383,9 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
* error code on failure for any other reason. * error code on failure for any other reason.
*/ */
int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen ); const unsigned char *sig, size_t slen);
/** /**
* \brief This function reads and verifies an ECDSA signature, * \brief This function reads and verifies an ECDSA signature,
@ -419,10 +418,10 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
* \return Another \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX * \return Another \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
* error code on failure for any other reason. * error code on failure for any other reason.
*/ */
int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen, const unsigned char *sig, size_t slen,
mbedtls_ecdsa_restart_ctx *rs_ctx ); mbedtls_ecdsa_restart_ctx *rs_ctx);
/** /**
* \brief This function generates an ECDSA keypair on the given curve. * \brief This function generates an ECDSA keypair on the given curve.
@ -440,8 +439,8 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX code on failure. * \return An \c MBEDTLS_ERR_ECP_XXX code on failure.
*/ */
int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** /**
* \brief This function sets up an ECDSA context from an EC key pair. * \brief This function sets up an ECDSA context from an EC key pair.
@ -458,8 +457,8 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX code on failure. * \return An \c MBEDTLS_ERR_ECP_XXX code on failure.
*/ */
int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx,
const mbedtls_ecp_keypair *key ); const mbedtls_ecp_keypair *key);
/** /**
* \brief This function initializes an ECDSA context. * \brief This function initializes an ECDSA context.
@ -467,7 +466,7 @@ int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx,
* \param ctx The ECDSA context to initialize. * \param ctx The ECDSA context to initialize.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ); void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx);
/** /**
* \brief This function frees an ECDSA context. * \brief This function frees an ECDSA context.
@ -476,7 +475,7 @@ void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx );
* in which case this function does nothing. If it * in which case this function does nothing. If it
* is not \c NULL, it must be initialized. * is not \c NULL, it must be initialized.
*/ */
void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx ); void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx);
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
@ -485,7 +484,7 @@ void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx );
* \param ctx The restart context to initialize. * \param ctx The restart context to initialize.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx ); void mbedtls_ecdsa_restart_init(mbedtls_ecdsa_restart_ctx *ctx);
/** /**
* \brief Free the components of a restart context. * \brief Free the components of a restart context.
@ -494,7 +493,7 @@ void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx );
* in which case this function does nothing. If it * in which case this function does nothing. If it
* is not \c NULL, it must be initialized. * is not \c NULL, it must be initialized.
*/ */
void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx ); void mbedtls_ecdsa_restart_free(mbedtls_ecdsa_restart_ctx *ctx);
#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECP_RESTARTABLE */
#ifdef __cplusplus #ifdef __cplusplus

71
include/mbedtls/ecjpake.h
View File

@ -68,8 +68,7 @@ typedef enum {
* convention from the Thread v1.0 spec. Correspondence is indicated in the * convention from the Thread v1.0 spec. Correspondence is indicated in the
* description as a pair C: client name, S: server name * description as a pair C: client name, S: server name
*/ */
typedef struct mbedtls_ecjpake_context typedef struct mbedtls_ecjpake_context {
{
mbedtls_md_type_t MBEDTLS_PRIVATE(md_type); /**< Hash to use */ mbedtls_md_type_t MBEDTLS_PRIVATE(md_type); /**< Hash to use */
mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /**< Elliptic curve */ mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /**< Elliptic curve */
mbedtls_ecjpake_role MBEDTLS_PRIVATE(role); /**< Are we client or server? */ mbedtls_ecjpake_role MBEDTLS_PRIVATE(role); /**< Are we client or server? */
@ -97,7 +96,7 @@ typedef struct mbedtls_ecjpake_context
* \param ctx The ECJPAKE context to initialize. * \param ctx The ECJPAKE context to initialize.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ); void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx);
/** /**
* \brief Set up an ECJPAKE context for use. * \brief Set up an ECJPAKE context for use.
@ -120,12 +119,12 @@ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx,
mbedtls_ecjpake_role role, mbedtls_ecjpake_role role,
mbedtls_md_type_t hash, mbedtls_md_type_t hash,
mbedtls_ecp_group_id curve, mbedtls_ecp_group_id curve,
const unsigned char *secret, const unsigned char *secret,
size_t len ); size_t len);
/** /**
* \brief Set the point format for future reads and writes. * \brief Set the point format for future reads and writes.
@ -139,8 +138,8 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p point_format * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p point_format
* is invalid. * is invalid.
*/ */
int mbedtls_ecjpake_set_point_format( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_set_point_format(mbedtls_ecjpake_context *ctx,
int point_format ); int point_format);
/** /**
* \brief Check if an ECJPAKE context is ready for use. * \brief Check if an ECJPAKE context is ready for use.
@ -151,7 +150,7 @@ int mbedtls_ecjpake_set_point_format( mbedtls_ecjpake_context *ctx,
* \return \c 0 if the context is ready for use. * \return \c 0 if the context is ready for use.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise.
*/ */
int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ); int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx);
/** /**
* \brief Generate and write the first round message * \brief Generate and write the first round message
@ -172,10 +171,10 @@ int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx,
unsigned char *buf, size_t len, size_t *olen, unsigned char *buf, size_t len, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Read and process the first round message * \brief Read and process the first round message
@ -191,9 +190,9 @@ int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx,
const unsigned char *buf, const unsigned char *buf,
size_t len ); size_t len);
/** /**
* \brief Generate and write the second round message * \brief Generate and write the second round message
@ -213,10 +212,10 @@ int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx,
unsigned char *buf, size_t len, size_t *olen, unsigned char *buf, size_t len, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Read and process the second round message * \brief Read and process the second round message
@ -231,9 +230,9 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx,
const unsigned char *buf, const unsigned char *buf,
size_t len ); size_t len);
/** /**
* \brief Derive the shared secret * \brief Derive the shared secret
@ -253,10 +252,10 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx,
unsigned char *buf, size_t len, size_t *olen, unsigned char *buf, size_t len, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Write the shared key material to be passed to a Key * \brief Write the shared key material to be passed to a Key
@ -276,10 +275,10 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecjpake_write_shared_key( mbedtls_ecjpake_context *ctx, int mbedtls_ecjpake_write_shared_key(mbedtls_ecjpake_context *ctx,
unsigned char *buf, size_t len, size_t *olen, unsigned char *buf, size_t len, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This clears an ECJPAKE context and frees any * \brief This clears an ECJPAKE context and frees any
@ -289,7 +288,7 @@ int mbedtls_ecjpake_write_shared_key( mbedtls_ecjpake_context *ctx,
* in which case this function does nothing. If it is not * in which case this function does nothing. If it is not
* \c NULL, it must point to an initialized ECJPAKE context. * \c NULL, it must point to an initialized ECJPAKE context.
*/ */
void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ); void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -298,7 +297,7 @@ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx );
* *
* \return 0 if successful, or 1 if a test failed * \return 0 if successful, or 1 if a test failed
*/ */
int mbedtls_ecjpake_self_test( int verbose ); int mbedtls_ecjpake_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

225
include/mbedtls/ecp.h
View File

@ -110,8 +110,7 @@ extern "C" {
* - Add the curve to applicable profiles in x509_crt.c. * - Add the curve to applicable profiles in x509_crt.c.
* - Add the curve to applicable presets in ssl_tls.c. * - Add the curve to applicable presets in ssl_tls.c.
*/ */
typedef enum typedef enum {
{
MBEDTLS_ECP_DP_NONE = 0, /*!< Curve not defined. */ MBEDTLS_ECP_DP_NONE = 0, /*!< Curve not defined. */
MBEDTLS_ECP_DP_SECP192R1, /*!< Domain parameters for the 192-bit curve defined by FIPS 186-4 and SEC1. */ MBEDTLS_ECP_DP_SECP192R1, /*!< Domain parameters for the 192-bit curve defined by FIPS 186-4 and SEC1. */
MBEDTLS_ECP_DP_SECP224R1, /*!< Domain parameters for the 224-bit curve defined by FIPS 186-4 and SEC1. */ MBEDTLS_ECP_DP_SECP224R1, /*!< Domain parameters for the 224-bit curve defined by FIPS 186-4 and SEC1. */
@ -136,8 +135,7 @@ typedef enum
/* /*
* Curve types * Curve types
*/ */
typedef enum typedef enum {
{
MBEDTLS_ECP_TYPE_NONE = 0, MBEDTLS_ECP_TYPE_NONE = 0,
MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS, /* y^2 = x^3 + a x + b */ MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS, /* y^2 = x^3 + a x + b */
MBEDTLS_ECP_TYPE_MONTGOMERY, /* y^2 = x^3 + a x^2 + x */ MBEDTLS_ECP_TYPE_MONTGOMERY, /* y^2 = x^3 + a x^2 + x */
@ -150,8 +148,7 @@ typedef enum
* accessed directly by applications. Future versions of the library may * accessed directly by applications. Future versions of the library may
* add extra fields or reorder existing fields. * add extra fields or reorder existing fields.
*/ */
typedef struct mbedtls_ecp_curve_info typedef struct mbedtls_ecp_curve_info {
{
mbedtls_ecp_group_id grp_id; /*!< An internal identifier. */ mbedtls_ecp_group_id grp_id; /*!< An internal identifier. */
uint16_t tls_id; /*!< The TLS NamedCurve identifier. */ uint16_t tls_id; /*!< The TLS NamedCurve identifier. */
uint16_t bit_size; /*!< The curve size in bits. */ uint16_t bit_size; /*!< The curve size in bits. */
@ -169,8 +166,7 @@ typedef struct mbedtls_ecp_curve_info
* Otherwise, \p X and \p Y are its standard (affine) * Otherwise, \p X and \p Y are its standard (affine)
* coordinates. * coordinates.
*/ */
typedef struct mbedtls_ecp_point typedef struct mbedtls_ecp_point {
{
mbedtls_mpi MBEDTLS_PRIVATE(X); /*!< The X coordinate of the ECP point. */ mbedtls_mpi MBEDTLS_PRIVATE(X); /*!< The X coordinate of the ECP point. */
mbedtls_mpi MBEDTLS_PRIVATE(Y); /*!< The Y coordinate of the ECP point. */ mbedtls_mpi MBEDTLS_PRIVATE(Y); /*!< The Y coordinate of the ECP point. */
mbedtls_mpi MBEDTLS_PRIVATE(Z); /*!< The Z coordinate of the ECP point. */ mbedtls_mpi MBEDTLS_PRIVATE(Z); /*!< The Z coordinate of the ECP point. */
@ -224,8 +220,7 @@ mbedtls_ecp_point;
* of these fields does not need to be supported. * of these fields does not need to be supported.
* They do not need to be at the same offset in the structure. * They do not need to be at the same offset in the structure.
*/ */
typedef struct mbedtls_ecp_group typedef struct mbedtls_ecp_group {
{
mbedtls_ecp_group_id id; /*!< An internal group identifier. */ mbedtls_ecp_group_id id; /*!< An internal group identifier. */
mbedtls_mpi P; /*!< The prime modulus of the base field. */ mbedtls_mpi P; /*!< The prime modulus of the base field. */
mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For
@ -241,10 +236,10 @@ typedef struct mbedtls_ecp_group
/* End of public fields */ /* End of public fields */
unsigned int MBEDTLS_PRIVATE(h); /*!< \internal 1 if the constants are static. */ unsigned int MBEDTLS_PRIVATE(h); /*!< \internal 1 if the constants are static. */
int (*MBEDTLS_PRIVATE(modp))(mbedtls_mpi *); /*!< The function for fast pseudo-reduction int(*MBEDTLS_PRIVATE(modp))(mbedtls_mpi *); /*!< The function for fast pseudo-reduction
mod \p P (see above).*/ mod \p P (see above).*/
int (*MBEDTLS_PRIVATE(t_pre))(mbedtls_ecp_point *, void *); /*!< Unused. */ int(*MBEDTLS_PRIVATE(t_pre))(mbedtls_ecp_point *, void *); /*!< Unused. */
int (*MBEDTLS_PRIVATE(t_post))(mbedtls_ecp_point *, void *); /*!< Unused. */ int(*MBEDTLS_PRIVATE(t_post))(mbedtls_ecp_point *, void *); /*!< Unused. */
void *MBEDTLS_PRIVATE(t_data); /*!< Unused. */ void *MBEDTLS_PRIVATE(t_data); /*!< Unused. */
mbedtls_ecp_point *MBEDTLS_PRIVATE(T); /*!< Pre-computed points for ecp_mul_comb(). */ mbedtls_ecp_point *MBEDTLS_PRIVATE(T); /*!< Pre-computed points for ecp_mul_comb(). */
size_t MBEDTLS_PRIVATE(T_size); /*!< The number of dynamic allocated pre-computed points. */ size_t MBEDTLS_PRIVATE(T_size); /*!< The number of dynamic allocated pre-computed points. */
@ -343,8 +338,8 @@ mbedtls_ecp_group;
#error "Missing definition of MBEDTLS_ECP_MAX_BITS" #error "Missing definition of MBEDTLS_ECP_MAX_BITS"
#endif #endif
#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 ) #define MBEDTLS_ECP_MAX_BYTES ((MBEDTLS_ECP_MAX_BITS + 7) / 8)
#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 ) #define MBEDTLS_ECP_MAX_PT_LEN (2 * MBEDTLS_ECP_MAX_BYTES + 1)
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
@ -365,8 +360,7 @@ typedef struct mbedtls_ecp_restart_muladd mbedtls_ecp_restart_muladd_ctx;
/** /**
* \brief General context for resuming ECC operations * \brief General context for resuming ECC operations
*/ */
typedef struct typedef struct {
{
unsigned MBEDTLS_PRIVATE(ops_done); /*!< current ops count */ unsigned MBEDTLS_PRIVATE(ops_done); /*!< current ops count */
unsigned MBEDTLS_PRIVATE(depth); /*!< call depth (0 = top-level) */ unsigned MBEDTLS_PRIVATE(depth); /*!< call depth (0 = top-level) */
mbedtls_ecp_restart_mul_ctx *MBEDTLS_PRIVATE(rsm); /*!< ecp_mul_comb() sub-context */ mbedtls_ecp_restart_mul_ctx *MBEDTLS_PRIVATE(rsm); /*!< ecp_mul_comb() sub-context */
@ -392,18 +386,18 @@ typedef struct
* \return \c 0 if doing \p ops basic ops is still allowed, * \return \c 0 if doing \p ops basic ops is still allowed,
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS otherwise. * \return #MBEDTLS_ERR_ECP_IN_PROGRESS otherwise.
*/ */
int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp, int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp,
mbedtls_ecp_restart_ctx *rs_ctx, mbedtls_ecp_restart_ctx *rs_ctx,
unsigned ops ); unsigned ops);
/* Utility macro for checking and updating ops budget */ /* Utility macro for checking and updating ops budget */
#define MBEDTLS_ECP_BUDGET( ops ) \ #define MBEDTLS_ECP_BUDGET(ops) \
MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, rs_ctx, \ MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, rs_ctx, \
(unsigned) (ops) ) ); (unsigned) (ops)));
#else /* MBEDTLS_ECP_RESTARTABLE */ #else /* MBEDTLS_ECP_RESTARTABLE */
#define MBEDTLS_ECP_BUDGET( ops ) /* no-op; for compatibility */ #define MBEDTLS_ECP_BUDGET(ops) /* no-op; for compatibility */
/* We want to declare restartable versions of existing functions anyway */ /* We want to declare restartable versions of existing functions anyway */
typedef void mbedtls_ecp_restart_ctx; typedef void mbedtls_ecp_restart_ctx;
@ -418,8 +412,7 @@ typedef void mbedtls_ecp_restart_ctx;
* \note Members are deliberately in the same order as in the * \note Members are deliberately in the same order as in the
* ::mbedtls_ecdsa_context structure. * ::mbedtls_ecdsa_context structure.
*/ */
typedef struct mbedtls_ecp_keypair typedef struct mbedtls_ecp_keypair {
{
mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< Elliptic curve and base point */ mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< Elliptic curve and base point */
mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< our secret value */ mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< our secret value */
mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< our public value */ mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< our public value */
@ -495,7 +488,7 @@ mbedtls_ecp_keypair;
* *
* \note This setting is currently ignored by Curve25519. * \note This setting is currently ignored by Curve25519.
*/ */
void mbedtls_ecp_set_max_ops( unsigned max_ops ); void mbedtls_ecp_set_max_ops(unsigned max_ops);
/** /**
* \brief Check if restart is enabled (max_ops != 0) * \brief Check if restart is enabled (max_ops != 0)
@ -503,13 +496,13 @@ void mbedtls_ecp_set_max_ops( unsigned max_ops );
* \return \c 0 if \c max_ops == 0 (restart disabled) * \return \c 0 if \c max_ops == 0 (restart disabled)
* \return \c 1 otherwise (restart enabled) * \return \c 1 otherwise (restart enabled)
*/ */
int mbedtls_ecp_restart_is_enabled( void ); int mbedtls_ecp_restart_is_enabled(void);
#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECP_RESTARTABLE */
/* /*
* Get the type of a curve * Get the type of a curve
*/ */
mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp ); mbedtls_ecp_curve_type mbedtls_ecp_get_type(const mbedtls_ecp_group *grp);
/** /**
* \brief This function retrieves the information defined in * \brief This function retrieves the information defined in
@ -523,7 +516,7 @@ mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp );
* *
* \return A statically allocated array. The last entry is 0. * \return A statically allocated array. The last entry is 0.
*/ */
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void ); const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list(void);
/** /**
* \brief This function retrieves the list of internal group * \brief This function retrieves the list of internal group
@ -539,7 +532,7 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
* \return A statically allocated array, * \return A statically allocated array,
* terminated with MBEDTLS_ECP_DP_NONE. * terminated with MBEDTLS_ECP_DP_NONE.
*/ */
const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void ); const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list(void);
/** /**
* \brief This function retrieves curve information from an internal * \brief This function retrieves curve information from an internal
@ -550,7 +543,7 @@ const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void );
* \return The associated curve information on success. * \return The associated curve information on success.
* \return NULL on failure. * \return NULL on failure.
*/ */
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id ); const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id);
/** /**
* \brief This function retrieves curve information from a TLS * \brief This function retrieves curve information from a TLS
@ -561,7 +554,7 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_gr
* \return The associated curve information on success. * \return The associated curve information on success.
* \return NULL on failure. * \return NULL on failure.
*/ */
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id ); const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id);
/** /**
* \brief This function retrieves curve information from a * \brief This function retrieves curve information from a
@ -572,14 +565,14 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_i
* \return The associated curve information on success. * \return The associated curve information on success.
* \return NULL on failure. * \return NULL on failure.
*/ */
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name ); const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name(const char *name);
/** /**
* \brief This function initializes a point as zero. * \brief This function initializes a point as zero.
* *
* \param pt The point to initialize. * \param pt The point to initialize.
*/ */
void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ); void mbedtls_ecp_point_init(mbedtls_ecp_point *pt);
/** /**
* \brief This function initializes an ECP group context * \brief This function initializes an ECP group context
@ -590,21 +583,21 @@ void mbedtls_ecp_point_init( mbedtls_ecp_point *pt );
* mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group() * mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group()
* functions. * functions.
*/ */
void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ); void mbedtls_ecp_group_init(mbedtls_ecp_group *grp);
/** /**
* \brief This function initializes a key pair as an invalid one. * \brief This function initializes a key pair as an invalid one.
* *
* \param key The key pair to initialize. * \param key The key pair to initialize.
*/ */
void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key ); void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key);
/** /**
* \brief This function frees the components of a point. * \brief This function frees the components of a point.
* *
* \param pt The point to free. * \param pt The point to free.
*/ */
void mbedtls_ecp_point_free( mbedtls_ecp_point *pt ); void mbedtls_ecp_point_free(mbedtls_ecp_point *pt);
/** /**
* \brief This function frees the components of an ECP group. * \brief This function frees the components of an ECP group.
@ -613,7 +606,7 @@ void mbedtls_ecp_point_free( mbedtls_ecp_point *pt );
* case this function returns immediately. If it is not * case this function returns immediately. If it is not
* \c NULL, it must point to an initialized ECP group. * \c NULL, it must point to an initialized ECP group.
*/ */
void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ); void mbedtls_ecp_group_free(mbedtls_ecp_group *grp);
/** /**
* \brief This function frees the components of a key pair. * \brief This function frees the components of a key pair.
@ -622,7 +615,7 @@ void mbedtls_ecp_group_free( mbedtls_ecp_group *grp );
* case this function returns immediately. If it is not * case this function returns immediately. If it is not
* \c NULL, it must point to an initialized ECP key pair. * \c NULL, it must point to an initialized ECP key pair.
*/ */
void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ); void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key);
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
@ -631,7 +624,7 @@ void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key );
* \param ctx The restart context to initialize. This must * \param ctx The restart context to initialize. This must
* not be \c NULL. * not be \c NULL.
*/ */
void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx ); void mbedtls_ecp_restart_init(mbedtls_ecp_restart_ctx *ctx);
/** /**
* \brief Free the components of a restart context. * \brief Free the components of a restart context.
@ -640,7 +633,7 @@ void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx );
* case this function returns immediately. If it is not * case this function returns immediately. If it is not
* \c NULL, it must point to an initialized restart context. * \c NULL, it must point to an initialized restart context.
*/ */
void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx ); void mbedtls_ecp_restart_free(mbedtls_ecp_restart_ctx *ctx);
#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECP_RESTARTABLE */
/** /**
@ -654,7 +647,7 @@ void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code for other kinds of failure. * \return Another negative error code for other kinds of failure.
*/ */
int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ); int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q);
/** /**
* \brief This function copies the contents of group \p src into * \brief This function copies the contents of group \p src into
@ -667,8 +660,8 @@ int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q );
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst,
const mbedtls_ecp_group *src ); const mbedtls_ecp_group *src);
/** /**
* \brief This function sets a point to the point at infinity. * \brief This function sets a point to the point at infinity.
@ -679,7 +672,7 @@ int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ); int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt);
/** /**
* \brief This function checks if a point is the point at infinity. * \brief This function checks if a point is the point at infinity.
@ -690,7 +683,7 @@ int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt );
* \return \c 0 if the point is non-zero. * \return \c 0 if the point is non-zero.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ); int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt);
/** /**
* \brief This function compares two points. * \brief This function compares two points.
@ -704,8 +697,8 @@ int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt );
* \return \c 0 if the points are equal. * \return \c 0 if the points are equal.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the points are not equal. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the points are not equal.
*/ */
int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P, int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P,
const mbedtls_ecp_point *Q ); const mbedtls_ecp_point *Q);
/** /**
* \brief This function imports a non-zero point from two ASCII * \brief This function imports a non-zero point from two ASCII
@ -719,8 +712,8 @@ int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_MPI_XXX error code on failure. * \return An \c MBEDTLS_ERR_MPI_XXX error code on failure.
*/ */
int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix,
const char *x, const char *y ); const char *x, const char *y);
/** /**
* \brief This function exports a point into unsigned binary data. * \brief This function exports a point into unsigned binary data.
@ -747,10 +740,10 @@ int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix,
* or the export for the given group is not implemented. * or the export for the given group is not implemented.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp,
const mbedtls_ecp_point *P, const mbedtls_ecp_point *P,
int format, size_t *olen, int format, size_t *olen,
unsigned char *buf, size_t buflen ); unsigned char *buf, size_t buflen);
/** /**
* \brief This function imports a point from unsigned binary data. * \brief This function imports a point from unsigned binary data.
@ -774,9 +767,9 @@ int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp,
* \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the import for the * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the import for the
* given group is not implemented. * given group is not implemented.
*/ */
int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp,
mbedtls_ecp_point *P, mbedtls_ecp_point *P,
const unsigned char *buf, size_t ilen ); const unsigned char *buf, size_t ilen);
/** /**
* \brief This function imports a point from a TLS ECPoint record. * \brief This function imports a point from a TLS ECPoint record.
@ -796,9 +789,9 @@ int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp,
* failure. * failure.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid.
*/ */
int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp,
mbedtls_ecp_point *pt, mbedtls_ecp_point *pt,
const unsigned char **buf, size_t len ); const unsigned char **buf, size_t len);
/** /**
* \brief This function exports a point as a TLS ECPoint record * \brief This function exports a point as a TLS ECPoint record
@ -822,10 +815,10 @@ int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp,
* is too small to hold the exported point. * is too small to hold the exported point.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp,
const mbedtls_ecp_point *pt, const mbedtls_ecp_point *pt,
int format, size_t *olen, int format, size_t *olen,
unsigned char *buf, size_t blen ); unsigned char *buf, size_t blen);
/** /**
* \brief This function sets up an ECP group context * \brief This function sets up an ECP group context
@ -844,7 +837,7 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp,
* correspond to a known group. * correspond to a known group.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ); int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id);
/** /**
* \brief This function sets up an ECP group context from a TLS * \brief This function sets up an ECP group context from a TLS
@ -863,8 +856,8 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id );
* recognized. * recognized.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp,
const unsigned char **buf, size_t len ); const unsigned char **buf, size_t len);
/** /**
* \brief This function extracts an elliptic curve group ID from a * \brief This function extracts an elliptic curve group ID from a
@ -884,9 +877,9 @@ int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp,
* recognized. * recognized.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp, int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp,
const unsigned char **buf, const unsigned char **buf,
size_t len ); size_t len);
/** /**
* \brief This function exports an elliptic curve as a TLS * \brief This function exports an elliptic curve as a TLS
* ECParameters record as defined in RFC 4492, Section 5.4. * ECParameters record as defined in RFC 4492, Section 5.4.
@ -905,9 +898,9 @@ int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp,
* buffer is too small to hold the exported group. * buffer is too small to hold the exported group.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp,
size_t *olen, size_t *olen,
unsigned char *buf, size_t blen ); unsigned char *buf, size_t blen);
/** /**
* \brief This function performs a scalar multiplication of a point * \brief This function performs a scalar multiplication of a point
@ -938,9 +931,9 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp,
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *m, const mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** /**
* \brief This function performs multiplication of a point by * \brief This function performs multiplication of a point by
@ -972,10 +965,10 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *m, const mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_ecp_restart_ctx *rs_ctx ); mbedtls_ecp_restart_ctx *rs_ctx);
#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
/** /**
@ -1013,9 +1006,9 @@ int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
* designate a short Weierstrass curve. * designate a short Weierstrass curve.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *m, const mbedtls_ecp_point *P,
const mbedtls_mpi *n, const mbedtls_ecp_point *Q ); const mbedtls_mpi *n, const mbedtls_ecp_point *Q);
/** /**
* \brief This function performs multiplication and addition of two * \brief This function performs multiplication and addition of two
@ -1058,10 +1051,10 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_muladd_restartable( int mbedtls_ecp_muladd_restartable(
mbedtls_ecp_group *grp, mbedtls_ecp_point *R, mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *m, const mbedtls_ecp_point *P,
const mbedtls_mpi *n, const mbedtls_ecp_point *Q, const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
mbedtls_ecp_restart_ctx *rs_ctx ); mbedtls_ecp_restart_ctx *rs_ctx);
#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
/** /**
@ -1091,8 +1084,8 @@ int mbedtls_ecp_muladd_restartable(
* a valid public key for the given curve. * a valid public key for the given curve.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp,
const mbedtls_ecp_point *pt ); const mbedtls_ecp_point *pt);
/** /**
* \brief This function checks that an \p mbedtls_mpi is a * \brief This function checks that an \p mbedtls_mpi is a
@ -1113,8 +1106,8 @@ int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp,
* private key for the given curve. * private key for the given curve.
* \return Another negative error code on other kinds of failure. * \return Another negative error code on other kinds of failure.
*/ */
int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp,
const mbedtls_mpi *d ); const mbedtls_mpi *d);
/** /**
* \brief This function generates a private key. * \brief This function generates a private key.
@ -1131,10 +1124,10 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure. * on failure.
*/ */
int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp,
mbedtls_mpi *d, mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function generates a keypair with a configurable base * \brief This function generates a keypair with a configurable base
@ -1163,11 +1156,11 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure. * on failure.
*/ */
int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp,
const mbedtls_ecp_point *G, const mbedtls_ecp_point *G,
mbedtls_mpi *d, mbedtls_ecp_point *Q, mbedtls_mpi *d, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function generates an ECP keypair. * \brief This function generates an ECP keypair.
@ -1192,10 +1185,10 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure. * on failure.
*/ */
int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d, int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, mbedtls_mpi *d,
mbedtls_ecp_point *Q, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function generates an ECP key. * \brief This function generates an ECP key.
@ -1210,9 +1203,9 @@ int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d,
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
* on failure. * on failure.
*/ */
int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief This function reads an elliptic curve private key. * \brief This function reads an elliptic curve private key.
@ -1232,8 +1225,8 @@ int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
* the group is not implemented. * the group is not implemented.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
const unsigned char *buf, size_t buflen ); const unsigned char *buf, size_t buflen);
/** /**
* \brief This function exports an elliptic curve private key. * \brief This function exports an elliptic curve private key.
@ -1251,8 +1244,8 @@ int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
* the group is not implemented. * the group is not implemented.
* \return Another negative error code on different kinds of failure. * \return Another negative error code on different kinds of failure.
*/ */
int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key, int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key,
unsigned char *buf, size_t buflen ); unsigned char *buf, size_t buflen);
/** /**
* \brief This function checks that the keypair objects * \brief This function checks that the keypair objects
@ -1275,8 +1268,8 @@ int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key,
* error code on calculation failure. * error code on calculation failure.
*/ */
int mbedtls_ecp_check_pub_priv( int mbedtls_ecp_check_pub_priv(
const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv, const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** /**
* \brief This function exports generic key-pair parameters. * \brief This function exports generic key-pair parameters.
@ -1306,7 +1299,7 @@ int mbedtls_ecp_export(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp,
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_ecp_self_test( int verbose ); int mbedtls_ecp_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

46
include/mbedtls/entropy.h
View File

@ -99,15 +99,14 @@ extern "C" {
* MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise
*/ */
typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, size_t len, typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, size_t len,
size_t *olen); size_t *olen);
/** /**
* \brief Entropy source state * \brief Entropy source state
*/ */
typedef struct mbedtls_entropy_source_state typedef struct mbedtls_entropy_source_state {
{
mbedtls_entropy_f_source_ptr MBEDTLS_PRIVATE(f_source); /**< The entropy source callback */ mbedtls_entropy_f_source_ptr MBEDTLS_PRIVATE(f_source); /**< The entropy source callback */
void * MBEDTLS_PRIVATE(p_source); /**< The callback data pointer */ void *MBEDTLS_PRIVATE(p_source); /**< The callback data pointer */
size_t MBEDTLS_PRIVATE(size); /**< Amount received in bytes */ size_t MBEDTLS_PRIVATE(size); /**< Amount received in bytes */
size_t MBEDTLS_PRIVATE(threshold); /**< Minimum bytes required before release */ size_t MBEDTLS_PRIVATE(threshold); /**< Minimum bytes required before release */
int MBEDTLS_PRIVATE(strong); /**< Is the source strong? */ int MBEDTLS_PRIVATE(strong); /**< Is the source strong? */
@ -117,11 +116,10 @@ mbedtls_entropy_source_state;
/** /**
* \brief Entropy context structure * \brief Entropy context structure
*/ */
typedef struct mbedtls_entropy_context typedef struct mbedtls_entropy_context {
{
int MBEDTLS_PRIVATE(accumulator_started); /* 0 after init. int MBEDTLS_PRIVATE(accumulator_started); /* 0 after init.
* 1 after the first update. * 1 after the first update.
* -1 after free. */ * -1 after free. */
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_context MBEDTLS_PRIVATE(accumulator); mbedtls_sha512_context MBEDTLS_PRIVATE(accumulator);
#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR) #elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR)
@ -142,8 +140,8 @@ mbedtls_entropy_context;
/** /**
* \brief Platform-specific entropy poll callback * \brief Platform-specific entropy poll callback
*/ */
int mbedtls_platform_entropy_poll( void *data, int mbedtls_platform_entropy_poll(void *data,
unsigned char *output, size_t len, size_t *olen ); unsigned char *output, size_t len, size_t *olen);
#endif #endif
/** /**
@ -151,14 +149,14 @@ int mbedtls_platform_entropy_poll( void *data,
* *
* \param ctx Entropy context to initialize * \param ctx Entropy context to initialize
*/ */
void mbedtls_entropy_init( mbedtls_entropy_context *ctx ); void mbedtls_entropy_init(mbedtls_entropy_context *ctx);
/** /**
* \brief Free the data in the context * \brief Free the data in the context
* *
* \param ctx Entropy context to free * \param ctx Entropy context to free
*/ */
void mbedtls_entropy_free( mbedtls_entropy_context *ctx ); void mbedtls_entropy_free(mbedtls_entropy_context *ctx);
/** /**
* \brief Adds an entropy source to poll * \brief Adds an entropy source to poll
@ -177,9 +175,9 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
* *
* \return 0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES * \return 0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES
*/ */
int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, int mbedtls_entropy_add_source(mbedtls_entropy_context *ctx,
mbedtls_entropy_f_source_ptr f_source, void *p_source, mbedtls_entropy_f_source_ptr f_source, void *p_source,
size_t threshold, int strong ); size_t threshold, int strong);
/** /**
* \brief Trigger an extra gather poll for the accumulator * \brief Trigger an extra gather poll for the accumulator
@ -189,7 +187,7 @@ int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
* *
* \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/ */
int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ); int mbedtls_entropy_gather(mbedtls_entropy_context *ctx);
/** /**
* \brief Retrieve entropy from the accumulator * \brief Retrieve entropy from the accumulator
@ -202,7 +200,7 @@ int mbedtls_entropy_gather( mbedtls_entropy_context *ctx );
* *
* \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/ */
int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ); int mbedtls_entropy_func(void *data, unsigned char *output, size_t len);
/** /**
* \brief Add data to the accumulator manually * \brief Add data to the accumulator manually
@ -214,8 +212,8 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len );
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, int mbedtls_entropy_update_manual(mbedtls_entropy_context *ctx,
const unsigned char *data, size_t len ); const unsigned char *data, size_t len);
#if defined(MBEDTLS_ENTROPY_NV_SEED) #if defined(MBEDTLS_ENTROPY_NV_SEED)
/** /**
@ -226,7 +224,7 @@ int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx ); int mbedtls_entropy_update_nv_seed(mbedtls_entropy_context *ctx);
#endif /* MBEDTLS_ENTROPY_NV_SEED */ #endif /* MBEDTLS_ENTROPY_NV_SEED */
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
@ -240,7 +238,7 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx );
* MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or
* MBEDTLS_ERR_ENTROPY_SOURCE_FAILED * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/ */
int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path ); int mbedtls_entropy_write_seed_file(mbedtls_entropy_context *ctx, const char *path);
/** /**
* \brief Read and update a seed file. Seed is added to this * \brief Read and update a seed file. Seed is added to this
@ -254,7 +252,7 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p
* MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error,
* MBEDTLS_ERR_ENTROPY_SOURCE_FAILED * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/ */
int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path ); int mbedtls_entropy_update_seed_file(mbedtls_entropy_context *ctx, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -266,7 +264,7 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *
* *
* \return 0 if successful, or 1 if a test failed * \return 0 if successful, or 1 if a test failed
*/ */
int mbedtls_entropy_self_test( int verbose ); int mbedtls_entropy_self_test(int verbose);
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
/** /**
@ -282,7 +280,7 @@ int mbedtls_entropy_self_test( int verbose );
* *
* \return 0 if successful, or 1 if a test failed * \return 0 if successful, or 1 if a test failed
*/ */
int mbedtls_entropy_source_self_test( int verbose ); int mbedtls_entropy_source_self_test(int verbose);
#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ #endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

27
include/mbedtls/error.h
View File

@ -121,15 +121,15 @@ extern "C" {
* Wrapper macro for mbedtls_error_add(). See that function for * Wrapper macro for mbedtls_error_add(). See that function for
* more details. * more details.
*/ */
#define MBEDTLS_ERROR_ADD( high, low ) \ #define MBEDTLS_ERROR_ADD(high, low) \
mbedtls_error_add( high, low, __FILE__, __LINE__ ) mbedtls_error_add(high, low, __FILE__, __LINE__)
#if defined(MBEDTLS_TEST_HOOKS) #if defined(MBEDTLS_TEST_HOOKS)
/** /**
* \brief Testing hook called before adding/combining two error codes together. * \brief Testing hook called before adding/combining two error codes together.
* Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS.
*/ */
extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); extern void (*mbedtls_test_hook_error_add)(int, int, const char *, int);
#endif #endif
/** /**
@ -150,17 +150,18 @@ extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int );
* \param file file where this error code addition occurred. * \param file file where this error code addition occurred.
* \param line line where this error code addition occurred. * \param line line where this error code addition occurred.
*/ */
static inline int mbedtls_error_add( int high, int low, static inline int mbedtls_error_add(int high, int low,
const char *file, int line ) const char *file, int line)
{ {
#if defined(MBEDTLS_TEST_HOOKS) #if defined(MBEDTLS_TEST_HOOKS)
if( *mbedtls_test_hook_error_add != NULL ) if (*mbedtls_test_hook_error_add != NULL) {
( *mbedtls_test_hook_error_add )( high, low, file, line ); (*mbedtls_test_hook_error_add)(high, low, file, line);
}
#endif #endif
(void)file; (void) file;
(void)line; (void) line;
return( high + low ); return high + low;
} }
/** /**
@ -172,7 +173,7 @@ static inline int mbedtls_error_add( int high, int low,
* \param buffer buffer to place representation in * \param buffer buffer to place representation in
* \param buflen length of the buffer * \param buflen length of the buffer
*/ */
void mbedtls_strerror( int errnum, char *buffer, size_t buflen ); void mbedtls_strerror(int errnum, char *buffer, size_t buflen);
/** /**
* \brief Translate the high-level part of an Mbed TLS error code into a string * \brief Translate the high-level part of an Mbed TLS error code into a string
@ -187,7 +188,7 @@ void mbedtls_strerror( int errnum, char *buffer, size_t buflen );
* \return The string representation of the error code, or \c NULL if the error * \return The string representation of the error code, or \c NULL if the error
* code is unknown. * code is unknown.
*/ */
const char * mbedtls_high_level_strerr( int error_code ); const char *mbedtls_high_level_strerr(int error_code);
/** /**
* \brief Translate the low-level part of an Mbed TLS error code into a string * \brief Translate the low-level part of an Mbed TLS error code into a string
@ -202,7 +203,7 @@ const char * mbedtls_high_level_strerr( int error_code );
* \return The string representation of the error code, or \c NULL if the error * \return The string representation of the error code, or \c NULL if the error
* code is unknown. * code is unknown.
*/ */
const char * mbedtls_low_level_strerr( int error_code ); const char *mbedtls_low_level_strerr(int error_code);
#ifdef __cplusplus #ifdef __cplusplus
} }

93
include/mbedtls/gcm.h
View File

@ -57,8 +57,7 @@ extern "C" {
/** /**
* \brief The GCM context structure. * \brief The GCM context structure.
*/ */
typedef struct mbedtls_gcm_context typedef struct mbedtls_gcm_context {
{
mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */
uint64_t MBEDTLS_PRIVATE(HL)[16]; /*!< Precalculated HTable low. */ uint64_t MBEDTLS_PRIVATE(HL)[16]; /*!< Precalculated HTable low. */
uint64_t MBEDTLS_PRIVATE(HH)[16]; /*!< Precalculated HTable high. */ uint64_t MBEDTLS_PRIVATE(HH)[16]; /*!< Precalculated HTable high. */
@ -68,8 +67,8 @@ typedef struct mbedtls_gcm_context
unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working value. */ unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working value. */
unsigned char MBEDTLS_PRIVATE(buf)[16]; /*!< The buf working value. */ unsigned char MBEDTLS_PRIVATE(buf)[16]; /*!< The buf working value. */
int MBEDTLS_PRIVATE(mode); /*!< The operation to perform: int MBEDTLS_PRIVATE(mode); /*!< The operation to perform:
#MBEDTLS_GCM_ENCRYPT or #MBEDTLS_GCM_ENCRYPT or
#MBEDTLS_GCM_DECRYPT. */ #MBEDTLS_GCM_DECRYPT. */
} }
mbedtls_gcm_context; mbedtls_gcm_context;
@ -88,7 +87,7 @@ mbedtls_gcm_context;
* *
* \param ctx The GCM context to initialize. This must not be \c NULL. * \param ctx The GCM context to initialize. This must not be \c NULL.
*/ */
void mbedtls_gcm_init( mbedtls_gcm_context *ctx ); void mbedtls_gcm_init(mbedtls_gcm_context *ctx);
/** /**
* \brief This function associates a GCM context with a * \brief This function associates a GCM context with a
@ -106,10 +105,10 @@ void mbedtls_gcm_init( mbedtls_gcm_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A cipher-specific error code on failure. * \return A cipher-specific error code on failure.
*/ */
int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx,
mbedtls_cipher_id_t cipher, mbedtls_cipher_id_t cipher,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ); unsigned int keybits);
/** /**
* \brief This function performs GCM encryption or decryption of a buffer. * \brief This function performs GCM encryption or decryption of a buffer.
@ -162,17 +161,17 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
* not valid or a cipher-specific error code if the encryption * not valid or a cipher-specific error code if the encryption
* or decryption failed. * or decryption failed.
*/ */
int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx,
int mode, int mode,
size_t length, size_t length,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len, size_t iv_len,
const unsigned char *add, const unsigned char *add,
size_t add_len, size_t add_len,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
size_t tag_len, size_t tag_len,
unsigned char *tag ); unsigned char *tag);
/** /**
* \brief This function performs a GCM authenticated decryption of a * \brief This function performs a GCM authenticated decryption of a
@ -207,16 +206,16 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
* not valid or a cipher-specific error code if the decryption * not valid or a cipher-specific error code if the decryption
* failed. * failed.
*/ */
int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx,
size_t length, size_t length,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len, size_t iv_len,
const unsigned char *add, const unsigned char *add,
size_t add_len, size_t add_len,
const unsigned char *tag, const unsigned char *tag,
size_t tag_len, size_t tag_len,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function starts a GCM encryption or decryption * \brief This function starts a GCM encryption or decryption
@ -231,10 +230,10 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, int mbedtls_gcm_starts(mbedtls_gcm_context *ctx,
int mode, int mode,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len ); size_t iv_len);
/** /**
* \brief This function feeds an input buffer as associated data * \brief This function feeds an input buffer as associated data
@ -256,9 +255,9 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, int mbedtls_gcm_update_ad(mbedtls_gcm_context *ctx,
const unsigned char *add, const unsigned char *add,
size_t add_len ); size_t add_len);
/** /**
* \brief This function feeds an input buffer into an ongoing GCM * \brief This function feeds an input buffer into an ongoing GCM
@ -311,10 +310,10 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
* unsupported input/output buffer overlap detected, * unsupported input/output buffer overlap detected,
* or \p output_size too small. * or \p output_size too small.
*/ */
int mbedtls_gcm_update( mbedtls_gcm_context *ctx, int mbedtls_gcm_update(mbedtls_gcm_context *ctx,
const unsigned char *input, size_t input_length, const unsigned char *input, size_t input_length,
unsigned char *output, size_t output_size, unsigned char *output, size_t output_size,
size_t *output_length ); size_t *output_length);
/** /**
* \brief This function finishes the GCM operation and generates * \brief This function finishes the GCM operation and generates
@ -349,10 +348,10 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
* invalid value of \p tag_len, * invalid value of \p tag_len,
* or \p output_size too small. * or \p output_size too small.
*/ */
int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, int mbedtls_gcm_finish(mbedtls_gcm_context *ctx,
unsigned char *output, size_t output_size, unsigned char *output, size_t output_size,
size_t *output_length, size_t *output_length,
unsigned char *tag, size_t tag_len ); unsigned char *tag, size_t tag_len);
/** /**
* \brief This function clears a GCM context and the underlying * \brief This function clears a GCM context and the underlying
@ -361,7 +360,7 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
* \param ctx The GCM context to clear. If this is \c NULL, the call has * \param ctx The GCM context to clear. If this is \c NULL, the call has
* no effect. Otherwise, this must be initialized. * no effect. Otherwise, this must be initialized.
*/ */
void mbedtls_gcm_free( mbedtls_gcm_context *ctx ); void mbedtls_gcm_free(mbedtls_gcm_context *ctx);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -371,7 +370,7 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_gcm_self_test( int verbose ); int mbedtls_gcm_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

22
include/mbedtls/hkdf.h
View File

@ -65,10 +65,10 @@ extern "C" {
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer. * MD layer.
*/ */
int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, int mbedtls_hkdf(const mbedtls_md_info_t *md, const unsigned char *salt,
size_t salt_len, const unsigned char *ikm, size_t ikm_len, size_t salt_len, const unsigned char *ikm, size_t ikm_len,
const unsigned char *info, size_t info_len, const unsigned char *info, size_t info_len,
unsigned char *okm, size_t okm_len ); unsigned char *okm, size_t okm_len);
/** /**
* \brief Take the input keying material \p ikm and extract from it a * \brief Take the input keying material \p ikm and extract from it a
@ -94,10 +94,10 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer. * MD layer.
*/ */
int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, int mbedtls_hkdf_extract(const mbedtls_md_info_t *md,
const unsigned char *salt, size_t salt_len, const unsigned char *salt, size_t salt_len,
const unsigned char *ikm, size_t ikm_len, const unsigned char *ikm, size_t ikm_len,
unsigned char *prk ); unsigned char *prk);
/** /**
* \brief Expand the supplied \p prk into several additional pseudorandom * \brief Expand the supplied \p prk into several additional pseudorandom
@ -125,9 +125,9 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer. * MD layer.
*/ */
int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, int mbedtls_hkdf_expand(const mbedtls_md_info_t *md, const unsigned char *prk,
size_t prk_len, const unsigned char *info, size_t prk_len, const unsigned char *info,
size_t info_len, unsigned char *okm, size_t okm_len ); size_t info_len, unsigned char *okm, size_t okm_len);
#ifdef __cplusplus #ifdef __cplusplus
} }

65
include/mbedtls/hmac_drbg.h
View File

@ -83,8 +83,7 @@ extern "C" {
/** /**
* HMAC_DRBG context. * HMAC_DRBG context.
*/ */
typedef struct mbedtls_hmac_drbg_context typedef struct mbedtls_hmac_drbg_context {
{
/* Working state: the key K is not stored explicitly, /* Working state: the key K is not stored explicitly,
* but is implied by the HMAC context */ * but is implied by the HMAC context */
mbedtls_md_context_t MBEDTLS_PRIVATE(md_ctx); /*!< HMAC context (inc. K) */ mbedtls_md_context_t MBEDTLS_PRIVATE(md_ctx); /*!< HMAC context (inc. K) */
@ -94,11 +93,11 @@ typedef struct mbedtls_hmac_drbg_context
/* Administrative state */ /* Administrative state */
size_t MBEDTLS_PRIVATE(entropy_len); /*!< entropy bytes grabbed on each (re)seed */ size_t MBEDTLS_PRIVATE(entropy_len); /*!< entropy bytes grabbed on each (re)seed */
int MBEDTLS_PRIVATE(prediction_resistance); /*!< enable prediction resistance (Automatic int MBEDTLS_PRIVATE(prediction_resistance); /*!< enable prediction resistance (Automatic
reseed before every random generation) */ reseed before every random generation) */
int MBEDTLS_PRIVATE(reseed_interval); /*!< reseed interval */ int MBEDTLS_PRIVATE(reseed_interval); /*!< reseed interval */
/* Callbacks */ /* Callbacks */
int (*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t); /*!< entropy function */ int(*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t); /*!< entropy function */
void *MBEDTLS_PRIVATE(p_entropy); /*!< context for the entropy function */ void *MBEDTLS_PRIVATE(p_entropy); /*!< context for the entropy function */
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
@ -126,7 +125,7 @@ typedef struct mbedtls_hmac_drbg_context
* *
* \param ctx HMAC_DRBG context to be initialized. * \param ctx HMAC_DRBG context to be initialized.
*/ */
void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx);
/** /**
* \brief HMAC_DRBG initial seeding. * \brief HMAC_DRBG initial seeding.
@ -196,12 +195,12 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx );
* \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
* if the call to \p f_entropy failed. * if the call to \p f_entropy failed.
*/ */
int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info, const mbedtls_md_info_t *md_info,
int (*f_entropy)(void *, unsigned char *, size_t), int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy, void *p_entropy,
const unsigned char *custom, const unsigned char *custom,
size_t len ); size_t len);
/** /**
* \brief Initialisation of simplified HMAC_DRBG (never reseeds). * \brief Initialisation of simplified HMAC_DRBG (never reseeds).
@ -231,9 +230,9 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough * \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough
* memory to allocate context data. * memory to allocate context data.
*/ */
int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info, const mbedtls_md_info_t *md_info,
const unsigned char *data, size_t data_len ); const unsigned char *data, size_t data_len);
/** /**
* \brief This function turns prediction resistance on or off. * \brief This function turns prediction resistance on or off.
@ -248,8 +247,8 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
* \param ctx The HMAC_DRBG context. * \param ctx The HMAC_DRBG context.
* \param resistance #MBEDTLS_HMAC_DRBG_PR_ON or #MBEDTLS_HMAC_DRBG_PR_OFF. * \param resistance #MBEDTLS_HMAC_DRBG_PR_ON or #MBEDTLS_HMAC_DRBG_PR_OFF.
*/ */
void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx, void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx,
int resistance ); int resistance);
/** /**
* \brief This function sets the amount of entropy grabbed on each * \brief This function sets the amount of entropy grabbed on each
@ -260,8 +259,8 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx
* \param ctx The HMAC_DRBG context. * \param ctx The HMAC_DRBG context.
* \param len The amount of entropy to grab, in bytes. * \param len The amount of entropy to grab, in bytes.
*/ */
void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx,
size_t len ); size_t len);
/** /**
* \brief Set the reseed interval. * \brief Set the reseed interval.
@ -275,8 +274,8 @@ void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx,
* \param ctx The HMAC_DRBG context. * \param ctx The HMAC_DRBG context.
* \param interval The reseed interval. * \param interval The reseed interval.
*/ */
void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx,
int interval ); int interval);
/** /**
* \brief This function updates the state of the HMAC_DRBG context. * \brief This function updates the state of the HMAC_DRBG context.
@ -295,8 +294,8 @@ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx,
* \return \c 0 on success, or an error from the underlying * \return \c 0 on success, or an error from the underlying
* hash calculation. * hash calculation.
*/ */
int mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, int mbedtls_hmac_drbg_update(mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len ); const unsigned char *additional, size_t add_len);
/** /**
* \brief This function reseeds the HMAC_DRBG context, that is * \brief This function reseeds the HMAC_DRBG context, that is
@ -322,8 +321,8 @@ int mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
* \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
* if a call to the entropy function failed. * if a call to the entropy function failed.
*/ */
int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t len ); const unsigned char *additional, size_t len);
/** /**
* \brief This function updates an HMAC_DRBG instance with additional * \brief This function updates an HMAC_DRBG instance with additional
@ -356,10 +355,10 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
* \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if * \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if
* \p add_len > #MBEDTLS_HMAC_DRBG_MAX_INPUT. * \p add_len > #MBEDTLS_HMAC_DRBG_MAX_INPUT.
*/ */
int mbedtls_hmac_drbg_random_with_add( void *p_rng, int mbedtls_hmac_drbg_random_with_add(void *p_rng,
unsigned char *output, size_t output_len, unsigned char *output, size_t output_len,
const unsigned char *additional, const unsigned char *additional,
size_t add_len ); size_t add_len);
/** /**
* \brief This function uses HMAC_DRBG to generate random data. * \brief This function uses HMAC_DRBG to generate random data.
@ -388,7 +387,7 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng,
* \return #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if * \return #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if
* \p out_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST. * \p out_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
*/ */
int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ); int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len);
/** /**
* \brief This function resets HMAC_DRBG context to the state immediately * \brief This function resets HMAC_DRBG context to the state immediately
@ -396,7 +395,7 @@ int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len
* *
* \param ctx The HMAC_DRBG context to free. * \param ctx The HMAC_DRBG context to free.
*/ */
void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -410,7 +409,7 @@ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx );
* \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on reseed * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on reseed
* failure. * failure.
*/ */
int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ); int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path);
/** /**
* \brief This function reads and updates a seed file. The seed * \brief This function reads and updates a seed file. The seed
@ -426,7 +425,7 @@ int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const cha
* \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if the existing * \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if the existing
* seed file is too large. * seed file is too large.
*/ */
int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ); int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
@ -437,7 +436,7 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch
* \return \c 0 if successful. * \return \c 0 if successful.
* \return \c 1 if the test failed. * \return \c 1 if the test failed.
*/ */
int mbedtls_hmac_drbg_self_test( int verbose ); int mbedtls_hmac_drbg_self_test(int verbose);
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

98
include/mbedtls/legacy_or_psa.h
View File

@ -110,105 +110,105 @@
/* Hashes using low-level or PSA based on availability */ /* Hashes using low-level or PSA based on availability */
#if defined(MBEDTLS_MD5_C) || \ #if defined(MBEDTLS_MD5_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5))
#define MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
#endif #endif
#if defined(MBEDTLS_RIPEMD160_C) || \ #if defined(MBEDTLS_RIPEMD160_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160))
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA
#endif #endif
#if defined(MBEDTLS_SHA1_C) || \ #if defined(MBEDTLS_SHA1_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1))
#define MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA
#endif #endif
#if defined(MBEDTLS_SHA224_C) || \ #if defined(MBEDTLS_SHA224_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224))
#define MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA
#endif #endif
#if defined(MBEDTLS_SHA256_C) || \ #if defined(MBEDTLS_SHA256_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256))
#define MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA
#endif #endif
#if defined(MBEDTLS_SHA384_C) || \ #if defined(MBEDTLS_SHA384_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384))
#define MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA
#endif #endif
#if defined(MBEDTLS_SHA512_C) || \ #if defined(MBEDTLS_SHA512_C) || \
( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) ) (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512))
#define MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA #define MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA
#endif #endif
/* Hashes using MD or PSA based on availability */ /* Hashes using MD or PSA based on availability */
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5))
#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA
#endif #endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160))
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA
#endif #endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1))
#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA
#endif #endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224))
#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA
#endif #endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256))
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
#endif #endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384))
#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA
#endif #endif
#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \ #if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C)) || \
( !defined(MBEDTLS_MD_C) && \ (!defined(MBEDTLS_MD_C) && \
defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) ) defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512))
#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA #define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA
#endif #endif
/* Hashes using MD or PSA based on MBEDTLS_USE_PSA_CRYPTO */ /* Hashes using MD or PSA based on MBEDTLS_USE_PSA_CRYPTO */
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_MD5) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_MD5))
#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_RIPEMD160) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_RIPEMD160))
#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1))
#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224))
#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256))
#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384))
#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif
#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \ defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C)) || \
( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512) ) (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512))
#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA #define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA
#endif #endif

83
include/mbedtls/lms.h
View File

@ -104,10 +104,10 @@ typedef enum {
*/ */
typedef struct { typedef struct {
unsigned char MBEDTLS_PRIVATE(I_key_identifier[MBEDTLS_LMOTS_I_KEY_ID_LEN]); /*!< The key unsigned char MBEDTLS_PRIVATE(I_key_identifier[MBEDTLS_LMOTS_I_KEY_ID_LEN]); /*!< The key
identifier. */ identifier. */
unsigned char MBEDTLS_PRIVATE(q_leaf_identifier[MBEDTLS_LMOTS_Q_LEAF_ID_LEN]); /*!< Which unsigned char MBEDTLS_PRIVATE(q_leaf_identifier[MBEDTLS_LMOTS_Q_LEAF_ID_LEN]); /*!< Which
leaf of the LMS key this is. leaf of the LMS key this is.
0 if the key is not part of an LMS key. */ 0 if the key is not part of an LMS key. */
mbedtls_lmots_algorithm_type_t MBEDTLS_PRIVATE(type); /*!< The LM-OTS key type identifier as mbedtls_lmots_algorithm_type_t MBEDTLS_PRIVATE(type); /*!< The LM-OTS key type identifier as
per IANA. Only SHA256_N32_W8 is per IANA. Only SHA256_N32_W8 is
currently supported. */ currently supported. */
@ -134,7 +134,7 @@ typedef struct {
mbedtls_lmots_parameters_t MBEDTLS_PRIVATE(params); mbedtls_lmots_parameters_t MBEDTLS_PRIVATE(params);
unsigned char MBEDTLS_PRIVATE(public_key)[MBEDTLS_LMOTS_N_HASH_LEN_MAX]; unsigned char MBEDTLS_PRIVATE(public_key)[MBEDTLS_LMOTS_N_HASH_LEN_MAX];
unsigned char MBEDTLS_PRIVATE(have_public_key); /*!< Whether the context contains a public key. unsigned char MBEDTLS_PRIVATE(have_public_key); /*!< Whether the context contains a public key.
Boolean values only. */ Boolean values only. */
} mbedtls_lmots_public_t; } mbedtls_lmots_public_t;
#if defined(MBEDTLS_LMS_PRIVATE) #if defined(MBEDTLS_LMS_PRIVATE)
@ -157,9 +157,10 @@ typedef struct {
*/ */
typedef struct { typedef struct {
mbedtls_lmots_parameters_t MBEDTLS_PRIVATE(params); mbedtls_lmots_parameters_t MBEDTLS_PRIVATE(params);
unsigned char MBEDTLS_PRIVATE(private_key)[MBEDTLS_LMOTS_P_SIG_DIGIT_COUNT_MAX][MBEDTLS_LMOTS_N_HASH_LEN_MAX]; unsigned char MBEDTLS_PRIVATE(private_key)[MBEDTLS_LMOTS_P_SIG_DIGIT_COUNT_MAX][
MBEDTLS_LMOTS_N_HASH_LEN_MAX];
unsigned char MBEDTLS_PRIVATE(have_private_key); /*!< Whether the context contains a private key. unsigned char MBEDTLS_PRIVATE(have_private_key); /*!< Whether the context contains a private key.
Boolean values only. */ Boolean values only. */
} mbedtls_lmots_private_t; } mbedtls_lmots_private_t;
#endif /* defined(MBEDTLS_LMS_PRIVATE) */ #endif /* defined(MBEDTLS_LMS_PRIVATE) */
@ -171,10 +172,10 @@ typedef struct {
*/ */
typedef struct { typedef struct {
unsigned char MBEDTLS_PRIVATE(I_key_identifier[MBEDTLS_LMOTS_I_KEY_ID_LEN]); /*!< The key unsigned char MBEDTLS_PRIVATE(I_key_identifier[MBEDTLS_LMOTS_I_KEY_ID_LEN]); /*!< The key
identifier. */ identifier. */
mbedtls_lmots_algorithm_type_t MBEDTLS_PRIVATE(otstype); /*!< The LM-OTS key type identifier as mbedtls_lmots_algorithm_type_t MBEDTLS_PRIVATE(otstype); /*!< The LM-OTS key type identifier as
per IANA. Only SHA256_N32_W8 is per IANA. Only SHA256_N32_W8 is
currently supported. */ currently supported. */
mbedtls_lms_algorithm_type_t MBEDTLS_PRIVATE(type); /*!< The LMS key type identifier as per mbedtls_lms_algorithm_type_t MBEDTLS_PRIVATE(type); /*!< The LMS key type identifier as per
IANA. Only SHA256_M32_H10 is currently IANA. Only SHA256_M32_H10 is currently
supported. */ supported. */
@ -182,7 +183,7 @@ typedef struct {
/** LMS public context structure. /** LMS public context structure.
* *
*A LMS public key is the hash output that is the root of the Merkle tree, and * A LMS public key is the hash output that is the root of the Merkle tree, and
* the applicable parameter set * the applicable parameter set
* *
* The context must be initialized before it is used. A public key must either * The context must be initialized before it is used. A public key must either
@ -201,9 +202,9 @@ typedef struct {
typedef struct { typedef struct {
mbedtls_lms_parameters_t MBEDTLS_PRIVATE(params); mbedtls_lms_parameters_t MBEDTLS_PRIVATE(params);
unsigned char MBEDTLS_PRIVATE(T_1_pub_key)[MBEDTLS_LMS_M_NODE_BYTES_MAX]; /*!< The public key, in unsigned char MBEDTLS_PRIVATE(T_1_pub_key)[MBEDTLS_LMS_M_NODE_BYTES_MAX]; /*!< The public key, in
the form of the Merkle tree root node. */ the form of the Merkle tree root node. */
unsigned char MBEDTLS_PRIVATE(have_public_key); /*!< Whether the context contains a public key. unsigned char MBEDTLS_PRIVATE(have_public_key); /*!< Whether the context contains a public key.
Boolean values only. */ Boolean values only. */
} mbedtls_lms_public_t; } mbedtls_lms_public_t;
@ -229,9 +230,9 @@ typedef struct {
uint32_t MBEDTLS_PRIVATE(q_next_usable_key); /*!< The index of the next OTS key that has not uint32_t MBEDTLS_PRIVATE(q_next_usable_key); /*!< The index of the next OTS key that has not
been used. */ been used. */
mbedtls_lmots_private_t *MBEDTLS_PRIVATE(ots_private_keys); /*!< The private key material. One OTS key mbedtls_lmots_private_t *MBEDTLS_PRIVATE(ots_private_keys); /*!< The private key material. One OTS key
for each leaf node in the Merkle tree. NULL for each leaf node in the Merkle tree. NULL
when have_private_key is 0 and non-NULL otherwise. when have_private_key is 0 and non-NULL otherwise.
is 2^MBEDTLS_LMS_H_TREE_HEIGHT(type) in length. */ is 2^MBEDTLS_LMS_H_TREE_HEIGHT(type) in length. */
mbedtls_lmots_public_t *MBEDTLS_PRIVATE(ots_public_keys); /*!< The OTS key public keys, used to mbedtls_lmots_public_t *MBEDTLS_PRIVATE(ots_public_keys); /*!< The OTS key public keys, used to
build the Merkle tree. NULL build the Merkle tree. NULL
when have_private_key is 0 and when have_private_key is 0 and
@ -239,7 +240,7 @@ typedef struct {
Is 2^MBEDTLS_LMS_H_TREE_HEIGHT(type) Is 2^MBEDTLS_LMS_H_TREE_HEIGHT(type)
in length. */ in length. */
unsigned char MBEDTLS_PRIVATE(have_private_key); /*!< Whether the context contains a private key. unsigned char MBEDTLS_PRIVATE(have_private_key); /*!< Whether the context contains a private key.
Boolean values only. */ Boolean values only. */
} mbedtls_lms_private_t; } mbedtls_lms_private_t;
#endif /* defined(MBEDTLS_LMS_PRIVATE) */ #endif /* defined(MBEDTLS_LMS_PRIVATE) */
@ -249,7 +250,7 @@ typedef struct {
* \param ctx The uninitialized LMS context that will then be * \param ctx The uninitialized LMS context that will then be
* initialized. * initialized.
*/ */
void mbedtls_lms_public_init( mbedtls_lms_public_t *ctx ); void mbedtls_lms_public_init(mbedtls_lms_public_t *ctx);
/** /**
* \brief This function uninitializes an LMS public context * \brief This function uninitializes an LMS public context
@ -257,7 +258,7 @@ void mbedtls_lms_public_init( mbedtls_lms_public_t *ctx );
* \param ctx The initialized LMS context that will then be * \param ctx The initialized LMS context that will then be
* uninitialized. * uninitialized.
*/ */
void mbedtls_lms_public_free( mbedtls_lms_public_t *ctx ); void mbedtls_lms_public_free(mbedtls_lms_public_t *ctx);
/** /**
* \brief This function imports an LMS public key into a * \brief This function imports an LMS public key into a
@ -278,8 +279,8 @@ void mbedtls_lms_public_free( mbedtls_lms_public_t *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_lms_import_public_key( mbedtls_lms_public_t *ctx, int mbedtls_lms_import_public_key(mbedtls_lms_public_t *ctx,
const unsigned char *key, size_t key_size ); const unsigned char *key, size_t key_size);
/** /**
* \brief This function exports an LMS public key from a * \brief This function exports an LMS public key from a
@ -304,9 +305,9 @@ int mbedtls_lms_import_public_key( mbedtls_lms_public_t *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_lms_export_public_key( const mbedtls_lms_public_t *ctx, int mbedtls_lms_export_public_key(const mbedtls_lms_public_t *ctx,
unsigned char *key, size_t key_size, unsigned char *key, size_t key_size,
size_t *key_len ); size_t *key_len);
/** /**
* \brief This function verifies a LMS signature, using a * \brief This function verifies a LMS signature, using a
@ -328,9 +329,9 @@ int mbedtls_lms_export_public_key( const mbedtls_lms_public_t *ctx,
* \return \c 0 on successful verification. * \return \c 0 on successful verification.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_lms_verify( const mbedtls_lms_public_t *ctx, int mbedtls_lms_verify(const mbedtls_lms_public_t *ctx,
const unsigned char *msg, size_t msg_size, const unsigned char *msg, size_t msg_size,
const unsigned char *sig, size_t sig_size ); const unsigned char *sig, size_t sig_size);
#if defined(MBEDTLS_LMS_PRIVATE) #if defined(MBEDTLS_LMS_PRIVATE)
/** /**
@ -338,7 +339,7 @@ int mbedtls_lms_verify( const mbedtls_lms_public_t *ctx,
* *
* \param ctx The uninitialized LMS private context that will * \param ctx The uninitialized LMS private context that will
* then be initialized. */ * then be initialized. */
void mbedtls_lms_private_init( mbedtls_lms_private_t *ctx ); void mbedtls_lms_private_init(mbedtls_lms_private_t *ctx);
/** /**
* \brief This function uninitializes an LMS private context * \brief This function uninitializes an LMS private context
@ -346,7 +347,7 @@ void mbedtls_lms_private_init( mbedtls_lms_private_t *ctx );
* \param ctx The initialized LMS private context that will then * \param ctx The initialized LMS private context that will then
* be uninitialized. * be uninitialized.
*/ */
void mbedtls_lms_private_free( mbedtls_lms_private_t *ctx ); void mbedtls_lms_private_free(mbedtls_lms_private_t *ctx);
/** /**
* \brief This function generates an LMS private key, and * \brief This function generates an LMS private key, and
@ -372,12 +373,12 @@ void mbedtls_lms_private_free( mbedtls_lms_private_t *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_lms_generate_private_key( mbedtls_lms_private_t *ctx, int mbedtls_lms_generate_private_key(mbedtls_lms_private_t *ctx,
mbedtls_lms_algorithm_type_t type, mbedtls_lms_algorithm_type_t type,
mbedtls_lmots_algorithm_type_t otstype, mbedtls_lmots_algorithm_type_t otstype,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void* p_rng, const unsigned char *seed, void *p_rng, const unsigned char *seed,
size_t seed_size ); size_t seed_size);
/** /**
* \brief This function calculates an LMS public key from a * \brief This function calculates an LMS public key from a
@ -397,8 +398,8 @@ int mbedtls_lms_generate_private_key( mbedtls_lms_private_t *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_lms_calculate_public_key( mbedtls_lms_public_t *ctx, int mbedtls_lms_calculate_public_key(mbedtls_lms_public_t *ctx,
const mbedtls_lms_private_t *priv_ctx ); const mbedtls_lms_private_t *priv_ctx);
/** /**
* \brief This function creates a LMS signature, using a * \brief This function creates a LMS signature, using a
@ -437,11 +438,11 @@ int mbedtls_lms_calculate_public_key( mbedtls_lms_public_t *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_lms_sign( mbedtls_lms_private_t *ctx, int mbedtls_lms_sign(mbedtls_lms_private_t *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void* p_rng, const unsigned char *msg, void *p_rng, const unsigned char *msg,
unsigned int msg_size, unsigned char *sig, size_t sig_size, unsigned int msg_size, unsigned char *sig, size_t sig_size,
size_t *sig_len ); size_t *sig_len);
#endif /* defined(MBEDTLS_LMS_PRIVATE) */ #endif /* defined(MBEDTLS_LMS_PRIVATE) */
#ifdef __cplusplus #ifdef __cplusplus

30
include/mbedtls/mbedtls_config.h
View File

@ -1688,21 +1688,21 @@
#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 #define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
/** /**
* \def MBEDTLS_SSL_EARLY_DATA * \def MBEDTLS_SSL_EARLY_DATA
* *
* Enable support for RFC 8446 TLS 1.3 early data. * Enable support for RFC 8446 TLS 1.3 early data.
* *
* Requires: MBEDTLS_SSL_SESSION_TICKETS and either * Requires: MBEDTLS_SSL_SESSION_TICKETS and either
* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or
* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED * MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
* *
* Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3 * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3
* is not enabled, this option does not have any effect on the build. * is not enabled, this option does not have any effect on the build.
* *
* This feature is experimental, not completed and thus not ready for * This feature is experimental, not completed and thus not ready for
* production. * production.
* *
*/ */
//#define MBEDTLS_SSL_EARLY_DATA //#define MBEDTLS_SSL_EARLY_DATA
/** /**

63
include/mbedtls/md.h
View File

@ -1,4 +1,4 @@
/** /**
* \file md.h * \file md.h
* *
* \brief This file contains the generic message-digest wrapper. * \brief This file contains the generic message-digest wrapper.
@ -96,8 +96,7 @@ typedef struct mbedtls_md_info_t mbedtls_md_info_t;
/** /**
* The generic message-digest context. * The generic message-digest context.
*/ */
typedef struct mbedtls_md_context_t typedef struct mbedtls_md_context_t {
{
/** Information about the associated message digest. */ /** Information about the associated message digest. */
const mbedtls_md_info_t *MBEDTLS_PRIVATE(md_info); const mbedtls_md_info_t *MBEDTLS_PRIVATE(md_info);
@ -119,7 +118,7 @@ typedef struct mbedtls_md_context_t
* message-digest enumeration #mbedtls_md_type_t. * message-digest enumeration #mbedtls_md_type_t.
* The last entry is 0. * The last entry is 0.
*/ */
const int *mbedtls_md_list( void ); const int *mbedtls_md_list(void);
/** /**
* \brief This function returns the message-digest information * \brief This function returns the message-digest information
@ -130,7 +129,7 @@ const int *mbedtls_md_list( void );
* \return The message-digest information associated with \p md_name. * \return The message-digest information associated with \p md_name.
* \return NULL if the associated message-digest information is not found. * \return NULL if the associated message-digest information is not found.
*/ */
const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name);
/** /**
* \brief This function returns the message-digest information * \brief This function returns the message-digest information
@ -141,7 +140,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
* \return The message-digest information associated with \p md_type. * \return The message-digest information associated with \p md_type.
* \return NULL if the associated message-digest information is not found. * \return NULL if the associated message-digest information is not found.
*/ */
const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type);
/** /**
* \brief This function returns the message-digest information * \brief This function returns the message-digest information
@ -154,7 +153,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
* \return \c NULL if \p ctx is \c NULL. * \return \c NULL if \p ctx is \c NULL.
*/ */
const mbedtls_md_info_t *mbedtls_md_info_from_ctx( const mbedtls_md_info_t *mbedtls_md_info_from_ctx(
const mbedtls_md_context_t *ctx ); const mbedtls_md_context_t *ctx);
/** /**
* \brief This function initializes a message-digest context without * \brief This function initializes a message-digest context without
@ -164,7 +163,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_ctx(
* context for mbedtls_md_setup() for binding it to a * context for mbedtls_md_setup() for binding it to a
* message-digest algorithm. * message-digest algorithm.
*/ */
void mbedtls_md_init( mbedtls_md_context_t *ctx ); void mbedtls_md_init(mbedtls_md_context_t *ctx);
/** /**
* \brief This function clears the internal structure of \p ctx and * \brief This function clears the internal structure of \p ctx and
@ -179,7 +178,7 @@ void mbedtls_md_init( mbedtls_md_context_t *ctx );
* You must not call this function if you have not called * You must not call this function if you have not called
* mbedtls_md_init(). * mbedtls_md_init().
*/ */
void mbedtls_md_free( mbedtls_md_context_t *ctx ); void mbedtls_md_free(mbedtls_md_context_t *ctx);
/** /**
@ -202,7 +201,7 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx );
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ); int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac);
/** /**
* \brief This function clones the state of a message-digest * \brief This function clones the state of a message-digest
@ -224,8 +223,8 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_clone( mbedtls_md_context_t *dst, int mbedtls_md_clone(mbedtls_md_context_t *dst,
const mbedtls_md_context_t *src ); const mbedtls_md_context_t *src);
/** /**
* \brief This function extracts the message-digest size from the * \brief This function extracts the message-digest size from the
@ -236,7 +235,7 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst,
* *
* \return The size of the message-digest output in Bytes. * \return The size of the message-digest output in Bytes.
*/ */
unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info);
/** /**
* \brief This function extracts the message-digest type from the * \brief This function extracts the message-digest type from the
@ -247,7 +246,7 @@ unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
* *
* \return The type of the message digest. * \return The type of the message digest.
*/ */
mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info);
/** /**
* \brief This function extracts the message-digest name from the * \brief This function extracts the message-digest name from the
@ -258,7 +257,7 @@ mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
* *
* \return The name of the message digest. * \return The name of the message digest.
*/ */
const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info);
/** /**
* \brief This function starts a message-digest computation. * \brief This function starts a message-digest computation.
@ -274,7 +273,7 @@ const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_starts( mbedtls_md_context_t *ctx ); int mbedtls_md_starts(mbedtls_md_context_t *ctx);
/** /**
* \brief This function feeds an input buffer into an ongoing * \brief This function feeds an input buffer into an ongoing
@ -293,7 +292,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx );
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ); int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen);
/** /**
* \brief This function finishes the digest operation, * \brief This function finishes the digest operation,
@ -314,7 +313,7 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output);
/** /**
* \brief This function calculates the message-digest of a buffer, * \brief This function calculates the message-digest of a buffer,
@ -335,8 +334,8 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output ); unsigned char *output);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -357,8 +356,8 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
/** /**
@ -380,8 +379,8 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, int mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const unsigned char *key,
size_t keylen ); size_t keylen);
/** /**
* \brief This function feeds an input buffer into an ongoing HMAC * \brief This function feeds an input buffer into an ongoing HMAC
@ -403,8 +402,8 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, int mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief This function finishes the HMAC operation, and writes * \brief This function finishes the HMAC operation, and writes
@ -425,7 +424,7 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output); int mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, unsigned char *output);
/** /**
* \brief This function prepares to authenticate a new message with * \brief This function prepares to authenticate a new message with
@ -443,7 +442,7 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output);
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); int mbedtls_md_hmac_reset(mbedtls_md_context_t *ctx);
/** /**
* \brief This function calculates the full generic HMAC * \brief This function calculates the full generic HMAC
@ -468,13 +467,13 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
* failure. * failure.
*/ */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output ); unsigned char *output);
/* Internal use */ /* Internal use */
MBEDTLS_CHECK_RETURN_TYPICAL MBEDTLS_CHECK_RETURN_TYPICAL
int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ); int mbedtls_md_process(mbedtls_md_context_t *ctx, const unsigned char *data);
#ifdef __cplusplus #ifdef __cplusplus
} }

35
include/mbedtls/md5.h
View File

@ -48,8 +48,7 @@ extern "C" {
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
typedef struct mbedtls_md5_context typedef struct mbedtls_md5_context {
{
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */ uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */
uint32_t MBEDTLS_PRIVATE(state)[4]; /*!< intermediate digest state */ uint32_t MBEDTLS_PRIVATE(state)[4]; /*!< intermediate digest state */
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */ unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */
@ -70,7 +69,7 @@ mbedtls_md5_context;
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
void mbedtls_md5_init( mbedtls_md5_context *ctx ); void mbedtls_md5_init(mbedtls_md5_context *ctx);
/** /**
* \brief Clear MD5 context * \brief Clear MD5 context
@ -82,7 +81,7 @@ void mbedtls_md5_init( mbedtls_md5_context *ctx );
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
void mbedtls_md5_free( mbedtls_md5_context *ctx ); void mbedtls_md5_free(mbedtls_md5_context *ctx);
/** /**
* \brief Clone (the state of) an MD5 context * \brief Clone (the state of) an MD5 context
@ -95,8 +94,8 @@ void mbedtls_md5_free( mbedtls_md5_context *ctx );
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
void mbedtls_md5_clone( mbedtls_md5_context *dst, void mbedtls_md5_clone(mbedtls_md5_context *dst,
const mbedtls_md5_context *src ); const mbedtls_md5_context *src);
/** /**
* \brief MD5 context setup * \brief MD5 context setup
@ -110,7 +109,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
int mbedtls_md5_starts( mbedtls_md5_context *ctx ); int mbedtls_md5_starts(mbedtls_md5_context *ctx);
/** /**
* \brief MD5 process buffer * \brief MD5 process buffer
@ -126,9 +125,9 @@ int mbedtls_md5_starts( mbedtls_md5_context *ctx );
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
int mbedtls_md5_update( mbedtls_md5_context *ctx, int mbedtls_md5_update(mbedtls_md5_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief MD5 final digest * \brief MD5 final digest
@ -143,8 +142,8 @@ int mbedtls_md5_update( mbedtls_md5_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
int mbedtls_md5_finish( mbedtls_md5_context *ctx, int mbedtls_md5_finish(mbedtls_md5_context *ctx,
unsigned char output[16] ); unsigned char output[16]);
/** /**
* \brief MD5 process data block (internal use only) * \brief MD5 process data block (internal use only)
@ -159,8 +158,8 @@ int mbedtls_md5_finish( mbedtls_md5_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, int mbedtls_internal_md5_process(mbedtls_md5_context *ctx,
const unsigned char data[64] ); const unsigned char data[64]);
/** /**
* \brief Output = MD5( input buffer ) * \brief Output = MD5( input buffer )
@ -176,9 +175,9 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
int mbedtls_md5( const unsigned char *input, int mbedtls_md5(const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char output[16] ); unsigned char output[16]);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -192,7 +191,7 @@ int mbedtls_md5( const unsigned char *input,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
int mbedtls_md5_self_test( int verbose ); int mbedtls_md5_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

23
include/mbedtls/memory_buffer_alloc.h
View File

@ -43,7 +43,8 @@
#define MBEDTLS_MEMORY_VERIFY_NONE 0 #define MBEDTLS_MEMORY_VERIFY_NONE 0
#define MBEDTLS_MEMORY_VERIFY_ALLOC (1 << 0) #define MBEDTLS_MEMORY_VERIFY_ALLOC (1 << 0)
#define MBEDTLS_MEMORY_VERIFY_FREE (1 << 1) #define MBEDTLS_MEMORY_VERIFY_FREE (1 << 1)
#define MBEDTLS_MEMORY_VERIFY_ALWAYS (MBEDTLS_MEMORY_VERIFY_ALLOC | MBEDTLS_MEMORY_VERIFY_FREE) #define MBEDTLS_MEMORY_VERIFY_ALWAYS (MBEDTLS_MEMORY_VERIFY_ALLOC | \
MBEDTLS_MEMORY_VERIFY_FREE)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -64,12 +65,12 @@ extern "C" {
* \param buf buffer to use as heap * \param buf buffer to use as heap
* \param len size of the buffer * \param len size of the buffer
*/ */
void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len ); void mbedtls_memory_buffer_alloc_init(unsigned char *buf, size_t len);
/** /**
* \brief Free the mutex for thread-safety and clear remaining memory * \brief Free the mutex for thread-safety and clear remaining memory
*/ */
void mbedtls_memory_buffer_alloc_free( void ); void mbedtls_memory_buffer_alloc_free(void);
/** /**
* \brief Determine when the allocator should automatically verify the state * \brief Determine when the allocator should automatically verify the state
@ -79,7 +80,7 @@ void mbedtls_memory_buffer_alloc_free( void );
* \param verify One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC, * \param verify One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC,
* MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS * MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS
*/ */
void mbedtls_memory_buffer_set_verify( int verify ); void mbedtls_memory_buffer_set_verify(int verify);
#if defined(MBEDTLS_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
/** /**
@ -88,7 +89,7 @@ void mbedtls_memory_buffer_set_verify( int verify );
* Prints out a list of 'still allocated' blocks and their stack * Prints out a list of 'still allocated' blocks and their stack
* trace if MBEDTLS_MEMORY_BACKTRACE is defined. * trace if MBEDTLS_MEMORY_BACKTRACE is defined.
*/ */
void mbedtls_memory_buffer_alloc_status( void ); void mbedtls_memory_buffer_alloc_status(void);
/** /**
* \brief Get the number of alloc/free so far. * \brief Get the number of alloc/free so far.
@ -96,7 +97,7 @@ void mbedtls_memory_buffer_alloc_status( void );
* \param alloc_count Number of allocations. * \param alloc_count Number of allocations.
* \param free_count Number of frees. * \param free_count Number of frees.
*/ */
void mbedtls_memory_buffer_alloc_count_get( size_t *alloc_count, size_t *free_count ); void mbedtls_memory_buffer_alloc_count_get(size_t *alloc_count, size_t *free_count);
/** /**
* \brief Get the peak heap usage so far * \brief Get the peak heap usage so far
@ -106,12 +107,12 @@ void mbedtls_memory_buffer_alloc_count_get( size_t *alloc_count, size_t *free_co
* into smaller blocks but larger than the requested size. * into smaller blocks but larger than the requested size.
* \param max_blocks Peak number of blocks in use, including free and used * \param max_blocks Peak number of blocks in use, including free and used
*/ */
void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ); void mbedtls_memory_buffer_alloc_max_get(size_t *max_used, size_t *max_blocks);
/** /**
* \brief Reset peak statistics * \brief Reset peak statistics
*/ */
void mbedtls_memory_buffer_alloc_max_reset( void ); void mbedtls_memory_buffer_alloc_max_reset(void);
/** /**
* \brief Get the current heap usage * \brief Get the current heap usage
@ -121,7 +122,7 @@ void mbedtls_memory_buffer_alloc_max_reset( void );
* into smaller blocks but larger than the requested size. * into smaller blocks but larger than the requested size.
* \param cur_blocks Current number of blocks in use, including free and used * \param cur_blocks Current number of blocks in use, including free and used
*/ */
void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ); void mbedtls_memory_buffer_alloc_cur_get(size_t *cur_used, size_t *cur_blocks);
#endif /* MBEDTLS_MEMORY_DEBUG */ #endif /* MBEDTLS_MEMORY_DEBUG */
/** /**
@ -135,7 +136,7 @@ void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks )
* *
* \return 0 if verified, 1 otherwise * \return 0 if verified, 1 otherwise
*/ */
int mbedtls_memory_buffer_alloc_verify( void ); int mbedtls_memory_buffer_alloc_verify(void);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
@ -143,7 +144,7 @@ int mbedtls_memory_buffer_alloc_verify( void );
* *
* \return 0 if successful, or 1 if a test failed * \return 0 if successful, or 1 if a test failed
*/ */
int mbedtls_memory_buffer_alloc_self_test( int verbose ); int mbedtls_memory_buffer_alloc_self_test(int verbose);
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

35
include/mbedtls/net_sockets.h
View File

@ -92,8 +92,7 @@ extern "C" {
* (eg two file descriptors for combined IPv4 + IPv6 support, or additional * (eg two file descriptors for combined IPv4 + IPv6 support, or additional
* structures for hand-made UDP demultiplexing). * structures for hand-made UDP demultiplexing).
*/ */
typedef struct mbedtls_net_context typedef struct mbedtls_net_context {
{
/** The underlying file descriptor. /** The underlying file descriptor.
* *
* This field is only guaranteed to be present on POSIX/Unix-like platforms. * This field is only guaranteed to be present on POSIX/Unix-like platforms.
@ -110,7 +109,7 @@ mbedtls_net_context;
* *
* \param ctx Context to initialize * \param ctx Context to initialize
*/ */
void mbedtls_net_init( mbedtls_net_context *ctx ); void mbedtls_net_init(mbedtls_net_context *ctx);
/** /**
* \brief Initiate a connection with host:port in the given protocol * \brief Initiate a connection with host:port in the given protocol
@ -127,7 +126,7 @@ void mbedtls_net_init( mbedtls_net_context *ctx );
* *
* \note Sets the socket in connected mode even with UDP. * \note Sets the socket in connected mode even with UDP.
*/ */
int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto ); int mbedtls_net_connect(mbedtls_net_context *ctx, const char *host, const char *port, int proto);
/** /**
* \brief Create a receiving socket on bind_ip:port in the chosen * \brief Create a receiving socket on bind_ip:port in the chosen
@ -147,7 +146,7 @@ int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char
* \note Regardless of the protocol, opens the sockets and binds it. * \note Regardless of the protocol, opens the sockets and binds it.
* In addition, make the socket listening if protocol is TCP. * In addition, make the socket listening if protocol is TCP.
*/ */
int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ); int mbedtls_net_bind(mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto);
/** /**
* \brief Accept a connection from a remote client * \brief Accept a connection from a remote client
@ -167,9 +166,9 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char
* MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to * MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to
* non-blocking and accept() would block. * non-blocking and accept() would block.
*/ */
int mbedtls_net_accept( mbedtls_net_context *bind_ctx, int mbedtls_net_accept(mbedtls_net_context *bind_ctx,
mbedtls_net_context *client_ctx, mbedtls_net_context *client_ctx,
void *client_ip, size_t buf_size, size_t *ip_len ); void *client_ip, size_t buf_size, size_t *ip_len);
/** /**
* \brief Check and wait for the context to be ready for read/write * \brief Check and wait for the context to be ready for read/write
@ -196,7 +195,7 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
* \return Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE * \return Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE
* on success or timeout, or a negative return code otherwise. * on success or timeout, or a negative return code otherwise.
*/ */
int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ); int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout);
/** /**
* \brief Set the socket blocking * \brief Set the socket blocking
@ -205,7 +204,7 @@ int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout );
* *
* \return 0 if successful, or a non-zero error code * \return 0 if successful, or a non-zero error code
*/ */
int mbedtls_net_set_block( mbedtls_net_context *ctx ); int mbedtls_net_set_block(mbedtls_net_context *ctx);
/** /**
* \brief Set the socket non-blocking * \brief Set the socket non-blocking
@ -214,7 +213,7 @@ int mbedtls_net_set_block( mbedtls_net_context *ctx );
* *
* \return 0 if successful, or a non-zero error code * \return 0 if successful, or a non-zero error code
*/ */
int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ); int mbedtls_net_set_nonblock(mbedtls_net_context *ctx);
/** /**
* \brief Portable usleep helper * \brief Portable usleep helper
@ -224,7 +223,7 @@ int mbedtls_net_set_nonblock( mbedtls_net_context *ctx );
* \note Real amount of time slept will not be less than * \note Real amount of time slept will not be less than
* select()'s timeout granularity (typically, 10ms). * select()'s timeout granularity (typically, 10ms).
*/ */
void mbedtls_net_usleep( unsigned long usec ); void mbedtls_net_usleep(unsigned long usec);
/** /**
* \brief Read at most 'len' characters. If no error occurs, * \brief Read at most 'len' characters. If no error occurs,
@ -238,7 +237,7 @@ void mbedtls_net_usleep( unsigned long usec );
* or a non-zero error code; with a non-blocking socket, * or a non-zero error code; with a non-blocking socket,
* MBEDTLS_ERR_SSL_WANT_READ indicates read() would block. * MBEDTLS_ERR_SSL_WANT_READ indicates read() would block.
*/ */
int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ); int mbedtls_net_recv(void *ctx, unsigned char *buf, size_t len);
/** /**
* \brief Write at most 'len' characters. If no error occurs, * \brief Write at most 'len' characters. If no error occurs,
@ -252,7 +251,7 @@ int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len );
* or a non-zero error code; with a non-blocking socket, * or a non-zero error code; with a non-blocking socket,
* MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block. * MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block.
*/ */
int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ); int mbedtls_net_send(void *ctx, const unsigned char *buf, size_t len);
/** /**
* \brief Read at most 'len' characters, blocking for at most * \brief Read at most 'len' characters, blocking for at most
@ -280,22 +279,22 @@ int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len );
* non-blocking. Handling timeouts with non-blocking reads * non-blocking. Handling timeouts with non-blocking reads
* requires a different strategy. * requires a different strategy.
*/ */
int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len, int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, size_t len,
uint32_t timeout ); uint32_t timeout);
/** /**
* \brief Closes down the connection and free associated data * \brief Closes down the connection and free associated data
* *
* \param ctx The context to close * \param ctx The context to close
*/ */
void mbedtls_net_close( mbedtls_net_context *ctx ); void mbedtls_net_close(mbedtls_net_context *ctx);
/** /**
* \brief Gracefully shutdown the connection and free associated data * \brief Gracefully shutdown the connection and free associated data
* *
* \param ctx The context to free * \param ctx The context to free
*/ */
void mbedtls_net_free( mbedtls_net_context *ctx ); void mbedtls_net_free(mbedtls_net_context *ctx);
#ifdef __cplusplus #ifdef __cplusplus
} }

31
include/mbedtls/nist_kw.h
View File

@ -44,8 +44,7 @@
extern "C" { extern "C" {
#endif #endif
typedef enum typedef enum {
{
MBEDTLS_KW_MODE_KW = 0, MBEDTLS_KW_MODE_KW = 0,
MBEDTLS_KW_MODE_KWP = 1 MBEDTLS_KW_MODE_KWP = 1
} mbedtls_nist_kw_mode_t; } mbedtls_nist_kw_mode_t;
@ -77,7 +76,7 @@ typedef struct {
* \param ctx The key wrapping context to initialize. * \param ctx The key wrapping context to initialize.
* *
*/ */
void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx ); void mbedtls_nist_kw_init(mbedtls_nist_kw_context *ctx);
/** /**
* \brief This function initializes the key wrapping context set in the * \brief This function initializes the key wrapping context set in the
@ -95,11 +94,11 @@ void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx );
* which are not supported. * which are not supported.
* \return cipher-specific error code on failure of the underlying cipher. * \return cipher-specific error code on failure of the underlying cipher.
*/ */
int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx,
mbedtls_cipher_id_t cipher, mbedtls_cipher_id_t cipher,
const unsigned char *key, const unsigned char *key,
unsigned int keybits, unsigned int keybits,
const int is_wrap ); const int is_wrap);
/** /**
* \brief This function releases and clears the specified key wrapping context * \brief This function releases and clears the specified key wrapping context
@ -107,7 +106,7 @@ int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx,
* *
* \param ctx The key wrapping context to clear. * \param ctx The key wrapping context to clear.
*/ */
void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx ); void mbedtls_nist_kw_free(mbedtls_nist_kw_context *ctx);
/** /**
* \brief This function encrypts a buffer using key wrapping. * \brief This function encrypts a buffer using key wrapping.
@ -130,9 +129,9 @@ void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx );
* \return \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length. * \return \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length.
* \return cipher-specific error code on failure of the underlying cipher. * \return cipher-specific error code on failure of the underlying cipher.
*/ */
int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode, int mbedtls_nist_kw_wrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
const unsigned char *input, size_t in_len, const unsigned char *input, size_t in_len,
unsigned char *output, size_t* out_len, size_t out_size ); unsigned char *output, size_t *out_len, size_t out_size);
/** /**
* \brief This function decrypts a buffer using key wrapping. * \brief This function decrypts a buffer using key wrapping.
@ -157,9 +156,9 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t m
* \return \c MBEDTLS_ERR_CIPHER_AUTH_FAILED for verification failure of the ciphertext. * \return \c MBEDTLS_ERR_CIPHER_AUTH_FAILED for verification failure of the ciphertext.
* \return cipher-specific error code on failure of the underlying cipher. * \return cipher-specific error code on failure of the underlying cipher.
*/ */
int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode, int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
const unsigned char *input, size_t in_len, const unsigned char *input, size_t in_len,
unsigned char *output, size_t* out_len, size_t out_size); unsigned char *output, size_t *out_len, size_t out_size);
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
@ -169,7 +168,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_nist_kw_self_test( int verbose ); int mbedtls_nist_kw_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
#ifdef __cplusplus #ifdef __cplusplus

69
include/mbedtls/oid.h
View File

@ -77,10 +77,10 @@
#define MBEDTLS_OID_COUNTRY_US "\x86\x48" /* {us(840)} */ #define MBEDTLS_OID_COUNTRY_US "\x86\x48" /* {us(840)} */
#define MBEDTLS_OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */ #define MBEDTLS_OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */
#define MBEDTLS_OID_RSA_COMPANY MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \ #define MBEDTLS_OID_RSA_COMPANY MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */ MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
#define MBEDTLS_OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */ #define MBEDTLS_OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */
#define MBEDTLS_OID_ANSI_X9_62 MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \ #define MBEDTLS_OID_ANSI_X9_62 MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
MBEDTLS_OID_ORG_ANSI_X9_62 MBEDTLS_OID_ORG_ANSI_X9_62
/* /*
* ISO Identified organization OID parts * ISO Identified organization OID parts
@ -91,15 +91,18 @@
#define MBEDTLS_OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG "\x02" #define MBEDTLS_OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG "\x02"
#define MBEDTLS_OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_ALG "\x1a" #define MBEDTLS_OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_ALG "\x1a"
#define MBEDTLS_OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */ #define MBEDTLS_OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */
#define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_CERTICOM #define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG \
MBEDTLS_OID_ORG_CERTICOM
#define MBEDTLS_OID_ORG_TELETRUST "\x24" /* teletrust(36) */ #define MBEDTLS_OID_ORG_TELETRUST "\x24" /* teletrust(36) */
#define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_TELETRUST #define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG \
MBEDTLS_OID_ORG_TELETRUST
/* /*
* ISO ITU OID parts * ISO ITU OID parts
*/ */
#define MBEDTLS_OID_ORGANIZATION "\x01" /* {organization(1)} */ #define MBEDTLS_OID_ORGANIZATION "\x01" /* {organization(1)} */
#define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */ #define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US \
MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */
#define MBEDTLS_OID_ORG_GOV "\x65" /* {gov(101)} */ #define MBEDTLS_OID_ORG_GOV "\x65" /* {gov(101)} */
#define MBEDTLS_OID_GOV MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */ #define MBEDTLS_OID_GOV MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */
@ -117,7 +120,8 @@
* { iso(1) identified-organization(3) dod(6) internet(1) * { iso(1) identified-organization(3) dod(6) internet(1)
* security(5) mechanisms(5) pkix(7) } * security(5) mechanisms(5) pkix(7) }
*/ */
#define MBEDTLS_OID_INTERNET MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01" #define MBEDTLS_OID_INTERNET MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD \
"\x01"
#define MBEDTLS_OID_PKIX MBEDTLS_OID_INTERNET "\x05\x05\x07" #define MBEDTLS_OID_PKIX MBEDTLS_OID_INTERNET "\x05\x05\x07"
/* /*
@ -247,7 +251,8 @@
* Digest algorithms * Digest algorithms
*/ */
#define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */ #define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG \
MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA256 MBEDTLS_OID_NIST_ALG "\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA256 MBEDTLS_OID_NIST_ALG "\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */
@ -270,7 +275,8 @@
/* /*
* Encryption algorithms * Encryption algorithms
*/ */
#define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */ #define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG \
MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */
#define MBEDTLS_OID_DES_EDE3_CBC MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */ #define MBEDTLS_OID_DES_EDE3_CBC MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */
#define MBEDTLS_OID_AES MBEDTLS_OID_NIST_ALG "\x01" /** aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1 } */ #define MBEDTLS_OID_AES MBEDTLS_OID_NIST_ALG "\x01" /** aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1 } */
@ -438,8 +444,7 @@ extern "C" {
/** /**
* \brief Base OID descriptor structure * \brief Base OID descriptor structure
*/ */
typedef struct mbedtls_oid_descriptor_t typedef struct mbedtls_oid_descriptor_t {
{
const char *MBEDTLS_PRIVATE(asn1); /*!< OID ASN.1 representation */ const char *MBEDTLS_PRIVATE(asn1); /*!< OID ASN.1 representation */
size_t MBEDTLS_PRIVATE(asn1_len); /*!< length of asn1 */ size_t MBEDTLS_PRIVATE(asn1_len); /*!< length of asn1 */
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
@ -459,7 +464,7 @@ typedef struct mbedtls_oid_descriptor_t
* \return Length of the string written (excluding final NULL) or * \return Length of the string written (excluding final NULL) or
* MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error * MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error
*/ */
int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid ); int mbedtls_oid_get_numeric_string(char *buf, size_t size, const mbedtls_asn1_buf *oid);
/** /**
* \brief Translate an X.509 extension OID into local values * \brief Translate an X.509 extension OID into local values
@ -469,7 +474,7 @@ int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_b
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type ); int mbedtls_oid_get_x509_ext_type(const mbedtls_asn1_buf *oid, int *ext_type);
/** /**
* \brief Translate an X.509 attribute type OID into the short name * \brief Translate an X.509 attribute type OID into the short name
@ -480,7 +485,7 @@ int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type );
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **short_name ); int mbedtls_oid_get_attr_short_name(const mbedtls_asn1_buf *oid, const char **short_name);
/** /**
* \brief Translate PublicKeyAlgorithm OID into pk_type * \brief Translate PublicKeyAlgorithm OID into pk_type
@ -490,7 +495,7 @@ int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **s
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg ); int mbedtls_oid_get_pk_alg(const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg);
/** /**
* \brief Translate pk_type into PublicKeyAlgorithm OID * \brief Translate pk_type into PublicKeyAlgorithm OID
@ -501,8 +506,8 @@ int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_a
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg, int mbedtls_oid_get_oid_by_pk_alg(mbedtls_pk_type_t pk_alg,
const char **oid, size_t *olen ); const char **oid, size_t *olen);
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_C)
/** /**
@ -513,7 +518,7 @@ int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg,
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id ); int mbedtls_oid_get_ec_grp(const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id);
/** /**
* \brief Translate EC group identifier into NamedCurve OID * \brief Translate EC group identifier into NamedCurve OID
@ -524,8 +529,8 @@ int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *g
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id, int mbedtls_oid_get_oid_by_ec_grp(mbedtls_ecp_group_id grp_id,
const char **oid, size_t *olen ); const char **oid, size_t *olen);
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
/** /**
@ -537,8 +542,8 @@ int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id,
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid, int mbedtls_oid_get_sig_alg(const mbedtls_asn1_buf *oid,
mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg ); mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg);
/** /**
* \brief Translate SignatureAlgorithm OID into description * \brief Translate SignatureAlgorithm OID into description
@ -548,7 +553,7 @@ int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid,
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc ); int mbedtls_oid_get_sig_alg_desc(const mbedtls_asn1_buf *oid, const char **desc);
/** /**
* \brief Translate md_type and pk_type into SignatureAlgorithm OID * \brief Translate md_type and pk_type into SignatureAlgorithm OID
@ -560,8 +565,8 @@ int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, int mbedtls_oid_get_oid_by_sig_alg(mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
const char **oid, size_t *olen ); const char **oid, size_t *olen);
/** /**
* \brief Translate hmac algorithm OID into md_type * \brief Translate hmac algorithm OID into md_type
@ -571,7 +576,7 @@ int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac ); int mbedtls_oid_get_md_hmac(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac);
/** /**
* \brief Translate hash algorithm OID into md_type * \brief Translate hash algorithm OID into md_type
@ -581,7 +586,7 @@ int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg ); int mbedtls_oid_get_md_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg);
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
/** /**
@ -592,7 +597,7 @@ int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_a
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc ); int mbedtls_oid_get_extended_key_usage(const mbedtls_asn1_buf *oid, const char **desc);
#endif #endif
/** /**
@ -603,7 +608,7 @@ int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const char **desc ); int mbedtls_oid_get_certificate_policies(const mbedtls_asn1_buf *oid, const char **desc);
/** /**
* \brief Translate md_type into hash algorithm OID * \brief Translate md_type into hash algorithm OID
@ -614,7 +619,7 @@ int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const cha
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_t *olen ); int mbedtls_oid_get_oid_by_md(mbedtls_md_type_t md_alg, const char **oid, size_t *olen);
#if defined(MBEDTLS_CIPHER_C) #if defined(MBEDTLS_CIPHER_C)
/** /**
@ -625,7 +630,7 @@ int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg ); int mbedtls_oid_get_cipher_alg(const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg);
#endif /* MBEDTLS_CIPHER_C */ #endif /* MBEDTLS_CIPHER_C */
#if defined(MBEDTLS_PKCS12_C) #if defined(MBEDTLS_PKCS12_C)
@ -639,8 +644,8 @@ int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type
* *
* \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int mbedtls_oid_get_pkcs12_pbe_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg, int mbedtls_oid_get_pkcs12_pbe_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg,
mbedtls_cipher_type_t *cipher_alg ); mbedtls_cipher_type_t *cipher_alg);
#endif /* MBEDTLS_PKCS12_C */ #endif /* MBEDTLS_PKCS12_C */
#ifdef __cplusplus #ifdef __cplusplus

25
include/mbedtls/pem.h
View File

@ -61,8 +61,7 @@ extern "C" {
/** /**
* \brief PEM context structure * \brief PEM context structure
*/ */
typedef struct mbedtls_pem_context typedef struct mbedtls_pem_context {
{
unsigned char *MBEDTLS_PRIVATE(buf); /*!< buffer for decoded data */ unsigned char *MBEDTLS_PRIVATE(buf); /*!< buffer for decoded data */
size_t MBEDTLS_PRIVATE(buflen); /*!< length of the buffer */ size_t MBEDTLS_PRIVATE(buflen); /*!< length of the buffer */
unsigned char *MBEDTLS_PRIVATE(info); /*!< buffer for extra header information */ unsigned char *MBEDTLS_PRIVATE(info); /*!< buffer for extra header information */
@ -74,7 +73,7 @@ mbedtls_pem_context;
* *
* \param ctx context to be initialized * \param ctx context to be initialized
*/ */
void mbedtls_pem_init( mbedtls_pem_context *ctx ); void mbedtls_pem_init(mbedtls_pem_context *ctx);
/** /**
* \brief Read a buffer for PEM information and store the resulting * \brief Read a buffer for PEM information and store the resulting
@ -102,10 +101,10 @@ void mbedtls_pem_init( mbedtls_pem_context *ctx );
* *
* \return 0 on success, or a specific PEM error code * \return 0 on success, or a specific PEM error code
*/ */
int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer, int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const char *footer,
const unsigned char *data, const unsigned char *data,
const unsigned char *pwd, const unsigned char *pwd,
size_t pwdlen, size_t *use_len ); size_t pwdlen, size_t *use_len);
/** /**
* \brief Get the pointer to the decoded binary data in a PEM context. * \brief Get the pointer to the decoded binary data in a PEM context.
@ -119,10 +118,10 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
* \note The returned pointer remains valid only until \p ctx is * \note The returned pointer remains valid only until \p ctx is
modified or freed. modified or freed.
*/ */
static inline const unsigned char *mbedtls_pem_get_buffer( mbedtls_pem_context *ctx, size_t *buflen ) static inline const unsigned char *mbedtls_pem_get_buffer(mbedtls_pem_context *ctx, size_t *buflen)
{ {
*buflen = ctx->MBEDTLS_PRIVATE(buflen); *buflen = ctx->MBEDTLS_PRIVATE(buflen);
return( ctx->MBEDTLS_PRIVATE(buf) ); return ctx->MBEDTLS_PRIVATE(buf);
} }
@ -131,7 +130,7 @@ static inline const unsigned char *mbedtls_pem_get_buffer( mbedtls_pem_context *
* *
* \param ctx context to be freed * \param ctx context to be freed
*/ */
void mbedtls_pem_free( mbedtls_pem_context *ctx ); void mbedtls_pem_free(mbedtls_pem_context *ctx);
#endif /* MBEDTLS_PEM_PARSE_C */ #endif /* MBEDTLS_PEM_PARSE_C */
#if defined(MBEDTLS_PEM_WRITE_C) #if defined(MBEDTLS_PEM_WRITE_C)
@ -161,9 +160,9 @@ void mbedtls_pem_free( mbedtls_pem_context *ctx );
* the required minimum size of \p buf. * the required minimum size of \p buf.
* \return Another PEM or BASE64 error code on other kinds of failure. * \return Another PEM or BASE64 error code on other kinds of failure.
*/ */
int mbedtls_pem_write_buffer( const char *header, const char *footer, int mbedtls_pem_write_buffer(const char *header, const char *footer,
const unsigned char *der_data, size_t der_len, const unsigned char *der_data, size_t der_len,
unsigned char *buf, size_t buf_len, size_t *olen ); unsigned char *buf, size_t buf_len, size_t *olen);
#endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#ifdef __cplusplus #ifdef __cplusplus

234
include/mbedtls/pk.h
View File

@ -97,8 +97,7 @@ typedef enum {
* \brief Options for RSASSA-PSS signature verification. * \brief Options for RSASSA-PSS signature verification.
* See \c mbedtls_rsa_rsassa_pss_verify_ext() * See \c mbedtls_rsa_rsassa_pss_verify_ext()
*/ */
typedef struct mbedtls_pk_rsassa_pss_options typedef struct mbedtls_pk_rsassa_pss_options {
{
mbedtls_md_type_t MBEDTLS_PRIVATE(mgf1_hash_id); mbedtls_md_type_t MBEDTLS_PRIVATE(mgf1_hash_id);
int MBEDTLS_PRIVATE(expected_salt_len); int MBEDTLS_PRIVATE(expected_salt_len);
@ -118,7 +117,7 @@ typedef struct mbedtls_pk_rsassa_pss_options
*/ */
#define MBEDTLS_PK_SIGNATURE_MAX_SIZE 0 #define MBEDTLS_PK_SIGNATURE_MAX_SIZE 0
#if ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT) ) && \ #if (defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT)) && \
MBEDTLS_MPI_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE
/* For RSA, the signature can be as large as the bignum module allows. /* For RSA, the signature can be as large as the bignum module allows.
* For RSA_ALT, the signature size is not necessarily tied to what the * For RSA_ALT, the signature size is not necessarily tied to what the
@ -152,15 +151,14 @@ typedef struct mbedtls_pk_rsassa_pss_options
* types, lengths (represented by up to 2 bytes), and potential leading * types, lengths (represented by up to 2 bytes), and potential leading
* zeros of the INTEGERs and the SEQUENCE. */ * zeros of the INTEGERs and the SEQUENCE. */
#undef MBEDTLS_PK_SIGNATURE_MAX_SIZE #undef MBEDTLS_PK_SIGNATURE_MAX_SIZE
#define MBEDTLS_PK_SIGNATURE_MAX_SIZE ( PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11 ) #define MBEDTLS_PK_SIGNATURE_MAX_SIZE (PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11)
#endif #endif
#endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */ #endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */
/** /**
* \brief Types for interfacing with the debug module * \brief Types for interfacing with the debug module
*/ */
typedef enum typedef enum {
{
MBEDTLS_PK_DEBUG_NONE = 0, MBEDTLS_PK_DEBUG_NONE = 0,
MBEDTLS_PK_DEBUG_MPI, MBEDTLS_PK_DEBUG_MPI,
MBEDTLS_PK_DEBUG_ECP, MBEDTLS_PK_DEBUG_ECP,
@ -169,8 +167,7 @@ typedef enum
/** /**
* \brief Item to send to the debug module * \brief Item to send to the debug module
*/ */
typedef struct mbedtls_pk_debug_item typedef struct mbedtls_pk_debug_item {
{
mbedtls_pk_debug_type MBEDTLS_PRIVATE(type); mbedtls_pk_debug_type MBEDTLS_PRIVATE(type);
const char *MBEDTLS_PRIVATE(name); const char *MBEDTLS_PRIVATE(name);
void *MBEDTLS_PRIVATE(value); void *MBEDTLS_PRIVATE(value);
@ -191,20 +188,18 @@ typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;
/** /**
* \brief Public key container * \brief Public key container
*/ */
typedef struct mbedtls_pk_context typedef struct mbedtls_pk_context {
{ const mbedtls_pk_info_t *MBEDTLS_PRIVATE(pk_info); /**< Public key information */
const mbedtls_pk_info_t * MBEDTLS_PRIVATE(pk_info); /**< Public key information */ void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
void * MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
} mbedtls_pk_context; } mbedtls_pk_context;
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
* \brief Context for resuming operations * \brief Context for resuming operations
*/ */
typedef struct typedef struct {
{ const mbedtls_pk_info_t *MBEDTLS_PRIVATE(pk_info); /**< Public key information */
const mbedtls_pk_info_t * MBEDTLS_PRIVATE(pk_info); /**< Public key information */ void *MBEDTLS_PRIVATE(rs_ctx); /**< Underlying restart context */
void * MBEDTLS_PRIVATE(rs_ctx); /**< Underlying restart context */
} mbedtls_pk_restart_ctx; } mbedtls_pk_restart_ctx;
#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
/* Now we can declare functions that take a pointer to that */ /* Now we can declare functions that take a pointer to that */
@ -215,14 +210,15 @@ typedef void mbedtls_pk_restart_ctx;
/** /**
* \brief Types for RSA-alt abstraction * \brief Types for RSA-alt abstraction
*/ */
typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, size_t *olen, typedef int (*mbedtls_pk_rsa_alt_decrypt_func)(void *ctx, size_t *olen,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
size_t output_max_len ); size_t output_max_len);
typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx, typedef int (*mbedtls_pk_rsa_alt_sign_func)(void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int (*f_rng)(void *, unsigned char *, size_t),
mbedtls_md_type_t md_alg, unsigned int hashlen, void *p_rng,
const unsigned char *hash, unsigned char *sig ); mbedtls_md_type_t md_alg, unsigned int hashlen,
typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx ); const unsigned char *hash, unsigned char *sig);
typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)(void *ctx);
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
/** /**
@ -232,7 +228,7 @@ typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
* *
* \return The PK info associated with the type or NULL if not found. * \return The PK info associated with the type or NULL if not found.
*/ */
const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ); const mbedtls_pk_info_t *mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type);
/** /**
* \brief Initialize a #mbedtls_pk_context (as NONE). * \brief Initialize a #mbedtls_pk_context (as NONE).
@ -240,7 +236,7 @@ const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
* \param ctx The context to initialize. * \param ctx The context to initialize.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_pk_init( mbedtls_pk_context *ctx ); void mbedtls_pk_init(mbedtls_pk_context *ctx);
/** /**
* \brief Free the components of a #mbedtls_pk_context. * \brief Free the components of a #mbedtls_pk_context.
@ -253,7 +249,7 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx );
* PSA key and you still need to call psa_destroy_key() * PSA key and you still need to call psa_destroy_key()
* independently if you want to destroy that key. * independently if you want to destroy that key.
*/ */
void mbedtls_pk_free( mbedtls_pk_context *ctx ); void mbedtls_pk_free(mbedtls_pk_context *ctx);
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
@ -262,7 +258,7 @@ void mbedtls_pk_free( mbedtls_pk_context *ctx );
* \param ctx The context to initialize. * \param ctx The context to initialize.
* This must not be \c NULL. * This must not be \c NULL.
*/ */
void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ); void mbedtls_pk_restart_init(mbedtls_pk_restart_ctx *ctx);
/** /**
* \brief Free the components of a restart context * \brief Free the components of a restart context
@ -270,7 +266,7 @@ void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx );
* \param ctx The context to clear. It must have been initialized. * \param ctx The context to clear. It must have been initialized.
* If this is \c NULL, this function does nothing. * If this is \c NULL, this function does nothing.
*/ */
void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ); void mbedtls_pk_restart_free(mbedtls_pk_restart_ctx *ctx);
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
/** /**
@ -288,7 +284,7 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );
* \note For contexts holding an RSA-alt key, use * \note For contexts holding an RSA-alt key, use
* \c mbedtls_pk_setup_rsa_alt() instead. * \c mbedtls_pk_setup_rsa_alt() instead.
*/ */
int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info);
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
/** /**
@ -319,8 +315,8 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
* ECC key pair. * ECC key pair.
* \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. * \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
*/ */
int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx,
const mbedtls_svc_key_id_t key ); const mbedtls_svc_key_id_t key);
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
@ -339,10 +335,10 @@ int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx,
* *
* \note This function replaces \c mbedtls_pk_setup() for RSA-alt. * \note This function replaces \c mbedtls_pk_setup() for RSA-alt.
*/ */
int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, int mbedtls_pk_setup_rsa_alt(mbedtls_pk_context *ctx, void *key,
mbedtls_pk_rsa_alt_decrypt_func decrypt_func, mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
mbedtls_pk_rsa_alt_sign_func sign_func, mbedtls_pk_rsa_alt_sign_func sign_func,
mbedtls_pk_rsa_alt_key_len_func key_len_func ); mbedtls_pk_rsa_alt_key_len_func key_len_func);
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
/** /**
@ -352,7 +348,7 @@ int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
* *
* \return Key size in bits, or 0 on error * \return Key size in bits, or 0 on error
*/ */
size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ); size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx);
/** /**
* \brief Get the length in bytes of the underlying key * \brief Get the length in bytes of the underlying key
@ -361,9 +357,9 @@ size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx );
* *
* \return Key length in bytes, or 0 on error * \return Key length in bytes, or 0 on error
*/ */
static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx ) static inline size_t mbedtls_pk_get_len(const mbedtls_pk_context *ctx)
{ {
return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 ); return (mbedtls_pk_get_bitlen(ctx) + 7) / 8;
} }
/** /**
@ -378,7 +374,7 @@ static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )
* been initialized but not set up, or that has been * been initialized but not set up, or that has been
* cleared with mbedtls_pk_free(). * cleared with mbedtls_pk_free().
*/ */
int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ); int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type);
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
/** /**
@ -408,8 +404,8 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );
* for a context that has been initialized but not set up * for a context that has been initialized but not set up
* or that has been cleared with mbedtls_pk_free(). * or that has been cleared with mbedtls_pk_free().
*/ */
int mbedtls_pk_can_do_ext( const mbedtls_pk_context *ctx, psa_algorithm_t alg, int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg,
psa_key_usage_t usage ); psa_key_usage_t usage);
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
/** /**
@ -439,9 +435,9 @@ int mbedtls_pk_can_do_ext( const mbedtls_pk_context *ctx, psa_algorithm_t alg,
* Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... ) * Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... )
* to verify RSASSA_PSS signatures. * to verify RSASSA_PSS signatures.
*/ */
int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len ); const unsigned char *sig, size_t sig_len);
/** /**
* \brief Restartable version of \c mbedtls_pk_verify() * \brief Restartable version of \c mbedtls_pk_verify()
@ -463,11 +459,11 @@ int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
*/ */
int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len, const unsigned char *sig, size_t sig_len,
mbedtls_pk_restart_ctx *rs_ctx ); mbedtls_pk_restart_ctx *rs_ctx);
/** /**
* \brief Verify signature, with options. * \brief Verify signature, with options.
@ -500,10 +496,10 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
* #MBEDTLS_USE_PSA_CRYPTO is defined, the salt length is not * #MBEDTLS_USE_PSA_CRYPTO is defined, the salt length is not
* verified as PSA_ALG_RSA_PSS_ANY_SALT is used. * verified as PSA_ALG_RSA_PSS_ANY_SALT is used.
*/ */
int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options,
mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len ); const unsigned char *sig, size_t sig_len);
/** /**
* \brief Make signature, including padding if relevant. * \brief Make signature, including padding if relevant.
@ -533,10 +529,10 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
* \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0. * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE. * For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
*/ */
int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t sig_size, size_t *sig_len, unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
#if defined(MBEDTLS_PSA_CRYPTO_C) #if defined(MBEDTLS_PSA_CRYPTO_C)
/** /**
@ -568,13 +564,13 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE. * For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
* *
*/ */
int mbedtls_pk_sign_ext( mbedtls_pk_type_t pk_type, int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type,
mbedtls_pk_context *ctx, mbedtls_pk_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t sig_size, size_t *sig_len, unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_PSA_CRYPTO_C */
/** /**
@ -606,12 +602,12 @@ int mbedtls_pk_sign_ext( mbedtls_pk_type_t pk_type,
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
*/ */
int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t sig_size, size_t *sig_len, unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_pk_restart_ctx *rs_ctx ); mbedtls_pk_restart_ctx *rs_ctx);
/** /**
* \brief Decrypt message (including padding if relevant). * \brief Decrypt message (including padding if relevant).
@ -630,10 +626,10 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
* *
* \return 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
*/ */
int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, int mbedtls_pk_decrypt(mbedtls_pk_context *ctx,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize, unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** /**
* \brief Encrypt message (including padding if relevant). * \brief Encrypt message (including padding if relevant).
@ -653,10 +649,10 @@ int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
* *
* \return 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
*/ */
int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, int mbedtls_pk_encrypt(mbedtls_pk_context *ctx,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize, unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** /**
* \brief Check if a public-private pair of keys matches. * \brief Check if a public-private pair of keys matches.
@ -672,10 +668,10 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
* \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid. * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.
* \return Another non-zero value if the keys do not match. * \return Another non-zero value if the keys do not match.
*/ */
int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, int mbedtls_pk_check_pair(const mbedtls_pk_context *pub,
const mbedtls_pk_context *prv, const mbedtls_pk_context *prv,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Export debug information * \brief Export debug information
@ -685,7 +681,7 @@ int mbedtls_pk_check_pair( const mbedtls_pk_context *pub,
* *
* \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
*/ */
int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items ); int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items);
/** /**
* \brief Access the type name * \brief Access the type name
@ -694,7 +690,7 @@ int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *item
* *
* \return Type name on success, or "invalid PK" * \return Type name on success, or "invalid PK"
*/ */
const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx ); const char *mbedtls_pk_get_name(const mbedtls_pk_context *ctx);
/** /**
* \brief Get the key type * \brief Get the key type
@ -704,7 +700,7 @@ const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
* \return Type on success. * \return Type on success.
* \return #MBEDTLS_PK_NONE for a context that has not been set up. * \return #MBEDTLS_PK_NONE for a context that has not been set up.
*/ */
mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx);
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
/** /**
@ -717,14 +713,13 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
* *
* \return The internal RSA context held by the PK context, or NULL. * \return The internal RSA context held by the PK context, or NULL.
*/ */
static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) static inline mbedtls_rsa_context *mbedtls_pk_rsa(const mbedtls_pk_context pk)
{ {
switch( mbedtls_pk_get_type( &pk ) ) switch (mbedtls_pk_get_type(&pk)) {
{
case MBEDTLS_PK_RSA: case MBEDTLS_PK_RSA:
return( (mbedtls_rsa_context *) (pk).MBEDTLS_PRIVATE(pk_ctx) ); return (mbedtls_rsa_context *) (pk).MBEDTLS_PRIVATE(pk_ctx);
default: default:
return( NULL ); return NULL;
} }
} }
#endif /* MBEDTLS_RSA_C */ #endif /* MBEDTLS_RSA_C */
@ -741,16 +736,15 @@ static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )
* *
* \return The internal EC context held by the PK context, or NULL. * \return The internal EC context held by the PK context, or NULL.
*/ */
static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) static inline mbedtls_ecp_keypair *mbedtls_pk_ec(const mbedtls_pk_context pk)
{ {
switch( mbedtls_pk_get_type( &pk ) ) switch (mbedtls_pk_get_type(&pk)) {
{
case MBEDTLS_PK_ECKEY: case MBEDTLS_PK_ECKEY:
case MBEDTLS_PK_ECKEY_DH: case MBEDTLS_PK_ECKEY_DH:
case MBEDTLS_PK_ECDSA: case MBEDTLS_PK_ECDSA:
return( (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx) ); return (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx);
default: default:
return( NULL ); return NULL;
} }
} }
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
@ -787,10 +781,10 @@ static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )
* *
* \return 0 if successful, or a specific PK or PEM error code * \return 0 if successful, or a specific PK or PEM error code
*/ */
int mbedtls_pk_parse_key( mbedtls_pk_context *ctx, int mbedtls_pk_parse_key(mbedtls_pk_context *ctx,
const unsigned char *key, size_t keylen, const unsigned char *key, size_t keylen,
const unsigned char *pwd, size_t pwdlen, const unsigned char *pwd, size_t pwdlen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** \ingroup pk_module */ /** \ingroup pk_module */
/** /**
@ -814,8 +808,8 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
* *
* \return 0 if successful, or a specific PK or PEM error code * \return 0 if successful, or a specific PK or PEM error code
*/ */
int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx,
const unsigned char *key, size_t keylen ); const unsigned char *key, size_t keylen);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** \ingroup pk_module */ /** \ingroup pk_module */
@ -841,9 +835,9 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
* *
* \return 0 if successful, or a specific PK or PEM error code * \return 0 if successful, or a specific PK or PEM error code
*/ */
int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx,
const char *path, const char *password, const char *path, const char *password,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
/** \ingroup pk_module */ /** \ingroup pk_module */
/** /**
@ -862,7 +856,7 @@ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
* *
* \return 0 if successful, or a specific PK or PEM error code * \return 0 if successful, or a specific PK or PEM error code
*/ */
int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ); int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_PK_PARSE_C */ #endif /* MBEDTLS_PK_PARSE_C */
@ -880,7 +874,7 @@ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path )
* \return length of data written if successful, or a specific * \return length of data written if successful, or a specific
* error code * error code
*/ */
int mbedtls_pk_write_key_der( const mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); int mbedtls_pk_write_key_der(const mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
/** /**
* \brief Write a public key to a SubjectPublicKeyInfo DER structure * \brief Write a public key to a SubjectPublicKeyInfo DER structure
@ -895,7 +889,7 @@ int mbedtls_pk_write_key_der( const mbedtls_pk_context *ctx, unsigned char *buf,
* \return length of data written if successful, or a specific * \return length of data written if successful, or a specific
* error code * error code
*/ */
int mbedtls_pk_write_pubkey_der( const mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
#if defined(MBEDTLS_PEM_WRITE_C) #if defined(MBEDTLS_PEM_WRITE_C)
/** /**
@ -908,7 +902,7 @@ int mbedtls_pk_write_pubkey_der( const mbedtls_pk_context *ctx, unsigned char *b
* *
* \return 0 if successful, or a specific error code * \return 0 if successful, or a specific error code
*/ */
int mbedtls_pk_write_pubkey_pem( const mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); int mbedtls_pk_write_pubkey_pem(const mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
/** /**
* \brief Write a private key to a PKCS#1 or SEC1 PEM string * \brief Write a private key to a PKCS#1 or SEC1 PEM string
@ -920,7 +914,7 @@ int mbedtls_pk_write_pubkey_pem( const mbedtls_pk_context *ctx, unsigned char *b
* *
* \return 0 if successful, or a specific error code * \return 0 if successful, or a specific error code
*/ */
int mbedtls_pk_write_key_pem( const mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); int mbedtls_pk_write_key_pem(const mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
#endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_PK_WRITE_C */ #endif /* MBEDTLS_PK_WRITE_C */
@ -940,8 +934,8 @@ int mbedtls_pk_write_key_pem( const mbedtls_pk_context *ctx, unsigned char *buf,
* *
* \return 0 if successful, or a specific PK error code * \return 0 if successful, or a specific PK error code
*/ */
int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end,
mbedtls_pk_context *pk ); mbedtls_pk_context *pk);
#endif /* MBEDTLS_PK_PARSE_C */ #endif /* MBEDTLS_PK_PARSE_C */
#if defined(MBEDTLS_PK_WRITE_C) #if defined(MBEDTLS_PK_WRITE_C)
@ -955,8 +949,8 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
const mbedtls_pk_context *key ); const mbedtls_pk_context *key);
#endif /* MBEDTLS_PK_WRITE_C */ #endif /* MBEDTLS_PK_WRITE_C */
/* /*
@ -964,7 +958,7 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
* know you do. * know you do.
*/ */
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n);
#endif #endif
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
@ -987,11 +981,11 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return An Mbed TLS error code otherwise. * \return An Mbed TLS error code otherwise.
*/ */
int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
mbedtls_svc_key_id_t *key, mbedtls_svc_key_id_t *key,
psa_algorithm_t alg, psa_algorithm_t alg,
psa_key_usage_t usage, psa_key_usage_t usage,
psa_algorithm_t alg2 ); psa_algorithm_t alg2);
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
#ifdef __cplusplus #ifdef __cplusplus

18
include/mbedtls/pkcs12.h
View File

@ -70,11 +70,11 @@ extern "C" {
* *
* \return 0 if successful, or a MBEDTLS_ERR_XXX code * \return 0 if successful, or a MBEDTLS_ERR_XXX code
*/ */
int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode,
mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
const unsigned char *pwd, size_t pwdlen, const unsigned char *pwd, size_t pwdlen,
const unsigned char *input, size_t len, const unsigned char *input, size_t len,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_ASN1_PARSE_C */ #endif /* MBEDTLS_ASN1_PARSE_C */
@ -105,10 +105,10 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
* *
* \return 0 if successful, or a MD, BIGNUM type error. * \return 0 if successful, or a MD, BIGNUM type error.
*/ */
int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen,
const unsigned char *pwd, size_t pwdlen, const unsigned char *pwd, size_t pwdlen,
const unsigned char *salt, size_t saltlen, const unsigned char *salt, size_t saltlen,
mbedtls_md_type_t mbedtls_md, int id, int iterations ); mbedtls_md_type_t mbedtls_md, int id, int iterations);
#ifdef __cplusplus #ifdef __cplusplus
} }

33
include/mbedtls/pkcs5.h
View File

@ -63,10 +63,10 @@ extern "C" {
* *
* \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/ */
int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode,
const unsigned char *pwd, size_t pwdlen, const unsigned char *pwd, size_t pwdlen,
const unsigned char *data, size_t datalen, const unsigned char *data, size_t datalen,
unsigned char *output ); unsigned char *output);
#endif /* MBEDTLS_ASN1_PARSE_C */ #endif /* MBEDTLS_ASN1_PARSE_C */
@ -84,11 +84,11 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
* *
* \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/ */
int mbedtls_pkcs5_pbkdf2_hmac_ext( mbedtls_md_type_t md_type, int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_type,
const unsigned char *password, const unsigned char *password,
size_t plen, const unsigned char *salt, size_t slen, size_t plen, const unsigned char *salt, size_t slen,
unsigned int iteration_count, unsigned int iteration_count,
uint32_t key_length, unsigned char *output ); uint32_t key_length, unsigned char *output);
#if defined(MBEDTLS_MD_C) #if defined(MBEDTLS_MD_C)
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
@ -108,11 +108,14 @@ int mbedtls_pkcs5_pbkdf2_hmac_ext( mbedtls_md_type_t md_type,
* *
* \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/ */
int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx,
const unsigned char *password, const unsigned char *password,
size_t plen, const unsigned char *salt, size_t slen, size_t plen,
unsigned int iteration_count, const unsigned char *salt,
uint32_t key_length, unsigned char *output ); size_t slen,
unsigned int iteration_count,
uint32_t key_length,
unsigned char *output);
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_MD_C */ #endif /* MBEDTLS_MD_C */
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -122,7 +125,7 @@ int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int mbedtls_pkcs5_self_test( int verbose ); int mbedtls_pkcs5_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

34
include/mbedtls/pkcs7.h
View File

@ -121,8 +121,7 @@ mbedtls_pkcs7_type;
/** /**
* Structure holding PKCS7 signer info * Structure holding PKCS7 signer info
*/ */
typedef struct mbedtls_pkcs7_signer_info typedef struct mbedtls_pkcs7_signer_info {
{
int MBEDTLS_PRIVATE(version); int MBEDTLS_PRIVATE(version);
mbedtls_x509_buf MBEDTLS_PRIVATE(serial); mbedtls_x509_buf MBEDTLS_PRIVATE(serial);
mbedtls_x509_name MBEDTLS_PRIVATE(issuer); mbedtls_x509_name MBEDTLS_PRIVATE(issuer);
@ -137,8 +136,7 @@ mbedtls_pkcs7_signer_info;
/** /**
* Structure holding attached data as part of PKCS7 signed data format * Structure holding attached data as part of PKCS7 signed data format
*/ */
typedef struct mbedtls_pkcs7_data typedef struct mbedtls_pkcs7_data {
{
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(oid); mbedtls_pkcs7_buf MBEDTLS_PRIVATE(oid);
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(data); mbedtls_pkcs7_buf MBEDTLS_PRIVATE(data);
} }
@ -147,8 +145,7 @@ mbedtls_pkcs7_data;
/** /**
* Structure holding the signed data section * Structure holding the signed data section
*/ */
typedef struct mbedtls_pkcs7_signed_data typedef struct mbedtls_pkcs7_signed_data {
{
int MBEDTLS_PRIVATE(version); int MBEDTLS_PRIVATE(version);
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(digest_alg_identifiers); mbedtls_pkcs7_buf MBEDTLS_PRIVATE(digest_alg_identifiers);
struct mbedtls_pkcs7_data MBEDTLS_PRIVATE(content); struct mbedtls_pkcs7_data MBEDTLS_PRIVATE(content);
@ -164,8 +161,7 @@ mbedtls_pkcs7_signed_data;
/** /**
* Structure holding PKCS7 structure, only signed data for now * Structure holding PKCS7 structure, only signed data for now
*/ */
typedef struct mbedtls_pkcs7 typedef struct mbedtls_pkcs7 {
{
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(raw); mbedtls_pkcs7_buf MBEDTLS_PRIVATE(raw);
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(content_type_oid); mbedtls_pkcs7_buf MBEDTLS_PRIVATE(content_type_oid);
mbedtls_pkcs7_signed_data MBEDTLS_PRIVATE(signed_data); mbedtls_pkcs7_signed_data MBEDTLS_PRIVATE(signed_data);
@ -177,7 +173,7 @@ mbedtls_pkcs7;
* *
* \param pkcs7 pkcs7 structure. * \param pkcs7 pkcs7 structure.
*/ */
void mbedtls_pkcs7_init( mbedtls_pkcs7 *pkcs7 ); void mbedtls_pkcs7_init(mbedtls_pkcs7 *pkcs7);
/** /**
* \brief Parse a single DER formatted pkcs7 content. * \brief Parse a single DER formatted pkcs7 content.
@ -193,8 +189,8 @@ void mbedtls_pkcs7_init( mbedtls_pkcs7 *pkcs7 );
* \return The \c mbedtls_pkcs7_type of \p buf, if successful. * \return The \c mbedtls_pkcs7_type of \p buf, if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_pkcs7_parse_der( mbedtls_pkcs7 *pkcs7, const unsigned char *buf, int mbedtls_pkcs7_parse_der(mbedtls_pkcs7 *pkcs7, const unsigned char *buf,
const size_t buflen ); const size_t buflen);
/** /**
* \brief Verification of PKCS7 signature against a caller-supplied * \brief Verification of PKCS7 signature against a caller-supplied
@ -220,10 +216,10 @@ int mbedtls_pkcs7_parse_der( mbedtls_pkcs7 *pkcs7, const unsigned char *buf,
* *
* \return 0 if the signature verifies, or a negative error code on failure. * \return 0 if the signature verifies, or a negative error code on failure.
*/ */
int mbedtls_pkcs7_signed_data_verify( mbedtls_pkcs7 *pkcs7, int mbedtls_pkcs7_signed_data_verify(mbedtls_pkcs7 *pkcs7,
const mbedtls_x509_crt *cert, const mbedtls_x509_crt *cert,
const unsigned char *data, const unsigned char *data,
size_t datalen ); size_t datalen);
/** /**
* \brief Verification of PKCS7 signature against a caller-supplied * \brief Verification of PKCS7 signature against a caller-supplied
@ -249,9 +245,9 @@ int mbedtls_pkcs7_signed_data_verify( mbedtls_pkcs7 *pkcs7,
* *
* \return 0 if the signature verifies, or a negative error code on failure. * \return 0 if the signature verifies, or a negative error code on failure.
*/ */
int mbedtls_pkcs7_signed_hash_verify( mbedtls_pkcs7 *pkcs7, int mbedtls_pkcs7_signed_hash_verify(mbedtls_pkcs7 *pkcs7,
const mbedtls_x509_crt *cert, const mbedtls_x509_crt *cert,
const unsigned char *hash, size_t hashlen); const unsigned char *hash, size_t hashlen);
/** /**
* \brief Unallocate all PKCS7 data and zeroize the memory. * \brief Unallocate all PKCS7 data and zeroize the memory.
@ -259,7 +255,7 @@ int mbedtls_pkcs7_signed_hash_verify( mbedtls_pkcs7 *pkcs7,
* *
* \param pkcs7 PKCS7 structure to free. * \param pkcs7 PKCS7 structure to free.
*/ */
void mbedtls_pkcs7_free( mbedtls_pkcs7 *pkcs7 ); void mbedtls_pkcs7_free(mbedtls_pkcs7 *pkcs7);
#ifdef __cplusplus #ifdef __cplusplus
} }

65
include/mbedtls/platform.h
View File

@ -144,8 +144,8 @@ extern "C" {
#else #else
/* For size_t */ /* For size_t */
#include <stddef.h> #include <stddef.h>
extern void *mbedtls_calloc( size_t n, size_t size ); extern void *mbedtls_calloc(size_t n, size_t size);
extern void mbedtls_free( void *ptr ); extern void mbedtls_free(void *ptr);
/** /**
* \brief This function dynamically sets the memory-management * \brief This function dynamically sets the memory-management
@ -156,8 +156,8 @@ extern void mbedtls_free( void *ptr );
* *
* \return \c 0. * \return \c 0.
*/ */
int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t),
void (*free_func)( void * ) ); void (*free_func)(void *));
#endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */ #endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */
#else /* !MBEDTLS_PLATFORM_MEMORY */ #else /* !MBEDTLS_PLATFORM_MEMORY */
#define mbedtls_free free #define mbedtls_free free
@ -170,7 +170,7 @@ int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ),
#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) #if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
/* We need FILE * */ /* We need FILE * */
#include <stdio.h> #include <stdio.h>
extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... ); extern int (*mbedtls_fprintf)(FILE *stream, const char *format, ...);
/** /**
* \brief This function dynamically configures the fprintf * \brief This function dynamically configures the fprintf
@ -181,8 +181,8 @@ extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... );
* *
* \return \c 0. * \return \c 0.
*/ */
int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *, int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *,
... ) ); ...));
#else #else
#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
#define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO #define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO
@ -195,7 +195,7 @@ int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char
* The function pointers for printf * The function pointers for printf
*/ */
#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) #if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
extern int (*mbedtls_printf)( const char *format, ... ); extern int (*mbedtls_printf)(const char *format, ...);
/** /**
* \brief This function dynamically configures the snprintf * \brief This function dynamically configures the snprintf
@ -206,7 +206,7 @@ extern int (*mbedtls_printf)( const char *format, ... );
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ); int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...));
#else /* !MBEDTLS_PLATFORM_PRINTF_ALT */ #else /* !MBEDTLS_PLATFORM_PRINTF_ALT */
#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
#define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO #define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO
@ -226,11 +226,11 @@ int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) );
*/ */
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF) #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
/* For Windows (inc. MSYS2), we provide our own fixed implementation */ /* For Windows (inc. MSYS2), we provide our own fixed implementation */
int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ); int mbedtls_platform_win32_snprintf(char *s, size_t n, const char *fmt, ...);
#endif #endif
#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) #if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... ); extern int (*mbedtls_snprintf)(char *s, size_t n, const char *format, ...);
/** /**
* \brief This function allows configuring a custom * \brief This function allows configuring a custom
@ -240,8 +240,8 @@ extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... );
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n,
const char * format, ... ) ); const char *format, ...));
#else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ #else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
#define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO #define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO
@ -262,12 +262,12 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
#if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF) #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
#include <stdarg.h> #include <stdarg.h>
/* For Older Windows (inc. MSYS2), we provide our own fixed implementation */ /* For Older Windows (inc. MSYS2), we provide our own fixed implementation */
int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg ); int mbedtls_platform_win32_vsnprintf(char *s, size_t n, const char *fmt, va_list arg);
#endif #endif
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) #if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
#include <stdarg.h> #include <stdarg.h>
extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_list arg ); extern int (*mbedtls_vsnprintf)(char *s, size_t n, const char *format, va_list arg);
/** /**
* \brief Set your own snprintf function pointer * \brief Set your own snprintf function pointer
@ -276,8 +276,8 @@ extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_lis
* *
* \return \c 0 * \return \c 0
*/ */
int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n, int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n,
const char * format, va_list arg ) ); const char *format, va_list arg));
#else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ #else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
#define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO #define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO
@ -307,7 +307,7 @@ int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
* The library always calls this function with * The library always calls this function with
* `buf` equal to `NULL`. * `buf` equal to `NULL`.
*/ */
extern void (*mbedtls_setbuf)( FILE *stream, char *buf ); extern void (*mbedtls_setbuf)(FILE *stream, char *buf);
/** /**
* \brief Dynamically configure the function that is called * \brief Dynamically configure the function that is called
@ -318,8 +318,8 @@ extern void (*mbedtls_setbuf)( FILE *stream, char *buf );
* *
* \return \c 0 * \return \c 0
*/ */
int mbedtls_platform_set_setbuf( void (*setbuf_func)( int mbedtls_platform_set_setbuf(void (*setbuf_func)(
FILE *stream, char *buf ) ); FILE *stream, char *buf));
#elif defined(MBEDTLS_PLATFORM_SETBUF_MACRO) #elif defined(MBEDTLS_PLATFORM_SETBUF_MACRO)
/** /**
* \brief Macro defining the function for the library to * \brief Macro defining the function for the library to
@ -340,7 +340,7 @@ int mbedtls_platform_set_setbuf( void (*setbuf_func)(
* The function pointers for exit * The function pointers for exit
*/ */
#if defined(MBEDTLS_PLATFORM_EXIT_ALT) #if defined(MBEDTLS_PLATFORM_EXIT_ALT)
extern void (*mbedtls_exit)( int status ); extern void (*mbedtls_exit)(int status);
/** /**
* \brief This function dynamically configures the exit * \brief This function dynamically configures the exit
@ -351,7 +351,7 @@ extern void (*mbedtls_exit)( int status );
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_platform_set_exit( void (*exit_func)( int status ) ); int mbedtls_platform_set_exit(void (*exit_func)(int status));
#else #else
#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) #if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
#define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO #define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO
@ -383,13 +383,13 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) );
#if defined(MBEDTLS_ENTROPY_NV_SEED) #if defined(MBEDTLS_ENTROPY_NV_SEED)
#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO) #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO)
/* Internal standard platform definitions */ /* Internal standard platform definitions */
int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len ); int mbedtls_platform_std_nv_seed_read(unsigned char *buf, size_t buf_len);
int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len ); int mbedtls_platform_std_nv_seed_write(unsigned char *buf, size_t buf_len);
#endif #endif
#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) #if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
extern int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ); extern int (*mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len);
extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ); extern int (*mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len);
/** /**
* \brief This function allows configuring custom seed file writing and * \brief This function allows configuring custom seed file writing and
@ -401,9 +401,9 @@ extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len );
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_platform_set_nv_seed( int mbedtls_platform_set_nv_seed(
int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ), int (*nv_seed_read_func)(unsigned char *buf, size_t buf_len),
int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len ) int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len)
); );
#else #else
#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \ #if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \
defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
@ -424,8 +424,7 @@ int mbedtls_platform_set_nv_seed(
* \note This structure may be used to assist platform-specific * \note This structure may be used to assist platform-specific
* setup or teardown operations. * setup or teardown operations.
*/ */
typedef struct mbedtls_platform_context typedef struct mbedtls_platform_context {
{
char MBEDTLS_PRIVATE(dummy); /**< A placeholder member, as empty structs are not portable. */ char MBEDTLS_PRIVATE(dummy); /**< A placeholder member, as empty structs are not portable. */
} }
mbedtls_platform_context; mbedtls_platform_context;
@ -449,7 +448,7 @@ mbedtls_platform_context;
* *
* \return \c 0 on success. * \return \c 0 on success.
*/ */
int mbedtls_platform_setup( mbedtls_platform_context *ctx ); int mbedtls_platform_setup(mbedtls_platform_context *ctx);
/** /**
* \brief This function performs any platform teardown operations. * \brief This function performs any platform teardown operations.
* *
@ -464,7 +463,7 @@ int mbedtls_platform_setup( mbedtls_platform_context *ctx );
* \param ctx The platform context. * \param ctx The platform context.
* *
*/ */
void mbedtls_platform_teardown( mbedtls_platform_context *ctx ); void mbedtls_platform_teardown(mbedtls_platform_context *ctx);
#ifdef __cplusplus #ifdef __cplusplus
} }

4
include/mbedtls/platform_time.h
View File

@ -43,7 +43,7 @@ typedef time_t mbedtls_time_t;
* The function pointers for time * The function pointers for time
*/ */
#if defined(MBEDTLS_PLATFORM_TIME_ALT) #if defined(MBEDTLS_PLATFORM_TIME_ALT)
extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time ); extern mbedtls_time_t (*mbedtls_time)(mbedtls_time_t *time);
/** /**
* \brief Set your own time function pointer * \brief Set your own time function pointer
@ -52,7 +52,7 @@ extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time );
* *
* \return 0 * \return 0
*/ */
int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time ) ); int mbedtls_platform_set_time(mbedtls_time_t (*time_func)(mbedtls_time_t *time));
#else #else
#if defined(MBEDTLS_PLATFORM_TIME_MACRO) #if defined(MBEDTLS_PLATFORM_TIME_MACRO)
#define mbedtls_time MBEDTLS_PLATFORM_TIME_MACRO #define mbedtls_time MBEDTLS_PLATFORM_TIME_MACRO

26
include/mbedtls/platform_util.h
View File

@ -36,23 +36,23 @@ extern "C" {
#endif #endif
/* Internal macros meant to be called only from within the library. */ /* Internal macros meant to be called only from within the library. */
#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) do { } while( 0 ) #define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret) do { } while (0)
#define MBEDTLS_INTERNAL_VALIDATE( cond ) do { } while( 0 ) #define MBEDTLS_INTERNAL_VALIDATE(cond) do { } while (0)
/* Internal helper macros for deprecating API constants. */ /* Internal helper macros for deprecating API constants. */
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING) #if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated)) #define MBEDTLS_DEPRECATED __attribute__((deprecated))
MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_string_constant_t; MBEDTLS_DEPRECATED typedef char const *mbedtls_deprecated_string_constant_t;
#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) \ #define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL) \
( (mbedtls_deprecated_string_constant_t) ( VAL ) ) ((mbedtls_deprecated_string_constant_t) (VAL))
MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) \ #define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL) \
( (mbedtls_deprecated_numeric_constant_t) ( VAL ) ) ((mbedtls_deprecated_numeric_constant_t) (VAL))
#else /* MBEDTLS_DEPRECATED_WARNING */ #else /* MBEDTLS_DEPRECATED_WARNING */
#define MBEDTLS_DEPRECATED #define MBEDTLS_DEPRECATED
#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) VAL #define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL) VAL
#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) VAL #define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL) VAL
#endif /* MBEDTLS_DEPRECATED_WARNING */ #endif /* MBEDTLS_DEPRECATED_WARNING */
#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
@ -142,7 +142,7 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
* https://stackoverflow.com/questions/40576003/ignoring-warning-wunused-result * https://stackoverflow.com/questions/40576003/ignoring-warning-wunused-result
* https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c34 * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c34
*/ */
#define MBEDTLS_IGNORE_RETURN(result) ( (void) !( result ) ) #define MBEDTLS_IGNORE_RETURN(result) ((void) !(result))
#endif #endif
/** /**
@ -167,7 +167,7 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
* \param len Length of the buffer in bytes * \param len Length of the buffer in bytes
* *
*/ */
void mbedtls_platform_zeroize( void *buf, size_t len ); void mbedtls_platform_zeroize(void *buf, size_t len);
#if defined(MBEDTLS_HAVE_TIME_DATE) #if defined(MBEDTLS_HAVE_TIME_DATE)
/** /**
@ -196,8 +196,8 @@ void mbedtls_platform_zeroize( void *buf, size_t len );
* \return Pointer to an object of type struct tm on success, otherwise * \return Pointer to an object of type struct tm on success, otherwise
* NULL * NULL
*/ */
struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt, struct tm *mbedtls_platform_gmtime_r(const mbedtls_time_t *tt,
struct tm *tm_buf ); struct tm *tm_buf);
#endif /* MBEDTLS_HAVE_TIME_DATE */ #endif /* MBEDTLS_HAVE_TIME_DATE */
#ifdef __cplusplus #ifdef __cplusplus

31
include/mbedtls/poly1305.h
View File

@ -47,8 +47,7 @@ extern "C" {
#if !defined(MBEDTLS_POLY1305_ALT) #if !defined(MBEDTLS_POLY1305_ALT)
typedef struct mbedtls_poly1305_context typedef struct mbedtls_poly1305_context {
{
uint32_t MBEDTLS_PRIVATE(r)[4]; /** The value for 'r' (low 128 bits of the key). */ uint32_t MBEDTLS_PRIVATE(r)[4]; /** The value for 'r' (low 128 bits of the key). */
uint32_t MBEDTLS_PRIVATE(s)[4]; /** The value for 's' (high 128 bits of the key). */ uint32_t MBEDTLS_PRIVATE(s)[4]; /** The value for 's' (high 128 bits of the key). */
uint32_t MBEDTLS_PRIVATE(acc)[5]; /** The accumulator number. */ uint32_t MBEDTLS_PRIVATE(acc)[5]; /** The accumulator number. */
@ -76,7 +75,7 @@ mbedtls_poly1305_context;
* \param ctx The Poly1305 context to initialize. This must * \param ctx The Poly1305 context to initialize. This must
* not be \c NULL. * not be \c NULL.
*/ */
void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ); void mbedtls_poly1305_init(mbedtls_poly1305_context *ctx);
/** /**
* \brief This function releases and clears the specified * \brief This function releases and clears the specified
@ -86,7 +85,7 @@ void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx );
* case this function is a no-op. If it is not \c NULL, it must * case this function is a no-op. If it is not \c NULL, it must
* point to an initialized Poly1305 context. * point to an initialized Poly1305 context.
*/ */
void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx ); void mbedtls_poly1305_free(mbedtls_poly1305_context *ctx);
/** /**
* \brief This function sets the one-time authentication key. * \brief This function sets the one-time authentication key.
@ -101,8 +100,8 @@ void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, int mbedtls_poly1305_starts(mbedtls_poly1305_context *ctx,
const unsigned char key[32] ); const unsigned char key[32]);
/** /**
* \brief This functions feeds an input buffer into an ongoing * \brief This functions feeds an input buffer into an ongoing
@ -122,9 +121,9 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, int mbedtls_poly1305_update(mbedtls_poly1305_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief This function generates the Poly1305 Message * \brief This function generates the Poly1305 Message
@ -138,8 +137,8 @@ int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, int mbedtls_poly1305_finish(mbedtls_poly1305_context *ctx,
unsigned char mac[16] ); unsigned char mac[16]);
/** /**
* \brief This function calculates the Poly1305 MAC of the input * \brief This function calculates the Poly1305 MAC of the input
@ -159,10 +158,10 @@ int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_poly1305_mac( const unsigned char key[32], int mbedtls_poly1305_mac(const unsigned char key[32],
const unsigned char *input, const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char mac[16] ); unsigned char mac[16]);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
@ -171,7 +170,7 @@ int mbedtls_poly1305_mac( const unsigned char key[32],
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_poly1305_self_test( int verbose ); int mbedtls_poly1305_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus

2
include/mbedtls/private_access.h
View File

@ -1,4 +1,4 @@
/** /**
* \file private_access.h * \file private_access.h
* *
* \brief Macro wrapper for struct's members. * \brief Macro wrapper for struct's members.

153
include/mbedtls/psa_util.h
View File

@ -44,10 +44,9 @@
/* Translations for symmetric crypto. */ /* Translations for symmetric crypto. */
static inline psa_key_type_t mbedtls_psa_translate_cipher_type( static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
mbedtls_cipher_type_t cipher ) mbedtls_cipher_type_t cipher)
{ {
switch( cipher ) switch (cipher) {
{
case MBEDTLS_CIPHER_AES_128_CCM: case MBEDTLS_CIPHER_AES_128_CCM:
case MBEDTLS_CIPHER_AES_192_CCM: case MBEDTLS_CIPHER_AES_192_CCM:
case MBEDTLS_CIPHER_AES_256_CCM: case MBEDTLS_CIPHER_AES_256_CCM:
@ -63,7 +62,7 @@ static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
case MBEDTLS_CIPHER_AES_128_ECB: case MBEDTLS_CIPHER_AES_128_ECB:
case MBEDTLS_CIPHER_AES_192_ECB: case MBEDTLS_CIPHER_AES_192_ECB:
case MBEDTLS_CIPHER_AES_256_ECB: case MBEDTLS_CIPHER_AES_256_ECB:
return( PSA_KEY_TYPE_AES ); return PSA_KEY_TYPE_AES;
/* ARIA not yet supported in PSA. */ /* ARIA not yet supported in PSA. */
/* case MBEDTLS_CIPHER_ARIA_128_CCM: /* case MBEDTLS_CIPHER_ARIA_128_CCM:
@ -81,44 +80,43 @@ static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
return( PSA_KEY_TYPE_ARIA ); */ return( PSA_KEY_TYPE_ARIA ); */
default: default:
return( 0 ); return 0;
} }
} }
static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode( static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
mbedtls_cipher_mode_t mode, size_t taglen ) mbedtls_cipher_mode_t mode, size_t taglen)
{ {
switch( mode ) switch (mode) {
{
case MBEDTLS_MODE_ECB: case MBEDTLS_MODE_ECB:
return( PSA_ALG_ECB_NO_PADDING ); return PSA_ALG_ECB_NO_PADDING;
case MBEDTLS_MODE_GCM: case MBEDTLS_MODE_GCM:
return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, taglen ) ); return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, taglen);
case MBEDTLS_MODE_CCM: case MBEDTLS_MODE_CCM:
return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) ); return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen);
case MBEDTLS_MODE_CCM_STAR_NO_TAG: case MBEDTLS_MODE_CCM_STAR_NO_TAG:
return PSA_ALG_CCM_STAR_NO_TAG; return PSA_ALG_CCM_STAR_NO_TAG;
case MBEDTLS_MODE_CBC: case MBEDTLS_MODE_CBC:
if( taglen == 0 ) if (taglen == 0) {
return( PSA_ALG_CBC_NO_PADDING ); return PSA_ALG_CBC_NO_PADDING;
else } else {
return( 0 ); return 0;
}
default: default:
return( 0 ); return 0;
} }
} }
static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation( static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
mbedtls_operation_t op ) mbedtls_operation_t op)
{ {
switch( op ) switch (op) {
{
case MBEDTLS_ENCRYPT: case MBEDTLS_ENCRYPT:
return( PSA_KEY_USAGE_ENCRYPT ); return PSA_KEY_USAGE_ENCRYPT;
case MBEDTLS_DECRYPT: case MBEDTLS_DECRYPT:
return( PSA_KEY_USAGE_DECRYPT ); return PSA_KEY_USAGE_DECRYPT;
default: default:
return( 0 ); return 0;
} }
} }
@ -127,42 +125,41 @@ static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
/* Note: this function should not be used from inside the library, use /* Note: this function should not be used from inside the library, use
* mbedtls_hash_info_psa_from_md() from the internal hash_info.h instead. * mbedtls_hash_info_psa_from_md() from the internal hash_info.h instead.
* It is kept only for compatibility in case applications were using it. */ * It is kept only for compatibility in case applications were using it. */
static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg ) static inline psa_algorithm_t mbedtls_psa_translate_md(mbedtls_md_type_t md_alg)
{ {
switch( md_alg ) switch (md_alg) {
{
#if defined(MBEDTLS_MD5_C) || defined(PSA_WANT_ALG_MD5) #if defined(MBEDTLS_MD5_C) || defined(PSA_WANT_ALG_MD5)
case MBEDTLS_MD_MD5: case MBEDTLS_MD_MD5:
return( PSA_ALG_MD5 ); return PSA_ALG_MD5;
#endif #endif
#if defined(MBEDTLS_SHA1_C) || defined(PSA_WANT_ALG_SHA_1) #if defined(MBEDTLS_SHA1_C) || defined(PSA_WANT_ALG_SHA_1)
case MBEDTLS_MD_SHA1: case MBEDTLS_MD_SHA1:
return( PSA_ALG_SHA_1 ); return PSA_ALG_SHA_1;
#endif #endif
#if defined(MBEDTLS_SHA224_C) || defined(PSA_WANT_ALG_SHA_224) #if defined(MBEDTLS_SHA224_C) || defined(PSA_WANT_ALG_SHA_224)
case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA224:
return( PSA_ALG_SHA_224 ); return PSA_ALG_SHA_224;
#endif #endif
#if defined(MBEDTLS_SHA256_C) || defined(PSA_WANT_ALG_SHA_256) #if defined(MBEDTLS_SHA256_C) || defined(PSA_WANT_ALG_SHA_256)
case MBEDTLS_MD_SHA256: case MBEDTLS_MD_SHA256:
return( PSA_ALG_SHA_256 ); return PSA_ALG_SHA_256;
#endif #endif
#if defined(MBEDTLS_SHA384_C) || defined(PSA_WANT_ALG_SHA_384) #if defined(MBEDTLS_SHA384_C) || defined(PSA_WANT_ALG_SHA_384)
case MBEDTLS_MD_SHA384: case MBEDTLS_MD_SHA384:
return( PSA_ALG_SHA_384 ); return PSA_ALG_SHA_384;
#endif #endif
#if defined(MBEDTLS_SHA512_C) || defined(PSA_WANT_ALG_SHA_512) #if defined(MBEDTLS_SHA512_C) || defined(PSA_WANT_ALG_SHA_512)
case MBEDTLS_MD_SHA512: case MBEDTLS_MD_SHA512:
return( PSA_ALG_SHA_512 ); return PSA_ALG_SHA_512;
#endif #endif
#if defined(MBEDTLS_RIPEMD160_C) || defined(PSA_WANT_ALG_RIPEMD160) #if defined(MBEDTLS_RIPEMD160_C) || defined(PSA_WANT_ALG_RIPEMD160)
case MBEDTLS_MD_RIPEMD160: case MBEDTLS_MD_RIPEMD160:
return( PSA_ALG_RIPEMD160 ); return PSA_ALG_RIPEMD160;
#endif #endif
case MBEDTLS_MD_NONE: case MBEDTLS_MD_NONE:
return( 0 ); return 0;
default: default:
return( 0 ); return 0;
} }
} }
@ -170,99 +167,95 @@ static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg
static inline int mbedtls_psa_get_ecc_oid_from_id( static inline int mbedtls_psa_get_ecc_oid_from_id(
psa_ecc_family_t curve, size_t bits, psa_ecc_family_t curve, size_t bits,
char const **oid, size_t *oid_len ) char const **oid, size_t *oid_len)
{ {
switch( curve ) switch (curve) {
{
case PSA_ECC_FAMILY_SECP_R1: case PSA_ECC_FAMILY_SECP_R1:
switch( bits ) switch (bits) {
{
#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
case 192: case 192:
*oid = MBEDTLS_OID_EC_GRP_SECP192R1; *oid = MBEDTLS_OID_EC_GRP_SECP192R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
case 224: case 224:
*oid = MBEDTLS_OID_EC_GRP_SECP224R1; *oid = MBEDTLS_OID_EC_GRP_SECP224R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
case 256: case 256:
*oid = MBEDTLS_OID_EC_GRP_SECP256R1; *oid = MBEDTLS_OID_EC_GRP_SECP256R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
case 384: case 384:
*oid = MBEDTLS_OID_EC_GRP_SECP384R1; *oid = MBEDTLS_OID_EC_GRP_SECP384R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP384R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
case 521: case 521:
*oid = MBEDTLS_OID_EC_GRP_SECP521R1; *oid = MBEDTLS_OID_EC_GRP_SECP521R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP521R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
} }
break; break;
case PSA_ECC_FAMILY_SECP_K1: case PSA_ECC_FAMILY_SECP_K1:
switch( bits ) switch (bits) {
{
#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
case 192: case 192:
*oid = MBEDTLS_OID_EC_GRP_SECP192K1; *oid = MBEDTLS_OID_EC_GRP_SECP192K1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192K1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
case 224: case 224:
*oid = MBEDTLS_OID_EC_GRP_SECP224K1; *oid = MBEDTLS_OID_EC_GRP_SECP224K1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224K1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
case 256: case 256:
*oid = MBEDTLS_OID_EC_GRP_SECP256K1; *oid = MBEDTLS_OID_EC_GRP_SECP256K1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256K1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
} }
break; break;
case PSA_ECC_FAMILY_BRAINPOOL_P_R1: case PSA_ECC_FAMILY_BRAINPOOL_P_R1:
switch( bits ) switch (bits) {
{
#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
case 256: case 256:
*oid = MBEDTLS_OID_EC_GRP_BP256R1; *oid = MBEDTLS_OID_EC_GRP_BP256R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP256R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
case 384: case 384:
*oid = MBEDTLS_OID_EC_GRP_BP384R1; *oid = MBEDTLS_OID_EC_GRP_BP384R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP384R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
case 512: case 512:
*oid = MBEDTLS_OID_EC_GRP_BP512R1; *oid = MBEDTLS_OID_EC_GRP_BP512R1;
*oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 ); *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP512R1);
return( 0 ); return 0;
#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
} }
break; break;
} }
(void) oid; (void) oid;
(void) oid_len; (void) oid_len;
return( -1 ); return -1;
} }
#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \ #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \
PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE( PSA_VENDOR_ECC_MAX_CURVE_BITS ) PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
/* Expose whatever RNG the PSA subsystem uses to applications using the /* Expose whatever RNG the PSA subsystem uses to applications using the
* mbedtls_xxx API. The declarations and definitions here need to be * mbedtls_xxx API. The declarations and definitions here need to be
@ -276,7 +269,7 @@ static inline int mbedtls_psa_get_ecc_oid_from_id(
* This type name is not part of the Mbed TLS stable API. It may be renamed * This type name is not part of the Mbed TLS stable API. It may be renamed
* or moved without warning. * or moved without warning.
*/ */
typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_size ); typedef int mbedtls_f_rng_t(void *p_rng, unsigned char *output, size_t output_size);
#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
@ -315,9 +308,9 @@ typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_s
* `MBEDTLS_ERR_CTR_DRBG_xxx` or * `MBEDTLS_ERR_CTR_DRBG_xxx` or
* `MBEDTLS_ERR_HMAC_DRBG_xxx` on error. * `MBEDTLS_ERR_HMAC_DRBG_xxx` on error.
*/ */
int mbedtls_psa_get_random( void *p_rng, int mbedtls_psa_get_random(void *p_rng,
unsigned char *output, unsigned char *output,
size_t output_size ); size_t output_size);
/** The random generator state for the PSA subsystem. /** The random generator state for the PSA subsystem.
* *

35
include/mbedtls/ripemd160.h
View File

@ -39,8 +39,7 @@ extern "C" {
/** /**
* \brief RIPEMD-160 context structure * \brief RIPEMD-160 context structure
*/ */
typedef struct mbedtls_ripemd160_context typedef struct mbedtls_ripemd160_context {
{
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */ uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */
uint32_t MBEDTLS_PRIVATE(state)[5]; /*!< intermediate digest state */ uint32_t MBEDTLS_PRIVATE(state)[5]; /*!< intermediate digest state */
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */ unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */
@ -56,14 +55,14 @@ mbedtls_ripemd160_context;
* *
* \param ctx RIPEMD-160 context to be initialized * \param ctx RIPEMD-160 context to be initialized
*/ */
void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx ); void mbedtls_ripemd160_init(mbedtls_ripemd160_context *ctx);
/** /**
* \brief Clear RIPEMD-160 context * \brief Clear RIPEMD-160 context
* *
* \param ctx RIPEMD-160 context to be cleared * \param ctx RIPEMD-160 context to be cleared
*/ */
void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx ); void mbedtls_ripemd160_free(mbedtls_ripemd160_context *ctx);
/** /**
* \brief Clone (the state of) a RIPEMD-160 context * \brief Clone (the state of) a RIPEMD-160 context
@ -71,8 +70,8 @@ void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx );
* \param dst The destination context * \param dst The destination context
* \param src The context to be cloned * \param src The context to be cloned
*/ */
void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, void mbedtls_ripemd160_clone(mbedtls_ripemd160_context *dst,
const mbedtls_ripemd160_context *src ); const mbedtls_ripemd160_context *src);
/** /**
* \brief RIPEMD-160 context setup * \brief RIPEMD-160 context setup
@ -81,7 +80,7 @@ void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx ); int mbedtls_ripemd160_starts(mbedtls_ripemd160_context *ctx);
/** /**
* \brief RIPEMD-160 process buffer * \brief RIPEMD-160 process buffer
@ -92,9 +91,9 @@ int mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx );
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx, int mbedtls_ripemd160_update(mbedtls_ripemd160_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief RIPEMD-160 final digest * \brief RIPEMD-160 final digest
@ -104,8 +103,8 @@ int mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, int mbedtls_ripemd160_finish(mbedtls_ripemd160_context *ctx,
unsigned char output[20] ); unsigned char output[20]);
/** /**
* \brief RIPEMD-160 process data block (internal use only) * \brief RIPEMD-160 process data block (internal use only)
@ -115,8 +114,8 @@ int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx,
const unsigned char data[64] ); const unsigned char data[64]);
/** /**
* \brief Output = RIPEMD-160( input buffer ) * \brief Output = RIPEMD-160( input buffer )
@ -127,9 +126,9 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_ripemd160( const unsigned char *input, int mbedtls_ripemd160(const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char output[20] ); unsigned char output[20]);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -138,7 +137,7 @@ int mbedtls_ripemd160( const unsigned char *input,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int mbedtls_ripemd160_self_test( int verbose ); int mbedtls_ripemd160_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

293
include/mbedtls/rsa.h
View File

@ -88,12 +88,11 @@ extern "C" {
/** /**
* \brief The RSA context structure. * \brief The RSA context structure.
*/ */
typedef struct mbedtls_rsa_context typedef struct mbedtls_rsa_context {
{
int MBEDTLS_PRIVATE(ver); /*!< Reserved for internal purposes. int MBEDTLS_PRIVATE(ver); /*!< Reserved for internal purposes.
* Do not set this field in application * Do not set this field in application
* code. Its meaning might change without * code. Its meaning might change without
* notice. */ * notice. */
size_t MBEDTLS_PRIVATE(len); /*!< The size of \p N in Bytes. */ size_t MBEDTLS_PRIVATE(len); /*!< The size of \p N in Bytes. */
mbedtls_mpi MBEDTLS_PRIVATE(N); /*!< The public modulus. */ mbedtls_mpi MBEDTLS_PRIVATE(N); /*!< The public modulus. */
@ -116,12 +115,12 @@ typedef struct mbedtls_rsa_context
mbedtls_mpi MBEDTLS_PRIVATE(Vf); /*!< The cached un-blinding value. */ mbedtls_mpi MBEDTLS_PRIVATE(Vf); /*!< The cached un-blinding value. */
int MBEDTLS_PRIVATE(padding); /*!< Selects padding mode: int MBEDTLS_PRIVATE(padding); /*!< Selects padding mode:
#MBEDTLS_RSA_PKCS_V15 for 1.5 padding and #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and
#MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */ #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */
int MBEDTLS_PRIVATE(hash_id); /*!< Hash identifier of mbedtls_md_type_t type, int MBEDTLS_PRIVATE(hash_id); /*!< Hash identifier of mbedtls_md_type_t type,
as specified in md.h for use in the MGF as specified in md.h for use in the MGF
mask generating function used in the mask generating function used in the
EME-OAEP and EMSA-PSS encodings. */ EME-OAEP and EMSA-PSS encodings. */
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
/* Invariant: the mutex is initialized iff ver != 0. */ /* Invariant: the mutex is initialized iff ver != 0. */
mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex); /*!< Thread-safety mutex. */ mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex); /*!< Thread-safety mutex. */
@ -143,7 +142,7 @@ mbedtls_rsa_context;
* *
* \param ctx The RSA context to initialize. This must not be \c NULL. * \param ctx The RSA context to initialize. This must not be \c NULL.
*/ */
void mbedtls_rsa_init( mbedtls_rsa_context *ctx ); void mbedtls_rsa_init(mbedtls_rsa_context *ctx);
/** /**
* \brief This function sets padding for an already initialized RSA * \brief This function sets padding for an already initialized RSA
@ -179,8 +178,8 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx );
* \return #MBEDTLS_ERR_RSA_INVALID_PADDING failure: * \return #MBEDTLS_ERR_RSA_INVALID_PADDING failure:
* \p padding or \p hash_id is invalid. * \p padding or \p hash_id is invalid.
*/ */
int mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding,
mbedtls_md_type_t hash_id ); mbedtls_md_type_t hash_id);
/** /**
* \brief This function imports a set of core parameters into an * \brief This function imports a set of core parameters into an
@ -211,10 +210,10 @@ int mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_rsa_import( mbedtls_rsa_context *ctx, int mbedtls_rsa_import(mbedtls_rsa_context *ctx,
const mbedtls_mpi *N, const mbedtls_mpi *N,
const mbedtls_mpi *P, const mbedtls_mpi *Q, const mbedtls_mpi *P, const mbedtls_mpi *Q,
const mbedtls_mpi *D, const mbedtls_mpi *E ); const mbedtls_mpi *D, const mbedtls_mpi *E);
/** /**
* \brief This function imports core RSA parameters, in raw big-endian * \brief This function imports core RSA parameters, in raw big-endian
@ -250,12 +249,12 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
*/ */
int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx,
unsigned char const *N, size_t N_len, unsigned char const *N, size_t N_len,
unsigned char const *P, size_t P_len, unsigned char const *P, size_t P_len,
unsigned char const *Q, size_t Q_len, unsigned char const *Q, size_t Q_len,
unsigned char const *D, size_t D_len, unsigned char const *D, size_t D_len,
unsigned char const *E, size_t E_len ); unsigned char const *E, size_t E_len);
/** /**
* \brief This function completes an RSA context from * \brief This function completes an RSA context from
@ -289,7 +288,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
* failed. * failed.
* *
*/ */
int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ); int mbedtls_rsa_complete(mbedtls_rsa_context *ctx);
/** /**
* \brief This function exports the core parameters of an RSA key. * \brief This function exports the core parameters of an RSA key.
@ -331,9 +330,9 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx );
* \return A non-zero return code on any other failure. * \return A non-zero return code on any other failure.
* *
*/ */
int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, int mbedtls_rsa_export(const mbedtls_rsa_context *ctx,
mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
mbedtls_mpi *D, mbedtls_mpi *E ); mbedtls_mpi *D, mbedtls_mpi *E);
/** /**
* \brief This function exports core parameters of an RSA key * \brief This function exports core parameters of an RSA key
@ -382,12 +381,12 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
* functionality or because of security policies. * functionality or because of security policies.
* \return A non-zero return code on any other failure. * \return A non-zero return code on any other failure.
*/ */
int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx, int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx,
unsigned char *N, size_t N_len, unsigned char *N, size_t N_len,
unsigned char *P, size_t P_len, unsigned char *P, size_t P_len,
unsigned char *Q, size_t Q_len, unsigned char *Q, size_t Q_len,
unsigned char *D, size_t D_len, unsigned char *D, size_t D_len,
unsigned char *E, size_t E_len ); unsigned char *E, size_t E_len);
/** /**
* \brief This function exports CRT parameters of a private RSA key. * \brief This function exports CRT parameters of a private RSA key.
@ -408,8 +407,8 @@ int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
* \return A non-zero error code on failure. * \return A non-zero error code on failure.
* *
*/ */
int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx,
mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP ); mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP);
/** /**
* \brief This function retrieves the length of RSA modulus in Bytes. * \brief This function retrieves the length of RSA modulus in Bytes.
@ -419,7 +418,7 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
* \return The length of the RSA modulus in Bytes. * \return The length of the RSA modulus in Bytes.
* *
*/ */
size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ); size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx);
/** /**
* \brief This function generates an RSA keypair. * \brief This function generates an RSA keypair.
@ -439,10 +438,10 @@ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
unsigned int nbits, int exponent ); unsigned int nbits, int exponent);
/** /**
* \brief This function checks if a context contains at least an RSA * \brief This function checks if a context contains at least an RSA
@ -458,7 +457,7 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
* *
*/ */
int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ); int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx);
/** /**
* \brief This function checks if a context contains an RSA private key * \brief This function checks if a context contains an RSA private key
@ -496,7 +495,7 @@ int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ); int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx);
/** /**
* \brief This function checks a public-private RSA key pair. * \brief This function checks a public-private RSA key pair.
@ -509,8 +508,8 @@ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub,
const mbedtls_rsa_context *prv ); const mbedtls_rsa_context *prv);
/** /**
* \brief This function performs an RSA public key operation. * \brief This function performs an RSA public key operation.
@ -531,9 +530,9 @@ int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_public( mbedtls_rsa_context *ctx, int mbedtls_rsa_public(mbedtls_rsa_context *ctx,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function performs an RSA private key operation. * \brief This function performs an RSA private key operation.
@ -564,11 +563,11 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
* *
*/ */
int mbedtls_rsa_private( mbedtls_rsa_context *ctx, int mbedtls_rsa_private(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function adds the message padding, then performs an RSA * \brief This function adds the message padding, then performs an RSA
@ -593,12 +592,12 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
size_t ilen, size_t ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function performs a PKCS#1 v1.5 encryption operation * \brief This function performs a PKCS#1 v1.5 encryption operation
@ -620,12 +619,12 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
size_t ilen, size_t ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function performs a PKCS#1 v2.1 OAEP encryption * \brief This function performs a PKCS#1 v2.1 OAEP encryption
@ -654,13 +653,13 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
const unsigned char *label, size_t label_len, const unsigned char *label, size_t label_len,
size_t ilen, size_t ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function performs an RSA operation, then removes the * \brief This function performs an RSA operation, then removes the
@ -693,13 +692,13 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
size_t *olen, size_t *olen,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
size_t output_max_len ); size_t output_max_len);
/** /**
* \brief This function performs a PKCS#1 v1.5 decryption * \brief This function performs a PKCS#1 v1.5 decryption
@ -730,13 +729,13 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
* *
*/ */
int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
size_t *olen, size_t *olen,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
size_t output_max_len ); size_t output_max_len);
/** /**
* \brief This function performs a PKCS#1 v2.1 OAEP decryption * \brief This function performs a PKCS#1 v2.1 OAEP decryption
@ -771,14 +770,14 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
const unsigned char *label, size_t label_len, const unsigned char *label, size_t label_len,
size_t *olen, size_t *olen,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
size_t output_max_len ); size_t output_max_len);
/** /**
* \brief This function performs a private RSA operation to sign * \brief This function performs a private RSA operation to sign
@ -814,13 +813,13 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
* \return \c 0 if the signing operation was successful. * \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig);
/** /**
* \brief This function performs a PKCS#1 v1.5 signature * \brief This function performs a PKCS#1 v1.5 signature
@ -846,13 +845,13 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
* \return \c 0 if the signing operation was successful. * \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig);
/** /**
* \brief This function performs a PKCS#1 v2.1 PSS signature * \brief This function performs a PKCS#1 v2.1 PSS signature
@ -897,14 +896,14 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
* \return \c 0 if the signing operation was successful. * \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
int saltlen, int saltlen,
unsigned char *sig ); unsigned char *sig);
/** /**
* \brief This function performs a PKCS#1 v2.1 PSS signature * \brief This function performs a PKCS#1 v2.1 PSS signature
@ -947,13 +946,13 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
* \return \c 0 if the signing operation was successful. * \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig);
/** /**
* \brief This function performs a public RSA operation and checks * \brief This function performs a public RSA operation and checks
@ -981,11 +980,11 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
* \return \c 0 if the verify operation was successful. * \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
const unsigned char *sig ); const unsigned char *sig);
/** /**
* \brief This function performs a PKCS#1 v1.5 verification * \brief This function performs a PKCS#1 v1.5 verification
@ -1006,11 +1005,11 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
* \return \c 0 if the verify operation was successful. * \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
const unsigned char *sig ); const unsigned char *sig);
/** /**
* \brief This function performs a PKCS#1 v2.1 PSS verification * \brief This function performs a PKCS#1 v2.1 PSS verification
@ -1041,11 +1040,11 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
* \return \c 0 if the verify operation was successful. * \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
const unsigned char *sig ); const unsigned char *sig);
/** /**
* \brief This function performs a PKCS#1 v2.1 PSS verification * \brief This function performs a PKCS#1 v2.1 PSS verification
@ -1081,13 +1080,13 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
* \return \c 0 if the verify operation was successful. * \return \c 0 if the verify operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/ */
int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx,
mbedtls_md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
mbedtls_md_type_t mgf1_hash_id, mbedtls_md_type_t mgf1_hash_id,
int expected_salt_len, int expected_salt_len,
const unsigned char *sig ); const unsigned char *sig);
/** /**
* \brief This function copies the components of an RSA context. * \brief This function copies the components of an RSA context.
@ -1098,7 +1097,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure.
*/ */
int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ); int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src);
/** /**
* \brief This function frees the components of an RSA key. * \brief This function frees the components of an RSA key.
@ -1107,7 +1106,7 @@ int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src )
* this function is a no-op. If it is not \c NULL, it must * this function is a no-op. If it is not \c NULL, it must
* point to an initialized RSA context. * point to an initialized RSA context.
*/ */
void mbedtls_rsa_free( mbedtls_rsa_context *ctx ); void mbedtls_rsa_free(mbedtls_rsa_context *ctx);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -1117,7 +1116,7 @@ void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_rsa_self_test( int verbose ); int mbedtls_rsa_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

35
include/mbedtls/sha1.h
View File

@ -54,8 +54,7 @@ extern "C" {
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
typedef struct mbedtls_sha1_context typedef struct mbedtls_sha1_context {
{
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */ uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */
uint32_t MBEDTLS_PRIVATE(state)[5]; /*!< The intermediate digest state. */ uint32_t MBEDTLS_PRIVATE(state)[5]; /*!< The intermediate digest state. */
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */ unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */
@ -77,7 +76,7 @@ mbedtls_sha1_context;
* This must not be \c NULL. * This must not be \c NULL.
* *
*/ */
void mbedtls_sha1_init( mbedtls_sha1_context *ctx ); void mbedtls_sha1_init(mbedtls_sha1_context *ctx);
/** /**
* \brief This function clears a SHA-1 context. * \brief This function clears a SHA-1 context.
@ -92,7 +91,7 @@ void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
* SHA-1 context. * SHA-1 context.
* *
*/ */
void mbedtls_sha1_free( mbedtls_sha1_context *ctx ); void mbedtls_sha1_free(mbedtls_sha1_context *ctx);
/** /**
* \brief This function clones the state of a SHA-1 context. * \brief This function clones the state of a SHA-1 context.
@ -105,8 +104,8 @@ void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
* \param src The SHA-1 context to clone from. This must be initialized. * \param src The SHA-1 context to clone from. This must be initialized.
* *
*/ */
void mbedtls_sha1_clone( mbedtls_sha1_context *dst, void mbedtls_sha1_clone(mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src ); const mbedtls_sha1_context *src);
/** /**
* \brief This function starts a SHA-1 checksum calculation. * \brief This function starts a SHA-1 checksum calculation.
@ -121,7 +120,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
* \return A negative error code on failure. * \return A negative error code on failure.
* *
*/ */
int mbedtls_sha1_starts( mbedtls_sha1_context *ctx ); int mbedtls_sha1_starts(mbedtls_sha1_context *ctx);
/** /**
* \brief This function feeds an input buffer into an ongoing SHA-1 * \brief This function feeds an input buffer into an ongoing SHA-1
@ -140,9 +139,9 @@ int mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha1_update( mbedtls_sha1_context *ctx, int mbedtls_sha1_update(mbedtls_sha1_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief This function finishes the SHA-1 operation, and writes * \brief This function finishes the SHA-1 operation, and writes
@ -160,8 +159,8 @@ int mbedtls_sha1_update( mbedtls_sha1_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, int mbedtls_sha1_finish(mbedtls_sha1_context *ctx,
unsigned char output[20] ); unsigned char output[20]);
/** /**
* \brief SHA-1 process data block (internal use only). * \brief SHA-1 process data block (internal use only).
@ -178,8 +177,8 @@ int mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
* \return A negative error code on failure. * \return A negative error code on failure.
* *
*/ */
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx,
const unsigned char data[64] ); const unsigned char data[64]);
/** /**
* \brief This function calculates the SHA-1 checksum of a buffer. * \brief This function calculates the SHA-1 checksum of a buffer.
@ -204,9 +203,9 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
* \return A negative error code on failure. * \return A negative error code on failure.
* *
*/ */
int mbedtls_sha1( const unsigned char *input, int mbedtls_sha1(const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char output[20] ); unsigned char output[20]);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -221,7 +220,7 @@ int mbedtls_sha1( const unsigned char *input,
* \return \c 1 on failure. * \return \c 1 on failure.
* *
*/ */
int mbedtls_sha1_self_test( int verbose ); int mbedtls_sha1_self_test(int verbose);
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

41
include/mbedtls/sha256.h
View File

@ -49,13 +49,12 @@ extern "C" {
* checksum calculations. The choice between these two is * checksum calculations. The choice between these two is
* made in the call to mbedtls_sha256_starts(). * made in the call to mbedtls_sha256_starts().
*/ */
typedef struct mbedtls_sha256_context typedef struct mbedtls_sha256_context {
{
uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */ uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */
uint32_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */ uint32_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */
unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */ unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */
int MBEDTLS_PRIVATE(is224); /*!< Determines which function to use: int MBEDTLS_PRIVATE(is224); /*!< Determines which function to use:
0: Use SHA-256, or 1: Use SHA-224. */ 0: Use SHA-256, or 1: Use SHA-224. */
} }
mbedtls_sha256_context; mbedtls_sha256_context;
@ -68,7 +67,7 @@ mbedtls_sha256_context;
* *
* \param ctx The SHA-256 context to initialize. This must not be \c NULL. * \param ctx The SHA-256 context to initialize. This must not be \c NULL.
*/ */
void mbedtls_sha256_init( mbedtls_sha256_context *ctx ); void mbedtls_sha256_init(mbedtls_sha256_context *ctx);
/** /**
* \brief This function clears a SHA-256 context. * \brief This function clears a SHA-256 context.
@ -77,7 +76,7 @@ void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
* case this function returns immediately. If it is not \c NULL, * case this function returns immediately. If it is not \c NULL,
* it must point to an initialized SHA-256 context. * it must point to an initialized SHA-256 context.
*/ */
void mbedtls_sha256_free( mbedtls_sha256_context *ctx ); void mbedtls_sha256_free(mbedtls_sha256_context *ctx);
/** /**
* \brief This function clones the state of a SHA-256 context. * \brief This function clones the state of a SHA-256 context.
@ -85,8 +84,8 @@ void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
* \param dst The destination context. This must be initialized. * \param dst The destination context. This must be initialized.
* \param src The context to clone. This must be initialized. * \param src The context to clone. This must be initialized.
*/ */
void mbedtls_sha256_clone( mbedtls_sha256_context *dst, void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src ); const mbedtls_sha256_context *src);
/** /**
* \brief This function starts a SHA-224 or SHA-256 checksum * \brief This function starts a SHA-224 or SHA-256 checksum
@ -103,7 +102,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ); int mbedtls_sha256_starts(mbedtls_sha256_context *ctx, int is224);
/** /**
* \brief This function feeds an input buffer into an ongoing * \brief This function feeds an input buffer into an ongoing
@ -118,9 +117,9 @@ int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 );
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha256_update( mbedtls_sha256_context *ctx, int mbedtls_sha256_update(mbedtls_sha256_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief This function finishes the SHA-256 operation, and writes * \brief This function finishes the SHA-256 operation, and writes
@ -135,8 +134,8 @@ int mbedtls_sha256_update( mbedtls_sha256_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha256_finish( mbedtls_sha256_context *ctx, int mbedtls_sha256_finish(mbedtls_sha256_context *ctx,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function processes a single data block within * \brief This function processes a single data block within
@ -150,8 +149,8 @@ int mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx,
const unsigned char data[64] ); const unsigned char data[64]);
/** /**
* \brief This function calculates the SHA-224 or SHA-256 * \brief This function calculates the SHA-224 or SHA-256
@ -175,10 +174,10 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha256( const unsigned char *input, int mbedtls_sha256(const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char *output, unsigned char *output,
int is224 ); int is224);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -189,7 +188,7 @@ int mbedtls_sha256( const unsigned char *input,
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_sha224_self_test( int verbose ); int mbedtls_sha224_self_test(int verbose);
#endif /* MBEDTLS_SHA224_C */ #endif /* MBEDTLS_SHA224_C */
#if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_SHA256_C)
@ -199,7 +198,7 @@ int mbedtls_sha224_self_test( int verbose );
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_sha256_self_test( int verbose ); int mbedtls_sha256_self_test(int verbose);
#endif /* MBEDTLS_SHA256_C */ #endif /* MBEDTLS_SHA256_C */
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

43
include/mbedtls/sha512.h
View File

@ -48,8 +48,7 @@ extern "C" {
* checksum calculations. The choice between these two is * checksum calculations. The choice between these two is
* made in the call to mbedtls_sha512_starts(). * made in the call to mbedtls_sha512_starts().
*/ */
typedef struct mbedtls_sha512_context typedef struct mbedtls_sha512_context {
{
uint64_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */ uint64_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */
uint64_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */ uint64_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */
unsigned char MBEDTLS_PRIVATE(buffer)[128]; /*!< The data block being processed. */ unsigned char MBEDTLS_PRIVATE(buffer)[128]; /*!< The data block being processed. */
@ -70,7 +69,7 @@ mbedtls_sha512_context;
* \param ctx The SHA-512 context to initialize. This must * \param ctx The SHA-512 context to initialize. This must
* not be \c NULL. * not be \c NULL.
*/ */
void mbedtls_sha512_init( mbedtls_sha512_context *ctx ); void mbedtls_sha512_init(mbedtls_sha512_context *ctx);
/** /**
* \brief This function clears a SHA-512 context. * \brief This function clears a SHA-512 context.
@ -80,7 +79,7 @@ void mbedtls_sha512_init( mbedtls_sha512_context *ctx );
* is not \c NULL, it must point to an initialized * is not \c NULL, it must point to an initialized
* SHA-512 context. * SHA-512 context.
*/ */
void mbedtls_sha512_free( mbedtls_sha512_context *ctx ); void mbedtls_sha512_free(mbedtls_sha512_context *ctx);
/** /**
* \brief This function clones the state of a SHA-512 context. * \brief This function clones the state of a SHA-512 context.
@ -88,8 +87,8 @@ void mbedtls_sha512_free( mbedtls_sha512_context *ctx );
* \param dst The destination context. This must be initialized. * \param dst The destination context. This must be initialized.
* \param src The context to clone. This must be initialized. * \param src The context to clone. This must be initialized.
*/ */
void mbedtls_sha512_clone( mbedtls_sha512_context *dst, void mbedtls_sha512_clone(mbedtls_sha512_context *dst,
const mbedtls_sha512_context *src ); const mbedtls_sha512_context *src);
/** /**
* \brief This function starts a SHA-384 or SHA-512 checksum * \brief This function starts a SHA-384 or SHA-512 checksum
@ -106,7 +105,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ); int mbedtls_sha512_starts(mbedtls_sha512_context *ctx, int is384);
/** /**
* \brief This function feeds an input buffer into an ongoing * \brief This function feeds an input buffer into an ongoing
@ -121,9 +120,9 @@ int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 );
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha512_update( mbedtls_sha512_context *ctx, int mbedtls_sha512_update(mbedtls_sha512_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ); size_t ilen);
/** /**
* \brief This function finishes the SHA-512 operation, and writes * \brief This function finishes the SHA-512 operation, and writes
@ -138,8 +137,8 @@ int mbedtls_sha512_update( mbedtls_sha512_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha512_finish( mbedtls_sha512_context *ctx, int mbedtls_sha512_finish(mbedtls_sha512_context *ctx,
unsigned char *output ); unsigned char *output);
/** /**
* \brief This function processes a single data block within * \brief This function processes a single data block within
@ -153,8 +152,8 @@ int mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx,
const unsigned char data[128] ); const unsigned char data[128]);
/** /**
* \brief This function calculates the SHA-512 or SHA-384 * \brief This function calculates the SHA-512 or SHA-384
@ -185,31 +184,31 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_sha512( const unsigned char *input, int mbedtls_sha512(const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char *output, unsigned char *output,
int is384 ); int is384);
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_SHA384_C)
/** /**
* \brief The SHA-384 checkup routine. * \brief The SHA-384 checkup routine.
* *
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_sha384_self_test( int verbose ); int mbedtls_sha384_self_test(int verbose);
#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_SHA384_C */
#if defined(MBEDTLS_SHA512_C) #if defined(MBEDTLS_SHA512_C)
/** /**
* \brief The SHA-512 checkup routine. * \brief The SHA-512 checkup routine.
* *
* \return \c 0 on success. * \return \c 0 on success.
* \return \c 1 on failure. * \return \c 1 on failure.
*/ */
int mbedtls_sha512_self_test( int verbose ); int mbedtls_sha512_self_test(int verbose);
#endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_SHA512_C */
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

903
include/mbedtls/ssl.h
View File

File diff suppressed because it is too large Load Diff

30
include/mbedtls/ssl_cache.h
View File

@ -59,8 +59,7 @@ typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry;
/** /**
* \brief This structure is used for storing cache entries * \brief This structure is used for storing cache entries
*/ */
struct mbedtls_ssl_cache_entry struct mbedtls_ssl_cache_entry {
{
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
mbedtls_time_t MBEDTLS_PRIVATE(timestamp); /*!< entry timestamp */ mbedtls_time_t MBEDTLS_PRIVATE(timestamp); /*!< entry timestamp */
#endif #endif
@ -77,8 +76,7 @@ struct mbedtls_ssl_cache_entry
/** /**
* \brief Cache context * \brief Cache context
*/ */
struct mbedtls_ssl_cache_context struct mbedtls_ssl_cache_context {
{
mbedtls_ssl_cache_entry *MBEDTLS_PRIVATE(chain); /*!< start of the chain */ mbedtls_ssl_cache_entry *MBEDTLS_PRIVATE(chain); /*!< start of the chain */
int MBEDTLS_PRIVATE(timeout); /*!< cache entry timeout */ int MBEDTLS_PRIVATE(timeout); /*!< cache entry timeout */
int MBEDTLS_PRIVATE(max_entries); /*!< maximum entries */ int MBEDTLS_PRIVATE(max_entries); /*!< maximum entries */
@ -92,7 +90,7 @@ struct mbedtls_ssl_cache_context
* *
* \param cache SSL cache context * \param cache SSL cache context
*/ */
void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ); void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache);
/** /**
* \brief Cache get callback implementation * \brief Cache get callback implementation
@ -105,10 +103,10 @@ void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache );
* \param session The address at which to store the session * \param session The address at which to store the session
* associated with \p session_id, if present. * associated with \p session_id, if present.
*/ */
int mbedtls_ssl_cache_get( void *data, int mbedtls_ssl_cache_get(void *data,
unsigned char const *session_id, unsigned char const *session_id,
size_t session_id_len, size_t session_id_len,
mbedtls_ssl_session *session ); mbedtls_ssl_session *session);
/** /**
* \brief Cache set callback implementation * \brief Cache set callback implementation
@ -120,10 +118,10 @@ int mbedtls_ssl_cache_get( void *data,
* \param session_id_len The length of \p session_id in bytes. * \param session_id_len The length of \p session_id in bytes.
* \param session The session to store. * \param session The session to store.
*/ */
int mbedtls_ssl_cache_set( void *data, int mbedtls_ssl_cache_set(void *data,
unsigned char const *session_id, unsigned char const *session_id,
size_t session_id_len, size_t session_id_len,
const mbedtls_ssl_session *session ); const mbedtls_ssl_session *session);
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
/** /**
@ -135,7 +133,7 @@ int mbedtls_ssl_cache_set( void *data,
* \param cache SSL cache context * \param cache SSL cache context
* \param timeout cache entry timeout in seconds * \param timeout cache entry timeout in seconds
*/ */
void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ); void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout);
#endif /* MBEDTLS_HAVE_TIME */ #endif /* MBEDTLS_HAVE_TIME */
/** /**
@ -145,14 +143,14 @@ void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeou
* \param cache SSL cache context * \param cache SSL cache context
* \param max cache entry maximum * \param max cache entry maximum
*/ */
void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ); void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max);
/** /**
* \brief Free referenced items in a cache context and clear memory * \brief Free referenced items in a cache context and clear memory
* *
* \param cache SSL cache context * \param cache SSL cache context
*/ */
void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ); void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache);
#ifdef __cplusplus #ifdef __cplusplus
} }

100
include/mbedtls/ssl_ciphersuites.h
View File

@ -378,10 +378,9 @@ typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
* in order to pack structure and reduce memory usage by internal * in order to pack structure and reduce memory usage by internal
* \c ciphersuite_definitions[] * \c ciphersuite_definitions[]
*/ */
struct mbedtls_ssl_ciphersuite_t struct mbedtls_ssl_ciphersuite_t {
{
int MBEDTLS_PRIVATE(id); int MBEDTLS_PRIVATE(id);
const char * MBEDTLS_PRIVATE(name); const char *MBEDTLS_PRIVATE(name);
uint8_t MBEDTLS_PRIVATE(cipher); /* mbedtls_cipher_type_t */ uint8_t MBEDTLS_PRIVATE(cipher); /* mbedtls_cipher_type_t */
uint8_t MBEDTLS_PRIVATE(mac); /* mbedtls_md_type_t */ uint8_t MBEDTLS_PRIVATE(mac); /* mbedtls_md_type_t */
@ -392,103 +391,98 @@ struct mbedtls_ssl_ciphersuite_t
uint16_t MBEDTLS_PRIVATE(max_tls_version); /* mbedtls_ssl_protocol_version */ uint16_t MBEDTLS_PRIVATE(max_tls_version); /* mbedtls_ssl_protocol_version */
}; };
const int *mbedtls_ssl_list_ciphersuites( void ); const int *mbedtls_ssl_list_ciphersuites(void);
const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name ); const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(const char *ciphersuite_name);
const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id ); const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite_id);
#if defined(MBEDTLS_PK_C) #if defined(MBEDTLS_PK_C)
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ); mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info);
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg( const mbedtls_ssl_ciphersuite_t *info ); psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info);
psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage( const mbedtls_ssl_ciphersuite_t *info ); psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info);
#endif #endif
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ); mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info);
#endif #endif
int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ); int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info);
int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ); int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info);
static inline const char *mbedtls_ssl_ciphersuite_get_name( const mbedtls_ssl_ciphersuite_t *info ) static inline const char *mbedtls_ssl_ciphersuite_get_name(const mbedtls_ssl_ciphersuite_t *info)
{ {
return info->MBEDTLS_PRIVATE(name); return info->MBEDTLS_PRIVATE(name);
} }
size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen( const mbedtls_ssl_ciphersuite_t *info ); size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen(const mbedtls_ssl_ciphersuite_t *info);
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED)
static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_DHE_PSK: case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
case MBEDTLS_KEY_EXCHANGE_ECJPAKE: case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_PSK: case MBEDTLS_KEY_EXCHANGE_PSK:
case MBEDTLS_KEY_EXCHANGE_RSA_PSK: case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA:
case MBEDTLS_KEY_EXCHANGE_RSA_PSK: case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
@ -496,56 +490,54 @@ static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphe
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED)
static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_DHE_PSK: case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info ) static inline int mbedtls_ssl_ciphersuite_uses_server_signature(
const mbedtls_ssl_ciphersuite_t *info)
{ {
switch( info->MBEDTLS_PRIVATE(key_exchange) ) switch (info->MBEDTLS_PRIVATE(key_exchange)) {
{
case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
return( 1 ); return 1;
default: default:
return( 0 ); return 0;
} }
} }
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */

17
include/mbedtls/ssl_cookie.h
View File

@ -53,8 +53,7 @@ extern "C" {
/** /**
* \brief Context for the default cookie functions. * \brief Context for the default cookie functions.
*/ */
typedef struct mbedtls_ssl_cookie_ctx typedef struct mbedtls_ssl_cookie_ctx {
{
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psa_hmac_key); /*!< key id for the HMAC portion */ mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psa_hmac_key); /*!< key id for the HMAC portion */
psa_algorithm_t MBEDTLS_PRIVATE(psa_hmac_alg); /*!< key algorithm for the HMAC portion */ psa_algorithm_t MBEDTLS_PRIVATE(psa_hmac_alg); /*!< key algorithm for the HMAC portion */
@ -65,7 +64,7 @@ typedef struct mbedtls_ssl_cookie_ctx
unsigned long MBEDTLS_PRIVATE(serial); /*!< serial number for expiration */ unsigned long MBEDTLS_PRIVATE(serial); /*!< serial number for expiration */
#endif #endif
unsigned long MBEDTLS_PRIVATE(timeout); /*!< timeout delay, in seconds if HAVE_TIME, unsigned long MBEDTLS_PRIVATE(timeout); /*!< timeout delay, in seconds if HAVE_TIME,
or in number of tickets issued */ or in number of tickets issued */
#if !defined(MBEDTLS_USE_PSA_CRYPTO) #if !defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
@ -77,14 +76,14 @@ typedef struct mbedtls_ssl_cookie_ctx
/** /**
* \brief Initialize cookie context * \brief Initialize cookie context
*/ */
void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ); void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx);
/** /**
* \brief Setup cookie context (generate keys) * \brief Setup cookie context (generate keys)
*/ */
int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** /**
* \brief Set expiration delay for cookies * \brief Set expiration delay for cookies
@ -95,12 +94,12 @@ int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
* issued in the meantime. * issued in the meantime.
* 0 to disable expiration (NOT recommended) * 0 to disable expiration (NOT recommended)
*/ */
void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ); void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay);
/** /**
* \brief Free cookie context * \brief Free cookie context
*/ */
void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ); void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx);
/** /**
* \brief Generate cookie, see \c mbedtls_ssl_cookie_write_t * \brief Generate cookie, see \c mbedtls_ssl_cookie_write_t

30
include/mbedtls/ssl_ticket.h
View File

@ -56,10 +56,9 @@ extern "C" {
/** /**
* \brief Information for session ticket protection * \brief Information for session ticket protection
*/ */
typedef struct mbedtls_ssl_ticket_key typedef struct mbedtls_ssl_ticket_key {
{
unsigned char MBEDTLS_PRIVATE(name)[MBEDTLS_SSL_TICKET_KEY_NAME_BYTES]; unsigned char MBEDTLS_PRIVATE(name)[MBEDTLS_SSL_TICKET_KEY_NAME_BYTES];
/*!< random key identifier */ /*!< random key identifier */
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
mbedtls_time_t MBEDTLS_PRIVATE(generation_time); /*!< key generation timestamp (seconds) */ mbedtls_time_t MBEDTLS_PRIVATE(generation_time); /*!< key generation timestamp (seconds) */
#endif #endif
@ -77,15 +76,14 @@ mbedtls_ssl_ticket_key;
/** /**
* \brief Context for session ticket handling functions * \brief Context for session ticket handling functions
*/ */
typedef struct mbedtls_ssl_ticket_context typedef struct mbedtls_ssl_ticket_context {
{
mbedtls_ssl_ticket_key MBEDTLS_PRIVATE(keys)[2]; /*!< ticket protection keys */ mbedtls_ssl_ticket_key MBEDTLS_PRIVATE(keys)[2]; /*!< ticket protection keys */
unsigned char MBEDTLS_PRIVATE(active); /*!< index of the currently active key */ unsigned char MBEDTLS_PRIVATE(active); /*!< index of the currently active key */
uint32_t MBEDTLS_PRIVATE(ticket_lifetime); /*!< lifetime of tickets in seconds */ uint32_t MBEDTLS_PRIVATE(ticket_lifetime); /*!< lifetime of tickets in seconds */
/** Callback for getting (pseudo-)random numbers */ /** Callback for getting (pseudo-)random numbers */
int (*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t); int(*MBEDTLS_PRIVATE(f_rng))(void *, unsigned char *, size_t);
void *MBEDTLS_PRIVATE(p_rng); /*!< context for the RNG function */ void *MBEDTLS_PRIVATE(p_rng); /*!< context for the RNG function */
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
@ -101,7 +99,7 @@ mbedtls_ssl_ticket_context;
* *
* \param ctx Context to be initialized * \param ctx Context to be initialized
*/ */
void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ); void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx);
/** /**
* \brief Prepare context to be actually used * \brief Prepare context to be actually used
@ -125,10 +123,10 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx );
* \return 0 if successful, * \return 0 if successful,
* or a specific MBEDTLS_ERR_XXX error code * or a specific MBEDTLS_ERR_XXX error code
*/ */
int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_cipher_type_t cipher, mbedtls_cipher_type_t cipher,
uint32_t lifetime ); uint32_t lifetime);
/** /**
* \brief Rotate session ticket encryption key to new specified key. * \brief Rotate session ticket encryption key to new specified key.
@ -162,10 +160,10 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
* \return 0 if successful, * \return 0 if successful,
* or a specific MBEDTLS_ERR_XXX error code * or a specific MBEDTLS_ERR_XXX error code
*/ */
int mbedtls_ssl_ticket_rotate( mbedtls_ssl_ticket_context *ctx, int mbedtls_ssl_ticket_rotate(mbedtls_ssl_ticket_context *ctx,
const unsigned char *name, size_t nlength, const unsigned char *name, size_t nlength,
const unsigned char *k, size_t klength, const unsigned char *k, size_t klength,
uint32_t lifetime ); uint32_t lifetime);
/** /**
* \brief Implementation of the ticket write callback * \brief Implementation of the ticket write callback
@ -186,7 +184,7 @@ mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
* *
* \param ctx Context to be cleaned up * \param ctx Context to be cleaned up
*/ */
void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx ); void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx);
#ifdef __cplusplus #ifdef __cplusplus
} }

21
include/mbedtls/threading.h
View File

@ -38,8 +38,7 @@ extern "C" {
#if defined(MBEDTLS_THREADING_PTHREAD) #if defined(MBEDTLS_THREADING_PTHREAD)
#include <pthread.h> #include <pthread.h>
typedef struct mbedtls_threading_mutex_t typedef struct mbedtls_threading_mutex_t {
{
pthread_mutex_t MBEDTLS_PRIVATE(mutex); pthread_mutex_t MBEDTLS_PRIVATE(mutex);
/* is_valid is 0 after a failed init or a free, and nonzero after a /* is_valid is 0 after a failed init or a free, and nonzero after a
* successful init. This field is not considered part of the public * successful init. This field is not considered part of the public
@ -70,15 +69,15 @@ typedef struct mbedtls_threading_mutex_t
* \param mutex_lock the lock function implementation * \param mutex_lock the lock function implementation
* \param mutex_unlock the unlock function implementation * \param mutex_unlock the unlock function implementation
*/ */
void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ), void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *),
void (*mutex_free)( mbedtls_threading_mutex_t * ), void (*mutex_free)(mbedtls_threading_mutex_t *),
int (*mutex_lock)( mbedtls_threading_mutex_t * ), int (*mutex_lock)(mbedtls_threading_mutex_t *),
int (*mutex_unlock)( mbedtls_threading_mutex_t * ) ); int (*mutex_unlock)(mbedtls_threading_mutex_t *));
/** /**
* \brief Free global mutexes. * \brief Free global mutexes.
*/ */
void mbedtls_threading_free_alt( void ); void mbedtls_threading_free_alt(void);
#endif /* MBEDTLS_THREADING_ALT */ #endif /* MBEDTLS_THREADING_ALT */
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
@ -87,10 +86,10 @@ void mbedtls_threading_free_alt( void );
* *
* All these functions are expected to work or the result will be undefined. * All these functions are expected to work or the result will be undefined.
*/ */
extern void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t *mutex ); extern void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *mutex);
extern void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t *mutex ); extern void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *mutex);
extern int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t *mutex ); extern int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *mutex);
extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex ); extern int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *mutex);
/* /*
* Global mutexes * Global mutexes

14
include/mbedtls/timing.h
View File

@ -38,16 +38,14 @@ extern "C" {
/** /**
* \brief timer structure * \brief timer structure
*/ */
struct mbedtls_timing_hr_time struct mbedtls_timing_hr_time {
{
unsigned char MBEDTLS_PRIVATE(opaque)[32]; unsigned char MBEDTLS_PRIVATE(opaque)[32];
}; };
/** /**
* \brief Context for mbedtls_timing_set/get_delay() * \brief Context for mbedtls_timing_set/get_delay()
*/ */
typedef struct mbedtls_timing_delay_context typedef struct mbedtls_timing_delay_context {
{
struct mbedtls_timing_hr_time MBEDTLS_PRIVATE(timer); struct mbedtls_timing_hr_time MBEDTLS_PRIVATE(timer);
uint32_t MBEDTLS_PRIVATE(int_ms); uint32_t MBEDTLS_PRIVATE(int_ms);
uint32_t MBEDTLS_PRIVATE(fin_ms); uint32_t MBEDTLS_PRIVATE(fin_ms);
@ -58,7 +56,7 @@ typedef struct mbedtls_timing_delay_context
#endif /* MBEDTLS_TIMING_ALT */ #endif /* MBEDTLS_TIMING_ALT */
/* Internal use */ /* Internal use */
unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ); unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset);
/** /**
* \brief Set a pair of delays to watch * \brief Set a pair of delays to watch
@ -74,7 +72,7 @@ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int
* \note To set a single delay, either use \c mbedtls_timing_set_timer * \note To set a single delay, either use \c mbedtls_timing_set_timer
* directly or use this function with int_ms == fin_ms. * directly or use this function with int_ms == fin_ms.
*/ */
void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ); void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms);
/** /**
* \brief Get the status of delays * \brief Get the status of delays
@ -88,7 +86,7 @@ void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms );
* 1 if only the intermediate delay is passed, * 1 if only the intermediate delay is passed,
* 2 if the final delay is passed. * 2 if the final delay is passed.
*/ */
int mbedtls_timing_get_delay( void *data ); int mbedtls_timing_get_delay(void *data);
/** /**
* \brief Get the final timing delay * \brief Get the final timing delay
@ -99,7 +97,7 @@ int mbedtls_timing_get_delay( void *data );
* \return Final timing delay in milliseconds. * \return Final timing delay in milliseconds.
*/ */
uint32_t mbedtls_timing_get_final_delay( uint32_t mbedtls_timing_get_final_delay(
const mbedtls_timing_delay_context *data ); const mbedtls_timing_delay_context *data);
#ifdef __cplusplus #ifdef __cplusplus
} }

8
include/mbedtls/version.h
View File

@ -41,7 +41,7 @@ extern "C" {
* \return The constructed version number in the format * \return The constructed version number in the format
* MMNNPP00 (Major, Minor, Patch). * MMNNPP00 (Major, Minor, Patch).
*/ */
unsigned int mbedtls_version_get_number( void ); unsigned int mbedtls_version_get_number(void);
/** /**
* Get the version string ("x.y.z"). * Get the version string ("x.y.z").
@ -49,7 +49,7 @@ unsigned int mbedtls_version_get_number( void );
* \param string The string that will receive the value. * \param string The string that will receive the value.
* (Should be at least 9 bytes in size) * (Should be at least 9 bytes in size)
*/ */
void mbedtls_version_get_string( char *string ); void mbedtls_version_get_string(char *string);
/** /**
* Get the full version string ("mbed TLS x.y.z"). * Get the full version string ("mbed TLS x.y.z").
@ -60,7 +60,7 @@ void mbedtls_version_get_string( char *string );
* (So the buffer should be at least 18 bytes to receive this * (So the buffer should be at least 18 bytes to receive this
* version string). * version string).
*/ */
void mbedtls_version_get_string_full( char *string ); void mbedtls_version_get_string_full(char *string);
/** /**
* \brief Check if support for a feature was compiled into this * \brief Check if support for a feature was compiled into this
@ -79,7 +79,7 @@ void mbedtls_version_get_string_full( char *string );
* -2 if support for feature checking as a whole was not * -2 if support for feature checking as a whole was not
* compiled in. * compiled in.
*/ */
int mbedtls_version_check_feature( const char *feature ); int mbedtls_version_check_feature(const char *feature);
#ifdef __cplusplus #ifdef __cplusplus
} }

96
include/mbedtls/x509.h
View File

@ -244,8 +244,7 @@ typedef mbedtls_asn1_named_data mbedtls_x509_name;
typedef mbedtls_asn1_sequence mbedtls_x509_sequence; typedef mbedtls_asn1_sequence mbedtls_x509_sequence;
/** Container for date and time (precision in seconds). */ /** Container for date and time (precision in seconds). */
typedef struct mbedtls_x509_time typedef struct mbedtls_x509_time {
{
int year, mon, day; /**< Date. */ int year, mon, day; /**< Date. */
int hour, min, sec; /**< Time. */ int hour, min, sec; /**< Time. */
} }
@ -264,7 +263,7 @@ mbedtls_x509_time;
* \return The length of the string written (not including the * \return The length of the string written (not including the
* terminated nul byte), or a negative error code. * terminated nul byte), or a negative error code.
*/ */
int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ); int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn);
/** /**
* \brief Return the next relative DN in an X509 name. * \brief Return the next relative DN in an X509 name.
@ -277,12 +276,13 @@ int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn );
* \return Pointer to the first attribute-value pair of the * \return Pointer to the first attribute-value pair of the
* next RDN in sequence, or NULL if end is reached. * next RDN in sequence, or NULL if end is reached.
*/ */
static inline mbedtls_x509_name * mbedtls_x509_dn_get_next( static inline mbedtls_x509_name *mbedtls_x509_dn_get_next(
mbedtls_x509_name * dn ) mbedtls_x509_name *dn)
{ {
while( dn->MBEDTLS_PRIVATE(next_merged) && dn->next != NULL ) while (dn->MBEDTLS_PRIVATE(next_merged) && dn->next != NULL) {
dn = dn->next; dn = dn->next;
return( dn->next ); }
return dn->next;
} }
/** /**
@ -296,7 +296,7 @@ static inline mbedtls_x509_name * mbedtls_x509_dn_get_next(
* \return The length of the string written (not including the * \return The length of the string written (not including the
* terminated nul byte), or a negative error code. * terminated nul byte), or a negative error code.
*/ */
int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ); int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial);
/** /**
* \brief Check a given mbedtls_x509_time against the system time * \brief Check a given mbedtls_x509_time against the system time
@ -310,7 +310,7 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se
* \return 1 if the given time is in the past or an error occurred, * \return 1 if the given time is in the past or an error occurred,
* 0 otherwise. * 0 otherwise.
*/ */
int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ); int mbedtls_x509_time_is_past(const mbedtls_x509_time *to);
/** /**
* \brief Check a given mbedtls_x509_time against the system time * \brief Check a given mbedtls_x509_time against the system time
@ -324,7 +324,7 @@ int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
* \return 1 if the given time is in the future or an error occurred, * \return 1 if the given time is in the future or an error occurred,
* 0 otherwise. * 0 otherwise.
*/ */
int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ); int mbedtls_x509_time_is_future(const mbedtls_x509_time *from);
/** \} addtogroup x509_module */ /** \} addtogroup x509_module */
@ -332,53 +332,53 @@ int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
* Internal module functions. You probably do not want to use these unless you * Internal module functions. You probably do not want to use these unless you
* know you do. * know you do.
*/ */
int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end,
mbedtls_x509_name *cur ); mbedtls_x509_name *cur);
int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *alg ); mbedtls_x509_buf *alg);
int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *alg, mbedtls_x509_buf *params ); mbedtls_x509_buf *alg, mbedtls_x509_buf *params);
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params,
mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
int *salt_len ); int *salt_len);
#endif #endif
int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ); int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig);
int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
void **sig_opts ); void **sig_opts);
int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end,
mbedtls_x509_time *t ); mbedtls_x509_time *t);
int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *serial ); mbedtls_x509_buf *serial);
int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *ext, int tag ); mbedtls_x509_buf *ext, int tag);
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
const void *sig_opts ); const void *sig_opts);
#endif #endif
int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ); int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name);
int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ); int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name);
int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
int critical, const unsigned char *val, int critical, const unsigned char *val,
size_t val_len ); size_t val_len);
int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start, int mbedtls_x509_write_extensions(unsigned char **p, unsigned char *start,
mbedtls_asn1_named_data *first ); mbedtls_asn1_named_data *first);
int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, int mbedtls_x509_write_names(unsigned char **p, unsigned char *start,
mbedtls_asn1_named_data *first ); mbedtls_asn1_named_data *first);
int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start, int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
unsigned char *sig, size_t size ); unsigned char *sig, size_t size);
#define MBEDTLS_X509_SAFE_SNPRINTF \ #define MBEDTLS_X509_SAFE_SNPRINTF \
do { \ do { \
if( ret < 0 || (size_t) ret >= n ) \ if (ret < 0 || (size_t) ret >= n) \
return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); \ return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; \
\ \
n -= (size_t) ret; \ n -= (size_t) ret; \
p += (size_t) ret; \ p += (size_t) ret; \
} while( 0 ) } while (0)
#ifdef __cplusplus #ifdef __cplusplus
} }

22
include/mbedtls/x509_crl.h
View File

@ -48,8 +48,7 @@ extern "C" {
* them except via Mbed TLS library functions: the effect of modifying * them except via Mbed TLS library functions: the effect of modifying
* those fields or the data that those fields points to is unspecified. * those fields or the data that those fields points to is unspecified.
*/ */
typedef struct mbedtls_x509_crl_entry typedef struct mbedtls_x509_crl_entry {
{
/** Direct access to the whole entry inside the containing buffer. */ /** Direct access to the whole entry inside the containing buffer. */
mbedtls_x509_buf raw; mbedtls_x509_buf raw;
/** The serial number of the revoked certificate. */ /** The serial number of the revoked certificate. */
@ -74,8 +73,7 @@ mbedtls_x509_crl_entry;
* Certificate revocation list structure. * Certificate revocation list structure.
* Every CRL may have multiple entries. * Every CRL may have multiple entries.
*/ */
typedef struct mbedtls_x509_crl typedef struct mbedtls_x509_crl {
{
mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ mbedtls_x509_buf raw; /**< The raw certificate data (DER). */
mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
@ -116,8 +114,8 @@ mbedtls_x509_crl;
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain,
const unsigned char *buf, size_t buflen ); const unsigned char *buf, size_t buflen);
/** /**
* \brief Parse one or more CRLs and append them to the chained list * \brief Parse one or more CRLs and append them to the chained list
* *
@ -130,7 +128,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ); int mbedtls_x509_crl_parse(mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -143,7 +141,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
@ -158,8 +156,8 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path );
* \return The length of the string written (not including the * \return The length of the string written (not including the
* terminated nul byte), or a negative error code. * terminated nul byte), or a negative error code.
*/ */
int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, int mbedtls_x509_crl_info(char *buf, size_t size, const char *prefix,
const mbedtls_x509_crl *crl ); const mbedtls_x509_crl *crl);
#endif /* !MBEDTLS_X509_REMOVE_INFO */ #endif /* !MBEDTLS_X509_REMOVE_INFO */
/** /**
@ -167,14 +165,14 @@ int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
* *
* \param crl CRL chain to initialize * \param crl CRL chain to initialize
*/ */
void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ); void mbedtls_x509_crl_init(mbedtls_x509_crl *crl);
/** /**
* \brief Unallocate all CRL data * \brief Unallocate all CRL data
* *
* \param crl CRL chain to free * \param crl CRL chain to free
*/ */
void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ); void mbedtls_x509_crl_free(mbedtls_x509_crl *crl);
/** \} name Structures and functions for parsing CRLs */ /** \} name Structures and functions for parsing CRLs */
/** \} addtogroup x509_module */ /** \} addtogroup x509_module */

361
include/mbedtls/x509_crt.h
View File

@ -51,10 +51,9 @@ extern "C" {
* them except via Mbed TLS library functions: the effect of modifying * them except via Mbed TLS library functions: the effect of modifying
* those fields or the data that those fields points to is unspecified. * those fields or the data that those fields points to is unspecified.
*/ */
typedef struct mbedtls_x509_crt typedef struct mbedtls_x509_crt {
{
int MBEDTLS_PRIVATE(own_buffer); /**< Indicates if \c raw is owned int MBEDTLS_PRIVATE(own_buffer); /**< Indicates if \c raw is owned
* by the structure or not. */ * by the structure or not. */
mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ mbedtls_x509_buf raw; /**< The raw certificate data (DER). */
mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
@ -112,24 +111,21 @@ mbedtls_x509_crt;
* Future versions of the library may add new fields to this structure or * Future versions of the library may add new fields to this structure or
* to its embedded union and structure. * to its embedded union and structure.
*/ */
typedef struct mbedtls_x509_san_other_name typedef struct mbedtls_x509_san_other_name {
{
/** /**
* The type_id is an OID as defined in RFC 5280. * The type_id is an OID as defined in RFC 5280.
* To check the value of the type id, you should use * To check the value of the type id, you should use
* \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf. * \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf.
*/ */
mbedtls_x509_buf type_id; /**< The type id. */ mbedtls_x509_buf type_id; /**< The type id. */
union union {
{
/** /**
* From RFC 4108 section 5: * From RFC 4108 section 5:
* HardwareModuleName ::= SEQUENCE { * HardwareModuleName ::= SEQUENCE {
* hwType OBJECT IDENTIFIER, * hwType OBJECT IDENTIFIER,
* hwSerialNum OCTET STRING } * hwSerialNum OCTET STRING }
*/ */
struct struct {
{
mbedtls_x509_buf oid; /**< The object identifier. */ mbedtls_x509_buf oid; /**< The object identifier. */
mbedtls_x509_buf val; /**< The named value. */ mbedtls_x509_buf val; /**< The named value. */
} }
@ -146,8 +142,7 @@ mbedtls_x509_san_other_name;
* Future versions of the library may add new fields to this structure or * Future versions of the library may add new fields to this structure or
* to its embedded union and structure. * to its embedded union and structure.
*/ */
typedef struct mbedtls_x509_subject_alternative_name typedef struct mbedtls_x509_subject_alternative_name {
{
int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */ int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */
union { union {
mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */ mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */
@ -161,7 +156,7 @@ mbedtls_x509_subject_alternative_name;
* Build flag from an algorithm/curve identifier (pk, md, ecp) * Build flag from an algorithm/curve identifier (pk, md, ecp)
* Since 0 is always XXX_NONE, ignore it. * Since 0 is always XXX_NONE, ignore it.
*/ */
#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( (id) - 1 ) ) #define MBEDTLS_X509_ID_FLAG(id) (1 << ((id) - 1))
/** /**
* Security profile for certificate verification. * Security profile for certificate verification.
@ -188,8 +183,7 @@ mbedtls_x509_subject_alternative_name;
* my_profile.allowed_pks = MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA ); * my_profile.allowed_pks = MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA );
* my_profile.rsa_min_bitlen = 3072; * my_profile.rsa_min_bitlen = 3072;
*/ */
typedef struct mbedtls_x509_crt_profile typedef struct mbedtls_x509_crt_profile {
{
uint32_t allowed_mds; /**< MDs for signatures */ uint32_t allowed_mds; /**< MDs for signatures */
uint32_t allowed_pks; /**< PK algs for public keys; uint32_t allowed_pks; /**< PK algs for public keys;
* this applies to all certificates * this applies to all certificates
@ -206,7 +200,7 @@ mbedtls_x509_crt_profile;
#define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32 #define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32
#define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15 #define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15
#if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN ) #if !defined(MBEDTLS_X509_MAX_FILE_PATH_LEN)
#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 #define MBEDTLS_X509_MAX_FILE_PATH_LEN 512
#endif #endif
@ -217,72 +211,71 @@ mbedtls_x509_crt_profile;
* where X509_CRT_ERROR_INFO is defined by the user. * where X509_CRT_ERROR_INFO is defined by the user.
* See x509_crt.c for an example of how to use this. */ * See x509_crt.c for an example of how to use this. */
#define MBEDTLS_X509_CRT_ERROR_INFO_LIST \ #define MBEDTLS_X509_CRT_ERROR_INFO_LIST \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_EXPIRED, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_EXPIRED, \
"MBEDTLS_X509_BADCERT_EXPIRED", \ "MBEDTLS_X509_BADCERT_EXPIRED", \
"The certificate validity has expired" ) \ "The certificate validity has expired") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_REVOKED, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_REVOKED, \
"MBEDTLS_X509_BADCERT_REVOKED", \ "MBEDTLS_X509_BADCERT_REVOKED", \
"The certificate has been revoked (is on a CRL)" ) \ "The certificate has been revoked (is on a CRL)") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_CN_MISMATCH, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_CN_MISMATCH, \
"MBEDTLS_X509_BADCERT_CN_MISMATCH", \ "MBEDTLS_X509_BADCERT_CN_MISMATCH", \
"The certificate Common Name (CN) does not match with the expected CN" ) \ "The certificate Common Name (CN) does not match with the expected CN") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_NOT_TRUSTED, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_NOT_TRUSTED, \
"MBEDTLS_X509_BADCERT_NOT_TRUSTED", \ "MBEDTLS_X509_BADCERT_NOT_TRUSTED", \
"The certificate is not correctly signed by the trusted CA" ) \ "The certificate is not correctly signed by the trusted CA") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_NOT_TRUSTED, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_NOT_TRUSTED, \
"MBEDTLS_X509_BADCRL_NOT_TRUSTED", \ "MBEDTLS_X509_BADCRL_NOT_TRUSTED", \
"The CRL is not correctly signed by the trusted CA" ) \ "The CRL is not correctly signed by the trusted CA") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_EXPIRED, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_EXPIRED, \
"MBEDTLS_X509_BADCRL_EXPIRED", \ "MBEDTLS_X509_BADCRL_EXPIRED", \
"The CRL is expired" ) \ "The CRL is expired") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_MISSING, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_MISSING, \
"MBEDTLS_X509_BADCERT_MISSING", \ "MBEDTLS_X509_BADCERT_MISSING", \
"Certificate was missing" ) \ "Certificate was missing") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_SKIP_VERIFY, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_SKIP_VERIFY, \
"MBEDTLS_X509_BADCERT_SKIP_VERIFY", \ "MBEDTLS_X509_BADCERT_SKIP_VERIFY", \
"Certificate verification was skipped" ) \ "Certificate verification was skipped") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_OTHER, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_OTHER, \
"MBEDTLS_X509_BADCERT_OTHER", \ "MBEDTLS_X509_BADCERT_OTHER", \
"Other reason (can be used by verify callback)" ) \ "Other reason (can be used by verify callback)") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_FUTURE, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_FUTURE, \
"MBEDTLS_X509_BADCERT_FUTURE", \ "MBEDTLS_X509_BADCERT_FUTURE", \
"The certificate validity starts in the future" ) \ "The certificate validity starts in the future") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_FUTURE, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_FUTURE, \
"MBEDTLS_X509_BADCRL_FUTURE", \ "MBEDTLS_X509_BADCRL_FUTURE", \
"The CRL is from the future" ) \ "The CRL is from the future") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_KEY_USAGE, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_KEY_USAGE, \
"MBEDTLS_X509_BADCERT_KEY_USAGE", \ "MBEDTLS_X509_BADCERT_KEY_USAGE", \
"Usage does not match the keyUsage extension" ) \ "Usage does not match the keyUsage extension") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, \
"MBEDTLS_X509_BADCERT_EXT_KEY_USAGE", \ "MBEDTLS_X509_BADCERT_EXT_KEY_USAGE", \
"Usage does not match the extendedKeyUsage extension" ) \ "Usage does not match the extendedKeyUsage extension") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_NS_CERT_TYPE, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_NS_CERT_TYPE, \
"MBEDTLS_X509_BADCERT_NS_CERT_TYPE", \ "MBEDTLS_X509_BADCERT_NS_CERT_TYPE", \
"Usage does not match the nsCertType extension" ) \ "Usage does not match the nsCertType extension") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_MD, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_BAD_MD, \
"MBEDTLS_X509_BADCERT_BAD_MD", \ "MBEDTLS_X509_BADCERT_BAD_MD", \
"The certificate is signed with an unacceptable hash." ) \ "The certificate is signed with an unacceptable hash.") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_PK, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_BAD_PK, \
"MBEDTLS_X509_BADCERT_BAD_PK", \ "MBEDTLS_X509_BADCERT_BAD_PK", \
"The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." ) \ "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA).") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCERT_BAD_KEY, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCERT_BAD_KEY, \
"MBEDTLS_X509_BADCERT_BAD_KEY", \ "MBEDTLS_X509_BADCERT_BAD_KEY", \
"The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." ) \ "The certificate is signed with an unacceptable key (eg bad curve, RSA too short).") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_MD, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_BAD_MD, \
"MBEDTLS_X509_BADCRL_BAD_MD", \ "MBEDTLS_X509_BADCRL_BAD_MD", \
"The CRL is signed with an unacceptable hash." ) \ "The CRL is signed with an unacceptable hash.") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_PK, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_BAD_PK, \
"MBEDTLS_X509_BADCRL_BAD_PK", \ "MBEDTLS_X509_BADCRL_BAD_PK", \
"The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." ) \ "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA).") \
X509_CRT_ERROR_INFO( MBEDTLS_X509_BADCRL_BAD_KEY, \ X509_CRT_ERROR_INFO(MBEDTLS_X509_BADCRL_BAD_KEY, \
"MBEDTLS_X509_BADCRL_BAD_KEY", \ "MBEDTLS_X509_BADCRL_BAD_KEY", \
"The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." ) "The CRL is signed with an unacceptable key (eg bad curve, RSA too short).")
/** /**
* Container for writing a certificate (CRT) * Container for writing a certificate (CRT)
*/ */
typedef struct mbedtls_x509write_cert typedef struct mbedtls_x509write_cert {
{
int MBEDTLS_PRIVATE(version); int MBEDTLS_PRIVATE(version);
mbedtls_mpi MBEDTLS_PRIVATE(serial); mbedtls_mpi MBEDTLS_PRIVATE(serial);
mbedtls_pk_context *MBEDTLS_PRIVATE(subject_key); mbedtls_pk_context *MBEDTLS_PRIVATE(subject_key);
@ -307,13 +300,12 @@ typedef struct {
/** /**
* Max size of verification chain: end-entity + intermediates + trusted root * Max size of verification chain: end-entity + intermediates + trusted root
*/ */
#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) #define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE (MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2)
/** /**
* Verification chain as built by \c mbedtls_crt_verify_chain() * Verification chain as built by \c mbedtls_crt_verify_chain()
*/ */
typedef struct typedef struct {
{
mbedtls_x509_crt_verify_chain_item MBEDTLS_PRIVATE(items)[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE]; mbedtls_x509_crt_verify_chain_item MBEDTLS_PRIVATE(items)[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE];
unsigned MBEDTLS_PRIVATE(len); unsigned MBEDTLS_PRIVATE(len);
@ -331,8 +323,7 @@ typedef struct
/** /**
* \brief Context for resuming X.509 verify operations * \brief Context for resuming X.509 verify operations
*/ */
typedef struct typedef struct {
{
/* for check_signature() */ /* for check_signature() */
mbedtls_pk_restart_ctx MBEDTLS_PRIVATE(pk); mbedtls_pk_restart_ctx MBEDTLS_PRIVATE(pk);
@ -415,9 +406,9 @@ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_none;
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, int mbedtls_x509_crt_parse_der(mbedtls_x509_crt *chain,
const unsigned char *buf, const unsigned char *buf,
size_t buflen ); size_t buflen);
/** /**
* \brief The type of certificate extension callbacks. * \brief The type of certificate extension callbacks.
@ -449,12 +440,12 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain,
* \return \c 0 on success. * \return \c 0 on success.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx, typedef int (*mbedtls_x509_crt_ext_cb_t)(void *p_ctx,
mbedtls_x509_crt const *crt, mbedtls_x509_crt const *crt,
mbedtls_x509_buf const *oid, mbedtls_x509_buf const *oid,
int critical, int critical,
const unsigned char *p, const unsigned char *p,
const unsigned char *end ); const unsigned char *end);
/** /**
* \brief Parse a single DER formatted certificate and add it * \brief Parse a single DER formatted certificate and add it
@ -496,12 +487,12 @@ typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain, int mbedtls_x509_crt_parse_der_with_ext_cb(mbedtls_x509_crt *chain,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
int make_copy, int make_copy,
mbedtls_x509_crt_ext_cb_t cb, mbedtls_x509_crt_ext_cb_t cb,
void *p_ctx ); void *p_ctx);
/** /**
* \brief Parse a single DER formatted certificate and add it * \brief Parse a single DER formatted certificate and add it
@ -530,9 +521,9 @@ int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, int mbedtls_x509_crt_parse_der_nocopy(mbedtls_x509_crt *chain,
const unsigned char *buf, const unsigned char *buf,
size_t buflen ); size_t buflen);
/** /**
* \brief Parse one DER-encoded or one or more concatenated PEM-encoded * \brief Parse one DER-encoded or one or more concatenated PEM-encoded
@ -564,7 +555,7 @@ int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain,
* \return A negative X509 or PEM error code otherwise. * \return A negative X509 or PEM error code otherwise.
* *
*/ */
int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ); int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -580,7 +571,7 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, s
* \return 0 if all certificates parsed successfully, a positive number * \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code * if partly successful or a specific X509 or PEM error code
*/ */
int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ); int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path);
/** /**
* \brief Load one or more certificate files from a path and add them * \brief Load one or more certificate files from a path and add them
@ -595,7 +586,7 @@ int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path );
* \return 0 if all certificates parsed successfully, a positive number * \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code * if partly successful or a specific X509 or PEM error code
*/ */
int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
/** /**
@ -625,8 +616,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
* SAN type. * SAN type.
* \return Another negative value for any other failure. * \return Another negative value for any other failure.
*/ */
int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf,
mbedtls_x509_subject_alternative_name *san ); mbedtls_x509_subject_alternative_name *san);
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
/** /**
@ -641,8 +632,8 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf,
* \return The length of the string written (not including the * \return The length of the string written (not including the
* terminated nul byte), or a negative error code. * terminated nul byte), or a negative error code.
*/ */
int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix,
const mbedtls_x509_crt *crt ); const mbedtls_x509_crt *crt);
/** /**
* \brief Returns an informational string about the * \brief Returns an informational string about the
@ -656,8 +647,8 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
* \return The length of the string written (not including the * \return The length of the string written (not including the
* terminated nul byte), or a negative error code. * terminated nul byte), or a negative error code.
*/ */
int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, int mbedtls_x509_crt_verify_info(char *buf, size_t size, const char *prefix,
uint32_t flags ); uint32_t flags);
#endif /* !MBEDTLS_X509_REMOVE_INFO */ #endif /* !MBEDTLS_X509_REMOVE_INFO */
/** /**
@ -726,12 +717,12 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
* \return Another negative error code in case of a fatal error * \return Another negative error code in case of a fatal error
* encountered during the verification process. * encountered during the verification process.
*/ */
int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt,
mbedtls_x509_crt *trust_ca, mbedtls_x509_crt *trust_ca,
mbedtls_x509_crl *ca_crl, mbedtls_x509_crl *ca_crl,
const char *cn, uint32_t *flags, const char *cn, uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy ); void *p_vrfy);
/** /**
* \brief Verify a chain of certificates with respect to * \brief Verify a chain of certificates with respect to
@ -767,13 +758,13 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
* \return Another negative error code in case of a fatal error * \return Another negative error code in case of a fatal error
* encountered during the verification process. * encountered during the verification process.
*/ */
int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, int mbedtls_x509_crt_verify_with_profile(mbedtls_x509_crt *crt,
mbedtls_x509_crt *trust_ca, mbedtls_x509_crt *trust_ca,
mbedtls_x509_crl *ca_crl, mbedtls_x509_crl *ca_crl,
const mbedtls_x509_crt_profile *profile, const mbedtls_x509_crt_profile *profile,
const char *cn, uint32_t *flags, const char *cn, uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy ); void *p_vrfy);
/** /**
* \brief Restartable version of \c mbedtls_crt_verify_with_profile() * \brief Restartable version of \c mbedtls_crt_verify_with_profile()
@ -801,14 +792,14 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
* \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
* operations was reached: see \c mbedtls_ecp_set_max_ops(). * operations was reached: see \c mbedtls_ecp_set_max_ops().
*/ */
int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt,
mbedtls_x509_crt *trust_ca, mbedtls_x509_crt *trust_ca,
mbedtls_x509_crl *ca_crl, mbedtls_x509_crl *ca_crl,
const mbedtls_x509_crt_profile *profile, const mbedtls_x509_crt_profile *profile,
const char *cn, uint32_t *flags, const char *cn, uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy, void *p_vrfy,
mbedtls_x509_crt_restart_ctx *rs_ctx ); mbedtls_x509_crt_restart_ctx *rs_ctx);
/** /**
* \brief The type of trusted certificate callbacks. * \brief The type of trusted certificate callbacks.
@ -840,9 +831,9 @@ int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
* to the caller. * to the caller.
* \return A negative error code on failure. * \return A negative error code on failure.
*/ */
typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx, typedef int (*mbedtls_x509_crt_ca_cb_t)(void *p_ctx,
mbedtls_x509_crt const *child, mbedtls_x509_crt const *child,
mbedtls_x509_crt **candidate_cas ); mbedtls_x509_crt **candidate_cas);
#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
/** /**
@ -867,13 +858,13 @@ typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx,
* *
* \return See \c mbedtls_crt_verify_with_profile(). * \return See \c mbedtls_crt_verify_with_profile().
*/ */
int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, int mbedtls_x509_crt_verify_with_ca_cb(mbedtls_x509_crt *crt,
mbedtls_x509_crt_ca_cb_t f_ca_cb, mbedtls_x509_crt_ca_cb_t f_ca_cb,
void *p_ca_cb, void *p_ca_cb,
const mbedtls_x509_crt_profile *profile, const mbedtls_x509_crt_profile *profile,
const char *cn, uint32_t *flags, const char *cn, uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy ); void *p_vrfy);
#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
@ -898,8 +889,8 @@ int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt,
* (intermediate) CAs the keyUsage extension is automatically * (intermediate) CAs the keyUsage extension is automatically
* checked by \c mbedtls_x509_crt_verify(). * checked by \c mbedtls_x509_crt_verify().
*/ */
int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, int mbedtls_x509_crt_check_key_usage(const mbedtls_x509_crt *crt,
unsigned int usage ); unsigned int usage);
/** /**
* \brief Check usage of certificate against extendedKeyUsage. * \brief Check usage of certificate against extendedKeyUsage.
@ -914,9 +905,9 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
* *
* \note Usually only makes sense on leaf certificates. * \note Usually only makes sense on leaf certificates.
*/ */
int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, int mbedtls_x509_crt_check_extended_key_usage(const mbedtls_x509_crt *crt,
const char *usage_oid, const char *usage_oid,
size_t usage_len ); size_t usage_len);
#if defined(MBEDTLS_X509_CRL_PARSE_C) #if defined(MBEDTLS_X509_CRL_PARSE_C)
/** /**
@ -928,7 +919,7 @@ int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
* \return 1 if the certificate is revoked, 0 otherwise * \return 1 if the certificate is revoked, 0 otherwise
* *
*/ */
int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ); int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl);
#endif /* MBEDTLS_X509_CRL_PARSE_C */ #endif /* MBEDTLS_X509_CRL_PARSE_C */
/** /**
@ -936,25 +927,25 @@ int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509
* *
* \param crt Certificate chain to initialize * \param crt Certificate chain to initialize
*/ */
void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ); void mbedtls_x509_crt_init(mbedtls_x509_crt *crt);
/** /**
* \brief Unallocate all certificate data * \brief Unallocate all certificate data
* *
* \param crt Certificate chain to free * \param crt Certificate chain to free
*/ */
void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ); void mbedtls_x509_crt_free(mbedtls_x509_crt *crt);
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
/** /**
* \brief Initialize a restart context * \brief Initialize a restart context
*/ */
void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ); void mbedtls_x509_crt_restart_init(mbedtls_x509_crt_restart_ctx *ctx);
/** /**
* \brief Free the components of a restart context * \brief Free the components of a restart context
*/ */
void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ); void mbedtls_x509_crt_restart_free(mbedtls_x509_crt_restart_ctx *ctx);
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
#endif /* MBEDTLS_X509_CRT_PARSE_C */ #endif /* MBEDTLS_X509_CRT_PARSE_C */
@ -969,8 +960,8 @@ void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx );
* \return 0 if the given extension type is not present, * \return 0 if the given extension type is not present,
* non-zero otherwise * non-zero otherwise
*/ */
static inline int mbedtls_x509_crt_has_ext_type( const mbedtls_x509_crt *ctx, static inline int mbedtls_x509_crt_has_ext_type(const mbedtls_x509_crt *ctx,
int ext_type ) int ext_type)
{ {
return ctx->MBEDTLS_PRIVATE(ext_types) & ext_type; return ctx->MBEDTLS_PRIVATE(ext_types) & ext_type;
} }
@ -983,7 +974,7 @@ static inline int mbedtls_x509_crt_has_ext_type( const mbedtls_x509_crt *ctx,
* *
* \param ctx CRT context to initialize * \param ctx CRT context to initialize
*/ */
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ); void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx);
/** /**
* \brief Set the version for a Certificate * \brief Set the version for a Certificate
@ -993,7 +984,7 @@ void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx );
* \param version version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or * \param version version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or
* MBEDTLS_X509_CRT_VERSION_3) * MBEDTLS_X509_CRT_VERSION_3)
*/ */
void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version ); void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx, int version);
/** /**
* \brief Set the serial number for a Certificate. * \brief Set the serial number for a Certificate.
@ -1003,7 +994,7 @@ void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version
* *
* \return 0 if successful * \return 0 if successful
*/ */
int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial ); int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial);
/** /**
* \brief Set the validity period for a Certificate * \brief Set the validity period for a Certificate
@ -1019,8 +1010,8 @@ int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls
* \return 0 if timestamp was parsed successfully, or * \return 0 if timestamp was parsed successfully, or
* a specific error code * a specific error code
*/ */
int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before, int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, const char *not_before,
const char *not_after ); const char *not_after);
/** /**
* \brief Set the issuer name for a Certificate * \brief Set the issuer name for a Certificate
@ -1034,8 +1025,8 @@ int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char
* \return 0 if issuer name was parsed successfully, or * \return 0 if issuer name was parsed successfully, or
* a specific error code * a specific error code
*/ */
int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx,
const char *issuer_name ); const char *issuer_name);
/** /**
* \brief Set the subject name for a Certificate * \brief Set the subject name for a Certificate
@ -1049,8 +1040,8 @@ int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
* \return 0 if subject name was parsed successfully, or * \return 0 if subject name was parsed successfully, or
* a specific error code * a specific error code
*/ */
int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_subject_name(mbedtls_x509write_cert *ctx,
const char *subject_name ); const char *subject_name);
/** /**
* \brief Set the subject public key for the certificate * \brief Set the subject public key for the certificate
@ -1058,7 +1049,7 @@ int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
* \param ctx CRT context to use * \param ctx CRT context to use
* \param key public key to include * \param key public key to include
*/ */
void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); void mbedtls_x509write_crt_set_subject_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key);
/** /**
* \brief Set the issuer key used for signing the certificate * \brief Set the issuer key used for signing the certificate
@ -1066,7 +1057,7 @@ void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls
* \param ctx CRT context to use * \param ctx CRT context to use
* \param key private key to sign with * \param key private key to sign with
*/ */
void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); void mbedtls_x509write_crt_set_issuer_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key);
/** /**
* \brief Set the MD algorithm to use for the signature * \brief Set the MD algorithm to use for the signature
@ -1075,7 +1066,7 @@ void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_
* \param ctx CRT context to use * \param ctx CRT context to use
* \param md_alg MD algorithm to use * \param md_alg MD algorithm to use
*/ */
void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg ); void mbedtls_x509write_crt_set_md_alg(mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg);
/** /**
* \brief Generic function to add to or replace an extension in the * \brief Generic function to add to or replace an extension in the
@ -1090,10 +1081,10 @@ void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_t
* *
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
int critical, int critical,
const unsigned char *val, size_t val_len ); const unsigned char *val, size_t val_len);
/** /**
* \brief Set the basicConstraints extension for a CRT * \brief Set the basicConstraints extension for a CRT
@ -1106,8 +1097,8 @@ int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
* *
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx,
int is_ca, int max_pathlen ); int is_ca, int max_pathlen);
#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA) #if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA)
/** /**
@ -1119,7 +1110,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
* *
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ); int mbedtls_x509write_crt_set_subject_key_identifier(mbedtls_x509write_cert *ctx);
/** /**
* \brief Set the authorityKeyIdentifier extension for a CRT * \brief Set the authorityKeyIdentifier extension for a CRT
@ -1130,7 +1121,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct
* *
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ); int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *ctx);
#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */ #endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */
/** /**
@ -1142,8 +1133,8 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *
* *
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx,
unsigned int key_usage ); unsigned int key_usage);
/** /**
* \brief Set the Extended Key Usage Extension * \brief Set the Extended Key Usage Extension
@ -1155,8 +1146,8 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
* *
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_ext_key_usage( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_ext_key_usage(mbedtls_x509write_cert *ctx,
const mbedtls_asn1_sequence *exts ); const mbedtls_asn1_sequence *exts);
/** /**
* \brief Set the Netscape Cert Type flags * \brief Set the Netscape Cert Type flags
@ -1167,15 +1158,15 @@ int mbedtls_x509write_crt_set_ext_key_usage( mbedtls_x509write_cert *ctx,
* *
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_ns_cert_type(mbedtls_x509write_cert *ctx,
unsigned char ns_cert_type ); unsigned char ns_cert_type);
/** /**
* \brief Free the contents of a CRT write context * \brief Free the contents of a CRT write context
* *
* \param ctx CRT context to free * \param ctx CRT context to free
*/ */
void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ); void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx);
/** /**
* \brief Write a built up certificate to a X509 DER structure * \brief Write a built up certificate to a X509 DER structure
@ -1194,9 +1185,9 @@ void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx );
* *
* \note \p f_rng is used for the signature operation. * \note \p f_rng is used for the signature operation.
*/ */
int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#if defined(MBEDTLS_PEM_WRITE_C) #if defined(MBEDTLS_PEM_WRITE_C)
/** /**
@ -1212,9 +1203,9 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf,
* *
* \note \p f_rng is used for the signature operation. * \note \p f_rng is used for the signature operation.
*/ */
int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_X509_CRT_WRITE_C */ #endif /* MBEDTLS_X509_CRT_WRITE_C */

60
include/mbedtls/x509_csr.h
View File

@ -47,8 +47,7 @@ extern "C" {
* them except via Mbed TLS library functions: the effect of modifying * them except via Mbed TLS library functions: the effect of modifying
* those fields or the data that those fields point to is unspecified. * those fields or the data that those fields point to is unspecified.
*/ */
typedef struct mbedtls_x509_csr typedef struct mbedtls_x509_csr {
{
mbedtls_x509_buf raw; /**< The raw CSR data (DER). */ mbedtls_x509_buf raw; /**< The raw CSR data (DER). */
mbedtls_x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */ mbedtls_x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */
@ -70,8 +69,7 @@ mbedtls_x509_csr;
/** /**
* Container for writing a CSR * Container for writing a CSR
*/ */
typedef struct mbedtls_x509write_csr typedef struct mbedtls_x509write_csr {
{
mbedtls_pk_context *MBEDTLS_PRIVATE(key); mbedtls_pk_context *MBEDTLS_PRIVATE(key);
mbedtls_asn1_named_data *MBEDTLS_PRIVATE(subject); mbedtls_asn1_named_data *MBEDTLS_PRIVATE(subject);
mbedtls_md_type_t MBEDTLS_PRIVATE(md_alg); mbedtls_md_type_t MBEDTLS_PRIVATE(md_alg);
@ -91,8 +89,8 @@ mbedtls_x509write_csr;
* *
* \return 0 if successful, or a specific X509 error code * \return 0 if successful, or a specific X509 error code
*/ */
int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr,
const unsigned char *buf, size_t buflen ); const unsigned char *buf, size_t buflen);
/** /**
* \brief Load a Certificate Signing Request (CSR), DER or PEM format * \brief Load a Certificate Signing Request (CSR), DER or PEM format
@ -106,7 +104,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ); int mbedtls_x509_csr_parse(mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen);
#if defined(MBEDTLS_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
@ -119,7 +117,7 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); int mbedtls_x509_csr_parse_file(mbedtls_x509_csr *csr, const char *path);
#endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if !defined(MBEDTLS_X509_REMOVE_INFO) #if !defined(MBEDTLS_X509_REMOVE_INFO)
@ -135,8 +133,8 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path );
* \return The length of the string written (not including the * \return The length of the string written (not including the
* terminated nul byte), or a negative error code. * terminated nul byte), or a negative error code.
*/ */
int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, int mbedtls_x509_csr_info(char *buf, size_t size, const char *prefix,
const mbedtls_x509_csr *csr ); const mbedtls_x509_csr *csr);
#endif /* !MBEDTLS_X509_REMOVE_INFO */ #endif /* !MBEDTLS_X509_REMOVE_INFO */
/** /**
@ -144,14 +142,14 @@ int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
* *
* \param csr CSR to initialize * \param csr CSR to initialize
*/ */
void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ); void mbedtls_x509_csr_init(mbedtls_x509_csr *csr);
/** /**
* \brief Unallocate all CSR data * \brief Unallocate all CSR data
* *
* \param csr CSR to free * \param csr CSR to free
*/ */
void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ); void mbedtls_x509_csr_free(mbedtls_x509_csr *csr);
#endif /* MBEDTLS_X509_CSR_PARSE_C */ #endif /* MBEDTLS_X509_CSR_PARSE_C */
/** \} name Structures and functions for X.509 Certificate Signing Requests (CSR) */ /** \} name Structures and functions for X.509 Certificate Signing Requests (CSR) */
@ -162,7 +160,7 @@ void mbedtls_x509_csr_free( mbedtls_x509_csr *csr );
* *
* \param ctx CSR context to initialize * \param ctx CSR context to initialize
*/ */
void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ); void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx);
/** /**
* \brief Set the subject name for a CSR * \brief Set the subject name for a CSR
@ -176,8 +174,8 @@ void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx );
* \return 0 if subject name was parsed successfully, or * \return 0 if subject name was parsed successfully, or
* a specific error code * a specific error code
*/ */
int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, int mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr *ctx,
const char *subject_name ); const char *subject_name);
/** /**
* \brief Set the key for a CSR (public key will be included, * \brief Set the key for a CSR (public key will be included,
@ -186,7 +184,7 @@ int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
* \param ctx CSR context to use * \param ctx CSR context to use
* \param key Asymmetric key to include * \param key Asymmetric key to include
*/ */
void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ); void mbedtls_x509write_csr_set_key(mbedtls_x509write_csr *ctx, mbedtls_pk_context *key);
/** /**
* \brief Set the MD algorithm to use for the signature * \brief Set the MD algorithm to use for the signature
@ -195,7 +193,7 @@ void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_conte
* \param ctx CSR context to use * \param ctx CSR context to use
* \param md_alg MD algorithm to use * \param md_alg MD algorithm to use
*/ */
void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ); void mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg);
/** /**
* \brief Set the Key Usage Extension flags * \brief Set the Key Usage Extension flags
@ -214,7 +212,7 @@ void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_ty
* #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this * #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this
* function. * function.
*/ */
int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ); int mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr *ctx, unsigned char key_usage);
/** /**
* \brief Set the Netscape Cert Type flags * \brief Set the Netscape Cert Type flags
@ -225,8 +223,8 @@ int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned ch
* *
* \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, int mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr *ctx,
unsigned char ns_cert_type ); unsigned char ns_cert_type);
/** /**
* \brief Generic function to add to or replace an extension in the * \brief Generic function to add to or replace an extension in the
@ -241,17 +239,17 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
* *
* \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
*/ */
int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, int mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr *ctx,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
int critical, int critical,
const unsigned char *val, size_t val_len ); const unsigned char *val, size_t val_len);
/** /**
* \brief Free the contents of a CSR context * \brief Free the contents of a CSR context
* *
* \param ctx CSR context to free * \param ctx CSR context to free
*/ */
void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ); void mbedtls_x509write_csr_free(mbedtls_x509write_csr *ctx);
/** /**
* \brief Write a CSR (Certificate Signing Request) to a * \brief Write a CSR (Certificate Signing Request) to a
@ -271,9 +269,9 @@ void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx );
* *
* \note \p f_rng is used for the signature operation. * \note \p f_rng is used for the signature operation.
*/ */
int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#if defined(MBEDTLS_PEM_WRITE_C) #if defined(MBEDTLS_PEM_WRITE_C)
/** /**
@ -290,9 +288,9 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s
* *
* \note \p f_rng is used for the signature operation. * \note \p f_rng is used for the signature operation.
*/ */
int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
#endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_X509_CSR_WRITE_C */ #endif /* MBEDTLS_X509_CSR_WRITE_C */

36
include/psa/crypto.h
View File

@ -137,8 +137,8 @@ static psa_key_attributes_t psa_key_attributes_init(void);
* \param[out] attributes The attribute structure to write to. * \param[out] attributes The attribute structure to write to.
* \param key The persistent identifier for the key. * \param key The persistent identifier for the key.
*/ */
static void psa_set_key_id( psa_key_attributes_t *attributes, static void psa_set_key_id(psa_key_attributes_t *attributes,
mbedtls_svc_key_id_t key ); mbedtls_svc_key_id_t key);
#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
/** Set the owner identifier of a key. /** Set the owner identifier of a key.
@ -155,8 +155,8 @@ static void psa_set_key_id( psa_key_attributes_t *attributes,
* \param[out] attributes The attribute structure to write to. * \param[out] attributes The attribute structure to write to.
* \param owner The key owner identifier. * \param owner The key owner identifier.
*/ */
static void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, static void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
mbedtls_key_owner_id_t owner ); mbedtls_key_owner_id_t owner);
#endif #endif
/** Set the location of a persistent key. /** Set the location of a persistent key.
@ -2884,13 +2884,13 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, psa_status_t psa_sign_message(mbedtls_svc_key_id_t key,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t * input, const uint8_t *input,
size_t input_length, size_t input_length,
uint8_t * signature, uint8_t *signature,
size_t signature_size, size_t signature_size,
size_t * signature_length ); size_t *signature_length);
/** \brief Verify the signature of a message with a public key, using /** \brief Verify the signature of a message with a public key, using
* a hash-and-sign verification algorithm. * a hash-and-sign verification algorithm.
@ -2936,12 +2936,12 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, psa_status_t psa_verify_message(mbedtls_svc_key_id_t key,
psa_algorithm_t alg, psa_algorithm_t alg,
const uint8_t * input, const uint8_t *input,
size_t input_length, size_t input_length,
const uint8_t * signature, const uint8_t *signature,
size_t signature_length ); size_t signature_length);
/** /**
* \brief Sign a hash or short message with a private key. * \brief Sign a hash or short message with a private key.
@ -3336,7 +3336,7 @@ psa_status_t psa_key_derivation_set_capacity(
* The value of the maximum possible capacity depends on the key derivation * The value of the maximum possible capacity depends on the key derivation
* algorithm. * algorithm.
*/ */
#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1)) #define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t) (-1))
/** Provide an input for key derivation or key agreement. /** Provide an input for key derivation or key agreement.
* *

21
include/psa/crypto_builtin_composites.h
View File

@ -45,8 +45,7 @@
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST) #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
typedef struct typedef struct {
{
/** The HMAC algorithm in use */ /** The HMAC algorithm in use */
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
/** The hash context. */ /** The hash context. */
@ -55,16 +54,14 @@ typedef struct
uint8_t MBEDTLS_PRIVATE(opad)[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; uint8_t MBEDTLS_PRIVATE(opad)[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
} mbedtls_psa_hmac_operation_t; } mbedtls_psa_hmac_operation_t;
#define MBEDTLS_PSA_HMAC_OPERATION_INIT {0, PSA_HASH_OPERATION_INIT, {0}} #define MBEDTLS_PSA_HMAC_OPERATION_INIT { 0, PSA_HASH_OPERATION_INIT, { 0 } }
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
#include "mbedtls/cmac.h" #include "mbedtls/cmac.h"
typedef struct typedef struct {
{
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
union union {
{
unsigned MBEDTLS_PRIVATE(dummy); /* Make the union non-empty even with no supported algorithms. */ unsigned MBEDTLS_PRIVATE(dummy); /* Make the union non-empty even with no supported algorithms. */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST) #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
mbedtls_psa_hmac_operation_t MBEDTLS_PRIVATE(hmac); mbedtls_psa_hmac_operation_t MBEDTLS_PRIVATE(hmac);
@ -75,7 +72,7 @@ typedef struct
} MBEDTLS_PRIVATE(ctx); } MBEDTLS_PRIVATE(ctx);
} mbedtls_psa_mac_operation_t; } mbedtls_psa_mac_operation_t;
#define MBEDTLS_PSA_MAC_OPERATION_INIT {0, {0}} #define MBEDTLS_PSA_MAC_OPERATION_INIT { 0, { 0 } }
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) || \
@ -84,8 +81,7 @@ typedef struct
#endif #endif
/* Context structure for the Mbed TLS AEAD implementation. */ /* Context structure for the Mbed TLS AEAD implementation. */
typedef struct typedef struct {
{
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
psa_key_type_t MBEDTLS_PRIVATE(key_type); psa_key_type_t MBEDTLS_PRIVATE(key_type);
@ -93,8 +89,7 @@ typedef struct
uint8_t MBEDTLS_PRIVATE(tag_length); uint8_t MBEDTLS_PRIVATE(tag_length);
union union {
{
unsigned dummy; /* Enable easier initializing of the union. */ unsigned dummy; /* Enable easier initializing of the union. */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
mbedtls_ccm_context MBEDTLS_PRIVATE(ccm); mbedtls_ccm_context MBEDTLS_PRIVATE(ccm);
@ -110,6 +105,6 @@ typedef struct
} mbedtls_psa_aead_operation_t; } mbedtls_psa_aead_operation_t;
#define MBEDTLS_PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, {0}} #define MBEDTLS_PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, { 0 } }
#endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */ #endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */

14
include/psa/crypto_builtin_primitives.h
View File

@ -56,11 +56,9 @@
#define MBEDTLS_PSA_BUILTIN_HASH #define MBEDTLS_PSA_BUILTIN_HASH
#endif #endif
typedef struct typedef struct {
{
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
union union {
{
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
mbedtls_md5_context md5; mbedtls_md5_context md5;
@ -72,17 +70,17 @@ typedef struct
mbedtls_sha1_context sha1; mbedtls_sha1_context sha1;
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
mbedtls_sha256_context sha256; mbedtls_sha256_context sha256;
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
mbedtls_sha512_context sha512; mbedtls_sha512_context sha512;
#endif #endif
} MBEDTLS_PRIVATE(ctx); } MBEDTLS_PRIVATE(ctx);
} mbedtls_psa_hash_operation_t; } mbedtls_psa_hash_operation_t;
#define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}} #define MBEDTLS_PSA_HASH_OPERATION_INIT { 0, { 0 } }
/* /*
* Cipher multi-part operation definitions. * Cipher multi-part operation definitions.
@ -111,6 +109,6 @@ typedef struct {
} MBEDTLS_PRIVATE(ctx); } MBEDTLS_PRIVATE(ctx);
} mbedtls_psa_cipher_operation_t; } mbedtls_psa_cipher_operation_t;
#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}} #define MBEDTLS_PSA_CIPHER_OPERATION_INIT { 0, 0, 0, { 0 } }
#endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */ #endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */

8
include/psa/crypto_compat.h
View File

@ -50,9 +50,9 @@ typedef mbedtls_svc_key_id_t psa_key_handle_t;
* *
* \return Non-zero if the handle is null, zero otherwise. * \return Non-zero if the handle is null, zero otherwise.
*/ */
static inline int psa_key_handle_is_null( psa_key_handle_t handle ) static inline int psa_key_handle_is_null(psa_key_handle_t handle)
{ {
return( mbedtls_svc_key_id_is_null( handle ) ); return mbedtls_svc_key_id_is_null(handle);
} }
/** Open a handle to an existing persistent key. /** Open a handle to an existing persistent key.
@ -115,8 +115,8 @@ static inline int psa_key_handle_is_null( psa_key_handle_t handle )
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_status_t psa_open_key(mbedtls_svc_key_id_t key,
psa_key_handle_t *handle ); psa_key_handle_t *handle);
/** Close a key handle. /** Close a key handle.
* *

24
include/psa/crypto_driver_contexts_composites.h
View File

@ -50,41 +50,41 @@
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
typedef libtestdriver1_mbedtls_psa_mac_operation_t typedef libtestdriver1_mbedtls_psa_mac_operation_t
mbedtls_transparent_test_driver_mac_operation_t; mbedtls_transparent_test_driver_mac_operation_t;
typedef libtestdriver1_mbedtls_psa_mac_operation_t typedef libtestdriver1_mbedtls_psa_mac_operation_t
mbedtls_opaque_test_driver_mac_operation_t; mbedtls_opaque_test_driver_mac_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \ #define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \
LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT
#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \ #define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \
LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT
#else #else
typedef mbedtls_psa_mac_operation_t typedef mbedtls_psa_mac_operation_t
mbedtls_transparent_test_driver_mac_operation_t; mbedtls_transparent_test_driver_mac_operation_t;
typedef mbedtls_psa_mac_operation_t typedef mbedtls_psa_mac_operation_t
mbedtls_opaque_test_driver_mac_operation_t; mbedtls_opaque_test_driver_mac_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \ #define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \
MBEDTLS_PSA_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT
#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \ #define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \
MBEDTLS_PSA_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT
#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC */ #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC */
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
typedef libtestdriver1_mbedtls_psa_aead_operation_t typedef libtestdriver1_mbedtls_psa_aead_operation_t
mbedtls_transparent_test_driver_aead_operation_t; mbedtls_transparent_test_driver_aead_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_AEAD_OPERATION_INIT \ #define MBEDTLS_TRANSPARENT_TEST_DRIVER_AEAD_OPERATION_INIT \
LIBTESTDRIVER1_MBEDTLS_PSA_AEAD_OPERATION_INIT LIBTESTDRIVER1_MBEDTLS_PSA_AEAD_OPERATION_INIT
#else #else
typedef mbedtls_psa_aead_operation_t typedef mbedtls_psa_aead_operation_t
mbedtls_transparent_test_driver_aead_operation_t; mbedtls_transparent_test_driver_aead_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_AEAD_OPERATION_INIT \ #define MBEDTLS_TRANSPARENT_TEST_DRIVER_AEAD_OPERATION_INIT \
MBEDTLS_PSA_AEAD_OPERATION_INIT MBEDTLS_PSA_AEAD_OPERATION_INIT
#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD */ #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD */

18
include/psa/crypto_driver_contexts_primitives.h
View File

@ -50,32 +50,32 @@
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
typedef libtestdriver1_mbedtls_psa_cipher_operation_t typedef libtestdriver1_mbedtls_psa_cipher_operation_t
mbedtls_transparent_test_driver_cipher_operation_t; mbedtls_transparent_test_driver_cipher_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ #define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
LIBTESTDRIVER1_MBEDTLS_PSA_CIPHER_OPERATION_INIT LIBTESTDRIVER1_MBEDTLS_PSA_CIPHER_OPERATION_INIT
#else #else
typedef mbedtls_psa_cipher_operation_t typedef mbedtls_psa_cipher_operation_t
mbedtls_transparent_test_driver_cipher_operation_t; mbedtls_transparent_test_driver_cipher_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ #define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
MBEDTLS_PSA_CIPHER_OPERATION_INIT MBEDTLS_PSA_CIPHER_OPERATION_INIT
#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 &&
LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER */ LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER */
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
typedef libtestdriver1_mbedtls_psa_hash_operation_t typedef libtestdriver1_mbedtls_psa_hash_operation_t
mbedtls_transparent_test_driver_hash_operation_t; mbedtls_transparent_test_driver_hash_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \ #define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \
LIBTESTDRIVER1_MBEDTLS_PSA_HASH_OPERATION_INIT LIBTESTDRIVER1_MBEDTLS_PSA_HASH_OPERATION_INIT
#else #else
typedef mbedtls_psa_hash_operation_t typedef mbedtls_psa_hash_operation_t
mbedtls_transparent_test_driver_hash_operation_t; mbedtls_transparent_test_driver_hash_operation_t;
#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \ #define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \
MBEDTLS_PSA_HASH_OPERATION_INIT MBEDTLS_PSA_HASH_OPERATION_INIT
#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 &&
LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH */ LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH */
@ -85,7 +85,7 @@ typedef struct {
} mbedtls_opaque_test_driver_cipher_operation_t; } mbedtls_opaque_test_driver_cipher_operation_t;
#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \ #define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \
{ 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT } { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT }
#endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_DRIVER_TEST */

290
include/psa/crypto_extra.h
View File

@ -85,7 +85,7 @@ static inline void psa_set_key_enrollment_algorithm(
static inline psa_algorithm_t psa_get_key_enrollment_algorithm( static inline psa_algorithm_t psa_get_key_enrollment_algorithm(
const psa_key_attributes_t *attributes) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg2);
} }
#if defined(MBEDTLS_PSA_CRYPTO_SE_C) #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
@ -114,7 +114,7 @@ static inline psa_algorithm_t psa_get_key_enrollment_algorithm(
*/ */
psa_status_t psa_get_key_slot_number( psa_status_t psa_get_key_slot_number(
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
psa_key_slot_number_t *slot_number ); psa_key_slot_number_t *slot_number);
/** Choose the slot number where a key is stored. /** Choose the slot number where a key is stored.
* *
@ -141,7 +141,7 @@ psa_status_t psa_get_key_slot_number(
*/ */
static inline void psa_set_key_slot_number( static inline void psa_set_key_slot_number(
psa_key_attributes_t *attributes, psa_key_attributes_t *attributes,
psa_key_slot_number_t slot_number ) psa_key_slot_number_t slot_number)
{ {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
attributes->MBEDTLS_PRIVATE(slot_number) = slot_number; attributes->MBEDTLS_PRIVATE(slot_number) = slot_number;
@ -154,9 +154,10 @@ static inline void psa_set_key_slot_number(
* \param[out] attributes The attribute structure to write to. * \param[out] attributes The attribute structure to write to.
*/ */
static inline void psa_clear_key_slot_number( static inline void psa_clear_key_slot_number(
psa_key_attributes_t *attributes ) psa_key_attributes_t *attributes)
{ {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(flags) &=
~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER;
} }
/** Register a key that is already present in a secure element. /** Register a key that is already present in a secure element.
@ -214,7 +215,7 @@ psa_status_t mbedtls_psa_register_se_key(
* *
* This is an Mbed TLS extension. * This is an Mbed TLS extension.
*/ */
void mbedtls_psa_crypto_free( void ); void mbedtls_psa_crypto_free(void);
/** \brief Statistics about /** \brief Statistics about
* resource consumption related to the PSA keystore. * resource consumption related to the PSA keystore.
@ -222,8 +223,7 @@ void mbedtls_psa_crypto_free( void );
* \note The content of this structure is not part of the stable API and ABI * \note The content of this structure is not part of the stable API and ABI
* of Mbed Crypto and may change arbitrarily from version to version. * of Mbed Crypto and may change arbitrarily from version to version.
*/ */
typedef struct mbedtls_psa_stats_s typedef struct mbedtls_psa_stats_s {
{
/** Number of slots containing key material for a volatile key. */ /** Number of slots containing key material for a volatile key. */
size_t MBEDTLS_PRIVATE(volatile_slots); size_t MBEDTLS_PRIVATE(volatile_slots);
/** Number of slots containing key material for a key which is in /** Number of slots containing key material for a key which is in
@ -254,7 +254,7 @@ typedef struct mbedtls_psa_stats_s
* between the application and the keystore, the service may or * between the application and the keystore, the service may or
* may not expose this function. * may not expose this function.
*/ */
void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ); void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats);
/** /**
* \brief Inject an initial entropy seed for the random generator into * \brief Inject an initial entropy seed for the random generator into
@ -339,7 +339,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
* string. The length of the byte string is the length of the base prime `p` * string. The length of the byte string is the length of the base prime `p`
* in bytes. * in bytes.
*/ */
#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x4002) #define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t) 0x4002)
/** DSA key pair (private and public key). /** DSA key pair (private and public key).
* *
@ -357,13 +357,13 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
* Add 1 to the resulting integer and use this as the private key *x*. * Add 1 to the resulting integer and use this as the private key *x*.
* *
*/ */
#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002) #define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t) 0x7002)
/** Whether a key type is a DSA key (pair or public-only). */ /** Whether a key type is a DSA key (pair or public-only). */
#define PSA_KEY_TYPE_IS_DSA(type) \ #define PSA_KEY_TYPE_IS_DSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x06000400) #define PSA_ALG_DSA_BASE ((psa_algorithm_t) 0x06000400)
/** DSA signature with hashing. /** DSA signature with hashing.
* *
* This is the signature scheme defined by FIPS 186-4, * This is the signature scheme defined by FIPS 186-4,
@ -380,7 +380,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
*/ */
#define PSA_ALG_DSA(hash_alg) \ #define PSA_ALG_DSA(hash_alg) \
(PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x06000500) #define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t) 0x06000500)
#define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG
/** Deterministic DSA signature with hashing. /** Deterministic DSA signature with hashing.
* *
@ -587,53 +587,52 @@ psa_status_t psa_get_key_domain_parameters(
* (`PSA_ECC_FAMILY_xxx`). * (`PSA_ECC_FAMILY_xxx`).
* \return \c 0 on failure (\p grpid is not recognized). * \return \c 0 on failure (\p grpid is not recognized).
*/ */
static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, static inline psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid,
size_t *bits ) size_t *bits)
{ {
switch( grpid ) switch (grpid) {
{
case MBEDTLS_ECP_DP_SECP192R1: case MBEDTLS_ECP_DP_SECP192R1:
*bits = 192; *bits = 192;
return( PSA_ECC_FAMILY_SECP_R1 ); return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_SECP224R1: case MBEDTLS_ECP_DP_SECP224R1:
*bits = 224; *bits = 224;
return( PSA_ECC_FAMILY_SECP_R1 ); return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_SECP256R1: case MBEDTLS_ECP_DP_SECP256R1:
*bits = 256; *bits = 256;
return( PSA_ECC_FAMILY_SECP_R1 ); return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_SECP384R1: case MBEDTLS_ECP_DP_SECP384R1:
*bits = 384; *bits = 384;
return( PSA_ECC_FAMILY_SECP_R1 ); return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_SECP521R1: case MBEDTLS_ECP_DP_SECP521R1:
*bits = 521; *bits = 521;
return( PSA_ECC_FAMILY_SECP_R1 ); return PSA_ECC_FAMILY_SECP_R1;
case MBEDTLS_ECP_DP_BP256R1: case MBEDTLS_ECP_DP_BP256R1:
*bits = 256; *bits = 256;
return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
case MBEDTLS_ECP_DP_BP384R1: case MBEDTLS_ECP_DP_BP384R1:
*bits = 384; *bits = 384;
return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
case MBEDTLS_ECP_DP_BP512R1: case MBEDTLS_ECP_DP_BP512R1:
*bits = 512; *bits = 512;
return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); return PSA_ECC_FAMILY_BRAINPOOL_P_R1;
case MBEDTLS_ECP_DP_CURVE25519: case MBEDTLS_ECP_DP_CURVE25519:
*bits = 255; *bits = 255;
return( PSA_ECC_FAMILY_MONTGOMERY ); return PSA_ECC_FAMILY_MONTGOMERY;
case MBEDTLS_ECP_DP_SECP192K1: case MBEDTLS_ECP_DP_SECP192K1:
*bits = 192; *bits = 192;
return( PSA_ECC_FAMILY_SECP_K1 ); return PSA_ECC_FAMILY_SECP_K1;
case MBEDTLS_ECP_DP_SECP224K1: case MBEDTLS_ECP_DP_SECP224K1:
*bits = 224; *bits = 224;
return( PSA_ECC_FAMILY_SECP_K1 ); return PSA_ECC_FAMILY_SECP_K1;
case MBEDTLS_ECP_DP_SECP256K1: case MBEDTLS_ECP_DP_SECP256K1:
*bits = 256; *bits = 256;
return( PSA_ECC_FAMILY_SECP_K1 ); return PSA_ECC_FAMILY_SECP_K1;
case MBEDTLS_ECP_DP_CURVE448: case MBEDTLS_ECP_DP_CURVE448:
*bits = 448; *bits = 448;
return( PSA_ECC_FAMILY_MONTGOMERY ); return PSA_ECC_FAMILY_MONTGOMERY;
default: default:
*bits = 0; *bits = 0;
return( 0 ); return 0;
} }
} }
@ -656,9 +655,9 @@ static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id gr
* \return #MBEDTLS_ECP_DP_NONE if \p bits is not * \return #MBEDTLS_ECP_DP_NONE if \p bits is not
* correct for \p curve. * correct for \p curve.
*/ */
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve,
size_t bits, size_t bits,
int bits_is_sloppy ); int bits_is_sloppy);
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
/**@}*/ /**@}*/
@ -709,7 +708,7 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve,
*/ */
psa_status_t mbedtls_psa_external_get_random( psa_status_t mbedtls_psa_external_get_random(
mbedtls_psa_external_random_context_t *context, mbedtls_psa_external_random_context_t *context,
uint8_t *output, size_t output_size, size_t *output_length ); uint8_t *output, size_t output_size, size_t *output_length);
#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
/**@}*/ /**@}*/
@ -729,14 +728,14 @@ psa_status_t mbedtls_psa_external_get_random(
* This value is part of the library's ABI since changing it would invalidate * This value is part of the library's ABI since changing it would invalidate
* the values of built-in key identifiers in applications. * the values of built-in key identifiers in applications.
*/ */
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t)0x7fff0000) #define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t) 0x7fff0000)
/** The maximum value for a key identifier that is built into the /** The maximum value for a key identifier that is built into the
* implementation. * implementation.
* *
* See #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information. * See #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information.
*/ */
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t)0x7fffefff) #define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t) 0x7fffefff)
/** A slot number identifying a key in a driver. /** A slot number identifying a key in a driver.
* *
@ -754,10 +753,10 @@ typedef uint64_t psa_drv_slot_number_t;
* \retval 0 * \retval 0
* The key identifier is not a builtin key identifier. * The key identifier is not a builtin key identifier.
*/ */
static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) static inline int psa_key_id_is_builtin(psa_key_id_t key_id)
{ {
return( ( key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ) && return (key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN) &&
( key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ) ); (key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX);
} }
/** Platform function to obtain the location and slot number of a built-in key. /** Platform function to obtain the location and slot number of a built-in key.
@ -807,7 +806,7 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id )
psa_status_t mbedtls_psa_platform_get_builtin_key( psa_status_t mbedtls_psa_platform_get_builtin_key(
mbedtls_svc_key_id_t key_id, mbedtls_svc_key_id_t key_id,
psa_key_lifetime_t *lifetime, psa_key_lifetime_t *lifetime,
psa_drv_slot_number_t *slot_number ); psa_drv_slot_number_t *slot_number);
#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
/** @} */ /** @} */
@ -816,7 +815,7 @@ psa_status_t mbedtls_psa_platform_get_builtin_key(
* @{ * @{
*/ */
#define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t)0x0a000000) #define PSA_ALG_CATEGORY_PAKE ((psa_algorithm_t) 0x0a000000)
/** Whether the specified algorithm is a password-authenticated key exchange. /** Whether the specified algorithm is a password-authenticated key exchange.
* *
@ -945,7 +944,7 @@ psa_status_t mbedtls_psa_platform_get_builtin_key(
* of RFC 8236 for two examples. * of RFC 8236 for two examples.
* *
*/ */
#define PSA_ALG_JPAKE ((psa_algorithm_t)0x0a000100) #define PSA_ALG_JPAKE ((psa_algorithm_t) 0x0a000100)
/** @} */ /** @} */
@ -1004,7 +1003,7 @@ typedef uint32_t psa_pake_primitive_t;
* This value can be used in a call to psa_pake_set_role() for symmetric PAKE * This value can be used in a call to psa_pake_set_role() for symmetric PAKE
* algorithms which do not assign roles. * algorithms which do not assign roles.
*/ */
#define PSA_PAKE_ROLE_NONE ((psa_pake_role_t)0x00) #define PSA_PAKE_ROLE_NONE ((psa_pake_role_t) 0x00)
/** The first peer in a balanced PAKE. /** The first peer in a balanced PAKE.
* *
@ -1013,7 +1012,7 @@ typedef uint32_t psa_pake_primitive_t;
* need this, both #PSA_PAKE_ROLE_FIRST and #PSA_PAKE_ROLE_SECOND are * need this, both #PSA_PAKE_ROLE_FIRST and #PSA_PAKE_ROLE_SECOND are
* accepted. * accepted.
*/ */
#define PSA_PAKE_ROLE_FIRST ((psa_pake_role_t)0x01) #define PSA_PAKE_ROLE_FIRST ((psa_pake_role_t) 0x01)
/** The second peer in a balanced PAKE. /** The second peer in a balanced PAKE.
* *
@ -1022,19 +1021,19 @@ typedef uint32_t psa_pake_primitive_t;
* need this, either #PSA_PAKE_ROLE_FIRST or #PSA_PAKE_ROLE_SECOND are * need this, either #PSA_PAKE_ROLE_FIRST or #PSA_PAKE_ROLE_SECOND are
* accepted. * accepted.
*/ */
#define PSA_PAKE_ROLE_SECOND ((psa_pake_role_t)0x02) #define PSA_PAKE_ROLE_SECOND ((psa_pake_role_t) 0x02)
/** The client in an augmented PAKE. /** The client in an augmented PAKE.
* *
* Augmented PAKE algorithms need to differentiate between client and server. * Augmented PAKE algorithms need to differentiate between client and server.
*/ */
#define PSA_PAKE_ROLE_CLIENT ((psa_pake_role_t)0x11) #define PSA_PAKE_ROLE_CLIENT ((psa_pake_role_t) 0x11)
/** The server in an augmented PAKE. /** The server in an augmented PAKE.
* *
* Augmented PAKE algorithms need to differentiate between client and server. * Augmented PAKE algorithms need to differentiate between client and server.
*/ */
#define PSA_PAKE_ROLE_SERVER ((psa_pake_role_t)0x12) #define PSA_PAKE_ROLE_SERVER ((psa_pake_role_t) 0x12)
/** The PAKE primitive type indicating the use of elliptic curves. /** The PAKE primitive type indicating the use of elliptic curves.
* *
@ -1054,7 +1053,7 @@ typedef uint32_t psa_pake_primitive_t;
* curve would be. For more information, consult the documentation of * curve would be. For more information, consult the documentation of
* psa_export_key(). * psa_export_key().
*/ */
#define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t)0x01) #define PSA_PAKE_PRIMITIVE_TYPE_ECC ((psa_pake_primitive_type_t) 0x01)
/** The PAKE primitive type indicating the use of Diffie-Hellman groups. /** The PAKE primitive type indicating the use of Diffie-Hellman groups.
* *
@ -1074,7 +1073,7 @@ typedef uint32_t psa_pake_primitive_t;
* group would be. For more information, consult the documentation of * group would be. For more information, consult the documentation of
* psa_export_key(). * psa_export_key().
*/ */
#define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t)0x02) #define PSA_PAKE_PRIMITIVE_TYPE_DH ((psa_pake_primitive_type_t) 0x02)
/** Construct a PAKE primitive from type, family and bit-size. /** Construct a PAKE primitive from type, family and bit-size.
* *
@ -1098,7 +1097,7 @@ typedef uint32_t psa_pake_primitive_t;
#define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \ #define PSA_PAKE_PRIMITIVE(pake_type, pake_family, pake_bits) \
((pake_bits & 0xFFFF) != pake_bits) ? 0 : \ ((pake_bits & 0xFFFF) != pake_bits) ? 0 : \
((psa_pake_primitive_t) (((pake_type) << 24 | \ ((psa_pake_primitive_t) (((pake_type) << 24 | \
(pake_family) << 16) | (pake_bits))) (pake_family) << 16) | (pake_bits)))
/** The key share being sent to or received from the peer. /** The key share being sent to or received from the peer.
* *
@ -1112,7 +1111,7 @@ typedef uint32_t psa_pake_primitive_t;
* For information regarding how the group is determined, consult the * For information regarding how the group is determined, consult the
* documentation #PSA_PAKE_PRIMITIVE. * documentation #PSA_PAKE_PRIMITIVE.
*/ */
#define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t)0x01) #define PSA_PAKE_STEP_KEY_SHARE ((psa_pake_step_t) 0x01)
/** A Schnorr NIZKP public key. /** A Schnorr NIZKP public key.
* *
@ -1129,7 +1128,7 @@ typedef uint32_t psa_pake_primitive_t;
* For information regarding how the group is determined, consult the * For information regarding how the group is determined, consult the
* documentation #PSA_PAKE_PRIMITIVE. * documentation #PSA_PAKE_PRIMITIVE.
*/ */
#define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t)0x02) #define PSA_PAKE_STEP_ZK_PUBLIC ((psa_pake_step_t) 0x02)
/** A Schnorr NIZKP proof. /** A Schnorr NIZKP proof.
* *
@ -1150,7 +1149,7 @@ typedef uint32_t psa_pake_primitive_t;
* For information regarding how the group is determined, consult the * For information regarding how the group is determined, consult the
* documentation #PSA_PAKE_PRIMITIVE. * documentation #PSA_PAKE_PRIMITIVE.
*/ */
#define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t)0x03) #define PSA_PAKE_STEP_ZK_PROOF ((psa_pake_step_t) 0x03)
/** The type of the data structure for PAKE cipher suites. /** The type of the data structure for PAKE cipher suites.
* *
@ -1162,7 +1161,7 @@ typedef struct psa_pake_cipher_suite_s psa_pake_cipher_suite_t;
/** Return an initial value for a PAKE cipher suite object. /** Return an initial value for a PAKE cipher suite object.
*/ */
static psa_pake_cipher_suite_t psa_pake_cipher_suite_init( void ); static psa_pake_cipher_suite_t psa_pake_cipher_suite_init(void);
/** Retrieve the PAKE algorithm from a PAKE cipher suite. /** Retrieve the PAKE algorithm from a PAKE cipher suite.
* *
@ -1171,7 +1170,7 @@ static psa_pake_cipher_suite_t psa_pake_cipher_suite_init( void );
* \return The PAKE algorithm stored in the cipher suite structure. * \return The PAKE algorithm stored in the cipher suite structure.
*/ */
static psa_algorithm_t psa_pake_cs_get_algorithm( static psa_algorithm_t psa_pake_cs_get_algorithm(
const psa_pake_cipher_suite_t *cipher_suite ); const psa_pake_cipher_suite_t *cipher_suite);
/** Declare the PAKE algorithm for the cipher suite. /** Declare the PAKE algorithm for the cipher suite.
* *
@ -1185,8 +1184,8 @@ static psa_algorithm_t psa_pake_cs_get_algorithm(
* If this is 0, the PAKE algorithm in * If this is 0, the PAKE algorithm in
* \p cipher_suite becomes unspecified. * \p cipher_suite becomes unspecified.
*/ */
static void psa_pake_cs_set_algorithm( psa_pake_cipher_suite_t *cipher_suite, static void psa_pake_cs_set_algorithm(psa_pake_cipher_suite_t *cipher_suite,
psa_algorithm_t algorithm ); psa_algorithm_t algorithm);
/** Retrieve the primitive from a PAKE cipher suite. /** Retrieve the primitive from a PAKE cipher suite.
* *
@ -1195,7 +1194,7 @@ static void psa_pake_cs_set_algorithm( psa_pake_cipher_suite_t *cipher_suite,
* \return The primitive stored in the cipher suite structure. * \return The primitive stored in the cipher suite structure.
*/ */
static psa_pake_primitive_t psa_pake_cs_get_primitive( static psa_pake_primitive_t psa_pake_cs_get_primitive(
const psa_pake_cipher_suite_t *cipher_suite ); const psa_pake_cipher_suite_t *cipher_suite);
/** Declare the primitive for a PAKE cipher suite. /** Declare the primitive for a PAKE cipher suite.
* *
@ -1206,8 +1205,8 @@ static psa_pake_primitive_t psa_pake_cs_get_primitive(
* primitive type in \p cipher_suite becomes * primitive type in \p cipher_suite becomes
* unspecified. * unspecified.
*/ */
static void psa_pake_cs_set_primitive( psa_pake_cipher_suite_t *cipher_suite, static void psa_pake_cs_set_primitive(psa_pake_cipher_suite_t *cipher_suite,
psa_pake_primitive_t primitive ); psa_pake_primitive_t primitive);
/** Retrieve the PAKE family from a PAKE cipher suite. /** Retrieve the PAKE family from a PAKE cipher suite.
* *
@ -1216,7 +1215,7 @@ static void psa_pake_cs_set_primitive( psa_pake_cipher_suite_t *cipher_suite,
* \return The PAKE family stored in the cipher suite structure. * \return The PAKE family stored in the cipher suite structure.
*/ */
static psa_pake_family_t psa_pake_cs_get_family( static psa_pake_family_t psa_pake_cs_get_family(
const psa_pake_cipher_suite_t *cipher_suite ); const psa_pake_cipher_suite_t *cipher_suite);
/** Retrieve the PAKE primitive bit-size from a PAKE cipher suite. /** Retrieve the PAKE primitive bit-size from a PAKE cipher suite.
* *
@ -1225,7 +1224,7 @@ static psa_pake_family_t psa_pake_cs_get_family(
* \return The PAKE primitive bit-size stored in the cipher suite structure. * \return The PAKE primitive bit-size stored in the cipher suite structure.
*/ */
static uint16_t psa_pake_cs_get_bits( static uint16_t psa_pake_cs_get_bits(
const psa_pake_cipher_suite_t *cipher_suite ); const psa_pake_cipher_suite_t *cipher_suite);
/** Retrieve the hash algorithm from a PAKE cipher suite. /** Retrieve the hash algorithm from a PAKE cipher suite.
* *
@ -1236,7 +1235,7 @@ static uint16_t psa_pake_cs_get_bits(
* the hash algorithm is not set. * the hash algorithm is not set.
*/ */
static psa_algorithm_t psa_pake_cs_get_hash( static psa_algorithm_t psa_pake_cs_get_hash(
const psa_pake_cipher_suite_t *cipher_suite ); const psa_pake_cipher_suite_t *cipher_suite);
/** Declare the hash algorithm for a PAKE cipher suite. /** Declare the hash algorithm for a PAKE cipher suite.
* *
@ -1254,8 +1253,8 @@ static psa_algorithm_t psa_pake_cs_get_hash(
* If this is 0, the hash algorithm in * If this is 0, the hash algorithm in
* \p cipher_suite becomes unspecified. * \p cipher_suite becomes unspecified.
*/ */
static void psa_pake_cs_set_hash( psa_pake_cipher_suite_t *cipher_suite, static void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite,
psa_algorithm_t hash ); psa_algorithm_t hash);
/** The type of the state data structure for PAKE operations. /** The type of the state data structure for PAKE operations.
* *
@ -1289,7 +1288,7 @@ typedef struct psa_pake_operation_s psa_pake_operation_t;
/** Return an initial value for a PAKE operation object. /** Return an initial value for a PAKE operation object.
*/ */
static psa_pake_operation_t psa_pake_operation_init( void ); static psa_pake_operation_t psa_pake_operation_init(void);
/** Set the session information for a password-authenticated key exchange. /** Set the session information for a password-authenticated key exchange.
* *
@ -1361,8 +1360,8 @@ static psa_pake_operation_t psa_pake_operation_init( void );
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_setup( psa_pake_operation_t *operation, psa_status_t psa_pake_setup(psa_pake_operation_t *operation,
const psa_pake_cipher_suite_t *cipher_suite ); const psa_pake_cipher_suite_t *cipher_suite);
/** Set the password for a password-authenticated key exchange from key ID. /** Set the password for a password-authenticated key exchange from key ID.
* *
@ -1409,8 +1408,8 @@ psa_status_t psa_pake_setup( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_set_password_key( psa_pake_operation_t *operation, psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation,
mbedtls_svc_key_id_t password ); mbedtls_svc_key_id_t password);
/** Set the user ID for a password-authenticated key exchange. /** Set the user ID for a password-authenticated key exchange.
* *
@ -1449,9 +1448,9 @@ psa_status_t psa_pake_set_password_key( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_set_user( psa_pake_operation_t *operation, psa_status_t psa_pake_set_user(psa_pake_operation_t *operation,
const uint8_t *user_id, const uint8_t *user_id,
size_t user_id_len ); size_t user_id_len);
/** Set the peer ID for a password-authenticated key exchange. /** Set the peer ID for a password-authenticated key exchange.
* *
@ -1491,9 +1490,9 @@ psa_status_t psa_pake_set_user( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_set_peer( psa_pake_operation_t *operation, psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation,
const uint8_t *peer_id, const uint8_t *peer_id,
size_t peer_id_len ); size_t peer_id_len);
/** Set the application role for a password-authenticated key exchange. /** Set the application role for a password-authenticated key exchange.
* *
@ -1533,8 +1532,8 @@ psa_status_t psa_pake_set_peer( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_set_role( psa_pake_operation_t *operation, psa_status_t psa_pake_set_role(psa_pake_operation_t *operation,
psa_pake_role_t role ); psa_pake_role_t role);
/** Get output for a step of a password-authenticated key exchange. /** Get output for a step of a password-authenticated key exchange.
* *
@ -1591,11 +1590,11 @@ psa_status_t psa_pake_set_role( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_output( psa_pake_operation_t *operation, psa_status_t psa_pake_output(psa_pake_operation_t *operation,
psa_pake_step_t step, psa_pake_step_t step,
uint8_t *output, uint8_t *output,
size_t output_size, size_t output_size,
size_t *output_length ); size_t *output_length);
/** Provide input for a step of a password-authenticated key exchange. /** Provide input for a step of a password-authenticated key exchange.
* *
@ -1646,10 +1645,10 @@ psa_status_t psa_pake_output( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_input( psa_pake_operation_t *operation, psa_status_t psa_pake_input(psa_pake_operation_t *operation,
psa_pake_step_t step, psa_pake_step_t step,
const uint8_t *input, const uint8_t *input,
size_t input_length ); size_t input_length);
/** Get implicitly confirmed shared secret from a PAKE. /** Get implicitly confirmed shared secret from a PAKE.
* *
@ -1709,8 +1708,8 @@ psa_status_t psa_pake_input( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_get_implicit_key( psa_pake_operation_t *operation, psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation,
psa_key_derivation_operation_t *output ); psa_key_derivation_operation_t *output);
/** Abort a PAKE operation. /** Abort a PAKE operation.
* *
@ -1736,7 +1735,7 @@ psa_status_t psa_pake_get_implicit_key( psa_pake_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_pake_abort( psa_pake_operation_t * operation ); psa_status_t psa_pake_abort(psa_pake_operation_t *operation);
/**@}*/ /**@}*/
@ -1761,15 +1760,15 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
* return 0. * return 0.
*/ */
#define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) \ #define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) \
( alg == PSA_ALG_JPAKE && \ (alg == PSA_ALG_JPAKE && \
primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \ primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
PSA_ECC_FAMILY_SECP_R1, 256) ? \ PSA_ECC_FAMILY_SECP_R1, 256) ? \
( \ ( \
output_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \ output_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
output_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \ output_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
32 \ 32 \
) : \ ) : \
0 ) 0)
/** A sufficient input buffer size for psa_pake_input(). /** A sufficient input buffer size for psa_pake_input().
* *
@ -1791,15 +1790,15 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
* the parameters are incompatible, return 0. * the parameters are incompatible, return 0.
*/ */
#define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) \ #define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) \
( alg == PSA_ALG_JPAKE && \ (alg == PSA_ALG_JPAKE && \
primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \ primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
PSA_ECC_FAMILY_SECP_R1, 256) ? \ PSA_ECC_FAMILY_SECP_R1, 256) ? \
( \ ( \
input_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \ input_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
input_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \ input_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
32 \ 32 \
) : \ ) : \
0 ) 0)
/** Output buffer size for psa_pake_output() for any of the supported PAKE /** Output buffer size for psa_pake_output() for any of the supported PAKE
* algorithm and primitive suites and output step. * algorithm and primitive suites and output step.
@ -1822,22 +1821,21 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
/** Returns a suitable initializer for a PAKE cipher suite object of type /** Returns a suitable initializer for a PAKE cipher suite object of type
* psa_pake_cipher_suite_t. * psa_pake_cipher_suite_t.
*/ */
#define PSA_PAKE_CIPHER_SUITE_INIT {PSA_ALG_NONE, 0, 0, 0, PSA_ALG_NONE} #define PSA_PAKE_CIPHER_SUITE_INIT { PSA_ALG_NONE, 0, 0, 0, PSA_ALG_NONE }
/** Returns a suitable initializer for a PAKE operation object of type /** Returns a suitable initializer for a PAKE operation object of type
* psa_pake_operation_t. * psa_pake_operation_t.
*/ */
#if defined(MBEDTLS_PSA_BUILTIN_PAKE) #if defined(MBEDTLS_PSA_BUILTIN_PAKE)
#define PSA_PAKE_OPERATION_INIT {PSA_ALG_NONE, 0, 0, 0, 0, \ #define PSA_PAKE_OPERATION_INIT { PSA_ALG_NONE, 0, 0, 0, 0, \
NULL, 0 , \ NULL, 0, \
PSA_PAKE_ROLE_NONE, {0}, 0, 0, \ PSA_PAKE_ROLE_NONE, { 0 }, 0, 0, \
{.dummy = 0}} { .dummy = 0 } }
#else #else
#define PSA_PAKE_OPERATION_INIT {PSA_ALG_NONE, 0, 0, {0}} #define PSA_PAKE_OPERATION_INIT { PSA_ALG_NONE, 0, 0, { 0 } }
#endif #endif
struct psa_pake_cipher_suite_s struct psa_pake_cipher_suite_s {
{
psa_algorithm_t algorithm; psa_algorithm_t algorithm;
psa_pake_primitive_type_t type; psa_pake_primitive_type_t type;
psa_pake_family_t family; psa_pake_family_t family;
@ -1846,31 +1844,32 @@ struct psa_pake_cipher_suite_s
}; };
static inline psa_algorithm_t psa_pake_cs_get_algorithm( static inline psa_algorithm_t psa_pake_cs_get_algorithm(
const psa_pake_cipher_suite_t *cipher_suite ) const psa_pake_cipher_suite_t *cipher_suite)
{ {
return( cipher_suite->algorithm ); return cipher_suite->algorithm;
} }
static inline void psa_pake_cs_set_algorithm( static inline void psa_pake_cs_set_algorithm(
psa_pake_cipher_suite_t *cipher_suite, psa_pake_cipher_suite_t *cipher_suite,
psa_algorithm_t algorithm) psa_algorithm_t algorithm)
{ {
if( !PSA_ALG_IS_PAKE( algorithm ) ) if (!PSA_ALG_IS_PAKE(algorithm)) {
cipher_suite->algorithm = 0; cipher_suite->algorithm = 0;
else } else {
cipher_suite->algorithm = algorithm; cipher_suite->algorithm = algorithm;
}
} }
static inline psa_pake_primitive_t psa_pake_cs_get_primitive( static inline psa_pake_primitive_t psa_pake_cs_get_primitive(
const psa_pake_cipher_suite_t *cipher_suite ) const psa_pake_cipher_suite_t *cipher_suite)
{ {
return( PSA_PAKE_PRIMITIVE( cipher_suite->type, cipher_suite->family, return PSA_PAKE_PRIMITIVE(cipher_suite->type, cipher_suite->family,
cipher_suite->bits ) ); cipher_suite->bits);
} }
static inline void psa_pake_cs_set_primitive( static inline void psa_pake_cs_set_primitive(
psa_pake_cipher_suite_t *cipher_suite, psa_pake_cipher_suite_t *cipher_suite,
psa_pake_primitive_t primitive ) psa_pake_primitive_t primitive)
{ {
cipher_suite->type = (psa_pake_primitive_type_t) (primitive >> 24); cipher_suite->type = (psa_pake_primitive_type_t) (primitive >> 24);
cipher_suite->family = (psa_pake_family_t) (0xFF & (primitive >> 16)); cipher_suite->family = (psa_pake_family_t) (0xFF & (primitive >> 16));
@ -1878,30 +1877,31 @@ static inline void psa_pake_cs_set_primitive(
} }
static inline psa_pake_family_t psa_pake_cs_get_family( static inline psa_pake_family_t psa_pake_cs_get_family(
const psa_pake_cipher_suite_t *cipher_suite ) const psa_pake_cipher_suite_t *cipher_suite)
{ {
return( cipher_suite->family ); return cipher_suite->family;
} }
static inline uint16_t psa_pake_cs_get_bits( static inline uint16_t psa_pake_cs_get_bits(
const psa_pake_cipher_suite_t *cipher_suite ) const psa_pake_cipher_suite_t *cipher_suite)
{ {
return( cipher_suite->bits ); return cipher_suite->bits;
} }
static inline psa_algorithm_t psa_pake_cs_get_hash( static inline psa_algorithm_t psa_pake_cs_get_hash(
const psa_pake_cipher_suite_t *cipher_suite ) const psa_pake_cipher_suite_t *cipher_suite)
{ {
return( cipher_suite->hash ); return cipher_suite->hash;
} }
static inline void psa_pake_cs_set_hash( psa_pake_cipher_suite_t *cipher_suite, static inline void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite,
psa_algorithm_t hash ) psa_algorithm_t hash)
{ {
if( !PSA_ALG_IS_HASH( hash ) ) if (!PSA_ALG_IS_HASH(hash)) {
cipher_suite->hash = 0; cipher_suite->hash = 0;
else } else {
cipher_suite->hash = hash; cipher_suite->hash = hash;
}
} }
#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) #if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE)
@ -1909,26 +1909,24 @@ static inline void psa_pake_cs_set_hash( psa_pake_cipher_suite_t *cipher_suite,
/* Note: the format for mbedtls_ecjpake_read/write function has an extra /* Note: the format for mbedtls_ecjpake_read/write function has an extra
* length byte for each step, plus an extra 3 bytes for ECParameters in the * length byte for each step, plus an extra 3 bytes for ECParameters in the
* server's 2nd round. */ * server's 2nd round. */
#define MBEDTLS_PSA_PAKE_BUFFER_SIZE ( ( 3 + 1 + 65 + 1 + 65 + 1 + 32 ) * 2 ) #define MBEDTLS_PSA_PAKE_BUFFER_SIZE ((3 + 1 + 65 + 1 + 65 + 1 + 32) * 2)
#endif #endif
struct psa_pake_operation_s struct psa_pake_operation_s {
{
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
unsigned int MBEDTLS_PRIVATE(state); unsigned int MBEDTLS_PRIVATE(state);
unsigned int MBEDTLS_PRIVATE(sequence); unsigned int MBEDTLS_PRIVATE(sequence);
#if defined(MBEDTLS_PSA_BUILTIN_PAKE) #if defined(MBEDTLS_PSA_BUILTIN_PAKE)
unsigned int MBEDTLS_PRIVATE(input_step); unsigned int MBEDTLS_PRIVATE(input_step);
unsigned int MBEDTLS_PRIVATE(output_step); unsigned int MBEDTLS_PRIVATE(output_step);
uint8_t* MBEDTLS_PRIVATE(password); uint8_t *MBEDTLS_PRIVATE(password);
size_t MBEDTLS_PRIVATE(password_len); size_t MBEDTLS_PRIVATE(password_len);
psa_pake_role_t MBEDTLS_PRIVATE(role); psa_pake_role_t MBEDTLS_PRIVATE(role);
uint8_t MBEDTLS_PRIVATE(buffer[MBEDTLS_PSA_PAKE_BUFFER_SIZE]); uint8_t MBEDTLS_PRIVATE(buffer[MBEDTLS_PSA_PAKE_BUFFER_SIZE]);
size_t MBEDTLS_PRIVATE(buffer_length); size_t MBEDTLS_PRIVATE(buffer_length);
size_t MBEDTLS_PRIVATE(buffer_offset); size_t MBEDTLS_PRIVATE(buffer_offset);
#endif #endif
union union {
{
#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) #if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE)
mbedtls_ecjpake_context ecjpake; mbedtls_ecjpake_context ecjpake;
#endif #endif
@ -1937,16 +1935,16 @@ struct psa_pake_operation_s
} MBEDTLS_PRIVATE(ctx); } MBEDTLS_PRIVATE(ctx);
}; };
static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite_init( void ) static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite_init(void)
{ {
const struct psa_pake_cipher_suite_s v = PSA_PAKE_CIPHER_SUITE_INIT; const struct psa_pake_cipher_suite_s v = PSA_PAKE_CIPHER_SUITE_INIT;
return( v ); return v;
} }
static inline struct psa_pake_operation_s psa_pake_operation_init( void ) static inline struct psa_pake_operation_s psa_pake_operation_init(void)
{ {
const struct psa_pake_operation_s v = PSA_PAKE_OPERATION_INIT; const struct psa_pake_operation_s v = PSA_PAKE_OPERATION_INIT;
return( v ); return v;
} }
#ifdef __cplusplus #ifdef __cplusplus

6
include/psa/crypto_platform.h
View File

@ -65,10 +65,10 @@ typedef int32_t mbedtls_key_owner_id_t;
* *
* \return Non-zero if the two key owner identifiers are equal, zero otherwise. * \return Non-zero if the two key owner identifiers are equal, zero otherwise.
*/ */
static inline int mbedtls_key_owner_id_equal( mbedtls_key_owner_id_t id1, static inline int mbedtls_key_owner_id_equal(mbedtls_key_owner_id_t id1,
mbedtls_key_owner_id_t id2 ) mbedtls_key_owner_id_t id2)
{ {
return( id1 == id2 ); return id1 == id2;
} }
#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ #endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */

7
include/psa/crypto_se_driver.h
View File

@ -323,7 +323,7 @@ typedef psa_status_t (*psa_drv_se_mac_verify_t)(psa_drv_se_context_t *drv_contex
typedef struct { typedef struct {
/**The size in bytes of the hardware-specific secure element MAC context /**The size in bytes of the hardware-specific secure element MAC context
* structure * structure
*/ */
size_t MBEDTLS_PRIVATE(context_size); size_t MBEDTLS_PRIVATE(context_size);
/** Function that performs a MAC setup operation /** Function that performs a MAC setup operation
*/ */
@ -815,8 +815,7 @@ typedef struct {
/** An enumeration indicating how a key is created. /** An enumeration indicating how a key is created.
*/ */
typedef enum typedef enum {
{
PSA_KEY_CREATION_IMPORT, /**< During psa_import_key() */ PSA_KEY_CREATION_IMPORT, /**< During psa_import_key() */
PSA_KEY_CREATION_GENERATE, /**< During psa_generate_key() */ PSA_KEY_CREATION_GENERATE, /**< During psa_generate_key() */
PSA_KEY_CREATION_DERIVE, /**< During psa_key_derivation_output_key() */ PSA_KEY_CREATION_DERIVE, /**< During psa_key_derivation_output_key() */
@ -1235,7 +1234,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context,
* \retval #PSA_SUCCESS * \retval #PSA_SUCCESS
*/ */
typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context, typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context,
psa_key_slot_number_t dest_key); psa_key_slot_number_t dest_key);
/** \brief A function that performs the final step of a secure element key /** \brief A function that performs the final step of a secure element key
* agreement and place the generated key material in a buffer * agreement and place the generated key material in a buffer

74
include/psa/crypto_sizes.h
View File

@ -276,7 +276,7 @@
((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \ ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \
PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) : \ PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) : \
PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
((void)(key_type), (void)(key_bits), 0)) ((void) (key_type), (void) (key_bits), 0))
/** The maximum size of the output of psa_aead_encrypt(), in bytes. /** The maximum size of the output of psa_aead_encrypt(), in bytes.
* *
@ -359,8 +359,8 @@
*/ */
#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \ #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
(ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \ (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \
(ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
0) 0)
/** A sufficient output buffer size for psa_aead_decrypt(), for any of the /** A sufficient output buffer size for psa_aead_decrypt(), for any of the
@ -382,7 +382,7 @@
* *
*/ */
#define PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(ciphertext_length) \ #define PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(ciphertext_length) \
(ciphertext_length) (ciphertext_length)
/** The default nonce size for an AEAD algorithm, in bytes. /** The default nonce size for an AEAD algorithm, in bytes.
* *
@ -411,11 +411,11 @@
*/ */
#define PSA_AEAD_NONCE_LENGTH(key_type, alg) \ #define PSA_AEAD_NONCE_LENGTH(key_type, alg) \
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \
MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \ MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \
MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \ MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \
0 : \ 0 : \
(key_type) == PSA_KEY_TYPE_CHACHA20 && \ (key_type) == PSA_KEY_TYPE_CHACHA20 && \
MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \ MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \
0) 0)
/** The maximum default nonce size among all supported pairs of key types and /** The maximum default nonce size among all supported pairs of key types and
@ -463,9 +463,9 @@
* implementation to delay the output until it has a full block. */ * implementation to delay the output until it has a full block. */
#define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ #define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \
(input_length) : \ (input_length) : \
0) 0)
/** A sufficient output buffer size for psa_aead_update(), for any of the /** A sufficient output buffer size for psa_aead_update(), for any of the
@ -504,8 +504,8 @@
*/ */
#define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \ #define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
0) 0)
/** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the /** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the
@ -538,8 +538,8 @@
*/ */
#define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \ #define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
0) 0)
/** A sufficient plaintext buffer size for psa_aead_verify(), for any of the /** A sufficient plaintext buffer size for psa_aead_verify(), for any of the
@ -591,9 +591,9 @@
* return value is unspecified. * return value is unspecified.
*/ */
#define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ #define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \
(PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \
PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
((void)alg, 0)) ((void) alg, 0))
#define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \ #define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \
PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)
@ -637,7 +637,7 @@
*/ */
#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \
(PSA_KEY_TYPE_IS_RSA(key_type) ? \ (PSA_KEY_TYPE_IS_RSA(key_type) ? \
((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \
0) 0)
/** A sufficient output buffer size for psa_asymmetric_encrypt(), for any /** A sufficient output buffer size for psa_asymmetric_encrypt(), for any
@ -992,16 +992,16 @@
*/ */
#define PSA_CIPHER_IV_LENGTH(key_type, alg) \ #define PSA_CIPHER_IV_LENGTH(key_type, alg) \
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1 && \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1 && \
((alg) == PSA_ALG_CTR || \ ((alg) == PSA_ALG_CTR || \
(alg) == PSA_ALG_CFB || \ (alg) == PSA_ALG_CFB || \
(alg) == PSA_ALG_OFB || \ (alg) == PSA_ALG_OFB || \
(alg) == PSA_ALG_XTS || \ (alg) == PSA_ALG_XTS || \
(alg) == PSA_ALG_CBC_NO_PADDING || \ (alg) == PSA_ALG_CBC_NO_PADDING || \
(alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
(key_type) == PSA_KEY_TYPE_CHACHA20 && \ (key_type) == PSA_KEY_TYPE_CHACHA20 && \
(alg) == PSA_ALG_STREAM_CIPHER ? 12 : \ (alg) == PSA_ALG_STREAM_CIPHER ? 12 : \
(alg) == PSA_ALG_CCM_STAR_NO_TAG ? 13 : \ (alg) == PSA_ALG_CCM_STAR_NO_TAG ? 13 : \
0) 0)
/** The maximum IV size for all supported cipher algorithms, in bytes. /** The maximum IV size for all supported cipher algorithms, in bytes.
* *
@ -1035,12 +1035,12 @@
#define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \ #define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \
(alg == PSA_ALG_CBC_PKCS7 ? \ (alg == PSA_ALG_CBC_PKCS7 ? \
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \
PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
(input_length) + 1) + \ (input_length) + 1) + \
PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) : \ PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) : \
(PSA_ALG_IS_CIPHER(alg) ? \ (PSA_ALG_IS_CIPHER(alg) ? \
(input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \ (input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \
0)) 0))
/** A sufficient output buffer size for psa_cipher_encrypt(), for any of the /** A sufficient output buffer size for psa_cipher_encrypt(), for any of the
* supported key types and cipher algorithms. * supported key types and cipher algorithms.
@ -1116,13 +1116,13 @@
*/ */
#define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ #define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \
(PSA_ALG_IS_CIPHER(alg) ? \ (PSA_ALG_IS_CIPHER(alg) ? \
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \
(((alg) == PSA_ALG_CBC_PKCS7 || \ (((alg) == PSA_ALG_CBC_PKCS7 || \
(alg) == PSA_ALG_CBC_NO_PADDING || \ (alg) == PSA_ALG_CBC_NO_PADDING || \
(alg) == PSA_ALG_ECB_NO_PADDING) ? \ (alg) == PSA_ALG_ECB_NO_PADDING) ? \
PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \
input_length) : \ input_length) : \
(input_length)) : 0) : \ (input_length)) : 0) : \
0) 0)
/** A sufficient output buffer size for psa_cipher_update(), for any of the /** A sufficient output buffer size for psa_cipher_update(), for any of the

167
include/psa/crypto_struct.h
View File

@ -79,8 +79,7 @@ extern "C" {
* algorithms. */ * algorithms. */
#include "psa/crypto_driver_contexts_primitives.h" #include "psa/crypto_driver_contexts_primitives.h"
struct psa_hash_operation_s struct psa_hash_operation_s {
{
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -92,14 +91,13 @@ struct psa_hash_operation_s
}; };
#define PSA_HASH_OPERATION_INIT { 0, { 0 } } #define PSA_HASH_OPERATION_INIT { 0, { 0 } }
static inline struct psa_hash_operation_s psa_hash_operation_init( void ) static inline struct psa_hash_operation_s psa_hash_operation_init(void)
{ {
const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT;
return( v ); return v;
} }
struct psa_cipher_operation_s struct psa_cipher_operation_s {
{
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -117,18 +115,17 @@ struct psa_cipher_operation_s
}; };
#define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } } #define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } }
static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) static inline struct psa_cipher_operation_s psa_cipher_operation_init(void)
{ {
const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT;
return( v ); return v;
} }
/* Include the context definition for the compiled-in drivers for the composite /* Include the context definition for the compiled-in drivers for the composite
* algorithms. */ * algorithms. */
#include "psa/crypto_driver_contexts_composites.h" #include "psa/crypto_driver_contexts_composites.h"
struct psa_mac_operation_s struct psa_mac_operation_s {
{
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported. * drivers halfway through the operation is not supported.
@ -142,14 +139,13 @@ struct psa_mac_operation_s
}; };
#define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } } #define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } }
static inline struct psa_mac_operation_s psa_mac_operation_init( void ) static inline struct psa_mac_operation_s psa_mac_operation_init(void)
{ {
const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
return( v ); return v;
} }
struct psa_aead_operation_s struct psa_aead_operation_s {
{
/** Unique ID indicating which driver got assigned to do the /** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping * operation. Since driver contexts are driver-specific, swapping
@ -174,18 +170,17 @@ struct psa_aead_operation_s
psa_driver_aead_context_t MBEDTLS_PRIVATE(ctx); psa_driver_aead_context_t MBEDTLS_PRIVATE(ctx);
}; };
#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, {0}} #define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, { 0 } }
static inline struct psa_aead_operation_s psa_aead_operation_init( void ) static inline struct psa_aead_operation_s psa_aead_operation_init(void)
{ {
const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT;
return( v ); return v;
} }
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
typedef struct typedef struct {
{
uint8_t *MBEDTLS_PRIVATE(info); uint8_t *MBEDTLS_PRIVATE(info);
size_t MBEDTLS_PRIVATE(info_length); size_t MBEDTLS_PRIVATE(info_length);
#if PSA_HASH_MAX_SIZE > 0xff #if PSA_HASH_MAX_SIZE > 0xff
@ -203,16 +198,14 @@ typedef struct
MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT || MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT ||
MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */ MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
typedef struct typedef struct {
{
uint8_t MBEDTLS_PRIVATE(data)[PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE]; uint8_t MBEDTLS_PRIVATE(data)[PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE];
} psa_tls12_ecjpake_to_pms_t; } psa_tls12_ecjpake_to_pms_t;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */ #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
typedef enum typedef enum {
{
PSA_TLS12_PRF_STATE_INIT, /* no input provided */ PSA_TLS12_PRF_STATE_INIT, /* no input provided */
PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */ PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */
PSA_TLS12_PRF_STATE_OTHER_KEY_SET, /* other key has been set - optional */ PSA_TLS12_PRF_STATE_OTHER_KEY_SET, /* other key has been set - optional */
@ -221,8 +214,7 @@ typedef enum
PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */ PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */
} psa_tls12_prf_key_derivation_state_t; } psa_tls12_prf_key_derivation_state_t;
typedef struct psa_tls12_prf_key_derivation_s typedef struct psa_tls12_prf_key_derivation_s {
{
#if PSA_HASH_MAX_SIZE > 0xff #if PSA_HASH_MAX_SIZE > 0xff
#error "PSA_HASH_MAX_SIZE does not fit in uint8_t" #error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
#endif #endif
@ -255,22 +247,20 @@ typedef struct psa_tls12_prf_key_derivation_s
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
struct psa_key_derivation_s struct psa_key_derivation_s {
{
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
unsigned int MBEDTLS_PRIVATE(can_output_key) : 1; unsigned int MBEDTLS_PRIVATE(can_output_key) : 1;
size_t MBEDTLS_PRIVATE(capacity); size_t MBEDTLS_PRIVATE(capacity);
union union {
{
/* Make the union non-empty even with no supported algorithms. */ /* Make the union non-empty even with no supported algorithms. */
uint8_t MBEDTLS_PRIVATE(dummy); uint8_t MBEDTLS_PRIVATE(dummy);
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
psa_hkdf_key_derivation_t MBEDTLS_PRIVATE(hkdf); psa_hkdf_key_derivation_t MBEDTLS_PRIVATE(hkdf);
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
psa_tls12_prf_key_derivation_t MBEDTLS_PRIVATE(tls12_prf); psa_tls12_prf_key_derivation_t MBEDTLS_PRIVATE(tls12_prf);
#endif #endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
@ -282,14 +272,13 @@ struct psa_key_derivation_s
/* This only zeroes out the first byte in the union, the rest is unspecified. */ /* This only zeroes out the first byte in the union, the rest is unspecified. */
#define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } } #define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } }
static inline struct psa_key_derivation_s psa_key_derivation_operation_init( static inline struct psa_key_derivation_s psa_key_derivation_operation_init(
void ) void)
{ {
const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT;
return( v ); return v;
} }
struct psa_key_policy_s struct psa_key_policy_s {
{
psa_key_usage_t MBEDTLS_PRIVATE(usage); psa_key_usage_t MBEDTLS_PRIVATE(usage);
psa_algorithm_t MBEDTLS_PRIVATE(alg); psa_algorithm_t MBEDTLS_PRIVATE(alg);
psa_algorithm_t MBEDTLS_PRIVATE(alg2); psa_algorithm_t MBEDTLS_PRIVATE(alg2);
@ -297,10 +286,10 @@ struct psa_key_policy_s
typedef struct psa_key_policy_s psa_key_policy_t; typedef struct psa_key_policy_s psa_key_policy_t;
#define PSA_KEY_POLICY_INIT { 0, 0, 0 } #define PSA_KEY_POLICY_INIT { 0, 0, 0 }
static inline struct psa_key_policy_s psa_key_policy_init( void ) static inline struct psa_key_policy_s psa_key_policy_init(void)
{ {
const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT;
return( v ); return v;
} }
/* The type used internally for key sizes. /* The type used internally for key sizes.
@ -308,7 +297,7 @@ static inline struct psa_key_policy_s psa_key_policy_init( void )
typedef uint16_t psa_key_bits_t; typedef uint16_t psa_key_bits_t;
/* The maximum value of the type used to represent bit-sizes. /* The maximum value of the type used to represent bit-sizes.
* This is used to mark an invalid key size. */ * This is used to mark an invalid key size. */
#define PSA_KEY_BITS_TOO_LARGE ( ( psa_key_bits_t ) -1 ) #define PSA_KEY_BITS_TOO_LARGE ((psa_key_bits_t) -1)
/* The maximum size of a key in bits. /* The maximum size of a key in bits.
* Currently defined as the maximum that can be represented, rounded down * Currently defined as the maximum that can be represented, rounded down
* to a whole number of bytes. * to a whole number of bytes.
@ -326,21 +315,20 @@ typedef uint16_t psa_key_bits_t;
typedef uint16_t psa_key_attributes_flag_t; typedef uint16_t psa_key_attributes_flag_t;
#define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \ #define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \
( (psa_key_attributes_flag_t) 0x0001 ) ((psa_key_attributes_flag_t) 0x0001)
/* A mask of key attribute flags used externally only. /* A mask of key attribute flags used externally only.
* Only meant for internal checks inside the library. */ * Only meant for internal checks inside the library. */
#define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \ #define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \
MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \ MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \
0 ) 0)
/* A mask of key attribute flags used both internally and externally. /* A mask of key attribute flags used both internally and externally.
* Currently there aren't any. */ * Currently there aren't any. */
#define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \ #define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \
0 ) 0)
typedef struct typedef struct {
{
psa_key_type_t MBEDTLS_PRIVATE(type); psa_key_type_t MBEDTLS_PRIVATE(type);
psa_key_bits_t MBEDTLS_PRIVATE(bits); psa_key_bits_t MBEDTLS_PRIVATE(bits);
psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime); psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime);
@ -354,8 +342,7 @@ typedef struct
MBEDTLS_SVC_KEY_ID_INIT, \ MBEDTLS_SVC_KEY_ID_INIT, \
PSA_KEY_POLICY_INIT, 0 } PSA_KEY_POLICY_INIT, 0 }
struct psa_key_attributes_s struct psa_key_attributes_s {
{
psa_core_key_attributes_t MBEDTLS_PRIVATE(core); psa_core_key_attributes_t MBEDTLS_PRIVATE(core);
#if defined(MBEDTLS_PSA_CRYPTO_SE_C) #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number); psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number);
@ -370,48 +357,46 @@ struct psa_key_attributes_s
#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0 } #define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0 }
#endif #endif
static inline struct psa_key_attributes_s psa_key_attributes_init( void ) static inline struct psa_key_attributes_s psa_key_attributes_init(void)
{ {
const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT;
return( v ); return v;
} }
static inline void psa_set_key_id( psa_key_attributes_t *attributes, static inline void psa_set_key_id(psa_key_attributes_t *attributes,
mbedtls_svc_key_id_t key ) mbedtls_svc_key_id_t key)
{ {
psa_key_lifetime_t lifetime = attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime); psa_key_lifetime_t lifetime = attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime);
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = key; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = key;
if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
{
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) = attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) =
PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(
PSA_KEY_LIFETIME_PERSISTENT, PSA_KEY_LIFETIME_PERSISTENT,
PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) ); PSA_KEY_LIFETIME_GET_LOCATION(lifetime));
} }
} }
static inline mbedtls_svc_key_id_t psa_get_key_id( static inline mbedtls_svc_key_id_t psa_get_key_id(
const psa_key_attributes_t *attributes ) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id);
} }
#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, static inline void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
mbedtls_key_owner_id_t owner ) mbedtls_key_owner_id_t owner)
{ {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(owner) = owner; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(owner) = owner;
} }
#endif #endif
static inline void psa_set_key_lifetime( psa_key_attributes_t *attributes, static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
psa_key_lifetime_t lifetime ) psa_key_lifetime_t lifetime)
{ {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) = lifetime; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) = lifetime;
if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) {
{
#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(key_id) = 0; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(key_id) = 0;
#else #else
@ -421,89 +406,89 @@ static inline void psa_set_key_lifetime( psa_key_attributes_t *attributes,
} }
static inline psa_key_lifetime_t psa_get_key_lifetime( static inline psa_key_lifetime_t psa_get_key_lifetime(
const psa_key_attributes_t *attributes ) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime);
} }
static inline void psa_extend_key_usage_flags( psa_key_usage_t *usage_flags ) static inline void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags)
{ {
if( *usage_flags & PSA_KEY_USAGE_SIGN_HASH ) if (*usage_flags & PSA_KEY_USAGE_SIGN_HASH) {
*usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE; *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
}
if( *usage_flags & PSA_KEY_USAGE_VERIFY_HASH ) if (*usage_flags & PSA_KEY_USAGE_VERIFY_HASH) {
*usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE; *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
}
} }
static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
psa_key_usage_t usage_flags) psa_key_usage_t usage_flags)
{ {
psa_extend_key_usage_flags( &usage_flags ); psa_extend_key_usage_flags(&usage_flags);
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags;
} }
static inline psa_key_usage_t psa_get_key_usage_flags( static inline psa_key_usage_t psa_get_key_usage_flags(
const psa_key_attributes_t *attributes ) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage);
} }
static inline void psa_set_key_algorithm( psa_key_attributes_t *attributes, static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
psa_algorithm_t alg ) psa_algorithm_t alg)
{ {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) = alg; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) = alg;
} }
static inline psa_algorithm_t psa_get_key_algorithm( static inline psa_algorithm_t psa_get_key_algorithm(
const psa_key_attributes_t *attributes ) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(alg);
} }
/* This function is declared in crypto_extra.h, which comes after this /* This function is declared in crypto_extra.h, which comes after this
* header file, but we need the function here, so repeat the declaration. */ * header file, but we need the function here, so repeat the declaration. */
psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes, psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
psa_key_type_t type, psa_key_type_t type,
const uint8_t *data, const uint8_t *data,
size_t data_length ); size_t data_length);
static inline void psa_set_key_type( psa_key_attributes_t *attributes, static inline void psa_set_key_type(psa_key_attributes_t *attributes,
psa_key_type_t type ) psa_key_type_t type)
{ {
if( attributes->MBEDTLS_PRIVATE(domain_parameters) == NULL ) if (attributes->MBEDTLS_PRIVATE(domain_parameters) == NULL) {
{
/* Common case: quick path */ /* Common case: quick path */
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) = type; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) = type;
} } else {
else
{
/* Call the bigger function to free the old domain parameters. /* Call the bigger function to free the old domain parameters.
* Ignore any errors which may arise due to type requiring * Ignore any errors which may arise due to type requiring
* non-default domain parameters, since this function can't * non-default domain parameters, since this function can't
* report errors. */ * report errors. */
(void) psa_set_key_domain_parameters( attributes, type, NULL, 0 ); (void) psa_set_key_domain_parameters(attributes, type, NULL, 0);
} }
} }
static inline psa_key_type_t psa_get_key_type( static inline psa_key_type_t psa_get_key_type(
const psa_key_attributes_t *attributes ) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(type);
} }
static inline void psa_set_key_bits( psa_key_attributes_t *attributes, static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
size_t bits ) size_t bits)
{ {
if( bits > PSA_MAX_KEY_BITS ) if (bits > PSA_MAX_KEY_BITS) {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = PSA_KEY_BITS_TOO_LARGE; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = PSA_KEY_BITS_TOO_LARGE;
else } else {
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = (psa_key_bits_t) bits; attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) = (psa_key_bits_t) bits;
}
} }
static inline size_t psa_get_key_bits( static inline size_t psa_get_key_bits(
const psa_key_attributes_t *attributes ) const psa_key_attributes_t *attributes)
{ {
return( attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits) ); return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits);
} }
#ifdef __cplusplus #ifdef __cplusplus

5
include/psa/crypto_types.h
View File

@ -291,7 +291,7 @@ typedef uint32_t psa_key_id_t;
* Any changes to existing values will require bumping the storage * Any changes to existing values will require bumping the storage
* format version and providing a translation when reading the old * format version and providing a translation when reading the old
* format. * format.
*/ */
#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
typedef psa_key_id_t mbedtls_svc_key_id_t; typedef psa_key_id_t mbedtls_svc_key_id_t;
@ -301,8 +301,7 @@ typedef psa_key_id_t mbedtls_svc_key_id_t;
* client and encodes the client identity in the key identifier argument of * client and encodes the client identity in the key identifier argument of
* functions such as psa_open_key(). * functions such as psa_open_key().
*/ */
typedef struct typedef struct {
{
psa_key_id_t MBEDTLS_PRIVATE(key_id); psa_key_id_t MBEDTLS_PRIVATE(key_id);
mbedtls_key_owner_id_t MBEDTLS_PRIVATE(owner); mbedtls_key_owner_id_t MBEDTLS_PRIVATE(owner);
} mbedtls_svc_key_id_t; } mbedtls_svc_key_id_t;

336
include/psa/crypto_values.h
View File

@ -353,7 +353,7 @@
* *
* Zero is not the encoding of any key type. * Zero is not the encoding of any key type.
*/ */
#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x0000) #define PSA_KEY_TYPE_NONE ((psa_key_type_t) 0x0000)
/** Vendor-defined key type flag. /** Vendor-defined key type flag.
* *
@ -362,15 +362,15 @@
* must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should
* respect the bitwise structure used by standard encodings whenever practical. * respect the bitwise structure used by standard encodings whenever practical.
*/ */
#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x8000) #define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t) 0x8000)
#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7000) #define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t) 0x7000)
#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x1000) #define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t) 0x1000)
#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x2000) #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t) 0x2000)
#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x4000) #define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t) 0x4000)
#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x7000) #define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t) 0x7000)
#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x3000) #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t) 0x3000)
/** Whether a key type is vendor-defined. /** Whether a key type is vendor-defined.
* *
@ -428,7 +428,7 @@
* *
* A "key" of this type cannot be used for any cryptographic operation. * A "key" of this type cannot be used for any cryptographic operation.
* Applications may use this type to store arbitrary data in the keystore. */ * Applications may use this type to store arbitrary data in the keystore. */
#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x1001) #define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t) 0x1001)
/** HMAC key. /** HMAC key.
* *
@ -438,7 +438,7 @@
* HMAC keys should generally have the same size as the underlying hash. * HMAC keys should generally have the same size as the underlying hash.
* This size can be calculated with #PSA_HASH_LENGTH(\c alg) where * This size can be calculated with #PSA_HASH_LENGTH(\c alg) where
* \c alg is the HMAC algorithm or the underlying hash algorithm. */ * \c alg is the HMAC algorithm or the underlying hash algorithm. */
#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100) #define PSA_KEY_TYPE_HMAC ((psa_key_type_t) 0x1100)
/** A secret for key derivation. /** A secret for key derivation.
* *
@ -451,7 +451,7 @@
* The key policy determines which key derivation algorithm the key * The key policy determines which key derivation algorithm the key
* can be used for. * can be used for.
*/ */
#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x1200) #define PSA_KEY_TYPE_DERIVE ((psa_key_type_t) 0x1200)
/** A low-entropy secret for password hashing or key derivation. /** A low-entropy secret for password hashing or key derivation.
* *
@ -474,7 +474,7 @@
* The key policy determines which key derivation algorithm the key can be * The key policy determines which key derivation algorithm the key can be
* used for, among the permissible subset defined above. * used for, among the permissible subset defined above.
*/ */
#define PSA_KEY_TYPE_PASSWORD ((psa_key_type_t)0x1203) #define PSA_KEY_TYPE_PASSWORD ((psa_key_type_t) 0x1203)
/** A secret value that can be used to verify a password hash. /** A secret value that can be used to verify a password hash.
* *
@ -482,25 +482,25 @@
* can be used for, among the same permissible subset as for * can be used for, among the same permissible subset as for
* #PSA_KEY_TYPE_PASSWORD. * #PSA_KEY_TYPE_PASSWORD.
*/ */
#define PSA_KEY_TYPE_PASSWORD_HASH ((psa_key_type_t)0x1205) #define PSA_KEY_TYPE_PASSWORD_HASH ((psa_key_type_t) 0x1205)
/** A secret value that can be used in when computing a password hash. /** A secret value that can be used in when computing a password hash.
* *
* The key policy determines which key derivation algorithm the key * The key policy determines which key derivation algorithm the key
* can be used for, among the subset of algorithms that can use pepper. * can be used for, among the subset of algorithms that can use pepper.
*/ */
#define PSA_KEY_TYPE_PEPPER ((psa_key_type_t)0x1206) #define PSA_KEY_TYPE_PEPPER ((psa_key_type_t) 0x1206)
/** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher. /** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher.
* *
* The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or
* 32 bytes (AES-256). * 32 bytes (AES-256).
*/ */
#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x2400) #define PSA_KEY_TYPE_AES ((psa_key_type_t) 0x2400)
/** Key for a cipher, AEAD or MAC algorithm based on the /** Key for a cipher, AEAD or MAC algorithm based on the
* ARIA block cipher. */ * ARIA block cipher. */
#define PSA_KEY_TYPE_ARIA ((psa_key_type_t)0x2406) #define PSA_KEY_TYPE_ARIA ((psa_key_type_t) 0x2406)
/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
* *
@ -511,11 +511,11 @@
* deprecated and should only be used to decrypt legacy data. 3-key 3DES * deprecated and should only be used to decrypt legacy data. 3-key 3DES
* is weak and deprecated and should only be used in legacy protocols. * is weak and deprecated and should only be used in legacy protocols.
*/ */
#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x2301) #define PSA_KEY_TYPE_DES ((psa_key_type_t) 0x2301)
/** Key for a cipher, AEAD or MAC algorithm based on the /** Key for a cipher, AEAD or MAC algorithm based on the
* Camellia block cipher. */ * Camellia block cipher. */
#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403) #define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t) 0x2403)
/** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. /** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm.
* *
@ -528,25 +528,25 @@
* with the initial counter value 1, you can process and discard a * with the initial counter value 1, you can process and discard a
* 64-byte block before the real data. * 64-byte block before the real data.
*/ */
#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004) #define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t) 0x2004)
/** RSA public key. /** RSA public key.
* *
* The size of an RSA key is the bit size of the modulus. * The size of an RSA key is the bit size of the modulus.
*/ */
#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x4001) #define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t) 0x4001)
/** RSA key pair (private and public key). /** RSA key pair (private and public key).
* *
* The size of an RSA key is the bit size of the modulus. * The size of an RSA key is the bit size of the modulus.
*/ */
#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7001) #define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t) 0x7001)
/** Whether a key type is an RSA key (pair or public-only). */ /** Whether a key type is an RSA key (pair or public-only). */
#define PSA_KEY_TYPE_IS_RSA(type) \ #define PSA_KEY_TYPE_IS_RSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x4100) #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4100)
#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x7100) #define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t) 0x7100)
#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff) #define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t) 0x00ff)
/** Elliptic curve key pair. /** Elliptic curve key pair.
* *
* The size of an elliptic curve key is the bit size associated with the curve, * The size of an elliptic curve key is the bit size associated with the curve,
@ -586,8 +586,8 @@
/** Extract the curve from an elliptic curve key type. */ /** Extract the curve from an elliptic curve key type. */
#define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \ #define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \
((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \ ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \
((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
0)) 0))
/** Check if the curve of given family is Weierstrass elliptic curve. */ /** Check if the curve of given family is Weierstrass elliptic curve. */
#define PSA_ECC_FAMILY_IS_WEIERSTRASS(family) ((family & 0xc0) == 0) #define PSA_ECC_FAMILY_IS_WEIERSTRASS(family) ((family & 0xc0) == 0)
@ -681,9 +681,9 @@
*/ */
#define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42) #define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42)
#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x4200) #define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4200)
#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200) #define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t) 0x7200)
#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff) #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t) 0x00ff)
/** Diffie-Hellman key pair. /** Diffie-Hellman key pair.
* *
* \param group A value of type ::psa_dh_family_t that identifies the * \param group A value of type ::psa_dh_family_t that identifies the
@ -715,8 +715,8 @@
/** Extract the group from a Diffie-Hellman key type. */ /** Extract the group from a Diffie-Hellman key type. */
#define PSA_KEY_TYPE_DH_GET_FAMILY(type) \ #define PSA_KEY_TYPE_DH_GET_FAMILY(type) \
((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \ ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \
((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \ ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \
0)) 0))
/** Diffie-Hellman groups defined in RFC 7919 Appendix A. /** Diffie-Hellman groups defined in RFC 7919 Appendix A.
* *
@ -749,7 +749,7 @@
#define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \ #define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \
(((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \ (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \
1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \ 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \
0u) 0u)
/* Note that algorithm values are embedded in the persistent key store, /* Note that algorithm values are embedded in the persistent key store,
* as part of key metadata. As a consequence, they must not be changed * as part of key metadata. As a consequence, they must not be changed
@ -763,17 +763,17 @@
* the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure * the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure
* used by standard encodings whenever practical. * used by standard encodings whenever practical.
*/ */
#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) #define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t) 0x80000000)
#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) #define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t) 0x7f000000)
#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x02000000) #define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t) 0x02000000)
#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x03000000) #define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t) 0x03000000)
#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) #define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t) 0x04000000)
#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x05000000) #define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t) 0x05000000)
#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x06000000) #define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t) 0x06000000)
#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000) #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t) 0x07000000)
#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000) #define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t) 0x08000000)
#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000) #define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t) 0x09000000)
/** Whether an algorithm is vendor-defined. /** Whether an algorithm is vendor-defined.
* *
@ -896,40 +896,40 @@
#define PSA_ALG_NONE ((psa_algorithm_t)0) #define PSA_ALG_NONE ((psa_algorithm_t)0)
/* *INDENT-ON* */ /* *INDENT-ON* */
#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) #define PSA_ALG_HASH_MASK ((psa_algorithm_t) 0x000000ff)
/** MD5 */ /** MD5 */
#define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003) #define PSA_ALG_MD5 ((psa_algorithm_t) 0x02000003)
/** PSA_ALG_RIPEMD160 */ /** PSA_ALG_RIPEMD160 */
#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x02000004) #define PSA_ALG_RIPEMD160 ((psa_algorithm_t) 0x02000004)
/** SHA1 */ /** SHA1 */
#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x02000005) #define PSA_ALG_SHA_1 ((psa_algorithm_t) 0x02000005)
/** SHA2-224 */ /** SHA2-224 */
#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x02000008) #define PSA_ALG_SHA_224 ((psa_algorithm_t) 0x02000008)
/** SHA2-256 */ /** SHA2-256 */
#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x02000009) #define PSA_ALG_SHA_256 ((psa_algorithm_t) 0x02000009)
/** SHA2-384 */ /** SHA2-384 */
#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0200000a) #define PSA_ALG_SHA_384 ((psa_algorithm_t) 0x0200000a)
/** SHA2-512 */ /** SHA2-512 */
#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0200000b) #define PSA_ALG_SHA_512 ((psa_algorithm_t) 0x0200000b)
/** SHA2-512/224 */ /** SHA2-512/224 */
#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0200000c) #define PSA_ALG_SHA_512_224 ((psa_algorithm_t) 0x0200000c)
/** SHA2-512/256 */ /** SHA2-512/256 */
#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0200000d) #define PSA_ALG_SHA_512_256 ((psa_algorithm_t) 0x0200000d)
/** SHA3-224 */ /** SHA3-224 */
#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x02000010) #define PSA_ALG_SHA3_224 ((psa_algorithm_t) 0x02000010)
/** SHA3-256 */ /** SHA3-256 */
#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x02000011) #define PSA_ALG_SHA3_256 ((psa_algorithm_t) 0x02000011)
/** SHA3-384 */ /** SHA3-384 */
#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x02000012) #define PSA_ALG_SHA3_384 ((psa_algorithm_t) 0x02000012)
/** SHA3-512 */ /** SHA3-512 */
#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x02000013) #define PSA_ALG_SHA3_512 ((psa_algorithm_t) 0x02000013)
/** The first 512 bits (64 bytes) of the SHAKE256 output. /** The first 512 bits (64 bytes) of the SHAKE256 output.
* *
* This is the prehashing for Ed448ph (see #PSA_ALG_ED448PH). For other * This is the prehashing for Ed448ph (see #PSA_ALG_ED448PH). For other
* scenarios where a hash function based on SHA3/SHAKE is desired, SHA3-512 * scenarios where a hash function based on SHA3/SHAKE is desired, SHA3-512
* has the same output size and a (theoretically) higher security strength. * has the same output size and a (theoretically) higher security strength.
*/ */
#define PSA_ALG_SHAKE256_512 ((psa_algorithm_t)0x02000015) #define PSA_ALG_SHAKE256_512 ((psa_algorithm_t) 0x02000015)
/** In a hash-and-sign algorithm policy, allow any hash algorithm. /** In a hash-and-sign algorithm policy, allow any hash algorithm.
* *
@ -964,10 +964,10 @@
* This value may not be used to build an algorithm specification to * This value may not be used to build an algorithm specification to
* perform an operation. It is only valid to build policies. * perform an operation. It is only valid to build policies.
*/ */
#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x020000ff) #define PSA_ALG_ANY_HASH ((psa_algorithm_t) 0x020000ff)
#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) #define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t) 0x00c00000)
#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x03800000) #define PSA_ALG_HMAC_BASE ((psa_algorithm_t) 0x03800000)
/** Macro to build an HMAC algorithm. /** Macro to build an HMAC algorithm.
* *
* For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256.
@ -1006,7 +1006,7 @@
* reach up to 63; the largest MAC is 64 bytes so its trivial truncation * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
* to full length is correctly encoded as 0 and any non-trivial truncation * to full length is correctly encoded as 0 and any non-trivial truncation
* is correctly encoded as a value between 1 and 63. */ * is correctly encoded as a value between 1 and 63. */
#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x003f0000) #define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t) 0x003f0000)
#define PSA_MAC_TRUNCATION_OFFSET 16 #define PSA_MAC_TRUNCATION_OFFSET 16
/* In the encoding of a MAC algorithm, the bit corresponding to /* In the encoding of a MAC algorithm, the bit corresponding to
@ -1015,7 +1015,7 @@
* algorithm policy can be used with any algorithm corresponding to the * algorithm policy can be used with any algorithm corresponding to the
* same base class and having a (potentially truncated) MAC length greater or * same base class and having a (potentially truncated) MAC length greater or
* equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */ * equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */
#define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000) #define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
/** Macro to build a truncated MAC algorithm. /** Macro to build a truncated MAC algorithm.
* *
@ -1110,18 +1110,18 @@
* too large for the specified MAC algorithm. * too large for the specified MAC algorithm.
*/ */
#define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \ #define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \
( PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \ (PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \
PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG)
#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x03c00000) #define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t) 0x03c00000)
/** The CBC-MAC construction over a block cipher /** The CBC-MAC construction over a block cipher
* *
* \warning CBC-MAC is insecure in many cases. * \warning CBC-MAC is insecure in many cases.
* A more secure mode, such as #PSA_ALG_CMAC, is recommended. * A more secure mode, such as #PSA_ALG_CMAC, is recommended.
*/ */
#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100) #define PSA_ALG_CBC_MAC ((psa_algorithm_t) 0x03c00100)
/** The CMAC construction over a block cipher */ /** The CMAC construction over a block cipher */
#define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200) #define PSA_ALG_CMAC ((psa_algorithm_t) 0x03c00200)
/** Whether the specified algorithm is a MAC algorithm based on a block cipher. /** Whether the specified algorithm is a MAC algorithm based on a block cipher.
* *
@ -1135,8 +1135,8 @@
(((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
PSA_ALG_CIPHER_MAC_BASE) PSA_ALG_CIPHER_MAC_BASE)
#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) #define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t) 0x00800000)
#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) #define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
/** Whether the specified algorithm is a stream cipher. /** Whether the specified algorithm is a stream cipher.
* *
@ -1152,14 +1152,14 @@
*/ */
#define PSA_ALG_IS_STREAM_CIPHER(alg) \ #define PSA_ALG_IS_STREAM_CIPHER(alg) \
(((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
(PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
/** The stream cipher mode of a stream cipher algorithm. /** The stream cipher mode of a stream cipher algorithm.
* *
* The underlying stream cipher is determined by the key type. * The underlying stream cipher is determined by the key type.
* - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20. * - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20.
*/ */
#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100) #define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t) 0x04800100)
/** The CTR stream cipher mode. /** The CTR stream cipher mode.
* *
@ -1168,19 +1168,19 @@
* For example, to use AES-128-CTR, use this algorithm with * For example, to use AES-128-CTR, use this algorithm with
* a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
*/ */
#define PSA_ALG_CTR ((psa_algorithm_t)0x04c01000) #define PSA_ALG_CTR ((psa_algorithm_t) 0x04c01000)
/** The CFB stream cipher mode. /** The CFB stream cipher mode.
* *
* The underlying block cipher is determined by the key type. * The underlying block cipher is determined by the key type.
*/ */
#define PSA_ALG_CFB ((psa_algorithm_t)0x04c01100) #define PSA_ALG_CFB ((psa_algorithm_t) 0x04c01100)
/** The OFB stream cipher mode. /** The OFB stream cipher mode.
* *
* The underlying block cipher is determined by the key type. * The underlying block cipher is determined by the key type.
*/ */
#define PSA_ALG_OFB ((psa_algorithm_t)0x04c01200) #define PSA_ALG_OFB ((psa_algorithm_t) 0x04c01200)
/** The XTS cipher mode. /** The XTS cipher mode.
* *
@ -1188,7 +1188,7 @@
* least one full block of input, but beyond this minimum the input * least one full block of input, but beyond this minimum the input
* does not need to be a whole number of blocks. * does not need to be a whole number of blocks.
*/ */
#define PSA_ALG_XTS ((psa_algorithm_t)0x0440ff00) #define PSA_ALG_XTS ((psa_algorithm_t) 0x0440ff00)
/** The Electronic Code Book (ECB) mode of a block cipher, with no padding. /** The Electronic Code Book (ECB) mode of a block cipher, with no padding.
* *
@ -1208,7 +1208,7 @@
* multi-part cipher operation with this algorithm, psa_cipher_generate_iv() * multi-part cipher operation with this algorithm, psa_cipher_generate_iv()
* and psa_cipher_set_iv() must not be called. * and psa_cipher_set_iv() must not be called.
*/ */
#define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t)0x04404400) #define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t) 0x04404400)
/** The CBC block cipher chaining mode, with no padding. /** The CBC block cipher chaining mode, with no padding.
* *
@ -1217,7 +1217,7 @@
* This symmetric cipher mode can only be used with messages whose lengths * This symmetric cipher mode can only be used with messages whose lengths
* are whole number of blocks for the chosen block cipher. * are whole number of blocks for the chosen block cipher.
*/ */
#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04404000) #define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t) 0x04404000)
/** The CBC block cipher chaining mode with PKCS#7 padding. /** The CBC block cipher chaining mode with PKCS#7 padding.
* *
@ -1225,9 +1225,9 @@
* *
* This is the padding method defined by PKCS#7 (RFC 2315) &sect;10.3. * This is the padding method defined by PKCS#7 (RFC 2315) &sect;10.3.
*/ */
#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04404100) #define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t) 0x04404100)
#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) #define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000)
/** Whether the specified algorithm is an AEAD mode on a block cipher. /** Whether the specified algorithm is an AEAD mode on a block cipher.
* *
@ -1246,7 +1246,7 @@
* *
* The underlying block cipher is determined by the key type. * The underlying block cipher is determined by the key type.
*/ */
#define PSA_ALG_CCM ((psa_algorithm_t)0x05500100) #define PSA_ALG_CCM ((psa_algorithm_t) 0x05500100)
/** The CCM* cipher mode without authentication. /** The CCM* cipher mode without authentication.
* *
@ -1257,13 +1257,13 @@
* *
* Currently only 13-byte long IV's are supported. * Currently only 13-byte long IV's are supported.
*/ */
#define PSA_ALG_CCM_STAR_NO_TAG ((psa_algorithm_t)0x04c01300) #define PSA_ALG_CCM_STAR_NO_TAG ((psa_algorithm_t) 0x04c01300)
/** The GCM authenticated encryption algorithm. /** The GCM authenticated encryption algorithm.
* *
* The underlying block cipher is determined by the key type. * The underlying block cipher is determined by the key type.
*/ */
#define PSA_ALG_GCM ((psa_algorithm_t)0x05500200) #define PSA_ALG_GCM ((psa_algorithm_t) 0x05500200)
/** The Chacha20-Poly1305 AEAD algorithm. /** The Chacha20-Poly1305 AEAD algorithm.
* *
@ -1274,13 +1274,13 @@
* *
* Implementations must support 16-byte tags and should reject other sizes. * Implementations must support 16-byte tags and should reject other sizes.
*/ */
#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500) #define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t) 0x05100500)
/* In the encoding of an AEAD algorithm, the bits corresponding to /* In the encoding of an AEAD algorithm, the bits corresponding to
* PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
* The constants for default lengths follow this encoding. * The constants for default lengths follow this encoding.
*/ */
#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x003f0000) #define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t) 0x003f0000)
#define PSA_AEAD_TAG_LENGTH_OFFSET 16 #define PSA_AEAD_TAG_LENGTH_OFFSET 16
/* In the encoding of an AEAD algorithm, the bit corresponding to /* In the encoding of an AEAD algorithm, the bit corresponding to
@ -1289,7 +1289,7 @@
* algorithm policy can be used with any algorithm corresponding to the * algorithm policy can be used with any algorithm corresponding to the
* same base class and having a tag length greater than or equal to the one * same base class and having a tag length greater than or equal to the one
* encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */ * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */
#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000) #define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000)
/** Macro to build a shortened AEAD algorithm. /** Macro to build a shortened AEAD algorithm.
* *
@ -1313,7 +1313,7 @@
(((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \ (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \
PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \ PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \
((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \
PSA_ALG_AEAD_TAG_LENGTH_MASK)) PSA_ALG_AEAD_TAG_LENGTH_MASK))
/** Retrieve the tag length of a specified AEAD algorithm /** Retrieve the tag length of a specified AEAD algorithm
* *
@ -1327,7 +1327,7 @@
*/ */
#define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \ #define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \
(((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \ (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \
PSA_AEAD_TAG_LENGTH_OFFSET ) PSA_AEAD_TAG_LENGTH_OFFSET)
/** Calculate the corresponding AEAD algorithm with the default tag length. /** Calculate the corresponding AEAD algorithm with the default tag length.
* *
@ -1373,10 +1373,10 @@
* or too large for the specified AEAD algorithm. * or too large for the specified AEAD algorithm.
*/ */
#define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \ #define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \
( PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \ (PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \
PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)
#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x06000200) #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t) 0x06000200)
/** RSA PKCS#1 v1.5 signature with hashing. /** RSA PKCS#1 v1.5 signature with hashing.
* *
* This is the signature scheme defined by RFC 8017 * This is the signature scheme defined by RFC 8017
@ -1404,8 +1404,8 @@
#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x06000300) #define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t) 0x06000300)
#define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t)0x06001300) #define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t) 0x06001300)
/** RSA PSS signature with hashing. /** RSA PSS signature with hashing.
* *
* This is the signature scheme defined by RFC 8017 * This is the signature scheme defined by RFC 8017
@ -1494,7 +1494,7 @@
(PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \ (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \
PSA_ALG_IS_RSA_PSS_ANY_SALT(alg)) PSA_ALG_IS_RSA_PSS_ANY_SALT(alg))
#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x06000600) #define PSA_ALG_ECDSA_BASE ((psa_algorithm_t) 0x06000600)
/** ECDSA signature with hashing. /** ECDSA signature with hashing.
* *
* This is the ECDSA signature scheme defined by ANSI X9.62, * This is the ECDSA signature scheme defined by ANSI X9.62,
@ -1527,7 +1527,7 @@
* the curve size. * the curve size.
*/ */
#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x06000700) #define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t) 0x06000700)
/** Deterministic ECDSA signature with hashing. /** Deterministic ECDSA signature with hashing.
* *
* This is the deterministic ECDSA signature scheme defined by RFC 6979. * This is the deterministic ECDSA signature scheme defined by RFC 6979.
@ -1552,7 +1552,7 @@
*/ */
#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \
(PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00000100) #define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t) 0x00000100)
#define PSA_ALG_IS_ECDSA(alg) \ #define PSA_ALG_IS_ECDSA(alg) \
(((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \ (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \
PSA_ALG_ECDSA_BASE) PSA_ALG_ECDSA_BASE)
@ -1591,9 +1591,9 @@
* RFC 8032 §5.1.6 and §5.2.6 (a 64-byte string for Ed25519, a 114-byte * RFC 8032 §5.1.6 and §5.2.6 (a 64-byte string for Ed25519, a 114-byte
* string for Ed448). * string for Ed448).
*/ */
#define PSA_ALG_PURE_EDDSA ((psa_algorithm_t)0x06000800) #define PSA_ALG_PURE_EDDSA ((psa_algorithm_t) 0x06000800)
#define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t)0x06000900) #define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t) 0x06000900)
#define PSA_ALG_IS_HASH_EDDSA(alg) \ #define PSA_ALG_IS_HASH_EDDSA(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE) (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE)
@ -1685,7 +1685,7 @@
* supported algorithm identifier. * supported algorithm identifier.
*/ */
#define PSA_ALG_IS_SIGN_MESSAGE(alg) \ #define PSA_ALG_IS_SIGN_MESSAGE(alg) \
(PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA ) (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA)
/** Whether the specified algorithm is a hash-and-sign algorithm. /** Whether the specified algorithm is a hash-and-sign algorithm.
* *
@ -1742,9 +1742,9 @@
/** RSA PKCS#1 v1.5 encryption. /** RSA PKCS#1 v1.5 encryption.
*/ */
#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x07000200) #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t) 0x07000200)
#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x07000300) #define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t) 0x07000300)
/** RSA OAEP encryption. /** RSA OAEP encryption.
* *
* This is the encryption scheme defined by RFC 8017 * This is the encryption scheme defined by RFC 8017
@ -1768,7 +1768,7 @@
((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \
0) 0)
#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x08000100) #define PSA_ALG_HKDF_BASE ((psa_algorithm_t) 0x08000100)
/** Macro to build an HKDF algorithm. /** Macro to build an HKDF algorithm.
* *
* For example, `PSA_ALG_HKDF(PSA_ALG_SHA_256)` is HKDF using HMAC-SHA-256. * For example, `PSA_ALG_HKDF(PSA_ALG_SHA_256)` is HKDF using HMAC-SHA-256.
@ -1813,7 +1813,7 @@
#define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_HKDF_EXTRACT_BASE ((psa_algorithm_t)0x08000400) #define PSA_ALG_HKDF_EXTRACT_BASE ((psa_algorithm_t) 0x08000400)
/** Macro to build an HKDF-Extract algorithm. /** Macro to build an HKDF-Extract algorithm.
* *
* For example, `PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256)` is * For example, `PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256)` is
@ -1862,7 +1862,7 @@
#define PSA_ALG_IS_HKDF_EXTRACT(alg) \ #define PSA_ALG_IS_HKDF_EXTRACT(alg) \
(((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE) (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE)
#define PSA_ALG_HKDF_EXPAND_BASE ((psa_algorithm_t)0x08000500) #define PSA_ALG_HKDF_EXPAND_BASE ((psa_algorithm_t) 0x08000500)
/** Macro to build an HKDF-Expand algorithm. /** Macro to build an HKDF-Expand algorithm.
* *
* For example, `PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256)` is * For example, `PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256)` is
@ -1919,7 +1919,7 @@
((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE || \ ((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXTRACT_BASE || \
((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXPAND_BASE) ((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_EXPAND_BASE)
#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x08000200) #define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t) 0x08000200)
/** Macro to build a TLS-1.2 PRF algorithm. /** Macro to build a TLS-1.2 PRF algorithm.
* *
* TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
@ -1962,7 +1962,7 @@
#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x08000300) #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t) 0x08000300)
/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. /** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
* *
* In a pure-PSK handshake in TLS 1.2, the master secret is derived * In a pure-PSK handshake in TLS 1.2, the master secret is derived
@ -2044,7 +2044,7 @@
* The output has to be read as a single chunk of 32 bytes, defined as * The output has to be read as a single chunk of 32 bytes, defined as
* PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE. * PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE.
*/ */
#define PSA_ALG_TLS12_ECJPAKE_TO_PMS ((psa_algorithm_t)0x08000609) #define PSA_ALG_TLS12_ECJPAKE_TO_PMS ((psa_algorithm_t) 0x08000609)
/* This flag indicates whether the key derivation algorithm is suitable for /* This flag indicates whether the key derivation algorithm is suitable for
* use on low-entropy secrets such as password - these algorithms are also * use on low-entropy secrets such as password - these algorithms are also
@ -2053,9 +2053,9 @@
* *
* Those algorithms cannot be combined with a key agreement algorithm. * Those algorithms cannot be combined with a key agreement algorithm.
*/ */
#define PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG ((psa_algorithm_t)0x00800000) #define PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG ((psa_algorithm_t) 0x00800000)
#define PSA_ALG_PBKDF2_HMAC_BASE ((psa_algorithm_t)0x08800100) #define PSA_ALG_PBKDF2_HMAC_BASE ((psa_algorithm_t) 0x08800100)
/** Macro to build a PBKDF2-HMAC password hashing / key stretching algorithm. /** Macro to build a PBKDF2-HMAC password hashing / key stretching algorithm.
* *
* PBKDF2 is defined by PKCS#5, republished as RFC 8018 (section 5.2). * PBKDF2 is defined by PKCS#5, republished as RFC 8018 (section 5.2).
@ -2105,10 +2105,10 @@
* This key derivation algorithm uses the same inputs as * This key derivation algorithm uses the same inputs as
* #PSA_ALG_PBKDF2_HMAC() with the same constraints. * #PSA_ALG_PBKDF2_HMAC() with the same constraints.
*/ */
#define PSA_ALG_PBKDF2_AES_CMAC_PRF_128 ((psa_algorithm_t)0x08800200) #define PSA_ALG_PBKDF2_AES_CMAC_PRF_128 ((psa_algorithm_t) 0x08800200)
#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff) #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t) 0xfe00ffff)
#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000) #define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t) 0xffff0000)
/** Macro to build a combined algorithm that chains a key agreement with /** Macro to build a combined algorithm that chains a key agreement with
* a key derivation. * a key derivation.
@ -2161,7 +2161,7 @@
* It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p`
* in bits. * in bits.
*/ */
#define PSA_ALG_FFDH ((psa_algorithm_t)0x09010000) #define PSA_ALG_FFDH ((psa_algorithm_t) 0x09010000)
/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. /** Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
* *
@ -2203,7 +2203,7 @@
* in big-endian byte order. * in big-endian byte order.
* The bit size is `m` for the field `F_{2^m}`. * The bit size is `m` for the field `F_{2^m}`.
*/ */
#define PSA_ALG_ECDH ((psa_algorithm_t)0x09020000) #define PSA_ALG_ECDH ((psa_algorithm_t) 0x09020000)
/** Whether the specified algorithm is an elliptic curve Diffie-Hellman /** Whether the specified algorithm is an elliptic curve Diffie-Hellman
* algorithm. * algorithm.
@ -2254,7 +2254,7 @@
* \return \c 0 if alg is not a composite algorithm that uses a hash. * \return \c 0 if alg is not a composite algorithm that uses a hash.
*/ */
#define PSA_ALG_GET_HASH(alg) \ #define PSA_ALG_GET_HASH(alg) \
(((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t)0) : 0x02000000 | ((alg) & 0x000000ff)) (((alg) & 0x000000ff) == 0 ? ((psa_algorithm_t) 0) : 0x02000000 | ((alg) & 0x000000ff))
/**@}*/ /**@}*/
@ -2278,7 +2278,7 @@
* it must release all the resources associated with the key and erase the * it must release all the resources associated with the key and erase the
* key material if the calling application terminates. * key material if the calling application terminates.
*/ */
#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) #define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t) 0x00000000)
/** The default lifetime for persistent keys. /** The default lifetime for persistent keys.
* *
@ -2292,31 +2292,31 @@
* application. Integrations of Mbed TLS may support other persistent lifetimes. * application. Integrations of Mbed TLS may support other persistent lifetimes.
* See ::psa_key_lifetime_t for more information. * See ::psa_key_lifetime_t for more information.
*/ */
#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t) 0x00000001)
/** The persistence level of volatile keys. /** The persistence level of volatile keys.
* *
* See ::psa_key_persistence_t for more information. * See ::psa_key_persistence_t for more information.
*/ */
#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00) #define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t) 0x00)
/** The default persistence level for persistent keys. /** The default persistence level for persistent keys.
* *
* See ::psa_key_persistence_t for more information. * See ::psa_key_persistence_t for more information.
*/ */
#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01) #define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t) 0x01)
/** A persistence level indicating that a key is never destroyed. /** A persistence level indicating that a key is never destroyed.
* *
* See ::psa_key_persistence_t for more information. * See ::psa_key_persistence_t for more information.
*/ */
#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) #define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t) 0xff)
#define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \ #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \
((psa_key_persistence_t)((lifetime) & 0x000000ff)) ((psa_key_persistence_t) ((lifetime) & 0x000000ff))
#define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \ #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \
((psa_key_location_t)((lifetime) >> 8)) ((psa_key_location_t) ((lifetime) >> 8))
/** Whether a key lifetime indicates that the key is volatile. /** Whether a key lifetime indicates that the key is volatile.
* *
@ -2378,9 +2378,9 @@
* *
* See ::psa_key_location_t for more information. * See ::psa_key_location_t for more information.
*/ */
#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000) #define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t) 0x000000)
#define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000) #define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t) 0x800000)
/* Note that key identifier values are embedded in the /* Note that key identifier values are embedded in the
* persistent key store, as part of key metadata. As a consequence, they * persistent key store, as part of key metadata. As a consequence, they
@ -2394,23 +2394,23 @@
/* *INDENT-ON* */ /* *INDENT-ON* */
/** The minimum value for a key identifier chosen by the application. /** The minimum value for a key identifier chosen by the application.
*/ */
#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) #define PSA_KEY_ID_USER_MIN ((psa_key_id_t) 0x00000001)
/** The maximum value for a key identifier chosen by the application. /** The maximum value for a key identifier chosen by the application.
*/ */
#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) #define PSA_KEY_ID_USER_MAX ((psa_key_id_t) 0x3fffffff)
/** The minimum value for a key identifier chosen by the implementation. /** The minimum value for a key identifier chosen by the implementation.
*/ */
#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) #define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t) 0x40000000)
/** The maximum value for a key identifier chosen by the implementation. /** The maximum value for a key identifier chosen by the implementation.
*/ */
#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) #define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t) 0x7fffffff)
#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
#define MBEDTLS_SVC_KEY_ID_INIT ( (psa_key_id_t)0 ) #define MBEDTLS_SVC_KEY_ID_INIT ((psa_key_id_t) 0)
#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( id ) #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) (id)
#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( 0 ) #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) (0)
/** Utility to initialize a key identifier at runtime. /** Utility to initialize a key identifier at runtime.
* *
@ -2418,11 +2418,11 @@
* \param key_id Identifier of the key. * \param key_id Identifier of the key.
*/ */
static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
unsigned int unused, psa_key_id_t key_id ) unsigned int unused, psa_key_id_t key_id)
{ {
(void)unused; (void) unused;
return( key_id ); return key_id;
} }
/** Compare two key identifiers. /** Compare two key identifiers.
@ -2432,10 +2432,10 @@ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
* *
* \return Non-zero if the two key identifier are equal, zero otherwise. * \return Non-zero if the two key identifier are equal, zero otherwise.
*/ */
static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1,
mbedtls_svc_key_id_t id2 ) mbedtls_svc_key_id_t id2)
{ {
return( id1 == id2 ); return id1 == id2;
} }
/** Check whether a key identifier is null. /** Check whether a key identifier is null.
@ -2444,16 +2444,16 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1,
* *
* \return Non-zero if the key identifier is null, zero otherwise. * \return Non-zero if the key identifier is null, zero otherwise.
*/ */
static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
{ {
return( key == 0 ); return key == 0;
} }
#else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ #else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
#define MBEDTLS_SVC_KEY_ID_INIT ( (mbedtls_svc_key_id_t){ 0, 0 } ) #define MBEDTLS_SVC_KEY_ID_INIT ((mbedtls_svc_key_id_t){ 0, 0 })
#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( ( id ).MBEDTLS_PRIVATE(key_id) ) #define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) ((id).MBEDTLS_PRIVATE(key_id))
#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( ( id ).MBEDTLS_PRIVATE(owner) ) #define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) ((id).MBEDTLS_PRIVATE(owner))
/** Utility to initialize a key identifier at runtime. /** Utility to initialize a key identifier at runtime.
* *
@ -2461,10 +2461,10 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* \param key_id Identifier of the key. * \param key_id Identifier of the key.
*/ */
static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id ) mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id)
{ {
return( (mbedtls_svc_key_id_t){ .MBEDTLS_PRIVATE(key_id) = key_id, return (mbedtls_svc_key_id_t){ .MBEDTLS_PRIVATE(key_id) = key_id,
.MBEDTLS_PRIVATE(owner) = owner_id } ); .MBEDTLS_PRIVATE(owner) = owner_id };
} }
/** Compare two key identifiers. /** Compare two key identifiers.
@ -2474,11 +2474,11 @@ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make(
* *
* \return Non-zero if the two key identifier are equal, zero otherwise. * \return Non-zero if the two key identifier are equal, zero otherwise.
*/ */
static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1,
mbedtls_svc_key_id_t id2 ) mbedtls_svc_key_id_t id2)
{ {
return( ( id1.MBEDTLS_PRIVATE(key_id) == id2.MBEDTLS_PRIVATE(key_id) ) && return (id1.MBEDTLS_PRIVATE(key_id) == id2.MBEDTLS_PRIVATE(key_id)) &&
mbedtls_key_owner_id_equal( id1.MBEDTLS_PRIVATE(owner), id2.MBEDTLS_PRIVATE(owner) ) ); mbedtls_key_owner_id_equal(id1.MBEDTLS_PRIVATE(owner), id2.MBEDTLS_PRIVATE(owner));
} }
/** Check whether a key identifier is null. /** Check whether a key identifier is null.
@ -2487,9 +2487,9 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1,
* *
* \return Non-zero if the key identifier is null, zero otherwise. * \return Non-zero if the key identifier is null, zero otherwise.
*/ */
static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key)
{ {
return( key.MBEDTLS_PRIVATE(key_id) == 0 ); return key.MBEDTLS_PRIVATE(key_id) == 0;
} }
#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
@ -2516,7 +2516,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* The key may however be exportable in a wrapped form, i.e. in a form * The key may however be exportable in a wrapped form, i.e. in a form
* where it is encrypted by another key. * where it is encrypted by another key.
*/ */
#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t) 0x00000001)
/** Whether the key may be copied. /** Whether the key may be copied.
* *
@ -2532,7 +2532,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY
* is sufficient to permit the copy. * is sufficient to permit the copy.
*/ */
#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002) #define PSA_KEY_USAGE_COPY ((psa_key_usage_t) 0x00000002)
/** Whether the key may be used to encrypt a message. /** Whether the key may be used to encrypt a message.
* *
@ -2543,7 +2543,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the public key. * For a key pair, this concerns the public key.
*/ */
#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) #define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t) 0x00000100)
/** Whether the key may be used to decrypt a message. /** Whether the key may be used to decrypt a message.
* *
@ -2554,7 +2554,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the private key. * For a key pair, this concerns the private key.
*/ */
#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t) 0x00000200)
/** Whether the key may be used to sign a message. /** Whether the key may be used to sign a message.
* *
@ -2564,7 +2564,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the private key. * For a key pair, this concerns the private key.
*/ */
#define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t)0x00000400) #define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t) 0x00000400)
/** Whether the key may be used to verify a message. /** Whether the key may be used to verify a message.
* *
@ -2574,7 +2574,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the public key. * For a key pair, this concerns the public key.
*/ */
#define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t)0x00000800) #define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t) 0x00000800)
/** Whether the key may be used to sign a message. /** Whether the key may be used to sign a message.
* *
@ -2584,7 +2584,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the private key. * For a key pair, this concerns the private key.
*/ */
#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00001000) #define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t) 0x00001000)
/** Whether the key may be used to verify a message signature. /** Whether the key may be used to verify a message signature.
* *
@ -2594,7 +2594,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* *
* For a key pair, this concerns the public key. * For a key pair, this concerns the public key.
*/ */
#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00002000) #define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t) 0x00002000)
/** Whether the key may be used to derive other keys or produce a password /** Whether the key may be used to derive other keys or produce a password
* hash. * hash.
@ -2608,7 +2608,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* permits calling psa_key_derivation_output_bytes() or * permits calling psa_key_derivation_output_bytes() or
* psa_key_derivation_output_key() at the end of the operation. * psa_key_derivation_output_key() at the end of the operation.
*/ */
#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000) #define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t) 0x00004000)
/** Whether the key may be used to verify the result of a key derivation, /** Whether the key may be used to verify the result of a key derivation,
* including password hashing. * including password hashing.
@ -2623,7 +2623,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* permits calling psa_key_derivation_verify_bytes() or * permits calling psa_key_derivation_verify_bytes() or
* psa_key_derivation_verify_key() at the end of the operation. * psa_key_derivation_verify_key() at the end of the operation.
*/ */
#define PSA_KEY_USAGE_VERIFY_DERIVATION ((psa_key_usage_t)0x00008000) #define PSA_KEY_USAGE_VERIFY_DERIVATION ((psa_key_usage_t) 0x00008000)
/**@}*/ /**@}*/
@ -2649,7 +2649,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* psa_key_derivation_verify_key(), but not * psa_key_derivation_verify_key(), but not
* psa_key_derivation_output_key(). * psa_key_derivation_output_key().
*/ */
#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) #define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101)
/** A low-entropy secret input for password hashing / key stretching. /** A low-entropy secret input for password hashing / key stretching.
* *
@ -2667,7 +2667,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* psa_key_derivation_verify_key(), but not * psa_key_derivation_verify_key(), but not
* psa_key_derivation_output_key(). * psa_key_derivation_output_key().
*/ */
#define PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t)0x0102) #define PSA_KEY_DERIVATION_INPUT_PASSWORD ((psa_key_derivation_step_t) 0x0102)
/** A high-entropy additional secret input for key derivation. /** A high-entropy additional secret input for key derivation.
* *
@ -2677,14 +2677,14 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* a direct input passed to `psa_key_derivation_input_bytes()`. * a direct input passed to `psa_key_derivation_input_bytes()`.
*/ */
#define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET \ #define PSA_KEY_DERIVATION_INPUT_OTHER_SECRET \
((psa_key_derivation_step_t)0x0103) ((psa_key_derivation_step_t) 0x0103)
/** A label for key derivation. /** A label for key derivation.
* *
* This should be a direct input. * This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/ */
#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) #define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201)
/** A salt for key derivation. /** A salt for key derivation.
* *
@ -2692,27 +2692,27 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA or * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA or
* #PSA_KEY_TYPE_PEPPER. * #PSA_KEY_TYPE_PEPPER.
*/ */
#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) #define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202)
/** An information string for key derivation. /** An information string for key derivation.
* *
* This should be a direct input. * This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/ */
#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) #define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203)
/** A seed for key derivation. /** A seed for key derivation.
* *
* This should be a direct input. * This should be a direct input.
* It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA.
*/ */
#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) #define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204)
/** A cost parameter for password hashing / key stretching. /** A cost parameter for password hashing / key stretching.
* *
* This must be a direct input, passed to psa_key_derivation_input_integer(). * This must be a direct input, passed to psa_key_derivation_input_integer().
*/ */
#define PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t)0x0205) #define PSA_KEY_DERIVATION_INPUT_COST ((psa_key_derivation_step_t) 0x0205)
/**@}*/ /**@}*/

1549
library/aes.c
View File

File diff suppressed because it is too large Load Diff

254
library/aesni.c
View File

@ -28,7 +28,8 @@
#if defined(__has_feature) #if defined(__has_feature)
#if __has_feature(memory_sanitizer) #if __has_feature(memory_sanitizer)
#warning "MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code." #warning \
"MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code."
#endif #endif
#endif #endif
@ -47,22 +48,21 @@
/* /*
* AES-NI support detection routine * AES-NI support detection routine
*/ */
int mbedtls_aesni_has_support( unsigned int what ) int mbedtls_aesni_has_support(unsigned int what)
{ {
static int done = 0; static int done = 0;
static unsigned int c = 0; static unsigned int c = 0;
if( ! done ) if (!done) {
{ asm ("movl $1, %%eax \n\t"
asm( "movl $1, %%eax \n\t"
"cpuid \n\t" "cpuid \n\t"
: "=c" (c) : "=c" (c)
: :
: "eax", "ebx", "edx" ); : "eax", "ebx", "edx");
done = 1; done = 1;
} }
return( ( c & what ) != 0 ); return (c & what) != 0;
} }
/* /*
@ -94,12 +94,12 @@ int mbedtls_aesni_has_support( unsigned int what )
/* /*
* AES-NI AES-ECB block en(de)cryption * AES-NI AES-ECB block en(de)cryption
*/ */
int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16])
{ {
asm( "movdqu (%3), %%xmm0 \n\t" // load input asm ("movdqu (%3), %%xmm0 \n\t" // load input
"movdqu (%1), %%xmm1 \n\t" // load round key 0 "movdqu (%1), %%xmm1 \n\t" // load round key 0
"pxor %%xmm1, %%xmm0 \n\t" // round 0 "pxor %%xmm1, %%xmm0 \n\t" // round 0
"add $16, %1 \n\t" // point to next round key "add $16, %1 \n\t" // point to next round key
@ -110,51 +110,50 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
"1: \n\t" // encryption loop "1: \n\t" // encryption loop
"movdqu (%1), %%xmm1 \n\t" // load round key "movdqu (%1), %%xmm1 \n\t" // load round key
AESENC xmm1_xmm0 "\n\t" // do round AESENC xmm1_xmm0 "\n\t" // do round
"add $16, %1 \n\t" // point to next round key "add $16, %1 \n\t" // point to next round key
"subl $1, %0 \n\t" // loop "subl $1, %0 \n\t" // loop
"jnz 1b \n\t" "jnz 1b \n\t"
"movdqu (%1), %%xmm1 \n\t" // load round key "movdqu (%1), %%xmm1 \n\t" // load round key
AESENCLAST xmm1_xmm0 "\n\t" // last round AESENCLAST xmm1_xmm0 "\n\t" // last round
"jmp 3f \n\t" "jmp 3f \n\t"
"2: \n\t" // decryption loop "2: \n\t" // decryption loop
"movdqu (%1), %%xmm1 \n\t" "movdqu (%1), %%xmm1 \n\t"
AESDEC xmm1_xmm0 "\n\t" // do round AESDEC xmm1_xmm0 "\n\t" // do round
"add $16, %1 \n\t" "add $16, %1 \n\t"
"subl $1, %0 \n\t" "subl $1, %0 \n\t"
"jnz 2b \n\t" "jnz 2b \n\t"
"movdqu (%1), %%xmm1 \n\t" // load round key "movdqu (%1), %%xmm1 \n\t" // load round key
AESDECLAST xmm1_xmm0 "\n\t" // last round AESDECLAST xmm1_xmm0 "\n\t" // last round
"3: \n\t" "3: \n\t"
"movdqu %%xmm0, (%4) \n\t" // export output "movdqu %%xmm0, (%4) \n\t" // export output
: :
: "r" (ctx->nr), "r" (ctx->buf + ctx->rk_offset), "r" (mode), "r" (input), "r" (output) : "r" (ctx->nr), "r" (ctx->buf + ctx->rk_offset), "r" (mode), "r" (input), "r" (output)
: "memory", "cc", "xmm0", "xmm1" ); : "memory", "cc", "xmm0", "xmm1");
return( 0 ); return 0;
} }
/* /*
* GCM multiplication: c = a times b in GF(2^128) * GCM multiplication: c = a times b in GF(2^128)
* Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5. * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5.
*/ */
void mbedtls_aesni_gcm_mult( unsigned char c[16], void mbedtls_aesni_gcm_mult(unsigned char c[16],
const unsigned char a[16], const unsigned char a[16],
const unsigned char b[16] ) const unsigned char b[16])
{ {
unsigned char aa[16], bb[16], cc[16]; unsigned char aa[16], bb[16], cc[16];
size_t i; size_t i;
/* The inputs are in big-endian order, so byte-reverse them */ /* The inputs are in big-endian order, so byte-reverse them */
for( i = 0; i < 16; i++ ) for (i = 0; i < 16; i++) {
{
aa[i] = a[15 - i]; aa[i] = a[15 - i];
bb[i] = b[15 - i]; bb[i] = b[15 - i];
} }
asm( "movdqu (%0), %%xmm0 \n\t" // a1:a0 asm ("movdqu (%0), %%xmm0 \n\t" // a1:a0
"movdqu (%1), %%xmm1 \n\t" // b1:b0 "movdqu (%1), %%xmm1 \n\t" // b1:b0
/* /*
@ -168,30 +167,30 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
PCLMULQDQ xmm0_xmm2 ",0x11 \n\t" // a1*b1 = d1:d0 PCLMULQDQ xmm0_xmm2 ",0x11 \n\t" // a1*b1 = d1:d0
PCLMULQDQ xmm0_xmm3 ",0x10 \n\t" // a0*b1 = e1:e0 PCLMULQDQ xmm0_xmm3 ",0x10 \n\t" // a0*b1 = e1:e0
PCLMULQDQ xmm0_xmm4 ",0x01 \n\t" // a1*b0 = f1:f0 PCLMULQDQ xmm0_xmm4 ",0x01 \n\t" // a1*b0 = f1:f0
"pxor %%xmm3, %%xmm4 \n\t" // e1+f1:e0+f0 "pxor %%xmm3, %%xmm4 \n\t" // e1+f1:e0+f0
"movdqa %%xmm4, %%xmm3 \n\t" // same "movdqa %%xmm4, %%xmm3 \n\t" // same
"psrldq $8, %%xmm4 \n\t" // 0:e1+f1 "psrldq $8, %%xmm4 \n\t" // 0:e1+f1
"pslldq $8, %%xmm3 \n\t" // e0+f0:0 "pslldq $8, %%xmm3 \n\t" // e0+f0:0
"pxor %%xmm4, %%xmm2 \n\t" // d1:d0+e1+f1 "pxor %%xmm4, %%xmm2 \n\t" // d1:d0+e1+f1
"pxor %%xmm3, %%xmm1 \n\t" // c1+e0+f1:c0 "pxor %%xmm3, %%xmm1 \n\t" // c1+e0+f1:c0
/* /*
* Now shift the result one bit to the left, * Now shift the result one bit to the left,
* taking advantage of [CLMUL-WP] eq 27 (p. 20) * taking advantage of [CLMUL-WP] eq 27 (p. 20)
*/ */
"movdqa %%xmm1, %%xmm3 \n\t" // r1:r0 "movdqa %%xmm1, %%xmm3 \n\t" // r1:r0
"movdqa %%xmm2, %%xmm4 \n\t" // r3:r2 "movdqa %%xmm2, %%xmm4 \n\t" // r3:r2
"psllq $1, %%xmm1 \n\t" // r1<<1:r0<<1 "psllq $1, %%xmm1 \n\t" // r1<<1:r0<<1
"psllq $1, %%xmm2 \n\t" // r3<<1:r2<<1 "psllq $1, %%xmm2 \n\t" // r3<<1:r2<<1
"psrlq $63, %%xmm3 \n\t" // r1>>63:r0>>63 "psrlq $63, %%xmm3 \n\t" // r1>>63:r0>>63
"psrlq $63, %%xmm4 \n\t" // r3>>63:r2>>63 "psrlq $63, %%xmm4 \n\t" // r3>>63:r2>>63
"movdqa %%xmm3, %%xmm5 \n\t" // r1>>63:r0>>63 "movdqa %%xmm3, %%xmm5 \n\t" // r1>>63:r0>>63
"pslldq $8, %%xmm3 \n\t" // r0>>63:0 "pslldq $8, %%xmm3 \n\t" // r0>>63:0
"pslldq $8, %%xmm4 \n\t" // r2>>63:0 "pslldq $8, %%xmm4 \n\t" // r2>>63:0
"psrldq $8, %%xmm5 \n\t" // 0:r1>>63 "psrldq $8, %%xmm5 \n\t" // 0:r1>>63
"por %%xmm3, %%xmm1 \n\t" // r1<<1|r0>>63:r0<<1 "por %%xmm3, %%xmm1 \n\t" // r1<<1|r0>>63:r0<<1
"por %%xmm4, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1 "por %%xmm4, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1
"por %%xmm5, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1|r1>>63 "por %%xmm5, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1|r1>>63
/* /*
* Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1 * Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1
@ -199,51 +198,52 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
* Currently xmm2:xmm1 holds x3:x2:x1:x0 (already shifted). * Currently xmm2:xmm1 holds x3:x2:x1:x0 (already shifted).
*/ */
/* Step 2 (1) */ /* Step 2 (1) */
"movdqa %%xmm1, %%xmm3 \n\t" // x1:x0 "movdqa %%xmm1, %%xmm3 \n\t" // x1:x0
"movdqa %%xmm1, %%xmm4 \n\t" // same "movdqa %%xmm1, %%xmm4 \n\t" // same
"movdqa %%xmm1, %%xmm5 \n\t" // same "movdqa %%xmm1, %%xmm5 \n\t" // same
"psllq $63, %%xmm3 \n\t" // x1<<63:x0<<63 = stuff:a "psllq $63, %%xmm3 \n\t" // x1<<63:x0<<63 = stuff:a
"psllq $62, %%xmm4 \n\t" // x1<<62:x0<<62 = stuff:b "psllq $62, %%xmm4 \n\t" // x1<<62:x0<<62 = stuff:b
"psllq $57, %%xmm5 \n\t" // x1<<57:x0<<57 = stuff:c "psllq $57, %%xmm5 \n\t" // x1<<57:x0<<57 = stuff:c
/* Step 2 (2) */ /* Step 2 (2) */
"pxor %%xmm4, %%xmm3 \n\t" // stuff:a+b "pxor %%xmm4, %%xmm3 \n\t" // stuff:a+b
"pxor %%xmm5, %%xmm3 \n\t" // stuff:a+b+c "pxor %%xmm5, %%xmm3 \n\t" // stuff:a+b+c
"pslldq $8, %%xmm3 \n\t" // a+b+c:0 "pslldq $8, %%xmm3 \n\t" // a+b+c:0
"pxor %%xmm3, %%xmm1 \n\t" // x1+a+b+c:x0 = d:x0 "pxor %%xmm3, %%xmm1 \n\t" // x1+a+b+c:x0 = d:x0
/* Steps 3 and 4 */ /* Steps 3 and 4 */
"movdqa %%xmm1,%%xmm0 \n\t" // d:x0 "movdqa %%xmm1,%%xmm0 \n\t" // d:x0
"movdqa %%xmm1,%%xmm4 \n\t" // same "movdqa %%xmm1,%%xmm4 \n\t" // same
"movdqa %%xmm1,%%xmm5 \n\t" // same "movdqa %%xmm1,%%xmm5 \n\t" // same
"psrlq $1, %%xmm0 \n\t" // e1:x0>>1 = e1:e0' "psrlq $1, %%xmm0 \n\t" // e1:x0>>1 = e1:e0'
"psrlq $2, %%xmm4 \n\t" // f1:x0>>2 = f1:f0' "psrlq $2, %%xmm4 \n\t" // f1:x0>>2 = f1:f0'
"psrlq $7, %%xmm5 \n\t" // g1:x0>>7 = g1:g0' "psrlq $7, %%xmm5 \n\t" // g1:x0>>7 = g1:g0'
"pxor %%xmm4, %%xmm0 \n\t" // e1+f1:e0'+f0' "pxor %%xmm4, %%xmm0 \n\t" // e1+f1:e0'+f0'
"pxor %%xmm5, %%xmm0 \n\t" // e1+f1+g1:e0'+f0'+g0' "pxor %%xmm5, %%xmm0 \n\t" // e1+f1+g1:e0'+f0'+g0'
// e0'+f0'+g0' is almost e0+f0+g0, ex\tcept for some missing // e0'+f0'+g0' is almost e0+f0+g0, ex\tcept for some missing
// bits carried from d. Now get those\t bits back in. // bits carried from d. Now get those\t bits back in.
"movdqa %%xmm1,%%xmm3 \n\t" // d:x0 "movdqa %%xmm1,%%xmm3 \n\t" // d:x0
"movdqa %%xmm1,%%xmm4 \n\t" // same "movdqa %%xmm1,%%xmm4 \n\t" // same
"movdqa %%xmm1,%%xmm5 \n\t" // same "movdqa %%xmm1,%%xmm5 \n\t" // same
"psllq $63, %%xmm3 \n\t" // d<<63:stuff "psllq $63, %%xmm3 \n\t" // d<<63:stuff
"psllq $62, %%xmm4 \n\t" // d<<62:stuff "psllq $62, %%xmm4 \n\t" // d<<62:stuff
"psllq $57, %%xmm5 \n\t" // d<<57:stuff "psllq $57, %%xmm5 \n\t" // d<<57:stuff
"pxor %%xmm4, %%xmm3 \n\t" // d<<63+d<<62:stuff "pxor %%xmm4, %%xmm3 \n\t" // d<<63+d<<62:stuff
"pxor %%xmm5, %%xmm3 \n\t" // missing bits of d:stuff "pxor %%xmm5, %%xmm3 \n\t" // missing bits of d:stuff
"psrldq $8, %%xmm3 \n\t" // 0:missing bits of d "psrldq $8, %%xmm3 \n\t" // 0:missing bits of d
"pxor %%xmm3, %%xmm0 \n\t" // e1+f1+g1:e0+f0+g0 "pxor %%xmm3, %%xmm0 \n\t" // e1+f1+g1:e0+f0+g0
"pxor %%xmm1, %%xmm0 \n\t" // h1:h0 "pxor %%xmm1, %%xmm0 \n\t" // h1:h0
"pxor %%xmm2, %%xmm0 \n\t" // x3+h1:x2+h0 "pxor %%xmm2, %%xmm0 \n\t" // x3+h1:x2+h0
"movdqu %%xmm0, (%2) \n\t" // done "movdqu %%xmm0, (%2) \n\t" // done
: :
: "r" (aa), "r" (bb), "r" (cc) : "r" (aa), "r" (bb), "r" (cc)
: "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5" ); : "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5");
/* Now byte-reverse the outputs */ /* Now byte-reverse the outputs */
for( i = 0; i < 16; i++ ) for (i = 0; i < 16; i++) {
c[i] = cc[15 - i]; c[i] = cc[15 - i];
}
return; return;
} }
@ -251,32 +251,33 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
/* /*
* Compute decryption round keys from encryption round keys * Compute decryption round keys from encryption round keys
*/ */
void mbedtls_aesni_inverse_key( unsigned char *invkey, void mbedtls_aesni_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey, int nr ) const unsigned char *fwdkey, int nr)
{ {
unsigned char *ik = invkey; unsigned char *ik = invkey;
const unsigned char *fk = fwdkey + 16 * nr; const unsigned char *fk = fwdkey + 16 * nr;
memcpy( ik, fk, 16 ); memcpy(ik, fk, 16);
for( fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16 ) for (fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16) {
asm( "movdqu (%0), %%xmm0 \n\t" asm ("movdqu (%0), %%xmm0 \n\t"
AESIMC xmm0_xmm0 "\n\t" AESIMC xmm0_xmm0 "\n\t"
"movdqu %%xmm0, (%1) \n\t" "movdqu %%xmm0, (%1) \n\t"
: :
: "r" (fk), "r" (ik) : "r" (fk), "r" (ik)
: "memory", "xmm0" ); : "memory", "xmm0");
}
memcpy( ik, fk, 16 ); memcpy(ik, fk, 16);
} }
/* /*
* Key expansion, 128-bit case * Key expansion, 128-bit case
*/ */
static void aesni_setkey_enc_128( unsigned char *rk, static void aesni_setkey_enc_128(unsigned char *rk,
const unsigned char *key ) const unsigned char *key)
{ {
asm( "movdqu (%1), %%xmm0 \n\t" // copy the original key asm ("movdqu (%1), %%xmm0 \n\t" // copy the original key
"movdqu %%xmm0, (%0) \n\t" // as round key 0 "movdqu %%xmm0, (%0) \n\t" // as round key 0
"jmp 2f \n\t" // skip auxiliary routine "jmp 2f \n\t" // skip auxiliary routine
@ -317,16 +318,16 @@ static void aesni_setkey_enc_128( unsigned char *rk,
AESKEYGENA xmm0_xmm1 ",0x36 \n\tcall 1b \n\t" AESKEYGENA xmm0_xmm1 ",0x36 \n\tcall 1b \n\t"
: :
: "r" (rk), "r" (key) : "r" (rk), "r" (key)
: "memory", "cc", "0" ); : "memory", "cc", "0");
} }
/* /*
* Key expansion, 192-bit case * Key expansion, 192-bit case
*/ */
static void aesni_setkey_enc_192( unsigned char *rk, static void aesni_setkey_enc_192(unsigned char *rk,
const unsigned char *key ) const unsigned char *key)
{ {
asm( "movdqu (%1), %%xmm0 \n\t" // copy original round key asm ("movdqu (%1), %%xmm0 \n\t" // copy original round key
"movdqu %%xmm0, (%0) \n\t" "movdqu %%xmm0, (%0) \n\t"
"add $16, %0 \n\t" "add $16, %0 \n\t"
"movq 16(%1), %%xmm1 \n\t" "movq 16(%1), %%xmm1 \n\t"
@ -374,16 +375,16 @@ static void aesni_setkey_enc_192( unsigned char *rk,
: :
: "r" (rk), "r" (key) : "r" (rk), "r" (key)
: "memory", "cc", "0" ); : "memory", "cc", "0");
} }
/* /*
* Key expansion, 256-bit case * Key expansion, 256-bit case
*/ */
static void aesni_setkey_enc_256( unsigned char *rk, static void aesni_setkey_enc_256(unsigned char *rk,
const unsigned char *key ) const unsigned char *key)
{ {
asm( "movdqu (%1), %%xmm0 \n\t" asm ("movdqu (%1), %%xmm0 \n\t"
"movdqu %%xmm0, (%0) \n\t" "movdqu %%xmm0, (%0) \n\t"
"add $16, %0 \n\t" "add $16, %0 \n\t"
"movdqu 16(%1), %%xmm1 \n\t" "movdqu 16(%1), %%xmm1 \n\t"
@ -414,23 +415,23 @@ static void aesni_setkey_enc_256( unsigned char *rk,
/* Set xmm2 to stuff:Y:stuff:stuff with Y = subword( r11 ) /* Set xmm2 to stuff:Y:stuff:stuff with Y = subword( r11 )
* and proceed to generate next round key from there */ * and proceed to generate next round key from there */
AESKEYGENA xmm0_xmm2 ",0x00 \n\t" AESKEYGENA xmm0_xmm2 ",0x00 \n\t"
"pshufd $0xaa, %%xmm2, %%xmm2 \n\t" "pshufd $0xaa, %%xmm2, %%xmm2 \n\t"
"pxor %%xmm1, %%xmm2 \n\t" "pxor %%xmm1, %%xmm2 \n\t"
"pslldq $4, %%xmm1 \n\t" "pslldq $4, %%xmm1 \n\t"
"pxor %%xmm1, %%xmm2 \n\t" "pxor %%xmm1, %%xmm2 \n\t"
"pslldq $4, %%xmm1 \n\t" "pslldq $4, %%xmm1 \n\t"
"pxor %%xmm1, %%xmm2 \n\t" "pxor %%xmm1, %%xmm2 \n\t"
"pslldq $4, %%xmm1 \n\t" "pslldq $4, %%xmm1 \n\t"
"pxor %%xmm2, %%xmm1 \n\t" "pxor %%xmm2, %%xmm1 \n\t"
"add $16, %0 \n\t" "add $16, %0 \n\t"
"movdqu %%xmm1, (%0) \n\t" "movdqu %%xmm1, (%0) \n\t"
"ret \n\t" "ret \n\t"
/* /*
* Main "loop" - Generating one more key than necessary, * Main "loop" - Generating one more key than necessary,
* see definition of mbedtls_aes_context.buf * see definition of mbedtls_aes_context.buf
*/ */
"2: \n\t" "2: \n\t"
AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t" AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x02 \n\tcall 1b \n\t" AESKEYGENA xmm1_xmm2 ",0x02 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x04 \n\tcall 1b \n\t" AESKEYGENA xmm1_xmm2 ",0x04 \n\tcall 1b \n\t"
@ -440,25 +441,24 @@ static void aesni_setkey_enc_256( unsigned char *rk,
AESKEYGENA xmm1_xmm2 ",0x40 \n\tcall 1b \n\t" AESKEYGENA xmm1_xmm2 ",0x40 \n\tcall 1b \n\t"
: :
: "r" (rk), "r" (key) : "r" (rk), "r" (key)
: "memory", "cc", "0" ); : "memory", "cc", "0");
} }
/* /*
* Key expansion, wrapper * Key expansion, wrapper
*/ */
int mbedtls_aesni_setkey_enc( unsigned char *rk, int mbedtls_aesni_setkey_enc(unsigned char *rk,
const unsigned char *key, const unsigned char *key,
size_t bits ) size_t bits)
{ {
switch( bits ) switch (bits) {
{ case 128: aesni_setkey_enc_128(rk, key); break;
case 128: aesni_setkey_enc_128( rk, key ); break; case 192: aesni_setkey_enc_192(rk, key); break;
case 192: aesni_setkey_enc_192( rk, key ); break; case 256: aesni_setkey_enc_256(rk, key); break;
case 256: aesni_setkey_enc_256( rk, key ); break; default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
} }
return( 0 ); return 0;
} }
#endif /* MBEDTLS_HAVE_X86_64 */ #endif /* MBEDTLS_HAVE_X86_64 */

32
library/aesni.h
View File

@ -33,8 +33,8 @@
#define MBEDTLS_AESNI_CLMUL 0x00000002u #define MBEDTLS_AESNI_CLMUL 0x00000002u
#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \ #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
( defined(__amd64__) || defined(__x86_64__) ) && \ (defined(__amd64__) || defined(__x86_64__)) && \
! defined(MBEDTLS_HAVE_X86_64) !defined(MBEDTLS_HAVE_X86_64)
#define MBEDTLS_HAVE_X86_64 #define MBEDTLS_HAVE_X86_64
#endif #endif
@ -55,7 +55,7 @@ extern "C" {
* *
* \return 1 if CPU has support for the feature, 0 otherwise * \return 1 if CPU has support for the feature, 0 otherwise
*/ */
int mbedtls_aesni_has_support( unsigned int what ); int mbedtls_aesni_has_support(unsigned int what);
/** /**
* \brief Internal AES-NI AES-ECB block encryption and decryption * \brief Internal AES-NI AES-ECB block encryption and decryption
@ -70,10 +70,10 @@ int mbedtls_aesni_has_support( unsigned int what );
* *
* \return 0 on success (cannot fail) * \return 0 on success (cannot fail)
*/ */
int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16]);
/** /**
* \brief Internal GCM multiplication: c = a * b in GF(2^128) * \brief Internal GCM multiplication: c = a * b in GF(2^128)
@ -88,9 +88,9 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
* \note Both operands and result are bit strings interpreted as * \note Both operands and result are bit strings interpreted as
* elements of GF(2^128) as per the GCM spec. * elements of GF(2^128) as per the GCM spec.
*/ */
void mbedtls_aesni_gcm_mult( unsigned char c[16], void mbedtls_aesni_gcm_mult(unsigned char c[16],
const unsigned char a[16], const unsigned char a[16],
const unsigned char b[16] ); const unsigned char b[16]);
/** /**
* \brief Internal round key inversion. This function computes * \brief Internal round key inversion. This function computes
@ -103,9 +103,9 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
* \param fwdkey Original round keys (for encryption) * \param fwdkey Original round keys (for encryption)
* \param nr Number of rounds (that is, number of round keys minus one) * \param nr Number of rounds (that is, number of round keys minus one)
*/ */
void mbedtls_aesni_inverse_key( unsigned char *invkey, void mbedtls_aesni_inverse_key(unsigned char *invkey,
const unsigned char *fwdkey, const unsigned char *fwdkey,
int nr ); int nr);
/** /**
* \brief Internal key expansion for encryption * \brief Internal key expansion for encryption
@ -119,9 +119,9 @@ void mbedtls_aesni_inverse_key( unsigned char *invkey,
* *
* \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/ */
int mbedtls_aesni_setkey_enc( unsigned char *rk, int mbedtls_aesni_setkey_enc(unsigned char *rk,
const unsigned char *key, const unsigned char *key,
size_t bits ); size_t bits);
#ifdef __cplusplus #ifdef __cplusplus
} }

277
library/alignment.h
View File

@ -36,10 +36,10 @@
* \param p pointer to 2 bytes of data * \param p pointer to 2 bytes of data
* \return Data at the given address * \return Data at the given address
*/ */
inline uint16_t mbedtls_get_unaligned_uint16( const void *p ) inline uint16_t mbedtls_get_unaligned_uint16(const void *p)
{ {
uint16_t r; uint16_t r;
memcpy( &r, p, sizeof( r ) ); memcpy(&r, p, sizeof(r));
return r; return r;
} }
@ -50,9 +50,9 @@ inline uint16_t mbedtls_get_unaligned_uint16( const void *p )
* \param p pointer to 2 bytes of data * \param p pointer to 2 bytes of data
* \param x data to write * \param x data to write
*/ */
inline void mbedtls_put_unaligned_uint16( void *p, uint16_t x ) inline void mbedtls_put_unaligned_uint16(void *p, uint16_t x)
{ {
memcpy( p, &x, sizeof( x ) ); memcpy(p, &x, sizeof(x));
} }
/** /**
@ -62,10 +62,10 @@ inline void mbedtls_put_unaligned_uint16( void *p, uint16_t x )
* \param p pointer to 4 bytes of data * \param p pointer to 4 bytes of data
* \return Data at the given address * \return Data at the given address
*/ */
inline uint32_t mbedtls_get_unaligned_uint32( const void *p ) inline uint32_t mbedtls_get_unaligned_uint32(const void *p)
{ {
uint32_t r; uint32_t r;
memcpy( &r, p, sizeof( r ) ); memcpy(&r, p, sizeof(r));
return r; return r;
} }
@ -76,9 +76,9 @@ inline uint32_t mbedtls_get_unaligned_uint32( const void *p )
* \param p pointer to 4 bytes of data * \param p pointer to 4 bytes of data
* \param x data to write * \param x data to write
*/ */
inline void mbedtls_put_unaligned_uint32( void *p, uint32_t x ) inline void mbedtls_put_unaligned_uint32(void *p, uint32_t x)
{ {
memcpy( p, &x, sizeof( x ) ); memcpy(p, &x, sizeof(x));
} }
/** /**
@ -88,10 +88,10 @@ inline void mbedtls_put_unaligned_uint32( void *p, uint32_t x )
* \param p pointer to 8 bytes of data * \param p pointer to 8 bytes of data
* \return Data at the given address * \return Data at the given address
*/ */
inline uint64_t mbedtls_get_unaligned_uint64( const void *p ) inline uint64_t mbedtls_get_unaligned_uint64(const void *p)
{ {
uint64_t r; uint64_t r;
memcpy( &r, p, sizeof( r ) ); memcpy(&r, p, sizeof(r));
return r; return r;
} }
@ -102,9 +102,9 @@ inline uint64_t mbedtls_get_unaligned_uint64( const void *p )
* \param p pointer to 8 bytes of data * \param p pointer to 8 bytes of data
* \param x data to write * \param x data to write
*/ */
inline void mbedtls_put_unaligned_uint64( void *p, uint64_t x ) inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x)
{ {
memcpy( p, &x, sizeof( x ) ); memcpy(p, &x, sizeof(x));
} }
/** Byte Reading Macros /** Byte Reading Macros
@ -112,23 +112,23 @@ inline void mbedtls_put_unaligned_uint64( void *p, uint64_t x )
* Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th
* byte from x, where byte 0 is the least significant byte. * byte from x, where byte 0 is the least significant byte.
*/ */
#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) #define MBEDTLS_BYTE_0(x) ((uint8_t) ((x) & 0xff))
#define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) #define MBEDTLS_BYTE_1(x) ((uint8_t) (((x) >> 8) & 0xff))
#define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) #define MBEDTLS_BYTE_2(x) ((uint8_t) (((x) >> 16) & 0xff))
#define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) #define MBEDTLS_BYTE_3(x) ((uint8_t) (((x) >> 24) & 0xff))
#define MBEDTLS_BYTE_4( x ) ( (uint8_t) ( ( ( x ) >> 32 ) & 0xff ) ) #define MBEDTLS_BYTE_4(x) ((uint8_t) (((x) >> 32) & 0xff))
#define MBEDTLS_BYTE_5( x ) ( (uint8_t) ( ( ( x ) >> 40 ) & 0xff ) ) #define MBEDTLS_BYTE_5(x) ((uint8_t) (((x) >> 40) & 0xff))
#define MBEDTLS_BYTE_6( x ) ( (uint8_t) ( ( ( x ) >> 48 ) & 0xff ) ) #define MBEDTLS_BYTE_6(x) ((uint8_t) (((x) >> 48) & 0xff))
#define MBEDTLS_BYTE_7( x ) ( (uint8_t) ( ( ( x ) >> 56 ) & 0xff ) ) #define MBEDTLS_BYTE_7(x) ((uint8_t) (((x) >> 56) & 0xff))
/* /*
* Detect GCC built-in byteswap routines * Detect GCC built-in byteswap routines
*/ */
#if defined(__GNUC__) && defined(__GNUC_PREREQ) #if defined(__GNUC__) && defined(__GNUC_PREREQ)
#if __GNUC_PREREQ(4,8) #if __GNUC_PREREQ(4, 8)
#define MBEDTLS_BSWAP16 __builtin_bswap16 #define MBEDTLS_BSWAP16 __builtin_bswap16
#endif /* __GNUC_PREREQ(4,8) */ #endif /* __GNUC_PREREQ(4,8) */
#if __GNUC_PREREQ(4,3) #if __GNUC_PREREQ(4, 3)
#define MBEDTLS_BSWAP32 __builtin_bswap32 #define MBEDTLS_BSWAP32 __builtin_bswap32
#define MBEDTLS_BSWAP64 __builtin_bswap64 #define MBEDTLS_BSWAP64 __builtin_bswap64
#endif /* __GNUC_PREREQ(4,3) */ #endif /* __GNUC_PREREQ(4,3) */
@ -169,36 +169,39 @@ inline void mbedtls_put_unaligned_uint64( void *p, uint64_t x )
* similar instruction. * similar instruction.
*/ */
#if !defined(MBEDTLS_BSWAP16) #if !defined(MBEDTLS_BSWAP16)
static inline uint16_t mbedtls_bswap16( uint16_t x ) { static inline uint16_t mbedtls_bswap16(uint16_t x)
{
return return
( x & 0x00ff ) << 8 | (x & 0x00ff) << 8 |
( x & 0xff00 ) >> 8; (x & 0xff00) >> 8;
} }
#define MBEDTLS_BSWAP16 mbedtls_bswap16 #define MBEDTLS_BSWAP16 mbedtls_bswap16
#endif /* !defined(MBEDTLS_BSWAP16) */ #endif /* !defined(MBEDTLS_BSWAP16) */
#if !defined(MBEDTLS_BSWAP32) #if !defined(MBEDTLS_BSWAP32)
static inline uint32_t mbedtls_bswap32( uint32_t x ) { static inline uint32_t mbedtls_bswap32(uint32_t x)
{
return return
( x & 0x000000ff ) << 24 | (x & 0x000000ff) << 24 |
( x & 0x0000ff00 ) << 8 | (x & 0x0000ff00) << 8 |
( x & 0x00ff0000 ) >> 8 | (x & 0x00ff0000) >> 8 |
( x & 0xff000000 ) >> 24; (x & 0xff000000) >> 24;
} }
#define MBEDTLS_BSWAP32 mbedtls_bswap32 #define MBEDTLS_BSWAP32 mbedtls_bswap32
#endif /* !defined(MBEDTLS_BSWAP32) */ #endif /* !defined(MBEDTLS_BSWAP32) */
#if !defined(MBEDTLS_BSWAP64) #if !defined(MBEDTLS_BSWAP64)
static inline uint64_t mbedtls_bswap64( uint64_t x ) { static inline uint64_t mbedtls_bswap64(uint64_t x)
{
return return
( x & 0x00000000000000ff ) << 56 | (x & 0x00000000000000ff) << 56 |
( x & 0x000000000000ff00 ) << 40 | (x & 0x000000000000ff00) << 40 |
( x & 0x0000000000ff0000 ) << 24 | (x & 0x0000000000ff0000) << 24 |
( x & 0x00000000ff000000 ) << 8 | (x & 0x00000000ff000000) << 8 |
( x & 0x000000ff00000000 ) >> 8 | (x & 0x000000ff00000000) >> 8 |
( x & 0x0000ff0000000000 ) >> 24 | (x & 0x0000ff0000000000) >> 24 |
( x & 0x00ff000000000000 ) >> 40 | (x & 0x00ff000000000000) >> 40 |
( x & 0xff00000000000000 ) >> 56; (x & 0xff00000000000000) >> 56;
} }
#define MBEDTLS_BSWAP64 mbedtls_bswap64 #define MBEDTLS_BSWAP64 mbedtls_bswap64
#endif /* !defined(MBEDTLS_BSWAP64) */ #endif /* !defined(MBEDTLS_BSWAP64) */
@ -219,8 +222,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the four bytes to build the 32 bits unsigned * byte of the four bytes to build the 32 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT32_BE( data, offset ) \ #define MBEDTLS_GET_UINT32_BE(data, offset) \
( ( MBEDTLS_IS_BIG_ENDIAN ) \ ((MBEDTLS_IS_BIG_ENDIAN) \
? mbedtls_get_unaligned_uint32((data) + (offset)) \ ? mbedtls_get_unaligned_uint32((data) + (offset)) \
: MBEDTLS_BSWAP32(mbedtls_get_unaligned_uint32((data) + (offset))) \ : MBEDTLS_BSWAP32(mbedtls_get_unaligned_uint32((data) + (offset))) \
) )
@ -234,17 +237,17 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the most significant * \param offset Offset from \p data where to put the most significant
* byte of the 32 bits unsigned integer \p n. * byte of the 32 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ #define MBEDTLS_PUT_UINT32_BE(n, data, offset) \
{ \ { \
if ( MBEDTLS_IS_BIG_ENDIAN ) \ if (MBEDTLS_IS_BIG_ENDIAN) \
{ \ { \
mbedtls_put_unaligned_uint32((data) + (offset), (uint32_t)(n)); \ mbedtls_put_unaligned_uint32((data) + (offset), (uint32_t) (n)); \
} \ } \
else \ else \
{ \ { \
mbedtls_put_unaligned_uint32((data) + (offset), MBEDTLS_BSWAP32((uint32_t)(n))); \ mbedtls_put_unaligned_uint32((data) + (offset), MBEDTLS_BSWAP32((uint32_t) (n))); \
} \ } \
} }
/** /**
* Get the unsigned 32 bits integer corresponding to four bytes in * Get the unsigned 32 bits integer corresponding to four bytes in
@ -255,8 +258,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the four bytes to build the 32 bits unsigned * byte of the four bytes to build the 32 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT32_LE( data, offset ) \ #define MBEDTLS_GET_UINT32_LE(data, offset) \
( ( MBEDTLS_IS_BIG_ENDIAN ) \ ((MBEDTLS_IS_BIG_ENDIAN) \
? MBEDTLS_BSWAP32(mbedtls_get_unaligned_uint32((data) + (offset))) \ ? MBEDTLS_BSWAP32(mbedtls_get_unaligned_uint32((data) + (offset))) \
: mbedtls_get_unaligned_uint32((data) + (offset)) \ : mbedtls_get_unaligned_uint32((data) + (offset)) \
) )
@ -271,17 +274,17 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the least significant * \param offset Offset from \p data where to put the least significant
* byte of the 32 bits unsigned integer \p n. * byte of the 32 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ #define MBEDTLS_PUT_UINT32_LE(n, data, offset) \
{ \ { \
if ( MBEDTLS_IS_BIG_ENDIAN ) \ if (MBEDTLS_IS_BIG_ENDIAN) \
{ \ { \
mbedtls_put_unaligned_uint32((data) + (offset), MBEDTLS_BSWAP32((uint32_t)(n))); \ mbedtls_put_unaligned_uint32((data) + (offset), MBEDTLS_BSWAP32((uint32_t) (n))); \
} \ } \
else \ else \
{ \ { \
mbedtls_put_unaligned_uint32((data) + (offset), ((uint32_t)(n))); \ mbedtls_put_unaligned_uint32((data) + (offset), ((uint32_t) (n))); \
} \ } \
} }
/** /**
* Get the unsigned 16 bits integer corresponding to two bytes in * Get the unsigned 16 bits integer corresponding to two bytes in
@ -292,8 +295,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the two bytes to build the 16 bits unsigned * byte of the two bytes to build the 16 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT16_LE( data, offset ) \ #define MBEDTLS_GET_UINT16_LE(data, offset) \
( ( MBEDTLS_IS_BIG_ENDIAN ) \ ((MBEDTLS_IS_BIG_ENDIAN) \
? MBEDTLS_BSWAP16(mbedtls_get_unaligned_uint16((data) + (offset))) \ ? MBEDTLS_BSWAP16(mbedtls_get_unaligned_uint16((data) + (offset))) \
: mbedtls_get_unaligned_uint16((data) + (offset)) \ : mbedtls_get_unaligned_uint16((data) + (offset)) \
) )
@ -307,17 +310,17 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the least significant * \param offset Offset from \p data where to put the least significant
* byte of the 16 bits unsigned integer \p n. * byte of the 16 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ #define MBEDTLS_PUT_UINT16_LE(n, data, offset) \
{ \ { \
if ( MBEDTLS_IS_BIG_ENDIAN ) \ if (MBEDTLS_IS_BIG_ENDIAN) \
{ \ { \
mbedtls_put_unaligned_uint16((data) + (offset), MBEDTLS_BSWAP16((uint16_t)(n))); \ mbedtls_put_unaligned_uint16((data) + (offset), MBEDTLS_BSWAP16((uint16_t) (n))); \
} \ } \
else \ else \
{ \ { \
mbedtls_put_unaligned_uint16((data) + (offset), (uint16_t)(n)); \ mbedtls_put_unaligned_uint16((data) + (offset), (uint16_t) (n)); \
} \ } \
} }
/** /**
* Get the unsigned 16 bits integer corresponding to two bytes in * Get the unsigned 16 bits integer corresponding to two bytes in
@ -328,8 +331,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the two bytes to build the 16 bits unsigned * byte of the two bytes to build the 16 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT16_BE( data, offset ) \ #define MBEDTLS_GET_UINT16_BE(data, offset) \
( ( MBEDTLS_IS_BIG_ENDIAN ) \ ((MBEDTLS_IS_BIG_ENDIAN) \
? mbedtls_get_unaligned_uint16((data) + (offset)) \ ? mbedtls_get_unaligned_uint16((data) + (offset)) \
: MBEDTLS_BSWAP16(mbedtls_get_unaligned_uint16((data) + (offset))) \ : MBEDTLS_BSWAP16(mbedtls_get_unaligned_uint16((data) + (offset))) \
) )
@ -343,17 +346,17 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the most significant * \param offset Offset from \p data where to put the most significant
* byte of the 16 bits unsigned integer \p n. * byte of the 16 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ #define MBEDTLS_PUT_UINT16_BE(n, data, offset) \
{ \ { \
if ( MBEDTLS_IS_BIG_ENDIAN ) \ if (MBEDTLS_IS_BIG_ENDIAN) \
{ \ { \
mbedtls_put_unaligned_uint16((data) + (offset), (uint16_t)(n)); \ mbedtls_put_unaligned_uint16((data) + (offset), (uint16_t) (n)); \
} \ } \
else \ else \
{ \ { \
mbedtls_put_unaligned_uint16((data) + (offset), MBEDTLS_BSWAP16((uint16_t)(n))); \ mbedtls_put_unaligned_uint16((data) + (offset), MBEDTLS_BSWAP16((uint16_t) (n))); \
} \ } \
} }
/** /**
* Get the unsigned 24 bits integer corresponding to three bytes in * Get the unsigned 24 bits integer corresponding to three bytes in
@ -364,11 +367,11 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the three bytes to build the 24 bits unsigned * byte of the three bytes to build the 24 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT24_BE( data , offset ) \ #define MBEDTLS_GET_UINT24_BE(data, offset) \
( \ ( \
( (uint32_t) ( data )[( offset ) ] << 16 ) \ ((uint32_t) (data)[(offset)] << 16) \
| ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ | ((uint32_t) (data)[(offset) + 1] << 8) \
| ( (uint32_t) ( data )[( offset ) + 2] ) \ | ((uint32_t) (data)[(offset) + 2]) \
) )
/** /**
@ -380,12 +383,12 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the most significant * \param offset Offset from \p data where to put the most significant
* byte of the 24 bits unsigned integer \p n. * byte of the 24 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT24_BE( n, data, offset ) \ #define MBEDTLS_PUT_UINT24_BE(n, data, offset) \
{ \ { \
( data )[( offset ) ] = MBEDTLS_BYTE_2( n ); \ (data)[(offset)] = MBEDTLS_BYTE_2(n); \
( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ (data)[(offset) + 1] = MBEDTLS_BYTE_1(n); \
( data )[( offset ) + 2] = MBEDTLS_BYTE_0( n ); \ (data)[(offset) + 2] = MBEDTLS_BYTE_0(n); \
} }
/** /**
* Get the unsigned 24 bits integer corresponding to three bytes in * Get the unsigned 24 bits integer corresponding to three bytes in
@ -396,11 +399,11 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the three bytes to build the 24 bits unsigned * byte of the three bytes to build the 24 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT24_LE( data, offset ) \ #define MBEDTLS_GET_UINT24_LE(data, offset) \
( \ ( \
( (uint32_t) ( data )[( offset ) ] ) \ ((uint32_t) (data)[(offset)]) \
| ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ | ((uint32_t) (data)[(offset) + 1] << 8) \
| ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ | ((uint32_t) (data)[(offset) + 2] << 16) \
) )
/** /**
@ -412,12 +415,12 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the least significant * \param offset Offset from \p data where to put the least significant
* byte of the 24 bits unsigned integer \p n. * byte of the 24 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT24_LE( n, data, offset ) \ #define MBEDTLS_PUT_UINT24_LE(n, data, offset) \
{ \ { \
( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ (data)[(offset)] = MBEDTLS_BYTE_0(n); \
( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ (data)[(offset) + 1] = MBEDTLS_BYTE_1(n); \
( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ (data)[(offset) + 2] = MBEDTLS_BYTE_2(n); \
} }
/** /**
* Get the unsigned 64 bits integer corresponding to eight bytes in * Get the unsigned 64 bits integer corresponding to eight bytes in
@ -428,8 +431,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the eight bytes to build the 64 bits unsigned * byte of the eight bytes to build the 64 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT64_BE( data, offset ) \ #define MBEDTLS_GET_UINT64_BE(data, offset) \
( ( MBEDTLS_IS_BIG_ENDIAN ) \ ((MBEDTLS_IS_BIG_ENDIAN) \
? mbedtls_get_unaligned_uint64((data) + (offset)) \ ? mbedtls_get_unaligned_uint64((data) + (offset)) \
: MBEDTLS_BSWAP64(mbedtls_get_unaligned_uint64((data) + (offset))) \ : MBEDTLS_BSWAP64(mbedtls_get_unaligned_uint64((data) + (offset))) \
) )
@ -443,17 +446,17 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the most significant * \param offset Offset from \p data where to put the most significant
* byte of the 64 bits unsigned integer \p n. * byte of the 64 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ #define MBEDTLS_PUT_UINT64_BE(n, data, offset) \
{ \ { \
if ( MBEDTLS_IS_BIG_ENDIAN ) \ if (MBEDTLS_IS_BIG_ENDIAN) \
{ \ { \
mbedtls_put_unaligned_uint64((data) + (offset), (uint64_t)(n)); \ mbedtls_put_unaligned_uint64((data) + (offset), (uint64_t) (n)); \
} \ } \
else \ else \
{ \ { \
mbedtls_put_unaligned_uint64((data) + (offset), MBEDTLS_BSWAP64((uint64_t)(n))); \ mbedtls_put_unaligned_uint64((data) + (offset), MBEDTLS_BSWAP64((uint64_t) (n))); \
} \ } \
} }
/** /**
* Get the unsigned 64 bits integer corresponding to eight bytes in * Get the unsigned 64 bits integer corresponding to eight bytes in
@ -464,8 +467,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* byte of the eight bytes to build the 64 bits unsigned * byte of the eight bytes to build the 64 bits unsigned
* integer from. * integer from.
*/ */
#define MBEDTLS_GET_UINT64_LE( data, offset ) \ #define MBEDTLS_GET_UINT64_LE(data, offset) \
( ( MBEDTLS_IS_BIG_ENDIAN ) \ ((MBEDTLS_IS_BIG_ENDIAN) \
? MBEDTLS_BSWAP64(mbedtls_get_unaligned_uint64((data) + (offset))) \ ? MBEDTLS_BSWAP64(mbedtls_get_unaligned_uint64((data) + (offset))) \
: mbedtls_get_unaligned_uint64((data) + (offset)) \ : mbedtls_get_unaligned_uint64((data) + (offset)) \
) )
@ -479,16 +482,16 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 };
* \param offset Offset from \p data where to put the least significant * \param offset Offset from \p data where to put the least significant
* byte of the 64 bits unsigned integer \p n. * byte of the 64 bits unsigned integer \p n.
*/ */
#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ #define MBEDTLS_PUT_UINT64_LE(n, data, offset) \
{ \ { \
if ( MBEDTLS_IS_BIG_ENDIAN ) \ if (MBEDTLS_IS_BIG_ENDIAN) \
{ \ { \
mbedtls_put_unaligned_uint64((data) + (offset), MBEDTLS_BSWAP64((uint64_t)(n))); \ mbedtls_put_unaligned_uint64((data) + (offset), MBEDTLS_BSWAP64((uint64_t) (n))); \
} \ } \
else \ else \
{ \ { \
mbedtls_put_unaligned_uint64((data) + (offset), (uint64_t)(n)); \ mbedtls_put_unaligned_uint64((data) + (offset), (uint64_t) (n)); \
} \ } \
} }
#endif /* MBEDTLS_LIBRARY_ALIGNMENT_H */ #endif /* MBEDTLS_LIBRARY_ALIGNMENT_H */

652
library/aria.c
View File

@ -38,10 +38,10 @@
#include "mbedtls/platform_util.h" #include "mbedtls/platform_util.h"
/* Parameter validation macros */ /* Parameter validation macros */
#define ARIA_VALIDATE_RET( cond ) \ #define ARIA_VALIDATE_RET(cond) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ) MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA)
#define ARIA_VALIDATE( cond ) \ #define ARIA_VALIDATE(cond) \
MBEDTLS_INTERNAL_VALIDATE( cond ) MBEDTLS_INTERNAL_VALIDATE(cond)
/* /*
* modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes * modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes
@ -55,30 +55,30 @@
#if defined(__arm__) /* rev16 available from v6 up */ #if defined(__arm__) /* rev16 available from v6 up */
/* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */ /* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
#if defined(__GNUC__) && \ #if defined(__GNUC__) && \
( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) && \ (!defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000) && \
__ARM_ARCH >= 6 __ARM_ARCH >= 6
static inline uint32_t aria_p1( uint32_t x ) static inline uint32_t aria_p1(uint32_t x)
{ {
uint32_t r; uint32_t r;
__asm( "rev16 %0, %1" : "=l" (r) : "l" (x) ); __asm("rev16 %0, %1" : "=l" (r) : "l" (x));
return( r ); return r;
} }
#define ARIA_P1 aria_p1 #define ARIA_P1 aria_p1
#elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \ #elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \
( __TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3 ) (__TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3)
static inline uint32_t aria_p1( uint32_t x ) static inline uint32_t aria_p1(uint32_t x)
{ {
uint32_t r; uint32_t r;
__asm( "rev16 r, x" ); __asm("rev16 r, x");
return( r ); return r;
} }
#define ARIA_P1 aria_p1 #define ARIA_P1 aria_p1
#endif #endif
#endif /* arm */ #endif /* arm */
#if defined(__GNUC__) && \ #if defined(__GNUC__) && \
defined(__i386__) || defined(__amd64__) || defined( __x86_64__) defined(__i386__) || defined(__amd64__) || defined(__x86_64__)
/* I couldn't find an Intel equivalent of rev16, so two instructions */ /* I couldn't find an Intel equivalent of rev16, so two instructions */
#define ARIA_P1(x) ARIA_P2( ARIA_P3( x ) ) #define ARIA_P1(x) ARIA_P2(ARIA_P3(x))
#endif /* x86 gnuc */ #endif /* x86 gnuc */
#endif /* MBEDTLS_HAVE_ASM && GNUC */ #endif /* MBEDTLS_HAVE_ASM && GNUC */
#if !defined(ARIA_P1) #if !defined(ARIA_P1)
@ -124,28 +124,28 @@ static inline uint32_t aria_p1( uint32_t x )
* half of App. B.1 in [1] in terms of 4-byte operators P1, P2, P3 and P4. * half of App. B.1 in [1] in terms of 4-byte operators P1, P2, P3 and P4.
* The implementation below uses only P1 and P2 as they are sufficient. * The implementation below uses only P1 and P2 as they are sufficient.
*/ */
static inline void aria_a( uint32_t *a, uint32_t *b, static inline void aria_a(uint32_t *a, uint32_t *b,
uint32_t *c, uint32_t *d ) uint32_t *c, uint32_t *d)
{ {
uint32_t ta, tb, tc; uint32_t ta, tb, tc;
ta = *b; // 4567 ta = *b; // 4567
*b = *a; // 0123 *b = *a; // 0123
*a = ARIA_P2( ta ); // 6745 *a = ARIA_P2(ta); // 6745
tb = ARIA_P2( *d ); // efcd tb = ARIA_P2(*d); // efcd
*d = ARIA_P1( *c ); // 98ba *d = ARIA_P1(*c); // 98ba
*c = ARIA_P1( tb ); // fedc *c = ARIA_P1(tb); // fedc
ta ^= *d; // 4567+98ba ta ^= *d; // 4567+98ba
tc = ARIA_P2( *b ); // 2301 tc = ARIA_P2(*b); // 2301
ta = ARIA_P1( ta ) ^ tc ^ *c; // 2301+5476+89ab+fedc ta = ARIA_P1(ta) ^ tc ^ *c; // 2301+5476+89ab+fedc
tb ^= ARIA_P2( *d ); // ba98+efcd tb ^= ARIA_P2(*d); // ba98+efcd
tc ^= ARIA_P1( *a ); // 2301+7654 tc ^= ARIA_P1(*a); // 2301+7654
*b ^= ta ^ tb; // 0123+2301+5476+89ab+ba98+efcd+fedc OUT *b ^= ta ^ tb; // 0123+2301+5476+89ab+ba98+efcd+fedc OUT
tb = ARIA_P2( tb ) ^ ta; // 2301+5476+89ab+98ba+cdef+fedc tb = ARIA_P2(tb) ^ ta; // 2301+5476+89ab+98ba+cdef+fedc
*a ^= ARIA_P1( tb ); // 3210+4567+6745+89ab+98ba+dcfe+efcd OUT *a ^= ARIA_P1(tb); // 3210+4567+6745+89ab+98ba+dcfe+efcd OUT
ta = ARIA_P2( ta ); // 0123+7654+ab89+dcfe ta = ARIA_P2(ta); // 0123+7654+ab89+dcfe
*d ^= ARIA_P1( ta ) ^ tc; // 1032+2301+6745+7654+98ba+ba98+cdef OUT *d ^= ARIA_P1(ta) ^ tc; // 1032+2301+6745+7654+98ba+ba98+cdef OUT
tc = ARIA_P2( tc ); // 0123+5476 tc = ARIA_P2(tc); // 0123+5476
*c ^= ARIA_P1( tc ) ^ ta; // 0123+1032+4567+7654+ab89+dcfe+fedc OUT *c ^= ARIA_P1(tc) ^ ta; // 0123+1032+4567+7654+ab89+dcfe+fedc OUT
} }
/* /*
@ -156,27 +156,27 @@ static inline void aria_a( uint32_t *a, uint32_t *b,
* By passing sb1, sb2, is1, is2 as S-Boxes you get SL1 * By passing sb1, sb2, is1, is2 as S-Boxes you get SL1
* By passing is1, is2, sb1, sb2 as S-Boxes you get SL2 * By passing is1, is2, sb1, sb2 as S-Boxes you get SL2
*/ */
static inline void aria_sl( uint32_t *a, uint32_t *b, static inline void aria_sl(uint32_t *a, uint32_t *b,
uint32_t *c, uint32_t *d, uint32_t *c, uint32_t *d,
const uint8_t sa[256], const uint8_t sb[256], const uint8_t sa[256], const uint8_t sb[256],
const uint8_t sc[256], const uint8_t sd[256] ) const uint8_t sc[256], const uint8_t sd[256])
{ {
*a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ] ) ^ *a = ((uint32_t) sa[MBEDTLS_BYTE_0(*a)]) ^
(((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) << 8) ^ (((uint32_t) sb[MBEDTLS_BYTE_1(*a)]) << 8) ^
(((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^ (((uint32_t) sc[MBEDTLS_BYTE_2(*a)]) << 16) ^
(((uint32_t) sd[ MBEDTLS_BYTE_3( *a ) ]) << 24); (((uint32_t) sd[MBEDTLS_BYTE_3(*a)]) << 24);
*b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ] ) ^ *b = ((uint32_t) sa[MBEDTLS_BYTE_0(*b)]) ^
(((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) << 8) ^ (((uint32_t) sb[MBEDTLS_BYTE_1(*b)]) << 8) ^
(((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^ (((uint32_t) sc[MBEDTLS_BYTE_2(*b)]) << 16) ^
(((uint32_t) sd[ MBEDTLS_BYTE_3( *b ) ]) << 24); (((uint32_t) sd[MBEDTLS_BYTE_3(*b)]) << 24);
*c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ] ) ^ *c = ((uint32_t) sa[MBEDTLS_BYTE_0(*c)]) ^
(((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) << 8) ^ (((uint32_t) sb[MBEDTLS_BYTE_1(*c)]) << 8) ^
(((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^ (((uint32_t) sc[MBEDTLS_BYTE_2(*c)]) << 16) ^
(((uint32_t) sd[ MBEDTLS_BYTE_3( *c ) ]) << 24); (((uint32_t) sd[MBEDTLS_BYTE_3(*c)]) << 24);
*d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ] ) ^ *d = ((uint32_t) sa[MBEDTLS_BYTE_0(*d)]) ^
(((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) << 8) ^ (((uint32_t) sb[MBEDTLS_BYTE_1(*d)]) << 8) ^
(((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^ (((uint32_t) sc[MBEDTLS_BYTE_2(*d)]) << 16) ^
(((uint32_t) sd[ MBEDTLS_BYTE_3( *d ) ]) << 24); (((uint32_t) sd[MBEDTLS_BYTE_3(*d)]) << 24);
} }
/* /*
@ -289,8 +289,8 @@ static const uint8_t aria_is2[256] =
/* /*
* Helper for key schedule: r = FO( p, k ) ^ x * Helper for key schedule: r = FO( p, k ) ^ x
*/ */
static void aria_fo_xor( uint32_t r[4], const uint32_t p[4], static void aria_fo_xor(uint32_t r[4], const uint32_t p[4],
const uint32_t k[4], const uint32_t x[4] ) const uint32_t k[4], const uint32_t x[4])
{ {
uint32_t a, b, c, d; uint32_t a, b, c, d;
@ -299,8 +299,8 @@ static void aria_fo_xor( uint32_t r[4], const uint32_t p[4],
c = p[2] ^ k[2]; c = p[2] ^ k[2];
d = p[3] ^ k[3]; d = p[3] ^ k[3];
aria_sl( &a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2 ); aria_sl(&a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2);
aria_a( &a, &b, &c, &d ); aria_a(&a, &b, &c, &d);
r[0] = a ^ x[0]; r[0] = a ^ x[0];
r[1] = b ^ x[1]; r[1] = b ^ x[1];
@ -311,8 +311,8 @@ static void aria_fo_xor( uint32_t r[4], const uint32_t p[4],
/* /*
* Helper for key schedule: r = FE( p, k ) ^ x * Helper for key schedule: r = FE( p, k ) ^ x
*/ */
static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], static void aria_fe_xor(uint32_t r[4], const uint32_t p[4],
const uint32_t k[4], const uint32_t x[4] ) const uint32_t k[4], const uint32_t x[4])
{ {
uint32_t a, b, c, d; uint32_t a, b, c, d;
@ -321,8 +321,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4],
c = p[2] ^ k[2]; c = p[2] ^ k[2];
d = p[3] ^ k[3]; d = p[3] ^ k[3];
aria_sl( &a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2 ); aria_sl(&a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2);
aria_a( &a, &b, &c, &d ); aria_a(&a, &b, &c, &d);
r[0] = a ^ x[0]; r[0] = a ^ x[0];
r[1] = b ^ x[1]; r[1] = b ^ x[1];
@ -337,8 +337,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4],
* MBEDTLS_GET_UINT32_LE / MBEDTLS_PUT_UINT32_LE ) so we need to reverse * MBEDTLS_GET_UINT32_LE / MBEDTLS_PUT_UINT32_LE ) so we need to reverse
* bytes here. * bytes here.
*/ */
static void aria_rot128( uint32_t r[4], const uint32_t a[4], static void aria_rot128(uint32_t r[4], const uint32_t a[4],
const uint32_t b[4], uint8_t n ) const uint32_t b[4], uint8_t n)
{ {
uint8_t i, j; uint8_t i, j;
uint32_t t, u; uint32_t t, u;
@ -346,15 +346,14 @@ static void aria_rot128( uint32_t r[4], const uint32_t a[4],
const uint8_t n1 = n % 32; // bit offset const uint8_t n1 = n % 32; // bit offset
const uint8_t n2 = n1 ? 32 - n1 : 0; // reverse bit offset const uint8_t n2 = n1 ? 32 - n1 : 0; // reverse bit offset
j = ( n / 32 ) % 4; // initial word offset j = (n / 32) % 4; // initial word offset
t = ARIA_P3( b[j] ); // big endian t = ARIA_P3(b[j]); // big endian
for( i = 0; i < 4; i++ ) for (i = 0; i < 4; i++) {
{ j = (j + 1) % 4; // get next word, big endian
j = ( j + 1 ) % 4; // get next word, big endian u = ARIA_P3(b[j]);
u = ARIA_P3( b[j] );
t <<= n1; // rotate t <<= n1; // rotate
t |= u >> n2; t |= u >> n2;
t = ARIA_P3( t ); // back to little endian t = ARIA_P3(t); // back to little endian
r[i] = a[i] ^ t; // store r[i] = a[i] ^ t; // store
t = u; // move to next word t = u; // move to next word
} }
@ -363,8 +362,8 @@ static void aria_rot128( uint32_t r[4], const uint32_t a[4],
/* /*
* Set encryption key * Set encryption key
*/ */
int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx,
const unsigned char *key, unsigned int keybits ) const unsigned char *key, unsigned int keybits)
{ {
/* round constant masks */ /* round constant masks */
const uint32_t rc[3][4] = const uint32_t rc[3][4] =
@ -376,74 +375,71 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
int i; int i;
uint32_t w[4][4], *w2; uint32_t w[4][4], *w2;
ARIA_VALIDATE_RET( ctx != NULL ); ARIA_VALIDATE_RET(ctx != NULL);
ARIA_VALIDATE_RET( key != NULL ); ARIA_VALIDATE_RET(key != NULL);
if( keybits != 128 && keybits != 192 && keybits != 256 ) if (keybits != 128 && keybits != 192 && keybits != 256) {
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA;
}
/* Copy key to W0 (and potential remainder to W1) */ /* Copy key to W0 (and potential remainder to W1) */
w[0][0] = MBEDTLS_GET_UINT32_LE( key, 0 ); w[0][0] = MBEDTLS_GET_UINT32_LE(key, 0);
w[0][1] = MBEDTLS_GET_UINT32_LE( key, 4 ); w[0][1] = MBEDTLS_GET_UINT32_LE(key, 4);
w[0][2] = MBEDTLS_GET_UINT32_LE( key, 8 ); w[0][2] = MBEDTLS_GET_UINT32_LE(key, 8);
w[0][3] = MBEDTLS_GET_UINT32_LE( key, 12 ); w[0][3] = MBEDTLS_GET_UINT32_LE(key, 12);
memset( w[1], 0, 16 ); memset(w[1], 0, 16);
if( keybits >= 192 ) if (keybits >= 192) {
{ w[1][0] = MBEDTLS_GET_UINT32_LE(key, 16); // 192 bit key
w[1][0] = MBEDTLS_GET_UINT32_LE( key, 16 ); // 192 bit key w[1][1] = MBEDTLS_GET_UINT32_LE(key, 20);
w[1][1] = MBEDTLS_GET_UINT32_LE( key, 20 );
} }
if( keybits == 256 ) if (keybits == 256) {
{ w[1][2] = MBEDTLS_GET_UINT32_LE(key, 24); // 256 bit key
w[1][2] = MBEDTLS_GET_UINT32_LE( key, 24 ); // 256 bit key w[1][3] = MBEDTLS_GET_UINT32_LE(key, 28);
w[1][3] = MBEDTLS_GET_UINT32_LE( key, 28 );
} }
i = ( keybits - 128 ) >> 6; // index: 0, 1, 2 i = (keybits - 128) >> 6; // index: 0, 1, 2
ctx->nr = 12 + 2 * i; // no. rounds: 12, 14, 16 ctx->nr = 12 + 2 * i; // no. rounds: 12, 14, 16
aria_fo_xor( w[1], w[0], rc[i], w[1] ); // W1 = FO(W0, CK1) ^ KR aria_fo_xor(w[1], w[0], rc[i], w[1]); // W1 = FO(W0, CK1) ^ KR
i = i < 2 ? i + 1 : 0; i = i < 2 ? i + 1 : 0;
aria_fe_xor( w[2], w[1], rc[i], w[0] ); // W2 = FE(W1, CK2) ^ W0 aria_fe_xor(w[2], w[1], rc[i], w[0]); // W2 = FE(W1, CK2) ^ W0
i = i < 2 ? i + 1 : 0; i = i < 2 ? i + 1 : 0;
aria_fo_xor( w[3], w[2], rc[i], w[1] ); // W3 = FO(W2, CK3) ^ W1 aria_fo_xor(w[3], w[2], rc[i], w[1]); // W3 = FO(W2, CK3) ^ W1
for( i = 0; i < 4; i++ ) // create round keys for (i = 0; i < 4; i++) { // create round keys
{
w2 = w[(i + 1) & 3]; w2 = w[(i + 1) & 3];
aria_rot128( ctx->rk[i ], w[i], w2, 128 - 19 ); aria_rot128(ctx->rk[i], w[i], w2, 128 - 19);
aria_rot128( ctx->rk[i + 4], w[i], w2, 128 - 31 ); aria_rot128(ctx->rk[i + 4], w[i], w2, 128 - 31);
aria_rot128( ctx->rk[i + 8], w[i], w2, 61 ); aria_rot128(ctx->rk[i + 8], w[i], w2, 61);
aria_rot128( ctx->rk[i + 12], w[i], w2, 31 ); aria_rot128(ctx->rk[i + 12], w[i], w2, 31);
} }
aria_rot128( ctx->rk[16], w[0], w[1], 19 ); aria_rot128(ctx->rk[16], w[0], w[1], 19);
/* w holds enough info to reconstruct the round keys */ /* w holds enough info to reconstruct the round keys */
mbedtls_platform_zeroize( w, sizeof( w ) ); mbedtls_platform_zeroize(w, sizeof(w));
return( 0 ); return 0;
} }
/* /*
* Set decryption key * Set decryption key
*/ */
int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
const unsigned char *key, unsigned int keybits ) const unsigned char *key, unsigned int keybits)
{ {
int i, j, k, ret; int i, j, k, ret;
ARIA_VALIDATE_RET( ctx != NULL ); ARIA_VALIDATE_RET(ctx != NULL);
ARIA_VALIDATE_RET( key != NULL ); ARIA_VALIDATE_RET(key != NULL);
ret = mbedtls_aria_setkey_enc( ctx, key, keybits ); ret = mbedtls_aria_setkey_enc(ctx, key, keybits);
if( ret != 0 ) if (ret != 0) {
return( ret ); return ret;
}
/* flip the order of round keys */ /* flip the order of round keys */
for( i = 0, j = ctx->nr; i < j; i++, j-- ) for (i = 0, j = ctx->nr; i < j; i++, j--) {
{ for (k = 0; k < 4; k++) {
for( k = 0; k < 4; k++ )
{
uint32_t t = ctx->rk[i][k]; uint32_t t = ctx->rk[i][k];
ctx->rk[i][k] = ctx->rk[j][k]; ctx->rk[i][k] = ctx->rk[j][k];
ctx->rk[j][k] = t; ctx->rk[j][k] = t;
@ -451,45 +447,43 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
} }
/* apply affine transform to middle keys */ /* apply affine transform to middle keys */
for( i = 1; i < ctx->nr; i++ ) for (i = 1; i < ctx->nr; i++) {
{ aria_a(&ctx->rk[i][0], &ctx->rk[i][1],
aria_a( &ctx->rk[i][0], &ctx->rk[i][1], &ctx->rk[i][2], &ctx->rk[i][3]);
&ctx->rk[i][2], &ctx->rk[i][3] );
} }
return( 0 ); return 0;
} }
/* /*
* Encrypt a block * Encrypt a block
*/ */
int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx,
const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] ) unsigned char output[MBEDTLS_ARIA_BLOCKSIZE])
{ {
int i; int i;
uint32_t a, b, c, d; uint32_t a, b, c, d;
ARIA_VALIDATE_RET( ctx != NULL ); ARIA_VALIDATE_RET(ctx != NULL);
ARIA_VALIDATE_RET( input != NULL ); ARIA_VALIDATE_RET(input != NULL);
ARIA_VALIDATE_RET( output != NULL ); ARIA_VALIDATE_RET(output != NULL);
a = MBEDTLS_GET_UINT32_LE( input, 0 ); a = MBEDTLS_GET_UINT32_LE(input, 0);
b = MBEDTLS_GET_UINT32_LE( input, 4 ); b = MBEDTLS_GET_UINT32_LE(input, 4);
c = MBEDTLS_GET_UINT32_LE( input, 8 ); c = MBEDTLS_GET_UINT32_LE(input, 8);
d = MBEDTLS_GET_UINT32_LE( input, 12 ); d = MBEDTLS_GET_UINT32_LE(input, 12);
i = 0; i = 0;
while( 1 ) while (1) {
{
a ^= ctx->rk[i][0]; a ^= ctx->rk[i][0];
b ^= ctx->rk[i][1]; b ^= ctx->rk[i][1];
c ^= ctx->rk[i][2]; c ^= ctx->rk[i][2];
d ^= ctx->rk[i][3]; d ^= ctx->rk[i][3];
i++; i++;
aria_sl( &a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2 ); aria_sl(&a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2);
aria_a( &a, &b, &c, &d ); aria_a(&a, &b, &c, &d);
a ^= ctx->rk[i][0]; a ^= ctx->rk[i][0];
b ^= ctx->rk[i][1]; b ^= ctx->rk[i][1];
@ -497,10 +491,11 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
d ^= ctx->rk[i][3]; d ^= ctx->rk[i][3];
i++; i++;
aria_sl( &a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2 ); aria_sl(&a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2);
if( i >= ctx->nr ) if (i >= ctx->nr) {
break; break;
aria_a( &a, &b, &c, &d ); }
aria_a(&a, &b, &c, &d);
} }
/* final key mixing */ /* final key mixing */
@ -509,77 +504,74 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
c ^= ctx->rk[i][2]; c ^= ctx->rk[i][2];
d ^= ctx->rk[i][3]; d ^= ctx->rk[i][3];
MBEDTLS_PUT_UINT32_LE( a, output, 0 ); MBEDTLS_PUT_UINT32_LE(a, output, 0);
MBEDTLS_PUT_UINT32_LE( b, output, 4 ); MBEDTLS_PUT_UINT32_LE(b, output, 4);
MBEDTLS_PUT_UINT32_LE( c, output, 8 ); MBEDTLS_PUT_UINT32_LE(c, output, 8);
MBEDTLS_PUT_UINT32_LE( d, output, 12 ); MBEDTLS_PUT_UINT32_LE(d, output, 12);
return( 0 ); return 0;
} }
/* Initialize context */ /* Initialize context */
void mbedtls_aria_init( mbedtls_aria_context *ctx ) void mbedtls_aria_init(mbedtls_aria_context *ctx)
{ {
ARIA_VALIDATE( ctx != NULL ); ARIA_VALIDATE(ctx != NULL);
memset( ctx, 0, sizeof( mbedtls_aria_context ) ); memset(ctx, 0, sizeof(mbedtls_aria_context));
} }
/* Clear context */ /* Clear context */
void mbedtls_aria_free( mbedtls_aria_context *ctx ) void mbedtls_aria_free(mbedtls_aria_context *ctx)
{ {
if( ctx == NULL ) if (ctx == NULL) {
return; return;
}
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aria_context ) ); mbedtls_platform_zeroize(ctx, sizeof(mbedtls_aria_context));
} }
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/* /*
* ARIA-CBC buffer encryption/decryption * ARIA-CBC buffer encryption/decryption
*/ */
int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE]; unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE];
ARIA_VALIDATE_RET( ctx != NULL ); ARIA_VALIDATE_RET(ctx != NULL);
ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT || ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT ||
mode == MBEDTLS_ARIA_DECRYPT ); mode == MBEDTLS_ARIA_DECRYPT);
ARIA_VALIDATE_RET( length == 0 || input != NULL ); ARIA_VALIDATE_RET(length == 0 || input != NULL);
ARIA_VALIDATE_RET( length == 0 || output != NULL ); ARIA_VALIDATE_RET(length == 0 || output != NULL);
ARIA_VALIDATE_RET( iv != NULL ); ARIA_VALIDATE_RET(iv != NULL);
if( length % MBEDTLS_ARIA_BLOCKSIZE ) if (length % MBEDTLS_ARIA_BLOCKSIZE) {
return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH ); return MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH;
}
if( mode == MBEDTLS_ARIA_DECRYPT ) if (mode == MBEDTLS_ARIA_DECRYPT) {
{ while (length > 0) {
while( length > 0 ) memcpy(temp, input, MBEDTLS_ARIA_BLOCKSIZE);
{ mbedtls_aria_crypt_ecb(ctx, input, output);
memcpy( temp, input, MBEDTLS_ARIA_BLOCKSIZE );
mbedtls_aria_crypt_ecb( ctx, input, output );
mbedtls_xor( output, output, iv, MBEDTLS_ARIA_BLOCKSIZE ); mbedtls_xor(output, output, iv, MBEDTLS_ARIA_BLOCKSIZE);
memcpy( iv, temp, MBEDTLS_ARIA_BLOCKSIZE ); memcpy(iv, temp, MBEDTLS_ARIA_BLOCKSIZE);
input += MBEDTLS_ARIA_BLOCKSIZE; input += MBEDTLS_ARIA_BLOCKSIZE;
output += MBEDTLS_ARIA_BLOCKSIZE; output += MBEDTLS_ARIA_BLOCKSIZE;
length -= MBEDTLS_ARIA_BLOCKSIZE; length -= MBEDTLS_ARIA_BLOCKSIZE;
} }
} } else {
else while (length > 0) {
{ mbedtls_xor(output, input, iv, MBEDTLS_ARIA_BLOCKSIZE);
while( length > 0 )
{
mbedtls_xor( output, input, iv, MBEDTLS_ARIA_BLOCKSIZE );
mbedtls_aria_crypt_ecb( ctx, output, output ); mbedtls_aria_crypt_ecb(ctx, output, output);
memcpy( iv, output, MBEDTLS_ARIA_BLOCKSIZE ); memcpy(iv, output, MBEDTLS_ARIA_BLOCKSIZE);
input += MBEDTLS_ARIA_BLOCKSIZE; input += MBEDTLS_ARIA_BLOCKSIZE;
output += MBEDTLS_ARIA_BLOCKSIZE; output += MBEDTLS_ARIA_BLOCKSIZE;
@ -587,7 +579,7 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
} }
} }
return( 0 ); return 0;
} }
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
@ -595,63 +587,61 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
/* /*
* ARIA-CFB128 buffer encryption/decryption * ARIA-CFB128 buffer encryption/decryption
*/ */
int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
unsigned char c; unsigned char c;
size_t n; size_t n;
ARIA_VALIDATE_RET( ctx != NULL ); ARIA_VALIDATE_RET(ctx != NULL);
ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT || ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT ||
mode == MBEDTLS_ARIA_DECRYPT ); mode == MBEDTLS_ARIA_DECRYPT);
ARIA_VALIDATE_RET( length == 0 || input != NULL ); ARIA_VALIDATE_RET(length == 0 || input != NULL);
ARIA_VALIDATE_RET( length == 0 || output != NULL ); ARIA_VALIDATE_RET(length == 0 || output != NULL);
ARIA_VALIDATE_RET( iv != NULL ); ARIA_VALIDATE_RET(iv != NULL);
ARIA_VALIDATE_RET( iv_off != NULL ); ARIA_VALIDATE_RET(iv_off != NULL);
n = *iv_off; n = *iv_off;
/* An overly large value of n can lead to an unlimited /* An overly large value of n can lead to an unlimited
* buffer overflow. Therefore, guard against this * buffer overflow. Therefore, guard against this
* outside of parameter validation. */ * outside of parameter validation. */
if( n >= MBEDTLS_ARIA_BLOCKSIZE ) if (n >= MBEDTLS_ARIA_BLOCKSIZE) {
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA;
}
if( mode == MBEDTLS_ARIA_DECRYPT ) if (mode == MBEDTLS_ARIA_DECRYPT) {
{ while (length--) {
while( length-- ) if (n == 0) {
{ mbedtls_aria_crypt_ecb(ctx, iv, iv);
if( n == 0 ) }
mbedtls_aria_crypt_ecb( ctx, iv, iv );
c = *input++; c = *input++;
*output++ = c ^ iv[n]; *output++ = c ^ iv[n];
iv[n] = c; iv[n] = c;
n = ( n + 1 ) & 0x0F; n = (n + 1) & 0x0F;
} }
} } else {
else while (length--) {
{ if (n == 0) {
while( length-- ) mbedtls_aria_crypt_ecb(ctx, iv, iv);
{ }
if( n == 0 )
mbedtls_aria_crypt_ecb( ctx, iv, iv );
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++);
n = ( n + 1 ) & 0x0F; n = (n + 1) & 0x0F;
} }
} }
*iv_off = n; *iv_off = n;
return( 0 ); return 0;
} }
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
@ -659,50 +649,52 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
/* /*
* ARIA-CTR buffer encryption/decryption * ARIA-CTR buffer encryption/decryption
*/ */
int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE], unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE], unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
int c, i; int c, i;
size_t n; size_t n;
ARIA_VALIDATE_RET( ctx != NULL ); ARIA_VALIDATE_RET(ctx != NULL);
ARIA_VALIDATE_RET( length == 0 || input != NULL ); ARIA_VALIDATE_RET(length == 0 || input != NULL);
ARIA_VALIDATE_RET( length == 0 || output != NULL ); ARIA_VALIDATE_RET(length == 0 || output != NULL);
ARIA_VALIDATE_RET( nonce_counter != NULL ); ARIA_VALIDATE_RET(nonce_counter != NULL);
ARIA_VALIDATE_RET( stream_block != NULL ); ARIA_VALIDATE_RET(stream_block != NULL);
ARIA_VALIDATE_RET( nc_off != NULL ); ARIA_VALIDATE_RET(nc_off != NULL);
n = *nc_off; n = *nc_off;
/* An overly large value of n can lead to an unlimited /* An overly large value of n can lead to an unlimited
* buffer overflow. Therefore, guard against this * buffer overflow. Therefore, guard against this
* outside of parameter validation. */ * outside of parameter validation. */
if( n >= MBEDTLS_ARIA_BLOCKSIZE ) if (n >= MBEDTLS_ARIA_BLOCKSIZE) {
return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA;
}
while( length-- ) while (length--) {
{ if (n == 0) {
if( n == 0 ) { mbedtls_aria_crypt_ecb(ctx, nonce_counter,
mbedtls_aria_crypt_ecb( ctx, nonce_counter, stream_block);
stream_block );
for( i = MBEDTLS_ARIA_BLOCKSIZE; i > 0; i-- ) for (i = MBEDTLS_ARIA_BLOCKSIZE; i > 0; i--) {
if( ++nonce_counter[i - 1] != 0 ) if (++nonce_counter[i - 1] != 0) {
break; break;
}
}
} }
c = *input++; c = *input++;
*output++ = (unsigned char)( c ^ stream_block[n] ); *output++ = (unsigned char) (c ^ stream_block[n]);
n = ( n + 1 ) & 0x0F; n = (n + 1) & 0x0F;
} }
*nc_off = n; *nc_off = n;
return( 0 ); return 0;
} }
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#endif /* !MBEDTLS_ARIA_ALT */ #endif /* !MBEDTLS_ARIA_ALT */
@ -841,22 +833,22 @@ static const uint8_t aria_test2_ctr_ct[3][48] = // CTR ciphertext
}; };
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#define ARIA_SELF_TEST_ASSERT( cond ) \ #define ARIA_SELF_TEST_ASSERT(cond) \
do { \ do { \
if( cond ) { \ if (cond) { \
if( verbose ) \ if (verbose) \
mbedtls_printf( "failed\n" ); \ mbedtls_printf("failed\n"); \
goto exit; \ goto exit; \
} else { \ } else { \
if( verbose ) \ if (verbose) \
mbedtls_printf( "passed\n" ); \ mbedtls_printf("passed\n"); \
} \ } \
} while( 0 ) } while (0)
/* /*
* Checkup routine * Checkup routine
*/ */
int mbedtls_aria_self_test( int verbose ) int mbedtls_aria_self_test(int verbose)
{ {
int i; int i;
uint8_t blk[MBEDTLS_ARIA_BLOCKSIZE]; uint8_t blk[MBEDTLS_ARIA_BLOCKSIZE];
@ -868,134 +860,142 @@ int mbedtls_aria_self_test( int verbose )
#endif #endif
#if (defined(MBEDTLS_CIPHER_MODE_CBC) || \ #if (defined(MBEDTLS_CIPHER_MODE_CBC) || \
defined(MBEDTLS_CIPHER_MODE_CFB) || \ defined(MBEDTLS_CIPHER_MODE_CFB) || \
defined(MBEDTLS_CIPHER_MODE_CTR)) defined(MBEDTLS_CIPHER_MODE_CTR))
uint8_t buf[48], iv[MBEDTLS_ARIA_BLOCKSIZE]; uint8_t buf[48], iv[MBEDTLS_ARIA_BLOCKSIZE];
#endif #endif
mbedtls_aria_init( &ctx ); mbedtls_aria_init(&ctx);
/* /*
* Test set 1 * Test set 1
*/ */
for( i = 0; i < 3; i++ ) for (i = 0; i < 3; i++) {
{
/* test ECB encryption */ /* test ECB encryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-ECB-%d (enc): ", 128 + 64 * i ); mbedtls_printf(" ARIA-ECB-%d (enc): ", 128 + 64 * i);
mbedtls_aria_setkey_enc( &ctx, aria_test1_ecb_key, 128 + 64 * i ); }
mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_pt, blk ); mbedtls_aria_setkey_enc(&ctx, aria_test1_ecb_key, 128 + 64 * i);
mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_pt, blk);
ARIA_SELF_TEST_ASSERT( ARIA_SELF_TEST_ASSERT(
memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE ) memcmp(blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE)
!= 0 ); != 0);
/* test ECB decryption */ /* test ECB decryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-ECB-%d (dec): ", 128 + 64 * i ); mbedtls_printf(" ARIA-ECB-%d (dec): ", 128 + 64 * i);
mbedtls_aria_setkey_dec( &ctx, aria_test1_ecb_key, 128 + 64 * i ); }
mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_ct[i], blk ); mbedtls_aria_setkey_dec(&ctx, aria_test1_ecb_key, 128 + 64 * i);
mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_ct[i], blk);
ARIA_SELF_TEST_ASSERT( ARIA_SELF_TEST_ASSERT(
memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE ) memcmp(blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE)
!= 0 ); != 0);
}
if (verbose) {
mbedtls_printf("\n");
} }
if( verbose )
mbedtls_printf( "\n" );
/* /*
* Test set 2 * Test set 2
*/ */
#if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
for( i = 0; i < 3; i++ ) for (i = 0; i < 3; i++) {
{
/* Test CBC encryption */ /* Test CBC encryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-CBC-%d (enc): ", 128 + 64 * i ); mbedtls_printf(" ARIA-CBC-%d (enc): ", 128 + 64 * i);
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); }
memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
memset( buf, 0x55, sizeof( buf ) ); memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv, memset(buf, 0x55, sizeof(buf));
aria_test2_pt, buf ); mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv,
ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_cbc_ct[i], 48 ) aria_test2_pt, buf);
!= 0 ); ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_cbc_ct[i], 48)
!= 0);
/* Test CBC decryption */ /* Test CBC decryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-CBC-%d (dec): ", 128 + 64 * i ); mbedtls_printf(" ARIA-CBC-%d (dec): ", 128 + 64 * i);
mbedtls_aria_setkey_dec( &ctx, aria_test2_key, 128 + 64 * i ); }
memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); mbedtls_aria_setkey_dec(&ctx, aria_test2_key, 128 + 64 * i);
memset( buf, 0xAA, sizeof( buf ) ); memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, 48, iv, memset(buf, 0xAA, sizeof(buf));
aria_test2_cbc_ct[i], buf ); mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_DECRYPT, 48, iv,
ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 ); aria_test2_cbc_ct[i], buf);
ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0);
}
if (verbose) {
mbedtls_printf("\n");
} }
if( verbose )
mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(MBEDTLS_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
for( i = 0; i < 3; i++ ) for (i = 0; i < 3; i++) {
{
/* Test CFB encryption */ /* Test CFB encryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-CFB-%d (enc): ", 128 + 64 * i ); mbedtls_printf(" ARIA-CFB-%d (enc): ", 128 + 64 * i);
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); }
memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
memset( buf, 0x55, sizeof( buf ) ); memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
memset(buf, 0x55, sizeof(buf));
j = 0; j = 0;
mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv, mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv,
aria_test2_pt, buf ); aria_test2_pt, buf);
ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_cfb_ct[i], 48 ) != 0 ); ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_cfb_ct[i], 48) != 0);
/* Test CFB decryption */ /* Test CFB decryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-CFB-%d (dec): ", 128 + 64 * i ); mbedtls_printf(" ARIA-CFB-%d (dec): ", 128 + 64 * i);
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); }
memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
memset( buf, 0xAA, sizeof( buf ) ); memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
memset(buf, 0xAA, sizeof(buf));
j = 0; j = 0;
mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, 48, &j, mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_DECRYPT, 48, &j,
iv, aria_test2_cfb_ct[i], buf ); iv, aria_test2_cfb_ct[i], buf);
ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 ); ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0);
}
if (verbose) {
mbedtls_printf("\n");
} }
if( verbose )
mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(MBEDTLS_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
for( i = 0; i < 3; i++ ) for (i = 0; i < 3; i++) {
{
/* Test CTR encryption */ /* Test CTR encryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-CTR-%d (enc): ", 128 + 64 * i ); mbedtls_printf(" ARIA-CTR-%d (enc): ", 128 + 64 * i);
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); }
memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
memset( buf, 0x55, sizeof( buf ) ); memset(iv, 0, MBEDTLS_ARIA_BLOCKSIZE); // IV = 0
memset(buf, 0x55, sizeof(buf));
j = 0; j = 0;
mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk, mbedtls_aria_crypt_ctr(&ctx, 48, &j, iv, blk,
aria_test2_pt, buf ); aria_test2_pt, buf);
ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_ctr_ct[i], 48 ) != 0 ); ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_ctr_ct[i], 48) != 0);
/* Test CTR decryption */ /* Test CTR decryption */
if( verbose ) if (verbose) {
mbedtls_printf( " ARIA-CTR-%d (dec): ", 128 + 64 * i ); mbedtls_printf(" ARIA-CTR-%d (dec): ", 128 + 64 * i);
mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); }
memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
memset( buf, 0xAA, sizeof( buf ) ); memset(iv, 0, MBEDTLS_ARIA_BLOCKSIZE); // IV = 0
memset(buf, 0xAA, sizeof(buf));
j = 0; j = 0;
mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk, mbedtls_aria_crypt_ctr(&ctx, 48, &j, iv, blk,
aria_test2_ctr_ct[i], buf ); aria_test2_ctr_ct[i], buf);
ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 ); ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0);
}
if (verbose) {
mbedtls_printf("\n");
} }
if( verbose )
mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
ret = 0; ret = 0;
exit: exit:
mbedtls_aria_free( &ctx ); mbedtls_aria_free(&ctx);
return( ret ); return ret;
} }
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

450
library/asn1parse.c
View File

@ -36,203 +36,219 @@
/* /*
* ASN.1 DER decoding routines * ASN.1 DER decoding routines
*/ */
int mbedtls_asn1_get_len( unsigned char **p, int mbedtls_asn1_get_len(unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len ) size_t *len)
{ {
if( ( end - *p ) < 1 ) if ((end - *p) < 1) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
if( ( **p & 0x80 ) == 0 ) if ((**p & 0x80) == 0) {
*len = *(*p)++; *len = *(*p)++;
else } else {
{ switch (**p & 0x7F) {
switch( **p & 0x7F ) case 1:
{ if ((end - *p) < 2) {
case 1: return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
if( ( end - *p ) < 2 ) }
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = (*p)[1]; *len = (*p)[1];
(*p) += 2; (*p) += 2;
break; break;
case 2: case 2:
if( ( end - *p ) < 3 ) if ((end - *p) < 3) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
*len = ( (size_t)(*p)[1] << 8 ) | (*p)[2]; *len = ((size_t) (*p)[1] << 8) | (*p)[2];
(*p) += 3; (*p) += 3;
break; break;
case 3: case 3:
if( ( end - *p ) < 4 ) if ((end - *p) < 4) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
*len = ( (size_t)(*p)[1] << 16 ) | *len = ((size_t) (*p)[1] << 16) |
( (size_t)(*p)[2] << 8 ) | (*p)[3]; ((size_t) (*p)[2] << 8) | (*p)[3];
(*p) += 4; (*p) += 4;
break; break;
case 4: case 4:
if( ( end - *p ) < 5 ) if ((end - *p) < 5) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
*len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) | *len = ((size_t) (*p)[1] << 24) | ((size_t) (*p)[2] << 16) |
( (size_t)(*p)[3] << 8 ) | (*p)[4]; ((size_t) (*p)[3] << 8) | (*p)[4];
(*p) += 5; (*p) += 5;
break; break;
default: default:
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
} }
} }
if( *len > (size_t) ( end - *p ) ) if (*len > (size_t) (end - *p)) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
return( 0 ); return 0;
} }
int mbedtls_asn1_get_tag( unsigned char **p, int mbedtls_asn1_get_tag(unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len, int tag ) size_t *len, int tag)
{ {
if( ( end - *p ) < 1 ) if ((end - *p) < 1) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
if( **p != tag ) if (**p != tag) {
return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG;
}
(*p)++; (*p)++;
return( mbedtls_asn1_get_len( p, end, len ) ); return mbedtls_asn1_get_len(p, end, len);
} }
int mbedtls_asn1_get_bool( unsigned char **p, int mbedtls_asn1_get_bool(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ) int *val)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len; size_t len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 ) if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_BOOLEAN)) != 0) {
return( ret ); return ret;
}
if( len != 1 ) if (len != 1) {
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
}
*val = ( **p != 0 ) ? 1 : 0; *val = (**p != 0) ? 1 : 0;
(*p)++; (*p)++;
return( 0 ); return 0;
} }
static int asn1_get_tagged_int( unsigned char **p, static int asn1_get_tagged_int(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int tag, int *val ) int tag, int *val)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len; size_t len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, tag ) ) != 0 ) if ((ret = mbedtls_asn1_get_tag(p, end, &len, tag)) != 0) {
return( ret ); return ret;
}
/* /*
* len==0 is malformed (0 must be represented as 020100 for INTEGER, * len==0 is malformed (0 must be represented as 020100 for INTEGER,
* or 0A0100 for ENUMERATED tags * or 0A0100 for ENUMERATED tags
*/ */
if( len == 0 ) if (len == 0) {
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
}
/* This is a cryptography library. Reject negative integers. */ /* This is a cryptography library. Reject negative integers. */
if( ( **p & 0x80 ) != 0 ) if ((**p & 0x80) != 0) {
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
}
/* Skip leading zeros. */ /* Skip leading zeros. */
while( len > 0 && **p == 0 ) while (len > 0 && **p == 0) {
{ ++(*p);
++( *p );
--len; --len;
} }
/* Reject integers that don't fit in an int. This code assumes that /* Reject integers that don't fit in an int. This code assumes that
* the int type has no padding bit. */ * the int type has no padding bit. */
if( len > sizeof( int ) ) if (len > sizeof(int)) {
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
if( len == sizeof( int ) && ( **p & 0x80 ) != 0 ) }
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); if (len == sizeof(int) && (**p & 0x80) != 0) {
return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
}
*val = 0; *val = 0;
while( len-- > 0 ) while (len-- > 0) {
{ *val = (*val << 8) | **p;
*val = ( *val << 8 ) | **p;
(*p)++; (*p)++;
} }
return( 0 ); return 0;
} }
int mbedtls_asn1_get_int( unsigned char **p, int mbedtls_asn1_get_int(unsigned char **p,
const unsigned char *end,
int *val)
{
return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_INTEGER, val);
}
int mbedtls_asn1_get_enum(unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ) int *val)
{ {
return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_INTEGER, val) ); return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_ENUMERATED, val);
}
int mbedtls_asn1_get_enum( unsigned char **p,
const unsigned char *end,
int *val )
{
return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_ENUMERATED, val) );
} }
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
int mbedtls_asn1_get_mpi( unsigned char **p, int mbedtls_asn1_get_mpi(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_mpi *X ) mbedtls_mpi *X)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len; size_t len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) {
return( ret ); return ret;
}
ret = mbedtls_mpi_read_binary( X, *p, len ); ret = mbedtls_mpi_read_binary(X, *p, len);
*p += len; *p += len;
return( ret ); return ret;
} }
#endif /* MBEDTLS_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end,
mbedtls_asn1_bitstring *bs) mbedtls_asn1_bitstring *bs)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* Certificate type is a single byte bitstring */ /* Certificate type is a single byte bitstring */
if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) if ((ret = mbedtls_asn1_get_tag(p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING)) != 0) {
return( ret ); return ret;
}
/* Check length, subtract one for actual bit string length */ /* Check length, subtract one for actual bit string length */
if( bs->len < 1 ) if (bs->len < 1) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
bs->len -= 1; bs->len -= 1;
/* Get number of unused bits, ensure unused bits <= 7 */ /* Get number of unused bits, ensure unused bits <= 7 */
bs->unused_bits = **p; bs->unused_bits = **p;
if( bs->unused_bits > 7 ) if (bs->unused_bits > 7) {
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
}
(*p)++; (*p)++;
/* Get actual bitstring */ /* Get actual bitstring */
bs->p = *p; bs->p = *p;
*p += bs->len; *p += bs->len;
if( *p != end ) if (*p != end) {
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
}
return( 0 ); return 0;
} }
/* /*
@ -244,104 +260,105 @@ int mbedtls_asn1_traverse_sequence_of(
const unsigned char *end, const unsigned char *end,
unsigned char tag_must_mask, unsigned char tag_must_val, unsigned char tag_must_mask, unsigned char tag_must_val,
unsigned char tag_may_mask, unsigned char tag_may_val, unsigned char tag_may_mask, unsigned char tag_may_val,
int (*cb)( void *ctx, int tag, int (*cb)(void *ctx, int tag,
unsigned char *start, size_t len ), unsigned char *start, size_t len),
void *ctx ) void *ctx)
{ {
int ret; int ret;
size_t len; size_t len;
/* Get main sequence tag */ /* Get main sequence tag */
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, if ((ret = mbedtls_asn1_get_tag(p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
{ return ret;
return( ret );
} }
if( *p + len != end ) if (*p + len != end) {
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
}
while( *p < end ) while (*p < end) {
{
unsigned char const tag = *(*p)++; unsigned char const tag = *(*p)++;
if( ( tag & tag_must_mask ) != tag_must_val ) if ((tag & tag_must_mask) != tag_must_val) {
return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG;
}
if( ( ret = mbedtls_asn1_get_len( p, end, &len ) ) != 0 ) if ((ret = mbedtls_asn1_get_len(p, end, &len)) != 0) {
return( ret ); return ret;
}
if( ( tag & tag_may_mask ) == tag_may_val ) if ((tag & tag_may_mask) == tag_may_val) {
{ if (cb != NULL) {
if( cb != NULL ) ret = cb(ctx, tag, *p, len);
{ if (ret != 0) {
ret = cb( ctx, tag, *p, len ); return ret;
if( ret != 0 ) }
return( ret );
} }
} }
*p += len; *p += len;
} }
return( 0 ); return 0;
} }
/* /*
* Get a bit string without unused bits * Get a bit string without unused bits
*/ */
int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, int mbedtls_asn1_get_bitstring_null(unsigned char **p, const unsigned char *end,
size_t *len ) size_t *len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) if ((ret = mbedtls_asn1_get_tag(p, end, len, MBEDTLS_ASN1_BIT_STRING)) != 0) {
return( ret ); return ret;
}
if( *len == 0 ) if (*len == 0) {
return( MBEDTLS_ERR_ASN1_INVALID_DATA ); return MBEDTLS_ERR_ASN1_INVALID_DATA;
--( *len ); }
--(*len);
if( **p != 0 ) if (**p != 0) {
return( MBEDTLS_ERR_ASN1_INVALID_DATA ); return MBEDTLS_ERR_ASN1_INVALID_DATA;
++( *p ); }
++(*p);
return( 0 ); return 0;
} }
void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ) void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq)
{ {
while( seq != NULL ) while (seq != NULL) {
{
mbedtls_asn1_sequence *next = seq->next; mbedtls_asn1_sequence *next = seq->next;
mbedtls_free( seq ); mbedtls_free(seq);
seq = next; seq = next;
} }
} }
typedef struct typedef struct {
{
int tag; int tag;
mbedtls_asn1_sequence *cur; mbedtls_asn1_sequence *cur;
} asn1_get_sequence_of_cb_ctx_t; } asn1_get_sequence_of_cb_ctx_t;
static int asn1_get_sequence_of_cb( void *ctx, static int asn1_get_sequence_of_cb(void *ctx,
int tag, int tag,
unsigned char *start, unsigned char *start,
size_t len ) size_t len)
{ {
asn1_get_sequence_of_cb_ctx_t *cb_ctx = asn1_get_sequence_of_cb_ctx_t *cb_ctx =
(asn1_get_sequence_of_cb_ctx_t *) ctx; (asn1_get_sequence_of_cb_ctx_t *) ctx;
mbedtls_asn1_sequence *cur = mbedtls_asn1_sequence *cur =
cb_ctx->cur; cb_ctx->cur;
if( cur->buf.p != NULL ) if (cur->buf.p != NULL) {
{
cur->next = cur->next =
mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence));
if( cur->next == NULL ) if (cur->next == NULL) {
return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); return MBEDTLS_ERR_ASN1_ALLOC_FAILED;
}
cur = cur->next; cur = cur->next;
} }
@ -351,136 +368,139 @@ static int asn1_get_sequence_of_cb( void *ctx,
cur->buf.tag = tag; cur->buf.tag = tag;
cb_ctx->cur = cur; cb_ctx->cur = cur;
return( 0 ); return 0;
} }
/* /*
* Parses and splits an ASN.1 "SEQUENCE OF <tag>" * Parses and splits an ASN.1 "SEQUENCE OF <tag>"
*/ */
int mbedtls_asn1_get_sequence_of( unsigned char **p, int mbedtls_asn1_get_sequence_of(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_asn1_sequence *cur, mbedtls_asn1_sequence *cur,
int tag) int tag)
{ {
asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur }; asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur };
memset( cur, 0, sizeof( mbedtls_asn1_sequence ) ); memset(cur, 0, sizeof(mbedtls_asn1_sequence));
return( mbedtls_asn1_traverse_sequence_of( return mbedtls_asn1_traverse_sequence_of(
p, end, 0xFF, tag, 0, 0, p, end, 0xFF, tag, 0, 0,
asn1_get_sequence_of_cb, &cb_ctx ) ); asn1_get_sequence_of_cb, &cb_ctx);
} }
int mbedtls_asn1_get_alg( unsigned char **p, int mbedtls_asn1_get_alg(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ) mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len; size_t len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, if ((ret = mbedtls_asn1_get_tag(p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
return( ret ); return ret;
}
if( ( end - *p ) < 1 ) if ((end - *p) < 1) {
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
}
alg->tag = **p; alg->tag = **p;
end = *p + len; end = *p + len;
if( ( ret = mbedtls_asn1_get_tag( p, end, &alg->len, MBEDTLS_ASN1_OID ) ) != 0 ) if ((ret = mbedtls_asn1_get_tag(p, end, &alg->len, MBEDTLS_ASN1_OID)) != 0) {
return( ret ); return ret;
}
alg->p = *p; alg->p = *p;
*p += alg->len; *p += alg->len;
if( *p == end ) if (*p == end) {
{ mbedtls_platform_zeroize(params, sizeof(mbedtls_asn1_buf));
mbedtls_platform_zeroize( params, sizeof(mbedtls_asn1_buf) ); return 0;
return( 0 );
} }
params->tag = **p; params->tag = **p;
(*p)++; (*p)++;
if( ( ret = mbedtls_asn1_get_len( p, end, &params->len ) ) != 0 ) if ((ret = mbedtls_asn1_get_len(p, end, &params->len)) != 0) {
return( ret ); return ret;
}
params->p = *p; params->p = *p;
*p += params->len; *p += params->len;
if( *p != end ) if (*p != end) {
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
}
return( 0 ); return 0;
} }
int mbedtls_asn1_get_alg_null( unsigned char **p, int mbedtls_asn1_get_alg_null(unsigned char **p,
const unsigned char *end, const unsigned char *end,
mbedtls_asn1_buf *alg ) mbedtls_asn1_buf *alg)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_asn1_buf params; mbedtls_asn1_buf params;
memset( &params, 0, sizeof(mbedtls_asn1_buf) ); memset(&params, 0, sizeof(mbedtls_asn1_buf));
if( ( ret = mbedtls_asn1_get_alg( p, end, alg, &params ) ) != 0 ) if ((ret = mbedtls_asn1_get_alg(p, end, alg, &params)) != 0) {
return( ret ); return ret;
}
if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 ) if ((params.tag != MBEDTLS_ASN1_NULL && params.tag != 0) || params.len != 0) {
return( MBEDTLS_ERR_ASN1_INVALID_DATA ); return MBEDTLS_ERR_ASN1_INVALID_DATA;
}
return( 0 ); return 0;
} }
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur ) void mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *cur)
{ {
if( cur == NULL ) if (cur == NULL) {
return; return;
}
mbedtls_free( cur->oid.p ); mbedtls_free(cur->oid.p);
mbedtls_free( cur->val.p ); mbedtls_free(cur->val.p);
mbedtls_platform_zeroize( cur, sizeof( mbedtls_asn1_named_data ) ); mbedtls_platform_zeroize(cur, sizeof(mbedtls_asn1_named_data));
} }
#endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ) void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head)
{ {
mbedtls_asn1_named_data *cur; mbedtls_asn1_named_data *cur;
while( ( cur = *head ) != NULL ) while ((cur = *head) != NULL) {
{
*head = cur->next; *head = cur->next;
mbedtls_free( cur->oid.p ); mbedtls_free(cur->oid.p);
mbedtls_free( cur->val.p ); mbedtls_free(cur->val.p);
mbedtls_free( cur ); mbedtls_free(cur);
} }
} }
void mbedtls_asn1_free_named_data_list_shallow( mbedtls_asn1_named_data *name ) void mbedtls_asn1_free_named_data_list_shallow(mbedtls_asn1_named_data *name)
{ {
for( mbedtls_asn1_named_data *next; name != NULL; name = next ) for (mbedtls_asn1_named_data *next; name != NULL; name = next) {
{
next = name->next; next = name->next;
mbedtls_free( name ); mbedtls_free(name);
} }
} }
const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( const mbedtls_asn1_named_data *list, const mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(const mbedtls_asn1_named_data *list,
const char *oid, size_t len ) const char *oid, size_t len)
{ {
while( list != NULL ) while (list != NULL) {
{ if (list->oid.len == len &&
if( list->oid.len == len && memcmp(list->oid.p, oid, len) == 0) {
memcmp( list->oid.p, oid, len ) == 0 )
{
break; break;
} }
list = list->next; list = list->next;
} }
return( list ); return list;
} }
#endif /* MBEDTLS_ASN1_PARSE_C */ #endif /* MBEDTLS_ASN1_PARSE_C */

412
library/asn1write.c
View File

@ -28,452 +28,454 @@
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_t len ) int mbedtls_asn1_write_len(unsigned char **p, const unsigned char *start, size_t len)
{ {
if( len < 0x80 ) if (len < 0x80) {
{ if (*p - start < 1) {
if( *p - start < 1 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
*--(*p) = (unsigned char) len; *--(*p) = (unsigned char) len;
return( 1 ); return 1;
} }
if( len <= 0xFF ) if (len <= 0xFF) {
{ if (*p - start < 2) {
if( *p - start < 2 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
*--(*p) = (unsigned char) len; *--(*p) = (unsigned char) len;
*--(*p) = 0x81; *--(*p) = 0x81;
return( 2 ); return 2;
} }
if( len <= 0xFFFF ) if (len <= 0xFFFF) {
{ if (*p - start < 3) {
if( *p - start < 3 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
*--(*p) = MBEDTLS_BYTE_0( len ); *--(*p) = MBEDTLS_BYTE_0(len);
*--(*p) = MBEDTLS_BYTE_1( len ); *--(*p) = MBEDTLS_BYTE_1(len);
*--(*p) = 0x82; *--(*p) = 0x82;
return( 3 ); return 3;
} }
if( len <= 0xFFFFFF ) if (len <= 0xFFFFFF) {
{ if (*p - start < 4) {
if( *p - start < 4 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
*--(*p) = MBEDTLS_BYTE_0( len ); *--(*p) = MBEDTLS_BYTE_0(len);
*--(*p) = MBEDTLS_BYTE_1( len ); *--(*p) = MBEDTLS_BYTE_1(len);
*--(*p) = MBEDTLS_BYTE_2( len ); *--(*p) = MBEDTLS_BYTE_2(len);
*--(*p) = 0x83; *--(*p) = 0x83;
return( 4 ); return 4;
} }
int len_is_valid = 1; int len_is_valid = 1;
#if SIZE_MAX > 0xFFFFFFFF #if SIZE_MAX > 0xFFFFFFFF
len_is_valid = ( len <= 0xFFFFFFFF ); len_is_valid = (len <= 0xFFFFFFFF);
#endif #endif
if( len_is_valid ) if (len_is_valid) {
{ if (*p - start < 5) {
if( *p - start < 5 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
*--(*p) = MBEDTLS_BYTE_0( len ); *--(*p) = MBEDTLS_BYTE_0(len);
*--(*p) = MBEDTLS_BYTE_1( len ); *--(*p) = MBEDTLS_BYTE_1(len);
*--(*p) = MBEDTLS_BYTE_2( len ); *--(*p) = MBEDTLS_BYTE_2(len);
*--(*p) = MBEDTLS_BYTE_3( len ); *--(*p) = MBEDTLS_BYTE_3(len);
*--(*p) = 0x84; *--(*p) = 0x84;
return( 5 ); return 5;
} }
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
} }
int mbedtls_asn1_write_tag( unsigned char **p, const unsigned char *start, unsigned char tag ) int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start, unsigned char tag)
{ {
if( *p - start < 1 ) if (*p - start < 1) {
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
}
*--(*p) = tag; *--(*p) = tag;
return( 1 ); return 1;
} }
int mbedtls_asn1_write_raw_buffer( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_raw_buffer(unsigned char **p, const unsigned char *start,
const unsigned char *buf, size_t size ) const unsigned char *buf, size_t size)
{ {
size_t len = 0; size_t len = 0;
if( *p < start || (size_t)( *p - start ) < size ) if (*p < start || (size_t) (*p - start) < size) {
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
}
len = size; len = size;
(*p) -= len; (*p) -= len;
memcpy( *p, buf, len ); memcpy(*p, buf, len);
return( (int) len ); return (int) len;
} }
#if defined(MBEDTLS_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
int mbedtls_asn1_write_mpi( unsigned char **p, const unsigned char *start, const mbedtls_mpi *X ) int mbedtls_asn1_write_mpi(unsigned char **p, const unsigned char *start, const mbedtls_mpi *X)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
// Write the MPI // Write the MPI
// //
len = mbedtls_mpi_size( X ); len = mbedtls_mpi_size(X);
/* DER represents 0 with a sign bit (0=nonnegative) and 7 value bits, not /* DER represents 0 with a sign bit (0=nonnegative) and 7 value bits, not
* as 0 digits. We need to end up with 020100, not with 0200. */ * as 0 digits. We need to end up with 020100, not with 0200. */
if( len == 0 ) if (len == 0) {
len = 1; len = 1;
}
if( *p < start || (size_t)( *p - start ) < len ) if (*p < start || (size_t) (*p - start) < len) {
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
}
(*p) -= len; (*p) -= len;
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, *p, len ) ); MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(X, *p, len));
// DER format assumes 2s complement for numbers, so the leftmost bit // DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers. // should be 0 for positive numbers and 1 for negative numbers.
// //
if( X->s ==1 && **p & 0x80 ) if (X->s == 1 && **p & 0x80) {
{ if (*p - start < 1) {
if( *p - start < 1 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
*--(*p) = 0x00; *--(*p) = 0x00;
len += 1; len += 1;
} }
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_INTEGER));
ret = (int) len; ret = (int) len;
cleanup: cleanup:
return( ret ); return ret;
} }
#endif /* MBEDTLS_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
int mbedtls_asn1_write_null( unsigned char **p, const unsigned char *start ) int mbedtls_asn1_write_null(unsigned char **p, const unsigned char *start)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
// Write NULL // Write NULL
// //
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, 0) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, 0));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_NULL ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_NULL));
return( (int) len ); return (int) len;
} }
int mbedtls_asn1_write_oid( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_oid(unsigned char **p, const unsigned char *start,
const char *oid, size_t oid_len ) const char *oid, size_t oid_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start,
(const unsigned char *) oid, oid_len ) ); (const unsigned char *) oid, oid_len));
MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OID));
return( (int) len ); return (int) len;
} }
int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_algorithm_identifier(unsigned char **p, const unsigned char *start,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
size_t par_len ) size_t par_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
if( par_len == 0 ) if (par_len == 0) {
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_null(p, start));
else } else {
len += par_len; len += par_len;
}
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE));
return( (int) len ); return (int) len;
} }
int mbedtls_asn1_write_bool( unsigned char **p, const unsigned char *start, int boolean ) int mbedtls_asn1_write_bool(unsigned char **p, const unsigned char *start, int boolean)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
if( *p - start < 1 ) if (*p - start < 1) {
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
}
*--(*p) = (boolean) ? 255 : 0; *--(*p) = (boolean) ? 255 : 0;
len++; len++;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BOOLEAN ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BOOLEAN));
return( (int) len ); return (int) len;
} }
static int asn1_write_tagged_int( unsigned char **p, const unsigned char *start, int val, int tag ) static int asn1_write_tagged_int(unsigned char **p, const unsigned char *start, int val, int tag)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
do do {
{ if (*p - start < 1) {
if( *p - start < 1 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
len += 1; len += 1;
*--(*p) = val & 0xff; *--(*p) = val & 0xff;
val >>= 8; val >>= 8;
} } while (val > 0);
while( val > 0 );
if( **p & 0x80 ) if (**p & 0x80) {
{ if (*p - start < 1) {
if( *p - start < 1 ) return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); }
*--(*p) = 0x00; *--(*p) = 0x00;
len += 1; len += 1;
} }
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag));
return( (int) len ); return (int) len;
} }
int mbedtls_asn1_write_int( unsigned char **p, const unsigned char *start, int val ) int mbedtls_asn1_write_int(unsigned char **p, const unsigned char *start, int val)
{ {
return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_INTEGER ) ); return asn1_write_tagged_int(p, start, val, MBEDTLS_ASN1_INTEGER);
} }
int mbedtls_asn1_write_enum( unsigned char **p, const unsigned char *start, int val ) int mbedtls_asn1_write_enum(unsigned char **p, const unsigned char *start, int val)
{ {
return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_ENUMERATED ) ); return asn1_write_tagged_int(p, start, val, MBEDTLS_ASN1_ENUMERATED);
} }
int mbedtls_asn1_write_tagged_string( unsigned char **p, const unsigned char *start, int tag, int mbedtls_asn1_write_tagged_string(unsigned char **p, const unsigned char *start, int tag,
const char *text, size_t text_len ) const char *text, size_t text_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start,
(const unsigned char *) text, text_len ) ); (const unsigned char *) text,
text_len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag));
return( (int) len ); return (int) len;
} }
int mbedtls_asn1_write_utf8_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_utf8_string(unsigned char **p, const unsigned char *start,
const char *text, size_t text_len ) const char *text, size_t text_len)
{ {
return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len) ); return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len);
} }
int mbedtls_asn1_write_printable_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_printable_string(unsigned char **p, const unsigned char *start,
const char *text, size_t text_len ) const char *text, size_t text_len)
{ {
return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text, text_len) ); return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text,
text_len);
} }
int mbedtls_asn1_write_ia5_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_ia5_string(unsigned char **p, const unsigned char *start,
const char *text, size_t text_len ) const char *text, size_t text_len)
{ {
return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len) ); return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len);
} }
int mbedtls_asn1_write_named_bitstring( unsigned char **p, int mbedtls_asn1_write_named_bitstring(unsigned char **p,
const unsigned char *start, const unsigned char *start,
const unsigned char *buf, const unsigned char *buf,
size_t bits ) size_t bits)
{ {
size_t unused_bits, byte_len; size_t unused_bits, byte_len;
const unsigned char *cur_byte; const unsigned char *cur_byte;
unsigned char cur_byte_shifted; unsigned char cur_byte_shifted;
unsigned char bit; unsigned char bit;
byte_len = ( bits + 7 ) / 8; byte_len = (bits + 7) / 8;
unused_bits = ( byte_len * 8 ) - bits; unused_bits = (byte_len * 8) - bits;
/* /*
* Named bitstrings require that trailing 0s are excluded in the encoding * Named bitstrings require that trailing 0s are excluded in the encoding
* of the bitstring. Trailing 0s are considered part of the 'unused' bits * of the bitstring. Trailing 0s are considered part of the 'unused' bits
* when encoding this value in the first content octet * when encoding this value in the first content octet
*/ */
if( bits != 0 ) if (bits != 0) {
{
cur_byte = buf + byte_len - 1; cur_byte = buf + byte_len - 1;
cur_byte_shifted = *cur_byte >> unused_bits; cur_byte_shifted = *cur_byte >> unused_bits;
for( ; ; ) for (;;) {
{
bit = cur_byte_shifted & 0x1; bit = cur_byte_shifted & 0x1;
cur_byte_shifted >>= 1; cur_byte_shifted >>= 1;
if( bit != 0 ) if (bit != 0) {
break; break;
}
bits--; bits--;
if( bits == 0 ) if (bits == 0) {
break; break;
}
if( bits % 8 == 0 ) if (bits % 8 == 0) {
cur_byte_shifted = *--cur_byte; cur_byte_shifted = *--cur_byte;
}
} }
} }
return( mbedtls_asn1_write_bitstring( p, start, buf, bits ) ); return mbedtls_asn1_write_bitstring(p, start, buf, bits);
} }
int mbedtls_asn1_write_bitstring( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_bitstring(unsigned char **p, const unsigned char *start,
const unsigned char *buf, size_t bits ) const unsigned char *buf, size_t bits)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
size_t unused_bits, byte_len; size_t unused_bits, byte_len;
byte_len = ( bits + 7 ) / 8; byte_len = (bits + 7) / 8;
unused_bits = ( byte_len * 8 ) - bits; unused_bits = (byte_len * 8) - bits;
if( *p < start || (size_t)( *p - start ) < byte_len + 1 ) if (*p < start || (size_t) (*p - start) < byte_len + 1) {
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
}
len = byte_len + 1; len = byte_len + 1;
/* Write the bitstring. Ensure the unused bits are zeroed */ /* Write the bitstring. Ensure the unused bits are zeroed */
if( byte_len > 0 ) if (byte_len > 0) {
{
byte_len--; byte_len--;
*--( *p ) = buf[byte_len] & ~( ( 0x1 << unused_bits ) - 1 ); *--(*p) = buf[byte_len] & ~((0x1 << unused_bits) - 1);
( *p ) -= byte_len; (*p) -= byte_len;
memcpy( *p, buf, byte_len ); memcpy(*p, buf, byte_len);
} }
/* Write unused bits */ /* Write unused bits */
*--( *p ) = (unsigned char)unused_bits; *--(*p) = (unsigned char) unused_bits;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BIT_STRING));
return( (int) len ); return (int) len;
} }
int mbedtls_asn1_write_octet_string( unsigned char **p, const unsigned char *start, int mbedtls_asn1_write_octet_string(unsigned char **p, const unsigned char *start,
const unsigned char *buf, size_t size ) const unsigned char *buf, size_t size)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, buf, size));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) ); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OCTET_STRING));
return( (int) len ); return (int) len;
} }
/* This is a copy of the ASN.1 parsing function mbedtls_asn1_find_named_data(), /* This is a copy of the ASN.1 parsing function mbedtls_asn1_find_named_data(),
* which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */ * which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */
static mbedtls_asn1_named_data *asn1_find_named_data( static mbedtls_asn1_named_data *asn1_find_named_data(
mbedtls_asn1_named_data *list, mbedtls_asn1_named_data *list,
const char *oid, size_t len ) const char *oid, size_t len)
{ {
while( list != NULL ) while (list != NULL) {
{ if (list->oid.len == len &&
if( list->oid.len == len && memcmp(list->oid.p, oid, len) == 0) {
memcmp( list->oid.p, oid, len ) == 0 )
{
break; break;
} }
list = list->next; list = list->next;
} }
return( list ); return list;
} }
mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(
mbedtls_asn1_named_data **head, mbedtls_asn1_named_data **head,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
const unsigned char *val, const unsigned char *val,
size_t val_len ) size_t val_len)
{ {
mbedtls_asn1_named_data *cur; mbedtls_asn1_named_data *cur;
if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL ) if ((cur = asn1_find_named_data(*head, oid, oid_len)) == NULL) {
{
// Add new entry if not present yet based on OID // Add new entry if not present yet based on OID
// //
cur = (mbedtls_asn1_named_data*)mbedtls_calloc( 1, cur = (mbedtls_asn1_named_data *) mbedtls_calloc(1,
sizeof(mbedtls_asn1_named_data) ); sizeof(mbedtls_asn1_named_data));
if( cur == NULL ) if (cur == NULL) {
return( NULL ); return NULL;
cur->oid.len = oid_len;
cur->oid.p = mbedtls_calloc( 1, oid_len );
if( cur->oid.p == NULL )
{
mbedtls_free( cur );
return( NULL );
} }
memcpy( cur->oid.p, oid, oid_len ); cur->oid.len = oid_len;
cur->oid.p = mbedtls_calloc(1, oid_len);
if (cur->oid.p == NULL) {
mbedtls_free(cur);
return NULL;
}
memcpy(cur->oid.p, oid, oid_len);
cur->val.len = val_len; cur->val.len = val_len;
if( val_len != 0 ) if (val_len != 0) {
{ cur->val.p = mbedtls_calloc(1, val_len);
cur->val.p = mbedtls_calloc( 1, val_len ); if (cur->val.p == NULL) {
if( cur->val.p == NULL ) mbedtls_free(cur->oid.p);
{ mbedtls_free(cur);
mbedtls_free( cur->oid.p ); return NULL;
mbedtls_free( cur );
return( NULL );
} }
} }
cur->next = *head; cur->next = *head;
*head = cur; *head = cur;
} } else if (val_len == 0) {
else if( val_len == 0 ) mbedtls_free(cur->val.p);
{
mbedtls_free( cur->val.p );
cur->val.p = NULL; cur->val.p = NULL;
} } else if (cur->val.len != val_len) {
else if( cur->val.len != val_len )
{
/* /*
* Enlarge existing value buffer if needed * Enlarge existing value buffer if needed
* Preserve old data until the allocation succeeded, to leave list in * Preserve old data until the allocation succeeded, to leave list in
* a consistent state in case allocation fails. * a consistent state in case allocation fails.
*/ */
void *p = mbedtls_calloc( 1, val_len ); void *p = mbedtls_calloc(1, val_len);
if( p == NULL ) if (p == NULL) {
return( NULL ); return NULL;
}
mbedtls_free( cur->val.p ); mbedtls_free(cur->val.p);
cur->val.p = p; cur->val.p = p;
cur->val.len = val_len; cur->val.len = val_len;
} }
if( val != NULL && val_len != 0 ) if (val != NULL && val_len != 0) {
memcpy( cur->val.p, val, val_len ); memcpy(cur->val.p, val, val_len);
}
return( cur ); return cur;
} }
#endif /* MBEDTLS_ASN1_WRITE_C */ #endif /* MBEDTLS_ASN1_WRITE_C */

199
library/base64.c
View File

@ -31,68 +31,65 @@
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#define BASE64_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */ #define BASE64_SIZE_T_MAX ((size_t) -1) /* SIZE_T_MAX is not standard */
/* /*
* Encode a buffer into base64 format * Encode a buffer into base64 format
*/ */
int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen ) const unsigned char *src, size_t slen)
{ {
size_t i, n; size_t i, n;
int C1, C2, C3; int C1, C2, C3;
unsigned char *p; unsigned char *p;
if( slen == 0 ) if (slen == 0) {
{
*olen = 0; *olen = 0;
return( 0 ); return 0;
} }
n = slen / 3 + ( slen % 3 != 0 ); n = slen / 3 + (slen % 3 != 0);
if( n > ( BASE64_SIZE_T_MAX - 1 ) / 4 ) if (n > (BASE64_SIZE_T_MAX - 1) / 4) {
{
*olen = BASE64_SIZE_T_MAX; *olen = BASE64_SIZE_T_MAX;
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
} }
n *= 4; n *= 4;
if( ( dlen < n + 1 ) || ( NULL == dst ) ) if ((dlen < n + 1) || (NULL == dst)) {
{
*olen = n + 1; *olen = n + 1;
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
} }
n = ( slen / 3 ) * 3; n = (slen / 3) * 3;
for( i = 0, p = dst; i < n; i += 3 ) for (i = 0, p = dst; i < n; i += 3) {
{
C1 = *src++; C1 = *src++;
C2 = *src++; C2 = *src++;
C3 = *src++; C3 = *src++;
*p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F ); *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F);
*p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) *p++ = mbedtls_ct_base64_enc_char((((C1 & 3) << 4) + (C2 >> 4))
& 0x3F ); & 0x3F);
*p++ = mbedtls_ct_base64_enc_char( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) ) *p++ = mbedtls_ct_base64_enc_char((((C2 & 15) << 2) + (C3 >> 6))
& 0x3F ); & 0x3F);
*p++ = mbedtls_ct_base64_enc_char( C3 & 0x3F ); *p++ = mbedtls_ct_base64_enc_char(C3 & 0x3F);
} }
if( i < slen ) if (i < slen) {
{
C1 = *src++; C1 = *src++;
C2 = ( ( i + 1 ) < slen ) ? *src++ : 0; C2 = ((i + 1) < slen) ? *src++ : 0;
*p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F ); *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F);
*p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) *p++ = mbedtls_ct_base64_enc_char((((C1 & 3) << 4) + (C2 >> 4))
& 0x3F ); & 0x3F);
if( ( i + 1 ) < slen ) if ((i + 1) < slen) {
*p++ = mbedtls_ct_base64_enc_char( ( ( C2 & 15 ) << 2 ) & 0x3F ); *p++ = mbedtls_ct_base64_enc_char(((C2 & 15) << 2) & 0x3F);
else *p++ = '='; } else {
*p++ = '=';
}
*p++ = '='; *p++ = '=';
} }
@ -100,14 +97,14 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
*olen = p - dst; *olen = p - dst;
*p = 0; *p = 0;
return( 0 ); return 0;
} }
/* /*
* Decode a base64-formatted buffer * Decode a base64-formatted buffer
*/ */
int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen,
const unsigned char *src, size_t slen ) const unsigned char *src, size_t slen)
{ {
size_t i; /* index in source */ size_t i; /* index in source */
size_t n; /* number of digits or trailing = in source */ size_t n; /* number of digits or trailing = in source */
@ -118,92 +115,97 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
unsigned char *p; unsigned char *p;
/* First pass: check for validity and get output length */ /* First pass: check for validity and get output length */
for( i = n = 0; i < slen; i++ ) for (i = n = 0; i < slen; i++) {
{
/* Skip spaces before checking for EOL */ /* Skip spaces before checking for EOL */
spaces_present = 0; spaces_present = 0;
while( i < slen && src[i] == ' ' ) while (i < slen && src[i] == ' ') {
{
++i; ++i;
spaces_present = 1; spaces_present = 1;
} }
/* Spaces at end of buffer are OK */ /* Spaces at end of buffer are OK */
if( i == slen ) if (i == slen) {
break; break;
}
if( ( slen - i ) >= 2 && if ((slen - i) >= 2 &&
src[i] == '\r' && src[i + 1] == '\n' ) src[i] == '\r' && src[i + 1] == '\n') {
continue; continue;
}
if( src[i] == '\n' ) if (src[i] == '\n') {
continue; continue;
}
/* Space inside a line is an error */ /* Space inside a line is an error */
if( spaces_present ) if (spaces_present) {
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
if( src[i] > 127 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
if( src[i] == '=' )
{
if( ++equals > 2 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
} }
else
{ if (src[i] > 127) {
if( equals != 0 ) return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); }
if( mbedtls_ct_base64_dec_value( src[i] ) < 0 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); if (src[i] == '=') {
if (++equals > 2) {
return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
}
} else {
if (equals != 0) {
return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
}
if (mbedtls_ct_base64_dec_value(src[i]) < 0) {
return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
}
} }
n++; n++;
} }
if( n == 0 ) if (n == 0) {
{
*olen = 0; *olen = 0;
return( 0 ); return 0;
} }
/* The following expression is to calculate the following formula without /* The following expression is to calculate the following formula without
* risk of integer overflow in n: * risk of integer overflow in n:
* n = ( ( n * 6 ) + 7 ) >> 3; * n = ( ( n * 6 ) + 7 ) >> 3;
*/ */
n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 ); n = (6 * (n >> 3)) + ((6 * (n & 0x7) + 7) >> 3);
n -= equals; n -= equals;
if( dst == NULL || dlen < n ) if (dst == NULL || dlen < n) {
{
*olen = n; *olen = n;
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
} }
equals = 0; equals = 0;
for( x = 0, p = dst; i > 0; i--, src++ ) for (x = 0, p = dst; i > 0; i--, src++) {
{ if (*src == '\r' || *src == '\n' || *src == ' ') {
if( *src == '\r' || *src == '\n' || *src == ' ' )
continue; continue;
}
x = x << 6; x = x << 6;
if( *src == '=' ) if (*src == '=') {
++equals; ++equals;
else } else {
x |= mbedtls_ct_base64_dec_value( *src ); x |= mbedtls_ct_base64_dec_value(*src);
}
if( ++accumulated_digits == 4 ) if (++accumulated_digits == 4) {
{
accumulated_digits = 0; accumulated_digits = 0;
*p++ = MBEDTLS_BYTE_2( x ); *p++ = MBEDTLS_BYTE_2(x);
if( equals <= 1 ) *p++ = MBEDTLS_BYTE_1( x ); if (equals <= 1) {
if( equals <= 0 ) *p++ = MBEDTLS_BYTE_0( x ); *p++ = MBEDTLS_BYTE_1(x);
}
if (equals <= 0) {
*p++ = MBEDTLS_BYTE_0(x);
}
} }
} }
*olen = p - dst; *olen = p - dst;
return( 0 ); return 0;
} }
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
@ -227,44 +229,47 @@ static const unsigned char base64_test_enc[] =
/* /*
* Checkup routine * Checkup routine
*/ */
int mbedtls_base64_self_test( int verbose ) int mbedtls_base64_self_test(int verbose)
{ {
size_t len; size_t len;
const unsigned char *src; const unsigned char *src;
unsigned char buffer[128]; unsigned char buffer[128];
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( " Base64 encoding test: " ); mbedtls_printf(" Base64 encoding test: ");
}
src = base64_test_dec; src = base64_test_dec;
if( mbedtls_base64_encode( buffer, sizeof( buffer ), &len, src, 64 ) != 0 || if (mbedtls_base64_encode(buffer, sizeof(buffer), &len, src, 64) != 0 ||
memcmp( base64_test_enc, buffer, 88 ) != 0 ) memcmp(base64_test_enc, buffer, 88) != 0) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf("failed\n");
mbedtls_printf( "failed\n" ); }
return( 1 ); return 1;
} }
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "passed\n Base64 decoding test: " ); mbedtls_printf("passed\n Base64 decoding test: ");
}
src = base64_test_enc; src = base64_test_enc;
if( mbedtls_base64_decode( buffer, sizeof( buffer ), &len, src, 88 ) != 0 || if (mbedtls_base64_decode(buffer, sizeof(buffer), &len, src, 88) != 0 ||
memcmp( base64_test_dec, buffer, 64 ) != 0 ) memcmp(base64_test_dec, buffer, 64) != 0) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf("failed\n");
mbedtls_printf( "failed\n" ); }
return( 1 ); return 1;
} }
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "passed\n\n" ); mbedtls_printf("passed\n\n");
}
return( 0 ); return 0;
} }
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

2200
library/bignum.c
View File

File diff suppressed because it is too large Load Diff

662
library/bignum_core.c
View File

File diff suppressed because it is too large Load Diff

212
library/bignum_core.h
View File

@ -86,19 +86,19 @@
#include "mbedtls/bignum.h" #include "mbedtls/bignum.h"
#endif #endif
#define ciL ( sizeof(mbedtls_mpi_uint) ) /** chars in limb */ #define ciL (sizeof(mbedtls_mpi_uint)) /** chars in limb */
#define biL ( ciL << 3 ) /** bits in limb */ #define biL (ciL << 3) /** bits in limb */
#define biH ( ciL << 2 ) /** half limb size */ #define biH (ciL << 2) /** half limb size */
/* /*
* Convert between bits/chars and number of limbs * Convert between bits/chars and number of limbs
* Divide first in order to avoid potential overflows * Divide first in order to avoid potential overflows
*/ */
#define BITS_TO_LIMBS(i) ( (i) / biL + ( (i) % biL != 0 ) ) #define BITS_TO_LIMBS(i) ((i) / biL + ((i) % biL != 0))
#define CHARS_TO_LIMBS(i) ( (i) / ciL + ( (i) % ciL != 0 ) ) #define CHARS_TO_LIMBS(i) ((i) / ciL + ((i) % ciL != 0))
/* Get a specific byte, without range checks. */ /* Get a specific byte, without range checks. */
#define GET_BYTE( X, i ) \ #define GET_BYTE(X, i) \
( ( (X)[(i) / ciL] >> ( ( (i) % ciL ) * 8 ) ) & 0xff ) (((X)[(i) / ciL] >> (((i) % ciL) * 8)) & 0xff)
/** Count leading zero bits in a given integer. /** Count leading zero bits in a given integer.
* *
@ -106,7 +106,7 @@
* *
* \return The number of leading zero bits in \p a. * \return The number of leading zero bits in \p a.
*/ */
size_t mbedtls_mpi_core_clz( mbedtls_mpi_uint a ); size_t mbedtls_mpi_core_clz(mbedtls_mpi_uint a);
/** Return the minimum number of bits required to represent the value held /** Return the minimum number of bits required to represent the value held
* in the MPI. * in the MPI.
@ -118,7 +118,7 @@ size_t mbedtls_mpi_core_clz( mbedtls_mpi_uint a );
* *
* \return The number of bits in \p A. * \return The number of bits in \p A.
*/ */
size_t mbedtls_mpi_core_bitlen( const mbedtls_mpi_uint *A, size_t A_limbs ); size_t mbedtls_mpi_core_bitlen(const mbedtls_mpi_uint *A, size_t A_limbs);
/** Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint /** Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint
* into the storage form used by mbedtls_mpi. * into the storage form used by mbedtls_mpi.
@ -126,8 +126,8 @@ size_t mbedtls_mpi_core_bitlen( const mbedtls_mpi_uint *A, size_t A_limbs );
* \param[in,out] A The address of the MPI. * \param[in,out] A The address of the MPI.
* \param A_limbs The number of limbs of \p A. * \param A_limbs The number of limbs of \p A.
*/ */
void mbedtls_mpi_core_bigendian_to_host( mbedtls_mpi_uint *A, void mbedtls_mpi_core_bigendian_to_host(mbedtls_mpi_uint *A,
size_t A_limbs ); size_t A_limbs);
/** \brief Compare a machine integer with an MPI. /** \brief Compare a machine integer with an MPI.
* *
@ -141,9 +141,9 @@ void mbedtls_mpi_core_bigendian_to_host( mbedtls_mpi_uint *A,
* *
* \return 1 if \p min is less than or equal to \p A, otherwise 0. * \return 1 if \p min is less than or equal to \p A, otherwise 0.
*/ */
unsigned mbedtls_mpi_core_uint_le_mpi( mbedtls_mpi_uint min, unsigned mbedtls_mpi_core_uint_le_mpi(mbedtls_mpi_uint min,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
size_t A_limbs ); size_t A_limbs);
/** /**
* \brief Perform a safe conditional copy of an MPI which doesn't reveal * \brief Perform a safe conditional copy of an MPI which doesn't reveal
@ -166,10 +166,10 @@ unsigned mbedtls_mpi_core_uint_le_mpi( mbedtls_mpi_uint min,
* is indeterminate, and the resulting value in \p X might be * is indeterminate, and the resulting value in \p X might be
* neither its original value nor the value in \p A. * neither its original value nor the value in \p A.
*/ */
void mbedtls_mpi_core_cond_assign( mbedtls_mpi_uint *X, void mbedtls_mpi_core_cond_assign(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
size_t limbs, size_t limbs,
unsigned char assign ); unsigned char assign);
/** /**
* \brief Perform a safe conditional swap of two MPIs which doesn't reveal * \brief Perform a safe conditional swap of two MPIs which doesn't reveal
@ -192,10 +192,10 @@ void mbedtls_mpi_core_cond_assign( mbedtls_mpi_uint *X,
* is indeterminate, and both \p X and \p Y might end up with * is indeterminate, and both \p X and \p Y might end up with
* values different to either of the original ones. * values different to either of the original ones.
*/ */
void mbedtls_mpi_core_cond_swap( mbedtls_mpi_uint *X, void mbedtls_mpi_core_cond_swap(mbedtls_mpi_uint *X,
mbedtls_mpi_uint *Y, mbedtls_mpi_uint *Y,
size_t limbs, size_t limbs,
unsigned char swap ); unsigned char swap);
/** Import X from unsigned binary data, little-endian. /** Import X from unsigned binary data, little-endian.
* *
@ -211,10 +211,10 @@ void mbedtls_mpi_core_cond_swap( mbedtls_mpi_uint *X,
* \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p X isn't * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p X isn't
* large enough to hold the value in \p input. * large enough to hold the value in \p input.
*/ */
int mbedtls_mpi_core_read_le( mbedtls_mpi_uint *X, int mbedtls_mpi_core_read_le(mbedtls_mpi_uint *X,
size_t X_limbs, size_t X_limbs,
const unsigned char *input, const unsigned char *input,
size_t input_length ); size_t input_length);
/** Import X from unsigned binary data, big-endian. /** Import X from unsigned binary data, big-endian.
* *
@ -233,10 +233,10 @@ int mbedtls_mpi_core_read_le( mbedtls_mpi_uint *X,
* \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p X isn't * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p X isn't
* large enough to hold the value in \p input. * large enough to hold the value in \p input.
*/ */
int mbedtls_mpi_core_read_be( mbedtls_mpi_uint *X, int mbedtls_mpi_core_read_be(mbedtls_mpi_uint *X,
size_t X_limbs, size_t X_limbs,
const unsigned char *input, const unsigned char *input,
size_t input_length ); size_t input_length);
/** Export A into unsigned binary data, little-endian. /** Export A into unsigned binary data, little-endian.
* *
@ -253,10 +253,10 @@ int mbedtls_mpi_core_read_be( mbedtls_mpi_uint *X,
* \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p output isn't * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p output isn't
* large enough to hold the value of \p A. * large enough to hold the value of \p A.
*/ */
int mbedtls_mpi_core_write_le( const mbedtls_mpi_uint *A, int mbedtls_mpi_core_write_le(const mbedtls_mpi_uint *A,
size_t A_limbs, size_t A_limbs,
unsigned char *output, unsigned char *output,
size_t output_length ); size_t output_length);
/** Export A into unsigned binary data, big-endian. /** Export A into unsigned binary data, big-endian.
* *
@ -273,10 +273,10 @@ int mbedtls_mpi_core_write_le( const mbedtls_mpi_uint *A,
* \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p output isn't * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p output isn't
* large enough to hold the value of \p A. * large enough to hold the value of \p A.
*/ */
int mbedtls_mpi_core_write_be( const mbedtls_mpi_uint *A, int mbedtls_mpi_core_write_be(const mbedtls_mpi_uint *A,
size_t A_limbs, size_t A_limbs,
unsigned char *output, unsigned char *output,
size_t output_length ); size_t output_length);
/** \brief Shift an MPI right in place by a number of bits. /** \brief Shift an MPI right in place by a number of bits.
* *
@ -290,8 +290,8 @@ int mbedtls_mpi_core_write_be( const mbedtls_mpi_uint *A,
* \param limbs The number of limbs of \p X. This must be at least 1. * \param limbs The number of limbs of \p X. This must be at least 1.
* \param count The number of bits to shift by. * \param count The number of bits to shift by.
*/ */
void mbedtls_mpi_core_shift_r( mbedtls_mpi_uint *X, size_t limbs, void mbedtls_mpi_core_shift_r(mbedtls_mpi_uint *X, size_t limbs,
size_t count ); size_t count);
/** /**
* \brief Add two fixed-size large unsigned integers, returning the carry. * \brief Add two fixed-size large unsigned integers, returning the carry.
@ -310,10 +310,10 @@ void mbedtls_mpi_core_shift_r( mbedtls_mpi_uint *X, size_t limbs,
* *
* \return 1 if `A + B >= 2^(biL*limbs)`, 0 otherwise. * \return 1 if `A + B >= 2^(biL*limbs)`, 0 otherwise.
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_add( mbedtls_mpi_uint *X, mbedtls_mpi_uint mbedtls_mpi_core_add(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
size_t limbs ); size_t limbs);
/** /**
* \brief Conditional addition of two fixed-size large unsigned integers, * \brief Conditional addition of two fixed-size large unsigned integers,
@ -345,10 +345,10 @@ mbedtls_mpi_uint mbedtls_mpi_core_add( mbedtls_mpi_uint *X,
* *
* \return 1 if `X + cond * A >= 2^(biL*limbs)`, 0 otherwise. * \return 1 if `X + cond * A >= 2^(biL*limbs)`, 0 otherwise.
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_add_if( mbedtls_mpi_uint *X, mbedtls_mpi_uint mbedtls_mpi_core_add_if(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
size_t limbs, size_t limbs,
unsigned cond ); unsigned cond);
/** /**
* \brief Subtract two fixed-size large unsigned integers, returning the borrow. * \brief Subtract two fixed-size large unsigned integers, returning the borrow.
@ -368,10 +368,10 @@ mbedtls_mpi_uint mbedtls_mpi_core_add_if( mbedtls_mpi_uint *X,
* \return 1 if `A < B`. * \return 1 if `A < B`.
* 0 if `A >= B`. * 0 if `A >= B`.
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_sub( mbedtls_mpi_uint *X, mbedtls_mpi_uint mbedtls_mpi_core_sub(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
size_t limbs ); size_t limbs);
/** /**
* \brief Perform a fixed-size multiply accumulate operation: X += b * A * \brief Perform a fixed-size multiply accumulate operation: X += b * A
@ -394,9 +394,9 @@ mbedtls_mpi_uint mbedtls_mpi_core_sub( mbedtls_mpi_uint *X,
* *
* \return The carry at the end of the operation. * \return The carry at the end of the operation.
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_mla( mbedtls_mpi_uint *X, size_t X_limbs, mbedtls_mpi_uint mbedtls_mpi_core_mla(mbedtls_mpi_uint *X, size_t X_limbs,
const mbedtls_mpi_uint *A, size_t A_limbs, const mbedtls_mpi_uint *A, size_t A_limbs,
mbedtls_mpi_uint b ); mbedtls_mpi_uint b);
/** /**
* \brief Calculate initialisation value for fast Montgomery modular * \brief Calculate initialisation value for fast Montgomery modular
@ -407,7 +407,7 @@ mbedtls_mpi_uint mbedtls_mpi_core_mla( mbedtls_mpi_uint *X, size_t X_limbs,
* *
* \return The initialisation value for fast Montgomery modular multiplication * \return The initialisation value for fast Montgomery modular multiplication
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_montmul_init( const mbedtls_mpi_uint *N ); mbedtls_mpi_uint mbedtls_mpi_core_montmul_init(const mbedtls_mpi_uint *N);
/** /**
* \brief Montgomery multiplication: X = A * B * R^-1 mod N (HAC 14.36) * \brief Montgomery multiplication: X = A * B * R^-1 mod N (HAC 14.36)
@ -444,11 +444,11 @@ mbedtls_mpi_uint mbedtls_mpi_core_montmul_init( const mbedtls_mpi_uint *N );
* It must not alias or otherwise overlap any of the * It must not alias or otherwise overlap any of the
* other parameters. * other parameters.
*/ */
void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X, void mbedtls_mpi_core_montmul(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, size_t B_limbs, const mbedtls_mpi_uint *B, size_t B_limbs,
const mbedtls_mpi_uint *N, size_t AN_limbs, const mbedtls_mpi_uint *N, size_t AN_limbs,
mbedtls_mpi_uint mm, mbedtls_mpi_uint *T ); mbedtls_mpi_uint mm, mbedtls_mpi_uint *T);
/** /**
* \brief Calculate the square of the Montgomery constant. (Needed * \brief Calculate the square of the Montgomery constant. (Needed
@ -465,8 +465,8 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
* \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p N modulus is zero. * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p N modulus is zero.
* \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p N modulus is negative. * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p N modulus is negative.
*/ */
int mbedtls_mpi_core_get_mont_r2_unsafe( mbedtls_mpi *X, int mbedtls_mpi_core_get_mont_r2_unsafe(mbedtls_mpi *X,
const mbedtls_mpi *N ); const mbedtls_mpi *N);
#if defined(MBEDTLS_TEST_HOOKS) #if defined(MBEDTLS_TEST_HOOKS)
/** /**
@ -481,11 +481,11 @@ int mbedtls_mpi_core_get_mont_r2_unsafe( mbedtls_mpi *X,
* \param index The (secret) table index to look up. This must be in the * \param index The (secret) table index to look up. This must be in the
* range `0 .. count-1`. * range `0 .. count-1`.
*/ */
void mbedtls_mpi_core_ct_uint_table_lookup( mbedtls_mpi_uint *dest, void mbedtls_mpi_core_ct_uint_table_lookup(mbedtls_mpi_uint *dest,
const mbedtls_mpi_uint *table, const mbedtls_mpi_uint *table,
size_t limbs, size_t limbs,
size_t count, size_t count,
size_t index ); size_t index);
#endif /* MBEDTLS_TEST_HOOKS */ #endif /* MBEDTLS_TEST_HOOKS */
/** /**
@ -507,10 +507,10 @@ void mbedtls_mpi_core_ct_uint_table_lookup( mbedtls_mpi_uint *dest,
* as a big-endian representation of an MPI; this can * as a big-endian representation of an MPI; this can
* be relevant in applications like deterministic ECDSA. * be relevant in applications like deterministic ECDSA.
*/ */
int mbedtls_mpi_core_fill_random( mbedtls_mpi_uint *X, size_t X_limbs, int mbedtls_mpi_core_fill_random(mbedtls_mpi_uint *X, size_t X_limbs,
size_t bytes, size_t bytes,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/** Generate a random number uniformly in a range. /** Generate a random number uniformly in a range.
* *
@ -542,12 +542,12 @@ int mbedtls_mpi_core_fill_random( mbedtls_mpi_uint *X, size_t X_limbs,
* is significantly larger than \p min, which is the case * is significantly larger than \p min, which is the case
* for all usual cryptographic applications. * for all usual cryptographic applications.
*/ */
int mbedtls_mpi_core_random( mbedtls_mpi_uint *X, int mbedtls_mpi_core_random(mbedtls_mpi_uint *X,
mbedtls_mpi_uint min, mbedtls_mpi_uint min,
const mbedtls_mpi_uint *N, const mbedtls_mpi_uint *N,
size_t limbs, size_t limbs,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/* BEGIN MERGE SLOT 1 */ /* BEGIN MERGE SLOT 1 */
@ -568,7 +568,7 @@ int mbedtls_mpi_core_random( mbedtls_mpi_uint *X,
* \return The number of limbs of working memory required by * \return The number of limbs of working memory required by
* `mbedtls_mpi_core_exp_mod()`. * `mbedtls_mpi_core_exp_mod()`.
*/ */
size_t mbedtls_mpi_core_exp_mod_working_limbs( size_t AN_limbs, size_t E_limbs ); size_t mbedtls_mpi_core_exp_mod_working_limbs(size_t AN_limbs, size_t E_limbs);
/** /**
* \brief Perform a modular exponentiation with secret exponent: * \brief Perform a modular exponentiation with secret exponent:
@ -597,12 +597,12 @@ size_t mbedtls_mpi_core_exp_mod_working_limbs( size_t AN_limbs, size_t E_limbs )
* longer needed, and before freeing it if it was dynamically * longer needed, and before freeing it if it was dynamically
* allocated. * allocated.
*/ */
void mbedtls_mpi_core_exp_mod( mbedtls_mpi_uint *X, void mbedtls_mpi_core_exp_mod(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *N, size_t AN_limbs, const mbedtls_mpi_uint *N, size_t AN_limbs,
const mbedtls_mpi_uint *E, size_t E_limbs, const mbedtls_mpi_uint *E, size_t E_limbs,
const mbedtls_mpi_uint *RR, const mbedtls_mpi_uint *RR,
mbedtls_mpi_uint *T ); mbedtls_mpi_uint *T);
/* END MERGE SLOT 1 */ /* END MERGE SLOT 1 */
@ -624,10 +624,10 @@ void mbedtls_mpi_core_exp_mod( mbedtls_mpi_uint *X,
* \return 1 if `A < b`. * \return 1 if `A < b`.
* 0 if `A >= b`. * 0 if `A >= b`.
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_sub_int( mbedtls_mpi_uint *X, mbedtls_mpi_uint mbedtls_mpi_core_sub_int(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
mbedtls_mpi_uint b, mbedtls_mpi_uint b,
size_t limbs ); size_t limbs);
/** /**
* \brief Determine if a given MPI has the value \c 0 in constant time with * \brief Determine if a given MPI has the value \c 0 in constant time with
@ -639,8 +639,8 @@ mbedtls_mpi_uint mbedtls_mpi_core_sub_int( mbedtls_mpi_uint *X,
* \return 0 if `A == 0` * \return 0 if `A == 0`
* non-0 (may be any value) if `A != 0`. * non-0 (may be any value) if `A != 0`.
*/ */
mbedtls_mpi_uint mbedtls_mpi_core_check_zero_ct( const mbedtls_mpi_uint *A, mbedtls_mpi_uint mbedtls_mpi_core_check_zero_ct(const mbedtls_mpi_uint *A,
size_t limbs ); size_t limbs);
/** /**
* \brief Returns the number of limbs of working memory required for * \brief Returns the number of limbs of working memory required for
@ -654,9 +654,9 @@ mbedtls_mpi_uint mbedtls_mpi_core_check_zero_ct( const mbedtls_mpi_uint *A,
* \return The number of limbs of working memory required by * \return The number of limbs of working memory required by
* `mbedtls_mpi_core_montmul()` (or other similar function). * `mbedtls_mpi_core_montmul()` (or other similar function).
*/ */
static inline size_t mbedtls_mpi_core_montmul_working_limbs( size_t AN_limbs ) static inline size_t mbedtls_mpi_core_montmul_working_limbs(size_t AN_limbs)
{ {
return( 2 * AN_limbs + 1 ); return 2 * AN_limbs + 1;
} }
/** Convert an MPI into Montgomery form. /** Convert an MPI into Montgomery form.
@ -690,13 +690,13 @@ static inline size_t mbedtls_mpi_core_montmul_working_limbs( size_t AN_limbs )
* It must not alias or otherwise overlap any of the * It must not alias or otherwise overlap any of the
* other parameters. * other parameters.
*/ */
void mbedtls_mpi_core_to_mont_rep( mbedtls_mpi_uint *X, void mbedtls_mpi_core_to_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *N, const mbedtls_mpi_uint *N,
size_t AN_limbs, size_t AN_limbs,
mbedtls_mpi_uint mm, mbedtls_mpi_uint mm,
const mbedtls_mpi_uint *rr, const mbedtls_mpi_uint *rr,
mbedtls_mpi_uint *T ); mbedtls_mpi_uint *T);
/** Convert an MPI from Montgomery form. /** Convert an MPI from Montgomery form.
* *
@ -727,12 +727,12 @@ void mbedtls_mpi_core_to_mont_rep( mbedtls_mpi_uint *X,
* It must not alias or otherwise overlap any of the * It must not alias or otherwise overlap any of the
* other parameters. * other parameters.
*/ */
void mbedtls_mpi_core_from_mont_rep( mbedtls_mpi_uint *X, void mbedtls_mpi_core_from_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *N, const mbedtls_mpi_uint *N,
size_t AN_limbs, size_t AN_limbs,
mbedtls_mpi_uint mm, mbedtls_mpi_uint mm,
mbedtls_mpi_uint *T ); mbedtls_mpi_uint *T);
/* END MERGE SLOT 3 */ /* END MERGE SLOT 3 */

326
library/bignum_mod.c
View File

@ -34,33 +34,36 @@
#include "bignum_mod_raw.h" #include "bignum_mod_raw.h"
#include "constant_time_internal.h" #include "constant_time_internal.h"
int mbedtls_mpi_mod_residue_setup( mbedtls_mpi_mod_residue *r, int mbedtls_mpi_mod_residue_setup(mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
mbedtls_mpi_uint *p, mbedtls_mpi_uint *p,
size_t p_limbs ) size_t p_limbs)
{ {
if( p_limbs != m->limbs || !mbedtls_mpi_core_lt_ct( p, m->p, m->limbs ) ) if (p_limbs != m->limbs || !mbedtls_mpi_core_lt_ct(p, m->p, m->limbs)) {
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
r->limbs = m->limbs; r->limbs = m->limbs;
r->p = p; r->p = p;
return( 0 ); return 0;
} }
void mbedtls_mpi_mod_residue_release( mbedtls_mpi_mod_residue *r ) void mbedtls_mpi_mod_residue_release(mbedtls_mpi_mod_residue *r)
{ {
if( r == NULL ) if (r == NULL) {
return; return;
}
r->limbs = 0; r->limbs = 0;
r->p = NULL; r->p = NULL;
} }
void mbedtls_mpi_mod_modulus_init( mbedtls_mpi_mod_modulus *m ) void mbedtls_mpi_mod_modulus_init(mbedtls_mpi_mod_modulus *m)
{ {
if( m == NULL ) if (m == NULL) {
return; return;
}
m->p = NULL; m->p = NULL;
m->limbs = 0; m->limbs = 0;
@ -68,25 +71,24 @@ void mbedtls_mpi_mod_modulus_init( mbedtls_mpi_mod_modulus *m )
m->int_rep = MBEDTLS_MPI_MOD_REP_INVALID; m->int_rep = MBEDTLS_MPI_MOD_REP_INVALID;
} }
void mbedtls_mpi_mod_modulus_free( mbedtls_mpi_mod_modulus *m ) void mbedtls_mpi_mod_modulus_free(mbedtls_mpi_mod_modulus *m)
{ {
if( m == NULL ) if (m == NULL) {
return; return;
}
switch( m->int_rep ) switch (m->int_rep) {
{
case MBEDTLS_MPI_MOD_REP_MONTGOMERY: case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
if (m->rep.mont.rr != NULL) if (m->rep.mont.rr != NULL) {
{ mbedtls_platform_zeroize((mbedtls_mpi_uint *) m->rep.mont.rr,
mbedtls_platform_zeroize( (mbedtls_mpi_uint *) m->rep.mont.rr, m->limbs * sizeof(mbedtls_mpi_uint));
m->limbs * sizeof(mbedtls_mpi_uint) ); mbedtls_free((mbedtls_mpi_uint *) m->rep.mont.rr);
mbedtls_free( (mbedtls_mpi_uint *)m->rep.mont.rr );
m->rep.mont.rr = NULL; m->rep.mont.rr = NULL;
} }
m->rep.mont.mm = 0; m->rep.mont.mm = 0;
break; break;
case MBEDTLS_MPI_MOD_REP_OPT_RED: case MBEDTLS_MPI_MOD_REP_OPT_RED:
mbedtls_free( m->rep.ored ); mbedtls_free(m->rep.ored);
break; break;
case MBEDTLS_MPI_MOD_REP_INVALID: case MBEDTLS_MPI_MOD_REP_INVALID:
break; break;
@ -98,30 +100,31 @@ void mbedtls_mpi_mod_modulus_free( mbedtls_mpi_mod_modulus *m )
m->int_rep = MBEDTLS_MPI_MOD_REP_INVALID; m->int_rep = MBEDTLS_MPI_MOD_REP_INVALID;
} }
static int set_mont_const_square( const mbedtls_mpi_uint **X, static int set_mont_const_square(const mbedtls_mpi_uint **X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
size_t limbs ) size_t limbs)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_mpi N; mbedtls_mpi N;
mbedtls_mpi RR; mbedtls_mpi RR;
*X = NULL; *X = NULL;
mbedtls_mpi_init( &N ); mbedtls_mpi_init(&N);
mbedtls_mpi_init( &RR ); mbedtls_mpi_init(&RR);
if( A == NULL || limbs == 0 || limbs >= ( MBEDTLS_MPI_MAX_LIMBS / 2 ) - 2 ) if (A == NULL || limbs == 0 || limbs >= (MBEDTLS_MPI_MAX_LIMBS / 2) - 2) {
goto cleanup; goto cleanup;
}
if( mbedtls_mpi_grow( &N, limbs ) ) if (mbedtls_mpi_grow(&N, limbs)) {
goto cleanup; goto cleanup;
}
memcpy( N.p, A, sizeof(mbedtls_mpi_uint) * limbs ); memcpy(N.p, A, sizeof(mbedtls_mpi_uint) * limbs);
ret = mbedtls_mpi_core_get_mont_r2_unsafe(&RR, &N); ret = mbedtls_mpi_core_get_mont_r2_unsafe(&RR, &N);
if( ret == 0 ) if (ret == 0) {
{
*X = RR.p; *X = RR.p;
RR.p = NULL; RR.p = NULL;
} }
@ -129,27 +132,26 @@ static int set_mont_const_square( const mbedtls_mpi_uint **X,
cleanup: cleanup:
mbedtls_mpi_free(&N); mbedtls_mpi_free(&N);
mbedtls_mpi_free(&RR); mbedtls_mpi_free(&RR);
ret = ( ret != 0 ) ? MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED : 0; ret = (ret != 0) ? MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED : 0;
return( ret ); return ret;
} }
int mbedtls_mpi_mod_modulus_setup( mbedtls_mpi_mod_modulus *m, int mbedtls_mpi_mod_modulus_setup(mbedtls_mpi_mod_modulus *m,
const mbedtls_mpi_uint *p, const mbedtls_mpi_uint *p,
size_t p_limbs, size_t p_limbs,
mbedtls_mpi_mod_rep_selector int_rep ) mbedtls_mpi_mod_rep_selector int_rep)
{ {
int ret = 0; int ret = 0;
m->p = p; m->p = p;
m->limbs = p_limbs; m->limbs = p_limbs;
m->bits = mbedtls_mpi_core_bitlen( p, p_limbs ); m->bits = mbedtls_mpi_core_bitlen(p, p_limbs);
switch( int_rep ) switch (int_rep) {
{
case MBEDTLS_MPI_MOD_REP_MONTGOMERY: case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
m->int_rep = int_rep; m->int_rep = int_rep;
m->rep.mont.mm = mbedtls_mpi_core_montmul_init( m->p ); m->rep.mont.mm = mbedtls_mpi_core_montmul_init(m->p);
ret = set_mont_const_square( &m->rep.mont.rr, m->p, m->limbs ); ret = set_mont_const_square(&m->rep.mont.rr, m->p, m->limbs);
break; break;
case MBEDTLS_MPI_MOD_REP_OPT_RED: case MBEDTLS_MPI_MOD_REP_OPT_RED:
m->int_rep = int_rep; m->int_rep = int_rep;
@ -162,12 +164,11 @@ int mbedtls_mpi_mod_modulus_setup( mbedtls_mpi_mod_modulus *m,
exit: exit:
if( ret != 0 ) if (ret != 0) {
{ mbedtls_mpi_mod_modulus_free(m);
mbedtls_mpi_mod_modulus_free( m );
} }
return( ret ); return ret;
} }
/* BEGIN MERGE SLOT 1 */ /* BEGIN MERGE SLOT 1 */
@ -176,129 +177,135 @@ exit:
/* BEGIN MERGE SLOT 2 */ /* BEGIN MERGE SLOT 2 */
int mbedtls_mpi_mod_mul( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_mul(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
if( N->limbs == 0 ) if (N->limbs == 0) {
return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
if( X->limbs != N->limbs || A->limbs != N->limbs || B->limbs != N->limbs ) if (X->limbs != N->limbs || A->limbs != N->limbs || B->limbs != N->limbs) {
return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
mbedtls_mpi_uint *T = mbedtls_calloc( N->limbs * 2 + 1, ciL ); mbedtls_mpi_uint *T = mbedtls_calloc(N->limbs * 2 + 1, ciL);
if( T == NULL ) if (T == NULL) {
return MBEDTLS_ERR_MPI_ALLOC_FAILED; return MBEDTLS_ERR_MPI_ALLOC_FAILED;
}
mbedtls_mpi_mod_raw_mul( X->p, A->p, B->p, N, T ); mbedtls_mpi_mod_raw_mul(X->p, A->p, B->p, N, T);
mbedtls_free( T ); mbedtls_free(T);
return( 0 ); return 0;
} }
/* END MERGE SLOT 2 */ /* END MERGE SLOT 2 */
/* BEGIN MERGE SLOT 3 */ /* BEGIN MERGE SLOT 3 */
int mbedtls_mpi_mod_sub( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_sub(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
if( X->limbs != N->limbs || A->limbs != N->limbs || B->limbs != N->limbs ) if (X->limbs != N->limbs || A->limbs != N->limbs || B->limbs != N->limbs) {
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
mbedtls_mpi_mod_raw_sub( X->p, A->p, B->p, N ); mbedtls_mpi_mod_raw_sub(X->p, A->p, B->p, N);
return( 0 ); return 0;
} }
static int mbedtls_mpi_mod_inv_mont( mbedtls_mpi_mod_residue *X, static int mbedtls_mpi_mod_inv_mont(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
mbedtls_mpi_uint *working_memory ) mbedtls_mpi_uint *working_memory)
{ {
/* Input already in Montgomery form, so there's little to do */ /* Input already in Montgomery form, so there's little to do */
mbedtls_mpi_mod_raw_inv_prime( X->p, A->p, mbedtls_mpi_mod_raw_inv_prime(X->p, A->p,
N->p, N->limbs, N->p, N->limbs,
N->rep.mont.rr, N->rep.mont.rr,
working_memory ); working_memory);
return( 0 ); return 0;
} }
static int mbedtls_mpi_mod_inv_non_mont( mbedtls_mpi_mod_residue *X, static int mbedtls_mpi_mod_inv_non_mont(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
mbedtls_mpi_uint *working_memory ) mbedtls_mpi_uint *working_memory)
{ {
/* Need to convert input into Montgomery form */ /* Need to convert input into Montgomery form */
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_mpi_mod_modulus Nmont; mbedtls_mpi_mod_modulus Nmont;
mbedtls_mpi_mod_modulus_init( &Nmont ); mbedtls_mpi_mod_modulus_init(&Nmont);
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_modulus_setup( &Nmont, N->p, N->limbs, MBEDTLS_MPI_CHK(mbedtls_mpi_mod_modulus_setup(&Nmont, N->p, N->limbs,
MBEDTLS_MPI_MOD_REP_MONTGOMERY ) ); MBEDTLS_MPI_MOD_REP_MONTGOMERY));
/* We'll use X->p to hold the Montgomery form of the input A->p */ /* We'll use X->p to hold the Montgomery form of the input A->p */
mbedtls_mpi_core_to_mont_rep( X->p, A->p, Nmont.p, Nmont.limbs, mbedtls_mpi_core_to_mont_rep(X->p, A->p, Nmont.p, Nmont.limbs,
Nmont.rep.mont.mm, Nmont.rep.mont.rr, Nmont.rep.mont.mm, Nmont.rep.mont.rr,
working_memory ); working_memory);
mbedtls_mpi_mod_raw_inv_prime( X->p, X->p, mbedtls_mpi_mod_raw_inv_prime(X->p, X->p,
Nmont.p, Nmont.limbs, Nmont.p, Nmont.limbs,
Nmont.rep.mont.rr, Nmont.rep.mont.rr,
working_memory ); working_memory);
/* And convert back from Montgomery form */ /* And convert back from Montgomery form */
mbedtls_mpi_core_from_mont_rep( X->p, X->p, Nmont.p, Nmont.limbs, mbedtls_mpi_core_from_mont_rep(X->p, X->p, Nmont.p, Nmont.limbs,
Nmont.rep.mont.mm, working_memory ); Nmont.rep.mont.mm, working_memory);
cleanup: cleanup:
mbedtls_mpi_mod_modulus_free( &Nmont ); mbedtls_mpi_mod_modulus_free(&Nmont);
return( ret ); return ret;
} }
int mbedtls_mpi_mod_inv( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_inv(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
if( X->limbs != N->limbs || A->limbs != N->limbs ) if (X->limbs != N->limbs || A->limbs != N->limbs) {
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
/* Zero has the same value regardless of Montgomery form or not */ /* Zero has the same value regardless of Montgomery form or not */
if( mbedtls_mpi_core_check_zero_ct( A->p, A->limbs ) == 0 ) if (mbedtls_mpi_core_check_zero_ct(A->p, A->limbs) == 0) {
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
size_t working_limbs = size_t working_limbs =
mbedtls_mpi_mod_raw_inv_prime_working_limbs( N->limbs ); mbedtls_mpi_mod_raw_inv_prime_working_limbs(N->limbs);
mbedtls_mpi_uint *working_memory = mbedtls_calloc( working_limbs, mbedtls_mpi_uint *working_memory = mbedtls_calloc(working_limbs,
sizeof(mbedtls_mpi_uint) ); sizeof(mbedtls_mpi_uint));
if( working_memory == NULL ) if (working_memory == NULL) {
return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); return MBEDTLS_ERR_MPI_ALLOC_FAILED;
}
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
switch( N->int_rep ) switch (N->int_rep) {
{
case MBEDTLS_MPI_MOD_REP_MONTGOMERY: case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
ret = mbedtls_mpi_mod_inv_mont( X, A, N, working_memory ); ret = mbedtls_mpi_mod_inv_mont(X, A, N, working_memory);
break; break;
case MBEDTLS_MPI_MOD_REP_OPT_RED: case MBEDTLS_MPI_MOD_REP_OPT_RED:
ret = mbedtls_mpi_mod_inv_non_mont( X, A, N, working_memory ); ret = mbedtls_mpi_mod_inv_non_mont(X, A, N, working_memory);
break; break;
default: default:
ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
break; break;
} }
mbedtls_platform_zeroize( working_memory, mbedtls_platform_zeroize(working_memory,
working_limbs * sizeof(mbedtls_mpi_uint) ); working_limbs * sizeof(mbedtls_mpi_uint));
mbedtls_free( working_memory ); mbedtls_free(working_memory);
return ret; return ret;
} }
@ -309,99 +316,106 @@ int mbedtls_mpi_mod_inv( mbedtls_mpi_mod_residue *X,
/* END MERGE SLOT 4 */ /* END MERGE SLOT 4 */
/* BEGIN MERGE SLOT 5 */ /* BEGIN MERGE SLOT 5 */
int mbedtls_mpi_mod_add( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_add(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
if( X->limbs != N->limbs || A->limbs != N->limbs || B->limbs != N->limbs ) if (X->limbs != N->limbs || A->limbs != N->limbs || B->limbs != N->limbs) {
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
}
mbedtls_mpi_mod_raw_add(X->p, A->p, B->p, N); mbedtls_mpi_mod_raw_add(X->p, A->p, B->p, N);
return( 0 ); return 0;
} }
/* END MERGE SLOT 5 */ /* END MERGE SLOT 5 */
/* BEGIN MERGE SLOT 6 */ /* BEGIN MERGE SLOT 6 */
int mbedtls_mpi_mod_random( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_random(mbedtls_mpi_mod_residue *X,
mbedtls_mpi_uint min, mbedtls_mpi_uint min,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng)
{ {
if( X->limbs != N->limbs ) if (X->limbs != N->limbs) {
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
return( mbedtls_mpi_mod_raw_random( X->p, min, N, f_rng, p_rng ) ); }
return mbedtls_mpi_mod_raw_random(X->p, min, N, f_rng, p_rng);
} }
/* END MERGE SLOT 6 */ /* END MERGE SLOT 6 */
/* BEGIN MERGE SLOT 7 */ /* BEGIN MERGE SLOT 7 */
int mbedtls_mpi_mod_read( mbedtls_mpi_mod_residue *r, int mbedtls_mpi_mod_read(mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
mbedtls_mpi_mod_ext_rep ext_rep ) mbedtls_mpi_mod_ext_rep ext_rep)
{ {
int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
/* Do our best to check if r and m have been set up */ /* Do our best to check if r and m have been set up */
if( r->limbs == 0 || m->limbs == 0 ) if (r->limbs == 0 || m->limbs == 0) {
goto cleanup; goto cleanup;
if( r->limbs != m->limbs ) }
if (r->limbs != m->limbs) {
goto cleanup; goto cleanup;
}
ret = mbedtls_mpi_mod_raw_read( r->p, m, buf, buflen, ext_rep ); ret = mbedtls_mpi_mod_raw_read(r->p, m, buf, buflen, ext_rep);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
r->limbs = m->limbs; r->limbs = m->limbs;
ret = mbedtls_mpi_mod_raw_canonical_to_modulus_rep( r->p, m ); ret = mbedtls_mpi_mod_raw_canonical_to_modulus_rep(r->p, m);
cleanup: cleanup:
return ( ret ); return ret;
} }
int mbedtls_mpi_mod_write( const mbedtls_mpi_mod_residue *r, int mbedtls_mpi_mod_write(const mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
unsigned char *buf, unsigned char *buf,
size_t buflen, size_t buflen,
mbedtls_mpi_mod_ext_rep ext_rep ) mbedtls_mpi_mod_ext_rep ext_rep)
{ {
int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
/* Do our best to check if r and m have been set up */ /* Do our best to check if r and m have been set up */
if( r->limbs == 0 || m->limbs == 0 ) if (r->limbs == 0 || m->limbs == 0) {
goto cleanup; goto cleanup;
if( r->limbs != m->limbs ) }
if (r->limbs != m->limbs) {
goto cleanup; goto cleanup;
if( m->int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY )
{
ret = mbedtls_mpi_mod_raw_from_mont_rep( r->p, m );
if( ret != 0 )
goto cleanup;
} }
ret = mbedtls_mpi_mod_raw_write( r->p, m, buf, buflen, ext_rep ); if (m->int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY) {
ret = mbedtls_mpi_mod_raw_from_mont_rep(r->p, m);
if (ret != 0) {
goto cleanup;
}
}
if( m->int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY ) ret = mbedtls_mpi_mod_raw_write(r->p, m, buf, buflen, ext_rep);
{
if (m->int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY) {
/* If this fails, the value of r is corrupted and we want to return /* If this fails, the value of r is corrupted and we want to return
* this error (as opposed to the error code from the write above) to * this error (as opposed to the error code from the write above) to
* let the caller know. If it succeeds, we want to return the error * let the caller know. If it succeeds, we want to return the error
* code from write above. */ * code from write above. */
int conv_ret = mbedtls_mpi_mod_raw_to_mont_rep( r->p, m ); int conv_ret = mbedtls_mpi_mod_raw_to_mont_rep(r->p, m);
if( ret == 0 ) if (ret == 0) {
ret = conv_ret; ret = conv_ret;
}
} }
cleanup: cleanup:
return ( ret ); return ret;
} }
/* END MERGE SLOT 7 */ /* END MERGE SLOT 7 */

94
library/bignum_mod.h
View File

@ -92,8 +92,7 @@
* This also determines which fields of the modulus structure are valid and * This also determines which fields of the modulus structure are valid and
* what their contents are (see #mbedtls_mpi_mod_modulus). * what their contents are (see #mbedtls_mpi_mod_modulus).
*/ */
typedef enum typedef enum {
{
/** Representation not chosen (makes the modulus structure invalid). */ /** Representation not chosen (makes the modulus structure invalid). */
MBEDTLS_MPI_MOD_REP_INVALID = 0, MBEDTLS_MPI_MOD_REP_INVALID = 0,
/* Skip 1 as it is slightly easier to accidentally pass to functions. */ /* Skip 1 as it is slightly easier to accidentally pass to functions. */
@ -108,15 +107,13 @@ typedef enum
/* Make mbedtls_mpi_mod_rep_selector and mbedtls_mpi_mod_ext_rep disjoint to /* Make mbedtls_mpi_mod_rep_selector and mbedtls_mpi_mod_ext_rep disjoint to
* make it easier to catch when they are accidentally swapped. */ * make it easier to catch when they are accidentally swapped. */
typedef enum typedef enum {
{
MBEDTLS_MPI_MOD_EXT_REP_INVALID = 0, MBEDTLS_MPI_MOD_EXT_REP_INVALID = 0,
MBEDTLS_MPI_MOD_EXT_REP_LE = 8, MBEDTLS_MPI_MOD_EXT_REP_LE = 8,
MBEDTLS_MPI_MOD_EXT_REP_BE MBEDTLS_MPI_MOD_EXT_REP_BE
} mbedtls_mpi_mod_ext_rep; } mbedtls_mpi_mod_ext_rep;
typedef struct typedef struct {
{
mbedtls_mpi_uint *p; mbedtls_mpi_uint *p;
size_t limbs; size_t limbs;
} mbedtls_mpi_mod_residue; } mbedtls_mpi_mod_residue;
@ -133,8 +130,7 @@ typedef struct {
size_t limbs; // number of limbs size_t limbs; // number of limbs
size_t bits; // bitlen of p size_t bits; // bitlen of p
mbedtls_mpi_mod_rep_selector int_rep; // selector to signal the active member of the union mbedtls_mpi_mod_rep_selector int_rep; // selector to signal the active member of the union
union rep union rep {
{
/* if int_rep == #MBEDTLS_MPI_MOD_REP_MONTGOMERY */ /* if int_rep == #MBEDTLS_MPI_MOD_REP_MONTGOMERY */
mbedtls_mpi_mont_struct mont; mbedtls_mpi_mont_struct mont;
/* if int_rep == #MBEDTLS_MPI_MOD_REP_OPT_RED */ /* if int_rep == #MBEDTLS_MPI_MOD_REP_OPT_RED */
@ -170,10 +166,10 @@ typedef struct {
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p p_limbs is less than the * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p p_limbs is less than the
* limbs in \p m or if \p p is not less than \p m. * limbs in \p m or if \p p is not less than \p m.
*/ */
int mbedtls_mpi_mod_residue_setup( mbedtls_mpi_mod_residue *r, int mbedtls_mpi_mod_residue_setup(mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
mbedtls_mpi_uint *p, mbedtls_mpi_uint *p,
size_t p_limbs ); size_t p_limbs);
/** Unbind elements of a residue structure. /** Unbind elements of a residue structure.
* *
@ -185,13 +181,13 @@ int mbedtls_mpi_mod_residue_setup( mbedtls_mpi_mod_residue *r,
* *
* \param[out] r The address of residue to release. * \param[out] r The address of residue to release.
*/ */
void mbedtls_mpi_mod_residue_release( mbedtls_mpi_mod_residue *r ); void mbedtls_mpi_mod_residue_release(mbedtls_mpi_mod_residue *r);
/** Initialize a modulus structure. /** Initialize a modulus structure.
* *
* \param[out] m The address of the modulus structure to initialize. * \param[out] m The address of the modulus structure to initialize.
*/ */
void mbedtls_mpi_mod_modulus_init( mbedtls_mpi_mod_modulus *m ); void mbedtls_mpi_mod_modulus_init(mbedtls_mpi_mod_modulus *m);
/** Setup a modulus structure. /** Setup a modulus structure.
* *
@ -207,10 +203,10 @@ void mbedtls_mpi_mod_modulus_init( mbedtls_mpi_mod_modulus *m );
* \return \c 0 if successful. * \return \c 0 if successful.
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p int_rep is invalid. * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p int_rep is invalid.
*/ */
int mbedtls_mpi_mod_modulus_setup( mbedtls_mpi_mod_modulus *m, int mbedtls_mpi_mod_modulus_setup(mbedtls_mpi_mod_modulus *m,
const mbedtls_mpi_uint *p, const mbedtls_mpi_uint *p,
size_t p_limbs, size_t p_limbs,
mbedtls_mpi_mod_rep_selector int_rep ); mbedtls_mpi_mod_rep_selector int_rep);
/** Free elements of a modulus structure. /** Free elements of a modulus structure.
* *
@ -222,7 +218,7 @@ int mbedtls_mpi_mod_modulus_setup( mbedtls_mpi_mod_modulus *m,
* *
* \param[in,out] m The address of the modulus structure to free. * \param[in,out] m The address of the modulus structure to free.
*/ */
void mbedtls_mpi_mod_modulus_free( mbedtls_mpi_mod_modulus *m ); void mbedtls_mpi_mod_modulus_free(mbedtls_mpi_mod_modulus *m);
/* BEGIN MERGE SLOT 1 */ /* BEGIN MERGE SLOT 1 */
@ -259,10 +255,10 @@ void mbedtls_mpi_mod_modulus_free( mbedtls_mpi_mod_modulus *m );
* have the same number of limbs or \p N is invalid. * have the same number of limbs or \p N is invalid.
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
*/ */
int mbedtls_mpi_mod_mul( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_mul(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/* END MERGE SLOT 2 */ /* END MERGE SLOT 2 */
@ -292,10 +288,10 @@ int mbedtls_mpi_mod_mul( mbedtls_mpi_mod_residue *X,
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the given MPIs do not * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the given MPIs do not
* have the correct number of limbs. * have the correct number of limbs.
*/ */
int mbedtls_mpi_mod_sub( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_sub(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/** /**
* \brief Perform modular inversion of an MPI with respect to a modulus \p N. * \brief Perform modular inversion of an MPI with respect to a modulus \p N.
@ -322,9 +318,9 @@ int mbedtls_mpi_mod_sub( mbedtls_mpi_mod_residue *X,
* by the inversion calculation itself). * by the inversion calculation itself).
*/ */
int mbedtls_mpi_mod_inv( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_inv(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/* END MERGE SLOT 3 */ /* END MERGE SLOT 3 */
/* BEGIN MERGE SLOT 4 */ /* BEGIN MERGE SLOT 4 */
@ -358,10 +354,10 @@ int mbedtls_mpi_mod_inv( mbedtls_mpi_mod_residue *X,
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the given MPIs do not * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the given MPIs do not
* have the correct number of limbs. * have the correct number of limbs.
*/ */
int mbedtls_mpi_mod_add( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_add(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/* END MERGE SLOT 5 */ /* END MERGE SLOT 5 */
/* BEGIN MERGE SLOT 6 */ /* BEGIN MERGE SLOT 6 */
@ -393,11 +389,11 @@ int mbedtls_mpi_mod_add( mbedtls_mpi_mod_residue *X,
* is significantly larger than \p min, which is the case * is significantly larger than \p min, which is the case
* for all usual cryptographic applications. * for all usual cryptographic applications.
*/ */
int mbedtls_mpi_mod_random( mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_random(mbedtls_mpi_mod_residue *X,
mbedtls_mpi_uint min, mbedtls_mpi_uint min,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/* END MERGE SLOT 6 */ /* END MERGE SLOT 6 */
@ -425,11 +421,11 @@ int mbedtls_mpi_mod_random( mbedtls_mpi_mod_residue *X,
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p ext_rep * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p ext_rep
* is invalid or the value in the buffer is not less than \p m. * is invalid or the value in the buffer is not less than \p m.
*/ */
int mbedtls_mpi_mod_read( mbedtls_mpi_mod_residue *r, int mbedtls_mpi_mod_read(mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
const unsigned char *buf, const unsigned char *buf,
size_t buflen, size_t buflen,
mbedtls_mpi_mod_ext_rep ext_rep ); mbedtls_mpi_mod_ext_rep ext_rep);
/** Write a residue into a byte buffer. /** Write a residue into a byte buffer.
* *
@ -463,11 +459,11 @@ int mbedtls_mpi_mod_read( mbedtls_mpi_mod_residue *r,
* memory for conversion. Can occur only for moduli with * memory for conversion. Can occur only for moduli with
* MBEDTLS_MPI_MOD_REP_MONTGOMERY. * MBEDTLS_MPI_MOD_REP_MONTGOMERY.
*/ */
int mbedtls_mpi_mod_write( const mbedtls_mpi_mod_residue *r, int mbedtls_mpi_mod_write(const mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
unsigned char *buf, unsigned char *buf,
size_t buflen, size_t buflen,
mbedtls_mpi_mod_ext_rep ext_rep ); mbedtls_mpi_mod_ext_rep ext_rep);
/* END MERGE SLOT 7 */ /* END MERGE SLOT 7 */
/* BEGIN MERGE SLOT 8 */ /* BEGIN MERGE SLOT 8 */

233
library/bignum_mod_raw.c
View File

@ -33,74 +33,72 @@
#include "bignum_mod.h" #include "bignum_mod.h"
#include "constant_time_internal.h" #include "constant_time_internal.h"
void mbedtls_mpi_mod_raw_cond_assign( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_cond_assign(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
unsigned char assign ) unsigned char assign)
{ {
mbedtls_mpi_core_cond_assign( X, A, N->limbs, assign ); mbedtls_mpi_core_cond_assign(X, A, N->limbs, assign);
} }
void mbedtls_mpi_mod_raw_cond_swap( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_cond_swap(mbedtls_mpi_uint *X,
mbedtls_mpi_uint *Y, mbedtls_mpi_uint *Y,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
unsigned char swap ) unsigned char swap)
{ {
mbedtls_mpi_core_cond_swap( X, Y, N->limbs, swap ); mbedtls_mpi_core_cond_swap(X, Y, N->limbs, swap);
} }
int mbedtls_mpi_mod_raw_read( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_read(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
const unsigned char *input, const unsigned char *input,
size_t input_length, size_t input_length,
mbedtls_mpi_mod_ext_rep ext_rep ) mbedtls_mpi_mod_ext_rep ext_rep)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
switch( ext_rep ) switch (ext_rep) {
{
case MBEDTLS_MPI_MOD_EXT_REP_LE: case MBEDTLS_MPI_MOD_EXT_REP_LE:
ret = mbedtls_mpi_core_read_le( X, m->limbs, ret = mbedtls_mpi_core_read_le(X, m->limbs,
input, input_length ); input, input_length);
break; break;
case MBEDTLS_MPI_MOD_EXT_REP_BE: case MBEDTLS_MPI_MOD_EXT_REP_BE:
ret = mbedtls_mpi_core_read_be( X, m->limbs, ret = mbedtls_mpi_core_read_be(X, m->limbs,
input, input_length ); input, input_length);
break; break;
default: default:
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
} }
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
if( !mbedtls_mpi_core_lt_ct( X, m->p, m->limbs ) ) if (!mbedtls_mpi_core_lt_ct(X, m->p, m->limbs)) {
{
ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
goto cleanup; goto cleanup;
} }
cleanup: cleanup:
return( ret ); return ret;
} }
int mbedtls_mpi_mod_raw_write( const mbedtls_mpi_uint *A, int mbedtls_mpi_mod_raw_write(const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
unsigned char *output, unsigned char *output,
size_t output_length, size_t output_length,
mbedtls_mpi_mod_ext_rep ext_rep ) mbedtls_mpi_mod_ext_rep ext_rep)
{ {
switch( ext_rep ) switch (ext_rep) {
{
case MBEDTLS_MPI_MOD_EXT_REP_LE: case MBEDTLS_MPI_MOD_EXT_REP_LE:
return( mbedtls_mpi_core_write_le( A, m->limbs, return mbedtls_mpi_core_write_le(A, m->limbs,
output, output_length ) ); output, output_length);
case MBEDTLS_MPI_MOD_EXT_REP_BE: case MBEDTLS_MPI_MOD_EXT_REP_BE:
return( mbedtls_mpi_core_write_be( A, m->limbs, return mbedtls_mpi_core_write_be(A, m->limbs,
output, output_length ) ); output, output_length);
default: default:
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
} }
} }
@ -110,45 +108,45 @@ int mbedtls_mpi_mod_raw_write( const mbedtls_mpi_uint *A,
/* BEGIN MERGE SLOT 2 */ /* BEGIN MERGE SLOT 2 */
void mbedtls_mpi_mod_raw_sub( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_sub(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
mbedtls_mpi_uint c = mbedtls_mpi_core_sub( X, A, B, N->limbs ); mbedtls_mpi_uint c = mbedtls_mpi_core_sub(X, A, B, N->limbs);
(void) mbedtls_mpi_core_add_if( X, N->p, N->limbs, (unsigned) c ); (void) mbedtls_mpi_core_add_if(X, N->p, N->limbs, (unsigned) c);
} }
void mbedtls_mpi_mod_raw_mul( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_mul(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
mbedtls_mpi_uint *T ) mbedtls_mpi_uint *T)
{ {
mbedtls_mpi_core_montmul( X, A, B, N->limbs, N->p, N->limbs, mbedtls_mpi_core_montmul(X, A, B, N->limbs, N->p, N->limbs,
N->rep.mont.mm, T ); N->rep.mont.mm, T);
} }
/* END MERGE SLOT 2 */ /* END MERGE SLOT 2 */
/* BEGIN MERGE SLOT 3 */ /* BEGIN MERGE SLOT 3 */
size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs( size_t AN_limbs ) size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs(size_t AN_limbs)
{ {
/* mbedtls_mpi_mod_raw_inv_prime() needs a temporary for the exponent, /* mbedtls_mpi_mod_raw_inv_prime() needs a temporary for the exponent,
* which will be the same size as the modulus and input (AN_limbs), * which will be the same size as the modulus and input (AN_limbs),
* and additional space to pass to mbedtls_mpi_core_exp_mod(). */ * and additional space to pass to mbedtls_mpi_core_exp_mod(). */
return( AN_limbs + return AN_limbs +
mbedtls_mpi_core_exp_mod_working_limbs( AN_limbs, AN_limbs ) ); mbedtls_mpi_core_exp_mod_working_limbs(AN_limbs, AN_limbs);
} }
void mbedtls_mpi_mod_raw_inv_prime( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_inv_prime(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *N, const mbedtls_mpi_uint *N,
size_t AN_limbs, size_t AN_limbs,
const mbedtls_mpi_uint *RR, const mbedtls_mpi_uint *RR,
mbedtls_mpi_uint *T ) mbedtls_mpi_uint *T)
{ {
/* Inversion by power: g^|G| = 1 => g^(-1) = g^(|G|-1), and /* Inversion by power: g^|G| = 1 => g^(-1) = g^(|G|-1), and
* |G| = N - 1, so we want * |G| = N - 1, so we want
@ -157,12 +155,12 @@ void mbedtls_mpi_mod_raw_inv_prime( mbedtls_mpi_uint *X,
/* Use the first AN_limbs of T to hold N - 2 */ /* Use the first AN_limbs of T to hold N - 2 */
mbedtls_mpi_uint *Nminus2 = T; mbedtls_mpi_uint *Nminus2 = T;
(void) mbedtls_mpi_core_sub_int( Nminus2, N, 2, AN_limbs ); (void) mbedtls_mpi_core_sub_int(Nminus2, N, 2, AN_limbs);
/* Rest of T is given to exp_mod for its working space */ /* Rest of T is given to exp_mod for its working space */
mbedtls_mpi_core_exp_mod( X, mbedtls_mpi_core_exp_mod(X,
A, N, AN_limbs, Nminus2, AN_limbs, A, N, AN_limbs, Nminus2, AN_limbs,
RR, T + AN_limbs ); RR, T + AN_limbs);
} }
/* END MERGE SLOT 3 */ /* END MERGE SLOT 3 */
@ -172,15 +170,15 @@ void mbedtls_mpi_mod_raw_inv_prime( mbedtls_mpi_uint *X,
/* END MERGE SLOT 4 */ /* END MERGE SLOT 4 */
/* BEGIN MERGE SLOT 5 */ /* BEGIN MERGE SLOT 5 */
void mbedtls_mpi_mod_raw_add( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_add(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
mbedtls_mpi_uint carry, borrow; mbedtls_mpi_uint carry, borrow;
carry = mbedtls_mpi_core_add( X, A, B, N->limbs ); carry = mbedtls_mpi_core_add(X, A, B, N->limbs);
borrow = mbedtls_mpi_core_sub( X, X, N->p, N->limbs ); borrow = mbedtls_mpi_core_sub(X, X, N->p, N->limbs);
(void) mbedtls_mpi_core_add_if( X, N->p, N->limbs, (unsigned) ( carry ^ borrow ) ); (void) mbedtls_mpi_core_add_if(X, N->p, N->limbs, (unsigned) (carry ^ borrow));
} }
/* END MERGE SLOT 5 */ /* END MERGE SLOT 5 */
@ -188,92 +186,93 @@ void mbedtls_mpi_mod_raw_add( mbedtls_mpi_uint *X,
int mbedtls_mpi_mod_raw_canonical_to_modulus_rep( int mbedtls_mpi_mod_raw_canonical_to_modulus_rep(
mbedtls_mpi_uint *X, mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
switch( N->int_rep ) switch (N->int_rep) {
{
case MBEDTLS_MPI_MOD_REP_MONTGOMERY: case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
return( mbedtls_mpi_mod_raw_to_mont_rep( X, N ) ); return mbedtls_mpi_mod_raw_to_mont_rep(X, N);
case MBEDTLS_MPI_MOD_REP_OPT_RED: case MBEDTLS_MPI_MOD_REP_OPT_RED:
return( 0 ); return 0;
default: default:
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
} }
} }
int mbedtls_mpi_mod_raw_modulus_to_canonical_rep( int mbedtls_mpi_mod_raw_modulus_to_canonical_rep(
mbedtls_mpi_uint *X, mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *N ) const mbedtls_mpi_mod_modulus *N)
{ {
switch( N->int_rep ) switch (N->int_rep) {
{
case MBEDTLS_MPI_MOD_REP_MONTGOMERY: case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
return( mbedtls_mpi_mod_raw_from_mont_rep( X, N ) ); return mbedtls_mpi_mod_raw_from_mont_rep(X, N);
case MBEDTLS_MPI_MOD_REP_OPT_RED: case MBEDTLS_MPI_MOD_REP_OPT_RED:
return( 0 ); return 0;
default: default:
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
} }
} }
int mbedtls_mpi_mod_raw_random( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_random(mbedtls_mpi_uint *X,
mbedtls_mpi_uint min, mbedtls_mpi_uint min,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng)
{ {
int ret = mbedtls_mpi_core_random( X, min, N->p, N->limbs, f_rng, p_rng ); int ret = mbedtls_mpi_core_random(X, min, N->p, N->limbs, f_rng, p_rng);
if( ret != 0 ) if (ret != 0) {
return( ret ); return ret;
return( mbedtls_mpi_mod_raw_canonical_to_modulus_rep( X, N ) ); }
return mbedtls_mpi_mod_raw_canonical_to_modulus_rep(X, N);
} }
/* END MERGE SLOT 6 */ /* END MERGE SLOT 6 */
/* BEGIN MERGE SLOT 7 */ /* BEGIN MERGE SLOT 7 */
int mbedtls_mpi_mod_raw_to_mont_rep( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_to_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *m ) const mbedtls_mpi_mod_modulus *m)
{ {
mbedtls_mpi_uint *T; mbedtls_mpi_uint *T;
const size_t t_limbs = mbedtls_mpi_core_montmul_working_limbs( m->limbs ); const size_t t_limbs = mbedtls_mpi_core_montmul_working_limbs(m->limbs);
if( ( T = (mbedtls_mpi_uint *) mbedtls_calloc( t_limbs, ciL ) ) == NULL ) if ((T = (mbedtls_mpi_uint *) mbedtls_calloc(t_limbs, ciL)) == NULL) {
return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); return MBEDTLS_ERR_MPI_ALLOC_FAILED;
}
mbedtls_mpi_core_to_mont_rep( X, X, m->p, m->limbs, mbedtls_mpi_core_to_mont_rep(X, X, m->p, m->limbs,
m->rep.mont.mm, m->rep.mont.rr, T ); m->rep.mont.mm, m->rep.mont.rr, T);
mbedtls_platform_zeroize( T, t_limbs * ciL ); mbedtls_platform_zeroize(T, t_limbs * ciL);
mbedtls_free( T ); mbedtls_free(T);
return( 0 ); return 0;
} }
int mbedtls_mpi_mod_raw_from_mont_rep( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_from_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *m ) const mbedtls_mpi_mod_modulus *m)
{ {
const size_t t_limbs = mbedtls_mpi_core_montmul_working_limbs( m->limbs ); const size_t t_limbs = mbedtls_mpi_core_montmul_working_limbs(m->limbs);
mbedtls_mpi_uint *T; mbedtls_mpi_uint *T;
if( ( T = (mbedtls_mpi_uint *) mbedtls_calloc( t_limbs, ciL ) ) == NULL ) if ((T = (mbedtls_mpi_uint *) mbedtls_calloc(t_limbs, ciL)) == NULL) {
return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); return MBEDTLS_ERR_MPI_ALLOC_FAILED;
}
mbedtls_mpi_core_from_mont_rep( X, X, m->p, m->limbs, m->rep.mont.mm, T ); mbedtls_mpi_core_from_mont_rep(X, X, m->p, m->limbs, m->rep.mont.mm, T);
mbedtls_platform_zeroize( T, t_limbs * ciL ); mbedtls_platform_zeroize(T, t_limbs * ciL);
mbedtls_free( T ); mbedtls_free(T);
return( 0 ); return 0;
} }
void mbedtls_mpi_mod_raw_neg( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_neg(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *m ) const mbedtls_mpi_mod_modulus *m)
{ {
mbedtls_mpi_core_sub( X, m->p, A, m->limbs ); mbedtls_mpi_core_sub(X, m->p, A, m->limbs);
/* If A=0 initially, then X=N now. Detect this by /* If A=0 initially, then X=N now. Detect this by
* subtracting N and catching the carry. */ * subtracting N and catching the carry. */
mbedtls_mpi_uint borrow = mbedtls_mpi_core_sub( X, X, m->p, m->limbs ); mbedtls_mpi_uint borrow = mbedtls_mpi_core_sub(X, X, m->p, m->limbs);
(void) mbedtls_mpi_core_add_if( X, m->p, m->limbs, (unsigned) borrow ); (void) mbedtls_mpi_core_add_if(X, m->p, m->limbs, (unsigned) borrow);
} }
/* END MERGE SLOT 7 */ /* END MERGE SLOT 7 */

104
library/bignum_mod_raw.h
View File

@ -109,10 +109,10 @@
* is indeterminate, and the resulting value in \p X might be * is indeterminate, and the resulting value in \p X might be
* neither its original value nor the value in \p A. * neither its original value nor the value in \p A.
*/ */
void mbedtls_mpi_mod_raw_cond_assign( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_cond_assign(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
unsigned char assign ); unsigned char assign);
/** /**
* \brief Perform a safe conditional swap of two MPIs which doesn't reveal * \brief Perform a safe conditional swap of two MPIs which doesn't reveal
@ -135,10 +135,10 @@ void mbedtls_mpi_mod_raw_cond_assign( mbedtls_mpi_uint *X,
* is indeterminate, and both \p X and \p Y might end up with * is indeterminate, and both \p X and \p Y might end up with
* values different to either of the original ones. * values different to either of the original ones.
*/ */
void mbedtls_mpi_mod_raw_cond_swap( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_cond_swap(mbedtls_mpi_uint *X,
mbedtls_mpi_uint *Y, mbedtls_mpi_uint *Y,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
unsigned char swap ); unsigned char swap);
/** Import X from unsigned binary data. /** Import X from unsigned binary data.
* *
@ -159,11 +159,11 @@ void mbedtls_mpi_mod_raw_cond_swap( mbedtls_mpi_uint *X,
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the external representation * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the external representation
* of \p m is invalid or \p X is not less than \p m. * of \p m is invalid or \p X is not less than \p m.
*/ */
int mbedtls_mpi_mod_raw_read( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_read(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
const unsigned char *input, const unsigned char *input,
size_t input_length, size_t input_length,
mbedtls_mpi_mod_ext_rep ext_rep ); mbedtls_mpi_mod_ext_rep ext_rep);
/** Export A into unsigned binary data. /** Export A into unsigned binary data.
* *
@ -181,11 +181,11 @@ int mbedtls_mpi_mod_raw_read( mbedtls_mpi_uint *X,
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the external representation * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the external representation
* of \p m is invalid. * of \p m is invalid.
*/ */
int mbedtls_mpi_mod_raw_write( const mbedtls_mpi_uint *A, int mbedtls_mpi_mod_raw_write(const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *m, const mbedtls_mpi_mod_modulus *m,
unsigned char *output, unsigned char *output,
size_t output_length, size_t output_length,
mbedtls_mpi_mod_ext_rep ext_rep ); mbedtls_mpi_mod_ext_rep ext_rep);
/* BEGIN MERGE SLOT 1 */ /* BEGIN MERGE SLOT 1 */
@ -210,10 +210,10 @@ int mbedtls_mpi_mod_raw_write( const mbedtls_mpi_uint *A,
* \param[in] N The address of the modulus. Used to perform a modulo * \param[in] N The address of the modulus. Used to perform a modulo
* operation on the result of the subtraction. * operation on the result of the subtraction.
*/ */
void mbedtls_mpi_mod_raw_sub( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_sub(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/** \brief Multiply two MPIs, returning the residue modulo the specified /** \brief Multiply two MPIs, returning the residue modulo the specified
* modulus. * modulus.
@ -244,11 +244,11 @@ void mbedtls_mpi_mod_raw_sub( mbedtls_mpi_uint *X,
* It must not alias or otherwise overlap any of the * It must not alias or otherwise overlap any of the
* other parameters. * other parameters.
*/ */
void mbedtls_mpi_mod_raw_mul( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_mul(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
mbedtls_mpi_uint *T ); mbedtls_mpi_uint *T);
/* END MERGE SLOT 2 */ /* END MERGE SLOT 2 */
@ -269,7 +269,7 @@ void mbedtls_mpi_mod_raw_mul( mbedtls_mpi_uint *X,
* \return The number of limbs of working memory required by * \return The number of limbs of working memory required by
* `mbedtls_mpi_mod_raw_inv_prime()`. * `mbedtls_mpi_mod_raw_inv_prime()`.
*/ */
size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs( size_t AN_limbs ); size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs(size_t AN_limbs);
/** /**
* \brief Perform fixed-width modular inversion of a Montgomery-form MPI with * \brief Perform fixed-width modular inversion of a Montgomery-form MPI with
@ -296,12 +296,12 @@ size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs( size_t AN_limbs );
* longer needed, and before freeing it if it was dynamically * longer needed, and before freeing it if it was dynamically
* allocated. * allocated.
*/ */
void mbedtls_mpi_mod_raw_inv_prime( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_inv_prime(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *N, const mbedtls_mpi_uint *N,
size_t AN_limbs, size_t AN_limbs,
const mbedtls_mpi_uint *RR, const mbedtls_mpi_uint *RR,
mbedtls_mpi_uint *T ); mbedtls_mpi_uint *T);
/* END MERGE SLOT 3 */ /* END MERGE SLOT 3 */
@ -328,10 +328,10 @@ void mbedtls_mpi_mod_raw_inv_prime( mbedtls_mpi_uint *X,
* must be smaller than \p N. * must be smaller than \p N.
* \param[in] N The address of the modulus. * \param[in] N The address of the modulus.
*/ */
void mbedtls_mpi_mod_raw_add( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_add(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B, const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/* END MERGE SLOT 5 */ /* END MERGE SLOT 5 */
/* BEGIN MERGE SLOT 6 */ /* BEGIN MERGE SLOT 6 */
@ -351,7 +351,7 @@ void mbedtls_mpi_mod_raw_add( mbedtls_mpi_uint *X,
*/ */
int mbedtls_mpi_mod_raw_canonical_to_modulus_rep( int mbedtls_mpi_mod_raw_canonical_to_modulus_rep(
mbedtls_mpi_uint *X, mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/** Convert an MPI from the representation associated with the modulus /** Convert an MPI from the representation associated with the modulus
* to canonical representation (little-endian limb array). * to canonical representation (little-endian limb array).
@ -368,7 +368,7 @@ int mbedtls_mpi_mod_raw_canonical_to_modulus_rep(
*/ */
int mbedtls_mpi_mod_raw_modulus_to_canonical_rep( int mbedtls_mpi_mod_raw_modulus_to_canonical_rep(
mbedtls_mpi_uint *X, mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *N ); const mbedtls_mpi_mod_modulus *N);
/** Generate a random number uniformly in a range. /** Generate a random number uniformly in a range.
* *
@ -398,11 +398,11 @@ int mbedtls_mpi_mod_raw_modulus_to_canonical_rep(
* is significantly larger than \p min, which is the case * is significantly larger than \p min, which is the case
* for all usual cryptographic applications. * for all usual cryptographic applications.
*/ */
int mbedtls_mpi_mod_raw_random( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_random(mbedtls_mpi_uint *X,
mbedtls_mpi_uint min, mbedtls_mpi_uint min,
const mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_mod_modulus *N,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng);
/* END MERGE SLOT 6 */ /* END MERGE SLOT 6 */
@ -416,8 +416,8 @@ int mbedtls_mpi_mod_raw_random( mbedtls_mpi_uint *X,
* *
* \return \c 0 if successful. * \return \c 0 if successful.
*/ */
int mbedtls_mpi_mod_raw_to_mont_rep( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_to_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *m ); const mbedtls_mpi_mod_modulus *m);
/** Convert an MPI back from Montgomery representation. /** Convert an MPI back from Montgomery representation.
* *
@ -428,8 +428,8 @@ int mbedtls_mpi_mod_raw_to_mont_rep( mbedtls_mpi_uint *X,
* *
* \return \c 0 if successful. * \return \c 0 if successful.
*/ */
int mbedtls_mpi_mod_raw_from_mont_rep( mbedtls_mpi_uint *X, int mbedtls_mpi_mod_raw_from_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *m ); const mbedtls_mpi_mod_modulus *m);
/** \brief Perform fixed width modular negation. /** \brief Perform fixed width modular negation.
* *
@ -444,9 +444,9 @@ int mbedtls_mpi_mod_raw_from_mont_rep( mbedtls_mpi_uint *X,
* must be less than or equal to \p m. * must be less than or equal to \p m.
* \param[in] m The modulus to use. * \param[in] m The modulus to use.
*/ */
void mbedtls_mpi_mod_raw_neg( mbedtls_mpi_uint *X, void mbedtls_mpi_mod_raw_neg(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *m); const mbedtls_mpi_mod_modulus *m);
/* END MERGE SLOT 7 */ /* END MERGE SLOT 7 */
/* BEGIN MERGE SLOT 8 */ /* BEGIN MERGE SLOT 8 */

46
library/bn_mul.h
View File

@ -47,36 +47,36 @@
*/ */
#if defined(MBEDTLS_HAVE_INT32) #if defined(MBEDTLS_HAVE_INT32)
#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \ #define MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d) \
( (mbedtls_mpi_uint) (a) << 0 ) | \ ((mbedtls_mpi_uint) (a) << 0) | \
( (mbedtls_mpi_uint) (b) << 8 ) | \ ((mbedtls_mpi_uint) (b) << 8) | \
( (mbedtls_mpi_uint) (c) << 16 ) | \ ((mbedtls_mpi_uint) (c) << 16) | \
( (mbedtls_mpi_uint) (d) << 24 ) ((mbedtls_mpi_uint) (d) << 24)
#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \ #define MBEDTLS_BYTES_TO_T_UINT_2(a, b) \
MBEDTLS_BYTES_TO_T_UINT_4( a, b, 0, 0 ) MBEDTLS_BYTES_TO_T_UINT_4(a, b, 0, 0)
#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ #define MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, e, f, g, h) \
MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ), \ MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d), \
MBEDTLS_BYTES_TO_T_UINT_4( e, f, g, h ) MBEDTLS_BYTES_TO_T_UINT_4(e, f, g, h)
#else /* 64-bits */ #else /* 64-bits */
#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ #define MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, e, f, g, h) \
( (mbedtls_mpi_uint) (a) << 0 ) | \ ((mbedtls_mpi_uint) (a) << 0) | \
( (mbedtls_mpi_uint) (b) << 8 ) | \ ((mbedtls_mpi_uint) (b) << 8) | \
( (mbedtls_mpi_uint) (c) << 16 ) | \ ((mbedtls_mpi_uint) (c) << 16) | \
( (mbedtls_mpi_uint) (d) << 24 ) | \ ((mbedtls_mpi_uint) (d) << 24) | \
( (mbedtls_mpi_uint) (e) << 32 ) | \ ((mbedtls_mpi_uint) (e) << 32) | \
( (mbedtls_mpi_uint) (f) << 40 ) | \ ((mbedtls_mpi_uint) (f) << 40) | \
( (mbedtls_mpi_uint) (g) << 48 ) | \ ((mbedtls_mpi_uint) (g) << 48) | \
( (mbedtls_mpi_uint) (h) << 56 ) ((mbedtls_mpi_uint) (h) << 56)
#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \ #define MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d) \
MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 ) MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, 0, 0, 0, 0)
#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \ #define MBEDTLS_BYTES_TO_T_UINT_2(a, b) \
MBEDTLS_BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 ) MBEDTLS_BYTES_TO_T_UINT_8(a, b, 0, 0, 0, 0, 0, 0)
#endif /* bits in mbedtls_mpi_uint */ #endif /* bits in mbedtls_mpi_uint */

761
library/camellia.c
View File

File diff suppressed because it is too large Load Diff

580
library/ccm.c
View File

@ -51,50 +51,53 @@
/* /*
* Initialize context * Initialize context
*/ */
void mbedtls_ccm_init( mbedtls_ccm_context *ctx ) void mbedtls_ccm_init(mbedtls_ccm_context *ctx)
{ {
memset( ctx, 0, sizeof( mbedtls_ccm_context ) ); memset(ctx, 0, sizeof(mbedtls_ccm_context));
} }
int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx,
mbedtls_cipher_id_t cipher, mbedtls_cipher_id_t cipher,
const unsigned char *key, const unsigned char *key,
unsigned int keybits ) unsigned int keybits)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const mbedtls_cipher_info_t *cipher_info; const mbedtls_cipher_info_t *cipher_info;
cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, cipher_info = mbedtls_cipher_info_from_values(cipher, keybits,
MBEDTLS_MODE_ECB ); MBEDTLS_MODE_ECB);
if( cipher_info == NULL ) if (cipher_info == NULL) {
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return MBEDTLS_ERR_CCM_BAD_INPUT;
if( cipher_info->block_size != 16 )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
mbedtls_cipher_free( &ctx->cipher_ctx );
if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 )
return( ret );
if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits,
MBEDTLS_ENCRYPT ) ) != 0 )
{
return( ret );
} }
return( 0 ); if (cipher_info->block_size != 16) {
return MBEDTLS_ERR_CCM_BAD_INPUT;
}
mbedtls_cipher_free(&ctx->cipher_ctx);
if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) {
return ret;
}
if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits,
MBEDTLS_ENCRYPT)) != 0) {
return ret;
}
return 0;
} }
/* /*
* Free context * Free context
*/ */
void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) void mbedtls_ccm_free(mbedtls_ccm_context *ctx)
{ {
if( ctx == NULL ) if (ctx == NULL) {
return; return;
mbedtls_cipher_free( &ctx->cipher_ctx ); }
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ccm_context ) ); mbedtls_cipher_free(&ctx->cipher_ctx);
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ccm_context));
} }
#define CCM_STATE__CLEAR 0 #define CCM_STATE__CLEAR 0
@ -107,33 +110,33 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx )
/* /*
* Encrypt or decrypt a partial block with CTR * Encrypt or decrypt a partial block with CTR
*/ */
static int mbedtls_ccm_crypt( mbedtls_ccm_context *ctx, static int mbedtls_ccm_crypt(mbedtls_ccm_context *ctx,
size_t offset, size_t use_len, size_t offset, size_t use_len,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
size_t olen = 0; size_t olen = 0;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char tmp_buf[16] = {0}; unsigned char tmp_buf[16] = { 0 };
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf,
&olen ) ) != 0 ) &olen)) != 0) {
{
ctx->state |= CCM_STATE__ERROR; ctx->state |= CCM_STATE__ERROR;
mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf));
return ret; return ret;
} }
mbedtls_xor( output, input, tmp_buf + offset, use_len ); mbedtls_xor(output, input, tmp_buf + offset, use_len);
mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf));
return ret; return ret;
} }
static void mbedtls_ccm_clear_state(mbedtls_ccm_context *ctx) { static void mbedtls_ccm_clear_state(mbedtls_ccm_context *ctx)
{
ctx->state = CCM_STATE__CLEAR; ctx->state = CCM_STATE__CLEAR;
memset( ctx->y, 0, 16); memset(ctx->y, 0, 16);
memset( ctx->ctr, 0, 16); memset(ctx->ctr, 0, 16);
} }
static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx)
@ -145,21 +148,18 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx)
/* length calculation can be done only after both /* length calculation can be done only after both
* mbedtls_ccm_starts() and mbedtls_ccm_set_lengths() have been executed * mbedtls_ccm_starts() and mbedtls_ccm_set_lengths() have been executed
*/ */
if( !(ctx->state & CCM_STATE__STARTED) || !(ctx->state & CCM_STATE__LENGTHS_SET) ) if (!(ctx->state & CCM_STATE__STARTED) || !(ctx->state & CCM_STATE__LENGTHS_SET)) {
return 0; return 0;
}
/* CCM expects non-empty tag. /* CCM expects non-empty tag.
* CCM* allows empty tag. For CCM* without tag, ignore plaintext length. * CCM* allows empty tag. For CCM* without tag, ignore plaintext length.
*/ */
if( ctx->tag_len == 0 ) if (ctx->tag_len == 0) {
{ if (ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT || ctx->mode == MBEDTLS_CCM_STAR_DECRYPT) {
if( ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT || ctx->mode == MBEDTLS_CCM_STAR_DECRYPT )
{
ctx->plaintext_len = 0; ctx->plaintext_len = 0;
} } else {
else return MBEDTLS_ERR_CCM_BAD_INPUT;
{
return( MBEDTLS_ERR_CCM_BAD_INPUT );
} }
} }
@ -175,37 +175,37 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx)
* 5 .. 3 (t - 2) / 2 * 5 .. 3 (t - 2) / 2
* 2 .. 0 q - 1 * 2 .. 0 q - 1
*/ */
ctx->y[0] |= ( ctx->add_len > 0 ) << 6; ctx->y[0] |= (ctx->add_len > 0) << 6;
ctx->y[0] |= ( ( ctx->tag_len - 2 ) / 2 ) << 3; ctx->y[0] |= ((ctx->tag_len - 2) / 2) << 3;
ctx->y[0] |= ctx->q - 1; ctx->y[0] |= ctx->q - 1;
for( i = 0, len_left = ctx->plaintext_len; i < ctx->q; i++, len_left >>= 8 ) for (i = 0, len_left = ctx->plaintext_len; i < ctx->q; i++, len_left >>= 8) {
ctx->y[15-i] = MBEDTLS_BYTE_0( len_left ); ctx->y[15-i] = MBEDTLS_BYTE_0(len_left);
}
if( len_left > 0 ) if (len_left > 0) {
{
ctx->state |= CCM_STATE__ERROR; ctx->state |= CCM_STATE__ERROR;
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
/* Start CBC-MAC with first block*/ /* Start CBC-MAC with first block*/
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) {
{
ctx->state |= CCM_STATE__ERROR; ctx->state |= CCM_STATE__ERROR;
return( ret ); return ret;
} }
return (0); return 0;
} }
int mbedtls_ccm_starts( mbedtls_ccm_context *ctx, int mbedtls_ccm_starts(mbedtls_ccm_context *ctx,
int mode, int mode,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len ) size_t iv_len)
{ {
/* Also implies q is within bounds */ /* Also implies q is within bounds */
if( iv_len < 7 || iv_len > 13 ) if (iv_len < 7 || iv_len > 13) {
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return MBEDTLS_ERR_CCM_BAD_INPUT;
}
ctx->mode = mode; ctx->mode = mode;
ctx->q = 16 - 1 - (unsigned char) iv_len; ctx->q = 16 - 1 - (unsigned char) iv_len;
@ -220,25 +220,25 @@ int mbedtls_ccm_starts( mbedtls_ccm_context *ctx,
* 7 .. 3 0 * 7 .. 3 0
* 2 .. 0 q - 1 * 2 .. 0 q - 1
*/ */
memset( ctx->ctr, 0, 16); memset(ctx->ctr, 0, 16);
ctx->ctr[0] = ctx->q - 1; ctx->ctr[0] = ctx->q - 1;
memcpy( ctx->ctr + 1, iv, iv_len ); memcpy(ctx->ctr + 1, iv, iv_len);
memset( ctx->ctr + 1 + iv_len, 0, ctx->q ); memset(ctx->ctr + 1 + iv_len, 0, ctx->q);
ctx->ctr[15] = 1; ctx->ctr[15] = 1;
/* /*
* See ccm_calculate_first_block_if_ready() for block layout description * See ccm_calculate_first_block_if_ready() for block layout description
*/ */
memcpy( ctx->y + 1, iv, iv_len ); memcpy(ctx->y + 1, iv, iv_len);
ctx->state |= CCM_STATE__STARTED; ctx->state |= CCM_STATE__STARTED;
return ccm_calculate_first_block_if_ready(ctx); return ccm_calculate_first_block_if_ready(ctx);
} }
int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx, int mbedtls_ccm_set_lengths(mbedtls_ccm_context *ctx,
size_t total_ad_len, size_t total_ad_len,
size_t plaintext_len, size_t plaintext_len,
size_t tag_len ) size_t tag_len)
{ {
/* /*
* Check length requirements: SP800-38C A.1 * Check length requirements: SP800-38C A.1
@ -247,11 +247,13 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx,
* *
* Also, loosen the requirements to enable support for CCM* (IEEE 802.15.4). * Also, loosen the requirements to enable support for CCM* (IEEE 802.15.4).
*/ */
if( tag_len == 2 || tag_len > 16 || tag_len % 2 != 0 ) if (tag_len == 2 || tag_len > 16 || tag_len % 2 != 0) {
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return MBEDTLS_ERR_CCM_BAD_INPUT;
}
if( total_ad_len >= 0xFF00 ) if (total_ad_len >= 0xFF00) {
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return MBEDTLS_ERR_CCM_BAD_INPUT;
}
ctx->plaintext_len = plaintext_len; ctx->plaintext_len = plaintext_len;
ctx->add_len = total_ad_len; ctx->add_len = total_ad_len;
@ -262,81 +264,72 @@ int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx,
return ccm_calculate_first_block_if_ready(ctx); return ccm_calculate_first_block_if_ready(ctx);
} }
int mbedtls_ccm_update_ad( mbedtls_ccm_context *ctx, int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx,
const unsigned char *add, const unsigned char *add,
size_t add_len ) size_t add_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t olen, use_len, offset; size_t olen, use_len, offset;
if( ctx->state & CCM_STATE__ERROR ) if (ctx->state & CCM_STATE__ERROR) {
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
if( add_len > 0 ) if (add_len > 0) {
{ if (ctx->state & CCM_STATE__AUTH_DATA_FINISHED) {
if( ctx->state & CCM_STATE__AUTH_DATA_FINISHED )
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
if( !(ctx->state & CCM_STATE__AUTH_DATA_STARTED) ) if (!(ctx->state & CCM_STATE__AUTH_DATA_STARTED)) {
{ if (add_len > ctx->add_len) {
if ( add_len > ctx->add_len )
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
ctx->y[0] ^= (unsigned char)( ( ctx->add_len >> 8 ) & 0xFF ); ctx->y[0] ^= (unsigned char) ((ctx->add_len >> 8) & 0xFF);
ctx->y[1] ^= (unsigned char)( ( ctx->add_len ) & 0xFF ); ctx->y[1] ^= (unsigned char) ((ctx->add_len) & 0xFF);
ctx->state |= CCM_STATE__AUTH_DATA_STARTED; ctx->state |= CCM_STATE__AUTH_DATA_STARTED;
} } else if (ctx->processed + add_len > ctx->add_len) {
else if ( ctx->processed + add_len > ctx->add_len )
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
while( add_len > 0 ) while (add_len > 0) {
{
offset = (ctx->processed + 2) % 16; /* account for y[0] and y[1] offset = (ctx->processed + 2) % 16; /* account for y[0] and y[1]
* holding total auth data length */ * holding total auth data length */
use_len = 16 - offset; use_len = 16 - offset;
if( use_len > add_len ) if (use_len > add_len) {
use_len = add_len; use_len = add_len;
}
mbedtls_xor( ctx->y + offset, ctx->y + offset, add, use_len ); mbedtls_xor(ctx->y + offset, ctx->y + offset, add, use_len);
ctx->processed += use_len; ctx->processed += use_len;
add_len -= use_len; add_len -= use_len;
add += use_len; add += use_len;
if( use_len + offset == 16 || ctx->processed == ctx->add_len ) if (use_len + offset == 16 || ctx->processed == ctx->add_len) {
{ if ((ret =
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) {
{
ctx->state |= CCM_STATE__ERROR; ctx->state |= CCM_STATE__ERROR;
return( ret ); return ret;
} }
} }
} }
if( ctx->processed == ctx->add_len ) if (ctx->processed == ctx->add_len) {
{
ctx->state |= CCM_STATE__AUTH_DATA_FINISHED; ctx->state |= CCM_STATE__AUTH_DATA_FINISHED;
ctx->processed = 0; // prepare for mbedtls_ccm_update() ctx->processed = 0; // prepare for mbedtls_ccm_update()
} }
} }
return (0); return 0;
} }
int mbedtls_ccm_update( mbedtls_ccm_context *ctx, int mbedtls_ccm_update(mbedtls_ccm_context *ctx,
const unsigned char *input, size_t input_len, const unsigned char *input, size_t input_len,
unsigned char *output, size_t output_size, unsigned char *output, size_t output_size,
size_t *output_len ) size_t *output_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char i; unsigned char i;
@ -344,88 +337,86 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx,
unsigned char local_output[16]; unsigned char local_output[16];
if( ctx->state & CCM_STATE__ERROR ) if (ctx->state & CCM_STATE__ERROR) {
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
/* Check against plaintext length only if performing operation with /* Check against plaintext length only if performing operation with
* authentication * authentication
*/ */
if( ctx->tag_len != 0 && ctx->processed + input_len > ctx->plaintext_len ) if (ctx->tag_len != 0 && ctx->processed + input_len > ctx->plaintext_len) {
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
if( output_size < input_len ) if (output_size < input_len) {
return( MBEDTLS_ERR_CCM_BAD_INPUT ); return MBEDTLS_ERR_CCM_BAD_INPUT;
}
*output_len = input_len; *output_len = input_len;
ret = 0; ret = 0;
while ( input_len > 0 ) while (input_len > 0) {
{
offset = ctx->processed % 16; offset = ctx->processed % 16;
use_len = 16 - offset; use_len = 16 - offset;
if( use_len > input_len ) if (use_len > input_len) {
use_len = input_len; use_len = input_len;
}
ctx->processed += use_len; ctx->processed += use_len;
if( ctx->mode == MBEDTLS_CCM_ENCRYPT || \ if (ctx->mode == MBEDTLS_CCM_ENCRYPT || \
ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT ) ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT) {
{ mbedtls_xor(ctx->y + offset, ctx->y + offset, input, use_len);
mbedtls_xor( ctx->y + offset, ctx->y + offset, input, use_len );
if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) {
{ if ((ret =
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) {
{
ctx->state |= CCM_STATE__ERROR; ctx->state |= CCM_STATE__ERROR;
goto exit; goto exit;
} }
} }
ret = mbedtls_ccm_crypt( ctx, offset, use_len, input, output ); ret = mbedtls_ccm_crypt(ctx, offset, use_len, input, output);
if( ret != 0 ) if (ret != 0) {
goto exit; goto exit;
}
} }
if( ctx->mode == MBEDTLS_CCM_DECRYPT || \ if (ctx->mode == MBEDTLS_CCM_DECRYPT || \
ctx->mode == MBEDTLS_CCM_STAR_DECRYPT ) ctx->mode == MBEDTLS_CCM_STAR_DECRYPT) {
{
/* Since output may be in shared memory, we cannot be sure that /* Since output may be in shared memory, we cannot be sure that
* it will contain what we wrote to it. Therefore, we should avoid using * it will contain what we wrote to it. Therefore, we should avoid using
* it as input to any operations. * it as input to any operations.
* Write decrypted data to local_output to avoid using output variable as * Write decrypted data to local_output to avoid using output variable as
* input in the XOR operation for Y. * input in the XOR operation for Y.
*/ */
ret = mbedtls_ccm_crypt( ctx, offset, use_len, input, local_output ); ret = mbedtls_ccm_crypt(ctx, offset, use_len, input, local_output);
if( ret != 0 ) if (ret != 0) {
goto exit; goto exit;
}
mbedtls_xor( ctx->y + offset, ctx->y + offset, local_output, use_len ); mbedtls_xor(ctx->y + offset, ctx->y + offset, local_output, use_len);
memcpy( output, local_output, use_len ); memcpy(output, local_output, use_len);
mbedtls_platform_zeroize( local_output, 16 ); mbedtls_platform_zeroize(local_output, 16);
if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) {
{ if ((ret =
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen ) ) != 0 ) mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) {
{
ctx->state |= CCM_STATE__ERROR; ctx->state |= CCM_STATE__ERROR;
goto exit; goto exit;
} }
} }
} }
if( use_len + offset == 16 || ctx->processed == ctx->plaintext_len ) if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) {
{ for (i = 0; i < ctx->q; i++) {
for( i = 0; i < ctx->q; i++ ) if (++(ctx->ctr)[15-i] != 0) {
if( ++(ctx->ctr)[15-i] != 0 ) break;
break; }
}
} }
input_len -= use_len; input_len -= use_len;
@ -434,167 +425,172 @@ int mbedtls_ccm_update( mbedtls_ccm_context *ctx,
} }
exit: exit:
mbedtls_platform_zeroize( local_output, 16 ); mbedtls_platform_zeroize(local_output, 16);
return ret; return ret;
} }
int mbedtls_ccm_finish( mbedtls_ccm_context *ctx, int mbedtls_ccm_finish(mbedtls_ccm_context *ctx,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char i; unsigned char i;
if( ctx->state & CCM_STATE__ERROR ) if (ctx->state & CCM_STATE__ERROR) {
{
return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
} }
if( ctx->add_len > 0 && !( ctx->state & CCM_STATE__AUTH_DATA_FINISHED ) ) if (ctx->add_len > 0 && !(ctx->state & CCM_STATE__AUTH_DATA_FINISHED)) {
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
if( ctx->plaintext_len > 0 && ctx->processed != ctx->plaintext_len ) if (ctx->plaintext_len > 0 && ctx->processed != ctx->plaintext_len) {
{
return MBEDTLS_ERR_CCM_BAD_INPUT; return MBEDTLS_ERR_CCM_BAD_INPUT;
} }
/* /*
* Authentication: reset counter and crypt/mask internal tag * Authentication: reset counter and crypt/mask internal tag
*/ */
for( i = 0; i < ctx->q; i++ ) for (i = 0; i < ctx->q; i++) {
ctx->ctr[15-i] = 0; ctx->ctr[15-i] = 0;
}
ret = mbedtls_ccm_crypt( ctx, 0, 16, ctx->y, ctx->y ); ret = mbedtls_ccm_crypt(ctx, 0, 16, ctx->y, ctx->y);
if( ret != 0 ) if (ret != 0) {
return ret; return ret;
if( tag != NULL ) }
memcpy( tag, ctx->y, tag_len ); if (tag != NULL) {
memcpy(tag, ctx->y, tag_len);
}
mbedtls_ccm_clear_state(ctx); mbedtls_ccm_clear_state(ctx);
return( 0 ); return 0;
} }
/* /*
* Authenticated encryption or decryption * Authenticated encryption or decryption
*/ */
static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, static int ccm_auth_crypt(mbedtls_ccm_context *ctx, int mode, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t olen; size_t olen;
if( ( ret = mbedtls_ccm_starts( ctx, mode, iv, iv_len ) ) != 0 ) if ((ret = mbedtls_ccm_starts(ctx, mode, iv, iv_len)) != 0) {
return( ret ); return ret;
}
if( ( ret = mbedtls_ccm_set_lengths( ctx, add_len, length, tag_len ) ) != 0 ) if ((ret = mbedtls_ccm_set_lengths(ctx, add_len, length, tag_len)) != 0) {
return( ret ); return ret;
}
if( ( ret = mbedtls_ccm_update_ad( ctx, add, add_len ) ) != 0 ) if ((ret = mbedtls_ccm_update_ad(ctx, add, add_len)) != 0) {
return( ret ); return ret;
}
if( ( ret = mbedtls_ccm_update( ctx, input, length, if ((ret = mbedtls_ccm_update(ctx, input, length,
output, length, &olen ) ) != 0 ) output, length, &olen)) != 0) {
return( ret ); return ret;
}
if( ( ret = mbedtls_ccm_finish( ctx, tag, tag_len ) ) != 0 ) if ((ret = mbedtls_ccm_finish(ctx, tag, tag_len)) != 0) {
return( ret ); return ret;
}
return( 0 ); return 0;
} }
/* /*
* Authenticated encryption * Authenticated encryption
*/ */
int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len)
{ {
return( ccm_auth_crypt( ctx, MBEDTLS_CCM_STAR_ENCRYPT, length, iv, iv_len, return ccm_auth_crypt(ctx, MBEDTLS_CCM_STAR_ENCRYPT, length, iv, iv_len,
add, add_len, input, output, tag, tag_len ) ); add, add_len, input, output, tag, tag_len);
} }
int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len)
{ {
return( ccm_auth_crypt( ctx, MBEDTLS_CCM_ENCRYPT, length, iv, iv_len, return ccm_auth_crypt(ctx, MBEDTLS_CCM_ENCRYPT, length, iv, iv_len,
add, add_len, input, output, tag, tag_len ) ); add, add_len, input, output, tag, tag_len);
} }
/* /*
* Authenticated decryption * Authenticated decryption
*/ */
static int mbedtls_ccm_compare_tags(const unsigned char *tag1, const unsigned char *tag2, size_t tag_len) static int mbedtls_ccm_compare_tags(const unsigned char *tag1,
const unsigned char *tag2,
size_t tag_len)
{ {
unsigned char i; unsigned char i;
int diff; int diff;
/* Check tag in "constant-time" */ /* Check tag in "constant-time" */
for( diff = 0, i = 0; i < tag_len; i++ ) for (diff = 0, i = 0; i < tag_len; i++) {
diff |= tag1[i] ^ tag2[i]; diff |= tag1[i] ^ tag2[i];
if( diff != 0 )
{
return( MBEDTLS_ERR_CCM_AUTH_FAILED );
} }
return( 0 ); if (diff != 0) {
return MBEDTLS_ERR_CCM_AUTH_FAILED;
}
return 0;
} }
static int ccm_auth_decrypt( mbedtls_ccm_context *ctx, int mode, size_t length, static int ccm_auth_decrypt(mbedtls_ccm_context *ctx, int mode, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len ) const unsigned char *tag, size_t tag_len)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char check_tag[16]; unsigned char check_tag[16];
if( ( ret = ccm_auth_crypt( ctx, mode, length, if ((ret = ccm_auth_crypt(ctx, mode, length,
iv, iv_len, add, add_len, iv, iv_len, add, add_len,
input, output, check_tag, tag_len ) ) != 0 ) input, output, check_tag, tag_len)) != 0) {
{ return ret;
return( ret );
} }
if( ( ret = mbedtls_ccm_compare_tags( tag, check_tag, tag_len ) ) != 0 ) if ((ret = mbedtls_ccm_compare_tags(tag, check_tag, tag_len)) != 0) {
{ mbedtls_platform_zeroize(output, length);
mbedtls_platform_zeroize( output, length ); return ret;
return( ret );
} }
return( 0 ); return 0;
} }
int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len ) const unsigned char *tag, size_t tag_len)
{ {
return ccm_auth_decrypt( ctx, MBEDTLS_CCM_STAR_DECRYPT, length, return ccm_auth_decrypt(ctx, MBEDTLS_CCM_STAR_DECRYPT, length,
iv, iv_len, add, add_len, iv, iv_len, add, add_len,
input, output, tag, tag_len ); input, output, tag, tag_len);
} }
int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len ) const unsigned char *tag, size_t tag_len)
{ {
return ccm_auth_decrypt( ctx, MBEDTLS_CCM_DECRYPT, length, return ccm_auth_decrypt(ctx, MBEDTLS_CCM_DECRYPT, length,
iv, iv_len, add, add_len, iv, iv_len, add, add_len,
input, output, tag, tag_len ); input, output, tag, tag_len);
} }
#endif /* !MBEDTLS_CCM_ALT */ #endif /* !MBEDTLS_CCM_ALT */
@ -631,7 +627,7 @@ static const unsigned char msg_test_data[CCM_SELFTEST_PT_MAX_LEN] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
}; };
static const size_t iv_len_test_data [NB_TESTS] = { 7, 8, 12 }; static const size_t iv_len_test_data[NB_TESTS] = { 7, 8, 12 };
static const size_t add_len_test_data[NB_TESTS] = { 8, 16, 20 }; static const size_t add_len_test_data[NB_TESTS] = { 8, 16, 20 };
static const size_t msg_len_test_data[NB_TESTS] = { 4, 16, 24 }; static const size_t msg_len_test_data[NB_TESTS] = { 4, 16, 24 };
static const size_t tag_len_test_data[NB_TESTS] = { 4, 6, 8 }; static const size_t tag_len_test_data[NB_TESTS] = { 4, 6, 8 };
@ -647,7 +643,7 @@ static const unsigned char res_test_data[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = {
0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 } 0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 }
}; };
int mbedtls_ccm_self_test( int verbose ) int mbedtls_ccm_self_test(int verbose)
{ {
mbedtls_ccm_context ctx; mbedtls_ccm_context ctx;
/* /*
@ -660,70 +656,72 @@ int mbedtls_ccm_self_test( int verbose )
size_t i; size_t i;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ccm_init( &ctx ); mbedtls_ccm_init(&ctx);
if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key_test_data, if (mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key_test_data,
8 * sizeof key_test_data ) != 0 ) 8 * sizeof key_test_data) != 0) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf(" CCM: setup failed");
mbedtls_printf( " CCM: setup failed" );
return( 1 );
}
for( i = 0; i < NB_TESTS; i++ )
{
if( verbose != 0 )
mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 );
memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN );
memcpy( plaintext, msg_test_data, msg_len_test_data[i] );
ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len_test_data[i],
iv_test_data, iv_len_test_data[i],
ad_test_data, add_len_test_data[i],
plaintext, ciphertext,
ciphertext + msg_len_test_data[i],
tag_len_test_data[i] );
if( ret != 0 ||
memcmp( ciphertext, res_test_data[i],
msg_len_test_data[i] + tag_len_test_data[i] ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( 1 );
}
memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len_test_data[i],
iv_test_data, iv_len_test_data[i],
ad_test_data, add_len_test_data[i],
ciphertext, plaintext,
ciphertext + msg_len_test_data[i],
tag_len_test_data[i] );
if( ret != 0 ||
memcmp( plaintext, msg_test_data, msg_len_test_data[i] ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( 1 );
} }
if( verbose != 0 ) return 1;
mbedtls_printf( "passed\n" );
} }
mbedtls_ccm_free( &ctx ); for (i = 0; i < NB_TESTS; i++) {
if (verbose != 0) {
mbedtls_printf(" CCM-AES #%u: ", (unsigned int) i + 1);
}
if( verbose != 0 ) memset(plaintext, 0, CCM_SELFTEST_PT_MAX_LEN);
mbedtls_printf( "\n" ); memset(ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN);
memcpy(plaintext, msg_test_data, msg_len_test_data[i]);
return( 0 ); ret = mbedtls_ccm_encrypt_and_tag(&ctx, msg_len_test_data[i],
iv_test_data, iv_len_test_data[i],
ad_test_data, add_len_test_data[i],
plaintext, ciphertext,
ciphertext + msg_len_test_data[i],
tag_len_test_data[i]);
if (ret != 0 ||
memcmp(ciphertext, res_test_data[i],
msg_len_test_data[i] + tag_len_test_data[i]) != 0) {
if (verbose != 0) {
mbedtls_printf("failed\n");
}
return 1;
}
memset(plaintext, 0, CCM_SELFTEST_PT_MAX_LEN);
ret = mbedtls_ccm_auth_decrypt(&ctx, msg_len_test_data[i],
iv_test_data, iv_len_test_data[i],
ad_test_data, add_len_test_data[i],
ciphertext, plaintext,
ciphertext + msg_len_test_data[i],
tag_len_test_data[i]);
if (ret != 0 ||
memcmp(plaintext, msg_test_data, msg_len_test_data[i]) != 0) {
if (verbose != 0) {
mbedtls_printf("failed\n");
}
return 1;
}
if (verbose != 0) {
mbedtls_printf("passed\n");
}
}
mbedtls_ccm_free(&ctx);
if (verbose != 0) {
mbedtls_printf("\n");
}
return 0;
} }
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */

246
library/chacha20.c
View File

@ -36,12 +36,12 @@
#if !defined(MBEDTLS_CHACHA20_ALT) #if !defined(MBEDTLS_CHACHA20_ALT)
#define ROTL32( value, amount ) \ #define ROTL32(value, amount) \
( (uint32_t) ( (value) << (amount) ) | ( (value) >> ( 32 - (amount) ) ) ) ((uint32_t) ((value) << (amount)) | ((value) >> (32 - (amount))))
#define CHACHA20_CTR_INDEX ( 12U ) #define CHACHA20_CTR_INDEX (12U)
#define CHACHA20_BLOCK_SIZE_BYTES ( 4U * 16U ) #define CHACHA20_BLOCK_SIZE_BYTES (4U * 16U)
/** /**
* \brief ChaCha20 quarter round operation. * \brief ChaCha20 quarter round operation.
@ -58,31 +58,31 @@
* \param c The index of 'c' in the state. * \param c The index of 'c' in the state.
* \param d The index of 'd' in the state. * \param d The index of 'd' in the state.
*/ */
static inline void chacha20_quarter_round( uint32_t state[16], static inline void chacha20_quarter_round(uint32_t state[16],
size_t a, size_t a,
size_t b, size_t b,
size_t c, size_t c,
size_t d ) size_t d)
{ {
/* a += b; d ^= a; d <<<= 16; */ /* a += b; d ^= a; d <<<= 16; */
state[a] += state[b]; state[a] += state[b];
state[d] ^= state[a]; state[d] ^= state[a];
state[d] = ROTL32( state[d], 16 ); state[d] = ROTL32(state[d], 16);
/* c += d; b ^= c; b <<<= 12 */ /* c += d; b ^= c; b <<<= 12 */
state[c] += state[d]; state[c] += state[d];
state[b] ^= state[c]; state[b] ^= state[c];
state[b] = ROTL32( state[b], 12 ); state[b] = ROTL32(state[b], 12);
/* a += b; d ^= a; d <<<= 8; */ /* a += b; d ^= a; d <<<= 8; */
state[a] += state[b]; state[a] += state[b];
state[d] ^= state[a]; state[d] ^= state[a];
state[d] = ROTL32( state[d], 8 ); state[d] = ROTL32(state[d], 8);
/* c += d; b ^= c; b <<<= 7; */ /* c += d; b ^= c; b <<<= 7; */
state[c] += state[d]; state[c] += state[d];
state[b] ^= state[c]; state[b] ^= state[c];
state[b] = ROTL32( state[b], 7 ); state[b] = ROTL32(state[b], 7);
} }
/** /**
@ -93,17 +93,17 @@ static inline void chacha20_quarter_round( uint32_t state[16],
* *
* \param state The ChaCha20 state to update. * \param state The ChaCha20 state to update.
*/ */
static void chacha20_inner_block( uint32_t state[16] ) static void chacha20_inner_block(uint32_t state[16])
{ {
chacha20_quarter_round( state, 0, 4, 8, 12 ); chacha20_quarter_round(state, 0, 4, 8, 12);
chacha20_quarter_round( state, 1, 5, 9, 13 ); chacha20_quarter_round(state, 1, 5, 9, 13);
chacha20_quarter_round( state, 2, 6, 10, 14 ); chacha20_quarter_round(state, 2, 6, 10, 14);
chacha20_quarter_round( state, 3, 7, 11, 15 ); chacha20_quarter_round(state, 3, 7, 11, 15);
chacha20_quarter_round( state, 0, 5, 10, 15 ); chacha20_quarter_round(state, 0, 5, 10, 15);
chacha20_quarter_round( state, 1, 6, 11, 12 ); chacha20_quarter_round(state, 1, 6, 11, 12);
chacha20_quarter_round( state, 2, 7, 8, 13 ); chacha20_quarter_round(state, 2, 7, 8, 13);
chacha20_quarter_round( state, 3, 4, 9, 14 ); chacha20_quarter_round(state, 3, 4, 9, 14);
} }
/** /**
@ -112,29 +112,30 @@ static void chacha20_inner_block( uint32_t state[16] )
* \param initial_state The initial ChaCha20 state (key, nonce, counter). * \param initial_state The initial ChaCha20 state (key, nonce, counter).
* \param keystream Generated keystream bytes are written to this buffer. * \param keystream Generated keystream bytes are written to this buffer.
*/ */
static void chacha20_block( const uint32_t initial_state[16], static void chacha20_block(const uint32_t initial_state[16],
unsigned char keystream[64] ) unsigned char keystream[64])
{ {
uint32_t working_state[16]; uint32_t working_state[16];
size_t i; size_t i;
memcpy( working_state, memcpy(working_state,
initial_state, initial_state,
CHACHA20_BLOCK_SIZE_BYTES ); CHACHA20_BLOCK_SIZE_BYTES);
for( i = 0U; i < 10U; i++ ) for (i = 0U; i < 10U; i++) {
chacha20_inner_block( working_state ); chacha20_inner_block(working_state);
}
working_state[ 0] += initial_state[ 0]; working_state[0] += initial_state[0];
working_state[ 1] += initial_state[ 1]; working_state[1] += initial_state[1];
working_state[ 2] += initial_state[ 2]; working_state[2] += initial_state[2];
working_state[ 3] += initial_state[ 3]; working_state[3] += initial_state[3];
working_state[ 4] += initial_state[ 4]; working_state[4] += initial_state[4];
working_state[ 5] += initial_state[ 5]; working_state[5] += initial_state[5];
working_state[ 6] += initial_state[ 6]; working_state[6] += initial_state[6];
working_state[ 7] += initial_state[ 7]; working_state[7] += initial_state[7];
working_state[ 8] += initial_state[ 8]; working_state[8] += initial_state[8];
working_state[ 9] += initial_state[ 9]; working_state[9] += initial_state[9];
working_state[10] += initial_state[10]; working_state[10] += initial_state[10];
working_state[11] += initial_state[11]; working_state[11] += initial_state[11];
working_state[12] += initial_state[12]; working_state[12] += initial_state[12];
@ -142,35 +143,33 @@ static void chacha20_block( const uint32_t initial_state[16],
working_state[14] += initial_state[14]; working_state[14] += initial_state[14];
working_state[15] += initial_state[15]; working_state[15] += initial_state[15];
for( i = 0U; i < 16; i++ ) for (i = 0U; i < 16; i++) {
{
size_t offset = i * 4U; size_t offset = i * 4U;
MBEDTLS_PUT_UINT32_LE(working_state[i], keystream, offset); MBEDTLS_PUT_UINT32_LE(working_state[i], keystream, offset);
} }
mbedtls_platform_zeroize( working_state, sizeof( working_state ) ); mbedtls_platform_zeroize(working_state, sizeof(working_state));
} }
void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx ) void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx)
{ {
mbedtls_platform_zeroize( ctx->state, sizeof( ctx->state ) ); mbedtls_platform_zeroize(ctx->state, sizeof(ctx->state));
mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); mbedtls_platform_zeroize(ctx->keystream8, sizeof(ctx->keystream8));
/* Initially, there's no keystream bytes available */ /* Initially, there's no keystream bytes available */
ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES; ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES;
} }
void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ) void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx)
{ {
if( ctx != NULL ) if (ctx != NULL) {
{ mbedtls_platform_zeroize(ctx, sizeof(mbedtls_chacha20_context));
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_chacha20_context ) );
} }
} }
int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx,
const unsigned char key[32] ) const unsigned char key[32])
{ {
/* ChaCha20 constants - the string "expand 32-byte k" */ /* ChaCha20 constants - the string "expand 32-byte k" */
ctx->state[0] = 0x61707865; ctx->state[0] = 0x61707865;
@ -179,50 +178,49 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
ctx->state[3] = 0x6b206574; ctx->state[3] = 0x6b206574;
/* Set key */ /* Set key */
ctx->state[4] = MBEDTLS_GET_UINT32_LE( key, 0 ); ctx->state[4] = MBEDTLS_GET_UINT32_LE(key, 0);
ctx->state[5] = MBEDTLS_GET_UINT32_LE( key, 4 ); ctx->state[5] = MBEDTLS_GET_UINT32_LE(key, 4);
ctx->state[6] = MBEDTLS_GET_UINT32_LE( key, 8 ); ctx->state[6] = MBEDTLS_GET_UINT32_LE(key, 8);
ctx->state[7] = MBEDTLS_GET_UINT32_LE( key, 12 ); ctx->state[7] = MBEDTLS_GET_UINT32_LE(key, 12);
ctx->state[8] = MBEDTLS_GET_UINT32_LE( key, 16 ); ctx->state[8] = MBEDTLS_GET_UINT32_LE(key, 16);
ctx->state[9] = MBEDTLS_GET_UINT32_LE( key, 20 ); ctx->state[9] = MBEDTLS_GET_UINT32_LE(key, 20);
ctx->state[10] = MBEDTLS_GET_UINT32_LE( key, 24 ); ctx->state[10] = MBEDTLS_GET_UINT32_LE(key, 24);
ctx->state[11] = MBEDTLS_GET_UINT32_LE( key, 28 ); ctx->state[11] = MBEDTLS_GET_UINT32_LE(key, 28);
return( 0 ); return 0;
} }
int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx,
const unsigned char nonce[12], const unsigned char nonce[12],
uint32_t counter ) uint32_t counter)
{ {
/* Counter */ /* Counter */
ctx->state[12] = counter; ctx->state[12] = counter;
/* Nonce */ /* Nonce */
ctx->state[13] = MBEDTLS_GET_UINT32_LE( nonce, 0 ); ctx->state[13] = MBEDTLS_GET_UINT32_LE(nonce, 0);
ctx->state[14] = MBEDTLS_GET_UINT32_LE( nonce, 4 ); ctx->state[14] = MBEDTLS_GET_UINT32_LE(nonce, 4);
ctx->state[15] = MBEDTLS_GET_UINT32_LE( nonce, 8 ); ctx->state[15] = MBEDTLS_GET_UINT32_LE(nonce, 8);
mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); mbedtls_platform_zeroize(ctx->keystream8, sizeof(ctx->keystream8));
/* Initially, there's no keystream bytes available */ /* Initially, there's no keystream bytes available */
ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES; ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES;
return( 0 ); return 0;
} }
int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx,
size_t size, size_t size,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
size_t offset = 0U; size_t offset = 0U;
/* Use leftover keystream bytes, if available */ /* Use leftover keystream bytes, if available */
while( size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES ) while (size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES) {
{
output[offset] = input[offset] output[offset] = input[offset]
^ ctx->keystream8[ctx->keystream_bytes_used]; ^ ctx->keystream8[ctx->keystream_bytes_used];
ctx->keystream_bytes_used++; ctx->keystream_bytes_used++;
offset++; offset++;
@ -230,59 +228,59 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
} }
/* Process full blocks */ /* Process full blocks */
while( size >= CHACHA20_BLOCK_SIZE_BYTES ) while (size >= CHACHA20_BLOCK_SIZE_BYTES) {
{
/* Generate new keystream block and increment counter */ /* Generate new keystream block and increment counter */
chacha20_block( ctx->state, ctx->keystream8 ); chacha20_block(ctx->state, ctx->keystream8);
ctx->state[CHACHA20_CTR_INDEX]++; ctx->state[CHACHA20_CTR_INDEX]++;
mbedtls_xor( output + offset, input + offset, ctx->keystream8, 64U ); mbedtls_xor(output + offset, input + offset, ctx->keystream8, 64U);
offset += CHACHA20_BLOCK_SIZE_BYTES; offset += CHACHA20_BLOCK_SIZE_BYTES;
size -= CHACHA20_BLOCK_SIZE_BYTES; size -= CHACHA20_BLOCK_SIZE_BYTES;
} }
/* Last (partial) block */ /* Last (partial) block */
if( size > 0U ) if (size > 0U) {
{
/* Generate new keystream block and increment counter */ /* Generate new keystream block and increment counter */
chacha20_block( ctx->state, ctx->keystream8 ); chacha20_block(ctx->state, ctx->keystream8);
ctx->state[CHACHA20_CTR_INDEX]++; ctx->state[CHACHA20_CTR_INDEX]++;
mbedtls_xor( output + offset, input + offset, ctx->keystream8, size ); mbedtls_xor(output + offset, input + offset, ctx->keystream8, size);
ctx->keystream_bytes_used = size; ctx->keystream_bytes_used = size;
} }
return( 0 ); return 0;
} }
int mbedtls_chacha20_crypt( const unsigned char key[32], int mbedtls_chacha20_crypt(const unsigned char key[32],
const unsigned char nonce[12], const unsigned char nonce[12],
uint32_t counter, uint32_t counter,
size_t data_len, size_t data_len,
const unsigned char* input, const unsigned char *input,
unsigned char* output ) unsigned char *output)
{ {
mbedtls_chacha20_context ctx; mbedtls_chacha20_context ctx;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_chacha20_init( &ctx ); mbedtls_chacha20_init(&ctx);
ret = mbedtls_chacha20_setkey( &ctx, key ); ret = mbedtls_chacha20_setkey(&ctx, key);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
ret = mbedtls_chacha20_starts( &ctx, nonce, counter ); ret = mbedtls_chacha20_starts(&ctx, nonce, counter);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
ret = mbedtls_chacha20_update( &ctx, data_len, input, output ); ret = mbedtls_chacha20_update(&ctx, data_len, input, output);
cleanup: cleanup:
mbedtls_chacha20_free( &ctx ); mbedtls_chacha20_free(&ctx);
return( ret ); return ret;
} }
#endif /* !MBEDTLS_CHACHA20_ALT */ #endif /* !MBEDTLS_CHACHA20_ALT */
@ -458,50 +456,52 @@ static const size_t test_lengths[2] =
/* Make sure no other definition is already present. */ /* Make sure no other definition is already present. */
#undef ASSERT #undef ASSERT
#define ASSERT( cond, args ) \ #define ASSERT(cond, args) \
do \ do \
{ \ { \
if( ! ( cond ) ) \ if (!(cond)) \
{ \ { \
if( verbose != 0 ) \ if (verbose != 0) \
mbedtls_printf args; \ mbedtls_printf args; \
\ \
return( -1 ); \ return -1; \
} \ } \
} \ } \
while( 0 ) while (0)
int mbedtls_chacha20_self_test( int verbose ) int mbedtls_chacha20_self_test(int verbose)
{ {
unsigned char output[381]; unsigned char output[381];
unsigned i; unsigned i;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
for( i = 0U; i < 2U; i++ ) for (i = 0U; i < 2U; i++) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf(" ChaCha20 test %u ", i);
mbedtls_printf( " ChaCha20 test %u ", i ); }
ret = mbedtls_chacha20_crypt( test_keys[i], ret = mbedtls_chacha20_crypt(test_keys[i],
test_nonces[i], test_nonces[i],
test_counters[i], test_counters[i],
test_lengths[i], test_lengths[i],
test_input[i], test_input[i],
output ); output);
ASSERT( 0 == ret, ( "error code: %i\n", ret ) ); ASSERT(0 == ret, ("error code: %i\n", ret));
ASSERT( 0 == memcmp( output, test_output[i], test_lengths[i] ), ASSERT(0 == memcmp(output, test_output[i], test_lengths[i]),
( "failed (output)\n" ) ); ("failed (output)\n"));
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "passed\n" ); mbedtls_printf("passed\n");
}
} }
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "\n" ); mbedtls_printf("\n");
}
return( 0 ); return 0;
} }
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

376
library/chachapoly.c
View File

@ -32,29 +32,30 @@
#if !defined(MBEDTLS_CHACHAPOLY_ALT) #if !defined(MBEDTLS_CHACHAPOLY_ALT)
#define CHACHAPOLY_STATE_INIT ( 0 ) #define CHACHAPOLY_STATE_INIT (0)
#define CHACHAPOLY_STATE_AAD ( 1 ) #define CHACHAPOLY_STATE_AAD (1)
#define CHACHAPOLY_STATE_CIPHERTEXT ( 2 ) /* Encrypting or decrypting */ #define CHACHAPOLY_STATE_CIPHERTEXT (2) /* Encrypting or decrypting */
#define CHACHAPOLY_STATE_FINISHED ( 3 ) #define CHACHAPOLY_STATE_FINISHED (3)
/** /**
* \brief Adds nul bytes to pad the AAD for Poly1305. * \brief Adds nul bytes to pad the AAD for Poly1305.
* *
* \param ctx The ChaCha20-Poly1305 context. * \param ctx The ChaCha20-Poly1305 context.
*/ */
static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx ) static int chachapoly_pad_aad(mbedtls_chachapoly_context *ctx)
{ {
uint32_t partial_block_len = (uint32_t) ( ctx->aad_len % 16U ); uint32_t partial_block_len = (uint32_t) (ctx->aad_len % 16U);
unsigned char zeroes[15]; unsigned char zeroes[15];
if( partial_block_len == 0U ) if (partial_block_len == 0U) {
return( 0 ); return 0;
}
memset( zeroes, 0, sizeof( zeroes ) ); memset(zeroes, 0, sizeof(zeroes));
return( mbedtls_poly1305_update( &ctx->poly1305_ctx, return mbedtls_poly1305_update(&ctx->poly1305_ctx,
zeroes, zeroes,
16U - partial_block_len ) ); 16U - partial_block_len);
} }
/** /**
@ -62,80 +63,83 @@ static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx )
* *
* \param ctx The ChaCha20-Poly1305 context. * \param ctx The ChaCha20-Poly1305 context.
*/ */
static int chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx ) static int chachapoly_pad_ciphertext(mbedtls_chachapoly_context *ctx)
{ {
uint32_t partial_block_len = (uint32_t) ( ctx->ciphertext_len % 16U ); uint32_t partial_block_len = (uint32_t) (ctx->ciphertext_len % 16U);
unsigned char zeroes[15]; unsigned char zeroes[15];
if( partial_block_len == 0U ) if (partial_block_len == 0U) {
return( 0 ); return 0;
}
memset( zeroes, 0, sizeof( zeroes ) ); memset(zeroes, 0, sizeof(zeroes));
return( mbedtls_poly1305_update( &ctx->poly1305_ctx, return mbedtls_poly1305_update(&ctx->poly1305_ctx,
zeroes, zeroes,
16U - partial_block_len ) ); 16U - partial_block_len);
} }
void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ) void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx)
{ {
mbedtls_chacha20_init( &ctx->chacha20_ctx ); mbedtls_chacha20_init(&ctx->chacha20_ctx);
mbedtls_poly1305_init( &ctx->poly1305_ctx ); mbedtls_poly1305_init(&ctx->poly1305_ctx);
ctx->aad_len = 0U; ctx->aad_len = 0U;
ctx->ciphertext_len = 0U; ctx->ciphertext_len = 0U;
ctx->state = CHACHAPOLY_STATE_INIT; ctx->state = CHACHAPOLY_STATE_INIT;
ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT;
} }
void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ) void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx)
{ {
if( ctx == NULL ) if (ctx == NULL) {
return; return;
}
mbedtls_chacha20_free( &ctx->chacha20_ctx ); mbedtls_chacha20_free(&ctx->chacha20_ctx);
mbedtls_poly1305_free( &ctx->poly1305_ctx ); mbedtls_poly1305_free(&ctx->poly1305_ctx);
ctx->aad_len = 0U; ctx->aad_len = 0U;
ctx->ciphertext_len = 0U; ctx->ciphertext_len = 0U;
ctx->state = CHACHAPOLY_STATE_INIT; ctx->state = CHACHAPOLY_STATE_INIT;
ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT;
} }
int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx,
const unsigned char key[32] ) const unsigned char key[32])
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
ret = mbedtls_chacha20_setkey( &ctx->chacha20_ctx, key ); ret = mbedtls_chacha20_setkey(&ctx->chacha20_ctx, key);
return( ret ); return ret;
} }
int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx,
const unsigned char nonce[12], const unsigned char nonce[12],
mbedtls_chachapoly_mode_t mode ) mbedtls_chachapoly_mode_t mode)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char poly1305_key[64]; unsigned char poly1305_key[64];
/* Set counter = 0, will be update to 1 when generating Poly1305 key */ /* Set counter = 0, will be update to 1 when generating Poly1305 key */
ret = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 0U ); ret = mbedtls_chacha20_starts(&ctx->chacha20_ctx, nonce, 0U);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
/* Generate the Poly1305 key by getting the ChaCha20 keystream output with /* Generate the Poly1305 key by getting the ChaCha20 keystream output with
* counter = 0. This is the same as encrypting a buffer of zeroes. * counter = 0. This is the same as encrypting a buffer of zeroes.
* Only the first 256-bits (32 bytes) of the key is used for Poly1305. * Only the first 256-bits (32 bytes) of the key is used for Poly1305.
* The other 256 bits are discarded. * The other 256 bits are discarded.
*/ */
memset( poly1305_key, 0, sizeof( poly1305_key ) ); memset(poly1305_key, 0, sizeof(poly1305_key));
ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, sizeof( poly1305_key ), ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, sizeof(poly1305_key),
poly1305_key, poly1305_key ); poly1305_key, poly1305_key);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
ret = mbedtls_poly1305_starts( &ctx->poly1305_ctx, poly1305_key ); ret = mbedtls_poly1305_starts(&ctx->poly1305_ctx, poly1305_key);
if( ret == 0 ) if (ret == 0) {
{
ctx->aad_len = 0U; ctx->aad_len = 0U;
ctx->ciphertext_len = 0U; ctx->ciphertext_len = 0U;
ctx->state = CHACHAPOLY_STATE_AAD; ctx->state = CHACHAPOLY_STATE_AAD;
@ -143,92 +147,91 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
} }
cleanup: cleanup:
mbedtls_platform_zeroize( poly1305_key, 64U ); mbedtls_platform_zeroize(poly1305_key, 64U);
return( ret ); return ret;
} }
int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx,
const unsigned char *aad, const unsigned char *aad,
size_t aad_len ) size_t aad_len)
{ {
if( ctx->state != CHACHAPOLY_STATE_AAD ) if (ctx->state != CHACHAPOLY_STATE_AAD) {
return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE;
}
ctx->aad_len += aad_len; ctx->aad_len += aad_len;
return( mbedtls_poly1305_update( &ctx->poly1305_ctx, aad, aad_len ) ); return mbedtls_poly1305_update(&ctx->poly1305_ctx, aad, aad_len);
} }
int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx,
size_t len, size_t len,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
if( ( ctx->state != CHACHAPOLY_STATE_AAD ) && if ((ctx->state != CHACHAPOLY_STATE_AAD) &&
( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) ) (ctx->state != CHACHAPOLY_STATE_CIPHERTEXT)) {
{ return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE;
return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
} }
if( ctx->state == CHACHAPOLY_STATE_AAD ) if (ctx->state == CHACHAPOLY_STATE_AAD) {
{
ctx->state = CHACHAPOLY_STATE_CIPHERTEXT; ctx->state = CHACHAPOLY_STATE_CIPHERTEXT;
ret = chachapoly_pad_aad( ctx ); ret = chachapoly_pad_aad(ctx);
if( ret != 0 ) if (ret != 0) {
return( ret ); return ret;
}
} }
ctx->ciphertext_len += len; ctx->ciphertext_len += len;
if( ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT ) if (ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT) {
{ ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, len, input, output);
ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output ); if (ret != 0) {
if( ret != 0 ) return ret;
return( ret ); }
ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, output, len ); ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, output, len);
if( ret != 0 ) if (ret != 0) {
return( ret ); return ret;
} }
else /* DECRYPT */ } else { /* DECRYPT */
{ ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, input, len);
ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, input, len ); if (ret != 0) {
if( ret != 0 ) return ret;
return( ret ); }
ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output ); ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, len, input, output);
if( ret != 0 ) if (ret != 0) {
return( ret ); return ret;
}
} }
return( 0 ); return 0;
} }
int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx,
unsigned char mac[16] ) unsigned char mac[16])
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char len_block[16]; unsigned char len_block[16];
if( ctx->state == CHACHAPOLY_STATE_INIT ) if (ctx->state == CHACHAPOLY_STATE_INIT) {
{ return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE;
return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
} }
if( ctx->state == CHACHAPOLY_STATE_AAD ) if (ctx->state == CHACHAPOLY_STATE_AAD) {
{ ret = chachapoly_pad_aad(ctx);
ret = chachapoly_pad_aad( ctx ); if (ret != 0) {
if( ret != 0 ) return ret;
return( ret ); }
} } else if (ctx->state == CHACHAPOLY_STATE_CIPHERTEXT) {
else if( ctx->state == CHACHAPOLY_STATE_CIPHERTEXT ) ret = chachapoly_pad_ciphertext(ctx);
{ if (ret != 0) {
ret = chachapoly_pad_ciphertext( ctx ); return ret;
if( ret != 0 ) }
return( ret );
} }
ctx->state = CHACHAPOLY_STATE_FINISHED; ctx->state = CHACHAPOLY_STATE_FINISHED;
@ -239,91 +242,94 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
MBEDTLS_PUT_UINT64_LE(ctx->aad_len, len_block, 0); MBEDTLS_PUT_UINT64_LE(ctx->aad_len, len_block, 0);
MBEDTLS_PUT_UINT64_LE(ctx->ciphertext_len, len_block, 8); MBEDTLS_PUT_UINT64_LE(ctx->ciphertext_len, len_block, 8);
ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U ); ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, len_block, 16U);
if( ret != 0 ) if (ret != 0) {
return( ret ); return ret;
}
ret = mbedtls_poly1305_finish( &ctx->poly1305_ctx, mac ); ret = mbedtls_poly1305_finish(&ctx->poly1305_ctx, mac);
return( ret ); return ret;
} }
static int chachapoly_crypt_and_tag( mbedtls_chachapoly_context *ctx, static int chachapoly_crypt_and_tag(mbedtls_chachapoly_context *ctx,
mbedtls_chachapoly_mode_t mode, mbedtls_chachapoly_mode_t mode,
size_t length, size_t length,
const unsigned char nonce[12], const unsigned char nonce[12],
const unsigned char *aad, const unsigned char *aad,
size_t aad_len, size_t aad_len,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
unsigned char tag[16] ) unsigned char tag[16])
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
ret = mbedtls_chachapoly_starts( ctx, nonce, mode ); ret = mbedtls_chachapoly_starts(ctx, nonce, mode);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
ret = mbedtls_chachapoly_update_aad( ctx, aad, aad_len ); ret = mbedtls_chachapoly_update_aad(ctx, aad, aad_len);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
ret = mbedtls_chachapoly_update( ctx, length, input, output ); ret = mbedtls_chachapoly_update(ctx, length, input, output);
if( ret != 0 ) if (ret != 0) {
goto cleanup; goto cleanup;
}
ret = mbedtls_chachapoly_finish( ctx, tag ); ret = mbedtls_chachapoly_finish(ctx, tag);
cleanup: cleanup:
return( ret ); return ret;
} }
int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx,
size_t length, size_t length,
const unsigned char nonce[12], const unsigned char nonce[12],
const unsigned char *aad, const unsigned char *aad,
size_t aad_len, size_t aad_len,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
unsigned char tag[16] ) unsigned char tag[16])
{ {
return( chachapoly_crypt_and_tag( ctx, MBEDTLS_CHACHAPOLY_ENCRYPT, return chachapoly_crypt_and_tag(ctx, MBEDTLS_CHACHAPOLY_ENCRYPT,
length, nonce, aad, aad_len, length, nonce, aad, aad_len,
input, output, tag ) ); input, output, tag);
} }
int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx,
size_t length, size_t length,
const unsigned char nonce[12], const unsigned char nonce[12],
const unsigned char *aad, const unsigned char *aad,
size_t aad_len, size_t aad_len,
const unsigned char tag[16], const unsigned char tag[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char check_tag[16]; unsigned char check_tag[16];
size_t i; size_t i;
int diff; int diff;
if( ( ret = chachapoly_crypt_and_tag( ctx, if ((ret = chachapoly_crypt_and_tag(ctx,
MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce, MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce,
aad, aad_len, input, output, check_tag ) ) != 0 ) aad, aad_len, input, output, check_tag)) != 0) {
{ return ret;
return( ret );
} }
/* Check tag in "constant-time" */ /* Check tag in "constant-time" */
for( diff = 0, i = 0; i < sizeof( check_tag ); i++ ) for (diff = 0, i = 0; i < sizeof(check_tag); i++) {
diff |= tag[i] ^ check_tag[i]; diff |= tag[i] ^ check_tag[i];
if( diff != 0 )
{
mbedtls_platform_zeroize( output, length );
return( MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED );
} }
return( 0 ); if (diff != 0) {
mbedtls_platform_zeroize(output, length);
return MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED;
}
return 0;
} }
#endif /* MBEDTLS_CHACHAPOLY_ALT */ #endif /* MBEDTLS_CHACHAPOLY_ALT */
@ -419,20 +425,20 @@ static const unsigned char test_mac[1][16] =
/* Make sure no other definition is already present. */ /* Make sure no other definition is already present. */
#undef ASSERT #undef ASSERT
#define ASSERT( cond, args ) \ #define ASSERT(cond, args) \
do \ do \
{ \ { \
if( ! ( cond ) ) \ if (!(cond)) \
{ \ { \
if( verbose != 0 ) \ if (verbose != 0) \
mbedtls_printf args; \ mbedtls_printf args; \
\ \
return( -1 ); \ return -1; \
} \ } \
} \ } \
while( 0 ) while (0)
int mbedtls_chachapoly_self_test( int verbose ) int mbedtls_chachapoly_self_test(int verbose)
{ {
mbedtls_chachapoly_context ctx; mbedtls_chachapoly_context ctx;
unsigned i; unsigned i;
@ -440,43 +446,45 @@ int mbedtls_chachapoly_self_test( int verbose )
unsigned char output[200]; unsigned char output[200];
unsigned char mac[16]; unsigned char mac[16];
for( i = 0U; i < 1U; i++ ) for (i = 0U; i < 1U; i++) {
{ if (verbose != 0) {
if( verbose != 0 ) mbedtls_printf(" ChaCha20-Poly1305 test %u ", i);
mbedtls_printf( " ChaCha20-Poly1305 test %u ", i ); }
mbedtls_chachapoly_init( &ctx ); mbedtls_chachapoly_init(&ctx);
ret = mbedtls_chachapoly_setkey( &ctx, test_key[i] ); ret = mbedtls_chachapoly_setkey(&ctx, test_key[i]);
ASSERT( 0 == ret, ( "setkey() error code: %i\n", ret ) ); ASSERT(0 == ret, ("setkey() error code: %i\n", ret));
ret = mbedtls_chachapoly_encrypt_and_tag( &ctx, ret = mbedtls_chachapoly_encrypt_and_tag(&ctx,
test_input_len[i], test_input_len[i],
test_nonce[i], test_nonce[i],
test_aad[i], test_aad[i],
test_aad_len[i], test_aad_len[i],
test_input[i], test_input[i],
output, output,
mac ); mac);
ASSERT( 0 == ret, ( "crypt_and_tag() error code: %i\n", ret ) ); ASSERT(0 == ret, ("crypt_and_tag() error code: %i\n", ret));
ASSERT( 0 == memcmp( output, test_output[i], test_input_len[i] ), ASSERT(0 == memcmp(output, test_output[i], test_input_len[i]),
( "failure (wrong output)\n" ) ); ("failure (wrong output)\n"));
ASSERT( 0 == memcmp( mac, test_mac[i], 16U ), ASSERT(0 == memcmp(mac, test_mac[i], 16U),
( "failure (wrong MAC)\n" ) ); ("failure (wrong MAC)\n"));
mbedtls_chachapoly_free( &ctx ); mbedtls_chachapoly_free(&ctx);
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "passed\n" ); mbedtls_printf("passed\n");
}
} }
if( verbose != 0 ) if (verbose != 0) {
mbedtls_printf( "\n" ); mbedtls_printf("\n");
}
return( 0 ); return 0;
} }
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */

Some files were not shown because too many files have changed in this diff Show More