lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-05 00:22:11 +03:00
Code

Merge pull request #6491 from davidhorstmann-arm/2.28-fix-unusual-macros-0

Browse Source 
[Backport-ish 2.28] Fix unusual macros
This commit is contained in:
Gilles Peskine 2022-11-03 10:29:06 +01:00 committed by GitHub
commit c4698502d6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 160 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
library/aria.c
View File

@ -888,15 +888,17 @@ static const uint8_t aria_test2_ctr_ct[3][48] = // CTR ciphertext
}; };
#endif /* MBEDTLS_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#define ARIA_SELF_TEST_IF_FAIL \ #define ARIA_SELF_TEST_ASSERT( cond ) \
{ \ do { \
if( verbose ) \ if( cond ) { \
mbedtls_printf( "failed\n" ); \ if( verbose ) \
goto exit; \ mbedtls_printf( "failed\n" ); \
} else { \ goto exit; \
if( verbose ) \ } else { \
mbedtls_printf( "passed\n" ); \ if( verbose ) \
} mbedtls_printf( "passed\n" ); \
} \
} while( 0 )
/* /*
* Checkup routine * Checkup routine
@ -930,16 +932,18 @@ int mbedtls_aria_self_test( int verbose )
mbedtls_printf( " ARIA-ECB-%d (enc): ", 128 + 64 * i ); mbedtls_printf( " ARIA-ECB-%d (enc): ", 128 + 64 * i );
mbedtls_aria_setkey_enc( &ctx, aria_test1_ecb_key, 128 + 64 * i ); mbedtls_aria_setkey_enc( &ctx, aria_test1_ecb_key, 128 + 64 * i );
mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_pt, blk ); mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_pt, blk );
if( memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE ) != 0 ) ARIA_SELF_TEST_ASSERT(
ARIA_SELF_TEST_IF_FAIL; memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE )
!= 0 );
/* test ECB decryption */ /* test ECB decryption */
if( verbose ) if( verbose )
mbedtls_printf( " ARIA-ECB-%d (dec): ", 128 + 64 * i ); mbedtls_printf( " ARIA-ECB-%d (dec): ", 128 + 64 * i );
mbedtls_aria_setkey_dec( &ctx, aria_test1_ecb_key, 128 + 64 * i ); mbedtls_aria_setkey_dec( &ctx, aria_test1_ecb_key, 128 + 64 * i );
mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_ct[i], blk ); mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_ct[i], blk );
if( memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE ) != 0 ) ARIA_SELF_TEST_ASSERT(
ARIA_SELF_TEST_IF_FAIL; memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE )
!= 0 );
} }
if( verbose ) if( verbose )
mbedtls_printf( "\n" ); mbedtls_printf( "\n" );
@ -958,8 +962,8 @@ int mbedtls_aria_self_test( int verbose )
memset( buf, 0x55, sizeof( buf ) ); memset( buf, 0x55, sizeof( buf ) );
mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv, mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv,
aria_test2_pt, buf ); aria_test2_pt, buf );
if( memcmp( buf, aria_test2_cbc_ct[i], 48 ) != 0 ) ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_cbc_ct[i], 48 )
ARIA_SELF_TEST_IF_FAIL; != 0 );
/* Test CBC decryption */ /* Test CBC decryption */
if( verbose ) if( verbose )
@ -969,8 +973,7 @@ int mbedtls_aria_self_test( int verbose )
memset( buf, 0xAA, sizeof( buf ) ); memset( buf, 0xAA, sizeof( buf ) );
mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, 48, iv, mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, 48, iv,
aria_test2_cbc_ct[i], buf ); aria_test2_cbc_ct[i], buf );
if( memcmp( buf, aria_test2_pt, 48 ) != 0 ) ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 );
ARIA_SELF_TEST_IF_FAIL;
} }
if( verbose ) if( verbose )
mbedtls_printf( "\n" ); mbedtls_printf( "\n" );
@ -989,8 +992,7 @@ int mbedtls_aria_self_test( int verbose )
j = 0; j = 0;
mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv, mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv,
aria_test2_pt, buf ); aria_test2_pt, buf );
if( memcmp( buf, aria_test2_cfb_ct[i], 48 ) != 0 ) ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_cfb_ct[i], 48 ) != 0 );
ARIA_SELF_TEST_IF_FAIL;
/* Test CFB decryption */ /* Test CFB decryption */
if( verbose ) if( verbose )
@ -1001,8 +1003,7 @@ int mbedtls_aria_self_test( int verbose )
j = 0; j = 0;
mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, 48, &j, mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, 48, &j,
iv, aria_test2_cfb_ct[i], buf ); iv, aria_test2_cfb_ct[i], buf );
if( memcmp( buf, aria_test2_pt, 48 ) != 0 ) ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 );
ARIA_SELF_TEST_IF_FAIL;
} }
if( verbose ) if( verbose )
mbedtls_printf( "\n" ); mbedtls_printf( "\n" );
@ -1020,8 +1021,7 @@ int mbedtls_aria_self_test( int verbose )
j = 0; j = 0;
mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk, mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk,
aria_test2_pt, buf ); aria_test2_pt, buf );
if( memcmp( buf, aria_test2_ctr_ct[i], 48 ) != 0 ) ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_ctr_ct[i], 48 ) != 0 );
ARIA_SELF_TEST_IF_FAIL;
/* Test CTR decryption */ /* Test CTR decryption */
if( verbose ) if( verbose )
@ -1032,8 +1032,7 @@ int mbedtls_aria_self_test( int verbose )
j = 0; j = 0;
mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk, mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk,
aria_test2_ctr_ct[i], buf ); aria_test2_ctr_ct[i], buf );
if( memcmp( buf, aria_test2_pt, 48 ) != 0 ) ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 );
ARIA_SELF_TEST_IF_FAIL;
} }
if( verbose ) if( verbose )
mbedtls_printf( "\n" ); mbedtls_printf( "\n" );

6
library/asn1write.c
View File

@ -72,9 +72,11 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len
return( 4 ); return( 4 );
} }
int len_is_valid = 1;
#if SIZE_MAX > 0xFFFFFFFF #if SIZE_MAX > 0xFFFFFFFF
if( len <= 0xFFFFFFFF ) len_is_valid = ( len <= 0xFFFFFFFF );
#endif #endif
if( len_is_valid )
{ {
if( *p - start < 5 ) if( *p - start < 5 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
@ -87,9 +89,7 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len
return( 5 ); return( 5 );
} }
#if SIZE_MAX > 0xFFFFFFFF
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
#endif
} }
int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag ) int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )

6
library/ecdh.c
View File

@ -77,10 +77,12 @@ static int ecdh_gen_public_restartable( mbedtls_ecp_group *grp,
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* If multiplication is in progress, we already generated a privkey */ int restarting = 0;
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
if( rs_ctx == NULL || rs_ctx->rsm == NULL ) restarting = ( rs_ctx != NULL && rs_ctx->rsm != NULL );
#endif #endif
/* If multiplication is in progress, we already generated a privkey */
if( !restarting )
MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, Q, d, &grp->G, MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, Q, d, &grp->G,

39
library/ecp.c
View File

@ -2048,9 +2048,13 @@ static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R
i = d; i = d;
MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, T_size, x[i] ) ); MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, T_size, x[i] ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) );
int have_rng = 1;
#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
if( f_rng != 0 ) if( f_rng == 0 )
have_rng = 0;
#endif #endif
if( have_rng )
MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) );
} }
@ -2184,9 +2188,12 @@ final_norm:
* *
* Avoid the leak by randomizing coordinates before we normalize them. * Avoid the leak by randomizing coordinates before we normalize them.
*/ */
int have_rng = 1;
#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
if( f_rng != 0 ) if( f_rng == 0 )
have_rng = 0;
#endif #endif
if( have_rng )
MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, RR, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, RR, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, RR ) ); MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, RR ) );
@ -2395,12 +2402,14 @@ cleanup:
mbedtls_free( T ); mbedtls_free( T );
} }
/* don't free R while in progress in case R == P */
#if defined(MBEDTLS_ECP_RESTARTABLE)
if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
#endif
/* prevent caller from using invalid value */ /* prevent caller from using invalid value */
if( ret != 0 ) int should_free_R = ( ret != 0 );
#if defined(MBEDTLS_ECP_RESTARTABLE)
/* don't free R while in progress in case R == P */
if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
should_free_R = 0;
#endif
if( should_free_R )
mbedtls_ecp_point_free( R ); mbedtls_ecp_point_free( R );
ECP_RS_LEAVE( rsm ); ECP_RS_LEAVE( rsm );
@ -2588,9 +2597,12 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
MOD_ADD( RP.X ); MOD_ADD( RP.X );
/* Randomize coordinates of the starting point */ /* Randomize coordinates of the starting point */
int have_rng = 1;
#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
if( f_rng != NULL ) if( f_rng == NULL )
have_rng = 0;
#endif #endif
if( have_rng )
MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) );
/* Loop invariant: R = result so far, RP = R + P */ /* Loop invariant: R = result so far, RP = R + P */
@ -2623,9 +2635,12 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
* *
* Avoid the leak by randomizing coordinates before we normalize them. * Avoid the leak by randomizing coordinates before we normalize them.
*/ */
have_rng = 1;
#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
if( f_rng != NULL ) if( f_rng == NULL )
have_rng = 0;
#endif #endif
if( have_rng )
MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) ); MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) );
@ -2672,10 +2687,12 @@ int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) ); MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) );
#endif /* MBEDTLS_ECP_INTERNAL_ALT */ #endif /* MBEDTLS_ECP_INTERNAL_ALT */
int restarting = 0;
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
/* skip argument check when restarting */ restarting = ( rs_ctx != NULL && rs_ctx->rsm != NULL );
if( rs_ctx == NULL || rs_ctx->rsm == NULL )
#endif #endif
/* skip argument check when restarting */
if( !restarting )
{ {
/* check_privkey is free */ /* check_privkey is free */
MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_CHK ); MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_CHK );

4
library/sha512.c
View File

@ -418,9 +418,11 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
sha512_put_uint64_be( ctx->state[4], output, 32 ); sha512_put_uint64_be( ctx->state[4], output, 32 );
sha512_put_uint64_be( ctx->state[5], output, 40 ); sha512_put_uint64_be( ctx->state[5], output, 40 );
int truncated = 0;
#if !defined(MBEDTLS_SHA512_NO_SHA384) #if !defined(MBEDTLS_SHA512_NO_SHA384)
if( ctx->is384 == 0 ) truncated = ctx->is384;
#endif #endif
if( !truncated )
{ {
sha512_put_uint64_be( ctx->state[6], output, 48 ); sha512_put_uint64_be( ctx->state[6], output, 48 );
sha512_put_uint64_be( ctx->state[7], output, 56 ); sha512_put_uint64_be( ctx->state[7], output, 56 );

30
library/ssl_cli.c
View File

@ -998,9 +998,12 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
return( MBEDTLS_ERR_SSL_NO_RNG ); return( MBEDTLS_ERR_SSL_NO_RNG );
} }
int renegotiating = 0;
#if defined(MBEDTLS_SSL_RENEGOTIATION) #if defined(MBEDTLS_SSL_RENEGOTIATION)
if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
renegotiating = 1;
#endif #endif
if( !renegotiating )
{ {
ssl->major_ver = ssl->conf->min_major_ver; ssl->major_ver = ssl->conf->min_major_ver;
ssl->minor_ver = ssl->conf->min_minor_ver; ssl->minor_ver = ssl->conf->min_minor_ver;
@ -1086,9 +1089,12 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
* RFC 5077 section 3.4: "When presenting a ticket, the client MAY * RFC 5077 section 3.4: "When presenting a ticket, the client MAY
* generate and include a Session ID in the TLS ClientHello." * generate and include a Session ID in the TLS ClientHello."
*/ */
renegotiating = 0;
#if defined(MBEDTLS_SSL_RENEGOTIATION) #if defined(MBEDTLS_SSL_RENEGOTIATION)
if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
renegotiating = 1;
#endif #endif
if( !renegotiating )
{ {
if( ssl->session_negotiate->ticket != NULL && if( ssl->session_negotiate->ticket != NULL &&
ssl->session_negotiate->ticket_len != 0 ) ssl->session_negotiate->ticket_len != 0 )
@ -1203,9 +1209,12 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
/* /*
* Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
*/ */
renegotiating = 0;
#if defined(MBEDTLS_SSL_RENEGOTIATION) #if defined(MBEDTLS_SSL_RENEGOTIATION)
if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
renegotiating = 1;
#endif #endif
if( !renegotiating )
{ {
MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) );
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
@ -2235,20 +2244,23 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
*/ */
comp = buf[37 + n]; comp = buf[37 + n];
int bad_comp = 0;
#if defined(MBEDTLS_ZLIB_SUPPORT) #if defined(MBEDTLS_ZLIB_SUPPORT)
/* See comments in ssl_write_client_hello() */ /* See comments in ssl_write_client_hello() */
accept_comp = 1;
#if defined(MBEDTLS_SSL_PROTO_DTLS) #if defined(MBEDTLS_SSL_PROTO_DTLS)
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
accept_comp = 0; accept_comp = 0;
else
#endif #endif
accept_comp = 1;
if( comp != MBEDTLS_SSL_COMPRESS_NULL && if( comp != MBEDTLS_SSL_COMPRESS_NULL &&
( comp != MBEDTLS_SSL_COMPRESS_DEFLATE || accept_comp == 0 ) ) ( comp != MBEDTLS_SSL_COMPRESS_DEFLATE || accept_comp == 0 ) )
bad_comp = 1;
#else /* MBEDTLS_ZLIB_SUPPORT */ #else /* MBEDTLS_ZLIB_SUPPORT */
if( comp != MBEDTLS_SSL_COMPRESS_NULL ) if( comp != MBEDTLS_SSL_COMPRESS_NULL )
bad_comp = 1;
#endif/* MBEDTLS_ZLIB_SUPPORT */ #endif/* MBEDTLS_ZLIB_SUPPORT */
if( bad_comp )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, MBEDTLS_SSL_DEBUG_MSG( 1,
( "server hello, bad compression: %d", comp ) ); ( "server hello, bad compression: %d", comp ) );
@ -2692,12 +2704,16 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) );
int bad_params = 0;
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_C)
if( mbedtls_ssl_check_curve( ssl, grp_id ) != 0 ) if( mbedtls_ssl_check_curve( ssl, grp_id ) != 0 )
bad_params = 1;
#else #else
if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
ssl->handshake->ecdh_ctx.grp.nbits > 521 ) ssl->handshake->ecdh_ctx.grp.nbits > 521 )
bad_params = 1;
#endif #endif
if( bad_params )
return( -1 ); return( -1 );
MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
@ -3451,9 +3467,11 @@ start_processing:
if( ( ret = mbedtls_pk_verify_restartable( peer_pk, if( ( ret = mbedtls_pk_verify_restartable( peer_pk,
md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 ) md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 )
{ {
int send_alert_msg = 1;
#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) send_alert_msg = ( ret != MBEDTLS_ERR_ECP_IN_PROGRESS );
#endif #endif
if( send_alert_msg )
mbedtls_ssl_send_alert_message( mbedtls_ssl_send_alert_message(
ssl, ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_LEVEL_FATAL,

11
library/ssl_msg.c
View File

@ -435,9 +435,12 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data,
unsigned char *cur = add_data; unsigned char *cur = add_data;
int is_tls13 = 0;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
if( minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ) if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
is_tls13 = 1;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
if( !is_tls13 )
{ {
((void) minor_ver); ((void) minor_ver);
memcpy( cur, rec->ctr, sizeof( rec->ctr ) ); memcpy( cur, rec->ctr, sizeof( rec->ctr ) );
@ -3944,8 +3947,8 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
if( ssl_record_is_in_progress( ssl ) == 0 ) if( ssl_record_is_in_progress( ssl ) == 0 )
{ {
int dtls_have_buffered = 0;
#if defined(MBEDTLS_SSL_PROTO_DTLS) #if defined(MBEDTLS_SSL_PROTO_DTLS)
int have_buffered = 0;
/* We only check for buffered messages if the /* We only check for buffered messages if the
* current datagram is fully consumed. */ * current datagram is fully consumed. */
@ -3953,11 +3956,11 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
ssl_next_record_is_in_datagram( ssl ) == 0 ) ssl_next_record_is_in_datagram( ssl ) == 0 )
{ {
if( ssl_load_buffered_message( ssl ) == 0 ) if( ssl_load_buffered_message( ssl ) == 0 )
have_buffered = 1; dtls_have_buffered = 1;
} }
if( have_buffered == 0 )
#endif /* MBEDTLS_SSL_PROTO_DTLS */ #endif /* MBEDTLS_SSL_PROTO_DTLS */
if( dtls_have_buffered == 0 )
{ {
ret = ssl_get_next_record( ssl ); ret = ssl_get_next_record( ssl );
if( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ) if( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING )

10
library/ssl_srv.c
View File

@ -1454,6 +1454,7 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) );
int renegotiating = 0;
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
read_record_header: read_record_header:
#endif #endif
@ -1463,8 +1464,10 @@ read_record_header:
* ClientHello, which doesn't use the same record layer format. * ClientHello, which doesn't use the same record layer format.
*/ */
#if defined(MBEDTLS_SSL_RENEGOTIATION) #if defined(MBEDTLS_SSL_RENEGOTIATION)
if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
renegotiating = 1;
#endif #endif
if( !renegotiating )
{ {
if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 ) if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 )
{ {
@ -1477,9 +1480,12 @@ read_record_header:
buf = ssl->in_hdr; buf = ssl->in_hdr;
#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) #if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
int is_dtls = 0;
#if defined(MBEDTLS_SSL_PROTO_DTLS) #if defined(MBEDTLS_SSL_PROTO_DTLS)
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
is_dtls = 1;
#endif #endif
if( !is_dtls )
if( ( buf[0] & 0x80 ) != 0 ) if( ( buf[0] & 0x80 ) != 0 )
return( ssl_parse_client_hello_v2( ssl ) ); return( ssl_parse_client_hello_v2( ssl ) );
#endif #endif

20
library/ssl_ticket.c
View File

@ -146,7 +146,10 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES ) if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
int do_mbedtls_cipher_setup = 1;
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
do_mbedtls_cipher_setup = 0;
ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx, ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx,
cipher_info, TICKET_AUTH_TAG_BYTES ); cipher_info, TICKET_AUTH_TAG_BYTES );
if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
@ -154,19 +157,28 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
/* We don't yet expect to support all ciphers through PSA, /* We don't yet expect to support all ciphers through PSA,
* so allow fallback to ordinary mbedtls_cipher_setup(). */ * so allow fallback to ordinary mbedtls_cipher_setup(). */
if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
do_mbedtls_cipher_setup = 1;
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 ) if( do_mbedtls_cipher_setup )
return( ret ); if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) )
!= 0 )
return( ret );
do_mbedtls_cipher_setup = 1;
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
do_mbedtls_cipher_setup = 0;
ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx, ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx,
cipher_info, TICKET_AUTH_TAG_BYTES ); cipher_info, TICKET_AUTH_TAG_BYTES );
if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
return( ret ); return( ret );
if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
do_mbedtls_cipher_setup = 1;
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 ) if( do_mbedtls_cipher_setup )
return( ret ); if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) )
!= 0 )
return( ret );
if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 || if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 ||
( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 ) ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 )

29
library/ssl_tls.c
View File

@ -981,6 +981,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
int psa_fallthrough; int psa_fallthrough;
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
int do_mbedtls_cipher_setup;
unsigned char keyblk[256]; unsigned char keyblk[256];
unsigned char *key1; unsigned char *key1;
unsigned char *key2; unsigned char *key2;
@ -1359,6 +1360,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
} }
#endif #endif
do_mbedtls_cipher_setup = 1;
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
/* Only use PSA-based ciphers for TLS-1.2. /* Only use PSA-based ciphers for TLS-1.2.
@ -1394,15 +1396,18 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
psa_fallthrough = 1; psa_fallthrough = 1;
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
if( psa_fallthrough == 1 ) if( psa_fallthrough == 0 )
do_mbedtls_cipher_setup = 0;
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc, if( do_mbedtls_cipher_setup &&
cipher_info ) ) != 0 ) ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc,
cipher_info ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret );
goto end; goto end;
} }
do_mbedtls_cipher_setup = 1;
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
/* Only use PSA-based ciphers for TLS-1.2. /* Only use PSA-based ciphers for TLS-1.2.
* That's relevant at least for TLS-1.0, where * That's relevant at least for TLS-1.0, where
@ -1437,10 +1442,12 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
psa_fallthrough = 1; psa_fallthrough = 1;
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
if( psa_fallthrough == 1 ) if( psa_fallthrough == 0 )
do_mbedtls_cipher_setup = 0;
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec, if( do_mbedtls_cipher_setup &&
cipher_info ) ) != 0 ) ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec,
cipher_info ) ) != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret );
goto end; goto end;
@ -4085,9 +4092,12 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial )
memset( ssl->out_buf, 0, out_buf_len ); memset( ssl->out_buf, 0, out_buf_len );
int clear_in_buf = 1;
#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
if( partial == 0 ) if( partial != 0 )
clear_in_buf = 0;
#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ #endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
if( clear_in_buf )
{ {
ssl->in_left = 0; ssl->in_left = 0;
memset( ssl->in_buf, 0, in_buf_len ); memset( ssl->in_buf, 0, in_buf_len );
@ -4124,9 +4134,12 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial )
#endif #endif
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
int free_cli_id = 1;
#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
if( partial == 0 ) if( partial != 0 )
free_cli_id = 0;
#endif #endif
if( free_cli_id )
{ {
mbedtls_free( ssl->cli_id ); mbedtls_free( ssl->cli_id );
ssl->cli_id = NULL; ssl->cli_id = NULL;

5
library/x509_crt.c
View File

@ -1258,9 +1258,12 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt,
} }
} }
int extensions_allowed = 1;
#if !defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) #if !defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3)
if( crt->version == 3 ) if( crt->version != 3 )
extensions_allowed = 0;
#endif #endif
if( extensions_allowed )
{ {
ret = x509_get_crt_ext( &p, end, crt, cb, p_ctx ); ret = x509_get_crt_ext( &p, end, crt, cb, p_ctx );
if( ret != 0 ) if( ret != 0 )

16
programs/ssl/ssl_client2.c
View File

@ -1573,15 +1573,17 @@ int main( int argc, char *argv[] )
if( ret != 0 ) if( ret != 0 )
break; break;
} }
if( ret == 0 )
#endif /* MBEDTLS_PEM_PARSE_C */ #endif /* MBEDTLS_PEM_PARSE_C */
for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ ) if( ret == 0 )
{ {
ret = mbedtls_x509_crt_parse_der( &cacert, for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ )
(const unsigned char *) mbedtls_test_cas_der[i], {
mbedtls_test_cas_der_len[i] ); ret = mbedtls_x509_crt_parse_der( &cacert,
if( ret != 0 ) (const unsigned char *) mbedtls_test_cas_der[i],
break; mbedtls_test_cas_der_len[i] );
if( ret != 0 )
break;
}
} }
} }
#else #else

16
programs/ssl/ssl_server2.c
View File

@ -2377,15 +2377,17 @@ int main( int argc, char *argv[] )
if( ret != 0 ) if( ret != 0 )
break; break;
} }
if( ret == 0 )
#endif /* MBEDTLS_PEM_PARSE_C */ #endif /* MBEDTLS_PEM_PARSE_C */
for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ ) if( ret == 0 )
{ {
ret = mbedtls_x509_crt_parse_der( &cacert, for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ )
(const unsigned char *) mbedtls_test_cas_der[i], {
mbedtls_test_cas_der_len[i] ); ret = mbedtls_x509_crt_parse_der( &cacert,
if( ret != 0 ) (const unsigned char *) mbedtls_test_cas_der[i],
break; mbedtls_test_cas_der_len[i] );
if( ret != 0 )
break;
}
} }
} }
#else #else