Merge remote-tracking branch 'upstream-public/development' into no-generated-files-3.0

Conflicts: generated files that are removed in this branch and have changed in development. Resolved by keeping the files removed.
2025-12-24 17:41:01 +03:00 · 2021-05-20 10:40:48 +02:00
parent a13deaf986 729fa5be88
commit eb30b0cc39
30 changed files with 75 additions and 187 deletions
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -21,12 +21,6 @@

 #if defined(MBEDTLS_ENTROPY_C)

-#if defined(MBEDTLS_TEST_NULL_ENTROPY)
-#warning "**** WARNING!  MBEDTLS_TEST_NULL_ENTROPY defined! "
-#warning "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES "
-#warning "**** THIS BUILD IS *NOT* SUITABLE FOR PRODUCTION USE "
-#endif
-
 #include "mbedtls/entropy.h"
 #include "entropy_poll.h"
 #include "mbedtls/platform_util.h"
@@ -73,11 +67,6 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
    /* Reminder: Update ENTROPY_HAVE_STRONG in the test files
     *           when adding more strong entropy sources here. */

-#if defined(MBEDTLS_TEST_NULL_ENTROPY)
-    mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL,
-                                1, MBEDTLS_ENTROPY_SOURCE_STRONG );
-#endif
-
 #if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
 #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
    mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
@@ -524,7 +513,6 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *
 #endif /* MBEDTLS_FS_IO */

 #if defined(MBEDTLS_SELF_TEST)
-#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
 /*
 * Dummy source function
 */
@@ -538,7 +526,6 @@ static int entropy_dummy_source( void *data, unsigned char *output,

    return( 0 );
 }
-#endif /* !MBEDTLS_TEST_NULL_ENTROPY */

 #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)

@@ -646,17 +633,14 @@ cleanup:
 int mbedtls_entropy_self_test( int verbose )
 {
    int ret = 1;
-#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
    mbedtls_entropy_context ctx;
    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
    unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
    size_t i, j;
-#endif /* !MBEDTLS_TEST_NULL_ENTROPY */

    if( verbose != 0 )
        mbedtls_printf( "  ENTROPY test: " );

-#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
    mbedtls_entropy_init( &ctx );

    /* First do a gather to make sure we have default sources */
@@ -704,7 +688,6 @@ int mbedtls_entropy_self_test( int verbose )

 cleanup:
    mbedtls_entropy_free( &ctx );
-#endif /* !MBEDTLS_TEST_NULL_ENTROPY */

    if( verbose != 0 )
    {
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -211,23 +211,6 @@ int mbedtls_platform_entropy_poll( void *data,
 #endif /* _WIN32 && !EFIX64 && !EFI32 */
 #endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */

-#if defined(MBEDTLS_TEST_NULL_ENTROPY)
-int mbedtls_null_entropy_poll( void *data,
-                    unsigned char *output, size_t len, size_t *olen )
-{
-    ((void) data);
-    ((void) output);
-
-    *olen = 0;
-    if( len < sizeof(unsigned char) )
-        return( 0 );
-
-    output[0] = 0;
-    *olen = sizeof(unsigned char);
-    return( 0 );
-}
-#endif
-
 #if defined(MBEDTLS_TIMING_C)
 int mbedtls_hardclock_poll( void *data,
                    unsigned char *output, size_t len, size_t *olen )
--- a/library/entropy_poll.h
+++ b/library/entropy_poll.h
@@ -43,14 +43,6 @@ extern "C" {
 #define MBEDTLS_ENTROPY_MIN_HARDWARE     32     /**< Minimum for the hardware source */
 #endif

-/**
- * \brief           Entropy poll callback that provides 0 entropy.
- */
-#if defined(MBEDTLS_TEST_NULL_ENTROPY)
-    int mbedtls_null_entropy_poll( void *data,
-                                unsigned char *output, size_t len, size_t *olen );
-#endif
-
 #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
 /**
 * \brief           Platform-specific entropy poll callback
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -71,7 +71,7 @@ extern "C" {
 *
 * \param feature  The feature to detect
 *
- * \return         1 if CPU has support for the feature, 0 otherwise
+ * \return         non-zero if CPU has support for the feature, 0 otherwise
 */
 int mbedtls_padlock_has_support( int feature );

--- a/library/sha256.c
+++ b/library/sha256.c
@@ -332,7 +332,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
 * SHA-256 final digest
 */
 int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
-                               unsigned char output[32] )
+                               unsigned char *output )
 {
    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
    uint32_t used;
@@ -401,7 +401,7 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
 */
 int mbedtls_sha256_ret( const unsigned char *input,
                        size_t ilen,
-                        unsigned char output[32],
+                        unsigned char *output,
                        int is224 )
 {
    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -380,7 +380,7 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
 * SHA-512 final digest
 */
 int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
-                               unsigned char output[64] )
+                               unsigned char *output )
 {
    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
    unsigned used;
@@ -453,7 +453,7 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
 */
 int mbedtls_sha512_ret( const unsigned char *input,
                    size_t ilen,
-                    unsigned char output[64],
+                    unsigned char *output,
                    int is384 )
 {
    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -86,7 +86,6 @@ int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl )
    return( 0 );
 }

-#if defined(MBEDTLS_SSL_RECORD_CHECKING)
 static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
                                    unsigned char *buf,
                                    size_t len,
@@ -150,7 +149,6 @@ exit:
    MBEDTLS_SSL_DEBUG_MSG( 1, ( "<= mbedtls_ssl_check_record" ) );
    return( ret );
 }
-#endif /* MBEDTLS_SSL_RECORD_CHECKING */

 #define SSL_DONT_FORCE_FLUSH 0
 #define SSL_FORCE_FLUSH      1
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2898,8 +2898,6 @@ static void ssl_calc_finished_tls_sha256(

 #if defined(MBEDTLS_SHA512_C)

-typedef int (*finish_sha384_t)(mbedtls_sha512_context*, unsigned char*);
-
 static void ssl_calc_finished_tls_sha384(
                mbedtls_ssl_context *ssl, unsigned char *buf, int from )
 {
@@ -2958,13 +2956,7 @@ static void ssl_calc_finished_tls_sha384(
    MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *)
                   sha512.state, sizeof( sha512.state ) );
 #endif
-    /*
-     * For SHA-384, we can save 16 bytes by keeping padbuf 48 bytes long.
-     * However, to avoid stringop-overflow warning in gcc, we have to cast
-     * mbedtls_sha512_finish_ret().
-     */
-    finish_sha384_t finish = (finish_sha384_t)mbedtls_sha512_finish_ret;
-    finish( &sha512, padbuf );
+    mbedtls_sha512_finish_ret( &sha512, padbuf );

    mbedtls_sha512_free( &sha512 );
 #endif