early-access version 1676
This commit is contained in:
parent
97603cd694
commit
63199acc4d
@ -1,7 +1,7 @@
|
||||
yuzu emulator early access
|
||||
=============
|
||||
|
||||
This is the source code for early-access 1675.
|
||||
This is the source code for early-access 1676.
|
||||
|
||||
## Legal Notice
|
||||
|
||||
|
3
externals/mbedtls/CMakeLists.txt
vendored
3
externals/mbedtls/CMakeLists.txt
vendored
@ -157,6 +157,9 @@ if(CMAKE_COMPILER_IS_IAR)
|
||||
endif(CMAKE_COMPILER_IS_IAR)
|
||||
|
||||
if(CMAKE_COMPILER_IS_MSVC)
|
||||
# Compile with UTF-8 encoding (REMOVE THIS COMMIT ONCE A FIX IS DEPLOYED UPSTREAM)
|
||||
add_compile_options(/utf-8)
|
||||
|
||||
# Strictest warnings, and treat as errors
|
||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3")
|
||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX")
|
||||
|
47
externals/mbedtls/ChangeLog
vendored
47
externals/mbedtls/ChangeLog
vendored
@ -1,5 +1,52 @@
|
||||
mbed TLS ChangeLog (Sorted per branch, date)
|
||||
|
||||
= mbed TLS 2.16.10 branch released 2021-03-12
|
||||
|
||||
Default behavior changes
|
||||
* In mbedtls_rsa_context objects, the ver field was formerly documented
|
||||
as always 0. It is now reserved for internal purposes and may take
|
||||
different values.
|
||||
|
||||
Security
|
||||
* Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
|
||||
|A| - |B| where |B| is larger than |A| and has more limbs (so the
|
||||
function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only
|
||||
applications calling mbedtls_mpi_sub_abs() directly are affected:
|
||||
all calls inside the library were safe since this function is
|
||||
only called with |A| >= |B|. Reported by Guido Vranken in #4042.
|
||||
* Fix an errorneous estimation for an internal buffer in
|
||||
mbedtls_pk_write_key_pem(). If MBEDTLS_MPI_MAX_SIZE is set to an odd
|
||||
value the function might fail to write a private RSA keys of the largest
|
||||
supported size.
|
||||
Found by Daniel Otte, reported in #4093 and fixed in #4094,
|
||||
backported in #4100.
|
||||
* Fix a stack buffer overflow with mbedtls_net_poll() and
|
||||
mbedtls_net_recv_timeout() when given a file descriptor that is
|
||||
beyond FD_SETSIZE. Reported by FigBug in #4169.
|
||||
* Guard against strong local side channel attack against base64 tables by
|
||||
making access aceess to them use constant flow code.
|
||||
|
||||
Bugfix
|
||||
* Fix an incorrect error code if an RSA private operation glitched.
|
||||
* Fix a resource leak in CTR_DRBG and HMAC_DRBG when MBEDTLS_THREADING_C
|
||||
is enabled, on platforms where initializing a mutex allocates resources.
|
||||
This was a regression introduced in the previous release. Reported in
|
||||
#4017, #4045 and #4071.
|
||||
* Ensure that calling mbedtls_rsa_free() or mbedtls_entropy_free()
|
||||
twice is safe. This happens for RSA when some Mbed TLS library functions
|
||||
fail. Such a double-free was not safe when MBEDTLS_THREADING_C was
|
||||
enabled on platforms where freeing a mutex twice is not safe.
|
||||
* Fix a resource leak in a bad-arguments case of mbedtls_rsa_gen_key()
|
||||
when MBEDTLS_THREADING_C is enabled on platforms where initializing
|
||||
a mutex allocates resources.
|
||||
* This change makes 'mbedtls_x509write_crt_set_basic_constraints'
|
||||
consistent with RFC 5280 4.2.1.9 which says: "Conforming CAs MUST
|
||||
include this extension in all CA certificates that contain public keys
|
||||
used to validate digital signatures on certificates and MUST mark the
|
||||
extension as critical in such certificates." Previous to this change,
|
||||
the extension was always marked as non-critical. This was fixed by
|
||||
#4044.
|
||||
|
||||
= mbed TLS 2.16.9 branch released 2020-12-11
|
||||
|
||||
Security
|
||||
|
3
externals/mbedtls/ChangeLog.d/add-missing-parenthesis.txt
vendored
Executable file
3
externals/mbedtls/ChangeLog.d/add-missing-parenthesis.txt
vendored
Executable file
@ -0,0 +1,3 @@
|
||||
Bugfix
|
||||
* Fix a compilation error when MBEDTLS_ECP_RANDOMIZE_MXZ_ALT is
|
||||
defined. Fixes #4217.
|
3
externals/mbedtls/ChangeLog.d/aescrypt2.txt
vendored
Executable file
3
externals/mbedtls/ChangeLog.d/aescrypt2.txt
vendored
Executable file
@ -0,0 +1,3 @@
|
||||
Changes
|
||||
* Remove the AES sample application programs/aes/aescrypt2 which shows
|
||||
bad cryptographic practice. Fix #1906.
|
5
externals/mbedtls/ChangeLog.d/bugfix_PR3616.txt
vendored
Executable file
5
externals/mbedtls/ChangeLog.d/bugfix_PR3616.txt
vendored
Executable file
@ -0,0 +1,5 @@
|
||||
Bugfix
|
||||
* Fix premature fopen() call in mbedtls_entropy_write_seed_file which may
|
||||
lead to the seed file corruption in case if the path to the seed file is
|
||||
equal to MBEDTLS_PLATFORM_STD_NV_SEED_FILE. Contributed by Victor
|
||||
Krasnoshchok in #3616.
|
4
externals/mbedtls/ChangeLog.d/dhm_min_bitlen.txt
vendored
Executable file
4
externals/mbedtls/ChangeLog.d/dhm_min_bitlen.txt
vendored
Executable file
@ -0,0 +1,4 @@
|
||||
Bugfix
|
||||
* In a TLS client, enforce the Diffie-Hellman minimum parameter size
|
||||
set with mbedtls_ssl_conf_dhm_min_bitlen() precisely. Before, the
|
||||
minimum size was rounded down to the nearest multiple of 8.
|
2
externals/mbedtls/ChangeLog.d/dtls_sample_use_read_timeout.txt
vendored
Executable file
2
externals/mbedtls/ChangeLog.d/dtls_sample_use_read_timeout.txt
vendored
Executable file
@ -0,0 +1,2 @@
|
||||
Changes
|
||||
* Fix the setting of the read timeout in the DTLS sample programs.
|
2
externals/mbedtls/ChangeLog.d/fix-pk-parse-key-error-code.txt
vendored
Executable file
2
externals/mbedtls/ChangeLog.d/fix-pk-parse-key-error-code.txt
vendored
Executable file
@ -0,0 +1,2 @@
|
||||
Bugfix
|
||||
* Fix an incorrect error code when parsing a PKCS#8 private key.
|
3
externals/mbedtls/ChangeLog.d/mpi_read_negative_zero.txt
vendored
Executable file
3
externals/mbedtls/ChangeLog.d/mpi_read_negative_zero.txt
vendored
Executable file
@ -0,0 +1,3 @@
|
||||
Bugfix
|
||||
* mbedtls_mpi_read_string on "-0" produced an MPI object that was not treated
|
||||
as equal to 0 in all cases. Fix it to produce the same object as "0".
|
4
externals/mbedtls/Makefile
vendored
4
externals/mbedtls/Makefile
vendored
@ -124,11 +124,11 @@ endif
|
||||
## Editor navigation files
|
||||
C_SOURCE_FILES = $(wildcard include/*/*.h library/*.[hc] programs/*/*.[hc] tests/suites/*.function)
|
||||
# Exuberant-ctags invocation. Other ctags implementations may require different options.
|
||||
CTAGS = ctags --langmap=c:+.h.function -o
|
||||
CTAGS = ctags --langmap=c:+.h.function --line-directives=no -o
|
||||
tags: $(C_SOURCE_FILES)
|
||||
$(CTAGS) $@ $(C_SOURCE_FILES)
|
||||
TAGS: $(C_SOURCE_FILES)
|
||||
etags -o $@ $(C_SOURCE_FILES)
|
||||
etags --no-line-directive -o $@ $(C_SOURCE_FILES)
|
||||
global: GPATH GRTAGS GSYMS GTAGS
|
||||
GPATH GRTAGS GSYMS GTAGS: $(C_SOURCE_FILES)
|
||||
ls $(C_SOURCE_FILES) | gtags -f - --gtagsconf .globalrc
|
||||
|
@ -49,7 +49,7 @@
|
||||
*/
|
||||
|
||||
/**
|
||||
* @mainpage mbed TLS v2.16.9 source code documentation
|
||||
* @mainpage mbed TLS v2.16.10 source code documentation
|
||||
*
|
||||
* This documentation describes the internal structure of mbed TLS. It was
|
||||
* automatically generated from specially formatted comment blocks in
|
||||
|
2
externals/mbedtls/doxygen/mbedtls.doxyfile
vendored
2
externals/mbedtls/doxygen/mbedtls.doxyfile
vendored
@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8
|
||||
# identify the project. Note that if you do not use Doxywizard you need
|
||||
# to put quotes around the project name if it contains spaces.
|
||||
|
||||
PROJECT_NAME = "mbed TLS v2.16.9"
|
||||
PROJECT_NAME = "mbed TLS v2.16.10"
|
||||
|
||||
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
|
||||
# This could be handy for archiving the generated documentation or
|
||||
|
8
externals/mbedtls/include/mbedtls/version.h
vendored
8
externals/mbedtls/include/mbedtls/version.h
vendored
@ -65,16 +65,16 @@
|
||||
*/
|
||||
#define MBEDTLS_VERSION_MAJOR 2
|
||||
#define MBEDTLS_VERSION_MINOR 16
|
||||
#define MBEDTLS_VERSION_PATCH 9
|
||||
#define MBEDTLS_VERSION_PATCH 10
|
||||
|
||||
/**
|
||||
* The single version number has the following structure:
|
||||
* MMNNPP00
|
||||
* Major version | Minor version | Patch version
|
||||
*/
|
||||
#define MBEDTLS_VERSION_NUMBER 0x02100900
|
||||
#define MBEDTLS_VERSION_STRING "2.16.9"
|
||||
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.9"
|
||||
#define MBEDTLS_VERSION_NUMBER 0x02100A00
|
||||
#define MBEDTLS_VERSION_STRING "2.16.10"
|
||||
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.10"
|
||||
|
||||
#if defined(MBEDTLS_VERSION_C)
|
||||
|
||||
|
6
externals/mbedtls/library/CMakeLists.txt
vendored
6
externals/mbedtls/library/CMakeLists.txt
vendored
@ -165,15 +165,15 @@ endif(USE_STATIC_MBEDTLS_LIBRARY)
|
||||
|
||||
if(USE_SHARED_MBEDTLS_LIBRARY)
|
||||
add_library(mbedcrypto SHARED ${src_crypto})
|
||||
set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.9 SOVERSION 3)
|
||||
set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.10 SOVERSION 3)
|
||||
target_link_libraries(mbedcrypto ${libs})
|
||||
|
||||
add_library(mbedx509 SHARED ${src_x509})
|
||||
set_target_properties(mbedx509 PROPERTIES VERSION 2.16.9 SOVERSION 0)
|
||||
set_target_properties(mbedx509 PROPERTIES VERSION 2.16.10 SOVERSION 0)
|
||||
target_link_libraries(mbedx509 ${libs} mbedcrypto)
|
||||
|
||||
add_library(mbedtls SHARED ${src_tls})
|
||||
set_target_properties(mbedtls PROPERTIES VERSION 2.16.9 SOVERSION 12)
|
||||
set_target_properties(mbedtls PROPERTIES VERSION 2.16.10 SOVERSION 12)
|
||||
target_link_libraries(mbedtls ${libs} mbedx509)
|
||||
|
||||
install(TARGETS mbedtls mbedx509 mbedcrypto
|
||||
|
131
externals/mbedtls/library/base64.c
vendored
131
externals/mbedtls/library/base64.c
vendored
@ -96,6 +96,99 @@ static const unsigned char base64_dec_map[128] =
|
||||
|
||||
#define BASE64_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */
|
||||
|
||||
/*
|
||||
* Constant flow conditional assignment to unsigned char
|
||||
*/
|
||||
static void mbedtls_base64_cond_assign_uchar( unsigned char * dest, const unsigned char * const src,
|
||||
unsigned char condition )
|
||||
{
|
||||
/* MSVC has a warning about unary minus on unsigned integer types,
|
||||
* but this is well-defined and precisely what we want to do here. */
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( push )
|
||||
#pragma warning( disable : 4146 )
|
||||
#endif
|
||||
|
||||
/* Generate bitmask from condition, mask will either be 0xFF or 0 */
|
||||
unsigned char mask = ( condition | -condition );
|
||||
mask >>= 7;
|
||||
mask = -mask;
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( pop )
|
||||
#endif
|
||||
|
||||
*dest = ( ( *src ) & mask ) | ( ( *dest ) & ~mask );
|
||||
}
|
||||
|
||||
/*
|
||||
* Constant flow conditional assignment to uint_32
|
||||
*/
|
||||
static void mbedtls_base64_cond_assign_uint32( uint32_t * dest, const uint32_t src,
|
||||
uint32_t condition )
|
||||
{
|
||||
/* MSVC has a warning about unary minus on unsigned integer types,
|
||||
* but this is well-defined and precisely what we want to do here. */
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( push )
|
||||
#pragma warning( disable : 4146 )
|
||||
#endif
|
||||
|
||||
/* Generate bitmask from condition, mask will either be 0xFFFFFFFF or 0 */
|
||||
uint32_t mask = ( condition | -condition );
|
||||
mask >>= 31;
|
||||
mask = -mask;
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( pop )
|
||||
#endif
|
||||
|
||||
*dest = ( src & mask ) | ( ( *dest ) & ~mask );
|
||||
}
|
||||
|
||||
/*
|
||||
* Constant flow check for equality
|
||||
*/
|
||||
static unsigned char mbedtls_base64_eq( size_t in_a, size_t in_b )
|
||||
{
|
||||
size_t difference = in_a ^ in_b;
|
||||
|
||||
/* MSVC has a warning about unary minus on unsigned integer types,
|
||||
* but this is well-defined and precisely what we want to do here. */
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( push )
|
||||
#pragma warning( disable : 4146 )
|
||||
#endif
|
||||
|
||||
difference |= -difference;
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( pop )
|
||||
#endif
|
||||
|
||||
/* cope with the varying size of size_t per platform */
|
||||
difference >>= ( sizeof( difference ) * 8 - 1 );
|
||||
|
||||
return (unsigned char) ( 1 ^ difference );
|
||||
}
|
||||
|
||||
/*
|
||||
* Constant flow lookup into table.
|
||||
*/
|
||||
static unsigned char mbedtls_base64_table_lookup( const unsigned char * const table,
|
||||
const size_t table_size, const size_t table_index )
|
||||
{
|
||||
size_t i;
|
||||
unsigned char result = 0;
|
||||
|
||||
for( i = 0; i < table_size; ++i )
|
||||
{
|
||||
mbedtls_base64_cond_assign_uchar( &result, &table[i], mbedtls_base64_eq( i, table_index ) );
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/*
|
||||
* Encode a buffer into base64 format
|
||||
*/
|
||||
@ -136,10 +229,17 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
|
||||
C2 = *src++;
|
||||
C3 = *src++;
|
||||
|
||||
*p++ = base64_enc_map[(C1 >> 2) & 0x3F];
|
||||
*p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
|
||||
*p++ = base64_enc_map[(((C2 & 15) << 2) + (C3 >> 6)) & 0x3F];
|
||||
*p++ = base64_enc_map[C3 & 0x3F];
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( ( C1 >> 2 ) & 0x3F ) );
|
||||
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) & 0x3F ) );
|
||||
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) ) & 0x3F ) );
|
||||
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( C3 & 0x3F ) );
|
||||
}
|
||||
|
||||
if( i < slen )
|
||||
@ -147,11 +247,15 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
|
||||
C1 = *src++;
|
||||
C2 = ( ( i + 1 ) < slen ) ? *src++ : 0;
|
||||
|
||||
*p++ = base64_enc_map[(C1 >> 2) & 0x3F];
|
||||
*p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( ( C1 >> 2 ) & 0x3F ) );
|
||||
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) & 0x3F ) );
|
||||
|
||||
if( ( i + 1 ) < slen )
|
||||
*p++ = base64_enc_map[((C2 & 15) << 2) & 0x3F];
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( ( ( C2 & 15 ) << 2 ) & 0x3F ) );
|
||||
else *p++ = '=';
|
||||
|
||||
*p++ = '=';
|
||||
@ -172,6 +276,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
|
||||
size_t i, n;
|
||||
uint32_t j, x;
|
||||
unsigned char *p;
|
||||
unsigned char dec_map_lookup;
|
||||
|
||||
/* First pass: check for validity and get output length */
|
||||
for( i = n = j = 0; i < slen; i++ )
|
||||
@ -202,10 +307,12 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
|
||||
if( src[i] == '=' && ++j > 2 )
|
||||
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
|
||||
|
||||
if( src[i] > 127 || base64_dec_map[src[i]] == 127 )
|
||||
dec_map_lookup = mbedtls_base64_table_lookup( base64_dec_map, sizeof( base64_dec_map ), src[i] );
|
||||
|
||||
if( src[i] > 127 || dec_map_lookup == 127 )
|
||||
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
|
||||
|
||||
if( base64_dec_map[src[i]] < 64 && j != 0 )
|
||||
if( dec_map_lookup < 64 && j != 0 )
|
||||
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
|
||||
|
||||
n++;
|
||||
@ -235,8 +342,10 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
|
||||
if( *src == '\r' || *src == '\n' || *src == ' ' )
|
||||
continue;
|
||||
|
||||
j -= ( base64_dec_map[*src] == 64 );
|
||||
x = ( x << 6 ) | ( base64_dec_map[*src] & 0x3F );
|
||||
dec_map_lookup = mbedtls_base64_table_lookup( base64_dec_map, sizeof( base64_dec_map ), *src );
|
||||
|
||||
mbedtls_base64_cond_assign_uint32( &j, j - 1, mbedtls_base64_eq( dec_map_lookup, 64 ) );
|
||||
x = ( x << 6 ) | ( dec_map_lookup & 0x3F );
|
||||
|
||||
if( ++n == 4 )
|
||||
{
|
||||
|
30
externals/mbedtls/library/bignum.c
vendored
30
externals/mbedtls/library/bignum.c
vendored
@ -500,6 +500,7 @@ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s )
|
||||
{
|
||||
int ret;
|
||||
size_t i, j, slen, n;
|
||||
int sign = 1;
|
||||
mbedtls_mpi_uint d;
|
||||
mbedtls_mpi T;
|
||||
MPI_VALIDATE_RET( X != NULL );
|
||||
@ -510,6 +511,12 @@ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s )
|
||||
|
||||
mbedtls_mpi_init( &T );
|
||||
|
||||
if( s[0] == '-' )
|
||||
{
|
||||
++s;
|
||||
sign = -1;
|
||||
}
|
||||
|
||||
slen = strlen( s );
|
||||
|
||||
if( radix == 16 )
|
||||
@ -524,12 +531,6 @@ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s )
|
||||
|
||||
for( i = slen, j = 0; i > 0; i--, j++ )
|
||||
{
|
||||
if( i == 1 && s[i - 1] == '-' )
|
||||
{
|
||||
X->s = -1;
|
||||
break;
|
||||
}
|
||||
|
||||
MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i - 1] ) );
|
||||
X->p[j / ( 2 * ciL )] |= d << ( ( j % ( 2 * ciL ) ) << 2 );
|
||||
}
|
||||
@ -540,26 +541,15 @@ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s )
|
||||
|
||||
for( i = 0; i < slen; i++ )
|
||||
{
|
||||
if( i == 0 && s[i] == '-' )
|
||||
{
|
||||
X->s = -1;
|
||||
continue;
|
||||
}
|
||||
|
||||
MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i] ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T, X, radix ) );
|
||||
|
||||
if( X->s == 1 )
|
||||
{
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, &T, d ) );
|
||||
}
|
||||
else
|
||||
{
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( X, &T, d ) );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if( sign < 0 && mbedtls_mpi_bitlen( X ) != 0 )
|
||||
X->s = -1;
|
||||
|
||||
cleanup:
|
||||
|
||||
mbedtls_mpi_free( &T );
|
||||
|
2
externals/mbedtls/library/ecp.c
vendored
2
externals/mbedtls/library/ecp.c
vendored
@ -2505,7 +2505,7 @@ static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P
|
||||
|
||||
#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
|
||||
if( mbedtls_internal_ecp_grp_capable( grp ) )
|
||||
return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng );
|
||||
return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng ) );
|
||||
#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */
|
||||
|
||||
p_size = ( grp->pbits + 7 ) / 8;
|
||||
|
4
externals/mbedtls/library/ecp_curves.c
vendored
4
externals/mbedtls/library/ecp_curves.c
vendored
@ -1048,13 +1048,13 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry )
|
||||
|
||||
/*
|
||||
* If the result is negative, we get it in the form
|
||||
* c * 2^(bits + 32) + N, with c negative and N positive shorter than 'bits'
|
||||
* c * 2^bits + N, with c negative and N positive shorter than 'bits'
|
||||
*/
|
||||
static inline int fix_negative( mbedtls_mpi *N, signed char c, mbedtls_mpi *C, size_t bits )
|
||||
{
|
||||
int ret;
|
||||
|
||||
/* C = - c * 2^(bits + 32) */
|
||||
/* C = - c * 2^bits */
|
||||
#if !defined(MBEDTLS_HAVE_INT64)
|
||||
((void) bits);
|
||||
#else
|
||||
|
16
externals/mbedtls/library/entropy.c
vendored
16
externals/mbedtls/library/entropy.c
vendored
@ -494,14 +494,20 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx )
|
||||
int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
|
||||
FILE *f;
|
||||
FILE *f = NULL;
|
||||
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
|
||||
|
||||
if( ( f = fopen( path, "wb" ) ) == NULL )
|
||||
return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
|
||||
|
||||
if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
|
||||
{
|
||||
ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( ( f = fopen( path, "wb" ) ) == NULL )
|
||||
{
|
||||
ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE )
|
||||
{
|
||||
@ -514,7 +520,9 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p
|
||||
exit:
|
||||
mbedtls_platform_zeroize( buf, sizeof( buf ) );
|
||||
|
||||
if( f != NULL )
|
||||
fclose( f );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
|
2
externals/mbedtls/library/pkparse.c
vendored
2
externals/mbedtls/library/pkparse.c
vendored
@ -1070,7 +1070,7 @@ static int pk_parse_key_pkcs8_unencrypted_der(
|
||||
return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION + ret );
|
||||
|
||||
if( ( ret = pk_get_pk_alg( &p, end, &pk_alg, ¶ms ) ) != 0 )
|
||||
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
|
||||
return( ret );
|
||||
|
||||
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
|
||||
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
|
||||
|
8
externals/mbedtls/library/ssl_cli.c
vendored
8
externals/mbedtls/library/ssl_cli.c
vendored
@ -2209,6 +2209,7 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl,
|
||||
unsigned char *end )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
size_t dhm_actual_bitlen;
|
||||
|
||||
/*
|
||||
* Ephemeral DH parameters:
|
||||
@ -2226,10 +2227,11 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl,
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( ssl->handshake->dhm_ctx.len * 8 < ssl->conf->dhm_min_bitlen )
|
||||
dhm_actual_bitlen = mbedtls_mpi_bitlen( &ssl->handshake->dhm_ctx.P );
|
||||
if( dhm_actual_bitlen < ssl->conf->dhm_min_bitlen )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %d < %d",
|
||||
ssl->handshake->dhm_ctx.len * 8,
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %u < %u",
|
||||
(unsigned) dhm_actual_bitlen,
|
||||
ssl->conf->dhm_min_bitlen ) );
|
||||
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
||||
}
|
||||
|
1
externals/mbedtls/programs/.gitignore
vendored
1
externals/mbedtls/programs/.gitignore
vendored
@ -2,7 +2,6 @@
|
||||
*.sln
|
||||
*.vcxproj
|
||||
|
||||
aes/aescrypt2
|
||||
aes/crypt_and_hash
|
||||
hash/generic_sum
|
||||
hash/hello
|
||||
|
6
externals/mbedtls/programs/Makefile
vendored
6
externals/mbedtls/programs/Makefile
vendored
@ -47,7 +47,7 @@ ifdef ZLIB
|
||||
LOCAL_LDFLAGS += -lz
|
||||
endif
|
||||
|
||||
APPS = aes/aescrypt2$(EXEXT) aes/crypt_and_hash$(EXEXT) \
|
||||
APPS = aes/crypt_and_hash$(EXEXT) \
|
||||
hash/hello$(EXEXT) hash/generic_sum$(EXEXT) \
|
||||
pkey/dh_client$(EXEXT) \
|
||||
pkey/dh_genprime$(EXEXT) pkey/dh_server$(EXEXT) \
|
||||
@ -93,10 +93,6 @@ all: $(APPS)
|
||||
$(DEP):
|
||||
$(MAKE) -C ../library
|
||||
|
||||
aes/aescrypt2$(EXEXT): aes/aescrypt2.c $(DEP)
|
||||
echo " CC aes/aescrypt2.c"
|
||||
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/aescrypt2.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
|
||||
|
||||
aes/crypt_and_hash$(EXEXT): aes/crypt_and_hash.c $(DEP)
|
||||
echo " CC aes/crypt_and_hash.c"
|
||||
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/crypt_and_hash.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
|
||||
|
3
externals/mbedtls/programs/README.md
vendored
3
externals/mbedtls/programs/README.md
vendored
@ -5,9 +5,6 @@ This subdirectory mostly contains sample programs that illustrate specific featu
|
||||
|
||||
## Symmetric cryptography (AES) examples
|
||||
|
||||
* [`aes/aescrypt2.c`](aes/aescrypt2.c): file encryption and authentication with a key derived from a low-entropy secret, demonstrating the low-level AES interface, the digest interface and HMAC.
|
||||
Warning: this program illustrates how to use low-level functions in the library. It should not be taken as an example of how to build a secure encryption mechanism. To derive a key from a low-entropy secret such as a password, use a standard key stretching mechanism such as PBKDF2 (provided by the `pkcs5` module). To encrypt and authenticate data, use a standard mode such as GCM or CCM (both available as library module).
|
||||
|
||||
* [`aes/crypt_and_hash.c`](aes/crypt_and_hash.c): file encryption and authentication, demonstrating the generic cipher interface and the generic hash interface.
|
||||
|
||||
## Hash (digest) examples
|
||||
|
@ -1,9 +1,6 @@
|
||||
add_executable(aescrypt2 aescrypt2.c)
|
||||
target_link_libraries(aescrypt2 mbedtls)
|
||||
|
||||
add_executable(crypt_and_hash crypt_and_hash.c)
|
||||
target_link_libraries(crypt_and_hash mbedtls)
|
||||
|
||||
install(TARGETS aescrypt2 crypt_and_hash
|
||||
install(TARGETS crypt_and_hash
|
||||
DESTINATION "bin"
|
||||
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
|
||||
|
1
externals/mbedtls/programs/ssl/dtls_client.c
vendored
1
externals/mbedtls/programs/ssl/dtls_client.c
vendored
@ -218,6 +218,7 @@ int main( int argc, char *argv[] )
|
||||
mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
|
||||
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
|
||||
mbedtls_ssl_conf_read_timeout( &conf, READ_TIMEOUT_MS );
|
||||
|
||||
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
|
||||
{
|
||||
|
3
externals/mbedtls/programs/ssl/dtls_server.c
vendored
3
externals/mbedtls/programs/ssl/dtls_server.c
vendored
@ -114,7 +114,7 @@ int main( void )
|
||||
#include "mbedtls/ssl_cache.h"
|
||||
#endif
|
||||
|
||||
#define READ_TIMEOUT_MS 10000 /* 5 seconds */
|
||||
#define READ_TIMEOUT_MS 10000 /* 10 seconds */
|
||||
#define DEBUG_LEVEL 0
|
||||
|
||||
|
||||
@ -250,6 +250,7 @@ int main( void )
|
||||
|
||||
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
|
||||
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
|
||||
mbedtls_ssl_conf_read_timeout( &conf, READ_TIMEOUT_MS );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_conf_session_cache( &conf, &cache,
|
||||
|
20
externals/mbedtls/scripts/assemble_changelog.py
vendored
20
externals/mbedtls/scripts/assemble_changelog.py
vendored
@ -101,6 +101,9 @@ STANDARD_CATEGORIES = (
|
||||
b'Changes',
|
||||
)
|
||||
|
||||
# The maximum line length for an entry
|
||||
MAX_LINE_LENGTH = 80
|
||||
|
||||
CategoryContent = namedtuple('CategoryContent', [
|
||||
'name', 'title_line', # Title text and line number of the title
|
||||
'body', 'body_line', # Body text and starting line number of the body
|
||||
@ -225,6 +228,8 @@ class ChangeLog:
|
||||
# a version that is not yet released. Something like "3.1a" is accepted.
|
||||
_version_number_re = re.compile(br'[0-9]+\.[0-9A-Za-z.]+')
|
||||
_incomplete_version_number_re = re.compile(br'.*\.[A-Za-z]')
|
||||
_only_url_re = re.compile(br'^\s*\w+://\S+\s*$')
|
||||
_has_url_re = re.compile(br'.*://.*')
|
||||
|
||||
def add_categories_from_text(self, filename, line_offset,
|
||||
text, allow_unknown_category):
|
||||
@ -241,6 +246,21 @@ class ChangeLog:
|
||||
line_offset + category.title_line,
|
||||
'Unknown category: "{}"',
|
||||
category.name.decode('utf8'))
|
||||
|
||||
body_split = category.body.splitlines()
|
||||
|
||||
for line_number, line in enumerate(body_split, 1):
|
||||
if not self._only_url_re.match(line) and \
|
||||
len(line) > MAX_LINE_LENGTH:
|
||||
long_url_msg = '. URL exceeding length limit must be alone in its line.' \
|
||||
if self._has_url_re.match(line) else ""
|
||||
raise InputFormatError(filename,
|
||||
category.body_line + line_number,
|
||||
'Line is longer than allowed: '
|
||||
'Length {} (Max {}){}',
|
||||
len(line), MAX_LINE_LENGTH,
|
||||
long_url_msg)
|
||||
|
||||
self.categories[category.name] += category.body
|
||||
|
||||
def __init__(self, input_stream, changelog_format):
|
||||
|
7
externals/mbedtls/scripts/config.pl
vendored
7
externals/mbedtls/scripts/config.pl
vendored
@ -66,8 +66,9 @@
|
||||
#
|
||||
# The baremetal configuration excludes options that require a library or
|
||||
# operating system feature that is typically not present on bare metal
|
||||
# systems. Features that are excluded from "full" won't be in "baremetal"
|
||||
# either.
|
||||
# systems. It also excludes debugging features that increase the code size
|
||||
# of other modules.
|
||||
# Features that are excluded from "full" won't be in "baremetal" either.
|
||||
|
||||
use warnings;
|
||||
use strict;
|
||||
@ -136,6 +137,7 @@ _ALT\s*$
|
||||
|
||||
# Things that should be disabled in "baremetal"
|
||||
my @excluded_baremetal = qw(
|
||||
MBEDTLS_DEBUG_C
|
||||
MBEDTLS_ENTROPY_NV_SEED
|
||||
MBEDTLS_FS_IO
|
||||
MBEDTLS_HAVEGE_C
|
||||
@ -147,6 +149,7 @@ MBEDTLS_NET_C
|
||||
MBEDTLS_PLATFORM_FPRINTF_ALT
|
||||
MBEDTLS_PLATFORM_NV_SEED_ALT
|
||||
MBEDTLS_PLATFORM_TIME_ALT
|
||||
MBEDTLS_TEST_HOOKS
|
||||
MBEDTLS_THREADING_C
|
||||
MBEDTLS_THREADING_PTHREAD
|
||||
MBEDTLS_TIMING_C
|
||||
|
10
externals/mbedtls/tests/data_files/Makefile
vendored
10
externals/mbedtls/tests/data_files/Makefile
vendored
@ -1052,6 +1052,16 @@ cert_md5.crt: cert_md5.csr
|
||||
$(MBEDTLS_CERT_WRITE) request_file=$< serial=6 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=MD5 version=3 output_file=$@
|
||||
all_final += cert_md5.crt
|
||||
|
||||
################################################################
|
||||
#### Diffie-Hellman parameters
|
||||
################################################################
|
||||
|
||||
dh.998.pem:
|
||||
$(OPENSSL) dhparam -out $@ -text 998
|
||||
|
||||
dh.999.pem:
|
||||
$(OPENSSL) dhparam -out $@ -text 999
|
||||
|
||||
################################################################
|
||||
#### Meta targets
|
||||
################################################################
|
||||
|
17
externals/mbedtls/tests/data_files/dh.998.pem
vendored
Executable file
17
externals/mbedtls/tests/data_files/dh.998.pem
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
DH Parameters: (998 bit)
|
||||
prime:
|
||||
39:5f:30:c0:7b:06:b7:6a:49:c6:c0:81:1f:39:77:
|
||||
b3:35:e2:8d:66:fc:6a:6e:94:f3:df:97:f2:89:31:
|
||||
6c:75:39:08:16:d1:a4:b8:0c:68:c5:63:21:61:eb:
|
||||
48:2d:77:99:08:1d:67:38:37:0a:cd:cf:39:b6:3c:
|
||||
9d:8a:e5:85:3c:71:e3:4b:3e:1e:b9:80:e3:cc:7a:
|
||||
fd:84:05:b0:df:36:15:29:4e:3e:23:3b:c3:ae:6b:
|
||||
c7:11:b9:64:43:40:75:c7:4a:ef:a7:2d:00:e2:62:
|
||||
8f:93:78:96:8f:2c:25:8d:7d:1f:eb:5c:3c:bf:51:
|
||||
de:f8:08:25:db
|
||||
generator: 2 (0x2)
|
||||
-----BEGIN DH PARAMETERS-----
|
||||
MIGCAn05XzDAewa3aknGwIEfOXezNeKNZvxqbpTz35fyiTFsdTkIFtGkuAxoxWMh
|
||||
YetILXeZCB1nODcKzc85tjydiuWFPHHjSz4euYDjzHr9hAWw3zYVKU4+IzvDrmvH
|
||||
EblkQ0B1x0rvpy0A4mKPk3iWjywljX0f61w8v1He+Agl2wIBAg==
|
||||
-----END DH PARAMETERS-----
|
17
externals/mbedtls/tests/data_files/dh.999.pem
vendored
Executable file
17
externals/mbedtls/tests/data_files/dh.999.pem
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
DH Parameters: (999 bit)
|
||||
prime:
|
||||
4f:b8:d2:d8:3c:b3:02:c9:64:f5:99:fe:61:cc:b3:
|
||||
69:1c:ba:bb:a2:33:db:38:2f:85:87:b7:12:fb:69:
|
||||
6e:a5:32:3e:ff:24:df:c4:61:07:0c:e1:88:72:fa:
|
||||
14:d4:22:65:18:66:09:7e:43:35:c4:5a:62:f7:0a:
|
||||
69:be:45:71:6e:ac:c5:56:d8:22:9e:c4:9c:23:2b:
|
||||
bd:6d:3b:b6:02:4f:5d:12:a7:ac:90:b8:9e:be:93:
|
||||
82:bc:09:7c:cd:e1:09:21:1e:3d:69:2a:76:41:00:
|
||||
68:6d:b7:e8:e8:df:d6:1b:82:93:d9:21:4a:ea:71:
|
||||
f2:e6:c4:94:03
|
||||
generator: 2 (0x2)
|
||||
-----BEGIN DH PARAMETERS-----
|
||||
MIGCAn1PuNLYPLMCyWT1mf5hzLNpHLq7ojPbOC+Fh7cS+2lupTI+/yTfxGEHDOGI
|
||||
cvoU1CJlGGYJfkM1xFpi9wppvkVxbqzFVtginsScIyu9bTu2Ak9dEqeskLievpOC
|
||||
vAl8zeEJIR49aSp2QQBobbfo6N/WG4KT2SFK6nHy5sSUAwIBAg==
|
||||
-----END DH PARAMETERS-----
|
@ -55,11 +55,6 @@ EOF
|
||||
exit
|
||||
fi
|
||||
|
||||
if grep --version|head -n1|grep GNU >/dev/null; then :; else
|
||||
echo "This script requires GNU grep.">&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
trace=
|
||||
if [ $# -ne 0 ] && [ "$1" = "-v" ]; then
|
||||
shift
|
||||
|
145
externals/mbedtls/tests/ssl-opt.sh
vendored
145
externals/mbedtls/tests/ssl-opt.sh
vendored
@ -130,8 +130,8 @@ print_usage() {
|
||||
echo "Usage: $0 [options]"
|
||||
printf " -h|--help\tPrint this help.\n"
|
||||
printf " -m|--memcheck\tCheck memory leaks and errors.\n"
|
||||
printf " -f|--filter\tOnly matching tests are executed (BRE)\n"
|
||||
printf " -e|--exclude\tMatching tests are excluded (BRE)\n"
|
||||
printf " -f|--filter\tOnly matching tests are executed (substring or BRE)\n"
|
||||
printf " -e|--exclude\tMatching tests are excluded (substring or BRE)\n"
|
||||
printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n"
|
||||
printf " -s|--show-numbers\tShow test numbers in front of test names\n"
|
||||
printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n"
|
||||
@ -184,6 +184,14 @@ get_options() {
|
||||
done
|
||||
}
|
||||
|
||||
# Read boolean configuration options from config.h for easy and quick
|
||||
# testing. Skip non-boolean options (with something other than spaces
|
||||
# and a comment after "#define SYMBOL"). The variable contains a
|
||||
# space-separated list of symbols.
|
||||
CONFIGS_ENABLED=" $(<"$CONFIG_H" \
|
||||
sed -n 's!^ *#define *\([A-Za-z][0-9A-Z_a-z]*\) *\(/*\)*!\1!p' |
|
||||
tr '\n' ' ')"
|
||||
|
||||
# Skip next test; use this macro to skip tests which are legitimate
|
||||
# in theory and expected to be re-introduced at some point, but
|
||||
# aren't expected to succeed at the moment due to problems outside
|
||||
@ -194,16 +202,17 @@ skip_next_test() {
|
||||
|
||||
# skip next test if the flag is not enabled in config.h
|
||||
requires_config_enabled() {
|
||||
if grep "^#define $1" $CONFIG_H > /dev/null; then :; else
|
||||
SKIP_NEXT="YES"
|
||||
fi
|
||||
case $CONFIGS_ENABLED in
|
||||
*" $1 "*) :;;
|
||||
*) SKIP_NEXT="YES";;
|
||||
esac
|
||||
}
|
||||
|
||||
# skip next test if the flag is enabled in config.h
|
||||
requires_config_disabled() {
|
||||
if grep "^#define $1" $CONFIG_H > /dev/null; then
|
||||
SKIP_NEXT="YES"
|
||||
fi
|
||||
case $CONFIGS_ENABLED in
|
||||
*" $1 "*) SKIP_NEXT="YES";;
|
||||
esac
|
||||
}
|
||||
|
||||
get_config_value_or_default() {
|
||||
@ -422,17 +431,21 @@ fail() {
|
||||
|
||||
# is_polar <cmd_line>
|
||||
is_polar() {
|
||||
echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null
|
||||
case "$1" in
|
||||
*ssl_client2*) true;;
|
||||
*ssl_server2*) true;;
|
||||
*) false;;
|
||||
esac
|
||||
}
|
||||
|
||||
# openssl s_server doesn't have -www with DTLS
|
||||
check_osrv_dtls() {
|
||||
if echo "$SRV_CMD" | grep 's_server.*-dtls' >/dev/null; then
|
||||
case "$SRV_CMD" in
|
||||
*s_server*-dtls*)
|
||||
NEEDS_INPUT=1
|
||||
SRV_CMD="$( echo $SRV_CMD | sed s/-www// )"
|
||||
else
|
||||
NEEDS_INPUT=0
|
||||
fi
|
||||
SRV_CMD="$( echo $SRV_CMD | sed s/-www// )";;
|
||||
*) NEEDS_INPUT=0;;
|
||||
esac
|
||||
}
|
||||
|
||||
# provide input to commands that need it
|
||||
@ -548,11 +561,10 @@ wait_client_done() {
|
||||
|
||||
# check if the given command uses dtls and sets global variable DTLS
|
||||
detect_dtls() {
|
||||
if echo "$1" | grep 'dtls=1\|-dtls1\|-u' >/dev/null; then
|
||||
DTLS=1
|
||||
else
|
||||
DTLS=0
|
||||
fi
|
||||
case "$1" in
|
||||
*dtls=1*|-dtls|-u) DTLS=1;;
|
||||
*) DTLS=0;;
|
||||
esac
|
||||
}
|
||||
|
||||
# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
|
||||
@ -568,8 +580,7 @@ run_test() {
|
||||
NAME="$1"
|
||||
shift 1
|
||||
|
||||
if echo "$NAME" | grep "$FILTER" | grep -v "$EXCLUDE" >/dev/null; then :
|
||||
else
|
||||
if is_excluded "$NAME"; then
|
||||
SKIP_NEXT="NO"
|
||||
return
|
||||
fi
|
||||
@ -577,10 +588,11 @@ run_test() {
|
||||
print_name "$NAME"
|
||||
|
||||
# Do we only run numbered tests?
|
||||
if [ "X$RUN_TEST_NUMBER" = "X" ]; then :
|
||||
elif echo ",$RUN_TEST_NUMBER," | grep ",$TESTS," >/dev/null; then :
|
||||
else
|
||||
SKIP_NEXT="YES"
|
||||
if [ -n "$RUN_TEST_NUMBER" ]; then
|
||||
case ",$RUN_TEST_NUMBER," in
|
||||
*",$TESTS,"*) :;;
|
||||
*) SKIP_NEXT="YES";;
|
||||
esac
|
||||
fi
|
||||
|
||||
# should we skip?
|
||||
@ -606,10 +618,10 @@ run_test() {
|
||||
shift 3
|
||||
|
||||
# Check if test uses files
|
||||
TEST_USES_FILES=$(echo "$SRV_CMD $CLI_CMD" | grep "\.\(key\|crt\|pem\)" )
|
||||
if [ ! -z "$TEST_USES_FILES" ]; then
|
||||
requires_config_enabled MBEDTLS_FS_IO
|
||||
fi
|
||||
case "$SRV_CMD $CLI_CMD" in
|
||||
*data_files/*)
|
||||
requires_config_enabled MBEDTLS_FS_IO;;
|
||||
esac
|
||||
|
||||
# should we skip?
|
||||
if [ "X$SKIP_NEXT" = "XYES" ]; then
|
||||
@ -840,6 +852,46 @@ cleanup() {
|
||||
|
||||
get_options "$@"
|
||||
|
||||
# Optimize filters: if $FILTER and $EXCLUDE can be expressed as shell
|
||||
# patterns rather than regular expressions, use a case statement instead
|
||||
# of calling grep. To keep the optimizer simple, it is incomplete and only
|
||||
# detects simple cases: plain substring, everything, nothing.
|
||||
#
|
||||
# As an exception, the character '.' is treated as an ordinary character
|
||||
# if it is the only special character in the string. This is because it's
|
||||
# rare to need "any one character", but needing a literal '.' is common
|
||||
# (e.g. '-f "DTLS 1.2"').
|
||||
need_grep=
|
||||
case "$FILTER" in
|
||||
'^$') simple_filter=;;
|
||||
'.*') simple_filter='*';;
|
||||
*[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep
|
||||
need_grep=1;;
|
||||
*) # No regexp or shell-pattern special character
|
||||
simple_filter="*$FILTER*";;
|
||||
esac
|
||||
case "$EXCLUDE" in
|
||||
'^$') simple_exclude=;;
|
||||
'.*') simple_exclude='*';;
|
||||
*[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep
|
||||
need_grep=1;;
|
||||
*) # No regexp or shell-pattern special character
|
||||
simple_exclude="*$EXCLUDE*";;
|
||||
esac
|
||||
if [ -n "$need_grep" ]; then
|
||||
is_excluded () {
|
||||
! echo "$1" | grep "$FILTER" | grep -q -v "$EXCLUDE"
|
||||
}
|
||||
else
|
||||
is_excluded () {
|
||||
case "$1" in
|
||||
$simple_exclude) true;;
|
||||
$simple_filter) false;;
|
||||
*) true;;
|
||||
esac
|
||||
}
|
||||
fi
|
||||
|
||||
# sanity checks, avoid an avalanche of errors
|
||||
P_SRV_BIN="${P_SRV%%[ ]*}"
|
||||
P_CLI_BIN="${P_CLI%%[ ]*}"
|
||||
@ -3908,6 +3960,20 @@ run_test "DHM size: server 1024, client default, OK" \
|
||||
0 \
|
||||
-C "DHM prime too short:"
|
||||
|
||||
run_test "DHM size: server 999, client 999, OK" \
|
||||
"$P_SRV dhm_file=data_files/dh.999.pem" \
|
||||
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||
debug_level=1 dhmlen=999" \
|
||||
0 \
|
||||
-C "DHM prime too short:"
|
||||
|
||||
run_test "DHM size: server 1000, client 1000, OK" \
|
||||
"$P_SRV dhm_file=data_files/dh.1000.pem" \
|
||||
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||
debug_level=1 dhmlen=1000" \
|
||||
0 \
|
||||
-C "DHM prime too short:"
|
||||
|
||||
run_test "DHM size: server 1000, client default, rejected" \
|
||||
"$P_SRV dhm_file=data_files/dh.1000.pem" \
|
||||
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||
@ -3915,6 +3981,27 @@ run_test "DHM size: server 1000, client default, rejected" \
|
||||
1 \
|
||||
-c "DHM prime too short:"
|
||||
|
||||
run_test "DHM size: server 1000, client 1001, rejected" \
|
||||
"$P_SRV dhm_file=data_files/dh.1000.pem" \
|
||||
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||
debug_level=1 dhmlen=1001" \
|
||||
1 \
|
||||
-c "DHM prime too short:"
|
||||
|
||||
run_test "DHM size: server 999, client 1000, rejected" \
|
||||
"$P_SRV dhm_file=data_files/dh.999.pem" \
|
||||
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||
debug_level=1 dhmlen=1000" \
|
||||
1 \
|
||||
-c "DHM prime too short:"
|
||||
|
||||
run_test "DHM size: server 998, client 999, rejected" \
|
||||
"$P_SRV dhm_file=data_files/dh.998.pem" \
|
||||
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||
debug_level=1 dhmlen=999" \
|
||||
1 \
|
||||
-c "DHM prime too short:"
|
||||
|
||||
run_test "DHM size: server default, client 2049, rejected" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||
|
@ -151,6 +151,20 @@ base64_encode_hex:"0102030405060708":"AQIDBAUGBwg=":13:0
|
||||
Base64 encode hex #4
|
||||
base64_encode_hex:"01020304050607":"AQIDBAUGBw==":13:0
|
||||
|
||||
# Rotate the bytes around so that they end up at each offset modulo 3 in
|
||||
# successive test cases.
|
||||
Base64 encode hex all valid input bytes #0
|
||||
base64_encode_hex:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/w==":345:0
|
||||
|
||||
Base64 encode hex all valid input bytes #1
|
||||
base64_encode_hex:"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff00":"AQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXp7fH1+f4CBgoOEhYaHiImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P0NHS09TV1tfY2drb3N3e3+Dh4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AA==":345:0
|
||||
|
||||
Base64 encode hex all valid input bytes #2
|
||||
base64_encode_hex:"02030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff0001":"AgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8AAQ==":345:0
|
||||
|
||||
Base64 encode all valid output characters at all offsets
|
||||
base64_encode_hex:"00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7effe00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7efd0":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/Q":261:0
|
||||
|
||||
Base64 decode hex #1
|
||||
base64_decode_hex:"AQIDBAUGBwgJ":"010203040506070809":9:0
|
||||
|
||||
@ -166,6 +180,9 @@ base64_decode_hex:"AQIDBAUGBw==":"01020304050607":7:0
|
||||
Base64 decode hex #5 (buffer too small)
|
||||
base64_decode_hex:"AQIDBAUGBw==":"01020304050607":6:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
|
||||
|
||||
Base64 decode all valid input characters at all offsets
|
||||
base64_decode_hex:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/Q":"00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7effe00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7efd0":195:0
|
||||
|
||||
Base64 Selftest
|
||||
depends_on:MBEDTLS_SELF_TEST
|
||||
base64_selftest:
|
||||
|
@ -13,13 +13,22 @@ void mbedtls_base64_encode( char * src_string, char * dst_string,
|
||||
{
|
||||
unsigned char src_str[1000];
|
||||
unsigned char dst_str[1000];
|
||||
size_t len;
|
||||
size_t len, src_len;
|
||||
|
||||
memset(src_str, 0x00, 1000);
|
||||
memset(dst_str, 0x00, 1000);
|
||||
|
||||
strncpy( (char *) src_str, src_string, sizeof(src_str) - 1 );
|
||||
TEST_ASSERT( mbedtls_base64_encode( dst_str, dst_buf_size, &len, src_str, strlen( (char *) src_str ) ) == result );
|
||||
src_len = strlen( (char *) src_str );
|
||||
|
||||
TEST_CF_SECRET( src_str, sizeof( src_str ) );
|
||||
TEST_ASSERT( mbedtls_base64_encode( dst_str, dst_buf_size, &len, src_str, src_len) == result );
|
||||
TEST_CF_PUBLIC( src_str, sizeof( src_str ) );
|
||||
|
||||
/* dest_str will have had tainted data copied to it, prevent the TEST_ASSERT below from triggering
|
||||
CF failures by unmarking it. */
|
||||
TEST_CF_PUBLIC( dst_str, len );
|
||||
|
||||
if( result == 0 )
|
||||
{
|
||||
TEST_ASSERT( strcmp( (char *) dst_str, dst_string ) == 0 );
|
||||
@ -57,7 +66,14 @@ void base64_encode_hex( data_t * src, char * dst, int dst_buf_size,
|
||||
|
||||
res = zero_alloc( dst_buf_size );
|
||||
|
||||
TEST_CF_SECRET( src->x, src->len );
|
||||
TEST_ASSERT( mbedtls_base64_encode( res, dst_buf_size, &len, src->x, src->len ) == result );
|
||||
TEST_CF_PUBLIC( src->x, src->len );
|
||||
|
||||
/* res will have had tainted data copied to it, prevent the TEST_ASSERT below from triggering
|
||||
CF failures by unmarking it. */
|
||||
TEST_CF_PUBLIC( res, len );
|
||||
|
||||
if( result == 0 )
|
||||
{
|
||||
TEST_ASSERT( len == strlen( dst ) );
|
||||
|
@ -344,6 +344,14 @@ ECP point multiplication rng fail Curve25519
|
||||
depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
|
||||
ecp_test_mul_rng:MBEDTLS_ECP_DP_CURVE25519:"5AC99F33632E5A768DE7E81BF854C27C46E3FBF2ABBACD29EC4AFF517369C660"
|
||||
|
||||
ECP point muladd secp256r1 #1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
ecp_muladd:MBEDTLS_ECP_DP_SECP256R1:"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579":"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1ffffffff20e120e1e1e1e13a4e135157317b79d4ecf329fed4f9eb00dc67dbddae33faca8b6d8a0255b5ce":"04fab65e09aa5dd948320f86246be1d3fc571e7f799d9005170ed5cc868b67598431a668f96aa9fd0b0eb15f0edf4c7fe1be2885eadcb57e3db4fdd093585d3fa6"
|
||||
|
||||
ECP point muladd secp256r1 #2
|
||||
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||
ecp_muladd:MBEDTLS_ECP_DP_SECP256R1:"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1ffffffff20e120e1e1e1e13a4e135157317b79d4ecf329fed4f9eb00dc67dbddae33faca8b6d8a0255b5ce":"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579":"04fab65e09aa5dd948320f86246be1d3fc571e7f799d9005170ed5cc868b67598431a668f96aa9fd0b0eb15f0edf4c7fe1be2885eadcb57e3db4fdd093585d3fa6"
|
||||
|
||||
ECP test vectors secp192k1
|
||||
depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
|
||||
ecp_test_vect:MBEDTLS_ECP_DP_SECP192K1:"D1E13A359F6E0F0698791938E6D60246030AE4B0D8D4E9DE":"281BCA982F187ED30AD5E088461EBE0A5FADBB682546DF79":"3F68A8E9441FB93A4DD48CB70B504FCC9AA01902EF5BE0F3":"BE97C5D2A1A94D081E3FACE53E65A27108B7467BDF58DE43":"5EB35E922CD693F7947124F5920022C4891C04F6A8B8DCB2":"60ECF73D0FC43E0C42E8E155FFE39F9F0B531F87B34B6C3C":"372F5C5D0E18313C82AEF940EC3AFEE26087A46F1EBAE923":"D5A9F9182EC09CEAEA5F57EA10225EC77FA44174511985FD"
|
||||
|
@ -699,6 +699,52 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
|
||||
void ecp_muladd( int id,
|
||||
data_t *u1_bin, data_t *P1_bin,
|
||||
data_t *u2_bin, data_t *P2_bin,
|
||||
data_t *expected_result )
|
||||
{
|
||||
/* Compute R = u1 * P1 + u2 * P2 */
|
||||
mbedtls_ecp_group grp;
|
||||
mbedtls_ecp_point P1, P2, R;
|
||||
mbedtls_mpi u1, u2;
|
||||
uint8_t actual_result[MBEDTLS_ECP_MAX_PT_LEN];
|
||||
size_t len;
|
||||
|
||||
mbedtls_ecp_group_init( &grp );
|
||||
mbedtls_ecp_point_init( &P1 );
|
||||
mbedtls_ecp_point_init( &P2 );
|
||||
mbedtls_ecp_point_init( &R );
|
||||
mbedtls_mpi_init( &u1 );
|
||||
mbedtls_mpi_init( &u2 );
|
||||
|
||||
TEST_EQUAL( 0, mbedtls_ecp_group_load( &grp, id ) );
|
||||
TEST_EQUAL( 0, mbedtls_mpi_read_binary( &u1, u1_bin->x, u1_bin->len ) );
|
||||
TEST_EQUAL( 0, mbedtls_mpi_read_binary( &u2, u2_bin->x, u2_bin->len ) );
|
||||
TEST_EQUAL( 0, mbedtls_ecp_point_read_binary( &grp, &P1,
|
||||
P1_bin->x, P1_bin->len ) );
|
||||
TEST_EQUAL( 0, mbedtls_ecp_point_read_binary( &grp, &P2,
|
||||
P2_bin->x, P2_bin->len ) );
|
||||
|
||||
TEST_EQUAL( 0, mbedtls_ecp_muladd( &grp, &R, &u1, &P1, &u2, &P2 ) );
|
||||
TEST_EQUAL( 0, mbedtls_ecp_point_write_binary(
|
||||
&grp, &R, MBEDTLS_ECP_PF_UNCOMPRESSED,
|
||||
&len, actual_result, sizeof( actual_result ) ) );
|
||||
|
||||
ASSERT_COMPARE( expected_result->x, expected_result->len,
|
||||
actual_result, len );
|
||||
|
||||
exit:
|
||||
mbedtls_ecp_group_free( &grp );
|
||||
mbedtls_ecp_point_free( &P1 );
|
||||
mbedtls_ecp_point_free( &P2 );
|
||||
mbedtls_ecp_point_free( &R );
|
||||
mbedtls_mpi_free( &u1 );
|
||||
mbedtls_mpi_free( &u2 );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void ecp_fast_mod( int id, char * N_str )
|
||||
{
|
||||
|
@ -13,6 +13,9 @@ entropy_seed_file:"data_files/entropy_seed":0
|
||||
Entropy write/update seed file
|
||||
entropy_seed_file:"no_such_dir/file":MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR
|
||||
|
||||
Entropy write/update seed file: base NV seed file
|
||||
entropy_write_base_seed_file:0
|
||||
|
||||
Entropy too many sources
|
||||
entropy_too_many_sources:
|
||||
|
||||
|
@ -162,6 +162,21 @@ exit:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */
|
||||
void entropy_write_base_seed_file( int ret )
|
||||
{
|
||||
mbedtls_entropy_context ctx;
|
||||
|
||||
mbedtls_entropy_init( &ctx );
|
||||
|
||||
TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE ) == ret );
|
||||
TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE ) == ret );
|
||||
|
||||
exit:
|
||||
mbedtls_entropy_free( &ctx );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void entropy_too_many_sources( )
|
||||
{
|
||||
|
@ -10,21 +10,39 @@ mpi_null:
|
||||
Base test mpi_read_write_string #1
|
||||
mpi_read_write_string:10:"128":10:"128":100:0:0
|
||||
|
||||
Base test mpi_read_write_string #1 (Leading 0)
|
||||
mpi_read_write_string:10:"0128":10:"128":100:0:0
|
||||
|
||||
Base test mpi_read_write_string #2
|
||||
mpi_read_write_string:10:"128":16:"80":100:0:0
|
||||
|
||||
Base test mpi_read_write_string #3 (Read zero)
|
||||
Base test mpi_read_write_string #3 (Read zero decimal)
|
||||
mpi_read_write_string:10:"0":10:"0":100:0:0
|
||||
|
||||
Base test mpi_read_write_string #3 (Read zero hex)
|
||||
mpi_read_write_string:16:"0":16:"00":100:0:0
|
||||
|
||||
Base test mpi_read_write_string #3 (Read minus zero decimal)
|
||||
mpi_read_write_string:10:"-0":10:"0":100:0:0
|
||||
|
||||
Base test mpi_read_write_string #3 (Read minus zero hex)
|
||||
mpi_read_write_string:16:"-0":16:"00":100:0:0
|
||||
|
||||
Base test mpi_read_write_string #3 (Negative decimal)
|
||||
mpi_read_write_string:10:"-23":10:"-23":100:0:0
|
||||
|
||||
Base test mpi_read_write_string #3 (Negative hex)
|
||||
Base test mpi_read_write_string #3 (Negative decimal, leading 0)
|
||||
mpi_read_write_string:10:"-023":10:"-23":100:0:0
|
||||
|
||||
Base test mpi_read_write_string #3 (Negative hex -> decimal)
|
||||
mpi_read_write_string:16:"-20":10:"-32":100:0:0
|
||||
|
||||
Base test mpi_read_write_string #3 (Negative decimal)
|
||||
Base test mpi_read_write_string #3 (Negative hex)
|
||||
mpi_read_write_string:16:"-23":16:"-23":100:0:0
|
||||
|
||||
Base test mpi_read_write_string #3 (Negative hex, leading 0)
|
||||
mpi_read_write_string:16:"-023":16:"-23":100:0:0
|
||||
|
||||
Base test mpi_read_write_string #4 (Buffer just fits)
|
||||
mpi_read_write_string:16:"-4":4:"-10":4:0:0
|
||||
|
||||
@ -49,12 +67,18 @@ mpi_read_write_string:10:"29":15:"1e":100:0:0
|
||||
Test mpi_read_write_string #7
|
||||
mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0:0
|
||||
|
||||
Test mpi_read_write_string #8 (Empty MPI -> hex)
|
||||
Test mpi_read_write_string #8 (Empty MPI hex -> hex)
|
||||
mpi_read_write_string:16:"":16:"00":4:0:0
|
||||
|
||||
Test mpi_read_write_string #9 (Empty MPI -> dec)
|
||||
Test mpi_read_write_string #9 (Empty MPI hex -> dec)
|
||||
mpi_read_write_string:16:"":10:"0":4:0:0
|
||||
|
||||
Test mpi_read_write_string #8 (Empty MPI dec -> hex)
|
||||
mpi_read_write_string:10:"":16:"00":4:0:0
|
||||
|
||||
Test mpi_read_write_string #9 (Empty MPI dec -> dec)
|
||||
mpi_read_write_string:10:"":10:"0":4:0:0
|
||||
|
||||
Test mpi_write_string #10 (Negative hex with odd number of digits)
|
||||
mpi_read_write_string:16:"-1":16:"":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
|
||||
|
||||
|
@ -1,8 +1,8 @@
|
||||
Check compiletime library version
|
||||
check_compiletime_version:"2.16.9"
|
||||
check_compiletime_version:"2.16.10"
|
||||
|
||||
Check runtime library version
|
||||
check_runtime_version:"2.16.9"
|
||||
check_runtime_version:"2.16.10"
|
||||
|
||||
Check for MBEDTLS_VERSION_C
|
||||
check_feature:"MBEDTLS_VERSION_C":0
|
||||
|
13
externals/mbedtls/visualc/VS2010/mbedTLS.sln
vendored
13
externals/mbedtls/visualc/VS2010/mbedTLS.sln
vendored
@ -3,11 +3,6 @@ Microsoft Visual Studio Solution File, Format Version 11.00
|
||||
# Visual C++ Express 2010
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mbedTLS", "mbedTLS.vcxproj", "{46CF2D25-6A36-4189-B59C-E4815388E554}"
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "aescrypt2", "aescrypt2.vcxproj", "{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}"
|
||||
ProjectSection(ProjectDependencies) = postProject
|
||||
{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
|
||||
EndProjectSection
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypt_and_hash", "crypt_and_hash.vcxproj", "{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}"
|
||||
ProjectSection(ProjectDependencies) = postProject
|
||||
{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
|
||||
@ -259,14 +254,6 @@ Global
|
||||
{46CF2D25-6A36-4189-B59C-E4815388E554}.Release|Win32.Build.0 = Release|Win32
|
||||
{46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.ActiveCfg = Release|x64
|
||||
{46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.Build.0 = Release|x64
|
||||
{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|Win32.ActiveCfg = Debug|Win32
|
||||
{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|Win32.Build.0 = Debug|Win32
|
||||
{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|x64.ActiveCfg = Debug|x64
|
||||
{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Debug|x64.Build.0 = Debug|x64
|
||||
{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|Win32.ActiveCfg = Release|Win32
|
||||
{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|Win32.Build.0 = Release|Win32
|
||||
{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|x64.ActiveCfg = Release|x64
|
||||
{7A851DBD-7D57-E8F4-85E5-CCA72AEA7DF8}.Release|x64.Build.0 = Release|x64
|
||||
{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.ActiveCfg = Debug|Win32
|
||||
{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.Build.0 = Debug|Win32
|
||||
{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|x64.ActiveCfg = Debug|x64
|
||||
|
@ -59,7 +59,7 @@ public:
|
||||
{2, &ISslContext::CreateConnection, "CreateConnection"},
|
||||
{3, nullptr, "GetConnectionCount"},
|
||||
{4, nullptr, "ImportServerPki"},
|
||||
{5, nullptr, "ImportClientPki"},
|
||||
{5, &ISslContext::ImportClientPki, "ImportClientPki"},
|
||||
{6, nullptr, "RemoveServerPki"},
|
||||
{7, nullptr, "RemoveClientPki"},
|
||||
{8, nullptr, "RegisterInternalPki"},
|
||||
@ -94,6 +94,25 @@ private:
|
||||
rb.Push(RESULT_SUCCESS);
|
||||
rb.PushIpcInterface<ISslConnection>(system);
|
||||
}
|
||||
|
||||
void ImportClientPki(Kernel::HLERequestContext& ctx) {
|
||||
const auto pkcs_12_certificate = ctx.ReadBuffer(0);
|
||||
const auto ascii_password = [&ctx] {
|
||||
if (ctx.CanReadBuffer(1)) {
|
||||
return ctx.ReadBuffer(1);
|
||||
}
|
||||
|
||||
return std::vector<u8>{};
|
||||
}();
|
||||
|
||||
constexpr u64 client_id = 0;
|
||||
ctx.WriteBuffer(client_id);
|
||||
|
||||
LOG_WARNING(Service_SSL, "(STUBBED) called");
|
||||
|
||||
IPC::ResponseBuilder rb{ctx, 2};
|
||||
rb.Push(RESULT_SUCCESS);
|
||||
}
|
||||
};
|
||||
|
||||
class SSL final : public ServiceFramework<SSL> {
|
||||
|
@ -46,6 +46,7 @@ ConfigureUi::ConfigureUi(QWidget* parent) : QWidget(parent), ui(new Ui::Configur
|
||||
SetConfiguration();
|
||||
|
||||
// Force game list reload if any of the relevant settings are changed.
|
||||
connect(ui->show_add_ons, &QCheckBox::stateChanged, this, &ConfigureUi::RequestGameListUpdate);
|
||||
connect(ui->icon_size_combobox, QOverload<int>::of(&QComboBox::currentIndexChanged), this,
|
||||
&ConfigureUi::RequestGameListUpdate);
|
||||
connect(ui->row_1_text_combobox, QOverload<int>::of(&QComboBox::currentIndexChanged), this,
|
||||
|
Loading…
Reference in New Issue
Block a user